|
4 troijalaista, kuinka saan ne pois?
|
|
|
Aip
Junior Member
|
2. joulukuuta 2007 @ 19:57 |
Linkki tähän viestiin
|
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:17:53, on 2.12.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Safe mode
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [EPSON Stylus CX3600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE /P26 "EPSON Stylus CX3600 Series" /O6 "USB001" /M "Stylus CX3600"
O4 - HKLM\..\Run: [SDFix] C:\SDFix\RunThis.bat /second
O4 - HKLM\..\RunOnce: [SDFix] C:\SDFix\RunThis.cmd /second
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Verkkopalve')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/webplayer/stage...owserPlugin.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1DF3A91D-1E12-4219-894E-AB15AD81DD72}: NameServer = 204.110.160.192
O17 - HKLM\System\CCS\Services\Tcpip\..\{4065C858-FBF2-40F8-A07A-461D8A881B5D}: NameServer = 204.110.160.192
O17 - HKLM\System\CCS\Services\Tcpip\..\{B9DAB53E-F207-4772-A0C2-81226732C03F}: NameServer = 204.110.160.192
O17 - HKLM\System\CCS\Services\Tcpip\..\{C9496BC9-D2D0-446E-BC9C-4ED8B04EB966}: NameServer = 204.110.160.192
O17 - HKLM\System\CCS\Services\Tcpip\..\{CD9046C7-5E49-47E2-BB0F-9ACAB3B22779}: NameServer = 204.110.160.192
O17 - HKLM\System\CCS\Services\Tcpip\..\{FCE562B2-6BA5-4701-BFCE-CD7A8B8754AE}: NameServer = 204.110.160.192
O17 - HKLM\System\CS1\Services\Tcpip\..\{1DF3A91D-1E12-4219-894E-AB15AD81DD72}: NameServer = 204.110.160.192
O17 - HKLM\System\CS2\Services\Tcpip\..\{1DF3A91D-1E12-4219-894E-AB15AD81DD72}: NameServer = 204.110.160.192
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
--
End of file - 5745 bytes
|
|
Aip
Junior Member
|
2. joulukuuta 2007 @ 20:01 |
Linkki tähän viestiin
|
ComboFix 07-12-02.5 - Järjestelmänvalvoja 2007-12-02 18:43:44.1 - NTFSx86 MINIMAL
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1035.18.842 [GMT 2:00]
Running from: M:\ComboFix2.exe
.
(((((((((((((((((((((((((((((((((((((( Muut poistot ))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\All Users\Käynnistä-valikko\Ohjelmat\Käynnistys\autos.exe
C:\Documents and Settings\Henkka\Käynnistä-valikko\Ohjelmat\Käynnistys\infos.exe
C:\Documents and Settings\Järjestelmänvalvoja\Käynnistä-valikko\Ohjelmat\Käynnistys\infos.exe
C:\Documents and Settings\Pia M\Käynnistä-valikko\Ohjelmat\Käynnistys\infos.exe
C:\WINDOWS\draste.exe
C:\WINDOWS\system32\proper.exe
C:\WINDOWS\system32\winter.exe
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\LEGACY_XLAVBA8
-------\xlavba8
((((( Tiedostot, jotka on luotu seuraavalla aikav?lill?: 2007-11-02 to 2007-12-02 )))))))))))))))))
.
2007-12-02 14:41 . 2007-12-02 14:41 <KANSIO> d-------- C:\WINDOWS\SDFIX
2007-11-18 14:06 . 2007-11-18 22:59 3,112 --a------ C:\WINDOWS\system32\tmp.reg
2007-11-18 14:05 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2007-11-18 14:05 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2007-11-18 14:05 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
2007-11-18 14:05 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2007-11-18 14:05 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2007-11-13 15:52 . 2007-11-13 15:52 <KANSIO> d-------- C:\Program Files\Trend Micro
2007-11-08 10:51 . 2007-11-08 10:51 <KANSIO> dr------- C:\Documents and Settings\LocalService\Suosikit
2007-11-08 10:18 . 2007-11-08 09:57 124,258 --a--c--- C:\WINDOWS\system32\dllcache\_install.exe
2007-11-08 10:18 . 2007-11-08 09:57 124,258 --a------ C:\WINDOWS\system32\_install.exe
2007-11-08 10:17 . 2007-11-08 09:57 124,258 --a------ C:\WINDOWS\_install.exe
.
