Havaittavissa pientä tahmaamista

Viestiketju Virukset ja haittaohjelmat - HijackThis -logit -osiossa. Ketjun avasi ISOimage 08.08.2006.

Viestiketjun tila:
Viestiketju on suljettu.
  1. ISOimage

    ISOimage Regular member

    Liittynyt:
    14.02.2005
    Viestejä:
    313
    Kiitokset:
    0
    Pisteet:
    26
    Jos joku vois vilkaista hiukan tätä HJT-lokia. Kone pelittää suht hyvin peli ja netti käytössä mutta esim: laite asennukset yms. vievät tolkuttomasti aikaa. Tiedän, kone on päivittämätön mutta toimii kuitenkin, kiitos jo etukäteen.


    Logfile of HijackThis v1.99.1
    Scan saved at 15:13:29, on 8.8.2006
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
    C:\PROGRA~1\ELISAT~1\4119343\Program\SERVIC~1.EXE
    C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
    C:\Program Files\ewido anti-malware\ewidoctrl.exe
    C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
    C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
    C:\Program Files\Elisa Tietoturvapalvelu\4119343\program\fsbwsys.exe
    C:\Program Files\F-Secure\Common\FSMA32.EXE
    C:\Program Files\F-Secure\Common\FSMB32.EXE
    C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\F-Secure\Common\FCH32.EXE
    C:\Program Files\F-Secure\Common\FAMEH32.EXE
    C:\Program Files\F-Secure\Anti-Virus\fsrw.exe
    C:\WINDOWS\System32\CNAC3RPK.EXE
    C:\Program Files\Canon\CAL\CALMAIN.exe
    C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
    C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Stardock\SDMCP.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\F-Secure\Common\FSM32.EXE
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\F-Secure\FSGUI\ispnews.exe
    G:\DVD - kamat\AnyDVD 5.2.3.1 + crack OK. NEW!!!!\AnyDVD\AnyDVD.exe
    C:\PROGRA~1\F-Secure\ANTI-S~1\fsaw.exe
    C:\Program Files\Microsoft IntelliType Pro\type32.exe
    C:\Program Files\Microsoft IntelliPoint\point32.exe
    C:\Program Files\F-Secure\FSGUI\fsguidll.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\Program Files\Hitware Popup Killer Lite\HitwarePKLite.exe
    C:\Program Files\Elisa Tietoturvapalvelu\4119343\Program\fspex.exe
    G:\utorrent.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
    C:\HijackThis_v1.99.1.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.mcdcsadsasuhnpancelowjnx...O8jULh4bhkOkzCLrQyPEjOgBmH5qbwHIEYqRRgeI.html
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.iltasanomat.fi/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: RUPK - {604B283A-4E26-4504-98E7-72859F949547} - C:\PROGRA~1\HITWAR~1\sypcms.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
    O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fi\msntb.dll
    O2 - BHO: (no name) - {D48DF30A-56B3-4094-AD84-D4D9B2FAD730} - (no file)
    O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fi\msntb.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\F-Secure\FSGUI\FSSW.EXE" /reboot
    O4 - HKLM\..\Run: [EPSON Stylus CX3200] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P19 "EPSON Stylus CX3200" /O6 "USB001" /M "Stylus CX3200"
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [News Service] "C:\Program Files\F-Secure\FSGUI\ispnews.exe"
    O4 - HKLM\..\Run: [AnyDVD] G:\DVD - kamat\AnyDVD 5.2.3.1 + crack OK. NEW!!!!\AnyDVD\AnyDVD.exe
    O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
    O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [wojtuswojo] C:\WINDOWS\System32\wojtuswojo.exe
    O4 - HKLM\..\Run: [sys] C:\WINDOWS\System32\sys.exe
    O4 - HKCU\..\Run: [HitwarePKLite] C:\Program Files\Hitware Popup Killer Lite\HitwarePKLite.exe
    O4 - HKCU\..\Run: [Flaw Cast] C:\DOCUME~1\vesa\APPLIC~1\GramDraw\dart itch open.exe
    O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
    O4 - HKCU\..\Run: [Steam] "e:\progra~1\steam\steam.exe" -silent
    O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
    O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Elisa Tietoturvapalvelu.lnk = C:\Program Files\Elisa Tietoturvapalvelu\4119343\Program\fspex.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: &Block this popup - C:\Program Files\F-Secure\Anti-Spyware\blockpopups.htm
    O8 - Extra context menu item: &Sequelizer configuration... - C:\Program Files\Sequelizer\dlg.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: IE Shield - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure\Anti-Spyware\ieshield.dll
    O9 - Extra 'Tools' menuitem: IE Shield... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure\Anti-Spyware\ieshield.dll
    O9 - Extra button: Expekt.com Poker - {3852AC86-965F-4abe-A75F-3DCB7E81A4B2} - C:\Program Files\expektMPP\MPPoker.exe
    O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
    O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1095409563343
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - AppInit_DLLs: wbsys.dll c:\windows\system32\wmfhotfix.dll
    O20 - Winlogon Notify: MCPClient - C:\Program Files\Common Files\Stardock\mcpstub.dll
    O20 - Winlogon Notify: WB - C:\Program Files\Stardock\Object Desktop\ThemeManager\fastload.dll
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Elisa Tietoturvapalvelu (BackWeb Client - 4119343) - BackWeb Technologies Inc. - C:\PROGRA~1\ELISAT~1\4119343\Program\SERVIC~1.EXE
    O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
    O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
    O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
    O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
    O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
    O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Elisa Tietoturvapalvelu\4119343\program\fsbwsys.exe
    O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
    O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE

    edit: meinas jäädä koko loki laittamatta.
     
    Viimeksi muokattu: 08.08.2006
  2.  
  3. Jupsu

    Jupsu Active member

    Liittynyt:
    30.12.2005
    Viestejä:
    1,459
    Kiitokset:
    2
    Pisteet:
    68
    tossa on pari rivii mitkä mua mietityttää mut antaa ammattilaisten kattoo :

    O4 - HKLM\..\Run: [wojtuswojo] C:\WINDOWS\System32\wojtuswojo.exe
    O4 - HKLM\..\Run: [sys] C:\WINDOWS\System32\sys.exe
    O4 - HKCU\..\Run: [Flaw Cast] C:\DOCUME~1\vesa\APPLIC~1\GramDraw\dart itch open.exe

    [bold]siis älä tee mitään ennen kuin muut kattovat tän[/bold]
     
  4. kairis

    kairis Regular member

    Liittynyt:
    01.06.2003
    Viestejä:
    277
    Kiitokset:
    0
    Pisteet:
    26
  5. ISOimage

    ISOimage Regular member

    Liittynyt:
    14.02.2005
    Viestejä:
    313
    Kiitokset:
    0
    Pisteet:
    26
    Tämmöinen siitä tuli, mahtaako olla oikea?

