1. Tämä sivusto käyttää keksejä (cookie). Jatkamalla sivuston käyttämistä hyväksyt keksien käyttämisen. Lue lisää.

V1Sus 1ski :C

Viestiketju Virukset ja haittaohjelmat - HijackThis -logit -osiossa. Ketjun avasi rolfF 30.11.2006.

Viestiketjun tila:
Viestiketju on suljettu.
  1. rolfF

    rolfF Guest


    AVG Anti-Spyware - Scan Report
    ---------------------------------------------------------

    + Created at: 18:32:48 2.12.2006

    + Scan result:



    HKU\S-1-5-21-1343024091-1592454029-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{052B12F7-86FA-4921-8482-26C42316B522} -> Adware.Generic : Cleaned with backup (quarantined).
    C:\Documents and Settings\Sjöblom\Local Settings\Temporary Internet Files\Content.IE5\5FUV3O3U\122[1].net -> Adware.Maxifiles : Cleaned with backup (quarantined).
    C:\Program Files\DAEMON Tools\SetupDTSB.exe -> Adware.SaveNow : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{F6431005-0A08-4B16-9BC9-DED6E3A1631A}\RP180\A0058304.dll -> Adware.Softomate : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\wvuvsrq.dll -> Adware.Virtumonde : Cleaned with backup (quarantined).
    C:\Documents and Settings\Sjöblom\Local Settings\Temporary Internet Files\Content.IE5\RR45ACU6\wlzip32[1].exe -> Downloader.Agent.bca : Cleaned with backup (quarantined).
    C:\Documents and Settings\Sjöblom\Local Settings\Temporary Internet Files\Content.IE5\5FUV3O3U\l11[1].exe -> Downloader.Zlob.bas : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{F6431005-0A08-4B16-9BC9-DED6E3A1631A}\RP180\A0058298.exe -> Downloader.Zlob.bas : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{F6431005-0A08-4B16-9BC9-DED6E3A1631A}\RP180\A0058299.exe -> Downloader.Zlob.bat : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{F6431005-0A08-4B16-9BC9-DED6E3A1631A}\RP180\A0058300.exe -> Downloader.Zlob.bbf : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{F6431005-0A08-4B16-9BC9-DED6E3A1631A}\RP180\A0059367.exe -> Downloader.Zlob.sd : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{F6431005-0A08-4B16-9BC9-DED6E3A1631A}\RP180\A0059368.tlb -> Downloader.Zlob.to : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{F6431005-0A08-4B16-9BC9-DED6E3A1631A}\RP173\A0054746.exe -> Dropper.Agent.azn : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{F6431005-0A08-4B16-9BC9-DED6E3A1631A}\RP180\A0059365.exe -> Proxy.Small.dt : Cleaned with backup (quarantined).
    :mozilla.128:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
    :mozilla.82:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.88:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.89:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.528:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
    :mozilla.596:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
    C:\Documents and Settings\Sjöblom\Cookies\sjöblom@adbrite[2].txt -> TrackingCookie.Adbrite : Cleaned.
    C:\Documents and Settings\Vieras\Cookies\vieras@adbrite[2].txt -> TrackingCookie.Adbrite : Cleaned.
    :mozilla.579:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.Adition : Cleaned.
    :mozilla.580:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.Adition : Cleaned.
    C:\Documents and Settings\Sjöblom\Cookies\sjöblom@ad.adition[2].txt -> TrackingCookie.Adition : Cleaned.
    C:\Documents and Settings\Vieras\Cookies\vieras@ad.adition[2].txt -> TrackingCookie.Adition : Cleaned.
    :mozilla.420:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
    :mozilla.421:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
    :mozilla.422:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
    :mozilla.516:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
    :mozilla.517:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
    :mozilla.597:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
    C:\Documents and Settings\Sjöblom\Cookies\sjöblom@adjuggler[1].txt -> TrackingCookie.Adjuggler : Cleaned.
    C:\Documents and Settings\Sjöblom\Cookies\sjöblom@rotator.adjuggler[1].txt -> TrackingCookie.Adjuggler : Cleaned.
    C:\Documents and Settings\Vieras\Cookies\vieras@adjuggler[1].txt -> TrackingCookie.Adjuggler : Cleaned.
    C:\Documents and Settings\Vieras\Cookies\vieras@rotator.adjuggler[2].txt -> TrackingCookie.Adjuggler : Cleaned.
    :mozilla.524:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.Admarketplace : Cleaned.
    C:\Documents and Settings\Sjöblom\Cookies\sjöblom@admarketplace[2].txt -> TrackingCookie.Admarketplace : Cleaned.
    C:\Documents and Settings\Vieras\Cookies\vieras@admarketplace[1].txt -> TrackingCookie.Admarketplace : Cleaned.
    :mozilla.166:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
    :mozilla.169:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
    C:\Documents and Settings\Vieras\Cookies\vieras@adtech[2].txt -> TrackingCookie.Adtech : Cleaned.
    :mozilla.126:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
    :mozilla.127:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
    C:\Documents and Settings\Vieras\Cookies\vieras@advertising[1].txt -> TrackingCookie.Advertising : Cleaned.
    :mozilla.37:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
    C:\Documents and Settings\Sjöblom\Cookies\sjöblom@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
    C:\Documents and Settings\Vieras\Cookies\vieras@promo.casinotropez[1].txt -> TrackingCookie.Casinotropez : Cleaned.
    :mozilla.593:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.Clickhype : Cleaned.
    C:\Documents and Settings\Sjöblom\Cookies\sjöblom@ad1.clickhype[2].txt -> TrackingCookie.Clickhype : Cleaned.
    C:\Documents and Settings\Vieras\Cookies\vieras@ad1.clickhype[2].txt -> TrackingCookie.Clickhype : Cleaned.
    C:\Documents and Settings\Vieras\Cookies\vieras@cz5.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned.
    :mozilla.122:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
    C:\Documents and Settings\Vieras\Cookies\vieras@doubleclick[2].txt -> TrackingCookie.Doubleclick : Cleaned.
    :mozilla.393:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.Enhance : Cleaned.
