Mobile/PDA About Us Advertise here
User User name Password  
  Not registered yet? Register here.
Lost your password? Click here. 		 
  Home   News   Guides   Downloads   Glossary   Hardware   Profiles   Forums   v4  
 Advertise at AfterDawn.com     Link to us!     Private messages     Compose a private message     List of all updated threads     Threads without replies     Search messages
Thursday 6.3.2025 / 13:12
Search AfterDawn Forums:        In English   Suomeksi   På svenska
afterdawn.com > forums > software, operating systems and more > windows - virus and spyware problems > urgent!! help needed for w32.myzor.fk@yf
Show topics
 
Forums
Forums
Urgent!! Help needed for w32.Myzor.Fk@yf
  Jump to:
 
Posted Message
Page:< Previous12
noviisori
Newbie
_ 		10. July 2006 @ 06:48 _ Link to this message    Send private message to this user   
Hello Tapiiri
Sama ongelma täälläkin.Suomalaisia ohjeita asian korjaamiseksi ei näytä löytyvän, joten luotan apuusi.
Logfile of HijackThis v1.99.1
Scan saved at 17:48:19, on 10.7.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\atmclk.exe
C:\WINDOWS\system32\dcomcfg.exe
C:\Program Files\F-Secure\Common\FSM32.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
F:\Pentax\DEVDET~1\DEVDET~1.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\F-Secure\BackWeb\7681197\Program\BackWeb-7681197.exe
C:\WINDOWS\system32\LVComS.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\F-Secure\Common\FSMA32.EXE
C:\Program Files\F-Secure\Common\FSMB32.EXE
C:\Program Files\F-Secure\Common\FCH32.EXE
C:\Program Files\F-Secure\Common\FAMEH32.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
O2 - BHO: (no name) - {5f4c3d09-b3b9-4f88-aa82-31332fee1c08} - C:\WINDOWS\system32\hp100.tmp
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: AlxTB BHO - {F1FABE79-25FC-46de-8C5A-2C6DB9D64333} - C:\WINDOWS\system32\AlxTB1.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [SBDrvDet] C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Camera Detector] F:\Pentax\DEVDET~1\DEVDET~1.EXE -autorun
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Steam] C:\Program Files\Valve\Steam\Steam.exe -silent
O4 - HKCU\..\Run: [WinMX] C:\Program Files\WinMX\WinMX.exe -m
O4 - HKCU\..\Run: [BitComet] "F:\Winmx\D'Accord Personal Guitarist 0.9\BitLord\BitLord.exe"
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Mail to a Friend... - http://client.alexa.com/holiday/script/actions/mailto.htm
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (file missing)
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=48835
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/cl...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: F-Secure BackWeb (BackWeb Client - 7681197) - Unknown owner - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: F-Secure BackWeb LAN Access - Unknown owner - C:\Program Files\F-Secure\BackWeb\7681197\Program\fsbwlan.exe
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE
O23 - Service: F-Secure Authentication Agent (FSAA) - F-Secure Corporation. All Rights Reserved. - C:\Program Files\F-Secure\Common\FSAA.EXE
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod-palvelu (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
[ + quote]
Advertisement
_ 		__
noviisori
Newbie
_ 		10. July 2006 @ 06:52 _ Link to this message    Send private message to this user   
Tässä toinen osio. Can You help me?

SmitFraudFix v2.69

Scan done at 17:51:45,64, ma 10.07.2006
Run from C:\Documents and Settings\Aleksi M?enp??\SmitfraudFix
OS: Microsoft Windows XP [versio 5.1.2600] - Windows_NT
Fix ran in normal mode

»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32

C:\WINDOWS\system32\atmclk.exe FOUND !
C:\WINDOWS\system32\dcomcfg.exe FOUND !
C:\WINDOWS\system32\hp???.tmp FOUND !
C:\WINDOWS\system32\hp????.tmp FOUND !
C:\WINDOWS\system32\ld???.tmp FOUND !
C:\WINDOWS\system32\ld????.tmp FOUND !
C:\WINDOWS\system32\regperf.exe FOUND !
C:\WINDOWS\system32\simpole.tlb FOUND !
C:\WINDOWS\system32\stdole3.tlb FOUND !
C:\WINDOWS\system32\1024\ FOUND !

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Aleksi M?enp??\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Start Menu


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\ALEKSI~1\Suosikit


»»»»»»»»»»»»»»»»»»»»»»»» Desktop

C:\DOCUME~1\ALLUSE~1\TYPYT~1\Security Troubleshooting.url FOUND !

»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys


»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Nykyinen kotisivu"


»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Scanning wininet.dll infection


»»»»»»»»»»»»»»»»»»»»»»»» End
[ + quote]
tapiiri
Senior Member
_ 		10. July 2006 @ 08:07 _ Link to this message    Send private message to this user   
Prkle noviisori :)

Suomen virustorjunta.net löytyy kyllä apua. Linkki allekirjoituksessa:)

Koitas noita, en rupea niitä täällä suomeksi antamaan :)

Restart your computer to the safemode -> http://www.pchell.com/support/safemode.shtml

When in safemode, open SmitfraudFix folder and doubleclick the file smitfraudfix.cmd
Choose option #2 - Clean by typing 2 and pressing "Enter" in order to remove the infected files.

You are asked: "Registry cleaning - Do you want to clean the registry ?"; answer "Yes" by typing Y and press "Enter" in order to remove your desktop wallpaper and the infected registry keys.