(((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-11-18 11:57 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2007-11-12 19:20 --------- d-----w C:\Program Files\Norton Security Scan
2007-11-08 08:15 --------- d-----w C:\Program Files\Windows Media Connect 2
2007-11-08 08:15 --------- d-----w C:\Program Files\MSN Messenger
2007-11-08 08:15 --------- d-----w C:\Program Files\Microsoft Works
2007-11-08 08:14 --------- d-----w C:\Program Files\Google
2007-11-08 07:05 168 ----a-w C:\Documents and Settings\Henkka\Application Data\wklnhst.dat
2007-11-07 17:41 28,400 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2007-11-07 17:37 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-10-26 17:31 --------- d-----w C:\Program Files\Java
2007-09-13 19:21 754 ----a-w C:\Documents and Settings\Pia M\Application Data\wklnhst.dat
.
(((((((((((((((((((((((((((((( Rekisterin k?ynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Huom* Tyhji? arvoja ja laillisia oletusarvoja ei n?ytet?
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-09-15 14:00]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11]
"SoundMAXPnP"="C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-10-14 09:11]
"SoundMAX"="C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" [2004-09-23 12:41]
"NvCplDaemon"="RUNDLL32.exe" [2004-09-15 14:00 C:\WINDOWS\system32\rundll32.exe]
"nwiz"="nwiz.exe" [2005-07-20 22:07 C:\WINDOWS\system32\nwiz.exe]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2004-10-08 10:52]
"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2004-10-08 11:31]
"LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2004-10-08 11:24]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-09-06 12:06]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51]
"EPSON Stylus CX3600 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.exe" [2004-03-04 04:00]
"SDFix"="C:\SDFix\RunThis.bat /second" []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"SDFix"="C:\SDFix\RunThis.cmd /second" []
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-09-15 14:00]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-13 09:13]
.
'Ajoitetut teht?v?t'-kansion sis?lt?
"2007-11-09 14:34:38 C:\WINDOWS\Tasks\Norton Security Scan.job"
- C:\Program Files\Norton Security Scan\Nss.exe
.
**************************************************************************
catchme 0.3.1318 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-02 19:15:23
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-12-02 19:16:28 - machine was rebooted
.
--- E O F ---
|
|
Aip
Junior Member
|
2. joulukuuta 2007 @ 20:05 |
Linkki tähän viestiin
|
|
SDFix: Version 1.116
Run by J?rjestelm?nvalvoja on su 02.12.2007 at 14:41
Microsoft Windows XP [versio 5.1.2600]
Running From: C:\SDFix
Safe Mode:
Checking Services:
Name:
noskrnl.sys
Path:
\??\C:\WINDOWS\system32\noskrnl.sys
noskrnl.sys - Deleted
Restoring Windows Registry Values
Restoring Windows Default Hosts File
|
|
tomato71
Suspended due to non-functional email address
|
2. joulukuuta 2007 @ 20:07 |
Linkki tähän viestiin
|
|
se sdfixin loki ei ollu kokonaisena
www.virustorjunta.net
|
|
Aip
Junior Member
|
2. joulukuuta 2007 @ 21:32 |
Linkki tähän viestiin
|
Tuollainen pätkä siinä oli mutta tällainen tuli myös nyt kun käynnisti normaalitilassa:
SDFix: Version 1.116
Run by J?rjestelm?nvalvoja on su 02.12.2007 at 14:41
Microsoft Windows XP [versio 5.1.2600]
Running From: C:\SDFix
Safe Mode:
Checking Services:
Name:
noskrnl.sys
Path:
\??\C:\WINDOWS\system32\noskrnl.sys
noskrnl.sys - Deleted
Restoring Windows Registry Values
Restoring Windows Default Hosts File
Rebooting...
