HJT - logi

Viestiketju Virukset ja haittaohjelmat -osiossa. Ketjun avasi Topcopy 20.11.2005.

  1. Topcopy

    Topcopy Member

    Liittynyt:
    10.02.2005
    Viestejä:
    88
    Kiitokset:
    0
    Pisteet:
    16
    Hei, epäilen että koneella on virus, mutta en löydä miteen scannereilla.
    Olen kokeilut ainakin 5 eri scanneria. ei ole löytynyt mitään joten päätin laittaa tänne hijackthis login.

    Logfile of HijackThis v1.99.1
    Scan saved at 13:25:43, on 20.11.2005
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Sygate\SPF\smc.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\Program Files\ltmoh\Ltmoh.exe
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\GlobespanVirata\XPFix.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\D-Tools\daemon.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\WINDOWS\system32\popcorn72.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Messenger\MSMSGS.EXE
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\winstall.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\explorer.exe
    C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
    C:\Documents and Settings\Omistaja\Työpöytä\hijackthis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = C:\WINDOWS\system32\msblank.html
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [XPFix] C:\Program Files\GlobespanVirata\XPFix.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [ControlPanel] C:\WINDOWS\system32\popcorn72.exe rundll.dll,LoadMouseProfile
    O4 - HKLM\..\Run: [hgqhp.exe] C:\WINDOWS\system32\hgqhp.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [Windows installer] C:\winstall.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1126944572597
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Services Client v.3.7) - http://gameadvisor.futuremark.com/global/msc37.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{62FF97BE-3D23-4040-AF36-D06BB5ACFFE3}: NameServer = 85.255.114.107,85.255.112.19
    O17 - HKLM\System\CCS\Services\Tcpip\..\{C3D7AAEF-238A-43C6-AAB0-233EB46CD4F9}: NameServer = 85.255.114.107,85.255.112.19
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
     
  2.  
  3. -kemisti-

    -kemisti- Active member

    Liittynyt:
    06.06.2005
    Viestejä:
    6,305
    Kiitokset:
    0
    Pisteet:
    96
    Fixaa HjT:llä ( do a system scan only, merkkaa ja paina fix checked):

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = C:\WINDOWS\system32\msblank.html
    O4 - HKLM\..\Run: [ControlPanel] C:\WINDOWS\system32\popcorn72.exe rundll.dll,LoadMouseProfile
    O4 - HKLM\..\Run: [hgqhp.exe] C:\WINDOWS\system32\hgqhp.exe
    O4 - HKCU\..\Run: [Windows installer] C:\winstall.exe

    Laita piilotiedostot näkyviin, ohje -> http://keskustelu.afterdawn.com/thread_view.cfm/248944

    Käynnistä vikasietotilaan (F8 käynnistyksen yhteydessä) ja poista:

    C:\WINDOWS\system32\==>popcorn72.exe<==
    C:\WINDOWS\system32\==>hgqhp.exe<==
    C:\==>winstall.exe<==

    Käynnistä uudelleen ja lähetä uusi HjT-loki
     
  4. Topcopy

    Topcopy Member

    Liittynyt:
    10.02.2005
    Viestejä:
    88
    Kiitokset:
    0
    Pisteet:
    16
    Tehty. tässä uus logi

    Logfile of HijackThis v1.99.1
    Scan saved at 14:21:16, on 20.11.2005
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Sygate\SPF\smc.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\Program Files\ltmoh\Ltmoh.exe
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\GlobespanVirata\XPFix.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\D-Tools\daemon.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Messenger\MSMSGS.EXE
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Documents and Settings\Omistaja\Työpöytä\hijackthis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [XPFix] C:\Program Files\GlobespanVirata\XPFix.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1126944572597
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Services Client v.3.7) - http://gameadvisor.futuremark.com/global/msc37.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{62FF97BE-3D23-4040-AF36-D06BB5ACFFE3}: NameServer = 85.255.114.107,85.255.112.19
    O17 - HKLM\System\CCS\Services\Tcpip\..\{C3D7AAEF-238A-43C6-AAB0-233EB46CD4F9}: NameServer = 85.255.114.107,85.255.112.19
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe

     
  5. -kemisti-

    -kemisti- Active member

    Liittynyt:
    06.06.2005
    Viestejä:
    6,305
    Kiitokset:
    0
    Pisteet:
    96
    Loki näyttää ok:lta

    Tiedätkö, mikä tämä ohjelma on -> O4 - HKLM\..\Run: [XPFix] C:\Program Files\GlobespanVirata\XPFix.exe ?