    [TRACE] Enumerating jobs and queues
    [TRACE] Activating job 'Scheduled scanning task.job'
    [TRACE] Printing all job properties

    ApplicationName: 'C:\PROGRA~1\F-Secure\ANTI-V~1\fsav.exe'
    Parameters: ' /HARD /ARCHIVE /DISINF /SCHED /NOBREAK /REPORT=C:\PROGRA~1\F-Secure\ANTI-V~1\report.txt '
    WorkingDirectory: 'C:\PROGRA~1\F-Secure\ANTI-V~1'
    Comment: 'Task added by F-Secure Anti-Virus.'
    Creator: 'SYSTEM'
    Priority: NORMAL
    MaxRunTime: INFINITE
    IdleWait: 5
    IdleDeadline: 999
    MostRecentRun: 08/04/2006 0:18:46
    NextRun: 08/11/2006 0:00:00
    StartError: S_OK
    ExitCode: 0x3
    Status: SCHED_S_TASK_READY
    ScheduledWorkItem Flags:
    DeleteWhenDone = 0
    Suspend = 0
    StartOnlyIfIdle = 1
    KillOnIdleEnd = 0
    RestartOnIdleResume = 0
    DontStartIfOnBatteries = 0
    KillIfGoingOnBatteries = 0
    RunOnlyIfLoggedOn = 0
    SystemRequired = 0
    Hidden = 0
    TaskFlags: 0

    1 Trigger

    Trigger 0:
    Type: Weekly
    WeeksInterval: 1
    DaysOfTheWeek: .....F.
    StartDate: 08/08/2006
    EndDate: 00/00/0000
    StartTime: 00:00
    MinutesDuration: 0
    MinutesInterval: 0
    Flags:
    HasEndDate = 0
    KillAtDuration = 0
    Disabled = 0


     
  6. kairis

    kairis Regular member

    Liittynyt:
    01.06.2003
    Viestejä:
    277
    Kiitokset:
    0
    Pisteet:
    26
    Siivotaas:
    Mene [bold]Ohjauspaneeliin - > Lisää tai poista sovellus[/bold] -> Poista seuraavat:
    wojtuswojo
    sys
    Flaw Cast
    (jos löytyy, voi olla myös vastaavan niminen)
    Käynnistä kone uudelleen.

    Sulje selaimet ja muut ohjelmat, käynnistä HijackThis, klikkaa” do a system scan only ”.
    Merkkaa nämä rivit ja paina Fix checked : (kaikkia ei välttämättä löydy enää)
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.mcdcsadsasuhnpancelowjnx.us/kvT8yH_bOtR93RKsQbgmMl9NO8...
    O4 - HKLM\..\Run: [wojtuswojo] C:\WINDOWS\System32\wojtuswojo.exe
    O4 - HKLM\..\Run: [sys] C:\WINDOWS\System32\sys.exe
    O4 - HKCU\..\Run: [Flaw Cast] C:\DOCUME~1\vesa\APPLIC~1\GramDraw\dart itch open.exe

    Laita piilotiedostot näkyviin. Ohje:
    http://www.virustorjunta.net/module...Yleisohjeita+ongelmatilanteiden+ratkaisuun#40
    Käynnistä vikasietotilaan. Ohje:
    http://www.virustorjunta.net/module...Yleisohjeita+ongelmatilanteiden+ratkaisuun#37
    Seuraavaksi poistat seuraavat [bold]kansiot/tiedostot[/bold] vaikka Oman tietokoneen kautta. (jos löytyy):
    C:\WINDOWS\System32\>>wojtuswojo.exe <<
    C:\WINDOWS\System32\>>sys.exe <<
    C:\DOCUMENTS AND SETTINGS\vesa\APPLICATION DATA\>>GramDraw<<
    Tyhjennä roskakori.

    Käynnistä kone uudelleen.
    Laita piilotiedostot takaisin piiloon (Teet niin kuin aikaisemmin mutta valitset "Älä näytä piilotettuja tiedostoja ja kansioita")

    [bold]-> Lataa ja asennaEwido Anti-Spyware 4.0[/bold]
    http://aaxxeell.googlepages.com/ewido4

    o Käynnistä Ewido Anti-Spyware

    o Klikkaa Update kuvaketta ikkunan ylälaidassa

    + Klikkaa Start update nappia
    + Odota päivitysten latautumista ja asentumista

    o Sulje ohjelma, käynnistä vikasietotilaan ja skannaa.

    Lähetä uusi HJT-loki ja Ewidon loki.
     
    Viimeksi muokattu: 08.08.2006
  7. ISOimage

    ISOimage Regular member

    Liittynyt:
    14.02.2005
    Viestejä:
    313
    Kiitokset:
    0
    Pisteet:
    26
    No niin kylläpä se kesti mutta tässä nuo molemmat loki tiedostot

    Logfile of HijackThis v1.99.1
    Scan saved at 18:42:00, on 8.8.2006
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Stardock\SDMCP.exe
    C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
    C:\PROGRA~1\ELISAT~1\4119343\Program\SERVIC~1.EXE
    C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
    C:\Program Files\ewido anti-spyware 4.0\guard.exe
    C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
    C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
    C:\Program Files\Elisa Tietoturvapalvelu\4119343\Program\fspex.exe
    C:\Program Files\Elisa Tietoturvapalvelu\4119343\program\fsbwsys.exe
    C:\Program Files\F-Secure\Common\FSMA32.EXE
    C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\F-Secure\Common\FSMB32.EXE
    C:\WINDOWS\System32\CNAC3RPK.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\F-Secure\Common\FCH32.EXE
    C:\Program Files\F-Secure\Common\FAMEH32.EXE
    C:\Program Files\F-Secure\Anti-Virus\fsrw.exe
    C:\Program Files\Canon\CAL\CALMAIN.exe
    C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
    C:\Program Files\F-Secure\Common\FSM32.EXE
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\F-Secure\FSGUI\ispnews.exe
    G:\DVD - kamat\AnyDVD 5.2.3.1 + crack OK. NEW!!!!\AnyDVD\AnyDVD.exe
    C:\Program Files\Microsoft IntelliType Pro\type32.exe
    C:\Program Files\Microsoft IntelliPoint\point32.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\WINDOWS\System32\wuauclt.exe
    C:\Program Files\Hitware Popup Killer Lite\HitwarePKLite.exe
    C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
    C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    C:\PROGRA~1\F-Secure\ANTI-S~1\fsaw.exe
    C:\Program Files\F-Secure\FSGUI\fsguidll.exe
    C:\HijackThis_v1.99.1.exe

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.iltasanomat.fi/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: RUPK - {604B283A-4E26-4504-98E7-72859F949547} - C:\PROGRA~1\HITWAR~1\sypcms.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
    O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fi\msntb.dll
    O2 - BHO: (no name) - {D48DF30A-56B3-4094-AD84-D4D9B2FAD730} - (no file)
    O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fi\msntb.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\F-Secure\FSGUI\FSSW.EXE" /reboot
    O4 - HKLM\..\Run: [EPSON Stylus CX3200] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P19 "EPSON Stylus CX3200" /O6 "USB001" /M "Stylus CX3200"
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [News Service] "C:\Program Files\F-Secure\FSGUI\ispnews.exe"
    O4 - HKLM\..\Run: [AnyDVD] G:\DVD - kamat\AnyDVD 5.2.3.1 + crack OK. NEW!!!!\AnyDVD\AnyDVD.exe
    O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
    O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
    O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
    O4 - HKCU\..\Run: [HitwarePKLite] C:\Program Files\Hitware Popup Killer Lite\HitwarePKLite.exe
    O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
    O4 - HKCU\..\Run: [Steam] "e:\progra~1\steam\steam.exe" -silent
    O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
    O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Elisa Tietoturvapalvelu.lnk = C:\Program Files\Elisa Tietoturvapalvelu\4119343\Program\fspex.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: &Block this popup - C:\Program Files\F-Secure\Anti-Spyware\blockpopups.htm
    O8 - Extra context menu item: &Sequelizer configuration... - C:\Program Files\Sequelizer\dlg.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: IE Shield - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure\Anti-Spyware\ieshield.dll
    O9 - Extra 'Tools' menuitem: IE Shield... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure\Anti-Spyware\ieshield.dll
    O9 - Extra button: Expekt.com Poker - {3852AC86-965F-4abe-A75F-3DCB7E81A4B2} - C:\Program Files\expektMPP\MPPoker.exe
    O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
    O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1095409563343
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - AppInit_DLLs: wbsys.dll c:\windows\system32\wmfhotfix.dll
    O20 - Winlogon Notify: MCPClient - C:\Program Files\Common Files\Stardock\mcpstub.dll
    O20 - Winlogon Notify: WB - C:\Program Files\Stardock\Object Desktop\ThemeManager\fastload.dll
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Elisa Tietoturvapalvelu (BackWeb Client - 4119343) - BackWeb Technologies Inc. - C:\PROGRA~1\ELISAT~1\4119343\Program\SERVIC~1.EXE
    O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
    O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
    O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
    O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
    O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
    O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Elisa Tietoturvapalvelu\4119343\program\fsbwsys.exe
    O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
    O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE

    Ja tässä ewidon loki

    ---------------------------------------------------------
    ewido anti-spyware - Scan Report
    ---------------------------------------------------------

    + Created at: 18:33:47 8.8.2006

    + Scan result:



    HKLM\SOFTWARE\Altnet -> Adware.Altnet : No action taken.
    HKLM\SOFTWARE\Altnet\Dashboard -> Adware.Altnet : No action taken.
    HKLM\SOFTWARE\Altnet\Dashboard\Messages -> Adware.Altnet : No action taken.
    C:\Program Files\F-Secure\FWES\program\fsdfwd.exe -> Adware.Gator : No action taken.
    C:\Program Files\Adverts\uninst.exe -> Adware.Lop : No action taken.
    C:\Documents and Settings\vesa\Local Settings\Temporary Internet Files\Content.IE5\WTKXYFS9\ControllerScripts[1].js -> Adware.MediaMotor : No action taken.
    C:\Documents and Settings\vesa\Local Settings\Temporary Internet Files\Content.IE5\ZBPZBPS4\Scripts[1].js -> Adware.MediaMotor : No action taken.
    C:\Program Files\Instant Access\Multi\20060605170651\instant access.exe -> Dialer.EgroupDial.w : No action taken.
    C:\WINDOWS\iaccess32.exe -> Dialer.EgroupDial.w : No action taken.
    C:\WINDOWS\system32\egaccess4_1062.dll -> Dialer.EgroupDial.w : No action taken.
    HKU\S-1-5-21-1659004503-2049760794-1801674531-1001\Software\EGDHTML -> Dialer.Generic : No action taken.
    C:\WINDOWS\system32\syshk.dll -> Not-A-Virus.Monitor.Win32.Perflogger.163 : No action taken.
    C:\WINDOWS\system32\sysr.exe -> Not-A-Virus.Monitor.Win32.Perflogger.163 : No action taken.
    C:\WINDOWS\system32\wojtuswojohk.dll -> Not-A-Virus.Monitor.Win32.Perflogger.163 : No action taken.
    C:\WINDOWS\system32\wojtuswojor.exe -> Not-A-Virus.Monitor.Win32.Perflogger.163 : No action taken.
    C:\WINDOWS\system32\windrvNT.sys -> Rootkit.NtRootKit.131 : No action taken.
    :mozilla.584:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.247realmedia : No action taken.
    :mozilla.181:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.182:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.183:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.184:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.185:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.186:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.187:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.266:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.370:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    C:\Documents and Settings\vesa\Cookies\vesa@msninvite.112.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
    C:\Documents and Settings\vesa\Cookies\vesa@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.288:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
    :mozilla.289:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
    :mozilla.444:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Addynamix : No action taken.
    :mozilla.68:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Adtech : No action taken.
    :mozilla.69:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Adtech : No action taken.
    :mozilla.112:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
    :mozilla.113:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
    :mozilla.114:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
    :mozilla.115:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
    :mozilla.116:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
    :mozilla.445:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Atdmt : No action taken.
    :mozilla.892:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Bfast : No action taken.
    :mozilla.896:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Burstnet : No action taken.
    :mozilla.897:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Burstnet : No action taken.
    :mozilla.277:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
    :mozilla.278:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
    :mozilla.279:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
    :mozilla.280:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
    :mozilla.281:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
    :mozilla.887:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Clickzs : No action taken.
    :mozilla.888:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Clickzs : No action taken.
    :mozilla.889:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Clickzs : No action taken.
    :mozilla.890:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Clickzs : No action taken.
    C:\Documents and Settings\vesa\Cookies\vesa@vip2.clickzs[2].txt -> TrackingCookie.Clickzs : No action taken.
    :mozilla.553:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Coremetrics : No action taken.
    :mozilla.729:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Coremetrics : No action taken.
    :mozilla.875:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Cqcounter : No action taken.
    :mozilla.30:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Doubleclick : No action taken.
    :mozilla.581:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Euroclick : No action taken.
    :mozilla.342:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Falkag : No action taken.
    :mozilla.241:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
    :mozilla.242:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
    :mozilla.243:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
    :mozilla.244:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
    :mozilla.245:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
    :mozilla.246:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
    :mozilla.248:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
    :mozilla.512:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
    :mozilla.383:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
    :mozilla.407:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
    :mozilla.408:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
    :mozilla.409:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
    :mozilla.514:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
    :mozilla.515:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
    :mozilla.541:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
    :mozilla.543:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
    :mozilla.562:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
    :mozilla.563:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
    :mozilla.564:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
    :mozilla.592:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
    :mozilla.593:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
    :mozilla.594:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
    :mozilla.599:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
    :mozilla.649:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
    :mozilla.653:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
    :mozilla.676:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
    :mozilla.677:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
    :mozilla.688:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
    :mozilla.715:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
    :mozilla.745:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
    :mozilla.747:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
    :mozilla.809:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
    :mozilla.812:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
    :mozilla.819:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
    :mozilla.910:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
    :mozilla.874:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Masterstats : No action taken.
    C:\Documents and Settings\vesa\Cookies\vesa@image.masterstats[1].txt -> TrackingCookie.Masterstats : No action taken.
    :mozilla.477:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Mediaplex : No action taken.
    :mozilla.173:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Overture : No action taken.
    :mozilla.174:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Overture : No action taken.
    :mozilla.267:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Overture : No action taken.
    :mozilla.693:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
    :mozilla.694:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
    :mozilla.695:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
    :mozilla.696:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
    :mozilla.446:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Questionmarket : No action taken.
    :mozilla.447:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Questionmarket : No action taken.
    :mozilla.418:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Revenue : No action taken.
    :mozilla.497:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
    :mozilla.498:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
    :mozilla.499:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
    :mozilla.500:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
    :mozilla.464:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
    :mozilla.465:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
    :mozilla.466:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
    :mozilla.467:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
    :mozilla.468:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
    :mozilla.469:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
    :mozilla.470:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
    :mozilla.471:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
    :mozilla.472:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
    :mozilla.473:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
    :mozilla.572:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Sexlist : No action taken.
    :mozilla.573:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Sexlist : No action taken.
    :mozilla.574:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Sexlist : No action taken.
    :mozilla.575:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Sexlist : No action taken.
    :mozilla.576:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Sexlist : No action taken.
    :mozilla.577:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Sexlist : No action taken.
    :mozilla.578:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Sexlist : No action taken.
    :mozilla.579:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Sexlist : No action taken.
    :mozilla.481:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.
    :mozilla.482:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.
    :mozilla.483:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.
    :mozilla.484:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.
    :mozilla.485:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.
    :mozilla.486:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.
    :mozilla.487:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.
    :mozilla.488:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.
    :mozilla.690:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
    :mozilla.691:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
    :mozilla.63:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Tradedoubler : No action taken.
    :mozilla.64:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Tradedoubler : No action taken.
    :mozilla.65:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Tradedoubler : No action taken.
    :mozilla.66:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Tradedoubler : No action taken.
    :mozilla.67:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Tradedoubler : No action taken.
    :mozilla.703:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
    :mozilla.704:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
    :mozilla.425:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.
    :mozilla.915:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Valueclick : No action taken.
    :mozilla.177:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Webtrendslive : No action taken.
    :mozilla.899:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Webtrendslive : No action taken.
    :mozilla.911:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Webtrendslive : No action taken.
    :mozilla.917:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Webtrendslive : No action taken.
    :mozilla.918:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Webtrendslive : No action taken.
    :mozilla.282:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
    :mozilla.283:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
    :mozilla.441:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Zedo : No action taken.
    :mozilla.442:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Zedo : No action taken.


