|
|
|
Keskustelualueet
Keskustelualueet
|
|
|
hjt logi
|
|
|
etzka326
Senior Member
|
27. maaliskuuta 2008 @ 18:41 |
Linkki tähän viestiin
|
Eli tässä: Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:38:36, on 27.3.2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
E:\Program Files\Sonera Tietoturva\Common\FSM32.EXE
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
E:\Program Files\Sonera Tietoturva\FSGUI\fsguidll.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\system32\conime.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9e.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\Windows\system32\SearchFilterHost.exe
E:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [recinfo919] c:\RecInfo\RecInfo.exe
O4 - HKLM\..\Run: [F-Secure Manager] "E:\Program Files\Sonera Tietoturva\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "E:\Program Files\Sonera Tietoturva\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [soneraVista] wscript.exe "C:\Program Files\Sonera\InternetAvustaja\agentui\snapins\vista\vistaupdate.js" sonera
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [igndlm.exe] E:\Program Files\Download Manager\DLM.exe /windowsstart /startifwork
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Verkkopalvelu')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] "E:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] "E:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: V&ie Microsoft Exceliin - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Lapsilukko... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - E:\Program Files\Sonera Tietoturva\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - E:\Program Files\Sonera Tietoturva\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Lapsilukko... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - E:\Program Files\Sonera Tietoturva\FSPC\fspcmsie.dll
O9 - Extra button: Lähetä OneNoteen - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Läh&etä OneNoteen - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDown...iaSmartScan.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - E:\Program Files\Sonera Tietoturva\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - E:\Program Files\Sonera Tietoturva\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - E:\Program Files\Sonera Tietoturva\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - E:\Program Files\Sonera Tietoturva\Common\FSMA32.EXE
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Fujitsu Siemens Computers Diagnostic Testhandler (TestHandler) - Fujitsu Siemens Computers - C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe
--
End of file - 8051 bytes
|
|
mind92
Member
|
27. maaliskuuta 2008 @ 19:08 |
Linkki tähän viestiin
|
merkkaa hjt:lla ja paina fix checked seuraavat:
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
-----------
Javan päivitys ja välimuistin tyhjennys:
1. Klikkaa Käynnistä -> Ohjauspaneeli ja tupla-klikkaa Lisää tai poista sovellus Ohjauspaneelissa.
2. Etsi listasta kaikki entiset Java versiosi. (J2SE Runtime Environment.... )
Niissä pitäisi olla seuraava kuva vieressä: 
3. Valitse kaikki entiset Java versiosi ja valitse Poista.
4. Asenna uusin Java päivitys seuraavasta linkistä..
5. Käynnistä kone uudelleen asennuksen jälkeen:
http://java.sun.com/javase/downloads/index.jsp
Rullaa alas kohteeseen Java Runtime Environment (JRE) 6u5
Paina Download
Ruksaa Accept, ota offline installation, tallenna vaikka työpöydälle ja asenna se.
6. Käynnistyksen jälkeen, mene takaisin Ohjauspaneeliin ja avaa Java asetuksesi (Muita Ohjauspaneelin asetuksia -> Java kahvikuppi).
7. General Settings -osion alla, vedä liukusäädintä (Disk Space) pienemmälle, ja klikkaa Delete Files -nappia.
(Jotkut javapohjaiset ohjelmat saattavat tarvita enemmän levytilaa.
Jos huomaat säädön pienentämisen jälkeen koneessa hitautta, siirrä liukusäädintä isommalle).
8. Varmista että kaikki kaksi valintaa ovat rastitettuja:
*Applications and Applets
*Trace and Log Files
Ja paina OK -nappia
9. Klikkaa OK "Temporary Files Settings" -ikkunassasi.
10. Klikkaa OK jättääksesi Java asetusikkunasi.
===========
Lataa tuolta
CCleaner v2.05.555- Standard Build, ÄLÄ aseenna Yahoo toolbaria!
laita asetukset näin:
Valinnat --> Lisäasetukset --> Ota ruksi pois kohdasta Poista vain yli 48 tuntia vanhat tilapäistiedostot.
aja Puhdistaja > tutki nappi > aja ccleaner nappi oikea alakulma
aja Rekisteri > etsi rekisteri virheitä nappi > Korjaa rekisteri virheet. nappi
-------------------
Ohje AVG:n Anti-Spyware 7.5:n käyttöön
Huom! Tässä ohjeessa sammutetaan tuo reaaliaikasuojaus (Shield). Näin vältetään tilanteet joissa suojaus estäisi esim HijackThis:n työkalun toimintaa.