The tool checks if wininet.dll file is infected. You might be asked to replace the infected .dll (if found); answer "Yes" by typing Y and press "Enter".

The tool might have to restart your computer; if it won't do it, restart your computer back to normal mode.
A textfile will appear after the cleaning process, copy this file and paste it to here.
Tha log is saved to your local diskdrive, usually C:\rapport.txt.

Warning : Running option 2 in a clean computer will delete your desktop wallpaper.


Scan hijack and send a fresh log and rapport.txt

[ + quote]
Jaa- ei tuollaasia spämmäreitä ookkaa -> tapiiri

http://www.virustorjunta.net/index.php
noviisori
Newbie
_ 		10. July 2006 @ 08:31 _ Link to this message    Send private message to this user   
Okay, and here are results..

SmitFraudFix v2.69

Scan done at 18:23:06,92, ma 10.07.2006
Run from C:\Documents and Settings\Aleksi M?enp??\SmitfraudFix
OS: Microsoft Windows XP [versio 5.1.2600] - Windows_NT
Fix ran in safe mode

»»»»»»»»»»»»»»»»»»»»»»»» Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Killing process


»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files

C:\WINDOWS\system32\atmclk.exe Deleted
C:\WINDOWS\system32\dcomcfg.exe Deleted
C:\WINDOWS\system32\hp???.tmp Deleted
C:\WINDOWS\system32\ld???.tmp Deleted
C:\WINDOWS\system32\regperf.exe Deleted
C:\WINDOWS\system32\simpole.tlb Deleted
C:\WINDOWS\system32\stdole3.tlb Deleted
C:\WINDOWS\system32\1024\ Deleted

»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files


»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

Registry Cleaning done.

»»»»»»»»»»»»»»»»»»»»»»»» After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» End
[ + quote]
tapiiri
Senior Member
_ 		10. July 2006 @ 08:34 _ Link to this message    Send private message to this user   
Hi noviisori

It's gone,

Please send a fresh hijack log too.
[ + quote]
Jaa- ei tuollaasia spämmäreitä ookkaa -> tapiiri

http://www.virustorjunta.net/index.php
noviisori
Newbie
_ 		10. July 2006 @ 08:35 _ Link to this message    Send private message to this user   
This should be right rapport...

Logfile of HijackThis v1.99.1
Scan saved at 19:33:48, on 10.7.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\F-Secure\Common\FSM32.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
F:\Pentax\DEVDET~1\DEVDET~1.EXE
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\LVComS.exe
C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\F-Secure\BackWeb\7681197\Program\BackWeb-7681197.exe
C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\F-Secure\Common\FSMA32.EXE
C:\Program Files\F-Secure\Common\FSMB32.EXE
C:\Program Files\F-Secure\Common\FCH32.EXE
C:\Program Files\F-Secure\Common\FAMEH32.EXE
C:\Program Files\F-Secure\Common\FNRB32.EXE
C:\Program Files\F-Secure\Common\FIH32.EXE
C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: AlxTB BHO - {F1FABE79-25FC-46de-8C5A-2C6DB9D64333} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [SBDrvDet] C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Camera Detector] F:\Pentax\DEVDET~1\DEVDET~1.EXE -autorun
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Steam] C:\Program Files\Valve\Steam\Steam.exe -silent
O4 - HKCU\..\Run: [WinMX] C:\Program Files\WinMX\WinMX.exe -m
O4 - HKCU\..\Run: [BitComet] "F:\Winmx\D'Accord Personal Guitarist 0.9\BitLord\BitLord.exe"
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Mail to a Friend... - http://client.alexa.com/holiday/script/actions/mailto.htm
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (file missing)
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=48835
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/cl...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: F-Secure BackWeb (BackWeb Client - 7681197) - Unknown owner - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: F-Secure BackWeb LAN Access - Unknown owner - C:\Program Files\F-Secure\BackWeb\7681197\Program\fsbwlan.exe
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE
O23 - Service: F-Secure Authentication Agent (FSAA) - F-Secure Corporation. All Rights Reserved. - C:\Program Files\F-Secure\Common\FSAA.EXE
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod-palvelu (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
[ + quote]
tapiiri
Senior Member
_ 		10. July 2006 @ 08:40 _ Link to this message    Send private message to this user   
Its clean.

-> Open Ewido Anti-Spyware
-> Click the Update icon at the top of the window
-> Click the Start update button
-> Wait for the update to download and install
-> Quit the program, we'll use this later.


Restart your computer to the safemode -> http://www.pchell.com/support/safemode.shtml

-> Open Ewido Anti-Spyware
-> Click the Scanner icon at the top of the window
-> Click the Settings tab then select Recommended Options and choose Quarantine
-> Click the Scan tab
-> Select Complete System Scan. The scanning begins.

-> When the scan has completed:
-> If infections were found you'll be prompted about what to do.
-> Please make sure that the Set all elements to is set to Quarantine (in downleft corner of the window)
-> Then press Apply all actions and answer yes to all if it asks about something
-> Click on the Save Scan Report button and save the scan to your Desktop.
-> Copy and paste the scan results into your next post-> Copy and paste the scan results into your next post
[ + quote]
Jaa- ei tuollaasia spämmäreitä ookkaa -> tapiiri

http://www.virustorjunta.net/index.php
noviisori
Newbie
_ 		10. July 2006 @ 08:51 _ Link to this message    Send private message to this user   
Here you are..