    ::Report end

     
  8. kairis

    kairis Regular member

    Liittynyt:
    01.06.2003
    Viestejä:
    277
    Kiitokset:
    0
    Pisteet:
    26
    Otetaas uusiksi Ewido.
    [​IMG]
    Katso, että olet laittanut ruksin tuohon ylimpään kohtaan.(clean and move...)

    Lähetä sitten uusi Ewidon raportti.
     
  9. ISOimage

    ISOimage Regular member

    Liittynyt:
    14.02.2005
    Viestejä:
    313
    Kiitokset:
    0
    Pisteet:
    26
    Tässä uudet loki tiedostot. Oli mun moka oli jäänyt täppi pois tuosta ylemmästä kohdasta. Jos joku vois vastailla ripeesti, meinaan näyttää siltä että f-securelle tapahtui jotain.

    Logfile of HijackThis v1.99.1
    Scan saved at 21:51:03, on 8.8.2006
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Stardock\SDMCP.exe
    C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
    C:\PROGRA~1\ELISAT~1\4119343\Program\SERVIC~1.EXE
    C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
    C:\Program Files\ewido anti-spyware 4.0\guard.exe
    C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
    C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
    C:\Program Files\Elisa Tietoturvapalvelu\4119343\program\fsbwsys.exe
    C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
    C:\Program Files\F-Secure\Common\FSMA32.EXE
    C:\Program Files\F-Secure\Common\FSMB32.EXE
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\F-Secure\Common\FCH32.EXE
    C:\Program Files\Elisa Tietoturvapalvelu\4119343\Program\fspex.exe
    C:\WINDOWS\System32\CNAC3RPK.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\F-Secure\Common\FAMEH32.EXE
    C:\Program Files\F-Secure\Anti-Virus\fsrw.exe
    C:\Program Files\Canon\CAL\CALMAIN.exe
    C:\Program Files\F-Secure\Common\FSM32.EXE
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
    C:\Program Files\F-Secure\FSGUI\ispnews.exe
    G:\DVD - kamat\AnyDVD 5.2.3.1 + crack OK. NEW!!!!\AnyDVD\AnyDVD.exe
    C:\Program Files\Microsoft IntelliType Pro\type32.exe
    C:\Program Files\Microsoft IntelliPoint\point32.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\Program Files\Hitware Popup Killer Lite\HitwarePKLite.exe
    C:\WINDOWS\System32\wuauclt.exe
    C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    C:\HijackThis_v1.99.1.exe

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.iltasanomat.fi/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: RUPK - {604B283A-4E26-4504-98E7-72859F949547} - C:\PROGRA~1\HITWAR~1\sypcms.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
    O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fi\msntb.dll
    O2 - BHO: (no name) - {D48DF30A-56B3-4094-AD84-D4D9B2FAD730} - (no file)
    O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fi\msntb.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\F-Secure\FSGUI\FSSW.EXE" /reboot
    O4 - HKLM\..\Run: [EPSON Stylus CX3200] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P19 "EPSON Stylus CX3200" /O6 "USB001" /M "Stylus CX3200"
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [News Service] "C:\Program Files\F-Secure\FSGUI\ispnews.exe"
    O4 - HKLM\..\Run: [AnyDVD] G:\DVD - kamat\AnyDVD 5.2.3.1 + crack OK. NEW!!!!\AnyDVD\AnyDVD.exe
    O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
    O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKCU\..\Run: [HitwarePKLite] C:\Program Files\Hitware Popup Killer Lite\HitwarePKLite.exe
    O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
    O4 - HKCU\..\Run: [Steam] "e:\progra~1\steam\steam.exe" -silent
    O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
    O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Elisa Tietoturvapalvelu.lnk = C:\Program Files\Elisa Tietoturvapalvelu\4119343\Program\fspex.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: &Block this popup - C:\Program Files\F-Secure\Anti-Spyware\blockpopups.htm
    O8 - Extra context menu item: &Sequelizer configuration... - C:\Program Files\Sequelizer\dlg.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: IE Shield - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure\Anti-Spyware\ieshield.dll
    O9 - Extra 'Tools' menuitem: IE Shield... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure\Anti-Spyware\ieshield.dll
    O9 - Extra button: Expekt.com Poker - {3852AC86-965F-4abe-A75F-3DCB7E81A4B2} - C:\Program Files\expektMPP\MPPoker.exe
    O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
    O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1095409563343
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - AppInit_DLLs: wbsys.dll c:\windows\system32\wmfhotfix.dll
    O20 - Winlogon Notify: MCPClient - C:\Program Files\Common Files\Stardock\mcpstub.dll
    O20 - Winlogon Notify: WB - C:\Program Files\Stardock\Object Desktop\ThemeManager\fastload.dll
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Elisa Tietoturvapalvelu (BackWeb Client - 4119343) - BackWeb Technologies Inc. - C:\PROGRA~1\ELISAT~1\4119343\Program\SERVIC~1.EXE
    O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
    O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
    O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
    O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
    O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
    O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Elisa Tietoturvapalvelu\4119343\program\fsbwsys.exe
    O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - Unknown owner - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe (file missing)
    O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE



    ---------------------------------------------------------
    ewido anti-spyware - Scan Report
    ---------------------------------------------------------

    + Created at: 21:17:08 8.8.2006

    + Scan result:



