Hjt lokin vois tarkistaa

Viestiketju Virukset ja haittaohjelmat - HijackThis -logit -osiossa. Ketjun avasi keetu 04.08.2006.

Viestiketjun tila:
Viestiketju on suljettu.
  1. keetu

    keetu Member

    Liittynyt:
    21.03.2006
    Viestejä:
    45
    Kiitokset:
    0
    Pisteet:
    16
    jos joku viittii

    Logfile of HijackThis v1.99.1
    Scan saved at 20:55:27, on 4.8.2006
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\Asus\WLAN Card Utilities\Center.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\Program Files\Common Files\Ulead Systems\DVD\USISrv.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
    C:\WINDOWS\System32\ctfmon.exe
    C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
    C:\WINDOWS\system32\RAMASST.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\Program Files\Logitech\MouseWare\system\em_exec.exe
    C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    C:\WINDOWS\System32\DVDRAMSV.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
    C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\WINDOWS\System32\zsdhla.exe
    C:\Documents and Settings\Keetu\Työpöytä\HijackThis_v1.99.1.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.googel.fi/
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ycomp_wave/defaults/su/*http://www.yahoo.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.google.fi/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 209.128.101.236:8080
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: (no name) - {20929603-21DB-477C-BA6F-0B8E70B3C8A0} - (no file)
    F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
    O1 - Hosts: 216.130.185.143 www.xzoomy.com
    O1 - Hosts: 216.130.185.143 xzoomy.com
    O1 - Hosts: 216.130.185.143 www.advnt01.com
    O1 - Hosts: 216.130.185.143 advnt01.com
    O1 - Hosts: 216.130.185.143 www.xzoomy.com
    O1 - Hosts: 216.130.185.143 xzoomy.com
    O1 - Hosts: 216.130.185.143 www.advnt01.com
    O1 - Hosts: 216.130.185.143 advnt01.com
    O1 - Hosts: 216.130.185.143 www.xzoomy.com
    O1 - Hosts: 216.130.185.143 xzoomy.com
    O1 - Hosts: 216.130.185.143 www.advnt01.com
    O1 - Hosts: 216.130.185.143 advnt01.com
    O1 - Hosts: 216.130.185.143 www.xzoomy.com
    O1 - Hosts: 216.130.185.143 xzoomy.com
    O1 - Hosts: 216.130.185.143 www.advnt01.com
    O1 - Hosts: 216.130.185.143 advnt01.com
    O1 - Hosts: 216.130.185.143 www.xzoomy.com
    O1 - Hosts: 216.130.185.143 xzoomy.com
    O1 - Hosts: 216.130.185.143 www.advnt01.com
    O1 - Hosts: 216.130.185.143 advnt01.com
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [Control Center] C:\Program Files\Asus\WLAN Card Utilities\Center.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [RebateNation0] "C:\Program Files\Rebate_Nation\RebateNation0.exe"
    O4 - HKLM\..\Run: [USIUDF_Eject_Monitor] C:\Program Files\Common Files\Ulead Systems\DVD\USISrv.exe
    O4 - HKLM\..\Run: [Desktop Search] C:\WINDOWS\isrvs\desktop.exe
    O4 - HKLM\..\Run: [ffis] C:\WINDOWS\isrvs\ffisearch.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
    O4 - HKLM\..\Run: [tvs_b] C:\program files\tvs\tvs_b.exe
    O4 - HKLM\..\Run: [Sysnet] C:\Documents and Settings\Keetu\snuninst.exe
    O4 - HKLM\..\Run: [Service Host] C:\WINDOWS\System32\Services\{462012C2-9DA6-4636-A7F7-FB0E98228C18}\SVCHOST.EXE
    O4 - HKLM\..\Run: [buiL] C:\WINDOWS\nuofrw.exe
    O4 - HKLM\..\Run: [nejwvwht] c:\windows\system32\nejwvwht.exe
    O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [Dinst] C:\WINDOWS\dinst.exe
    O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe -CheckReg
    O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
    O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [tzsjlb] C:\WINDOWS\System32\zsdhla.exe r
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
    O4 - HKCU\..\Run: [Steam] E:\Games\\Steam.exe -silent
    O4 - HKCU\..\Run: [fufz] C:\PROGRA~1\COMMON~1\fufz\fufzm.exe
    O4 - HKCU\..\Run: [wupd] C:\WINDOWS\System32\symcsvc.exe
    O4 - HKCU\..\Run: [ares] "F:\P2P\Ares\Ares.exe" -h
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [1587a481.exe] C:\Documents and Settings\Keetu\Local Settings\Application Data\1587a481.exe
    O4 - Startup: Cold Blooded Sampler.lnk = D:\SAMPLERS\CBLOODED\COLDDEMO.EXE
    O4 - Startup: Complete Waste of Time Sampler.lnk = D:\SAMPLERS\PYTHON\PYTHON.EXE
    O4 - Startup: Dominion Sampler.lnk = D:\SAMPLERS\DOMINION\SCRNDEMO.EXE
    O4 - Startup: Holy Grail Sampler.lnk = D:\SAMPLERS\GRAIL\GRLDEMO.EXE
    O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
    O4 - Global Startup: BlueSoleil.lnk = ?
    O4 - Global Startup: Microsoft Office.lnk = C:\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
    O4 - Global Startup: SATARaid.lnk = ?
    O8 - Extra context menu item: Rebate Nation - file://C:\Program Files\Rebate_Nation\Sy5300\Tp5300\scri5300a.htm
    O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O16 - DPF: RaptisoftGameLoader - http://www.miniclip.com/hamsterball/raptisoftgameloader.cab
    O16 - DPF: {07E9CDF4-20D2-46B1-B681-663968F527CE} - http://www.begin2search.com/toolbar/winb2s32.cab
    O16 - DPF: {4418DD4D-7265-4C32-BC0A-3FDB3C2DA938} (Protecter Class) - http://www.slotchbar.com/ist/softwares/v4.0/protect_regular.cab
    O16 - DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} (AxisMediaControl Class) - http://212.147.17.64/activex/AMC.cab
    O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://81.86.67.122:1060/activex/AxisCamControl.cab
    O16 - DPF: {97B79133-88F0-45F0-8D57-0F2EF27D9C66} - http://85.255.114.166/1/rdgFI2404.exe
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
    O16 - DPF: {B3E0F81F-73F8-470B-A56B-D895EFF19260} (ATLF3D Class) - http://www.famous3d.com/viewer/latest/axf3d.cab
    O16 - DPF: {D7BF3304-138B-4DD5-86EE-491BB6A2286C} - http://www.azebar.com/install/azesearch3.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{9C93F44B-7AF7-4FEC-BCA4-6587C85E807D}: NameServer = 193.229.0.40,193.229.0.42
    O17 - HKLM\System\CCS\Services\Tcpip\..\{B02D8A4A-0F82-41CF-A118-0CD792EDB346}: NameServer = 212.63.28.18
    O17 - HKLM\System\CCS\Services\Tcpip\..\{B6CD237B-B36E-484B-A4B8-5352A16BC09C}: NameServer = 193.229.0.40,193.229.0.42
    O20 - Winlogon Notify: Reliability - C:\WINDOWS\system32\gp4ol3h31.dll (file missing)
    O20 - Winlogon Notify: winexz32 - winexz32.dll (file missing)
    O21 - SSODL: System - {68558125-A88E-4C8D-B5AE-282360916905} - vr_sys.dll (file missing)
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\System32\DVDRAMSV.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: MSSQL$PINNACLESYS - Unknown owner - C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe" -sPINNACLESYS (file missing)
    O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
    O23 - Service: SQLAgent$PINNACLESYS - Unknown owner - C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE" -i PINNACLESYS (file missing)
    O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
    O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
    O23 - Service: System Startup Service (SvcProc) - Unknown owner - c:\windows\SvcProc.exe
    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
     
