|
Täsää combofix loki
Matias Saarela - 06-12-07 17:09:07.76 Service Pack 2
ComboFix 06.11.27W - Running from: "C:\Documents and Settings\Matias Saarela\Ty?p?yt?"
(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
C:\WINDOWS\system32\components
((((((((((((((((((((((((((((((( Files Created from 2006-11-07 to 2006-12-07 ))))))))))))))))))))))))))))))))))
2006-12-06 19:40 2,758 --a------ C:\WINDOWS\system32\tmp.reg
2006-12-06 18:10 <KANSIO> dr-h----- C:\Documents and Settings\Matias Saarela\Recent
2006-12-06 17:13 <KANSIO> d-------- C:\Program Files\ToniArts
2006-12-06 16:37 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\Avg7
2006-12-06 16:34 620 ---hs---- C:\WINDOWS\system32\oqtss.ini2
2006-12-06 15:56 <KANSIO> d--hs---- C:\FOUND.001
2006-12-06 15:50 <KANSIO> d-------- C:\WINDOWS\Minidump
2006-12-06 15:49 <KANSIO> d--hs---- C:\FOUND.000
2006-12-06 14:46 <KANSIO> d-------- C:\Program Files\Hijackthis
2006-12-06 14:22 <KANSIO> d-------- C:\WINDOWS\pss
2006-12-05 18:59 <KANSIO> d-------- C:\WINDOWS\.file_store_32
2006-12-05 16:35 <KANSIO> d-------- C:\Program Files\Razer
2006-12-04 09:33 <KANSIO> d--h----- C:\WINDOWS\ie7
2006-12-03 18:39 <KANSIO> d-------- C:\Program Files\WinRAR
2006-12-03 17:40 <KANSIO> d-------- C:\Documents and Settings\Matias Saarela\Application Data\F-Secure
2006-12-03 17:36 70,224 --a------ C:\WINDOWS\system32\drivers\fsdfw.sys
2006-12-03 17:36 33,744 --a------ C:\WINDOWS\system32\drivers\fsndis5.sys
2006-12-03 17:35 118,842 -r------- C:\WINDOWS\bwUnin-6.3.2.116-7681197L.exe
2006-12-03 17:35 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\F-Secure
2006-12-03 17:34 <KANSIO> d-------- C:\Program Files\F-Secure
2006-12-03 16:21 274,484 --------- C:\WINDOWS\system32\sstqo.dll
2006-12-03 16:10 623,686 ---hs---- C:\WINDOWS\system32\kjjlm.bak1
2006-12-03 15:55 66,048 --a------ C:\WINDOWS\ieResetIcons.exe
2006-12-03 15:25 72,704 --a------ C:\WINDOWS\system32\drvzog.dll
2006-12-03 15:24 40,973 ---hs---- C:\WINDOWS\system32\iifebay.dll
2006-12-03 12:58 <KANSIO> d-------- C:\Documents and Settings\Matias Saarela\Application Data\Sun
2006-12-03 12:42 <KANSIO> d-------- C:\Program Files\B2BPOKER
2006-12-03 11:57 <KANSIO> d-------- C:\Program Files\Real
2006-12-03 11:57 <KANSIO> d-------- C:\Program Files\Common Files\Real
2006-12-03 11:57 <KANSIO> d-------- C:\Documents and Settings\Matias Saarela\Application Data\Real
2006-12-03 11:47 <KANSIO> d-------- C:\Program Files\Java
2006-12-03 11:47 <KANSIO> d-------- C:\Program Files\Common Files\Java
2006-12-03 11:37 <KANSIO> d-------- C:\Program Files\Winamp
2006-12-03 11:28 <KANSIO> d-------- C:\Program Files\Spybot - Search & Destroy
2006-12-03 11:27 <KANSIO> d-------- C:\Program Files\BitComet
2006-12-03 11:26 <KANSIO> d-------- C:\Program Files\DC++
2006-12-03 11:22 <KANSIO> d-------- C:\Program Files\Lavasoft
2006-12-03 11:22 <KANSIO> d-------- C:\Documents and Settings\Matias Saarela\Application Data\Lavasoft
2006-12-02 21:58 <KANSIO> d--hs---- C:\WA6P
2006-12-02 21:57 8,704 --a------ C:\WINDOWS\system32\SpOrder.dll
2006-12-02 21:15 40,973 ---hs---- C:\WINDOWS\system32\ljjjklm.dll