Tallenna nämä ohjeet tekstitiedostoon tai tulosta nämä, muuten et pääse niihin käsiksi vikasietotilasta
Lataa AVG:n Anti-Spyware 7.5:n
ja tallenna ohjelma työpöydällesi.
o Kun olet ladannut ohjelman, kaksoisklikkaa asennuohjelman pikakuvaketta työpöydälläsi, asennus alkaa.
o Asennuksen jälkeen täytyy ohjelma käynnistää ja sen tunnisteet päivittää.
o Käynnistä AVG:n Anti-Spyware.
o Klikkaa "Update" kuvaketta päävalikossa. Sen jälkeen klikkaa "Update now" painiketta.
o Sitten klikkaa "Start Update" kuvaketta jolloin päivitys alkaa.
o Kun päivitykset on ladattu, klikkaa "Scanner" kuvaketta ikkunan ylälaidassa. Valitse sitten "Settings" välilehti.
o Kun "Settings" valikko on auennut, klikkaa "Recommended actions" ja sitten valitse "Quarantine".
o Sitten "Reports" valikon alta:
o Laita täppi kohtaan "Automatically generate report after every scan"
o Ota täppi pois kohdasta"Only if threats were found"
o Sitten klikkaa "Shield" kuvaketta ikkunan ylälaidassa
o "Resident shield is", muuta tila active:sta inactive:ksi
o Sulje ohjelma, ÄLÄ skannaa vielä.
Käynnistä koneesi vikasietotilaan,
sammuta ja käynnistä
käynnistyksen yhteydessä naputtele F8
valitse nuoli näppäimellä vikasietotila
paina enter ja enter
Toisissa koneissa paukutetaan F8:sin sijasta F5:tä
HUOM! Älä käytä muita ohjelmia AVG:n skannauksen aikana, tämä saattaa häiritä skannausta.
o Kun vikasietotilassa, käynnistä AVG:n Anti-Spyware.
o Klikkaa "Scanner" kuvaketta ikkunan ylälaidassa ja valitse "Scan" välilehti. Sitten klikkaa "Complete System Scan".
o Ewido aloittaa nyt tietokoneen skannaamisen, ole kärsivällinen sillä skannaus vie aikaa.
Kun skannaus on valmis:
TÄRKEÄÄ : Älä klikkaa "Save Scan Report" ennen kuin klikkaat "Apply all Actions"
o Varmistu, että Set all elements to: näyttää Quarantine (1), jos ei, klikkaa linkkiä ja valitse Quarantine popup-valikosta.
o Sinulta kysytään mitä tehdä jos infektioita löytyi, valitse silloin "Apply all actions"
o Sitten klikkaa "Reports" kuvaketta ohjelma yläosasta.
o Klikkaa "Save report as" painiketta ikkunan vasemmassa alalaidassa ja tallenna raportti työpöydälle.
o Sulje ohjelma, käynnistä kone normaalisti ja lähetä AVG:n raportti viestikejuusi.
----------------
onko koneessa ollut mtn ongelmia??
Aina tulee olemaan eskimoita, jotka neuvovat Kongon alkuasukkaille miten menetellä helteen tullen.