    Viimeksi muokattu: 05.08.2006
  2.  
  3. Jannejt

    Jannejt Moderator Ylläpitäjä

    Liittynyt:
    10.02.2005
    Viestejä:
    5,045
    Kiitokset:
    6
    Pisteet:
    118
    oletkos jo huomannut tämän viereisen, hjt -loki alueen :)
    siirretty
     
  4. keetu

    keetu Member

    Liittynyt:
    21.03.2006
    Viestejä:
    45
    Kiitokset:
    0
    Pisteet:
    16
    höh eks täällä nyt sit enää kukaa tarkista näitä lokeja kun on moderattorit ja nää jotka jutut osaa alkaneet tapella ja riehua??? :/
     
  5. jusunakki

    jusunakki Regular member

    Liittynyt:
    10.12.2004
    Viestejä:
    1,254
    Kiitokset:
    0
    Pisteet:
    46
    no oot odottanut fixausta kunnioitettavat 12 minuuttia että näyttää siltä että ne on totaalisesti lakossa eiksnii??? :p
     
  6. Evitaerg

    Evitaerg Member

    Liittynyt:
    04.08.2006
    Viestejä:
    49
    Kiitokset:
    0
    Pisteet:
    16
    En oo yhtään varma mutta toi kohta

    **edit by Jannejt, jätetään fiksailut fiksaajille jos et ole varma niin ... tässäkin oli esim. javan tiedostoja yritetty fiksata, joten väärin fiksauksen varalta edit ;)**

    näyttää fixattavalta
     
    Viimeksi muokattu: 05.08.2006
  7. spertti

    spertti Active member

    Liittynyt:
    01.06.2005
    Viestejä:
    1,222
    Kiitokset:
    0
    Pisteet:
    66
    Vieläköhän tätä osaisi tulkita =) Olen kuitenkin muutaman kuukauden tainnut olla kokonaan fixailematta näitä lokeja.

    [bold]ensin siirrä HjT omaan kansioonsa C:n juureen. ( C:\HjT\ ) [/bold]

    Poista lisää/poista sovelluksella jos löytyy:

    [bold]Desktop Search[/bold] tai jotain sinne päin
    [bold]WebRebates[/bold] tjms
    [bold]iSearch[/bold] tjms
    [bold]BroadcastPC[/bold]
    [bold]System Networking[/bold] tjms
    [bold]Service Host[/bold] tjms

    Fixaa HjT:lla seuraavat rivit.

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.googel.fi/
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ycomp_wave/defaults/su/...
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 209.128.101.236:8080
    R3 - URLSearchHook: (no name) - {20929603-21DB-477C-BA6F-0B8E70B3C8A0} - (no file)
    F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
    O1 - Hosts: 216.130.185.143 www.xzoomy.com
    O1 - Hosts: 216.130.185.143 xzoomy.com
    O1 - Hosts: 216.130.185.143 www.advnt01.com
    O1 - Hosts: 216.130.185.143 advnt01.com
    O1 - Hosts: 216.130.185.143 www.xzoomy.com
    O1 - Hosts: 216.130.185.143 xzoomy.com
    O1 - Hosts: 216.130.185.143 www.advnt01.com
    O1 - Hosts: 216.130.185.143 advnt01.com
    O1 - Hosts: 216.130.185.143 www.xzoomy.com
    O1 - Hosts: 216.130.185.143 xzoomy.com
    O1 - Hosts: 216.130.185.143 www.advnt01.com
    O1 - Hosts: 216.130.185.143 advnt01.com
    O1 - Hosts: 216.130.185.143 www.xzoomy.com
    O1 - Hosts: 216.130.185.143 xzoomy.com
    O1 - Hosts: 216.130.185.143 www.advnt01.com
    O1 - Hosts: 216.130.185.143 advnt01.com
    O1 - Hosts: 216.130.185.143 www.xzoomy.com
    O1 - Hosts: 216.130.185.143 xzoomy.com
    O1 - Hosts: 216.130.185.143 www.advnt01.com
    O1 - Hosts: 216.130.185.143 advnt01.com
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
    O4 - HKLM\..\Run: [RebateNation0] "C:\Program Files\Rebate_Nation\RebateNation0.exe"
    O4 - HKLM\..\Run: [Desktop Search] C:\WINDOWS\isrvs\desktop.exe
    O4 - HKLM\..\Run: [ffis] C:\WINDOWS\isrvs\ffisearch.exe
    O4 - HKLM\..\Run: [tvs_b] C:\program files\tvs\tvs_b.exe
    O4 - HKLM\..\Run: [Sysnet] C:\Documents and Settings\Keetu\snuninst.exe
    O4 - HKLM\..\Run: [Service Host] C:\WINDOWS\System32\Services\{462012C2-9DA6-4636-A7F7-FB0E98228C18}\SVCHOST.EXE
    O4 - HKLM\..\Run: [buiL] C:\WINDOWS\nuofrw.exe
    O4 - HKLM\..\Run: [nejwvwht] c:\windows\system32\nejwvwht.exe
    O4 - HKLM\..\Run: [Dinst] C:\WINDOWS\dinst.exe
    O4 - HKLM\..\Run: [tzsjlb] C:\WINDOWS\System32\zsdhla.exe r
    O4 - HKCU\..\Run: [fufz] C:\PROGRA~1\COMMON~1\fufz\fufzm.exe
    O4 - HKCU\..\Run: [wupd] C:\WINDOWS\System32\symcsvc.exe
    O4 - HKCU\..\Run: [1587a481.exe] C:\Documents and Settings\Niklas\Local Settings\Application Data\1587a481.exe
    O8 - Extra context menu item: Rebate Nation - file://C:\Program Files\Rebate_Nation\Sy5300\Tp5300\scri5300a.htm
    O16 - DPF: {07E9CDF4-20D2-46B1-B681-663968F527CE} - http://www.begin2search.com/toolbar/winb2s32.cab
    O16 - DPF: {4418DD4D-7265-4C32-BC0A-3FDB3C2DA938} (Protecter Class) - http://www.slotchbar.com/ist/softwares/v4.0/protect_regular.cab
    O16 - DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} (AxisMediaControl Class) -
    O16 - DPF: {97B79133-88F0-45F0-8D57-0F2EF27D9C66} - http://85.255.114.166/1/rdgFI2404.exe
    O16 - DPF: {B3E0F81F-73F8-470B-A56B-D895EFF19260} (ATLF3D Class) - http://www.famous3d.com/viewer/latest/axf3d.cab
    O16 - DPF: {D7BF3304-138B-4DD5-86EE-491BB6A2286C} - http://www.azebar.com/install/azesearch3.cab
    O20 - Winlogon Notify: Reliability - C:\WINDOWS\system32\gp4ol3h31.dll (file missing)
    O20 - Winlogon Notify: winexz32 - winexz32.dll (file missing)
    O21 - SSODL: System - {68558125-A88E-4C8D-B5AE-282360916905} - vr_sys.dll (file missing)
    O23 - Service: System Startup Service (SvcProc) - Unknown owner - c:\windows\SvcProc.exe

