Urgent!! Help needed for w32.Myzor.Fk@yf

Okei , you can shutdown several programs from startup:

Choose follow list what can shutdown


O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

Two ways to shutdown Fix by hijack

Or Clock Start > run > type in the box msconfig and click ok.

Go to startup sheet and unmark them. Then click "use" and close and boot comp.

 

hi,
think you looking at the wrong log. the log of my laptop here again:
(anw time for me to sleep. Will continue to work on my laptop again tmr. please advise on wad i can do thanks a million!!)

Logfile of HijackThis v1.99.1
Scan saved at 12:57:20 AM, on 5/07/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\KeyboardSurrogate.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\Empowering Technology\admServ.exe
C:\WINDOWS\SYSTEM32\WISPTIS.EXE
C:\WINDOWS\System32\tabbtnu.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\TCServer.exe
c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\TabTip.exe
C:\Acer\Empowering Technology\eRecovery\Monitor.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Acer\Empowering Technology\admtray.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\acer\Empowering Technology\ePower\epm-dm.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Acer\Soft Button\tabletpc.exe
C:\Program Files\Protector Suite QL\menusw.exe
C:\Program Files\Hewlett-Packard\HP PrecisionScan\PrecisionScan Pro\hplamp.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\HJT\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [TabletWizard] C:\WINDOWS\help\SplshWrp.exe
O4 - HKLM\..\Run: [TabletTip] "C:\Program Files\Common Files\microsoft shared\ink\tabtip.exe" /resume
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Snippet] "C:\Program Files\Microsoft Experience Pack\Snipping Tool\SnippingTool.exe" /i
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe"
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [EPM-DM] c:\acer\Empowering Technology\ePower\epm-dm.exe
O4 - HKLM\..\Run: [Acer ePower Management] C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE
O4 - HKLM\..\Run: [AcerSoftButton] C:\Acer\Soft Button\tabletpc.exe
O4 - HKLM\..\Run: [Biomenu] "C:\Program Files\Protector Suite QL\menusw.exe"
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [HP Lamp] "C:\Program Files\Hewlett-Packard\HP PrecisionScan\PrecisionScan Pro\hplamp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Sample Toolband Serach - res://C:\WINDOWS\system32\ToolBand.dll/MENUSEARCH.HTM
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Trend Micro ActiveX Scan Agent 6.5) - http://eu-housecall.trendmicro-europe.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,1,0,4795/mcfscan.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: loginkey - C:\Program Files\Common Files\Microsoft Shared\Ink\loginkey.dll
O20 - Winlogon Notify: psfus - C:\WINDOWS\SYSTEM32\fusstub.dll
O20 - Winlogon Notify: TabBtnWL - C:\WINDOWS\SYSTEM32\TabBtnWL.dll
O20 - Winlogon Notify: tpgwlnotify - C:\WINDOWS\SYSTEM32\tpgwlnot.dll
O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

 

Here is link:

http://www.castlecops.com/StartupList.html

Copy files name listed above one at time: There you paste in box and search. You get result is it necessary in startup. However You should know what components is in your laptop.



O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [TabletWizard] C:\WINDOWS\help\SplshWrp.exe
O4 - HKLM\..\Run: [TabletTip] "C:\Program Files\Common Files\microsoft shared\ink\tabtip.exe" /resume
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Snippet] "C:\Program Files\Microsoft Experience Pack\Snipping Tool\SnippingTool.exe" /i
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe"
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [EPM-DM] c:\acer\Empowering Technology\ePower\epm-dm.exe
O4 - HKLM\..\Run: [Acer ePower Management] C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE
O4 - HKLM\..\Run: [AcerSoftButton] C:\Acer\Soft Button\tabletpc.exe
O4 - HKLM\..\Run: [Biomenu] "C:\Program Files\Protector Suite QL\menusw.exe"
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [HP Lamp] "C:\Program Files\Hewlett-Packard\HP PrecisionScan\PrecisionScan Pro\hplamp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe


I'll think that yours laptop will be faster if you shutdown half programs off list .

 

hey,

Thanks for all the input. I check through the list and think they are the programmes that used to run initially. Did some registry cleaning using some downloaded software, it was faster but still not as fast.

Anyway, think it's the problem of windows now and not with spyware or malware. Thanks so much for the suuport and patience and timely replies.