---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 19:24:59 10.7.2006

+ Scan result:



C:\Program Files\Microsoft AntiSpyware\Quarantine\3BB1F3C3-233F-42FC-A91B-141C41\857AF421-658F-48C9-9056-33DA5E -> Adware.180Solutions : No action taken.
C:\Program Files\Microsoft AntiSpyware\Quarantine\3BB1F3C3-233F-42FC-A91B-141C41\9D2BFC74-B59B-4539-8AC7-9E2E21 -> Adware.180Solutions : No action taken.
C:\Program Files\Microsoft AntiSpyware\Quarantine\3BB1F3C3-233F-42FC-A91B-141C41\E86B3630-7603-4160-B4A9-43A725 -> Adware.180Solutions : No action taken.
C:\Program Files\Microsoft AntiSpyware\Quarantine\3FD1D034-6699-404D-947B-5F383E\B4CA8CF4-5307-475B-ACAB-209B64 -> Adware.180Solutions : No action taken.
C:\Program Files\Microsoft AntiSpyware\Quarantine\3FD1D034-6699-404D-947B-5F383E\CE0AB8F8-09E8-4AE4-AB12-FEFACF -> Adware.180Solutions : No action taken.
C:\Program Files\Microsoft AntiSpyware\Quarantine\7BA833CE-28E4-4FD2-84C8-E8E3BD\5F7B3624-75E1-4576-93E5-D64E46 -> Adware.180Solutions : No action taken.
C:\Program Files\Microsoft AntiSpyware\Quarantine\7BA833CE-28E4-4FD2-84C8-E8E3BD\8B3AB77D-89C3-4CD8-A574-34C881 -> Adware.180Solutions : No action taken.
C:\Program Files\Microsoft AntiSpyware\Quarantine\7BA833CE-28E4-4FD2-84C8-E8E3BD\E5F5786B-024F-4F7B-8F54-84655F -> Adware.180Solutions : No action taken.
C:\Program Files\Microsoft AntiSpyware\Quarantine\9AF3059C-BFBE-429D-95AC-C95CD9\50B14169-1867-4BDA-B5B9-F3A0F7 -> Adware.180Solutions : No action taken.
C:\Program Files\Microsoft AntiSpyware\Quarantine\9AF3059C-BFBE-429D-95AC-C95CD9\8188796A-F033-4C57-B84F-2B4F0E -> Adware.180Solutions : No action taken.
HKLM\SOFTWARE\Classes\AlxTB.BHO.1 -> Adware.Alexa : No action taken.
HKLM\SOFTWARE\Classes\PopMenu.Menu.1 -> Adware.Alexa : No action taken.
HKLM\SOFTWARE\Classes\Popup.HTMLEvent -> Adware.Alexa : No action taken.
HKLM\SOFTWARE\Classes\Popup.HTMLEvent.1 -> Adware.Alexa : No action taken.
HKLM\SOFTWARE\Classes\Popup.HTMLEvent\CLSID -> Adware.Alexa : No action taken.
HKLM\SOFTWARE\Classes\Popup.HTMLEvent\CurVer -> Adware.Alexa : No action taken.
HKLM\SOFTWARE\Classes\Popup.PopupKiller.1 -> Adware.Alexa : No action taken.
HKU\S-1-5-21-602162358-1708537768-839522115-1003\Software\Microsoft\Internet Explorer\MenuExt\Mail to a Friend... -> Adware.Alexa : No action taken.
C:\Program Files\ISTsvc -> Adware.ISTBar : No action taken.
HKU\S-1-5-21-602162358-1708537768-839522115-1003\Software\IST -> Adware.ISTBar : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Käynnistä-valikko\Ohjelmat\Power Scan -> Adware.PowerScan : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Käynnistä-valikko\Ohjelmat\Power Scan\Power Scan.lnk -> Adware.PowerScan : No action taken.
C:\Program Files\Microsoft AntiSpyware\Quarantine\953EC633-33ED-46A0-AD22-3D0907\3CD88B3B-21D2-4A19-9166-0DB977 -> Adware.PowerScan : No action taken.
C:\Program Files\Microsoft AntiSpyware\Quarantine\953EC633-33ED-46A0-AD22-3D0907\E25E7EEB-747C-49FB-979A-EB33C0 -> Adware.PowerScan : No action taken.
HKLM\SOFTWARE\Clickspring -> Adware.PurityScan : No action taken.
C:\Program Files\Microsoft AntiSpyware\Quarantine\1A0B73AD-2C8C-4984-AE88-4D248F\1F770FAD-A1A4-4B09-852C-7536FD -> Adware.SurfAccuracy : No action taken.
C:\Program Files\Microsoft AntiSpyware\Quarantine\1A0B73AD-2C8C-4984-AE88-4D248F\71EFE223-E113-4255-809C-98E051 -> Adware.SurfAccuracy : No action taken.
C:\Program Files\Microsoft AntiSpyware\Quarantine\60772F2A-94A7-44DB-9A63-20BDF9\160BC03B-0BA6-4528-9FF5-5DC89A -> Adware.WinAD : No action taken.
C:\Program Files\Microsoft AntiSpyware\Quarantine\60772F2A-94A7-44DB-9A63-20BDF9\DCA77F9E-4F1A-4976-8C07-6AC46E -> Adware.WinAD : No action taken.
C:\Program Files\Microsoft AntiSpyware\Quarantine\60772F2A-94A7-44DB-9A63-20BDF9\F993E71F-EDE6-48DB-BCB9-0FD26D -> Adware.WinAD : No action taken.
C:\WINDOWS\system32\LC.exe -> Adware.WinAD : No action taken.
C:\Program Files\YourSiteBar -> Adware.YourSiteBar : No action taken.
:mozilla.277:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.247realmedia : No action taken.
:mozilla.278:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.247realmedia : No action taken.
:mozilla.136:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.83:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@112.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@2o7[2].txt -> TrackingCookie.2o7 : No action taken.
:mozilla.289:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Aavalue : No action taken.
:mozilla.290:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Aavalue : No action taken.
:mozilla.291:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Aavalue : No action taken.
:mozilla.292:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Aavalue : No action taken.
:mozilla.293:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Aavalue : No action taken.
:mozilla.294:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Aavalue : No action taken.
:mozilla.295:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Aavalue : No action taken.
:mozilla.296:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Aavalue : No action taken.
:mozilla.297:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Aavalue : No action taken.
:mozilla.298:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Aavalue : No action taken.
:mozilla.299:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Aavalue : No action taken.
:mozilla.300:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Aavalue : No action taken.
:mozilla.301:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Aavalue : No action taken.
:mozilla.251:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Adtech : No action taken.
:mozilla.252:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Adtech : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@adtech[2].txt -> TrackingCookie.Adtech : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Local Settings\Temp\Cookies\aleksi mäenpää@adtech[2].txt -> TrackingCookie.Adtech : No action taken.
:mozilla.131:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@advertising[1].txt -> TrackingCookie.Advertising : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@servedby.advertising[2].txt -> TrackingCookie.Advertising : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Local Settings\Temp\Cookies\aleksi mäenpää@advertising[1].txt -> TrackingCookie.Advertising : No action taken.
:mozilla.311:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Atdmt : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@atdmt[2].txt -> TrackingCookie.Atdmt : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Local Settings\Temp\Cookies\aleksi mäenpää@atdmt[2].txt -> TrackingCookie.Atdmt : No action taken.
:mozilla.26:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Burstnet : No action taken.
:mozilla.34:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Burstnet : No action taken.
:mozilla.35:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Burstnet : No action taken.
:mozilla.27:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.28:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.29:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.33:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.36:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@casalemedia[1].txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.84:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Clickbank : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@vip.clickzs[2].txt -> TrackingCookie.Clickzs : No action taken.
:mozilla.249:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Com : No action taken.
:mozilla.250:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Com : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@com[1].txt -> TrackingCookie.Com : No action taken.