Normal Mode:
Checking Files:
Trojan Files Found:
C:\WINDOWS\system32\away.exe.exe - Deleted
C:\WINDOWS\noskrnl.config - Deleted
C:\WINDOWS\noskrnl.exe - Deleted
C:\WINDOWS\system32\noskrnl.sys - Deleted
C:\WINDOWS\system32\svcp.csv - Deleted
C:\WINDOWS\system32\winsub.xml - Deleted
Removing Temp Files...
ADS Check:
C:\WINDOWS
No streams found.
C:\WINDOWS\system32
No streams found.
C:\WINDOWS\system32\svchost.exe
No streams found.
C:\WINDOWS\system32\ntoskrnl.exe
No streams found.
Final Check:
catchme 0.3.1262.1 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-02 20:28:09
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
scanning hidden registry entries ...
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\\x90\x2022\x20ac|\xff\xff\xff\xff"\x2022\x20ac|\xf9\x2022\xd3w\2]
"b049C053C7D38EE4AB9A00CB3B5D2472"="C?\Program Files\Common Files\Microsoft Shared\Web Folders\PUBPLACE.HTT"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\\x90\x2022\x20ac|\xff\xff\xff\xff"\x2022\x20ac|\xfe\xbb\xd3w\2]
"b049C053C7D38EE4AB9A00CB3B5D2472"="C?\Program Files\Common Files\Microsoft Shared\Web Folders\PUBPLACE.HTT"
scanning hidden files ...
C:\Documents and Settings\Pia M\Local Settings\Application Data\Microsoft\Messenger\maryanblacke@hotmail.com\SharingMetadata\margareta_blacke@hotmail.com\DFSR\Staging\CS{131ADD09-11FF-BB3E-946C-761544D4A8F2}\01\10-{131ADD09-11FF-BB3E-946C-761544D4A8F2}-v1-{B9F6412E-A2CB-4442-B2F4-8CF69059524F}-v10-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\Pia M\Local Settings\Application Data\Microsoft\Messenger\maryanblacke@hotmail.com\SharingMetadata\margareta_blacke@hotmail.com\DFSR\Staging\CS{131ADD09-11FF-BB3E-946C-761544D4A8F2}\13\49-{20BB680D-1B79-4D86-9EE9-58F20A3C5AD1}-v13-{B9F6412E-A2CB-4442-B2F4-8CF69059524F}-v49-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 3810 bytes hidden from API
C:\Documents and Settings\Pia M\Local Settings\Application Data\Microsoft\Messenger\maryanblacke@hotmail.com\SharingMetadata\margareta_blacke@hotmail.com\DFSR\Staging\CS{131ADD09-11FF-BB3E-946C-761544D4A8F2}\13\49-{20BB680D-1B79-4D86-9EE9-58F20A3C5AD1}-v13-{B9F6412E-A2CB-4442-B2F4-8CF69059524F}-v49-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 424 bytes hidden from API
C:\Documents and Settings\Pia M\Local Settings\Application Data\Microsoft\Messenger\maryanblacke@hotmail.com\SharingMetadata\nicke_home@hotmail.com\DFSR\Staging\CS{20A6100A-91FE-1832-14F3-188261F75D6E}\01\14-{20A6100A-91FE-1832-14F3-188261F75D6E}-v1-{B9F6412E-A2CB-4442-B2F4-8CF69059524F}-v14-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\Pia M\Local Settings\Application Data\Microsoft\Messenger\maryanblacke@hotmail.com\SharingMetadata\nicke_krokfors@hotmail.com\DFSR\Staging\CS{DA071C44-180C-DBC4-E41E-A74CD1A7765F}\01\15-{DA071C44-180C-DBC4-E41E-A74CD1A7765F}-v1-{B9F6412E-A2CB-4442-B2F4-8CF69059524F}-v15-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\Pia M\Local Settings\Application Data\Microsoft\Messenger\maryanblacke@hotmail.com\SharingMetadata\nicke_krokfors@hotmail.com\DFSR\Staging\CS{DA071C44-180C-DBC4-E41E-A74CD1A7765F}\12\59-{C78C2982-E88B-4DB6-941A-718DA8D68C32}-v12-{B9F6412E-A2CB-4442-B2F4-8CF69059524F}-v59-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 89922 bytes hidden from API