    Jos et, niin tarkista se täällä -> http://virusscan.jotti.org ja lähetä tulokset.

     
  6. Topcopy

    Topcopy Member

    Liittynyt:
    10.02.2005
    Viestejä:
    88
    Kiitokset:
    0
    Pisteet:
    16
    Viimeksi muokattu: 20.11.2005
  7. aaxxeell

    aaxxeell Regular member

    Liittynyt:
    28.07.2005
    Viestejä:
    2,145
    Kiitokset:
    0
    Pisteet:
    46
    Viimeksi muokattu: 20.11.2005
  8. Topcopy

    Topcopy Member

    Liittynyt:
    10.02.2005
    Viestejä:
    88
    Kiitokset:
    0
    Pisteet:
    16
    okei tässä tulee raportti

    ---------------------------------------------------------
    ewido security suite - Scan report
    ---------------------------------------------------------

    + Created on: 11:37:15, 21.11.2005
    + Report-Checksum: 9BDE4DE4

    + Scan result:

    HKLM\SOFTWARE\Classes\CLSID\{2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} -> Spyware.MiniBug : Cleaned with backup
    HKLM\SOFTWARE\Classes\MiniBugTransporter.MiniBugTransporterX\CLSID\\ -> Spyware.MiniBug : Cleaned with backup
    HKLM\SOFTWARE\Classes\MiniBugTransporter.MiniBugTransporterX.1\CLSID\\ -> Spyware.MiniBug : Cleaned with backup
    C:\Documents and Settings\NetworkService\Cookies\omistaja@2o7[2].txt -> Spyware.Cookie.2o7 : Cleaned with backup
    C:\Documents and Settings\NetworkService\Cookies\omistaja@adtech[2].txt -> Spyware.Cookie.Adtech : Cleaned with backup
    C:\Documents and Settings\NetworkService\Cookies\omistaja@advertising[1].txt -> Spyware.Cookie.Advertising : Cleaned with backup
    C:\Documents and Settings\NetworkService\Cookies\omistaja@as-us.falkag[1].txt -> Spyware.Cookie.Falkag : Cleaned with backup
    C:\Documents and Settings\NetworkService\Cookies\omistaja@fastclick[2].txt -> Spyware.Cookie.Fastclick : Cleaned with backup
    C:\Documents and Settings\NetworkService\Cookies\omistaja@servedby.advertising[1].txt -> Spyware.Cookie.Advertising : Cleaned with backup
    C:\Documents and Settings\NetworkService\Cookies\omistaja@tradedoubler[1].txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
    C:\Documents and Settings\NetworkService\Cookies\omistaja@tribalfusion[1].txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
    C:\Documents and Settings\NetworkService\Cookies\omistaja@z1.adserver[1].txt -> Spyware.Cookie.Adserver : Cleaned with backup
    :mozilla.17:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
    :mozilla.18:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
    :mozilla.19:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
    :mozilla.20:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
    :mozilla.21:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
    :mozilla.24:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
    :mozilla.25:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
    :mozilla.29:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
    :mozilla.31:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
    :mozilla.37:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
    :mozilla.38:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Specificclick : Cleaned with backup
    :mozilla.39:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
    :mozilla.40:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
    :mozilla.41:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Specificclick : Cleaned with backup
    :mozilla.42:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
    :mozilla.43:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
    :mozilla.44:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Specificclick : Cleaned with backup
    :mozilla.45:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Specificclick : Cleaned with backup
    :mozilla.46:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Specificclick : Cleaned with backup
    :mozilla.47:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
    :mozilla.48:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
    :mozilla.49:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
    :mozilla.54:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
    :mozilla.59:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
    :mozilla.62:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
    :mozilla.68:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
    :mozilla.69:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
    :mozilla.70:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
    :mozilla.71:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
    :mozilla.72:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
    :mozilla.73:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
    :mozilla.78:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
    :mozilla.79:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
    :mozilla.80:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
    :mozilla.81:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
    :mozilla.82:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
    :mozilla.103:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
    :mozilla.108:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
    :mozilla.109:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
    :mozilla.110:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
    :mozilla.111:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
    :mozilla.112:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
    :mozilla.113:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
    :mozilla.114:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
    :mozilla.115:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
    :mozilla.116:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
    :mozilla.130:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
    :mozilla.131:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
    :mozilla.132:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
    :mozilla.133:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
    :mozilla.134:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
    :mozilla.135:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
    :mozilla.136:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
    :mozilla.137:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
    :mozilla.138:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
    :mozilla.139:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