    HKLM\SOFTWARE\Altnet -> Adware.Altnet : No action taken.
    HKLM\SOFTWARE\Altnet\Dashboard -> Adware.Altnet : No action taken.
    HKLM\SOFTWARE\Altnet\Dashboard\Messages -> Adware.Altnet : No action taken.
    C:\Program Files\Adverts\uninst.exe -> Adware.Lop : No action taken.
    C:\Documents and Settings\vesa\Local Settings\Temporary Internet Files\Content.IE5\WTKXYFS9\ControllerScripts[1].js -> Adware.MediaMotor : No action taken.
    C:\Documents and Settings\vesa\Local Settings\Temporary Internet Files\Content.IE5\ZBPZBPS4\Scripts[1].js -> Adware.MediaMotor : No action taken.
    C:\Program Files\Instant Access\Multi\20060605170651\instant access.exe -> Dialer.EgroupDial.w : No action taken.
    C:\WINDOWS\iaccess32.exe -> Dialer.EgroupDial.w : No action taken.
    C:\WINDOWS\system32\egaccess4_1062.dll -> Dialer.EgroupDial.w : No action taken.
    HKU\S-1-5-21-1659004503-2049760794-1801674531-1001\Software\EGDHTML -> Dialer.Generic : No action taken.
    C:\WINDOWS\system32\syshk.dll -> Not-A-Virus.Monitor.Win32.Perflogger.163 : No action taken.
    C:\WINDOWS\system32\sysr.exe -> Not-A-Virus.Monitor.Win32.Perflogger.163 : No action taken.
    C:\WINDOWS\system32\wojtuswojohk.dll -> Not-A-Virus.Monitor.Win32.Perflogger.163 : No action taken.
    C:\WINDOWS\system32\wojtuswojor.exe -> Not-A-Virus.Monitor.Win32.Perflogger.163 : No action taken.
    C:\WINDOWS\system32\windrvNT.sys -> Rootkit.NtRootKit.131 : No action taken.
    :mozilla.586:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.247realmedia : No action taken.
    :mozilla.189:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.190:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.191:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.192:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.193:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.194:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.195:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.273:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.375:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    C:\Documents and Settings\vesa\Cookies\vesa@msninvite.112.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
    C:\Documents and Settings\vesa\Cookies\vesa@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.295:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
    :mozilla.296:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
    :mozilla.446:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Addynamix : No action taken.
    :mozilla.36:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Adtech : No action taken.
    :mozilla.37:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Adtech : No action taken.
    :mozilla.126:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
    :mozilla.127:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
    :mozilla.128:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
    :mozilla.129:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
    :mozilla.130:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
    :mozilla.447:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Atdmt : No action taken.
    :mozilla.894:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Bfast : No action taken.
    :mozilla.898:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Burstnet : No action taken.
    :mozilla.899:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Burstnet : No action taken.
    :mozilla.284:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
    :mozilla.285:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
    :mozilla.286:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
    :mozilla.287:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
    :mozilla.288:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
    :mozilla.889:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Clickzs : No action taken.
    :mozilla.890:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Clickzs : No action taken.
    :mozilla.891:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Clickzs : No action taken.
    :mozilla.892:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Clickzs : No action taken.
    C:\Documents and Settings\vesa\Cookies\vesa@vip2.clickzs[2].txt -> TrackingCookie.Clickzs : No action taken.
    :mozilla.555:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Coremetrics : No action taken.
    :mozilla.731:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Coremetrics : No action taken.
    :mozilla.877:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Cqcounter : No action taken.
    :mozilla.18:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Doubleclick : No action taken.
    :mozilla.583:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Euroclick : No action taken.
    :mozilla.347:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Falkag : No action taken.
    :mozilla.248:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
    :mozilla.249:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
    :mozilla.250:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
    :mozilla.251:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
    :mozilla.252:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
    :mozilla.253:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
    :mozilla.255:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
    :mozilla.514:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
    :mozilla.388:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
    :mozilla.412:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
    :mozilla.413:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
    :mozilla.414:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
    :mozilla.516:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
    :mozilla.517:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
    :mozilla.543:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
    :mozilla.545:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
    :mozilla.564:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
    :mozilla.565:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
    :mozilla.566:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
    :mozilla.594:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
    :mozilla.595:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
    :mozilla.596:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
    :mozilla.601:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
    :mozilla.651:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
    :mozilla.655:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
    :mozilla.678:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
    :mozilla.679:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
    :mozilla.690:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
    :mozilla.717:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
    :mozilla.747:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
    :mozilla.749:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
    :mozilla.811:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
    :mozilla.814:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
    :mozilla.821:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
    :mozilla.912:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
    :mozilla.876:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Masterstats : No action taken.
    C:\Documents and Settings\vesa\Cookies\vesa@image.masterstats[1].txt -> TrackingCookie.Masterstats : No action taken.
    :mozilla.479:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Mediaplex : No action taken.
    :mozilla.183:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Overture : No action taken.
    :mozilla.184:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Overture : No action taken.
    :mozilla.274:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Overture : No action taken.
    :mozilla.695:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
    :mozilla.696:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
    :mozilla.697:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
    :mozilla.698:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
    :mozilla.448:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Questionmarket : No action taken.
    :mozilla.449:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Questionmarket : No action taken.
    :mozilla.420:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Revenue : No action taken.
    :mozilla.499:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
    :mozilla.500:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
    :mozilla.501:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
    :mozilla.502:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
    :mozilla.466:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
    :mozilla.467:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
    :mozilla.468:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
    :mozilla.469:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
    :mozilla.470:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
    :mozilla.471:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
    :mozilla.472:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
    :mozilla.473:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
    :mozilla.474:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
    :mozilla.475:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
    :mozilla.574:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Sexlist : No action taken.
    :mozilla.575:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Sexlist : No action taken.
    :mozilla.576:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Sexlist : No action taken.
    :mozilla.577:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Sexlist : No action taken.
    :mozilla.578:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Sexlist : No action taken.
    :mozilla.579:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Sexlist : No action taken.
    :mozilla.580:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Sexlist : No action taken.
    :mozilla.581:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Sexlist : No action taken.
    :mozilla.483:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.
    :mozilla.484:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.
    :mozilla.485:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.
    :mozilla.486:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.
    :mozilla.487:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.
    :mozilla.488:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.
    :mozilla.489:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.
    :mozilla.490:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.
    :mozilla.692:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
    :mozilla.693:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
    :mozilla.38:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Tradedoubler : No action taken.
    :mozilla.39:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Tradedoubler : No action taken.
    :mozilla.40:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Tradedoubler : No action taken.
    :mozilla.41:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Tradedoubler : No action taken.
    :mozilla.42:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Tradedoubler : No action taken.
    :mozilla.705:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
    :mozilla.706:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
    :mozilla.427:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.
    :mozilla.917:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Valueclick : No action taken.
    :mozilla.187:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Webtrendslive : No action taken.
    :mozilla.901:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Webtrendslive : No action taken.
    :mozilla.913:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Webtrendslive : No action taken.
    :mozilla.919:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Webtrendslive : No action taken.
    :mozilla.920:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Webtrendslive : No action taken.
    :mozilla.289:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
    :mozilla.290:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
    :mozilla.443:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Zedo : No action taken.
    :mozilla.444:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Zedo : No action taken.


    ::Report end


    Edit: Nyt tuo F-Secure ongelma ratkesi, Ewido oli luullut yhtä F-securen tiedostoa virukseksi ja siirtänyt sen karanteeniin. Tiedoston palautus ja restart niin taas palomuuri pelittää.
     
    Viimeksi muokattu: 09.08.2006
  10. kairis

    kairis Regular member

    Liittynyt:
    01.06.2003
    Viestejä:
    277
    Kiitokset:
    0
    Pisteet:
    26
    Moi.
    Ei mennyt Ewido vieläkään oikein:

    Ohje Ewido 4.0:n käyttöön

    Tallenna nämä ohjeet tekstitiedostoon tai tulosta nämä, muuten et pääse niihin käsiksi vikasietotilasta

    Lataa Ewido Anti-Spyware 4.0 ja tallenna ohjelma työpöydällesi.

    * Kun olet ladannut ohjelman, kaksoisklikkaa asennuohjelman pikakuvaketta työpöydälläsi, asennus alkaa.
    * Asennuksen jälkeen täytyy ohjelma käynnistää ja sen tunnisteet päivittää.
    * Käynnistä Ewido Anti-Spyware.
    * Klikkaa "Update" kuvaketta päävalikossa. Sen jälkeen klikkaa "Update now" painiketta.

    o Sitten klikkaa "Start Update" kuvaketta jolloin päivitys alkaa.

    * Kun päivitykset on ladattu, klikkaa "Scanner" kuvaketta ikkunan ylälaidassa. Valitse sitten "Settings" välilehti.
    * Kun "Settings" valikko on auennut, klikkaa "Recommended actions" ja sitten valitse "Quarantine".
    * Sitten "Reports" valikon alta:

    o Laita täppi kohtaan "Automatically generate report after every scan"
    o Ota täppi pois kohdasta"Only if threats were found"

    * Sulje ohjelma, ÄLÄ skannaa vielä.

    Käynnistä koneesi vikasietotilaan, Ohje!

    HUOM! Älä käytä muita ohjelmia Ewidon skannauksen aikana, tämä saattaa häiritä skannausta.

    * Kun vikasietotilassa, käynnistä Ewido Anti-Spyware.
    * Klikkaa "Scanner" kuvaketta ikkunan ylälaidassa ja valitse "Scan" välilehti. Sitten klikkaa "Complete System Scan".
    * Ewido aloittaa nyt tietokoneen skannaamisen, ole kärsivällinen sillä skannaus vie aikaa.

    Kun skannaus on valmis:
    TÄRKEÄÄ : Älä klikkaa "Save Scan Report" ennen kuin klikkaat "Apply all Actions"
    * Varmistu, että Set all elements to: näyttää Quarantine (1), jos ei, klikkaa linkkiä ja valitse Quarantine popup-valikosta.
    * Sinulta kysytään mitä tehdä jos infektioita löytyi, valitse silloin "Apply all actions"
    [​IMG]
    # Sitten klikkaa "Reports" kuvaketta ohjelma yläosasta.
    # Klikkaa "Save report as" painiketta ikkunan vasemmassa alalaidassa ja tallenna raportti työpöydälle.
    # Sulje ohjelma, käynnistä kone normaalisti ja lähetä Ewidon raportti viestikejuusi.