    Sitten käynnistä -> suorita
    kirjoita sc stop SvcProc ja klikkaa ok
    sitten sc delete SvcProc ja klikkaa ok

    Käynnistä vikasietotilaan ( F8 käynnistyksen yhteydessä ), ja laita piilotiedostot näkyviin.
    Poista seuraavat tiedostot, ja kansiot jos löytyy:

    C:\WINDOWS\[bold]Nail.exe[/bold]
    C:\Program Files\[bold]Rebate_Nation\[/bold]
    C:\WINDOWS\[bold]isrvs\[/bold]
    C:\program files\[bold]tvs\[/bold]
    C:\Documents and Settings\Keetu\[bold]snuninst.exe[/bold]
    C:\WINDOWS\System32\Services\{462012C2-9DA6-4636-A7F7-FB0E98228C18}\[bold]SVCHOST.EXE[/bold]
    C:\WINDOWS\[bold]nuofrw.exe[/bold]
    c:\windows\system32\[bold]nejwvwht.exe[/bold]
    C:\WINDOWS\[bold]dinst.exe[/bold]
    C:\WINDOWS\System32\[bold]zsdhla.exe[/bold]
    C:\PROGRA~1\COMMON~1\[bold]fufz\[/bold]
    C:\WINDOWS\System32\[bold]symcsvc.exe[/bold]
    C:\Documents and Settings\Niklas\Local Settings\Application Data\[bold]1587a481.exe[/bold]
    C:\WINDOWS\system32\[bold]gp4ol3h31.dll[/bold]

    Käynnistä normaalitilaan

    Ja tässä koetetaan poistaa tuo Nail/Poller mikä koneellasi myllertää. Olen tosiaan viimeksi tämän fixin ajattanut useampi kuukausi takaperin, joten katellaan toimiiko se vielä yhtä hyvin, vai onko viruksenkirjoittajat ottaneet tästä niskalenkin =)


    Hae nailfix täältä http://www.noidea.us/easyfile/file.php?download=20050515010747824
    Pura se työpöydälle
    tuplaklikkaa sitä nailfix.cmd, ja anna sen tehdä hommansa.

    Hae Ewido http://www.download.fi/tyopoytaohjelmat/haittaohjelmien_poisto/ewido_anti-malware.cfm
    päivitä se, ja skannaa koko kone läpi. Tallenna raportti.

    Lähetä uusi HjT-loki, ja Ewidon raportti. Joskos se olisi jo hieman parantunut tästä...


    EDIT:
    Itse olisit välttänyt melko varmasti nämä mörköt, jos olisti viitsinyt, nimittäin [bold]PÄIVITTÄÄ WINDOWSIN[/bold]
    Miten helvetissä voi jollain olla vieläkin serice pack 2 asentamatta? Tuon mukana tulee kuitenkin todella paljon suojauspäivityksiä, joilla on paikattu lukuisia haavoittuvuuksia. Sen jälkeen kun koneesi on saatu puhdistettua, niin menet kyllä ensimmäisenä Windows updateen!
     
    Viimeksi muokattu: 05.08.2006
  8. keetu

    keetu Member

    Liittynyt:
    21.03.2006
    Viestejä:
    45
    Kiitokset:
    0
    Pisteet:
    16
    jooh. koitin päivittää tota sp kakkosta mutta eipä onnaa. windows update sanoo: [Virheen numero: 0x8024D00C]
    Sivu ei näy sivustossa tapahtuneen virheen vuoksi. Seuraavat vaihtoehdot voivat auttaa sinua ratkaisemaan ongelman:

    Laitoi googlee ton virhenumeron ja sieltä löyty enkuks että pitää laittaa suorita juttuun services.msc. no mä laitoi ja aukes Palvelut valikko. sitten käskettiin vaan tarkastaa et "salauspalvelut" hommassa pitää olla valittuna että se on automaattinen. mukkun se oli automaattinen! mitä pitäs tehä?
     
  9. tomato71

    tomato71 Regular member

    Liittynyt:
    30.04.2006
    Viestejä:
    1,151
    Kiitokset:
    0
    Pisteet:
    46
    Jep... eli salauspalvelu pitää olla automaattisella ja sitten pitää myös varmistaa että se on käynnissä .Eli jos ei ole käynnissä niin klikkaa sen päältä ja sitten käynnistä,eli siitä samasta paikasta mistä varmistit että se on automaattisella
     
    Viimeksi muokattu: 05.08.2006
  10. spertti

    spertti Active member

    Liittynyt:
    01.06.2005
    Viestejä:
    1,222
    Kiitokset:
    0
    Pisteet:
    66
    Teepä nyt kuitenkin ensin nuo jutut mitkä neuvoin edellisessä viestissäni. Joku noista madoistakin saattaa estää tuon päivittämisen.
     