C:\Documents and Settings\Pia M\Local Settings\Application Data\Microsoft\Messenger\maryanblacke@hotmail.com\SharingMetadata\nicke_krokfors@hotmail.com\DFSR\Staging\CS{DA071C44-180C-DBC4-E41E-A74CD1A7765F}\12\59-{C78C2982-E88B-4DB6-941A-718DA8D68C32}-v12-{B9F6412E-A2CB-4442-B2F4-8CF69059524F}-v59-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 10080 bytes hidden from API
C:\Documents and Settings\Pia M\Local Settings\Application Data\Microsoft\Messenger\maryanblacke@hotmail.com\SharingMetadata\nicke_krokfors@hotmail.com\DFSR\Staging\CS{DA071C44-180C-DBC4-E41E-A74CD1A7765F}\13\50-{C78C2982-E88B-4DB6-941A-718DA8D68C32}-v13-{B9F6412E-A2CB-4442-B2F4-8CF69059524F}-v50-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 24096 bytes hidden from API
C:\Documents and Settings\Pia M\Local Settings\Application Data\Microsoft\Messenger\maryanblacke@hotmail.com\SharingMetadata\nicke_krokfors@hotmail.com\DFSR\Staging\CS{DA071C44-180C-DBC4-E41E-A74CD1A7765F}\13\50-{C78C2982-E88B-4DB6-941A-718DA8D68C32}-v13-{B9F6412E-A2CB-4442-B2F4-8CF69059524F}-v50-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 2672 bytes hidden from API
C:\Documents and Settings\Pia M\Local Settings\Application Data\Microsoft\Messenger\maryanblacke@hotmail.com\SharingMetadata\nicke_krokfors@hotmail.com\DFSR\Staging\CS{DA071C44-180C-DBC4-E41E-A74CD1A7765F}\14\51-{C78C2982-E88B-4DB6-941A-718DA8D68C32}-v14-{B9F6412E-A2CB-4442-B2F4-8CF69059524F}-v51-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 46110 bytes hidden from API
C:\Documents and Settings\Pia M\Local Settings\Application Data\Microsoft\Messenger\maryanblacke@hotmail.com\SharingMetadata\nicke_krokfors@hotmail.com\DFSR\Staging\CS{DA071C44-180C-DBC4-E41E-A74CD1A7765F}\14\51-{C78C2982-E88B-4DB6-941A-718DA8D68C32}-v14-{B9F6412E-A2CB-4442-B2F4-8CF69059524F}-v51-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 5160 bytes hidden from API
C:\Documents and Settings\Pia M\Local Settings\Application Data\Microsoft\Messenger\maryanblacke@hotmail.com\SharingMetadata\nicke_krokfors@hotmail.com\DFSR\Staging\CS{DA071C44-180C-DBC4-E41E-A74CD1A7765F}\15\52-{C78C2982-E88B-4DB6-941A-718DA8D68C32}-v15-{B9F6412E-A2CB-4442-B2F4-8CF69059524F}-v52-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 18264 bytes hidden from API
C:\Documents and Settings\Pia M\Local Settings\Application Data\Microsoft\Messenger\maryanblacke@hotmail.com\SharingMetadata\nicke_krokfors@hotmail.com\DFSR\Staging\CS{DA071C44-180C-DBC4-E41E-A74CD1A7765F}\15\52-{C78C2982-E88B-4DB6-941A-718DA8D68C32}-v15-{B9F6412E-A2CB-4442-B2F4-8CF69059524F}-v52-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 2056 bytes hidden from API