     
    Viimeksi muokattu: 09.08.2006
  11. ISOimage

    ISOimage Regular member

    Liittynyt:
    14.02.2005
    Viestejä:
    313
    Kiitokset:
    0
    Pisteet:
    26
    No niin kolmas kerta toden sanoo. Ewido löysi jotain painoin "apply all action" ja palomuuri lakkas toimimasta. Tässä Ewidon loki ja uusi HJT-loki

    ---------------------------------------------------------
    ewido anti-spyware - Scan Report
    ---------------------------------------------------------

    + Created at: 14:45:33 9.8.2006

    + Scan result:



    HKLM\SOFTWARE\Altnet -> Adware.Altnet : Error during cleaning.
    HKLM\SOFTWARE\Altnet\Dashboard -> Adware.Altnet : Error during cleaning.
    HKLM\SOFTWARE\Altnet\Dashboard\Messages -> Adware.Altnet : Error during cleaning.
    C:\WINDOWS\system32\syshk.dll -> Not-A-Virus.Monitor.Win32.Perflogger.163 : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\sysr.exe -> Not-A-Virus.Monitor.Win32.Perflogger.163 : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\wojtuswojohk.dll -> Not-A-Virus.Monitor.Win32.Perflogger.163 : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\wojtuswojor.exe -> Not-A-Virus.Monitor.Win32.Perflogger.163 : Cleaned with backup (quarantined).
    :mozilla.42:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup (quarantined).
    :mozilla.43:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup (quarantined).
    :mozilla.29:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined).
    :mozilla.100:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
    :mozilla.101:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
    :mozilla.38:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
    :mozilla.39:C:\Documents and Settings\vesa\Application Data\Mozilla\Firefox\Profiles\5s7ir44j.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).


    ::Report end


    Logfile of HijackThis v1.99.1
    Scan saved at 15:09:32, on 9.8.2006
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Stardock\SDMCP.exe
    C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
    C:\PROGRA~1\ELISAT~1\4119343\Program\SERVIC~1.EXE
    C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
    C:\Program Files\ewido anti-spyware 4.0\guard.exe
    C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
    C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
    C:\Program Files\Elisa Tietoturvapalvelu\4119343\program\fsbwsys.exe
    C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
    C:\Program Files\F-Secure\Common\FSMA32.EXE
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\F-Secure\Common\FSMB32.EXE
    C:\Program Files\Elisa Tietoturvapalvelu\4119343\Program\fspex.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\F-Secure\Common\FCH32.EXE
    C:\WINDOWS\System32\CNAC3RPK.EXE
    C:\Program Files\F-Secure\Common\FAMEH32.EXE
    C:\Program Files\F-Secure\Anti-Virus\fsrw.exe
    C:\Program Files\Canon\CAL\CALMAIN.exe
    C:\Program Files\F-Secure\Common\FSM32.EXE
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\F-Secure\FSGUI\ispnews.exe
    G:\DVD - kamat\AnyDVD 5.2.3.1 + crack OK. NEW!!!!\AnyDVD\AnyDVD.exe
    C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
    C:\Program Files\Microsoft IntelliType Pro\type32.exe
    C:\Program Files\Microsoft IntelliPoint\point32.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\Program Files\Hitware Popup Killer Lite\HitwarePKLite.exe
    C:\HijackThis_v1.99.1.exe
    C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
    C:\WINDOWS\system32\NOTEPAD.EXE

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.iltasanomat.fi/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: RUPK - {604B283A-4E26-4504-98E7-72859F949547} - C:\PROGRA~1\HITWAR~1\sypcms.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
    O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fi\msntb.dll
    O2 - BHO: (no name) - {D48DF30A-56B3-4094-AD84-D4D9B2FAD730} - (no file)
    O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fi\msntb.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\F-Secure\FSGUI\FSSW.EXE" /reboot
    O4 - HKLM\..\Run: [EPSON Stylus CX3200] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P19 "EPSON Stylus CX3200" /O6 "USB001" /M "Stylus CX3200"
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [News Service] "C:\Program Files\F-Secure\FSGUI\ispnews.exe"
    O4 - HKLM\..\Run: [AnyDVD] G:\DVD - kamat\AnyDVD 5.2.3.1 + crack OK. NEW!!!!\AnyDVD\AnyDVD.exe
    O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
    O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
    O4 - HKCU\..\Run: [HitwarePKLite] C:\Program Files\Hitware Popup Killer Lite\HitwarePKLite.exe
    O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
    O4 - HKCU\..\Run: [Steam] "e:\progra~1\steam\steam.exe" -silent
    O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
    O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Elisa Tietoturvapalvelu.lnk = C:\Program Files\Elisa Tietoturvapalvelu\4119343\Program\fspex.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: &Block this popup - C:\Program Files\F-Secure\Anti-Spyware\blockpopups.htm
    O8 - Extra context menu item: &Sequelizer configuration... - C:\Program Files\Sequelizer\dlg.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: IE Shield - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure\Anti-Spyware\ieshield.dll
    O9 - Extra 'Tools' menuitem: IE Shield... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure\Anti-Spyware\ieshield.dll
    O9 - Extra button: Expekt.com Poker - {3852AC86-965F-4abe-A75F-3DCB7E81A4B2} - C:\Program Files\expektMPP\MPPoker.exe
    O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
    O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1095409563343
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - AppInit_DLLs: wbsys.dll c:\windows\system32\wmfhotfix.dll
    O20 - Winlogon Notify: MCPClient - C:\Program Files\Common Files\Stardock\mcpstub.dll
    O20 - Winlogon Notify: WB - C:\Program Files\Stardock\Object Desktop\ThemeManager\fastload.dll
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Elisa Tietoturvapalvelu (BackWeb Client - 4119343) - BackWeb Technologies Inc. - C:\PROGRA~1\ELISAT~1\4119343\Program\SERVIC~1.EXE
    O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
    O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
    O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
    O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
    O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
    O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Elisa Tietoturvapalvelu\4119343\program\fsbwsys.exe
    O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - Unknown owner - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe (file missing)
    O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE
     
  12. kairis

    kairis Regular member

    Liittynyt:
    01.06.2003
    Viestejä:
    277
    Kiitokset:
    0
    Pisteet:
    26
    Nyt näyttää jo paljon paremmalta...
    Yhden adwaren Ewido jätti, joten poistetaan se:
    Lataa Avenger
    http://swandog46.geekstogo.com/avenger.zip

    * Klikkaa Avenger.zip filua avataksesi sen.
    * Pura Avenger.exe työpöydällesi.

    2. Kopioi kaikki teksti alapuolelta tyhjälle muistiolle:

    [bold]Registry keys to delete:
    HKLM\SOFTWARE\Altnet[/bold]

    3. Nyt, aukaise The Avenger tupla-klikkaamalla sen kuvaketta pöydälläsi.

    * "Script file to execute" alapuolelta valitse "Input Script Manually".
    * Nyt klikkaa suurennuslasin kuvaa joka avaa uuden ikkunan nimeltä "View/edit script".
    * Liitä se teksti jonka kopioit muistioon, tähän ikkunaan.
    * Klikkaa Done.
    * Nyt klikkaa vihreää valoa aloittaaksesi skriptin.
    * Klikkaa "Yes" kun tulee kaksi varoitusboksia.


    Avenger tekee automaattisesti seuraavat:

    * Käynnistää koneesi. (Tapauksissa joissa skripti sisältää "Drivers to Unload" -komennon, Avenger käynnistää koneesi kaksi kertaa.)
    * Käynnistyksen yhteydessä, se lyhyesti avaa mustan komentoikkunan työpöydällesi, tämä on normaalia.
    * Käynnistyksen jälkeen, se luo lokitiedoston jonka pitäisi aueta Avengerin tekojen tuloksena. Tämän lokin tiedostopolku on C:\avenger.txt
    * Avenger on myös tehnyt varmuuskopion kaikista tiedostoista jne.. jotka pyysit sen poistaa, ja on pakannut ja siirtänyt ne zip filuihin polussa C:\avenger\backup.zip.