:mozilla.62:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Doubleclick : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@doubleclick[1].txt -> TrackingCookie.Doubleclick : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Local Settings\Temp\Cookies\aleksi mäenpää@doubleclick[1].txt -> TrackingCookie.Doubleclick : No action taken.
:mozilla.176:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.177:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.178:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.179:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.30:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.31:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.32:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@fastclick[1].txt -> TrackingCookie.Fastclick : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@media.fastclick[1].txt -> TrackingCookie.Fastclick : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Local Settings\Temp\Cookies\aleksi mäenpää@fastclick[2].txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.87:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.95:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.157:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.158:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.222:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.223:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.224:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@ehg-globalgamingleague.hitbox[2].txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@ehg-hollywood.hitbox[2].txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@ehg-lookfantastic.hitbox[1].txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@ehg-nokiafin.hitbox[1].txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@hitbox[1].txt -> TrackingCookie.Hitbox : No action taken.
C:\WINDOWS\Temp\Cookies\aleksi mäenpää@ehg-backweb.hitbox[1].txt -> TrackingCookie.Hitbox : No action taken.
C:\WINDOWS\Temp\Cookies\aleksi mäenpää@hitbox[2].txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@hotlog[1].txt -> TrackingCookie.Hotlog : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@image.masterstats[1].txt -> TrackingCookie.Masterstats : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@mediaplex[1].txt -> TrackingCookie.Mediaplex : No action taken.
:mozilla.168:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Overture : No action taken.
:mozilla.169:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Overture : No action taken.
:mozilla.275:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Paycounter : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@paycounter[2].txt -> TrackingCookie.Paycounter : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@ads.pointroll[1].txt -> TrackingCookie.Pointroll : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Local Settings\Temp\Cookies\aleksi mäenpää@ads.pointroll[2].txt -> TrackingCookie.Pointroll : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@questionmarket[2].txt -> TrackingCookie.Questionmarket : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@ads1.revenue[1].txt -> TrackingCookie.Revenue : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@revenue[2].txt -> TrackingCookie.Revenue : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Local Settings\Temp\Cookies\aleksi mäenpää@edge.ru4[1].txt -> TrackingCookie.Ru4 : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@serving-sys[2].txt -> TrackingCookie.Serving-sys : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Local Settings\Temp\Cookies\aleksi mäenpää@serving-sys[2].txt -> TrackingCookie.Serving-sys : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@cs.sexcounter[2].txt -> TrackingCookie.Sexcounter : No action taken.
:mozilla.276:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Sexlist : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@sexlist[1].txt -> TrackingCookie.Sexlist : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@counter1.sextracker[1].txt -> TrackingCookie.Sextracker : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@counter11.sextracker[2].txt -> TrackingCookie.Sextracker : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@counter14.sextracker[1].txt -> TrackingCookie.Sextracker : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@counter16.sextracker[1].txt -> TrackingCookie.Sextracker : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@counter3.sextracker[1].txt -> TrackingCookie.Sextracker : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@counter4.sextracker[1].txt -> TrackingCookie.Sextracker : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@counter6.sextracker[1].txt -> TrackingCookie.Sextracker : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@counter8.sextracker[1].txt -> TrackingCookie.Sextracker : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@sextracker[2].txt -> TrackingCookie.Sextracker : No action taken.
:mozilla.63:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Smartadserver : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@adopt.specificclick[2].txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.73:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.74:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.75:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.76:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@statcounter[2].txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.173:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.174:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.175:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.20:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Tradedoubler : No action taken.
:mozilla.21:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Tradedoubler : No action taken.
:mozilla.22:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Tradedoubler : No action taken.
:mozilla.23:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Tradedoubler : No action taken.
:mozilla.24:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Tradedoubler : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Local Settings\Temp\Cookies\aleksi mäenpää@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : No action taken.
:mozilla.264:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.265:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.162:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : No action taken.
:mozilla.61:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Weborama : No action taken.
:mozilla.82:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Webtrendslive : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@statse.webtrendslive[1].txt -> TrackingCookie.Webtrendslive : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@yadro[1].txt -> TrackingCookie.Yadro : No action taken.
:mozilla.142:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.143:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.144:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.145:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.146:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.147:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.148:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.149:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.150:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.151:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : No action taken.
C:\Program Files\Media-codec -> Trojan.Small : No action taken.
C:\Program Files\Media-Codec\uninst.exe -> Trojan.Small : No action taken.
[ + quote]
tapiiri
Senior Member
_ 		10. July 2006 @ 08:56 _ Link to this message    Send private message to this user   
As you see ewido didn't delete those :(