C:\Documents and Settings\Pia M\Local Settings\Application Data\Microsoft\Messenger\maryanblacke@hotmail.com\SharingMetadata\nicke_krokfors@hotmail.com\DFSR\Staging\CS{DA071C44-180C-DBC4-E41E-A74CD1A7765F}\16\53-{C78C2982-E88B-4DB6-941A-718DA8D68C32}-v16-{B9F6412E-A2CB-4442-B2F4-8CF69059524F}-v53-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 45732 bytes hidden from API
C:\Documents and Settings\Pia M\Local Settings\Application Data\Microsoft\Messenger\maryanblacke@hotmail.com\SharingMetadata\nicke_krokfors@hotmail.com\DFSR\Staging\CS{DA071C44-180C-DBC4-E41E-A74CD1A7765F}\16\53-{C78C2982-E88B-4DB6-941A-718DA8D68C32}-v16-{B9F6412E-A2CB-4442-B2F4-8CF69059524F}-v53-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 5072 bytes hidden from API
C:\Documents and Settings\Pia M\Local Settings\Application Data\Microsoft\Messenger\maryanblacke@hotmail.com\SharingMetadata\nicke_krokfors@hotmail.com\DFSR\Staging\CS{DA071C44-180C-DBC4-E41E-A74CD1A7765F}\17\54-{C78C2982-E88B-4DB6-941A-718DA8D68C32}-v17-{B9F6412E-A2CB-4442-B2F4-8CF69059524F}-v54-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 39450 bytes hidden from API
C:\Documents and Settings\Pia M\Local Settings\Application Data\Microsoft\Messenger\maryanblacke@hotmail.com\SharingMetadata\nicke_krokfors@hotmail.com\DFSR\Staging\CS{DA071C44-180C-DBC4-E41E-A74CD1A7765F}\17\54-{C78C2982-E88B-4DB6-941A-718DA8D68C32}-v17-{B9F6412E-A2CB-4442-B2F4-8CF69059524F}-v54-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 4392 bytes hidden from API
C:\Documents and Settings\Pia M\Local Settings\Application Data\Microsoft\Messenger\maryanblacke@hotmail.com\SharingMetadata\nicke_krokfors@hotmail.com\DFSR\Staging\CS{DA071C44-180C-DBC4-E41E-A74CD1A7765F}\18\55-{C78C2982-E88B-4DB6-941A-718DA8D68C32}-v18-{B9F6412E-A2CB-4442-B2F4-8CF69059524F}-v55-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 31134 bytes hidden from API
C:\Documents and Settings\Pia M\Local Settings\Application Data\Microsoft\Messenger\maryanblacke@hotmail.com\SharingMetadata\nicke_krokfors@hotmail.com\DFSR\Staging\CS{DA071C44-180C-DBC4-E41E-A74CD1A7765F}\18\55-{C78C2982-E88B-4DB6-941A-718DA8D68C32}-v18-{B9F6412E-A2CB-4442-B2F4-8CF69059524F}-v55-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 3512 bytes hidden from API
C:\Documents and Settings\Pia M\Local Settings\Application Data\Microsoft\Messenger\maryanblacke@hotmail.com\SharingMetadata\nicke_krokfors@hotmail.com\DFSR\Staging\CS{DA071C44-180C-DBC4-E41E-A74CD1A7765F}\19\56-{C78C2982-E88B-4DB6-941A-718DA8D68C32}-v19-{B9F6412E-A2CB-4442-B2F4-8CF69059524F}-v56-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 29712 bytes hidden from API