    :mozilla.140:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
    :mozilla.141:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
    :mozilla.142:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
    :mozilla.143:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
    :mozilla.144:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
    :mozilla.145:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
    :mozilla.146:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
    :mozilla.147:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
    :mozilla.148:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
    :mozilla.149:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
    :mozilla.150:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
    :mozilla.151:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
    :mozilla.152:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
    :mozilla.153:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
    :mozilla.154:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
    :mozilla.155:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
    :mozilla.156:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
    :mozilla.157:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
    :mozilla.158:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
    :mozilla.159:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
    :mozilla.160:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
    :mozilla.161:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
    :mozilla.162:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
    :mozilla.163:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
    :mozilla.164:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
    :mozilla.165:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
    :mozilla.166:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
    :mozilla.167:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
    :mozilla.168:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
    :mozilla.169:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
    :mozilla.170:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
    :mozilla.171:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
    :mozilla.175:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
    :mozilla.176:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
    :mozilla.177:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
    :mozilla.178:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
    :mozilla.188:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Adbrite : Cleaned with backup
    :mozilla.192:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Spylog : Cleaned with backup
    :mozilla.197:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Hotlog : Cleaned with backup
    :mozilla.201:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
    :mozilla.208:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Revenue : Cleaned with backup
    :mozilla.216:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Adtech : Cleaned with backup
    :mozilla.220:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Adtech : Cleaned with backup
    :mozilla.222:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
    :mozilla.224:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Sitestat : Cleaned with backup
    :mozilla.225:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Sitestat : Cleaned with backup
    :mozilla.235:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
    :mozilla.236:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
    :mozilla.237:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
    :mozilla.238:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
    :mozilla.239:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
    :mozilla.240:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
    :mozilla.241:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
    :mozilla.242:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
    :mozilla.243:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
    :mozilla.244:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
    :mozilla.246:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Xxxtoolbar : Cleaned with backup
    :mozilla.253:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
    :mozilla.326:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Adbrite : Cleaned with backup
    :mozilla.340:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Masterstats : Cleaned with backup
    :mozilla.352:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
    :mozilla.353:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
    :mozilla.354:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
    :mozilla.355:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
    :mozilla.356:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
    :mozilla.357:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
    :mozilla.358:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
    :mozilla.366:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
    :mozilla.367:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
    :mozilla.368:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
    :mozilla.369:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
    :mozilla.370:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
    :mozilla.371:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
    :mozilla.372:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
    :mozilla.375:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
    :mozilla.376:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
    :mozilla.377:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
    :mozilla.388:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Adjuggler : Cleaned with backup
    :mozilla.396:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
    :mozilla.400:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
    :mozilla.401:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
    :mozilla.402:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
    :mozilla.403:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
    :mozilla.404:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
    :mozilla.405:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