 

You're welcome

 

Hello Tapiiri
Sama ongelma täälläkin.Suomalaisia ohjeita asian korjaamiseksi ei näytä löytyvän, joten luotan apuusi.
Logfile of HijackThis v1.99.1
Scan saved at 17:48:19, on 10.7.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\atmclk.exe
C:\WINDOWS\system32\dcomcfg.exe
C:\Program Files\F-Secure\Common\FSM32.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
F:\Pentax\DEVDET~1\DEVDET~1.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\F-Secure\BackWeb\7681197\Program\BackWeb-7681197.exe
C:\WINDOWS\system32\LVComS.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\F-Secure\Common\FSMA32.EXE
C:\Program Files\F-Secure\Common\FSMB32.EXE
C:\Program Files\F-Secure\Common\FCH32.EXE
C:\Program Files\F-Secure\Common\FAMEH32.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
O2 - BHO: (no name) - {5f4c3d09-b3b9-4f88-aa82-31332fee1c08} - C:\WINDOWS\system32\hp100.tmp
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: AlxTB BHO - {F1FABE79-25FC-46de-8C5A-2C6DB9D64333} - C:\WINDOWS\system32\AlxTB1.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [SBDrvDet] C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Camera Detector] F:\Pentax\DEVDET~1\DEVDET~1.EXE -autorun
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Steam] C:\Program Files\Valve\Steam\Steam.exe -silent
O4 - HKCU\..\Run: [WinMX] C:\Program Files\WinMX\WinMX.exe -m
O4 - HKCU\..\Run: [BitComet] "F:\Winmx\D'Accord Personal Guitarist 0.9\BitLord\BitLord.exe"
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Mail to a Friend... - http://client.alexa.com/holiday/script/actions/mailto.htm
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (file missing)
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=48835
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1121787637795
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: F-Secure BackWeb (BackWeb Client - 7681197) - Unknown owner - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: F-Secure BackWeb LAN Access - Unknown owner - C:\Program Files\F-Secure\BackWeb\7681197\Program\fsbwlan.exe
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE
O23 - Service: F-Secure Authentication Agent (FSAA) - F-Secure Corporation. All Rights Reserved. - C:\Program Files\F-Secure\Common\FSAA.EXE
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod-palvelu (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

 

Tässä toinen osio. Can You help me?

SmitFraudFix v2.69

Scan done at 17:51:45,64, ma 10.07.2006
Run from C:\Documents and Settings\Aleksi M„enp„„\SmitfraudFix
OS: Microsoft Windows XP [versio 5.1.2600] - Windows_NT
Fix ran in normal mode

»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32

C:\WINDOWS\system32\atmclk.exe FOUND !
C:\WINDOWS\system32\dcomcfg.exe FOUND !
C:\WINDOWS\system32\hp???.tmp FOUND !
C:\WINDOWS\system32\hp????.tmp FOUND !
C:\WINDOWS\system32\ld???.tmp FOUND !
C:\WINDOWS\system32\ld????.tmp FOUND !
C:\WINDOWS\system32\regperf.exe FOUND !
C:\WINDOWS\system32\simpole.tlb FOUND !
C:\WINDOWS\system32\stdole3.tlb FOUND !
C:\WINDOWS\system32\1024\ FOUND !

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Aleksi M„enp„„\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Start Menu


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\ALEKSI~1\Suosikit


»»»»»»»»»»»»»»»»»»»»»»»» Desktop

C:\DOCUME~1\ALLUSE~1\TYPYT~1\Security Troubleshooting.url FOUND !

»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys


»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Nykyinen kotisivu"


»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Scanning wininet.dll infection


»»»»»»»»»»»»»»»»»»»»»»»» End

 

Prkle noviisori

Suomen virustorjunta.net löytyy kyllä apua. Linkki allekirjoituksessa

Koitas noita, en rupea niitä täällä suomeksi antamaan

Restart your computer to the safemode -> http://www.pchell.com/support/safemode.shtml

When in safemode, open SmitfraudFix folder and doubleclick the file smitfraudfix.cmd
Choose option #2 - Clean by typing 2 and pressing "Enter" in order to remove the infected files.

You are asked: "Registry cleaning - Do you want to clean the registry ?"; answer "Yes" by typing Y and press "Enter" in order to remove your desktop wallpaper and the infected registry keys.

The tool checks if wininet.dll file is infected. You might be asked to replace the infected .dll (if found); answer "Yes" by typing Y and press "Enter".

The tool might have to restart your computer; if it won't do it, restart your computer back to normal mode.
A textfile will appear after the cleaning process, copy this file and paste it to here.
Tha log is saved to your local diskdrive, usually C:\rapport.txt.

Warning : Running option 2 in a clean computer will delete your desktop wallpaper.


Scan hijack and send a fresh log and rapport.txt

 

Okay, and here are results..

SmitFraudFix v2.69

Scan done at 18:23:06,92, ma 10.07.2006
Run from C:\Documents and Settings\Aleksi M„enp„„\SmitfraudFix
OS: Microsoft Windows XP [versio 5.1.2600] - Windows_NT
Fix ran in safe mode

»»»»»»»»»»»»»»»»»»»»»»»» Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Killing process


»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files

C:\WINDOWS\system32\atmclk.exe Deleted
C:\WINDOWS\system32\dcomcfg.exe Deleted
C:\WINDOWS\system32\hp???.tmp Deleted
C:\WINDOWS\system32\ld???.tmp Deleted
C:\WINDOWS\system32\regperf.exe Deleted
C:\WINDOWS\system32\simpole.tlb Deleted
C:\WINDOWS\system32\stdole3.tlb Deleted
C:\WINDOWS\system32\1024\ Deleted

»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files


»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

Registry Cleaning done.