  11. keetu

    keetu Member

    Liittynyt:
    21.03.2006
    Viestejä:
    45
    Kiitokset:
    0
    Pisteet:
    16
    joo, fiksasin noi hjtlläj menin siihen vikasietotilaan poistta noita

    C:\WINDOWS\Nail.exe
    C:\Program Files\Rebate_Nation\
    C:\WINDOWS\isrvs\
    C:\program files\tvs\
    C:\Documents and Settings\Keetu\snuninst.exe
    C:\WINDOWS\System32\Services\{462012C2-9DA6-4636-A7F7-FB0E98228C18}\SVCHOST.EXE
    C:\WINDOWS\nuofrw.exe
    c:\windows\system32\nejwvwht.exe
    C:\WINDOWS\dinst.exe
    C:\WINDOWS\System32\zsdhla.exe
    C:\PROGRA~1\COMMON~1\fufz\
    C:\WINDOWS\System32\symcsvc.exe
    C:\Documents and Settings\Keetu\Local Settings\Application Data\1587a481.exe
    C:\WINDOWS\system32\gp4ol3h31.dll

    mutta en löytäny noista puoliakaan??? ja tuo Nail ei poistunu. kun laitto alta ja delete ja ok niin se ilmesty siihen sekunnin päästä uudelleen????

    nyt on kuitenkin toi ewido tossa skannaamas

     
  12. spertti

    spertti Active member

    Liittynyt:
    01.06.2005
    Viestejä:
    1,222
    Kiitokset:
    0
    Pisteet:
    66
    Tuo Nail lähteekin toivottavasti sillä nailfixillä =). Laita sitten uudet lokit, ja se Ewidon raportti kun olet kaiken saanut tehtyä
     
  13. keetu

    keetu Member

    Liittynyt:
    21.03.2006
    Viestejä:
    45
    Kiitokset:
    0
    Pisteet:
    16
    no niin se ewido skannas ja mää laitoin ok ja se sitten korjas ne. tossa on loki

    ---------------------------------------------------------
    ewido anti-spyware - Scan Report
    ---------------------------------------------------------

    + Created at: 17:39:01 5.8.2006

    + Scan result:



    C:\Program Files\TBONAS\TBONcomp.dll -> Adware.ActivShopper : No action taken.
    HKU\S-1-5-21-606747145-688789844-725345543-1003\Software\aurora -> Adware.BetterInternet : No action taken.
    HKLM\SOFTWARE\BPT -> Adware.BroadCastPC : No action taken.
    HKLM\SOFTWARE\BPT\132.zip -> Adware.BroadCastPC : No action taken.
    HKLM\SOFTWARE\BPT\133.zip -> Adware.BroadCastPC : No action taken.
    HKLM\SOFTWARE\BPT\134.zip -> Adware.BroadCastPC : No action taken.
    HKLM\SOFTWARE\BPT\27.exe -> Adware.BroadCastPC : No action taken.
    HKLM\SOFTWARE\BPT\28.exe -> Adware.BroadCastPC : No action taken.
    HKLM\SOFTWARE\BPT\64.exe -> Adware.BroadCastPC : No action taken.
    HKLM\SOFTWARE\DInstaller2 -> Adware.BroadCastPC : No action taken.
    HKLM\SOFTWARE\Microsoft\Netstat -> Adware.Ezula : No action taken.
    HKLM\SOFTWARE\Classes\CLSID\{5EDB03AF-0341-4e96-9E9B-3171522E4BAF} -> Adware.FlashEnhancer : No action taken.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ISTbarISTbar -> Adware.HotBar : No action taken.
    C:\WINDOWS\isrvs\isearch.xpi/chrome/isearch.jar/content/isearch/isearch.js -> Adware.ISearch : No action taken.
    HKLM\SYSTEM\CurrentControlSet\Services\delprot -> Adware.iSearch : No action taken.
    HKLM\SYSTEM\CurrentControlSet\Services\delprot\Enum -> Adware.iSearch : No action taken.
    HKLM\SYSTEM\CurrentControlSet\Services\delprot\Security -> Adware.iSearch : No action taken.
    HKLM\SOFTWARE\IST -> Adware.ISTBar : No action taken.
    HKLM\SOFTWARE\PerfectNav -> Adware.KeenValue : No action taken.
    C:\WINDOWS\system32\LLCML13n.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\OaenAL32.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\REOCURS.DLL -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\SCtrmZHC.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\SDtrmSV.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\SEtrmDA.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\SEtrmES.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\SFtrmDE.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\SGtrmSL.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\SHCplKO.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\SItrmPL.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\SMtrmCS.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\SOtrmPL.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\SPCplNO.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\SQtrmSV.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\SUtrmTR.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\TtnLib4.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\ahi3d1ag.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\arioglxx.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\arkctrs.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\axpmgr.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\ayicap32.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\azpmgr.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\bItt.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\bdtsprx2.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\blowser.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\bttsprx2.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\cJpesnpn.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\czmaddin.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\czmcat.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\d80mlid1180.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\da8vb.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\dcgest.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\dicpmon.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\diound3d.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\dn0s01d7e.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\dnns0157e.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\dnp0017me.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\dnvoice.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\dvcpsapi.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\dvu10.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\enl0l13m1.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\f60olgd3160.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\f62m0gf1e62.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\feapsvid.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\fp0u03d9e.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\fp4803hue.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\fp4o03h3e.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\fpls0337e.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\g4400ehmeh4a0.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\g8400ihme84a0.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\gatuname.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\ghi32.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\gppul3791.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\h6j40g1qe6.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\hPghkdf.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\hedserv.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\hjetcfg.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\hr4005hme.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\hr8m05l1e.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\hretwiz.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\hrp2057oe.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\iesso.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\ikmontr.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\ir22l5fo1.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\ir60l5jm1.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\iuxwan.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\jLvaprxy.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\jrj0251mg.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\jt6m07j1e.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\jtp4077qe.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\k2lq0c35ef.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\kgdusr.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\kidhu1.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\kidus.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\kqdhe319.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\kqdsf.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\kqduzb.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\l4n40e5qeh.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\l6r00g9me6.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\l8n4li5q18.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\l8r0li9m18.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\lv6409jqe.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\lv8609lse.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\m246lchs1f46.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\m4820eloehqc0.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\mawmdmsp.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\mbrd2x40.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\mfjet40.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\mgisam11.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\mic40.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\mjprivs.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\motrig.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\mthgrcoi.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\mv6ml9j11.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\mvl_qic.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\mwperf.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\mxdrv.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\mxjet40.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\o484lelq1hqe.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\obecli.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\ote2nls.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\p88q0il5e8q.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\pZqsp.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\pfchdprf.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\pfnppagn.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\q886lils18q6.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\qrartz.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\r8p8li7u18.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\r8r60i9se8.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\rXsman.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\s4rs0e97eh.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\s6880glue6q80.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\sdc.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\sgi_ci.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\sii_ci.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\smi_ci.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\smrrnfi.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\sncpack.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\sotrmenu.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\sqs.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\swnsapi.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\twflog.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\ujerenv.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\umib.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\uoandlg.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\vnr.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\vxrsion.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\wgn32spl.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\wnnbrand.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system32\wrhip6.dll -> Adware.Look2Me : No action taken.
    C:\WINDOWS\system\UpdInst.exe -> Adware.Look2Me : No action taken.
    C:\WINDOWS\NDNuninstall6_38.exe -> Adware.NewDotNet : No action taken.
    C:\WINDOWS\NDNuninstall6_98.exe -> Adware.NewDotNet : No action taken.
    C:\WINDOWS\NDNuninstall7_14.exe -> Adware.NewDotNet : No action taken.
    C:\WINDOWS\system32\70tovmto.ini -> Adware.Sahat : No action taken.
    C:\Program Files\SurfAccuracy -> Adware.SurfAccuracy : No action taken.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\ins -> Adware.WebRebates : No action taken.
    C:\WINDOWS\system32\ld100.tmp -> Downloader.Zlob.vd : No action taken.
    C:\WINDOWS\system32\regperf.exe -> Downloader.Zlob.vd : No action taken.
    C:\RECYCLER\S-1-5-18\Dc1.exe -> Hijacker.Small.hy : No action taken.
    C:\Documents and Settings\Keetu\Cookies\keetu@bestoffersnetworks[2].txt -> TrackingCookie.Bestoffersnetworks : No action taken.
    C:\Documents and Settings\Keetu\Cookies\keetu@cliks[2].txt -> TrackingCookie.Cliks : No action taken.
    C:\WINDOWS\system32\winexz32.txt -> Trojan.Agent.vg : No action taken.