    :mozilla.406:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
    :mozilla.407:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
    :mozilla.408:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
    :mozilla.409:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
    :mozilla.410:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
    :mozilla.411:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
    :mozilla.412:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
    :mozilla.413:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
    :mozilla.414:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
    :mozilla.415:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
    :mozilla.424:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Valuead : Cleaned with backup
    :mozilla.425:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Valuead : Cleaned with backup
    :mozilla.426:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Valuead : Cleaned with backup
    :mozilla.427:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Valuead : Cleaned with backup
    :mozilla.428:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Bfast : Cleaned with backup
    :mozilla.429:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
    :mozilla.447:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
    :mozilla.453:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
    :mozilla.454:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
    :mozilla.455:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
    :mozilla.456:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
    :mozilla.499:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
    :mozilla.505:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
    :mozilla.506:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
    :mozilla.507:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
    :mozilla.517:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
    :mozilla.528:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
    :mozilla.529:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
    :mozilla.536:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
    :mozilla.539:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
    :mozilla.540:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
    :mozilla.549:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
    :mozilla.551:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
    :mozilla.557:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Targetnet : Cleaned with backup
    :mozilla.572:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
    :mozilla.574:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
    :mozilla.578:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
    :mozilla.582:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Onestat : Cleaned with backup
    :mozilla.583:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Onestat : Cleaned with backup
    :mozilla.584:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Onestat : Cleaned with backup
    :mozilla.585:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Onestat : Cleaned with backup
    :mozilla.586:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Onestat : Cleaned with backup
    :mozilla.587:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Onestat : Cleaned with backup
    :mozilla.588:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Onestat : Cleaned with backup
    :mozilla.616:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
    :mozilla.617:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
    :mozilla.625:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Adviva : Cleaned with backup
    :mozilla.626:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Adviva : Cleaned with backup
    :mozilla.628:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
    :mozilla.629:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
    :mozilla.642:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
    :mozilla.659:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
    :mozilla.672:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Estat : Cleaned with backup
    :mozilla.674:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
    :mozilla.675:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
    :mozilla.676:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
    :mozilla.677:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
    :mozilla.678:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
    :mozilla.679:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
    :mozilla.680:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
    :mozilla.681:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
    :mozilla.692:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Trafic : Cleaned with backup
    :mozilla.724:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Sexlist : Cleaned with backup
    :mozilla.734:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Paycounter : Cleaned with backup
    :mozilla.750:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
    :mozilla.786:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
    :mozilla.787:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
    :mozilla.795:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
    :mozilla.820:C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\s7gqf405.default\cookies.txt -> Spyware.Cookie.Ivwbox : Cleaned with backup
    C:\Documents and Settings\Omistaja\Local Settings\Temporary Internet Files\Content.IE5\0PKB4NKZ\count[1].htm -> TrojanDownloader.Inor.a : Cleaned with backup
    C:\Documents and Settings\Omistaja\Local Settings\Temporary Internet Files\Content.IE5\0PKB4NKZ\grannypictures[1].htm -> TrojanDownloader.Inor.a : Cleaned with backup
    C:\Program Files\SpySheriff -> Spyware.SpySheriff : Cleaned with backup
    C:\Program Files\Trainer Maker Kit\hotkey.dat -> Not-A-Virus.Tool.Game.HotHook : Cleaned with backup
    C:\WINDOWS\system32\dgprpsetup.exe -> TrojanDownloader.Small.bgv : Cleaned with backup
    C:\WINDOWS\system32\H@tKeysH@@k.DLL -> Not-A-Virus.Tool.Game.HotHook : Cleaned with backup
    C:\WINDOWS\system32\hwiper.exe -> Trojan.Qhost.df : Cleaned with backup
    C:\WINDOWS\system32\winctrl32.exe -> Not-A-Virus.Hoax.Renos.s : Cleaned with backup
    C:\WINDOWS\system32\winctrl64.exe -> TrojanDownloader.Small.awa : Cleaned with backup