»»»»»»»»»»»»»»»»»»»»»»»» After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» End

 

Hi noviisori

It's gone,

Please send a fresh hijack log too.

 

This should be right rapport...

Logfile of HijackThis v1.99.1
Scan saved at 19:33:48, on 10.7.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\F-Secure\Common\FSM32.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
F:\Pentax\DEVDET~1\DEVDET~1.EXE
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\LVComS.exe
C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\F-Secure\BackWeb\7681197\Program\BackWeb-7681197.exe
C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\F-Secure\Common\FSMA32.EXE
C:\Program Files\F-Secure\Common\FSMB32.EXE
C:\Program Files\F-Secure\Common\FCH32.EXE
C:\Program Files\F-Secure\Common\FAMEH32.EXE
C:\Program Files\F-Secure\Common\FNRB32.EXE
C:\Program Files\F-Secure\Common\FIH32.EXE
C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: AlxTB BHO - {F1FABE79-25FC-46de-8C5A-2C6DB9D64333} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [SBDrvDet] C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Camera Detector] F:\Pentax\DEVDET~1\DEVDET~1.EXE -autorun
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Steam] C:\Program Files\Valve\Steam\Steam.exe -silent
O4 - HKCU\..\Run: [WinMX] C:\Program Files\WinMX\WinMX.exe -m
O4 - HKCU\..\Run: [BitComet] "F:\Winmx\D'Accord Personal Guitarist 0.9\BitLord\BitLord.exe"
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Mail to a Friend... - http://client.alexa.com/holiday/script/actions/mailto.htm
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (file missing)
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=48835
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1121787637795
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: F-Secure BackWeb (BackWeb Client - 7681197) - Unknown owner - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: F-Secure BackWeb LAN Access - Unknown owner - C:\Program Files\F-Secure\BackWeb\7681197\Program\fsbwlan.exe
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE
O23 - Service: F-Secure Authentication Agent (FSAA) - F-Secure Corporation. All Rights Reserved. - C:\Program Files\F-Secure\Common\FSAA.EXE
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod-palvelu (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

 

Its clean.

-> Open Ewido Anti-Spyware
-> Click the Update icon at the top of the window
-> Click the Start update button
-> Wait for the update to download and install
-> Quit the program, we'll use this later.


Restart your computer to the safemode -> http://www.pchell.com/support/safemode.shtml

-> Open Ewido Anti-Spyware
-> Click the Scanner icon at the top of the window
-> Click the Settings tab then select Recommended Options and choose Quarantine
-> Click the Scan tab
-> Select Complete System Scan. The scanning begins.

-> When the scan has completed:
-> If infections were found you'll be prompted about what to do.
-> Please make sure that the Set all elements to is set to Quarantine (in downleft corner of the window)
-> Then press Apply all actions and answer yes to all if it asks about something
-> Click on the Save Scan Report button and save the scan to your Desktop.
-> Copy and paste the scan results into your next post-> Copy and paste the scan results into your next post

 

Here you are..

---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 19:24:59 10.7.2006

+ Scan result:



C:\Program Files\Microsoft AntiSpyware\Quarantine\3BB1F3C3-233F-42FC-A91B-141C41\857AF421-658F-48C9-9056-33DA5E -> Adware.180Solutions : No action taken.
C:\Program Files\Microsoft AntiSpyware\Quarantine\3BB1F3C3-233F-42FC-A91B-141C41\9D2BFC74-B59B-4539-8AC7-9E2E21 -> Adware.180Solutions : No action taken.
C:\Program Files\Microsoft AntiSpyware\Quarantine\3BB1F3C3-233F-42FC-A91B-141C41\E86B3630-7603-4160-B4A9-43A725 -> Adware.180Solutions : No action taken.
C:\Program Files\Microsoft AntiSpyware\Quarantine\3FD1D034-6699-404D-947B-5F383E\B4CA8CF4-5307-475B-ACAB-209B64 -> Adware.180Solutions : No action taken.
C:\Program Files\Microsoft AntiSpyware\Quarantine\3FD1D034-6699-404D-947B-5F383E\CE0AB8F8-09E8-4AE4-AB12-FEFACF -> Adware.180Solutions : No action taken.
C:\Program Files\Microsoft AntiSpyware\Quarantine\7BA833CE-28E4-4FD2-84C8-E8E3BD\5F7B3624-75E1-4576-93E5-D64E46 -> Adware.180Solutions : No action taken.
C:\Program Files\Microsoft AntiSpyware\Quarantine\7BA833CE-28E4-4FD2-84C8-E8E3BD\8B3AB77D-89C3-4CD8-A574-34C881 -> Adware.180Solutions : No action taken.
C:\Program Files\Microsoft AntiSpyware\Quarantine\7BA833CE-28E4-4FD2-84C8-E8E3BD\E5F5786B-024F-4F7B-8F54-84655F -> Adware.180Solutions : No action taken.
C:\Program Files\Microsoft AntiSpyware\Quarantine\9AF3059C-BFBE-429D-95AC-C95CD9\50B14169-1867-4BDA-B5B9-F3A0F7 -> Adware.180Solutions : No action taken.
C:\Program Files\Microsoft AntiSpyware\Quarantine\9AF3059C-BFBE-429D-95AC-C95CD9\8188796A-F033-4C57-B84F-2B4F0E -> Adware.180Solutions : No action taken.
HKLM\SOFTWARE\Classes\AlxTB.BHO.1 -> Adware.Alexa : No action taken.
HKLM\SOFTWARE\Classes\PopMenu.Menu.1 -> Adware.Alexa : No action taken.
HKLM\SOFTWARE\Classes\Popup.HTMLEvent -> Adware.Alexa : No action taken.
HKLM\SOFTWARE\Classes\Popup.HTMLEvent.1 -> Adware.Alexa : No action taken.
HKLM\SOFTWARE\Classes\Popup.HTMLEvent\CLSID -> Adware.Alexa : No action taken.
HKLM\SOFTWARE\Classes\Popup.HTMLEvent\CurVer -> Adware.Alexa : No action taken.
HKLM\SOFTWARE\Classes\Popup.PopupKiller.1 -> Adware.Alexa : No action taken.
HKU\S-1-5-21-602162358-1708537768-839522115-1003\Software\Microsoft\Internet Explorer\MenuExt\Mail to a Friend... -> Adware.Alexa : No action taken.
C:\Program Files\ISTsvc -> Adware.ISTBar : No action taken.
HKU\S-1-5-21-602162358-1708537768-839522115-1003\Software\IST -> Adware.ISTBar : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Käynnistä-valikko\Ohjelmat\Power Scan -> Adware.PowerScan : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Käynnistä-valikko\Ohjelmat\Power Scan\Power Scan.lnk -> Adware.PowerScan : No action taken.
C:\Program Files\Microsoft AntiSpyware\Quarantine\953EC633-33ED-46A0-AD22-3D0907\3CD88B3B-21D2-4A19-9166-0DB977 -> Adware.PowerScan : No action taken.
C:\Program Files\Microsoft AntiSpyware\Quarantine\953EC633-33ED-46A0-AD22-3D0907\E25E7EEB-747C-49FB-979A-EB33C0 -> Adware.PowerScan : No action taken.
HKLM\SOFTWARE\Clickspring -> Adware.PurityScan : No action taken.
C:\Program Files\Microsoft AntiSpyware\Quarantine\1A0B73AD-2C8C-4984-AE88-4D248F\1F770FAD-A1A4-4B09-852C-7536FD -> Adware.SurfAccuracy : No action taken.
C:\Program Files\Microsoft AntiSpyware\Quarantine\1A0B73AD-2C8C-4984-AE88-4D248F\71EFE223-E113-4255-809C-98E051 -> Adware.SurfAccuracy : No action taken.
C:\Program Files\Microsoft AntiSpyware\Quarantine\60772F2A-94A7-44DB-9A63-20BDF9\160BC03B-0BA6-4528-9FF5-5DC89A -> Adware.WinAD : No action taken.
C:\Program Files\Microsoft AntiSpyware\Quarantine\60772F2A-94A7-44DB-9A63-20BDF9\DCA77F9E-4F1A-4976-8C07-6AC46E -> Adware.WinAD : No action taken.
C:\Program Files\Microsoft AntiSpyware\Quarantine\60772F2A-94A7-44DB-9A63-20BDF9\F993E71F-EDE6-48DB-BCB9-0FD26D -> Adware.WinAD : No action taken.
C:\WINDOWS\system32\LC.exe -> Adware.WinAD : No action taken.
C:\Program Files\YourSiteBar -> Adware.YourSiteBar : No action taken.
:mozilla.277:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.247realmedia : No action taken.
:mozilla.278:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.247realmedia : No action taken.
:mozilla.136:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.83:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@112.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@2o7[2].txt -> TrackingCookie.2o7 : No action taken.
:mozilla.289:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Aavalue : No action taken.
:mozilla.290:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Aavalue : No action taken.
:mozilla.291:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Aavalue : No action taken.
:mozilla.292:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Aavalue : No action taken.
:mozilla.293:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Aavalue : No action taken.
:mozilla.294:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Aavalue : No action taken.
:mozilla.295:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Aavalue : No action taken.
:mozilla.296:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Aavalue : No action taken.
:mozilla.297:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Aavalue : No action taken.
:mozilla.298:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Aavalue : No action taken.
:mozilla.299:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Aavalue : No action taken.
:mozilla.300:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Aavalue : No action taken.
:mozilla.301:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Aavalue : No action taken.
:mozilla.251:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Adtech : No action taken.
:mozilla.252:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Adtech : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@adtech[2].txt -> TrackingCookie.Adtech : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Local Settings\Temp\Cookies\aleksi mäenpää@adtech[2].txt -> TrackingCookie.Adtech : No action taken.
:mozilla.131:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@advertising[1].txt -> TrackingCookie.Advertising : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@servedby.advertising[2].txt -> TrackingCookie.Advertising : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Local Settings\Temp\Cookies\aleksi mäenpää@advertising[1].txt -> TrackingCookie.Advertising : No action taken.
:mozilla.311:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Atdmt : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@atdmt[2].txt -> TrackingCookie.Atdmt : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Local Settings\Temp\Cookies\aleksi mäenpää@atdmt[2].txt -> TrackingCookie.Atdmt : No action taken.
:mozilla.26:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Burstnet : No action taken.
:mozilla.34:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Burstnet : No action taken.
:mozilla.35:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Burstnet : No action taken.
:mozilla.27:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.28:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.29:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.33:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.36:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@casalemedia[1].txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.84:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Clickbank : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@vip.clickzs[2].txt -> TrackingCookie.Clickzs : No action taken.
:mozilla.249:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Com : No action taken.
:mozilla.250:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Com : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@com[1].txt -> TrackingCookie.Com : No action taken.