    :mozilla.394:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.Enhance : Cleaned.
    C:\Documents and Settings\Sjöblom\Cookies\sjöblom@enhance[2].txt -> TrackingCookie.Enhance : Cleaned.
    :mozilla.101:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
    :mozilla.102:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
    :mozilla.103:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
    :mozilla.104:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
    :mozilla.105:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
    :mozilla.106:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
    :mozilla.107:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
    :mozilla.116:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
    :mozilla.117:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
    :mozilla.118:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
    :mozilla.119:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
    :mozilla.120:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
    C:\Documents and Settings\Vieras\Cookies\vieras@as-us.falkag[1].txt -> TrackingCookie.Falkag : Cleaned.
    :mozilla.79:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
    :mozilla.80:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
    :mozilla.81:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
    :mozilla.83:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
    :mozilla.84:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
    :mozilla.185:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
    :mozilla.188:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
    :mozilla.189:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
    :mozilla.271:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
    :mozilla.165:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
    :mozilla.93:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
    :mozilla.96:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
    C:\Documents and Settings\Vieras\Cookies\vieras@server.iad.liveperson[2].txt -> TrackingCookie.Liveperson : Cleaned.
    :mozilla.488:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.Masterstats : Cleaned.
    C:\Documents and Settings\Sjöblom\Cookies\sjöblom@image.masterstats[1].txt -> TrackingCookie.Masterstats : Cleaned.
    C:\Documents and Settings\Vieras\Cookies\vieras@image.masterstats[1].txt -> TrackingCookie.Masterstats : Cleaned.
    C:\Documents and Settings\Sjöblom\Cookies\sjöblom@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned.
    C:\Documents and Settings\Vieras\Cookies\vieras@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned.
    :mozilla.183:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
    C:\Documents and Settings\Vieras\Cookies\vieras@paypopup[1].txt -> TrackingCookie.Paypopup : Cleaned.
    :mozilla.11:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
    :mozilla.12:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
    :mozilla.13:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
    :mozilla.14:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
    :mozilla.15:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
    :mozilla.16:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
    :mozilla.17:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
    :mozilla.18:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
    :mozilla.19:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
    :mozilla.20:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
    :mozilla.21:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
    :mozilla.7:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
    :mozilla.8:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
    :mozilla.9:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
    C:\Documents and Settings\Sjöblom\Cookies\sjöblom@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Cleaned.
    :mozilla.206:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.Revenue : Cleaned.
    C:\Documents and Settings\Vieras\Cookies\vieras@revenue[2].txt -> TrackingCookie.Revenue : Cleaned.
    C:\Documents and Settings\Vieras\Cookies\vieras@cs.sexcounter[2].txt -> TrackingCookie.Sexcounter : Cleaned.
    :mozilla.269:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
    :mozilla.270:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
    C:\Documents and Settings\Sjöblom\Cookies\sjöblom@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
    C:\Documents and Settings\Vieras\Cookies\vieras@tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned.
    C:\Documents and Settings\Vieras\Cookies\vieras@login.tracking101[2].txt -> TrackingCookie.Tracking101 : Cleaned.
    C:\Documents and Settings\Vieras\Cookies\vieras@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Cleaned.
    C:\Documents and Settings\Vieras\Cookies\vieras@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned.
    C:\Documents and Settings\Vieras\Cookies\vieras@vegasred[2].txt -> TrackingCookie.Vegasred : Cleaned.
    :mozilla.176:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    :mozilla.177:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    :mozilla.178:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    :mozilla.179:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    :mozilla.180:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    :mozilla.181:C:\Documents and Settings\Sjöblom\Application Data\Mozilla\Firefox\Profiles\w1i5iwol.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    C:\Documents and Settings\Sjöblom\Cookies\sjöblom@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned.
    C:\Documents and Settings\Vieras\Cookies\vieras@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned.
    C:\Documents and Settings\Sjöblom\Local Settings\Temporary Internet Files\Content.IE5\DNRDIGBQ\antzom[1].exe -> Trojan.Agent.vg : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{F6431005-0A08-4B16-9BC9-DED6E3A1631A}\RP180\A0059424.dll -> Trojan.Mezzia : Cleaned with backup (quarantined).
    C:\VundoFix Backups\winghy32.dll.bad -> Trojan.Mezzia : Cleaned with backup (quarantined).