    ::Report end



    ja tässä on hjteen uusi loki:

    Logfile of HijackThis v1.99.1
    Scan saved at 18:00:49, on 5.8.2006
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
    C:\Program Files\Asus\WLAN Card Utilities\Center.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\Program Files\Common Files\Ulead Systems\DVD\USISrv.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
    C:\WINDOWS\System32\ctfmon.exe
    C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
    C:\WINDOWS\system32\RAMASST.exe
    C:\Program Files\Logitech\MouseWare\system\em_exec.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    C:\WINDOWS\System32\DVDRAMSV.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
    C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\Opera\Opera.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\ewido anti-spyware 4.0\guard.exe
    C:\Program Files\HJT\HijackThis_v1.99.1.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [Control Center] C:\Program Files\Asus\WLAN Card Utilities\Center.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [USIUDF_Eject_Monitor] C:\Program Files\Common Files\Ulead Systems\DVD\USISrv.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
    O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe -CheckReg
    O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
    O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
    O4 - HKCU\..\Run: [ares] "F:\P2P\Ares\Ares.exe" -h
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - Startup: Cold Blooded Sampler.lnk = D:\SAMPLERS\CBLOODED\COLDDEMO.EXE
    O4 - Startup: Complete Waste of Time Sampler.lnk = D:\SAMPLERS\PYTHON\PYTHON.EXE
    O4 - Startup: Dominion Sampler.lnk = D:\SAMPLERS\DOMINION\SCRNDEMO.EXE
    O4 - Startup: Holy Grail Sampler.lnk = D:\SAMPLERS\GRAIL\GRLDEMO.EXE
    O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
    O4 - Global Startup: BlueSoleil.lnk = ?
    O4 - Global Startup: Microsoft Office.lnk = C:\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
    O4 - Global Startup: SATARaid.lnk = ?
    O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O16 - DPF: RaptisoftGameLoader - http://www.miniclip.com/hamsterball/raptisoftgameloader.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1154744813578
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1154744903687
    O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://81.86.67.122:1060/activex/AxisCamControl.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{9C93F44B-7AF7-4FEC-BCA4-6587C85E807D}: NameServer = 193.229.0.40,193.229.0.42
    O17 - HKLM\System\CCS\Services\Tcpip\..\{B02D8A4A-0F82-41CF-A118-0CD792EDB346}: NameServer = 212.63.28.18
    O17 - HKLM\System\CCS\Services\Tcpip\..\{B6CD237B-B36E-484B-A4B8-5352A16BC09C}: NameServer = 193.229.0.40,193.229.0.42
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\System32\DVDRAMSV.exe
    O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: MSSQL$PINNACLESYS - Unknown owner - C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe" -sPINNACLESYS (file missing)
    O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
    O23 - Service: SQLAgent$PINNACLESYS - Unknown owner - C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE" -i PINNACLESYS (file missing)
    O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
    O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
     
  14. aaxxeell

    aaxxeell Regular member

    Liittynyt:
    28.07.2005
    Viestejä:
    2,145
    Kiitokset:
    0
    Pisteet:
    46
  15. keetu

    keetu Member

    Liittynyt:
    21.03.2006
    Viestejä:
    45
    Kiitokset:
    0
    Pisteet:
    16
    no laitan nyt uudet

    ---------------------------------------------------------
    ewido anti-spyware - Scan Report
    ---------------------------------------------------------

    + Created at: 19:00:04 5.8.2006

    + Scan result:



    HKU\S-1-5-21-606747145-688789844-725345543-1003\Software\aurora -> Adware.BetterInternet : Cleaned with backup (quarantined).


    ::Report end



    ja hjtee

    Logfile of HijackThis v1.99.1
    Scan saved at 19:01:26, on 5.8.2006
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\Asus\WLAN Card Utilities\Center.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\Program Files\Common Files\Ulead Systems\DVD\USISrv.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
    C:\WINDOWS\System32\ctfmon.exe
    C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
    C:\WINDOWS\system32\RAMASST.exe
    C:\Program Files\Logitech\MouseWare\system\em_exec.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    C:\WINDOWS\System32\DVDRAMSV.exe
    C:\Program Files\ewido anti-spyware 4.0\guard.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
    C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\Opera\Opera.exe
    C:\Program Files\HJT\HijackThis_v1.99.1.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [Control Center] C:\Program Files\Asus\WLAN Card Utilities\Center.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [USIUDF_Eject_Monitor] C:\Program Files\Common Files\Ulead Systems\DVD\USISrv.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
    O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe -CheckReg
    O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
    O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
    O4 - HKCU\..\Run: [ares] "F:\P2P\Ares\Ares.exe" -h
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - Startup: Cold Blooded Sampler.lnk = D:\SAMPLERS\CBLOODED\COLDDEMO.EXE
    O4 - Startup: Complete Waste of Time Sampler.lnk = D:\SAMPLERS\PYTHON\PYTHON.EXE
    O4 - Startup: Dominion Sampler.lnk = D:\SAMPLERS\DOMINION\SCRNDEMO.EXE
    O4 - Startup: Holy Grail Sampler.lnk = D:\SAMPLERS\GRAIL\GRLDEMO.EXE
    O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
    O4 - Global Startup: BlueSoleil.lnk = ?
    O4 - Global Startup: Microsoft Office.lnk = C:\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
    O4 - Global Startup: SATARaid.lnk = ?
    O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O16 - DPF: RaptisoftGameLoader - http://www.miniclip.com/hamsterball/raptisoftgameloader.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1154744813578
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1154744903687
    O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://81.86.67.122:1060/activex/AxisCamControl.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{9C93F44B-7AF7-4FEC-BCA4-6587C85E807D}: NameServer = 193.229.0.40,193.229.0.42
    O17 - HKLM\System\CCS\Services\Tcpip\..\{B02D8A4A-0F82-41CF-A118-0CD792EDB346}: NameServer = 212.63.28.18
    O17 - HKLM\System\CCS\Services\Tcpip\..\{B6CD237B-B36E-484B-A4B8-5352A16BC09C}: NameServer = 193.229.0.40,193.229.0.42
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\System32\DVDRAMSV.exe
    O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: MSSQL$PINNACLESYS - Unknown owner - C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe" -sPINNACLESYS (file missing)
    O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
    O23 - Service: SQLAgent$PINNACLESYS - Unknown owner - C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE" -i PINNACLESYS (file missing)
    O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
    O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