:mozilla.62:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Doubleclick : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@doubleclick[1].txt -> TrackingCookie.Doubleclick : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Local Settings\Temp\Cookies\aleksi mäenpää@doubleclick[1].txt -> TrackingCookie.Doubleclick : No action taken.
:mozilla.176:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.177:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.178:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.179:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.30:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.31:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.32:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@fastclick[1].txt -> TrackingCookie.Fastclick : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@media.fastclick[1].txt -> TrackingCookie.Fastclick : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Local Settings\Temp\Cookies\aleksi mäenpää@fastclick[2].txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.87:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.95:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.157:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.158:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.222:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.223:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.224:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@ehg-globalgamingleague.hitbox[2].txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@ehg-hollywood.hitbox[2].txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@ehg-lookfantastic.hitbox[1].txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@ehg-nokiafin.hitbox[1].txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@hitbox[1].txt -> TrackingCookie.Hitbox : No action taken.
C:\WINDOWS\Temp\Cookies\aleksi mäenpää@ehg-backweb.hitbox[1].txt -> TrackingCookie.Hitbox : No action taken.
C:\WINDOWS\Temp\Cookies\aleksi mäenpää@hitbox[2].txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@hotlog[1].txt -> TrackingCookie.Hotlog : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@image.masterstats[1].txt -> TrackingCookie.Masterstats : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@mediaplex[1].txt -> TrackingCookie.Mediaplex : No action taken.
:mozilla.168:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Overture : No action taken.
:mozilla.169:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Overture : No action taken.
:mozilla.275:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Paycounter : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@paycounter[2].txt -> TrackingCookie.Paycounter : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@ads.pointroll[1].txt -> TrackingCookie.Pointroll : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Local Settings\Temp\Cookies\aleksi mäenpää@ads.pointroll[2].txt -> TrackingCookie.Pointroll : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@questionmarket[2].txt -> TrackingCookie.Questionmarket : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@ads1.revenue[1].txt -> TrackingCookie.Revenue : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@revenue[2].txt -> TrackingCookie.Revenue : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Local Settings\Temp\Cookies\aleksi mäenpää@edge.ru4[1].txt -> TrackingCookie.Ru4 : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@serving-sys[2].txt -> TrackingCookie.Serving-sys : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Local Settings\Temp\Cookies\aleksi mäenpää@serving-sys[2].txt -> TrackingCookie.Serving-sys : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@cs.sexcounter[2].txt -> TrackingCookie.Sexcounter : No action taken.
:mozilla.276:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Sexlist : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@sexlist[1].txt -> TrackingCookie.Sexlist : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@counter1.sextracker[1].txt -> TrackingCookie.Sextracker : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@counter11.sextracker[2].txt -> TrackingCookie.Sextracker : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@counter14.sextracker[1].txt -> TrackingCookie.Sextracker : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@counter16.sextracker[1].txt -> TrackingCookie.Sextracker : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@counter3.sextracker[1].txt -> TrackingCookie.Sextracker : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@counter4.sextracker[1].txt -> TrackingCookie.Sextracker : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@counter6.sextracker[1].txt -> TrackingCookie.Sextracker : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@counter8.sextracker[1].txt -> TrackingCookie.Sextracker : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@sextracker[2].txt -> TrackingCookie.Sextracker : No action taken.
:mozilla.63:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Smartadserver : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@adopt.specificclick[2].txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.73:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.74:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.75:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.76:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@statcounter[2].txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.173:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.174:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.175:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.20:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Tradedoubler : No action taken.
:mozilla.21:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Tradedoubler : No action taken.
:mozilla.22:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Tradedoubler : No action taken.
:mozilla.23:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Tradedoubler : No action taken.
:mozilla.24:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Tradedoubler : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Local Settings\Temp\Cookies\aleksi mäenpää@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : No action taken.
:mozilla.264:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.265:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.162:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : No action taken.
:mozilla.61:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Weborama : No action taken.
:mozilla.82:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Webtrendslive : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@statse.webtrendslive[1].txt -> TrackingCookie.Webtrendslive : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@yadro[1].txt -> TrackingCookie.Yadro : No action taken.
:mozilla.142:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.143:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.144:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.145:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.146:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.147:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.148:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.149:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.150:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.151:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : No action taken.
C:\Program Files\Media-Codec -> Trojan.Small : No action taken.
C:\Program Files\Media-Codec\uninst.exe -> Trojan.Small : No action taken.