    ::Report end


    Logfile of HijackThis v1.99.1
    Scan saved at 18:45:07, on 2.12.2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.5730.0011)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\PROGRA~1\TRENDM~1\INTERN~2\PcCtlCom.exe
    C:\Program Files\Spyware Doctor\sdhelp.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
    C:\WINDOWS\system32\svchost.exe
    C:\PROGRA~1\TRENDM~1\INTERN~2\Tmntsrv.exe
    C:\PROGRA~1\TRENDM~1\INTERN~2\tmproxy.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
    C:\Program Files\DAEMON Tools\daemon.exe
    C:\Program Files\Trend Micro\Internet Security 2006\pccguide.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
    C:\Program Files\Spyware Doctor\swdoctor.exe
    C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
    C:\PROGRA~1\TRENDM~1\INTERN~2\TmPfw.exe
    C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mim.exe
    C:\Program Files\WinTV\Ir.exe
    C:\Program Files\MUSICMATCH\Musicmatch Jukebox\MMDiag.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\System32\alg.exe
    C:\Documents and Settings\Sjöblom\Työpöytä\HijackThis_v1.99.1.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = dna Internet Explorer
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://paivitys.dnainternet.fi/yhteys/proxy.pac
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: (no name) - {099D0986-C204-F967-3343-00A64FA96FB9} - C:\WINDOWS\system32\vorenbj.dll
    O2 - BHO: (no name) - {35F7813A-AF74-4474-B1DC-7EE6FB6C43C6} - C:\WINDOWS\system32\cjwskgfm.dll
    O2 - BHO: (no name) - {4C661CCC-43FB-4C41-A1FF-8DF2C1BCF486} - C:\WINDOWS\system32\pmnnk.dll
    O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
    O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
    O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fi\msntb.dll
    O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fi\msntb.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
    O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
    O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [Anti-Trojan-Watch] C:\Program Files\Anti-Trojan-55\ATWatch.exe
    O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~2\mimboot.exe
    O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 2006\pccguide.exe"
    O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [vvdkkpe.dll] C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\vvdkkpe.dll,agkxvbc
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Startup: Joint Operations Typhoon Rising Registration.lnk = ?
    O4 - Global Startup: AutoStart IR.lnk = C:\Program Files\WinTV\Ir.exe
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
    O4 - Global Startup: MSN Ligth Gray Messenger 8.0.lnk = C:\Program Files\MSN Messenger\wave-ligth-gray-msnmsgr.exe
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBInitialSetup1.0.0.15.cab
    O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://files.ea.com/downloads/rtpatch/v2/EARTPX.cab
    O16 - DPF: {54D53429-945C-4188-B460-C81356541882} (SaveImageFiles Class) - http://eshare.hpphoto.com/Download/HPeServicesLocalPrint.CAB
    O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} (PSFormX Control) - http://www.pestpatrol.com/pestscan/pestscan.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1136626413875
    O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm Element) - http://www.windowsecurity.com/trojanscan/axscan.cab
    O16 - DPF: {BE833F39-1E0C-468C-BA70-25AAEE55775E} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: pmnnk - C:\WINDOWS\system32\pmnnk.dll
    O20 - Winlogon Notify: WBSrv - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll
    O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~2\PcCtlCom.exe
    O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
    O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:\WINDOWS\system32\sfrem01.exe
    O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
    O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~2\Tmntsrv.exe
    O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~2\TmPfw.exe
    O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~2\tmproxy.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe


    siinä on :D milt näyttää ?
     
  2.  
  3. Hujo

    Hujo Guest

    aja vundoo uudestaan
     
  4. -kemisti-

    -kemisti- Active member

    Liittynyt:
    06.06.2005
    Viestejä:
    6,305
    Kiitokset:
    0
    Pisteet:
    96
    Jaahas, otetaas tämä ketju haltuun, että tästä tulee joskus valmistakin...

    Hujolle tiedoksi, että VundoFix ei tunnista kaikkia Vundon filuja.

    Fixaa nämä:

    O2 - BHO: (no name) - {099D0986-C204-F967-3343-00A64FA96FB9} - C:\WINDOWS\system32\vorenbj.dll
    O2 - BHO: (no name) - {35F7813A-AF74-4474-B1DC-7EE6FB6C43C6} - C:\WINDOWS\system32\cjwskgfm.dll
    O4 - HKLM\..\Run: [vvdkkpe.dll] C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\vvdkkpe.dll,agkxvbc
    O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache...tup1.0.0.15.cab



    1. Käynnistä-valikko -> Suorita -> kopioi seuraava kenttään ja paina Enter:
    "%userprofile%\työpöytä\combofix.exe" /v pmnnk

    2. Kun työkalu on valmis, se tuottaa lokin. Lähetä tämä loki viesti ketjuusi.
    3.Käynnistä tietokoneesi uudelleen
    4.Lähetä tuore HijackThis loki viestiketjuusi Combofix--lokin kera.
    Huom! Älä klikkaile combofixin ikkunaa käytön aikana. Tämä saattaa aiheuttaa ohjelman jumiutumisen.

    Poista jos löytyy:

    C:\WINDOWS\system32\vorenbj.dll
    C:\WINDOWS\system32\cjwskgfm.dll
    C:\WINDOWS\system32\vvdkkpe.dll

    Lähetä combon loki ja uusi HjT-loki.
     
    Viimeksi muokattu: 02.12.2006
  5. Hujo

    Hujo Guest

    VundoFix kaipaa remontia ;)

    1. Klikkaa käynnistä > Oma tietokone oikean puoleisella nappi
    2. Valitse ominaisuudet
    3. Valitse järjestelmän palauttaminen välilehti
    4. Ruksi eteen ¤ poista järjestelmän palauttaminen kaikissa asemissa
    5. Paina Käytä
    6. Paina ok
    7. Sammuta ja käynnistä
    8. Ota ruksi pois ¤ poista järjestelmän palauttaminen kaikissa asemissa
    9. Käytä ja OK
     
    Moderaattorin viimeksi muokkaama: 02.12.2006
  6. -kemisti-

    -kemisti- Active member

    Liittynyt:
    06.06.2005
    Viestejä:
    6,305
    Kiitokset:
    0
    Pisteet:
    96
    Ei vaan Vundofixin tekijä kaipaa että uusia vundon filuja upitaan esim. spykilleriin tai uploadmalwareen, että fixiä voitaisi päivittää...

    EDIT: Ja annetaan sen järjestelmän palauttamisen olla päällä, kunnes kone on muuten puhdas.
     
    Viimeksi muokattu: 02.12.2006
  7. rolfF

    rolfF Guest

    siis mitä mä nyt teen ?
     
  8. -kemisti-

    -kemisti- Active member

    Liittynyt:
    06.06.2005
    Viestejä:
    6,305
    Kiitokset:
    0
    Pisteet:
    96
    Seuraa mun ohjeitani.
     