C:\Documents and Settings\Pia M\Local Settings\Application Data\Microsoft\Messenger\maryanblacke@hotmail.com\SharingMetadata\nicke_krokfors@hotmail.com\DFSR\Staging\CS{DA071C44-180C-DBC4-E41E-A74CD1A7765F}\19\56-{C78C2982-E88B-4DB6-941A-718DA8D68C32}-v19-{B9F6412E-A2CB-4442-B2F4-8CF69059524F}-v56-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 3280 bytes hidden from API
C:\Documents and Settings\Pia M\Local Settings\Application Data\Microsoft\Messenger\maryanblacke@hotmail.com\SharingMetadata\nicke_krokfors@hotmail.com\DFSR\Staging\CS{DA071C44-180C-DBC4-E41E-A74CD1A7765F}\20\57-{C78C2982-E88B-4DB6-941A-718DA8D68C32}-v20-{B9F6412E-A2CB-4442-B2F4-8CF69059524F}-v57-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 29640 bytes hidden from API
C:\Documents and Settings\Pia M\Local Settings\Application Data\Microsoft\Messenger\maryanblacke@hotmail.com\SharingMetadata\nicke_krokfors@hotmail.com\DFSR\Staging\CS{DA071C44-180C-DBC4-E41E-A74CD1A7765F}\20\57-{C78C2982-E88B-4DB6-941A-718DA8D68C32}-v20-{B9F6412E-A2CB-4442-B2F4-8CF69059524F}-v57-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 3248 bytes hidden from API
C:\Documents and Settings\Pia M\Local Settings\Application Data\Microsoft\Messenger\maryanblacke@hotmail.com\SharingMetadata\nicke_krokfors@hotmail.com\DFSR\Staging\CS{DA071C44-180C-DBC4-E41E-A74CD1A7765F}\21\58-{C78C2982-E88B-4DB6-941A-718DA8D68C32}-v21-{B9F6412E-A2CB-4442-B2F4-8CF69059524F}-v58-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 29982 bytes hidden from API
C:\Documents and Settings\Pia M\Local Settings\Application Data\Microsoft\Messenger\maryanblacke@hotmail.com\SharingMetadata\nicke_krokfors@hotmail.com\DFSR\Staging\CS{DA071C44-180C-DBC4-E41E-A74CD1A7765F}\21\58-{C78C2982-E88B-4DB6-941A-718DA8D68C32}-v21-{B9F6412E-A2CB-4442-B2F4-8CF69059524F}-v58-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 3376 bytes hidden from API
C:\Documents and Settings\Pia M\Local Settings\Application Data\Microsoft\Messenger\maryanblacke@hotmail.com\SharingMetadata\nicke_krokfors@hotmail.com\DFSR\Staging\CS{DA071C44-180C-DBC4-E41E-A74CD1A7765F}\47\63-{20BB680D-1B79-4D86-9EE9-58F20A3C5AD1}-v47-{B9F6412E-A2CB-4442-B2F4-8CF69059524F}-v63-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 31602 bytes hidden from API
C:\Documents and Settings\Pia M\Local Settings\Application Data\Microsoft\Messenger\maryanblacke@hotmail.com\SharingMetadata\nicke_krokfors@hotmail.com\DFSR\Staging\CS{DA071C44-180C-DBC4-E41E-A74CD1A7765F}\47\63-{20BB680D-1B79-4D86-9EE9-58F20A3C5AD1}-v47-{B9F6412E-A2CB-4442-B2F4-8CF69059524F}-v63-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 3544 bytes hidden from API
C:\Documents and Settings\Pia M\Local Settings\Application Data\Microsoft\Messenger\maryanblacke@hotmail.com\SharingMetadata\nicke_krokfors@hotmail.com\DFSR\Staging\CS{DA071C44-180C-DBC4-E41E-A74CD1A7765F}\48\61-{20BB680D-1B79-4D86-9EE9-58F20A3C5AD1}-v48-{B9F6412E-A2CB-4442-B2F4-8CF69059524F}-v61-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 82866 bytes hidden from API