    5. Kopioi ja liitä kaikki sisältö tiedostosta avenger.txt vastaukseesi tuoreen HJT lokin mukana.
     
  13. ISOimage

    ISOimage Regular member

    Liittynyt:
    14.02.2005
    Viestejä:
    313
    Kiitokset:
    0
    Pisteet:
    26
    Logfile of The Avenger version 1, by Swandog46
    Running from registry key:
    \Registry\Machine\System\CurrentControlSet\Services\ixacbvqi

    *******************

    Script file located at: \??\C:\WINDOWS\System32\ifkrkcfb.txt
    Script file opened successfully.

    Script file read successfully

    Backups directory opened successfully at C:\Avenger

    *******************

    Beginning to process script file:

    Registry key HKLM\SOFTWARE\Altnet deleted successfully.

    Completed script processing.

    *******************

    Finished! Terminate.

    Ja HJT-loki

    Logfile of HijackThis v1.99.1
    Scan saved at 15:56:32, on 9.8.2006
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Stardock\SDMCP.exe
    C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
    C:\PROGRA~1\ELISAT~1\4119343\Program\SERVIC~1.EXE
    C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
    C:\Program Files\ewido anti-spyware 4.0\guard.exe
    C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
    C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
    C:\Program Files\Elisa Tietoturvapalvelu\4119343\program\fsbwsys.exe
    C:\Program Files\F-Secure\Common\FSMA32.EXE
    C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
    C:\Program Files\F-Secure\Common\FSMB32.EXE
    C:\Program Files\F-Secure\Common\FCH32.EXE
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Elisa Tietoturvapalvelu\4119343\Program\fspex.exe
    C:\Program Files\F-Secure\Common\FAMEH32.EXE
    C:\Program Files\F-Secure\Anti-Virus\fsrw.exe
    C:\WINDOWS\System32\CNAC3RPK.EXE
    C:\Program Files\Canon\CAL\CALMAIN.exe
    C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
    C:\Program Files\F-Secure\Common\FSM32.EXE
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\F-Secure\FSGUI\ispnews.exe
    G:\DVD - kamat\AnyDVD 5.2.3.1 + crack OK. NEW!!!!\AnyDVD\AnyDVD.exe
    C:\Program Files\Microsoft IntelliType Pro\type32.exe
    C:\Program Files\Microsoft IntelliPoint\point32.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\Program Files\Hitware Popup Killer Lite\HitwarePKLite.exe
    C:\WINDOWS\System32\wuauclt.exe
    C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    C:\WINDOWS\system32\notepad.exe
    C:\HijackThis_v1.99.1.exe

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.iltasanomat.fi/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: RUPK - {604B283A-4E26-4504-98E7-72859F949547} - C:\PROGRA~1\HITWAR~1\sypcms.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
    O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fi\msntb.dll
    O2 - BHO: (no name) - {D48DF30A-56B3-4094-AD84-D4D9B2FAD730} - (no file)
    O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fi\msntb.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\F-Secure\FSGUI\FSSW.EXE" /reboot
    O4 - HKLM\..\Run: [EPSON Stylus CX3200] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P19 "EPSON Stylus CX3200" /O6 "USB001" /M "Stylus CX3200"
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [News Service] "C:\Program Files\F-Secure\FSGUI\ispnews.exe"
    O4 - HKLM\..\Run: [AnyDVD] G:\DVD - kamat\AnyDVD 5.2.3.1 + crack OK. NEW!!!!\AnyDVD\AnyDVD.exe
    O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
    O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
    O4 - HKCU\..\Run: [HitwarePKLite] C:\Program Files\Hitware Popup Killer Lite\HitwarePKLite.exe
    O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
    O4 - HKCU\..\Run: [Steam] "e:\progra~1\steam\steam.exe" -silent
    O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
    O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Elisa Tietoturvapalvelu.lnk = C:\Program Files\Elisa Tietoturvapalvelu\4119343\Program\fspex.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: &Block this popup - C:\Program Files\F-Secure\Anti-Spyware\blockpopups.htm
    O8 - Extra context menu item: &Sequelizer configuration... - C:\Program Files\Sequelizer\dlg.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: IE Shield - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure\Anti-Spyware\ieshield.dll
    O9 - Extra 'Tools' menuitem: IE Shield... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure\Anti-Spyware\ieshield.dll
    O9 - Extra button: Expekt.com Poker - {3852AC86-965F-4abe-A75F-3DCB7E81A4B2} - C:\Program Files\expektMPP\MPPoker.exe
    O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
    O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1095409563343
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - AppInit_DLLs: wbsys.dll c:\windows\system32\wmfhotfix.dll
    O20 - Winlogon Notify: MCPClient - C:\Program Files\Common Files\Stardock\mcpstub.dll
    O20 - Winlogon Notify: WB - C:\Program Files\Stardock\Object Desktop\ThemeManager\fastload.dll
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Elisa Tietoturvapalvelu (BackWeb Client - 4119343) - BackWeb Technologies Inc. - C:\PROGRA~1\ELISAT~1\4119343\Program\SERVIC~1.EXE
    O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
    O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
    O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
    O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
    O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
    O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Elisa Tietoturvapalvelu\4119343\program\fsbwsys.exe
    O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - Unknown owner - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe (file missing)
    O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE

     
  14. kairis

    kairis Regular member

    Liittynyt:
    01.06.2003
    Viestejä:
    277
    Kiitokset:
    0
    Pisteet:
    26
    Vielä pientä säätöä, niin tulee hyvä:
    Sulje selaimet ja muut ohjelmat, käynnistä HijackThis, klikkaa” do a system scan only ”.
    Merkkaa nämä rivit ja paina Fix checked :
    O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
    O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm

    Seuraavaksi poistat seuraavat [bold]kansiot/tiedostot[/bold] vaikka Oman tietokoneen kautta. (jos löytyy):
    C:\WINDOWS\web\>>>related.htm<<<tämän

    Tyhjennä roskakori.
    Lähetä uusi HJT-loki.

    Pelaatko pokeria? Oletko itse asentanut tämän: MPPoker.exe?
     
  15. ISOimage

    ISOimage Regular member

    Liittynyt:
    14.02.2005
    Viestejä:
    313
    Kiitokset:
    0
    Pisteet:
    26
    Tässä uusi HJT-loki

    Logfile of HijackThis v1.99.1
    Scan saved at 20:14:23, on 9.8.2006
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Stardock\SDMCP.exe
    C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
    C:\PROGRA~1\ELISAT~1\4119343\Program\SERVIC~1.EXE
    C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
    C:\Program Files\ewido anti-spyware 4.0\guard.exe
    C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
    C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
    C:\Program Files\Elisa Tietoturvapalvelu\4119343\program\fsbwsys.exe
    C:\Program Files\F-Secure\Common\FSMA32.EXE
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
    C:\Program Files\F-Secure\Common\FSMB32.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\F-Secure\Common\FCH32.EXE
    C:\Program Files\Elisa Tietoturvapalvelu\4119343\Program\fspex.exe
    C:\WINDOWS\System32\CNAC3RPK.EXE
    C:\Program Files\F-Secure\Common\FAMEH32.EXE
    C:\Program Files\F-Secure\Anti-Virus\fsrw.exe
    C:\Program Files\Canon\CAL\CALMAIN.exe
    C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
    C:\Program Files\F-Secure\Common\FSM32.EXE
    C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\F-Secure\FSGUI\ispnews.exe
    G:\DVD - kamat\AnyDVD 5.2.3.1 + crack OK. NEW!!!!\AnyDVD\AnyDVD.exe
    C:\Program Files\Microsoft IntelliType Pro\type32.exe
    C:\Program Files\Microsoft IntelliPoint\point32.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\Program Files\Hitware Popup Killer Lite\HitwarePKLite.exe
    C:\PROGRA~1\F-Secure\ANTI-S~1\fsaw.exe
    C:\Program Files\F-Secure\FSGUI\fsguidll.exe
    G:\utorrent.exe
    C:\HijackThis_v1.99.1.exe