  9. rolfF

    rolfF Guest

    elikkä ? mitkä ne ovat ? :D
     
  10. Hujo

    Hujo Guest

    tee nyt tuo kemistin juttu
     
  11. rolfF

    rolfF Guest

    toi mitkä ne ovat ???
    en nyt näe niitä :D
     
  12. Hujo

    Hujo Guest

    klikkaa tota 1 sivua sieltä löytyy.
     
  13. rolfF

    rolfF Guest

    Ei vaan Vundofixin tekijä kaipaa että uusia vundon filuja upitaan esim. spykilleriin tai uploadmalwareen, että fixiä voitaisi päivittää...

    EDIT: Ja annetaan sen järjestelmän palauttamisen olla päällä, kunnes kone on muuten puhdas.

    siis noi vai ??
    no mitä mun pitää parannella oon ihan pihal nyt :O
     
  14. -kemisti-

    -kemisti- Active member

    Liittynyt:
    06.06.2005
    Viestejä:
    6,305
    Kiitokset:
    0
    Pisteet:
    96
  15. Hujo

    Hujo Guest


    ei vaan tämä
    Linkki
     
    Moderaattorin viimeksi muokkaama: 02.12.2006
  16. rolfF

    rolfF Guest

    millä ohjelmalla fixsaan noi

    O2 - BHO: (no name) - {099D0986-C204-F967-3343-00A64FA96FB9} - C:\WINDOWS\system32\vorenbj.dll
    O2 - BHO: (no name) - {35F7813A-AF74-4474-B1DC-7EE6FB6C43C6} - C:\WINDOWS\system32\cjwskgfm.dll
    O4 - HKLM\..\Run: [vvdkkpe.dll] C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\vvdkkpe.dll,agkxvbc
    O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache...tup1.0.0.15.cab
     
  17. -kemisti-

    -kemisti- Active member

    Liittynyt:
    06.06.2005
    Viestejä:
    6,305
    Kiitokset:
    0
    Pisteet:
    96
    Avaa HijackThis, klikkaa do a system scan only, merkkaa rivit ja paina fix checked.
     
  18. rolfF

    rolfF Guest

    Logfile of HijackThis v1.99.1
    Scan saved at 21:00:06, on 2.12.2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.5730.0011)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\PROGRA~1\TRENDM~1\INTERN~2\PcCtlCom.exe
    C:\Program Files\Spyware Doctor\sdhelp.exe
    C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
    C:\WINDOWS\system32\svchost.exe
    C:\PROGRA~1\TRENDM~1\INTERN~2\Tmntsrv.exe
    C:\PROGRA~1\TRENDM~1\INTERN~2\tmproxy.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\PROGRA~1\TRENDM~1\INTERN~2\TmPfw.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\PROGRA~1\TRENDM~1\INTERN~2\PccGuide.exe
    C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
    C:\Program Files\DAEMON Tools\daemon.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\PROGRA~1\MUSICM~1\MUSICM~2\MMDiag.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mim.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
    C:\Program Files\Spyware Doctor\swdoctor.exe
    C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
    C:\Program Files\WinTV\Ir.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\Program Files\MSN Messenger\wave-ligth-gray-msnmsgr.exe
    C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
    C:\WINDOWS\explorer.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\Sjöblom\Työpöytä\HijackThis_v1.99.1.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = dna Internet Explorer
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://paivitys.dnainternet.fi/yhteys/proxy.pac
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
    O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
    O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fi\msntb.dll
    O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fi\msntb.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
    O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
    O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [Anti-Trojan-Watch] C:\Program Files\Anti-Trojan-55\ATWatch.exe
    O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~2\mimboot.exe
    O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 2006\pccguide.exe"
    O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Startup: Joint Operations Typhoon Rising Registration.lnk = ?
    O4 - Global Startup: AutoStart IR.lnk = C:\Program Files\WinTV\Ir.exe
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
    O4 - Global Startup: MSN Ligth Gray Messenger 8.0.lnk = C:\Program Files\MSN Messenger\wave-ligth-gray-msnmsgr.exe
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://files.ea.com/downloads/rtpatch/v2/EARTPX.cab
    O16 - DPF: {54D53429-945C-4188-B460-C81356541882} (SaveImageFiles Class) - http://eshare.hpphoto.com/Download/HPeServicesLocalPrint.CAB
    O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} (PSFormX Control) - http://www.pestpatrol.com/pestscan/pestscan.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1136626413875
    O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm Element) - http://www.windowsecurity.com/trojanscan/axscan.cab
    O16 - DPF: {BE833F39-1E0C-468C-BA70-25AAEE55775E} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: WBSrv - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll
    O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~2\PcCtlCom.exe
    O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
    O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:\WINDOWS\system32\sfrem01.exe
    O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
    O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~2\Tmntsrv.exe
    O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~2\TmPfw.exe
    O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~2\tmproxy.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