2006-12-02 20:23 72,704 --a------ C:\WINDOWS\system32\drvgej.dll
2006-12-02 20:23 40,973 ---hs---- C:\WINDOWS\system32\ssqppnm.dll
2006-12-02 20:05 72,704 --a------ C:\WINDOWS\system32\drvcuc.dll
2006-12-02 20:05 40,973 ---hs---- C:\WINDOWS\system32\qomjkij.dll
2006-12-02 16:56 40,973 ---hs---- C:\WINDOWS\system32\ssqromm.dll
2006-12-02 00:36 <KANSIO> d-------- C:\Program Files\MSI
2006-11-18 14:36 143,360 --a------ C:\WINDOWS\system32\igfxres.dll
2006-11-17 16:09 <KANSIO> d-------- C:\Program Files\MSXML 4.0
2006-11-17 16:09 <KANSIO> d-------- C:\646d1520c6a9228960e8be6ca7
2006-11-12 16:41 <KANSIO> d-------- C:\Documents and Settings\Matias Saarela\usernotes
2006-11-07 21:03 6,049,280 --------- C:\WINDOWS\system32\ieframe.dll
2006-11-07 21:03 50,688 --------- C:\WINDOWS\system32\msfeedsbs.dll
2006-11-07 21:03 458,752 --------- C:\WINDOWS\system32\msfeeds.dll
2006-11-07 21:03 180,736 --------- C:\WINDOWS\system32\ieui.dll
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
2006-11-28 15:21 784 --a------ C:\Documents and Settings\Matias Saarela\Application Data\mpauth.dat
2006-11-07 21:03 413696 --a------ C:\WINDOWS\system32\vbscript.dll
2006-11-07 21:03 231424 --a------ C:\WINDOWS\system32\webcheck.dll
2006-11-07 21:03 156160 --a------ C:\WINDOWS\system32\msls31.dll
2006-11-07 03:27 382976 --a------ C:\WINDOWS\system32\iedkcs32.dll
2006-11-07 03:27 229376 --a------ C:\WINDOWS\system32\ieaksie.dll
2006-11-07 03:26 71680 --a------ C:\WINDOWS\system32\admparse.dll
2006-11-07 03:26 55296 --a------ C:\WINDOWS\system32\iesetup.dll
2006-11-07 03:26 54784 --a------ C:\WINDOWS\system32\ie4uinit.exe
2006-11-07 03:26 43008 --a------ C:\WINDOWS\system32\iernonce.dll
2006-11-07 03:26 152064 --a------ C:\WINDOWS\system32\ieakeng.dll
2006-11-07 03:26 13312 --a------ C:\WINDOWS\system32\ieudinit.exe
2006-11-07 03:26 123904 --a------ C:\WINDOWS\system32\advpack.dll
2006-11-07 03:25 161792 --a------ C:\WINDOWS\system32\ieakui.dll
2006-11-04 14:14 1245696 --a------ C:\WINDOWS\system32\msxml4.dll
2006-11-02 08:52 -------- d-------- C:\Program Files\Common Files\DirectX
2006-10-17 12:06 78336 --a------ C:\WINDOWS\system32\ieencode.dll
2006-10-17 12:05 40960 --a------ C:\WINDOWS\system32\licmgr10.dll
2006-10-17 12:05 206336 --------- C:\WINDOWS\system32\WinFXDocObj.exe
2006-10-17 12:05 105984 --a------ C:\WINDOWS\system32\url.dll
2006-10-17 12:04 101376 --a------ C:\WINDOWS\system32\occache.dll
2006-10-17 12:03 17408 --a------ C:\WINDOWS\system32\corpol.dll
2006-10-17 11:58 61952 --------- C:\WINDOWS\system32\icardie.dll
2006-10-17 11:58 12288 --------- C:\WINDOWS\system32\msfeedssync.exe
2006-10-17 11:57 36352 --a------ C:\WINDOWS\system32\imgutil.dll
2006-10-17 11:57 266752 --------- C:\WINDOWS\system32\iertutil.dll
2006-10-17 11:56 45568 --a------ C:\WINDOWS\system32\mshta.exe
2006-10-17 11:28 48128 --a------ C:\WINDOWS\system32\mshtmler.dll
2006-10-17 11:27 380928 --------- C:\WINDOWS\system32\ieapfltr.dll
2006-10-13 14:37 142336 --a------ C:\WINDOWS\system32\nwprovau.dll
2006-10-02 22:04 806912 --a------ C:\WINDOWS\system32\divx_xx0c.dll