 

As you see ewido didn't delete those

Read instructions better and follow it once more time

 

Sorry, I was a bit careless. Now I've done everything right, I think..

---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 20:21:17 10.7.2006

+ Scan result:



C:\Program Files\Microsoft AntiSpyware\Quarantine\3BB1F3C3-233F-42FC-A91B-141C41\857AF421-658F-48C9-9056-33DA5E -> Adware.180Solutions : Cleaned with backup (quarantined).
C:\Program Files\Microsoft AntiSpyware\Quarantine\3BB1F3C3-233F-42FC-A91B-141C41\9D2BFC74-B59B-4539-8AC7-9E2E21 -> Adware.180Solutions : Cleaned with backup (quarantined).
C:\Program Files\Microsoft AntiSpyware\Quarantine\3BB1F3C3-233F-42FC-A91B-141C41\E86B3630-7603-4160-B4A9-43A725 -> Adware.180Solutions : Cleaned with backup (quarantined).
C:\Program Files\Microsoft AntiSpyware\Quarantine\3FD1D034-6699-404D-947B-5F383E\B4CA8CF4-5307-475B-ACAB-209B64 -> Adware.180Solutions : Cleaned with backup (quarantined).
C:\Program Files\Microsoft AntiSpyware\Quarantine\3FD1D034-6699-404D-947B-5F383E\CE0AB8F8-09E8-4AE4-AB12-FEFACF -> Adware.180Solutions : Cleaned with backup (quarantined).
C:\Program Files\Microsoft AntiSpyware\Quarantine\7BA833CE-28E4-4FD2-84C8-E8E3BD\5F7B3624-75E1-4576-93E5-D64E46 -> Adware.180Solutions : Cleaned with backup (quarantined).
C:\Program Files\Microsoft AntiSpyware\Quarantine\7BA833CE-28E4-4FD2-84C8-E8E3BD\8B3AB77D-89C3-4CD8-A574-34C881 -> Adware.180Solutions : Cleaned with backup (quarantined).
C:\Program Files\Microsoft AntiSpyware\Quarantine\7BA833CE-28E4-4FD2-84C8-E8E3BD\E5F5786B-024F-4F7B-8F54-84655F -> Adware.180Solutions : Cleaned with backup (quarantined).
C:\Program Files\Microsoft AntiSpyware\Quarantine\9AF3059C-BFBE-429D-95AC-C95CD9\50B14169-1867-4BDA-B5B9-F3A0F7 -> Adware.180Solutions : Cleaned with backup (quarantined).
C:\Program Files\Microsoft AntiSpyware\Quarantine\9AF3059C-BFBE-429D-95AC-C95CD9\8188796A-F033-4C57-B84F-2B4F0E -> Adware.180Solutions : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\AlxTB.BHO.1 -> Adware.Alexa : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\PopMenu.Menu.1 -> Adware.Alexa : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\Popup.HTMLEvent -> Adware.Alexa : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\Popup.HTMLEvent.1 -> Adware.Alexa : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\Popup.HTMLEvent\CLSID -> Adware.Alexa : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\Popup.HTMLEvent\CurVer -> Adware.Alexa : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\Popup.PopupKiller.1 -> Adware.Alexa : Cleaned with backup (quarantined).
HKU\S-1-5-21-602162358-1708537768-839522115-1003\Software\Microsoft\Internet Explorer\MenuExt\Mail to a Friend... -> Adware.Alexa : Cleaned with backup (quarantined).
C:\Program Files\ISTsvc -> Adware.ISTBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-602162358-1708537768-839522115-1003\Software\IST -> Adware.ISTBar : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Käynnistä-valikko\Ohjelmat\Power Scan -> Adware.PowerScan : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Käynnistä-valikko\Ohjelmat\Power Scan\Power Scan.lnk -> Adware.PowerScan : Cleaned with backup (quarantined).
C:\Program Files\Microsoft AntiSpyware\Quarantine\953EC633-33ED-46A0-AD22-3D0907\3CD88B3B-21D2-4A19-9166-0DB977 -> Adware.PowerScan : Cleaned with backup (quarantined).
C:\Program Files\Microsoft AntiSpyware\Quarantine\953EC633-33ED-46A0-AD22-3D0907\E25E7EEB-747C-49FB-979A-EB33C0 -> Adware.PowerScan : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Clickspring -> Adware.PurityScan : Cleaned with backup (quarantined).
C:\Program Files\Microsoft AntiSpyware\Quarantine\1A0B73AD-2C8C-4984-AE88-4D248F\1F770FAD-A1A4-4B09-852C-7536FD -> Adware.SurfAccuracy : Cleaned with backup (quarantined).
C:\Program Files\Microsoft AntiSpyware\Quarantine\1A0B73AD-2C8C-4984-AE88-4D248F\71EFE223-E113-4255-809C-98E051 -> Adware.SurfAccuracy : Cleaned with backup (quarantined).
C:\Program Files\Microsoft AntiSpyware\Quarantine\60772F2A-94A7-44DB-9A63-20BDF9\160BC03B-0BA6-4528-9FF5-5DC89A -> Adware.WinAD : Cleaned with backup (quarantined).
C:\Program Files\Microsoft AntiSpyware\Quarantine\60772F2A-94A7-44DB-9A63-20BDF9\DCA77F9E-4F1A-4976-8C07-6AC46E -> Adware.WinAD : Cleaned with backup (quarantined).
C:\Program Files\Microsoft AntiSpyware\Quarantine\60772F2A-94A7-44DB-9A63-20BDF9\F993E71F-EDE6-48DB-BCB9-0FD26D -> Adware.WinAD : Cleaned with backup (quarantined).
C:\WINDOWS\system32\LC.exe -> Adware.WinAD : Cleaned with backup (quarantined).
C:\Program Files\YourSiteBar -> Adware.YourSiteBar : Cleaned with backup (quarantined).
C:\Program Files\Microsoft AntiSpyware\Quarantine\A4AAB261-7F12-4236-A750-05B6A1\5BCB4EF9-0166-48E0-9F3E-4B2ED4 -> Downloader.IstBar.jm : Cleaned with backup (quarantined).
C:\WINDOWS\MrDrej.exe -> Dropper.Agent.kd : Cleaned with backup (quarantined).
:mozilla.284:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup (quarantined).
:mozilla.285:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup (quarantined).
:mozilla.143:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.92:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@2o7[2].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.296:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup (quarantined).
:mozilla.297:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup (quarantined).
:mozilla.298:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup (quarantined).
:mozilla.299:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup (quarantined).
:mozilla.300:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup (quarantined).
:mozilla.301:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup (quarantined).
:mozilla.302:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup (quarantined).
:mozilla.303:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup (quarantined).
:mozilla.304:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup (quarantined).
:mozilla.305:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup (quarantined).
:mozilla.306:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup (quarantined).
:mozilla.307:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup (quarantined).
:mozilla.308:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup (quarantined).
:mozilla.258:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup (quarantined).
:mozilla.259:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@adtech[2].txt -> TrackingCookie.Adtech : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Local Settings\Temp\Cookies\aleksi mäenpää@adtech[2].txt -> TrackingCookie.Adtech : Cleaned with backup (quarantined).
:mozilla.31:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
:mozilla.32:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@advertising[1].txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@servedby.advertising[2].txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Local Settings\Temp\Cookies\aleksi mäenpää@advertising[1].txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
:mozilla.317:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Local Settings\Temp\Cookies\aleksi mäenpää@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined).
:mozilla.53:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup (quarantined).
:mozilla.61:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup (quarantined).
:mozilla.62:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup (quarantined).
:mozilla.54:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
:mozilla.55:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