    ni niin siinä on :D
     
  19. -kemisti-

    -kemisti- Active member

    Liittynyt:
    06.06.2005
    Viestejä:
    6,305
    Kiitokset:
    0
    Pisteet:
    96
    Lähetä vielä se combofixin loki.
     
  20. rolfF

    rolfF Guest

    Sj”blom - 06-12-03 0:39:40,93 Service Pack 2
    ComboFix 06.11.27W - Running from: "C:\Documents and Settings\Sj”blom\Ty”p”yt„"

    ((((((((((((((((((((((((((((((( Files Created from 2006-11-03 to 2006-12-03 ))))))))))))))))))))))))))))))))))


    2006-12-02 20:09 2,214 --a------ C:\WINDOWS\system32\tmp.reg
    2006-12-02 17:42 3,968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
    2006-12-02 17:42 <KANSIO> d-------- C:\Program Files\Grisoft
    2006-12-02 17:25 24,576 --a------ C:\WINDOWS\system32\VundoFixSVC.exe
    2006-12-02 17:15 <KANSIO> d-------- C:\VundoFix Backups
    2006-12-01 20:48 53,248 --a------ C:\WINDOWS\system32\Process.exe
    2006-12-01 20:48 40,960 --a------ C:\WINDOWS\system32\swsc.exe
    2006-12-01 20:48 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
    2006-12-01 20:48 135,168 --a------ C:\WINDOWS\system32\swreg.exe
    2006-11-30 20:56 <KANSIO> d-------- C:\Program Files\Skype
    2006-11-30 20:42 <KANSIO> d-------- C:\Documents and Settings\Sj”blom\Application Data\Skype
    2006-11-28 16:19 <KANSIO> d-------- C:\!KillBox
    2006-11-28 15:30 <KANSIO> d-------- C:\Documents and Settings\Sj”blom\Application Data\SearchToolbarCorp
    2006-11-28 15:29 <KANSIO> d-------- C:\Program Files\VSAdd-in
    2006-11-27 18:53 256,663 --a------ C:\WINDOWS\system32\geeby.dll
    2006-11-27 16:52 56,643 --a------ C:\WINDOWS\system32\jkhfd.dll
    2006-11-27 16:49 <KANSIO> d-------- C:\Documents and Settings\Sj”blom\Application Data\Mozilla
    2006-11-27 16:48 <KANSIO> d-------- C:\Program Files\Mozilla Firefox
    2006-11-27 16:19 55,183 --a------ C:\WINDOWS\system32\ddcya.dll
    2006-11-26 21:34 34,743 --a------ C:\WINDOWS\system32\geedb.dll
    2006-11-26 21:29 93,696 --a------ C:\WINDOWS\system32\vvdkkpe.dll
    2006-11-25 16:22 <KANSIO> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
    2006-11-25 16:22 <KANSIO> d-------- C:\Fraps
    2006-11-23 16:00 <KANSIO> d-------- C:\Program Files\Managed DirectX (0900)
    2006-11-22 17:23 <KANSIO> d-------- C:\Program Files\Empire Interactive
    2006-11-18 02:22 <KANSIO> d-------- C:\81c755e3b6aad804bfe2
    2006-11-10 15:57 <KANSIO> d-------- C:\Documents and Settings\Sj”blom\Application Data\Opera
    2006-11-09 16:32 <KANSIO> d-------- C:\Documents and Settings\Sj”blom\Application Data\Adobe
    2006-11-09 16:27 <KANSIO> d-------- C:\Program Files\Common Files\Adobe Systems Shared
    2006-11-09 16:27 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\Adobe Systems
    2006-11-09 16:26 <KANSIO> d-------- C:\Program Files\Adobe
    2006-11-09 16:26 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\Adobe
    2006-11-04 14:14 1,245,696 --a------ C:\WINDOWS\system32\msxml4.dll