    ::Report End
     
  9. -kemisti-

    -kemisti- Active member

    Liittynyt:
    06.06.2005
    Viestejä:
    6,305
    Kiitokset:
    0
    Pisteet:
    96
    Ok, smithfraudhan se siellä on/oli.

    Tees näin varoiksi, jos ewido ei saanu kaikkea pois:

    Hae smitrem täältä -> http://noahdfear.geekstogo.com/click counter/click.php?id=1

    Tallenna työpöydälle ja tuplaklikkaa sitä, jolloin se luo smitRem-kansion työpöydälle
    .Käynnistä vikasietotilaan, avaa smitRem-kansio ja tuplaklikkaa
    RunThis.bat. Seuraa ohjeita. Käynnistä kone uudestaan, lähetä uusi HjT-loki ja c:\smitfiles.txt-tiedoston sisältö.


     
  10. Topcopy

    Topcopy Member

    Liittynyt:
    10.02.2005
    Viestejä:
    88
    Kiitokset:
    0
    Pisteet:
    16
    No niin. Nyt vaikuttaa siltä että se virus on lähtenyt :)
    Tässä kuitenkin logit


    smitRem © log file
    version 2.7

    by noahdfear


    Microsoft Windows XP [versio 5.1.2600]

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    checking for ShudderLTD key

    ShudderLTD key not present!

    checking for PSGuard.com key


    PSGuard.com key not present!

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    Existing Pre-run Files


    ~~~ Program Files ~~~



    ~~~ Shortcuts ~~~

    Install.dat


    ~~~ Favorites ~~~



    ~~~ system32 folder ~~~



    ~~~ Icons in System32 ~~~



    ~~~ Windows directory ~~~

    desktop.html


    ~~~ Drive root ~~~


    ~~~ Miscellaneous Files/folders ~~~




    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



    Remaining Post-run Files


    ~~~ Program Files ~~~



    ~~~ Shortcuts ~~~



    ~~~ Favorites ~~~



    ~~~ system32 folder ~~~



    ~~~ Icons in System32 ~~~



    ~~~ Windows directory ~~~



    ~~~ Drive root ~~~



    ~~~ Miscellaneous Files/folders ~~~




    ~~~ Wininet.dll ~~~

    CLEAN! :)



    Logfile of HijackThis v1.99.1
    Scan saved at 12:48:12, on 21.11.2005
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Sygate\SPF\smc.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\Program Files\ewido\security suite\ewidoctrl.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\Program Files\ltmoh\Ltmoh.exe
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\GlobespanVirata\XPFix.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\D-Tools\daemon.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Messenger\MSMSGS.EXE
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
    C:\Documents and Settings\Omistaja\Työpöytä\hijackthis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [XPFix] C:\Program Files\GlobespanVirata\XPFix.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1126944572597
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/xscan53.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
    O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Services Client v.3.7) - http://gameadvisor.futuremark.com/global/msc37.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{62FF97BE-3D23-4040-AF36-D06BB5ACFFE3}: NameServer = 85.255.114.107,85.255.112.19
    O17 - HKLM\System\CCS\Services\Tcpip\..\{C3D7AAEF-238A-43C6-AAB0-233EB46CD4F9}: NameServer = 85.255.114.107,85.255.112.19
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
    O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
    O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe

    Kiitos kun jaksoitte auttaa vähän!
     
  11. -kemisti-

    -kemisti- Active member

    Liittynyt:
    06.06.2005
    Viestejä:
    6,305
    Kiitokset:
    0
    Pisteet:
    96
    Itse asiassa se ei ollu lähtenyt kokonaan ennen tota smitremiä, koska siellä oli nämä:

    Install.dat
    desktop.html

    Mutta joo, kunnossa on nyt :)
     
  12. Zipp2

    Zipp2 Regular member

    Liittynyt:
    30.09.2005
    Viestejä:
    376
    Kiitokset:
    0
    Pisteet:
    26
    Merkkaa ja Fix:saa vielä nuo

    O17 - HKLM\System\CCS\Services\Tcpip\..\{62FF97BE-3D23-4040-AF36-D06BB5ACFFE3}: NameServer = 85.255.114.107,85.255.112.19
    O17 - HKLM\System\CCS\Services\Tcpip\..\{C3D7AAEF-238A-43C6-AAB0-233EB46CD4F9}: NameServer = 85.255.114.107,85.255.112.19

    Sitte voit varalta scannat koneen tolla

    http://www.f-secure.com/blacklight/

    jos jotain löytyy,niin pistä sen logi.
     

Jaa tämä sivu