- stanislaw jerzy lec -
Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 27. maaliskuuta 2008 @ 19:09
|
|
etzka326
Senior Member
|
28. maaliskuuta 2008 @ 21:17 |
Linkki tähän viestiin
|
|
Kiitos avusta tähän asti mutta kun tarkistin vikasietotilassa niin en muistanut painaa quarantine vaan siinä oli valmiina delete,ei kai sehaittaa kun teidostot olivat vain tracking cookieita? teen sen scannin uudelleen ku kerkeen.Ja muute en pystyny painaan save reporttia scanni jälkeen mikshiköhän?
|
|
etzka326
Senior Member
|
29. maaliskuuta 2008 @ 09:53 |
Linkki tähän viestiin
|
Tällänen logi oli ei muita tää voi kyllä olla väärä:---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------
+ Created at: 21:11:42 28.3.2008
+ Scan result:
C:\Users\Aiti\AppData\Roaming\Microsoft\Windows\Cookies\Low\aiti@CAL2LXGO.txt -> TrackingCookie.2o7 : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\Low\ezka@CA45CLU0.txt -> TrackingCookie.2o7 : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\Low\ezka@CABTM11T.txt -> TrackingCookie.2o7 : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\ezka@CAKK33QN.txt -> TrackingCookie.2o7 : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\ezka@CAVODBFY.txt -> TrackingCookie.2o7 : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\ezka@CAY7GQI4.txt -> TrackingCookie.2o7 : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\Low\ezka@CA55T0DU.txt -> TrackingCookie.Adbrite : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\Low\ezka@CAQZHBDT.txt -> TrackingCookie.Adbrite : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\Low\ezka@ads.adbrite[1].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\ezka@ads.adbrite[1].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\ezka@ads.adbrite[3].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\ezka@ads.adbrite[4].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\Low\ezka@CA2K8G4E.txt -> TrackingCookie.Adrevolver : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\Low\ezka@CAGRFN0U.txt -> TrackingCookie.Adrevolver : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\Low\ezka@media.adrevolver[1].txt -> TrackingCookie.Adrevolver : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\ezka@CA8T0GCU.txt -> TrackingCookie.Adrevolver : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\ezka@CAKQ1RHK.txt -> TrackingCookie.Adrevolver : Cleaned.
C:\Users\Aiti\AppData\Roaming\Microsoft\Windows\Cookies\Low\aiti@CAJOP2EK.txt -> TrackingCookie.Adtech : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\Low\ezka@CA0P6WDP.txt -> TrackingCookie.Adtech : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\Low\ezka@CA8AGLHI.txt -> TrackingCookie.Adtech : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\ezka@CA7DCWVU.txt -> TrackingCookie.Adtech : Cleaned.
C:\Users\Aiti\AppData\Roaming\Microsoft\Windows\Cookies\aiti@CA5TL06G.txt -> TrackingCookie.Advertising : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\Low\ezka@CA1KFVMI.txt -> TrackingCookie.Advertising : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\ezka@CABCCRQJ.txt -> TrackingCookie.Advertising : Cleaned.
C:\Users\Aiti\AppData\Roaming\Microsoft\Windows\Cookies\aiti@CAK3SDE2.txt -> TrackingCookie.Atdmt : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\Low\ezka@CATYVXVD.txt -> TrackingCookie.Atdmt : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\Low\ezka@CAXIKRG3.txt -> TrackingCookie.Atdmt : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\ezka@CA0TU25R.txt -> TrackingCookie.Atdmt : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\ezka@CA6GOXYA.txt -> TrackingCookie.Atdmt : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\ezka@CANTU7HT.txt -> TrackingCookie.Atdmt : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\Low\ezka@www.burstbeacon[2].txt -> TrackingCookie.Burstbeacon : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\Low\ezka@burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\Low\ezka@CAEDFIBS.txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\Low\ezka@casalemedia[2].txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Users\Aiti\AppData\Roaming\Microsoft\Windows\Cookies\Low\aiti@CA6RIZNO.txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Users\Aiti\AppData\Roaming\Microsoft\Windows\Cookies\Low\aiti@CAVU3L3T.txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\Low\ezka@CA3F6G91.txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\Low\ezka@CAP4LBPK.txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\ezka@CA28BL1U.txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\ezka@CAD01H9J.txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\Low\ezka@CAHR606N.txt -> TrackingCookie.Fastclick : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\Low\ezka@CAJCRDO5.txt -> TrackingCookie.Fastclick : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\ezka@CAF7YYSQ.txt -> TrackingCookie.Fastclick : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\ezka@ads.gamershell[2].txt -> TrackingCookie.Gamershell : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\ezka@gamershell[2].txt -> TrackingCookie.Gamershell : Cleaned.