     
  16. spertti

    spertti Active member

    Liittynyt:
    01.06.2005
    Viestejä:
    1,222
    Kiitokset:
    0
    Pisteet:
    66
    Korjausprosessi;

    Lataa viimeisin Ad-Aware SE-versio http://www.download.com/3000-2144-10045910.html täältä (Jos sinulla on jo Ad-Aware asennettu, varmista että se on viimeisin versio 1.0.6)

    Jos se EI ole versio 1.0.6, poista nykyinen versiosi Lisää/Poista- sovelluksen kautta ja deletoi kansio: C:\Program Files\Lavasoft sekä tyhjennä roskakori. Lopulta asenna linkistä tuo viimeisin versio.

    Avaa Ad-Aware SE ja käynnistä WebUpdate-toiminto. (Klikkaa maapallo-kuvakketta, klikkaa "connect", klikkaa "OK", klikkaa "Finish".)

    JOS sinulla on päivitysten kanssa ongelmia, hae viimeisimmät päivitykset manuaalisesti täältä; http://download.lavasoft.de.edgesuite.net/public/defs.zip

    Lataa Lavasoftin VX2 Puhdistaja-plug-in http://www.lavasoftusa.com/software/addons/vx2cleaner.shtml täältä

    [*] Asenna VX2 Cleaner
    [*] Käynnistä Ad-Aware SE
    [*] Mene valikkoon nimeltä "Plug-ins"
    [*] Valitse VX2 Cleaner-plug-in ja klikkaa "Run Tool" (Ennen kuin ajat VX2 Cleanerin, varmista että muut Anti-virus- & Anti-spyware- ohjelmat ovat poissa päältä.)
    [*] Klikkaa "OK" kun kysytään haluatko ajaa tämän työkalun
    [*] Jos koneesi ei ole saanut tartuntaa, klikkaa "Close".[/list]

    Jos koneesi on saanut tartunnan;
    • Valitse "Clean"
    • Käynnistä uudelleen.
    • Skannaa koneesi Ad-Awarella;

      Tee asetukset näin:
      • Mene Ad-Awaren määritysikkunaan
      • Valitse General > Safety & Settings: Rastita (vihreäksi) kaikki kolme.
      • Klikkaa Tweak > Cleaning Engine > Poista rastitus "Always try to unload modules before deletion".
      Klikkaa "Proceed"
      Klikkaa "Scan Now"
      Rastita valinta "Search for negligible risk entries"
      Rastita valinta "Search for low-risk threats"
      Aja skanneri käyttämällä Full Scan (Perform full system scan) moodia.
      Kun skannaus on valmis, valitse "Next".
      Skannaus tuloksissa, valitse "Scan Summary" välilehti.
      Rastita boxi jokaisen löydetyn rivin viereen, poistoa varten.
      Klikkaa "Next", klikkaa "OK".

    • Käynnistä koneesi uudelleen
    • Aja vielä toinen skannaus (Ad-Awarella ja VX2 Cleanerilla) varmistaaksesi, että kaikki pahat tiedostot on kadonnut koneeltasi.

    Hae eScan, ja tee ohjeiden mukaan.
    eScan http://koti.mbnet.fi/pattaya1/escanmwav.htm
    Tallenna alalaatikon örkkitulokset, jotta voit lähettää ne seuraavassa postissasi

    Tämän jälkeen

    Lataa http://www.atribune.org/ccount/click.php?id=7 Look2Me-Destroyer.exe työpöydällesi.

    TÄRKEÄÄ: Ennen fixin jatkamista, sinun täytyy tehdä seuraavat:


    * Tulosta tämä, tai tallenna tekstitiedostona sopivaan sijaintiin.
    * Klikkaa käynnistä -> Suorita ja kirjoita: services.msc
    * Klikkaa OK.
    * Tarkista että tämä palvelu on käynnissä tai sen käynnistymistapa on automaattinen:
    * Toissijainen kirjautuminen
    * Seuraavaksi tietokoneesi on oltava offlinessa, vedä nettipiuha seinästä jos tarpeen.
    * Virustorjuntasi, ja kaikkien muiden turvaohjelmistojen TÄYTYY olla suljettuja.
    [*]Sulje kaikki ikkunat ennen jatkamista.
    [*]Tuplaklikkaa Look2Me-Destroyer.exe ajaaksesi ohjelman.
    [*]Rastita Run this program as a task.
    [*]Saat viestin joka sanoo; "Look2Me-Destroyer will close and re-open in approximately 10 seconds". Klikkaa OK
    [*]Kun Look2Me-Destroyer uudelleen avautuu, klikkaa Scan for L2M-valintaa, työpöytäsi pikakuvakkeet katoavat hetkeksi, tämä on normaalia.
    [*]Kun skannaus on valmis, klikkaa Remove L2M-valintaa.
    [*]Saat Done Scanning viestin, klikkaa OK.
    [*]Kun valmis, saat tämän viestin: Done removing infected files! Look2Me-Destroyer will now shutdown your computer, klikkaa OK.
    [*]Tietokoneesi sammuttaa itsensä.
    [*]Käynnistä koneesi uudelleen.
    [*]Postita C:\Look2Me-Destroyer.txt tiedoston sisältö uuden HijackThis login kera postiisi.
    Jos palomuurisi varoittaa nettiyhteyksistä tähän ohjelmaan - salli ne.