    (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


    2006-12-03 00:15 -------- d-------- C:\Program Files\WinTV
    2006-12-02 19:35 -------- d-------- C:\Documents and Settings\Sj”blom\Application Data\teamspeak2
    2006-12-02 18:30 -------- d-------- C:\Program Files\DAEMON Tools
    2006-12-02 15:01 -------- d-------- C:\Documents and Settings\Sj”blom\Application Data\Azureus
    2006-12-01 16:22 -------- d-------- C:\Program Files\Common Files
    2006-12-01 16:15 -------- d-------- C:\Program Files\Logitech
    2006-11-28 17:33 -------- d-------- C:\Program Files\Internet Explorer
    2006-11-12 13:14 -------- d-------- C:\Program Files\Java
    2006-11-09 16:28 -------- d-------- C:\Program Files\Common Files\Adobe
    2006-11-07 21:03 6049280 --a------ C:\WINDOWS\system32\ieframe.dll
    2006-11-07 21:03 50688 --a------ C:\WINDOWS\system32\msfeedsbs.dll
    2006-11-07 21:03 458752 --a------ C:\WINDOWS\system32\msfeeds.dll
    2006-11-07 21:03 413696 --a------ C:\WINDOWS\system32\vbscript.dll
    2006-11-07 21:03 231424 --a------ C:\WINDOWS\system32\webcheck.dll
    2006-11-07 21:03 180736 --a------ C:\WINDOWS\system32\ieui.dll
    2006-11-07 21:03 156160 --a------ C:\WINDOWS\system32\msls31.dll
    2006-11-07 19:09 -------- d-------- C:\Program Files\Google
    2006-11-07 17:00 -------- d-------- C:\Documents and Settings\Sj”blom\Application Data\Macromedia
    2006-11-07 16:30 -------- d-------- C:\Program Files\Jasc Software Inc
    2006-11-07 03:27 382976 --a------ C:\WINDOWS\system32\iedkcs32.dll
    2006-11-07 03:27 229376 --a------ C:\WINDOWS\system32\ieaksie.dll
    2006-11-07 03:26 71680 --a------ C:\WINDOWS\system32\admparse.dll
    2006-11-07 03:26 55296 --a------ C:\WINDOWS\system32\iesetup.dll
    2006-11-07 03:26 54784 --a------ C:\WINDOWS\system32\ie4uinit.exe
    2006-11-07 03:26 43008 --a------ C:\WINDOWS\system32\iernonce.dll
    2006-11-07 03:26 152064 --a------ C:\WINDOWS\system32\ieakeng.dll
    2006-11-07 03:26 13312 --a------ C:\WINDOWS\system32\ieudinit.exe
    2006-11-07 03:26 123904 --a------ C:\WINDOWS\system32\advpack.dll
    2006-11-07 03:25 161792 --a------ C:\WINDOWS\system32\ieakui.dll
    2006-10-27 22:15 -------- d-------- C:\Program Files\Musclesoft
    2006-10-26 11:43 40960 --a------ C:\WINDOWS\system32\frapsvid.dll
    2006-10-19 15:15 -------- d-------- C:\Program Files\Doomsday
    2006-10-17 12:06 78336 --a------ C:\WINDOWS\system32\ieencode.dll
    2006-10-17 12:05 40960 --a------ C:\WINDOWS\system32\licmgr10.dll
    2006-10-17 12:05 206336 --------- C:\WINDOWS\system32\WinFXDocObj.exe
    2006-10-17 12:05 105984 --a------ C:\WINDOWS\system32\url.dll
    2006-10-17 12:04 101376 --a------ C:\WINDOWS\system32\occache.dll
    2006-10-17 12:03 17408 --a------ C:\WINDOWS\system32\corpol.dll
    2006-10-17 11:58 61952 --------- C:\WINDOWS\system32\icardie.dll
    2006-10-17 11:58 12288 --------- C:\WINDOWS\system32\msfeedssync.exe
    2006-10-17 11:57 36352 --a------ C:\WINDOWS\system32\imgutil.dll
    2006-10-17 11:57 266752 --------- C:\WINDOWS\system32\iertutil.dll
    2006-10-17 11:56 45568 --a------ C:\WINDOWS\system32\mshta.exe
    2006-10-17 11:28 48128 --a------ C:\WINDOWS\system32\mshtmler.dll
    2006-10-17 11:27 380928 --------- C:\WINDOWS\system32\ieapfltr.dll
    2006-10-13 18:52 40 ---hs---- C:\Documents and Settings\Sj”blom\Application Data\.zreglib
    2006-10-13 14:37 142336 --a------ C:\WINDOWS\system32\nwprovau.dll
    2006-10-10 14:50 -------- d-------- C:\Documents and Settings\Sj”blom\Application Data\Google
    2006-09-18 15:09 34308 --a------ C:\WINDOWS\system32\BASSMOD.dll
    2006-09-13 07:03 1084416 --a------ C:\WINDOWS\system32\msxml3.dll
    2006-09-06 16:43 22752 --a------ C:\WINDOWS\system32\spupdsvc.exe