C:\Users\Aiti\AppData\Roaming\Microsoft\Windows\Cookies\Low\aiti@CA1R63FL.txt -> TrackingCookie.Hitbox : Cleaned.
C:\Users\Aiti\AppData\Roaming\Microsoft\Windows\Cookies\Low\aiti@CATEUPJO.txt -> TrackingCookie.Hitbox : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\ezka@CADBP0H9.txt -> TrackingCookie.Hitbox : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\ezka@CAFKFX3J.txt -> TrackingCookie.Hitbox : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\ezka@CAH2RX9P.txt -> TrackingCookie.Hitbox : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\Low\ezka@CAWTP88L.txt -> TrackingCookie.Hotlog : Cleaned.
:mozilla.6:C:\Users\Ezka\AppData\Roaming\Mozilla\Firefox\Profiles\1i34s9bz.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.7:C:\Users\Ezka\AppData\Roaming\Mozilla\Firefox\Profiles\1i34s9bz.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\ezka@CAZYIUWB.txt -> TrackingCookie.Ivwbox : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\Low\ezka@CA8LKW7C.txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\ezka@CADOWHNN.txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\ezka@CAOLHCK7.txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\Low\ezka@ssl-hints.netflame[1].txt -> TrackingCookie.Netflame : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\ezka@ssl-hints.netflame[2].txt -> TrackingCookie.Netflame : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\Low\ezka@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\ezka@CAS3S4VX.txt -> TrackingCookie.Pointroll : Cleaned.
C:\Users\Aiti\AppData\Roaming\Microsoft\Windows\Cookies\Low\aiti@CALSYZ9B.txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\Low\ezka@CA0DJ5Y1.txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\Low\ezka@CACCWWDR.txt -> TrackingCookie.Revsci : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\Low\ezka@revsci[2].txt -> TrackingCookie.Revsci : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\ezka@CASQBP86.txt -> TrackingCookie.Revsci : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\ezka@CAZ0FB98.txt -> TrackingCookie.Revsci : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\Low\ezka@CA4ZSATO.txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\Low\ezka@CAZGWHVS.txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\ezka@CA3TPWL2.txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\Low\ezka@CAB5WOGK.txt -> TrackingCookie.Statcounter : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\ezka@CAPEMFCU.txt -> TrackingCookie.Statcounter : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\ezka@CAYI3OBQ.txt -> TrackingCookie.Statcounter : Cleaned.
C:\Users\Aiti\AppData\Roaming\Microsoft\Windows\Cookies\Low\aiti@CAMEWYLR.txt -> TrackingCookie.Statistik-gallup : Cleaned.
C:\Users\Aiti\AppData\Roaming\Microsoft\Windows\Cookies\aiti@CA1BZ8MQ.txt -> TrackingCookie.Statistik-gallup : Cleaned.
C:\Users\Aiti\AppData\Roaming\Microsoft\Windows\Cookies\aiti@CACRPA8J.txt -> TrackingCookie.Statistik-gallup : Cleaned.
C:\Users\Aiti\AppData\Roaming\Microsoft\Windows\Cookies\aiti@CAO5ATKI.txt -> TrackingCookie.Statistik-gallup : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\Low\ezka@CA2KMNB8.txt -> TrackingCookie.Statistik-gallup : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\Low\ezka@CAC0APWV.txt -> TrackingCookie.Statistik-gallup : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\ezka@CA8WXF13.txt -> TrackingCookie.Statistik-gallup : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\Low\ezka@CA5V4PWJ.txt -> TrackingCookie.Tacoda : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\Low\ezka@CAHUB6IT.txt -> TrackingCookie.Tacoda : Cleaned.