    Jos saat runtime error '339', lataa MSWINSCK.OCX seuraavasta linkistä ja sijoita se C:\Windows\System32 kansioosi.

    http://www.ascentive.com/support/new/images/lib/MSWINSCK.OCX

    Lähetä uusi loki + raportit Look2MeDestroyerista, ja eScanista
     
    Viimeksi muokattu: 05.08.2006
  17. keetu

    keetu Member

    Liittynyt:
    21.03.2006
    Viestejä:
    45
    Kiitokset:
    0
    Pisteet:
    16
    No niin urakaa tehty

    hjteetä taas

    Logfile of HijackThis v1.99.1
    Scan saved at 22:00:16, on 5.8.2006
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    C:\WINDOWS\System32\DVDRAMSV.exe
    C:\Program Files\ewido anti-spyware 4.0\guard.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
    C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
    C:\Program Files\Asus\WLAN Card Utilities\Center.exe
    C:\Program Files\Logitech\MouseWare\system\em_exec.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\Program Files\Common Files\Ulead Systems\DVD\USISrv.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
    c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe
    C:\WINDOWS\System32\ctfmon.exe
    C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
    C:\WINDOWS\system32\RAMASST.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    F:\P2P\µtorrent\utorrent.exe
    C:\Program Files\Opera\Opera.exe
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\Program Files\HJT\HijackThis_v1.99.1.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [Control Center] C:\Program Files\Asus\WLAN Card Utilities\Center.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [USIUDF_Eject_Monitor] C:\Program Files\Common Files\Ulead Systems\DVD\USISrv.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
    O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe -CheckReg
    O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
    O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
    O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
    O4 - Startup: Cold Blooded Sampler.lnk = D:\SAMPLERS\CBLOODED\COLDDEMO.EXE
    O4 - Startup: Complete Waste of Time Sampler.lnk = D:\SAMPLERS\PYTHON\PYTHON.EXE
    O4 - Startup: Dominion Sampler.lnk = D:\SAMPLERS\DOMINION\SCRNDEMO.EXE
    O4 - Startup: Holy Grail Sampler.lnk = D:\SAMPLERS\GRAIL\GRLDEMO.EXE
    O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
    O4 - Global Startup: BlueSoleil.lnk = ?
    O4 - Global Startup: Microsoft Office.lnk = C:\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
    O4 - Global Startup: SATARaid.lnk = ?
    O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O16 - DPF: RaptisoftGameLoader - http://www.miniclip.com/hamsterball/raptisoftgameloader.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1154744813578
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1154744903687
    O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://81.86.67.122:1060/activex/AxisCamControl.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{9C93F44B-7AF7-4FEC-BCA4-6587C85E807D}: NameServer = 193.229.0.40,193.229.0.42
    O17 - HKLM\System\CCS\Services\Tcpip\..\{B02D8A4A-0F82-41CF-A118-0CD792EDB346}: NameServer = 212.63.28.18
    O17 - HKLM\System\CCS\Services\Tcpip\..\{B6CD237B-B36E-484B-A4B8-5352A16BC09C}: NameServer = 193.229.0.40,193.229.0.42
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\System32\DVDRAMSV.exe
    O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: MSSQL$PINNACLESYS - Unknown owner - C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe" -sPINNACLESYS (file missing)
    O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
    O23 - Service: SQLAgent$PINNACLESYS - Unknown owner - C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE" -i PINNACLESYS (file missing)
    O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
    O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe


    ja sitte eScan

    File C:\WINDOWS\hfswsw.exe tagged as not-a-virus:AdWare.Win32.BetterInternet.ai. No Action Taken.
    File C:\WINDOWS\System32\5e6i7ep5.ini tagged as not-a-virus:AdWare.Win32.Sahat.ao. No Action Taken.
    File C:\WINDOWS\System32\desktrf.exe tagged as not-a-virus:AdWare.Win32.Beginto.b. No Action Taken.
    File C:\WINDOWS\System32\gah95on6.ini tagged as not-a-virus:AdWare.Win32.Sahat.ao. No Action Taken.
    File C:\WINDOWS\System32\pdrpdb.dll tagged as not-a-virus:AdWare.Win32.SafeSurfing.w. No Action Taken.
    File C:\Documents and Settings\All Users\Application Data\RDSA\rdsa.dll tagged as not-a-virus:AdWare.Win32.RiverAd.c. No Action Taken.
    File C:\Documents and Settings\All Users\Application Data\RDSA\RDSA0.dll tagged as not-a-virus:AdWare.Win32.RiverAd.c. No Action Taken.
    File C:\Documents and Settings\Keetu\Local Settings\Application Data\bp12.exe tagged as not-a-virus:AdWare.Win32.FlashEnhancer.b. No Action Taken.
    File C:\Documents and Settings\Keetu\Local Settings\Application Data\u.exe tagged as not-a-virus:AdWare.MSIL.Broadcap.a. No Action Taken.
    File C:\Documents and Settings\Keetu\Local Settings\Temp\aurareco.exe tagged as not-a-virus:AdWare.Win32.BetterInternet.au. No Action Taken.
    File C:\WINDOWS\hfswsw.exe tagged as not-a-virus:AdWare.Win32.BetterInternet.ai. No Action Taken.
    File C:\WINDOWS\system32\5e6i7ep5.ini tagged as not-a-virus:AdWare.Win32.Sahat.ao. No Action Taken.
    File C:\WINDOWS\system32\desktrf.exe tagged as not-a-virus:AdWare.Win32.Beginto.b. No Action Taken.
    File C:\WINDOWS\system32\gah95on6.ini tagged as not-a-virus:AdWare.Win32.Sahat.ao. No Action Taken.
    File C:\WINDOWS\system32\pdrpdb.dll tagged as not-a-virus:AdWare.Win32.SafeSurfing.w. No Action Taken.


    ja viimiseks toi Look2Me-Destroyer raportti. onks muuten normii et kun käynnisin koneen uusiks niin tuli windowsin virheilmotus jossa luki et "järjestelmä on palannut vakavasta tilasta. lähetä virheraportti."


    Scanning for infected files.....
    Scan started at 5.8.2006 21:45:10

    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP778\A0101555.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101795.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101796.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101798.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101799.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101800.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101801.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101802.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101803.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101804.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101805.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101806.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101807.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101808.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101809.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101810.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101811.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101812.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101813.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101814.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101815.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101816.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101817.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101818.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101819.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101820.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101821.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101822.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101823.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101824.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101825.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101826.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101827.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101828.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101829.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101830.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101831.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101832.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101833.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101834.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101835.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101836.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101837.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101838.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101839.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101840.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101841.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101842.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101843.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101844.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101845.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101846.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101847.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101848.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101849.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101850.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101851.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101852.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101853.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101854.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101855.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101856.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101857.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101858.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101859.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101860.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101861.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101862.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101863.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101864.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101865.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101866.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101867.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101868.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101869.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101870.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101871.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101872.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101873.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101874.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101875.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101876.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101877.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101878.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101879.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101880.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101881.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101882.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101883.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101884.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101885.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101886.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101887.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101888.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101889.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101890.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101891.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101892.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101893.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101894.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101895.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101896.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101897.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101898.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101899.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101900.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101901.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101902.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101903.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101904.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101905.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101906.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101907.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101908.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101909.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101910.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101911.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101912.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101913.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101914.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101915.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101916.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101917.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101918.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101919.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101920.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101921.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101922.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101923.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101924.dll
    Infected! C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101925.dll

    Attempting to delete infected files...