:mozilla.56:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
:mozilla.60:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
:mozilla.63:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@casalemedia[1].txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
:mozilla.93:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Clickbank : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@vip.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned with backup (quarantined).
:mozilla.256:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup (quarantined).
:mozilla.257:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@com[1].txt -> TrackingCookie.Com : Cleaned with backup (quarantined).
:mozilla.38:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Local Settings\Temp\Cookies\aleksi mäenpää@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined).
:mozilla.183:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
:mozilla.184:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
:mozilla.185:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
:mozilla.186:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
:mozilla.57:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
:mozilla.58:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
:mozilla.59:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@fastclick[1].txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@media.fastclick[1].txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Local Settings\Temp\Cookies\aleksi mäenpää@fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
:mozilla.104:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup (quarantined).
:mozilla.96:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup (quarantined).
:mozilla.164:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.165:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.229:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.230:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.231:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@ehg-globalgamingleague.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@ehg-hollywood.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@ehg-lookfantastic.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@ehg-nokiafin.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\Cookies\aleksi mäenpää@ehg-backweb.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\Cookies\aleksi mäenpää@hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@hotlog[1].txt -> TrackingCookie.Hotlog : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@image.masterstats[1].txt -> TrackingCookie.Masterstats : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned with backup (quarantined).
:mozilla.175:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup (quarantined).
:mozilla.176:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup (quarantined).
:mozilla.282:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Paycounter : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@paycounter[2].txt -> TrackingCookie.Paycounter : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Local Settings\Temp\Cookies\aleksi mäenpää@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@questionmarket[2].txt -> TrackingCookie.Questionmarket : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@ads1.revenue[1].txt -> TrackingCookie.Revenue : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@revenue[2].txt -> TrackingCookie.Revenue : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Local Settings\Temp\Cookies\aleksi mäenpää@edge.ru4[1].txt -> TrackingCookie.Ru4 : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Local Settings\Temp\Cookies\aleksi mäenpää@serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@cs.sexcounter[2].txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
:mozilla.283:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@sexlist[1].txt -> TrackingCookie.Sexlist : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@counter1.sextracker[1].txt -> TrackingCookie.Sextracker : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@counter11.sextracker[2].txt -> TrackingCookie.Sextracker : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@counter14.sextracker[1].txt -> TrackingCookie.Sextracker : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@counter16.sextracker[1].txt -> TrackingCookie.Sextracker : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@counter3.sextracker[1].txt -> TrackingCookie.Sextracker : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@counter4.sextracker[1].txt -> TrackingCookie.Sextracker : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@counter6.sextracker[1].txt -> TrackingCookie.Sextracker : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@counter8.sextracker[1].txt -> TrackingCookie.Sextracker : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@sextracker[2].txt -> TrackingCookie.Sextracker : Cleaned with backup (quarantined).
:mozilla.72:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@adopt.specificclick[2].txt -> TrackingCookie.Specificclick : Cleaned with backup (quarantined).
:mozilla.82:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.83:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.84:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.85:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@statcounter[2].txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.180:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).
:mozilla.181:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).
:mozilla.182:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).
:mozilla.34:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
:mozilla.35:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
:mozilla.36:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
:mozilla.37:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
:mozilla.39:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Local Settings\Temp\Cookies\aleksi mäenpää@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
:mozilla.271:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup (quarantined).
:mozilla.272:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup (quarantined).
:mozilla.169:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
:mozilla.71:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Weborama : Cleaned with backup (quarantined).
:mozilla.91:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@statse.webtrendslive[1].txt -> TrackingCookie.Webtrendslive : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@yadro[1].txt -> TrackingCookie.Yadro : Cleaned with backup (quarantined).
:mozilla.149:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.150:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.151:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.152:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.153:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.154:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.155:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.156:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.157:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.158:C:\Documents and Settings\Aleksi Mäenpää\Application Data\Mozilla\Firefox\Profiles\975kvebi.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
C:\Documents and Settings\Aleksi Mäenpää\Cookies\aleksi mäenpää@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
C:\Program Files\Media-Codec -> Trojan.Small : Cleaned with backup (quarantined).
C:\Program Files\Media-Codec\uninst.exe -> Trojan.Small : Cleaned with backup (quarantined).