C:\Documents and Settings\Pia M\Local Settings\Application Data\Microsoft\Messenger\maryanblacke@hotmail.com\SharingMetadata\nicke_krokfors@hotmail.com\DFSR\Staging\CS{DA071C44-180C-DBC4-E41E-A74CD1A7765F}\48\61-{20BB680D-1B79-4D86-9EE9-58F20A3C5AD1}-v48-{B9F6412E-A2CB-4442-B2F4-8CF69059524F}-v61-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 9320 bytes hidden from API
C:\Documents and Settings\Pia M\Local Settings\Application Data\Microsoft\Messenger\maryanblacke@hotmail.com\SharingMetadata\nicke_krokfors@hotmail.com\DFSR\Staging\CS{DA071C44-180C-DBC4-E41E-A74CD1A7765F}\49\62-{20BB680D-1B79-4D86-9EE9-58F20A3C5AD1}-v49-{B9F6412E-A2CB-4442-B2F4-8CF69059524F}-v62-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 107400 bytes hidden from API
C:\Documents and Settings\Pia M\Local Settings\Application Data\Microsoft\Messenger\maryanblacke@hotmail.com\SharingMetadata\nicke_krokfors@hotmail.com\DFSR\Staging\CS{DA071C44-180C-DBC4-E41E-A74CD1A7765F}\49\62-{20BB680D-1B79-4D86-9EE9-58F20A3C5AD1}-v49-{B9F6412E-A2CB-4442-B2F4-8CF69059524F}-v62-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 11832 bytes hidden from API
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 31
Remaining Services:
------------------
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
Remaining Files:
---------------
File Backups: - C:\SDFix\backups\backups.zip
Files with Hidden Attributes:
Sun 23 Sep 2007 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Mon 20 Aug 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Finished!
|
|
tomato71
Suspended due to non-functional email address
|
2. joulukuuta 2007 @ 21:37 |
Linkki tähän viestiin
|
ja sitten...
Lataa CCleaner tästä
*Asennuksessa poista merkki/rasti kohdasta "asenna Yahoo! toolbar/työkalupalkki".
*Asennuksen jälkeen aukaise CCleaner.
*Valitse vasemmalta pystyrivistä Options.
*Valitse viereisestä pystyrivistä Settings.
*Language kohtaan valitse Suomi.
Puhdistaja
*Valitse vasemmalta pystyrivistä Puhdistaja.
*Paina alhaalta Tutki.
Nyt CCleaner tutkii, mitä voidaan poistaa (tempit, cookiessit jne.).
*Kun tutkiminen on valmis, paina Aja CCleaner.
Nyt CCleaner poistaa löydetyt tempit, cookiessit jne.
Rekisterin virheiden korjaus
*Valitse vasemmalta pystyrivistä Virheet.
*Paina alhaalta Etsi rekisterin virheitä.
*Kun etsintä on valmis ja olet varma, että haluat korjata ne rivit jotka ovat merkattuja, niin paina Korjaa valitut rekisterin virheet.
*Sinulta kysytään "haluatko varmuuskopioida muutokset rekisteriin", paina Kyllä. Tallenna varmuuskopio vaikka "Omat tiedostot" -kansioon.
*Klikkaa uudesta aukeavasta ikkunasta Korjaa kaikki valitut virheet.
*Saat vielä varmistus kysymyksen, paina Ok.
*Kun virheet on korjattu, paina Sulje.
*Nyt voit suljea CCleanerin painamalla oikealta ylhäältä punaista rastia.