Read instructions better and follow it once more time

[ + quote]
Jaa- ei tuollaasia spämmäreitä ookkaa -> tapiiri

http://www.virustorjunta.net/index.php
noviisori
Newbie
_ 		10. July 2006 @ 09:26 _ Link to this message    Send private message to this user   
Sorry, I was a bit careless. Now I've done everything right, I think..:)

---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 20:21:17 10.7.2006

+ Scan result:



C:\Program Files\Microsoft AntiSpyware\Quarantine\3BB1F3C3-233F-42FC-A91B-141C41\857AF421-658F-48C9-9056-33DA5E -> Adware.180Solutions : Cleaned with backup (quarantined).
C:\Program Files\Microsoft AntiSpyware\Quarantine\3BB1F3C3-233F-42FC-A91B-141C41\9D2BFC74-B59B-4539-8AC7-9E2E21 -> Adware.180Solutions : Cleaned with backup (quarantined).
C:\Program Files\Microsoft AntiSpyware\Quarantine\3BB1F3C3-233F-42FC-A91B-141C41\E86B3630-7603-4160-B4A9-43A725 -> Adware.180Solutions : Cleaned with backup (quarantined).
C:\Program Files\Microsoft AntiSpyware\Quarantine\3FD1D034-6699-404D-947B-5F383E\B4CA8CF4-5307-475B-ACAB-209B64 -> Adware.180Solutions : Cleaned with backup (quarantined).
C:\Program Files\Microsoft AntiSpyware\Quarantine\3FD1D034-6699-404D-947B-5F383E\CE0AB8F8-09E8-4AE4-AB12-FEFACF -> Adware.180Solutions : Cleaned with backup (quarantined).
C:\Program Files\Microsoft AntiSpyware\Quarantine\7BA833CE-28E4-4FD2-84C8-E8E3BD\5F7B3624-75E1-4576-93E5-D64E46 -> Adware.180Solutions : Cleaned with backup (quarantined).
C:\Program Files\Microsoft AntiSpyware\Quarantine\7BA833CE-28E4-4FD2-84C8-E8E3BD\8B3AB77D-89C3-4CD8-A574-34C881 -> Adware.180Solutions : Cleaned with backup (quarantined).
C:\Program Files\Microsoft AntiSpyware\Quarantine\7BA833CE-28E4-4FD2-84C8-E8E3BD\E5F5786B-024F-4F7B-8F54-84655F -> Adware.180Solutions : Cleaned with backup (quarantined).
C:\Program Files\Microsoft AntiSpyware\Quarantine\9AF3059C-BFBE-429D-95AC-C95CD9\50B14169-1867-4BDA-B5B9-F3A0F7 -> Adware.180Solutions : Cleaned with backup (quarantined).
C:\Program Files\Microsoft AntiSpyware\Quarantine\9AF3059C-BFBE-429D-95AC-C95CD9\8188796A-F033-4C57-B84F-2B4F0E -> Adware.180Solutions : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\AlxTB.BHO.1 -> Adware.Alexa : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\PopMenu.Menu.1 -> Adware.Alexa : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\Popup.HTMLEvent -> Adware.Alexa : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\Popup.HTMLEvent.1 -> Adware.Alexa : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\Popup.HTMLEvent\CLSID -> Adware.Alexa : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\Popup.HTMLEvent\CurVer -> Adware.Alexa : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\Popup.PopupKiller.1 -> Adware.Alexa : Cleaned with backup (quarantined).
HKU\S-1-5-21-602162358-1708537768-839522115-1003\Software\Microsoft\Internet Explorer\MenuExt\Mail to a Friend... -> Adware.Alexa : Cleaned with backup (quarantined).
C:\Program Files\ISTsvc -> Adware.ISTBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-602162358-1708537768-839522115-1003\Software\IST -> Adware.ISTBar : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Käynnistä-valikko\Ohjelmat\Power Scan -> Adware.PowerScan : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Käynnistä-valikko\Ohjelmat\Power Scan\Power Scan.lnk -> Adware.PowerScan : Cleaned with backup (quarantined).
C:\Program Files\Microsoft AntiSpyware\Quarantine\953EC633-33ED-46A0-AD22-3D0907\3CD88B3B-21D2-4A19-9166-0DB977 -> Adware.PowerScan : Cleaned with backup (quarantined).
C:\Program Files\Microsoft AntiSpyware\Quarantine\953EC633-33ED-46A0-AD22-3D0907\E25E7EEB-747C-49FB-979A-EB33C0 -> Adware.PowerScan : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Clickspring -> Adware.PurityScan : Cleaned with backup (quarantined).
C:\Program Files\Microsoft AntiSpyware\Quarantine\1A0B73AD-2C8C-4984-AE88-4D248F\1F770FAD-A1A4-4B09-852C-7536FD -> Adware.SurfAccuracy : Cleaned with backup (quarantined).
C:\Program Files\Microsoft AntiSpyware\Quarantine\1A0B73AD-2C8C-4984-AE88-4D248F\71EFE223-E113-4255-809C-98E051 -> Adware.SurfAccuracy : Cleaned with backup (quarantined).
C:\Program Files\Microsoft AntiSpyware\Quarantine\60772F2A-94A7-44DB-9A63-20BDF9\160BC03B-0BA6-4528-9FF5-5DC89A -> Adware.WinAD : Cleaned with backup (quarantined).
C:\Program Files\Microsoft AntiSpyware\Quarantine\60772F2A-94A7-44DB-9A63-20BDF9\DCA77F9E-4F1A-4976-8C07-6AC46E -> Adware.WinAD : Cleaned with backup (quarantined).
C:\Program Files\Microsoft AntiSpyware\Quarantine\60772F2A-94A7-44DB-9A63-20BDF9\F993E71F-EDE6-48DB-BCB9-0FD26D -> Adware.WinAD : Cleaned with backup (quarantined).
C:\WINDOWS\system32\LC.exe -> Adware.WinAD : Cleaned with backup (quarantined).
C:\Program Files\YourSiteBar -> Adware.YourSiteBar : Cleaned with backup (quarantined).
C:\Program Files\Microsoft AntiSpyware\Quarantine\A4AAB261-7F12-4236-A750-05B6A1\5BCB4EF9-0166-48E0-9F3E-4B2ED4 -> Downloader.IstBar.jm : Cleaned with backup (quarantined).
C:\WINDOWS\MrDrej.exe -> Dropper.Agent.kd : Cleaned with backup (quarantined).
:mozilla.284:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup (quarantined).
:mozilla.285:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup (quarantined).
:mozilla.143:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.92:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@2o7[2].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.296:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup (quarantined).
:mozilla.297:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup (quarantined).
:mozilla.298:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup (quarantined).
:mozilla.299:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup (quarantined).
:mozilla.300:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup (quarantined).
:mozilla.301:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup (quarantined).
:mozilla.302:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup (quarantined).
:mozilla.303:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup (quarantined).
:mozilla.304:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup (quarantined).
:mozilla.305:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup (quarantined).
:mozilla.306:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup (quarantined).
:mozilla.307:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup (quarantined).
:mozilla.308:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup (quarantined).
:mozilla.258:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup (quarantined).
:mozilla.259:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@adtech[2].txt -> TrackingCookie.Adtech : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Local Settings\Temp\Cookies\aleksi mäenpää@adtech[2].txt -> TrackingCookie.Adtech : Cleaned with backup (quarantined).
:mozilla.31:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
:mozilla.32:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@advertising[1].txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@servedby.advertising[2].txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Local Settings\Temp\Cookies\aleksi mäenpää@advertising[1].txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
:mozilla.317:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Local Settings\Temp\Cookies\aleksi mäenpää@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined).
:mozilla.53:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup (quarantined).
:mozilla.61:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup (quarantined).