::Report end

 

I think my comp is clean now. Thank you very much, you're awesome.

 

You're welcome, its clean

 

hi tapiiri

can you take a look at this hijackthis log? there seems to be a problem. had a sdbot.mhh trojan and the system is shutting down message. Can't solve.

Logfile of HijackThis v1.99.1
Scan saved at 11:40:07 PM, on 8/16/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Free\avgwb.dat
C:\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.singnet.com.sg/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.ntu.edu.sg:8080
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SiS Tray] C:\WINDOWS\System32\sistray.EXE
O4 - HKLM\..\Run: [Chrontel TV] C:\WINDOWS\System32\ch_utility.exe
O4 - HKLM\..\Run: [SiS KHooker] C:\WINDOWS\System32\khooker.exe
O4 - HKLM\..\Run: [SoundMan] soundman.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O4 - Global Startup: Wireless-G Notebook Adapter.lnk = C:\Program Files\Linksys\Wireless-G Notebook Adapter\Gcc.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: NICSer_WPC54G - Unknown owner - C:\Program Files\Linksys\Wireless-G Notebook Adapter\NICServ.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe

 

Hi,

Start comp normally.

Click Start > run > type "shutdown -a" and click ok


Download eScan to your desktop -> http://www.spywareinfo.dk/download/mwav.exe
Run the file mwav.exe and unzip it to its default location, C:\Kaspersky

1. Updating the scanner (close the eScan window if open)
-> Go to My Computer
-> C:\
-> Kaspersky
-> Run the file kavupd.exe, it starts downloading updates
-> When downloading is finished, go to C:\Downloads
-> Copy all the files in the Downloads folder by pressing CTRL+A and then CTRL+C
-> Then go back to the C:\Kaspersky folder and paste the files by pressing CTRL+V
-> Answer Yes to all when it asks about replacing files
-> Now the scanner has been updated

2. Scanner settings
-> Go to folder C:\Kaspersky and run the file mwavscan.com (or mwavscan.exe)
-> The scanner window opens
-> Select the same settings than in this picture -> http://koti.mbnet.fi/pattaya1/eScan6.jpg
-> When ready, press the Scan Clean button
-> Scanning for infections begins

3. Posting the results
-> When the scan has finished (scan may take a quite long time), you'll need to post the findings
-> Copy all the text in this field -> http://koti.mbnet.fi/pattaya1/eScan10.jpg
-> Click the field, press CTRL+A, CTRL+C
-> Then open Notepad and paste the findings into a new document by pressing CTRL+V
-> Save the document to your desktop
-> Post the contents of that textfile to here

 

hi.

downloaded the scanner. Anw my version only has the option to "scan clean" unlike wad is shown on the snapshot http://koti.mbnet.fi/pattaya1/eScan6.jpg
So do i proceed? or i did not update properly?

YF