Skannaa koneesi Kaspersky Online Skannerilla
Käytä Internet Explorer
Sinulta kysytään sallitko ActiveX -komponentin asentamisen Kasperskyltä, klikkaa Kyllä.[list]
[*] Ohjelma käynnistyy ja aloittaa viimeisimpien tunnistetiedostojen lataamisen.
[*] Kun skanneri on asennettu ja tunnistetiedot ladattu, klikkaa Next.
[*] Klikkaa nyt asetuksia, Scan Settings
[*] Tarkista asetuksista, että seuraavat ovat valittuina:
o Scan using the following Anti-Virus database:
+ Extended (Jos valittavissa, muuten valitse Standard)
o Scan Options:
+ Scan Archives
+ Scan Mail Bases
[*] Klikkaa OK
[*] Nyt valitse "select a target to scan" otsikon alta Oma Tietokone, My Computer
[*] Skannaus vie aikaa, joten ole kärsivällinen. Kun skannaus on valmis saat ilmoituksen, jos koneesi on saastunut.
[*] Klikkaa nyt Save as Text-painiketta.
[*] Tallenna tiedosto työpöydällesi.
[*] Kopioi ja Liitä tiedoston sisältö seuraavaan vastaukseesi
www.virustorjunta.net
|
|
Aip
Junior Member
|
2. joulukuuta 2007 @ 22:27 |
Linkki tähän viestiin
|
|
ccleanerin vedin läpi mutta toi online scanneri ei onnistu kun jostain syystä koneessa ei toimi netti. Yhteydessä ei ole vikaa kun tämä kannettava pääsee kyllä nettiin. Onko jotain ohjelmaa jonka sais ladattua ja tikun kautta ajettua?
|
|
tomato71
Suspended due to non-functional email address
|
2. joulukuuta 2007 @ 22:45 |
Linkki tähän viestiin
|
www.virustorjunta.net
|
|
Aip
Junior Member
|
9. joulukuuta 2007 @ 15:29 |
Linkki tähän viestiin
|
Tuo toimi ja putsasi, mutta lokia ei antanut (?) Nyt pelittää jo paremmin. Tässä hjt loki:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:25:23, on 9.12.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\LVComsX.exe
C:\Program Files\Alwil Software\Avast4\setup\avast.setup
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [EPSON Stylus CX3600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE /P26 "EPSON Stylus CX3600 Series" /O6 "USB001" /M "Stylus CX3600"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Paikallinen palve')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Verkkopalve')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/webplayer/stage...owserPlugin.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1DF3A91D-1E12-4219-894E-AB15AD81DD72}: NameServer = 204.110.160.192
O17 - HKLM\System\CCS\Services\Tcpip\..\{4065C858-FBF2-40F8-A07A-461D8A881B5D}: NameServer = 204.110.160.192
O17 - HKLM\System\CCS\Services\Tcpip\..\{B9DAB53E-F207-4772-A0C2-81226732C03F}: NameServer = 204.110.160.192
O17 - HKLM\System\CCS\Services\Tcpip\..\{C9496BC9-D2D0-446E-BC9C-4ED8B04EB966}: NameServer = 204.110.160.192
O17 - HKLM\System\CCS\Services\Tcpip\..\{CD9046C7-5E49-47E2-BB0F-9ACAB3B22779}: NameServer = 204.110.160.192
O17 - HKLM\System\CS1\Services\Tcpip\..\{1DF3A91D-1E12-4219-894E-AB15AD81DD72}: NameServer = 204.110.160.192
O17 - HKLM\System\CS2\Services\Tcpip\..\{1DF3A91D-1E12-4219-894E-AB15AD81DD72}: NameServer = 204.110.160.192
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
--
End of file - 6591 bytes
|
|
Mainos
|
|
|
|
tomato71
Suspended due to non-functional email address
|
13. joulukuuta 2007 @ 19:50 |
Linkki tähän viestiin
|
|
moi
loki on ok
www.virustorjunta.net
|