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP778\A0101555.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP778\A0101555.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101795.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101795.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101796.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101796.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101798.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101798.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101799.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101799.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101800.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101800.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101801.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101801.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101802.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101802.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101803.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101803.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101804.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101804.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101805.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101805.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101806.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101806.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101807.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101807.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101808.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101808.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101809.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101809.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101810.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101810.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101811.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101811.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101812.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101812.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101813.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101813.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101814.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101814.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101815.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101815.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101816.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101816.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101817.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101817.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101818.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101818.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101819.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101819.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101820.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101820.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101821.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101821.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101822.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101822.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101823.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101823.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101824.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101824.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101825.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101825.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101826.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101826.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101827.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101827.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101828.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101828.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101829.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101829.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101830.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101830.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101831.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101831.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101832.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101832.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101833.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101833.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101834.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101834.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101835.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101835.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101836.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101836.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101837.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101837.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101838.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101838.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101839.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101839.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101840.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101840.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101841.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101841.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101842.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101842.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101843.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101843.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101844.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101844.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101845.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101845.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101846.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101846.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101847.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101847.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101848.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101848.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101849.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101849.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101850.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101850.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101851.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101851.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101852.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101852.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101853.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101853.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101854.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101854.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101855.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101855.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101856.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101856.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101857.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101857.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101858.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101858.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101859.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101859.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101860.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101860.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101861.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101861.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101862.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101862.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101863.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101863.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101864.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101864.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101865.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101865.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101866.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101866.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101867.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101867.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101868.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101868.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101869.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101869.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101870.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101870.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101871.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101871.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101872.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101872.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101873.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101873.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101874.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101874.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101875.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101875.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101876.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101876.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101877.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101877.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101878.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101878.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101879.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101879.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101880.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101880.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101881.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101881.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101882.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101882.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101883.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101883.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101884.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101884.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101885.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101885.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101886.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101886.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101887.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101887.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101888.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101888.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101889.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101889.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101890.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101890.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101891.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101891.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101892.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101892.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101893.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101893.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101894.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101894.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101895.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101895.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101896.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101896.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101897.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101897.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101898.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101898.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101899.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101899.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101900.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101900.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101901.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101901.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101902.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101902.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101903.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101903.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101904.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101904.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101905.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101905.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101906.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101906.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101907.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101907.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101908.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101908.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101909.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101909.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101910.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101910.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101911.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101911.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101912.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101912.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101913.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101913.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101914.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101914.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101915.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101915.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101916.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101916.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101917.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101917.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101918.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101918.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101919.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101919.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101920.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101920.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101921.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101921.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101922.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101922.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101923.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101923.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101924.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101924.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101925.dll
    C:\System Volume Information\_restore{23A14B49-FBA4-4044-B51E-77057F21FB17}\RP780\A0101925.dll Deleted successfully!

    Making registry repairs.


    Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{41D69FC7-3E84-46FD-9286-8185F8E456B5}"
    HKCR\Clsid\{41D69FC7-3E84-46FD-9286-8185F8E456B5}

    Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{3D64150B-C378-4279-8497-C98FBDBFAD19}"
    HKCR\Clsid\{3D64150B-C378-4279-8497-C98FBDBFAD19}

    Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{C9531DDA-66C5-4CEF-B937-8CA423809749}"
    HKCR\Clsid\{C9531DDA-66C5-4CEF-B937-8CA423809749}

    Restoring Windows certificates.

    Replaced hosts file with default windows hosts file


    Restoring SeDebugPrivilege for Järjestelmänvalvojat - Succeeded


    mitäs seuraavaks?????
     
  18. spertti

    spertti Active member

    Liittynyt:
    01.06.2005
    Viestejä:
    1,222
    Kiitokset:
    0
    Pisteet:
    66
    Hae KillBox

    http://www.bleepingcomputer.com/files/spyware/KillBox.zip

    Pura,avaa ja täppi kohtaan Delete on Reboot
    Sitten kopioi rivit tosta alapuolelta yhellä kertaa

    C:\WINDOWS\hfswsw.exe
    C:\WINDOWS\System32\5e6i7ep5.ini
    C:\WINDOWS\System32\desktrf.exe
    C:\WINDOWS\System32\gah95on6.ini
    C:\WINDOWS\System32\pdrpdb.dll
    C:\Documents and Settings\All Users\Application Data\RDSA\rdsa.dll
    C:\Documents and Settings\All Users\Application Data\RDSA\RDSA0.dll
    C:\Documents and Settings\Keetu\Local Settings\Application Data\bp12.exe
    C:\Documents and Settings\Keetu\Local Settings\Application Data\u.exe
    C:\Documents and Settings\Keetu\Local Settings\Temp\aurareco.exe
    C:\WINDOWS\hfswsw.exe
    C:\WINDOWS\system32\5e6i7ep5.ini
    C:\WINDOWS\system32\desktrf.exe
    C:\WINDOWS\system32\gah95on6.ini
    C:\WINDOWS\system32\pdrpdb.dll


    Sitten KillBoxissa ylhäältä File > Paste from Clipboard
    Valitse "All Files".Sen jälkeen paina Delete (punainen, jossa on valkonen X)
    Vastaa myöntävästi kysymyksiin ja jos kone ei itestään käynnisty uudestaan,niin käynnistä se.

    Vielä ongelmia?
     
  19. keetu

    keetu Member

    Liittynyt:
    21.03.2006
    Viestejä:
    45
    Kiitokset:
    0
    Pisteet:
    16
    No ei vieläkään suostu windowsin päivitykset toimii. tulee sama 0x8024D00C virheilmutus. vaikka laitoin sen salauspalvelun sieltä Palveluista käyntiin. mikä avuks?
     
  20. spertti

    spertti Active member

    Liittynyt:
    01.06.2005
    Viestejä:
    1,222
    Kiitokset:
    0
    Pisteet:
    66
    Jaa-a. Itsellä ei tuohon kyllä mitään lääkettä ole. Jos kyseessä on tosiaan ihan laillinen Windows, niin melkeinpä Microsoftin tuen kautta lähtisin asiaa purkamaan. Koneesi saastuu nimittäin todella nopeasti uudelleen jos et SP2:sta saa asennettua.

    Mutta nyt koneesi on tosiaan puhdas taas vähän aikaa.
     
  21. keetu

    keetu Member

    Liittynyt:
    21.03.2006
    Viestejä:
    45
    Kiitokset:
    0
    Pisteet:
    16
    Nii en tajuu :( muistan kyl et winkun automaatti päivitykset meni päälle sillo kun sp2 tuli. ja mun lisää poista sovelluksessa on tollasia:
    [​IMG]

    osaisko kukaa helppiä. ja winkku on muute aito.
     
Viestiketjun tila:
Viestiketju on suljettu.

Jaa tämä sivu