:mozilla.62:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup (quarantined).
:mozilla.54:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
:mozilla.55:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
:mozilla.56:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
:mozilla.60:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
:mozilla.63:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@casalemedia[1].txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
:mozilla.93:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Clickbank : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@vip.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned with backup (quarantined).
:mozilla.256:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup (quarantined).
:mozilla.257:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@com[1].txt -> TrackingCookie.Com : Cleaned with backup (quarantined).
:mozilla.38:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Local Settings\Temp\Cookies\aleksi mäenpää@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined).
:mozilla.183:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
:mozilla.184:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
:mozilla.185:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
:mozilla.186:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
:mozilla.57:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
:mozilla.58:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
:mozilla.59:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@fastclick[1].txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@media.fastclick[1].txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Local Settings\Temp\Cookies\aleksi mäenpää@fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
:mozilla.104:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup (quarantined).
:mozilla.96:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup (quarantined).
:mozilla.164:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.165:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.229:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.230:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.231:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@ehg-globalgamingleague.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@ehg-hollywood.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@ehg-lookfantastic.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@ehg-nokiafin.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\Cookies\aleksi mäenpää@ehg-backweb.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\Cookies\aleksi mäenpää@hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@hotlog[1].txt -> TrackingCookie.Hotlog : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@image.masterstats[1].txt -> TrackingCookie.Masterstats : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned with backup (quarantined).
:mozilla.175:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup (quarantined).
:mozilla.176:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup (quarantined).
:mozilla.282:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Paycounter : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@paycounter[2].txt -> TrackingCookie.Paycounter : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Local Settings\Temp\Cookies\aleksi mäenpää@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@questionmarket[2].txt -> TrackingCookie.Questionmarket : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@ads1.revenue[1].txt -> TrackingCookie.Revenue : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@revenue[2].txt -> TrackingCookie.Revenue : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Local Settings\Temp\Cookies\aleksi mäenpää@edge.ru4[1].txt -> TrackingCookie.Ru4 : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Local Settings\Temp\Cookies\aleksi mäenpää@serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@cs.sexcounter[2].txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
:mozilla.283:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@sexlist[1].txt -> TrackingCookie.Sexlist : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@counter1.sextracker[1].txt -> TrackingCookie.Sextracker : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@counter11.sextracker[2].txt -> TrackingCookie.Sextracker : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@counter14.sextracker[1].txt -> TrackingCookie.Sextracker : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@counter16.sextracker[1].txt -> TrackingCookie.Sextracker : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@counter3.sextracker[1].txt -> TrackingCookie.Sextracker : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@counter4.sextracker[1].txt -> TrackingCookie.Sextracker : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@counter6.sextracker[1].txt -> TrackingCookie.Sextracker : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@counter8.sextracker[1].txt -> TrackingCookie.Sextracker : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@sextracker[2].txt -> TrackingCookie.Sextracker : Cleaned with backup (quarantined).
:mozilla.72:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@adopt.specificclick[2].txt -> TrackingCookie.Specificclick : Cleaned with backup (quarantined).
:mozilla.82:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.83:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.84:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.85:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@statcounter[2].txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.180:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).
:mozilla.181:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).
:mozilla.182:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).
:mozilla.34:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
:mozilla.35:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
:mozilla.36:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
:mozilla.37:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
:mozilla.39:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Local Settings\Temp\Cookies\aleksi mäenpää@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
:mozilla.271:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup (quarantined).
:mozilla.272:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup (quarantined).
:mozilla.169:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
:mozilla.71:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Weborama : Cleaned with backup (quarantined).
:mozilla.91:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@statse.webtrendslive[1].txt -> TrackingCookie.Webtrendslive : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@yadro[1].txt -> TrackingCookie.Yadro : Cleaned with backup (quarantined).
:mozilla.149:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.150:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.151:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.152:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.153:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.154:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.155:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.156:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.157:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.158:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
C:\Program Files\Media-codec -> Trojan.Small : Cleaned with backup (quarantined).
C:\Program Files\Media-Codec\uninst.exe -> Trojan.Small : Cleaned with backup (quarantined).