2006-10-02 22:04 806912 --a------ C:\WINDOWS\system32\divx_xx07.dll
2006-10-02 22:04 790528 --a------ C:\WINDOWS\system32\divx_xx11.dll
2006-10-02 22:04 635486 --a------ C:\WINDOWS\system32\DivX.dll
2006-09-18 07:57 2560 --a------ C:\WINDOWS\system32\BitCometRes.dll
2006-09-13 08:03 1084416 --a------ C:\WINDOWS\system32\msxml3.dll
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries are not shown
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"Steam"=""
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"HControl"="C:\\WINDOWS\\ATK0100\\HControl.exe"
"SoundMan"="SOUNDMAN.EXE"
"SynTPLpr"="C:\\Program Files\\Synaptics\\SynTP\\SynTPLpr.exe"
"SynTPEnh"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe"
"Power_Gear"="C:\\Program Files\\ASUS\\Power4 Gear\\BatteryLife.exe 1"
"ZCfgSvc.exe"="c:\\WINDOWS\\system32\\ZCfgSvc.exe"
"PRONoMgr.exe"="c:\\Program Files\\Intel\\PROSetWireless\\NCS\\PROSet\\PRONoMgr.exe"
"InCD"="C:\\Program Files\\Ahead\\InCD\\InCD.exe"
"igfxtray"="C:\\WINDOWS\\system32\\igfxtray.exe"
"igfxhkcmd"="C:\\WINDOWS\\system32\\hkcmd.exe"
"igfxpers"="C:\\WINDOWS\\system32\\igfxpers.exe"
"F-Secure Manager"="\"C:\\Program Files\\F-Secure\\Common\\FSM32.EXE\" /splash"
"F-Secure TNB"="\"C:\\Program Files\\F-Secure\\TNB\\TNBUtil.exe\" /CHECKALL /WAITFORSW"
"razer"="C:\\Program Files\\Razer\\razerhid.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"NoChange"="1"
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000005
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Nykyinen kotisivu"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e2,02,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e2,02,\
00,00,04,00,00,40
"RestoredStateInfo"=hex:18,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e2,02,\
00,00,01,00,00,00
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
"WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Steam"=""
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"HP Component Manager"="\"C:\\Program Files\\HP\\hpcoretech\\hpcmpmgr.exe\""
"HP Software Update"="\"C:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe\""
"RemoteControl"="\"C:\\Program Files\\ASUSTeK\\ASUSDVD\\PDVDServ.exe\""
"NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"
"WinampAgent"="C:\\Program Files\\Winamp\\winampa.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Käynnistä-valikko^Ohjelmat^Käynnistys^Adobe Reader Speed Launch.lnk.disabled]
"path"="C:\\Documents and Settings\\All Users\\Käynnistä-valikko\\Ohjelmat\\Käynnistys\\Adobe Reader Speed Launch.lnk.disabled"
"backup"="C:\\WINDOWS\\pss\\Adobe Reader Speed Launch.lnk.disabledCommon Startup"
"location"="Common Startup"
"command"="C:\\Documents and Settings\\All Users\\Käynnistä-valikko\\Ohjelmat\\Käynnistys\\Adobe Reader Speed Launch.lnk.disabled"
"item"="Adobe Reader Speed Launch.lnk"
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\sstqo
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
Completion time: 06-12-07 17:11:19.17
C:\ComboFix2.txt ... 06-12-07 17:04
C:\ComboFix.txt ... 06-12-07 17:11
|