    (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

    *Note* empty entries are not shown

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
    "CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
    "MsnMsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background"
    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="\"C:\\Program Files\\Common Files\\Ahead\\lib\\NMBgMonitor.exe\""
    "Spyware Doctor"="\"C:\\Program Files\\Spyware Doctor\\swdoctor.exe\" /Q"
    "swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.2.908.5008\\GoogleToolbarNotifier.exe"
    "Skype"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /nosplash /minimized"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
    "NVMixerTray"="\"C:\\Program Files\\NVIDIA Corporation\\NvMixer\\NVMixerTray.exe\""
    "SoundMan"="SOUNDMAN.EXE"
    "SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_09\\bin\\jusched.exe\""
    "DAEMON Tools"="\"C:\\Program Files\\DAEMON Tools\\daemon.exe\" -lang 1033"
    "AT-Watch"=""
    "Anti-Trojan-Watch"="C:\\Program Files\\Anti-Trojan-55\\ATWatch.exe"
    "MimBoot"="C:\\PROGRA~1\\MUSICM~1\\MUSICM~2\\mimboot.exe"
    "pccguide.exe"="\"C:\\Program Files\\Trend Micro\\Internet Security 2006\\pccguide.exe\""
    "Zone Labs Client"="C:\\Program Files\\Zone Labs\\ZoneAlarm\\zlclient.exe"
    "iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
    "QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
    "NeroFilterCheck"="C:\\Program Files\\Common Files\\Ahead\\Lib\\NeroCheck.exe"
    "!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"

    [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
    "DeskHtmlVersion"=dword:00000110
    "DeskHtmlMinorVersion"=dword:00000005
    "Settings"=dword:00000001
    "GeneralFlags"=dword:00000001

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
    "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"
    "Spyware Doctor"="\"C:\\Program Files\\Spyware Doctor\\swdoctor.exe\" /Q"

    [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
    "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"
    "Spyware Doctor"="\"C:\\Program Files\\Spyware Doctor\\swdoctor.exe\" /Q"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
    "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
    "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
    "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
    "{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
    "NoDriveTypeAutoRun"=dword:00000091

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "dontdisplaylastusername"=dword:00000000
    "legalnoticecaption"=""
    "legalnoticetext"=""
    "shutdownwithoutlogon"=dword:00000001
    "undockwithoutlogon"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
    "NoCDBurning"=dword:00000000

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
    "NoDriveTypeAutoRun"=dword:00000091

    [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
    "NoDriveTypeAutoRun"=dword:00000091

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
    "PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
    "CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
    "WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
    "SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
    "WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"

    HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
    "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

    Completion time: 06-12-03 0:41:45.51
    C:\ComboFix.txt ... 06-12-03 00:41
    C:\ComboFix2.txt ... 06-12-02 20:04
    C:\ComboFix3.txt ... 06-12-02 19:57


    siinä on :D
    vieläkö on örkkejä koneella ?
     
  21. -kemisti-

    -kemisti- Active member

    Liittynyt:
    06.06.2005
    Viestejä:
    6,305
    Kiitokset:
    0
    Pisteet:
    96
    Ikävä kyllä on.

    Poista:

    C:\Program Files\VSAdd-in
    C:\WINDOWS\system32\geeby.dll
    C:\WINDOWS\system32\jkhfd.dll
    C:\WINDOWS\system32\ddcya.dll
    C:\WINDOWS\system32\geedb.dll
    C:\WINDOWS\system32\vvdkkpe.dll

    Tyhjennä roskis

    Käynnistä uudelleen

    Aja combofix uudestaan, lähetä sen loki ja uusi HjT-loki.
     
Viestiketjun tila:
Viestiketju on suljettu.

Jaa tämä sivu