::Report end
[ + quote]
noviisori
Newbie
_ 		10. July 2006 @ 09:54 _ Link to this message    Send private message to this user   
I think my comp is clean now. Thank you very much, you're awesome.
[ + quote]
tapiiri
Senior Member
_ 		10. July 2006 @ 11:53 _ Link to this message    Send private message to this user   
You're welcome, its clean
[ + quote]
Jaa- ei tuollaasia spämmäreitä ookkaa -> tapiiri

http://www.virustorjunta.net/index.php
aw_yf
Newbie
_ 		16. August 2006 @ 07:44 _ Link to this message    Send private message to this user   
hi tapiiri

can you take a look at this HijackThis log? there seems to be a problem. had a sdbot.mhh trojan and the system is shutting down message. Can't solve.

Logfile of HijackThis v1.99.1
Scan saved at 11:40:07 PM, on 8/16/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Free\avgwb.dat
C:\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.singnet.com.sg/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.ntu.edu.sg:8080
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SiS Tray] C:\WINDOWS\System32\sistray.EXE
O4 - HKLM\..\Run: [Chrontel TV] C:\WINDOWS\System32\ch_utility.exe
O4 - HKLM\..\Run: [SiS KHooker] C:\WINDOWS\System32\khooker.exe
O4 - HKLM\..\Run: [SoundMan] soundman.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: WinZIP Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O4 - Global Startup: Wireless-G Notebook Adapter.lnk = C:\Program Files\Linksys\Wireless-G Notebook Adapter\Gcc.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcins...
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: NICSer_WPC54G - Unknown owner - C:\Program Files\Linksys\Wireless-G Notebook Adapter\NICServ.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
[ + quote]
tapiiri
Senior Member
_ 		16. August 2006 @ 11:21 _ Link to this message    Send private message to this user   
Hi,

Start comp normally.