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.iltasanomat.fi/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: RUPK - {604B283A-4E26-4504-98E7-72859F949547} - C:\PROGRA~1\HITWAR~1\sypcms.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
    O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fi\msntb.dll
    O2 - BHO: (no name) - {D48DF30A-56B3-4094-AD84-D4D9B2FAD730} - (no file)
    O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fi\msntb.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\F-Secure\FSGUI\FSSW.EXE" /reboot
    O4 - HKLM\..\Run: [EPSON Stylus CX3200] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P19 "EPSON Stylus CX3200" /O6 "USB001" /M "Stylus CX3200"
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [News Service] "C:\Program Files\F-Secure\FSGUI\ispnews.exe"
    O4 - HKLM\..\Run: [AnyDVD] G:\DVD - kamat\AnyDVD 5.2.3.1 + crack OK. NEW!!!!\AnyDVD\AnyDVD.exe
    O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
    O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKCU\..\Run: [HitwarePKLite] C:\Program Files\Hitware Popup Killer Lite\HitwarePKLite.exe
    O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
    O4 - HKCU\..\Run: [Steam] "e:\progra~1\steam\steam.exe" -silent
    O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Elisa Tietoturvapalvelu.lnk = C:\Program Files\Elisa Tietoturvapalvelu\4119343\Program\fspex.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: &Block this popup - C:\Program Files\F-Secure\Anti-Spyware\blockpopups.htm
    O8 - Extra context menu item: &Estä tämä kohoikkuna - C:\Program Files\F-Secure\Anti-Spyware\blockpopups.htm
    O8 - Extra context menu item: &Sequelizer configuration... - C:\Program Files\Sequelizer\dlg.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: IE-suojaus - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure\Anti-Spyware\ieshield.dll
    O9 - Extra 'Tools' menuitem: IE-suojaus... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure\Anti-Spyware\ieshield.dll
    O9 - Extra button: Expekt.com Poker - {3852AC86-965F-4abe-A75F-3DCB7E81A4B2} - C:\Program Files\expektMPP\MPPoker.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1095409563343
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - AppInit_DLLs: wbsys.dll c:\windows\system32\wmfhotfix.dll
    O20 - Winlogon Notify: MCPClient - C:\Program Files\Common Files\Stardock\mcpstub.dll
    O20 - Winlogon Notify: WB - C:\Program Files\Stardock\Object Desktop\ThemeManager\fastload.dll
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Elisa Tietoturvapalvelu (BackWeb Client - 4119343) - BackWeb Technologies Inc. - C:\PROGRA~1\ELISAT~1\4119343\Program\SERVIC~1.EXE
    O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
    O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
    O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
    O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
    O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
    O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Elisa Tietoturvapalvelu\4119343\program\fsbwsys.exe
    O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
    O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE

    Pelaan pokeria aina silloin tällöin mutta olen ladannut Poker Stars ohjelman enkä mielestäni tuota mistä mainitsit. Olisiko tuossa semmoisia mitkä haittaa käynnistymistä mitkä voisi siivota? Millä tuon Steamin saisi pois, olen yrittänyt monta kertaa mutta ei lähde millään? Entäs nuo neron backup jutskat? Siivotaan nyt kaikki mitkä vain voi.
     
  16. kairis

    kairis Regular member

    Liittynyt:
    01.06.2003
    Viestejä:
    277
    Kiitokset:
    0
    Pisteet:
    26
    Sulje selaimet ja muut ohjelmat, käynnistä HijackThis, klikkaa” do a system scan only ”.
    Merkkaa nämä rivit ja paina Fix checked :

    O9 - Extra button: Expekt.com Poker - {3852AC86-965F-4abe-A75F-3DCB7E81A4B2} - C:\Program Files\expektMPP\MPPoker.exe

    Seuraavaksi poistat seuraavat [bold]kansiot/tiedostot[/bold] vaikka Oman tietokoneen kautta. (jos löytyy):
    C:\Program Files\[bold]expektMPP[/bold]
    Tyhjennä roskakori.


    Ohjelmat, jotka käynnistyvät Windowsin yhteydessä vievät paljon tietokoneen tehoja. Niinpä kannattaa miettiä hieman, mitä ohjelmia haluaa automaattisesti käynnistyvän.

    Säätöä voi suorittaa näin:
    Käynnistä
    Suorita
    Kirjoita msconfig -> Ok
    Valitse Käynnistys-välilehti

    Poista valintamerkki sellaisen ohjelman kohdalta, jonka et halua käynnistyvän. Ohjelma ei poistu mihinkään, ja on käytettävissä, silloin kun tarvitset sitä.

    Tässä olisi lista, jotka voit sammuttaa, tietenkin oman harkintasi mukaan:
    jusched
    NeroCheck
    AnyDVD
    Steam
    Adobe
    Käytä -> Käynnistä tietokone uudelleen!
    Kun olet käynnistänyt koneesi, tulee työpöydälle ikkuna, johon laitat ruksin ja painat OK.

    Nyt sinulla on puhdas ja nopea tietokone ;-)
    Ja jotta se pysyisi puhtaana, tässä pari vinkkiä:

    [bold]-> Käytä CCleaneria ->[/bold] http://www.ccleaner.com/downloadbuilds.asp
    Suosittelen, että valitsette lataussivulta vaihtoehdon CCleaner v1.30.310 - Basic, joka EI sisällä Yahoo toolbaria !

    * jos haluatte käyttää sitä niin muuttakaa seuraava asetus:
    Valinnat --> Lisäasetukset --> Ota ruksi pois kohdasta Poista vain yli 48 tuntia vanhat tilapäistiedostot.
    Opas CCleanerin käyttöön löytyy
    http://72.14.221.104/search?q=cache...l=fi&ct=clnk&cd=7&lr=lang_fi&client=firefox-a

    [bold]-> Asenna SpywareBlaster -> [/bold]
    http://www.javacoolsoftware.com/spywareblaster.html
    SpywareBlaster estää haittaohjelmia asentumasta koneellesi. Ei kuluta muistia!
    Opas saatavilla suomeksi! Nimimerkki Ad-Awaren opas:
    http://koti.mbnet.fi/pattaya1/spywareblaster.htm

    [bold]-> Asenna MVPS Hosts tiedosto ->[/bold]
    http://mvps.org/winhelp2002/hosts.htm
    Estää koneesi yhteyden haitallisiin sivustoihin.
    Opas saatavilla suomeksi! Nimimerkki Axelin opas

    [bold]-> Vaihda selaimesi Firefoxiin ->[/bold]
    http://www.mozilla.fi
    Firefox on nopeampi, turvallisempi ja parempi selain kuin Internet Explorer.
    Saatavilla myös suomeksi!

    [bold]-> Pidä palomuuri ja virustorjunta ajan tasalla[/bold]
    Päivitä ja skannaa koneesi säännöllisesti virustorjuntaohjelmallasi.
     
  17. ISOimage

    ISOimage Regular member

    Liittynyt:
    14.02.2005
    Viestejä:
    313
    Kiitokset:
    0
    Pisteet:
    26
    Jumalattoman paljon kiitoksia avusta, jos nyt olisit tuossa vieressä niin et kuolisi janoon. Kone tuntuu paljon paremmalta. Täytyy ottaa neuvosta vaarin ja asentaa noita työkaluja koneen puhtaana pitämiseksi. Vielä kerran TODELLA ISO kiitos avusta.
     
Viestiketjun tila:
Viestiketju on suljettu.

Jaa tämä sivu