Click Start > run > type "shutdown -a" and click ok


Download eScan to your desktop -> http://www.spywareinfo.dk/download/mwav.exe
Run the file mwav.exe and unzip it to its default location, C:\Kaspersky

1. Updating the scanner (close the eScan window if open)
-> Go to My Computer
-> C:\
-> Kaspersky
-> Run the file kavupd.exe, it starts downloading updates
-> When downloading is finished, go to C:\Downloads
-> Copy all the files in the Downloads folder by pressing CTRL+A and then CTRL+C
-> Then go back to the C:\Kaspersky folder and paste the files by pressing CTRL+V
-> Answer Yes to all when it asks about replacing files
-> Now the scanner has been updated

2. Scanner settings
-> Go to folder C:\Kaspersky and run the file mwavscan.com (or mwavscan.exe)
-> The scanner window opens
-> Select the same settings than in this picture -> http://koti.mbnet.fi/pattaya1/eScan6.jpg
-> When ready, press the Scan Clean button
-> Scanning for infections begins

3. Posting the results
-> When the scan has finished (scan may take a quite long time), you'll need to post the findings
-> Copy all the text in this field -> http://koti.mbnet.fi/pattaya1/eScan10.jpg
-> Click the field, press CTRL+A, CTRL+C
-> Then open Notepad and paste the findings into a new document by pressing CTRL+V
-> Save the document to your desktop
-> Post the contents of that textfile to here
[ + quote]
Jaa- ei tuollaasia spämmäreitä ookkaa -> tapiiri

http://www.virustorjunta.net/index.php
aw_yf
Newbie
_ 		17. August 2006 @ 07:50 _ Link to this message    Send private message to this user   
hi.

downloaded the scanner. Anw my version only has the option to "scan clean" unlike wad is shown on the snapshot http://koti.mbnet.fi/pattaya1/eScan6.jpg
So do i proceed? or i did not update properly?

YF
[ + quote]
aw_yf
Newbie
_ 		17. August 2006 @ 08:51 _ Link to this message    Send private message to this user   
here is the log from the scan...

File C:\Documents and Settings\Ho Su Liang\Desktop\SmitfraudFix.zip tagged as not-a-virus:RiskTool.Win32.Reboot.f. No Action Taken.
File C:\Documents and Settings\Ho Su Liang\Desktop\SmitfraudFix\Reboot.exe tagged as not-a-virus:RiskTool.Win32.Reboot.f. No Action Taken.
File C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2EA04DCE infected by "Email-Worm.Win32.NetSky.q" Virus. Action Taken: File Deleted.
File C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\30970FA4 infected by "Email-Worm.Win32.NetSky.r" Virus. Action Taken: File Deleted.
File C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\31680EBE infected by "Email-Worm.Win32.NetSky.r" Virus. Action Taken: File Deleted.
File C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\32740198 infected by "Email-Worm.Win32.NetSky.r" Virus. Action Taken: File Deleted.
File C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\60FE6E8A infected by "Email-Worm.Win32.NetSky.d" Virus. Action Taken: File Deleted.
File C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\619823E1 infected by "Email-Worm.Win32.NetSky.q" Virus. Action Taken: File Deleted.
File C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\4D8100F3 infected by "Trojan.Win32.Spooner.f" Virus. Action Taken: File Deleted.
File C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\4D842AEF infected by "Trojan.Win32.Spooner.f" Virus. Action Taken: File Deleted.
[ + quote]
tapiiri
Senior Member
_ 		17. August 2006 @ 13:09 _ Link to this message    Send private message to this user   
Hi aw_yf

I dont see that virus in your hijack log.

Escan log is okei, too

What inform you that there is sdbot.mhh trojan
And what is files name and its path ?
[ + quote]
Jaa- ei tuollaasia spämmäreitä ookkaa -> tapiiri

http://www.virustorjunta.net/index.php

This message has been edited since posting. Last time this message was edited on 17. August 2006 @ 13:10
aw_yf
Newbie
_ 		17. August 2006 @ 16:23 _ Link to this message    Send private message to this user   
hi,

ya i'm puzzled as well. I did ACG scan and the result was no infected files. However, I do get AVG pop up "Virus Alert" saying that the file reg32sys.exe is infected with the backdoor.sdbot.mhh trojan.

In addition when i connected to the internet, I also get the pop up "the windows is shutting down...." and the file is the lsass.exe.

YF
[ + quote]
tapiiri
Senior Member
_ 		18. August 2006 @ 03:03 _ Link to this message    Send private message to this user   
Find and delete if exist:

reg32sys.exe


[ + quote]
Jaa- ei tuollaasia spämmäreitä ookkaa -> tapiiri

http://www.virustorjunta.net/index.php
aw_yf
Newbie
_ 		18. August 2006 @ 06:36 _ Link to this message    Send private message to this user   
and?
[ + quote]
Advertisement
_ 		__
 
_
tapiiri
Senior Member
_ 		20. August 2006 @ 04:05 _ Link to this message    Send private message to this user   
Please send a fresh hijacklog
[ + quote]
Jaa- ei tuollaasia spämmäreitä ookkaa -> tapiiri

http://www.virustorjunta.net/index.php
 
Page:< Previous12
afterdawn.com > forums > software, operating systems and more > windows - virus and spyware problems > urgent!! help needed for w32.myzor.fk@yf
 

Digital video: AfterDawn.com | AfterDawn Forums
Music: MP3Lizard.com
Gaming: Blasteroids.com | Blasteroids Forums | Compare game prices
Software: Software downloads
Blogs: User profile pages
RSS feeds: AfterDawn.com News | Software updates | AfterDawn Forums
International: AfterDawn in Finnish | AfterDawn in Swedish | AfterDawn in Norwegian | download.fi
Navigate: Search | Site map
About us: About AfterDawn Ltd | Advertise on our sites | Rules, Restrictions, Legal disclaimer & Privacy policy
Contact us: Send feedback | Contact our media sales team
 
  © 1999-2025 by AfterDawn Ltd.

  IDG TechNetwork