C:\Users\Aiti\AppData\Roaming\Microsoft\Windows\Cookies\Low\aiti@CABBYDYC.txt -> TrackingCookie.Tradedoubler : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\Low\ezka@CARVJ2AA.txt -> TrackingCookie.Tradedoubler : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\Low\ezka@CAXJL9T9.txt -> TrackingCookie.Tradedoubler : Cleaned.
C:\Users\Aiti\AppData\Roaming\Microsoft\Windows\Cookies\Low\aiti@CAMA9KES.txt -> TrackingCookie.Tribalfusion : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\Low\ezka@CA3E316I.txt -> TrackingCookie.Tribalfusion : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\ezka@CA0DV82V.txt -> TrackingCookie.Tribalfusion : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\ezka@CA6B89I5.txt -> TrackingCookie.Weborama : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\Low\ezka@m.webtrends[1].txt -> TrackingCookie.Webtrends : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\ezka@m.webtrends[2].txt -> TrackingCookie.Webtrends : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\Low\ezka@yadro[1].txt -> TrackingCookie.Yadro : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\Low\ezka@CA9AB05M.txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\Low\ezka@CADWHWSL.txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\Low\ezka@CAJF15UU.txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\ezka@CAEPQJGU.txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Users\Ezka\AppData\Roaming\Microsoft\Windows\Cookies\Low\ezka@CAYDZNDB.txt -> TrackingCookie.Zedo : Cleaned.
::Report end
|
|
Hujo
Suspended permanently
|
29. maaliskuuta 2008 @ 14:19 |
Linkki tähän viestiin
|
Lataa Tästä Ccleaner
CCleaner v2.05.555- Standard Build, ÄLÄ aseenna Yahoo toolbaria!
laita asetukset näin:
Valinnat --> Lisäasetukset --> Ota ruksi pois kohdasta Poista vain yli 48 tuntia vanhat tilapäistiedostot.
aja Puhdistaja > tutki nappi > aja ccleaner nappi oikea alakulma
aja Virheet > etsi rekisteri virheitä nappi > Korjaa rekisteri virheet. nappi
Voiko tietsikka koskaan toimia?
|
|
etzka326
Senior Member
|
29. maaliskuuta 2008 @ 19:33 |
Linkki tähän viestiin
|
|
Tuolla olen jo tarkistanut...
|
|
mind92
Member
|
29. maaliskuuta 2008 @ 19:35 |
Linkki tähän viestiin
|
Aina tulee olemaan eskimoita, jotka neuvovat Kongon alkuasukkaille miten menetellä helteen tullen.
- stanislaw jerzy lec -
|
|
etzka326
Senior Member
|
30. maaliskuuta 2008 @ 16:12 |
Linkki tähän viestiin
|
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:11:33, on 30.3.2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\RtHDVCpl.exe
E:\Program Files\Sonera Tietoturva\Common\FSM32.EXE
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\conime.exe
E:\Program Files\Sonera Tietoturva\FSGUI\fsguidll.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9e.exe
E:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe
E:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [recinfo919] c:\RecInfo\RecInfo.exe
O4 - HKLM\..\Run: [F-Secure Manager] "E:\Program Files\Sonera Tietoturva\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "E:\Program Files\Sonera Tietoturva\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [soneraVista] wscript.exe "C:\Program Files\Sonera\InternetAvustaja\agentui\snapins\vista\vistaupdate.js" sonera
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] "E:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] "E:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: V&ie Microsoft Exceliin - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Lapsilukko... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - E:\Program Files\Sonera Tietoturva\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - E:\Program Files\Sonera Tietoturva\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Lapsilukko... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - E:\Program Files\Sonera Tietoturva\FSPC\fspcmsie.dll
O9 - Extra button: Lähetä OneNoteen - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Läh&etä OneNoteen - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDown...iaSmartScan.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - E:\Program Files\Sonera Tietoturva\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - E:\Program Files\Sonera Tietoturva\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - E:\Program Files\Sonera Tietoturva\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - E:\Program Files\Sonera Tietoturva\Common\FSMA32.EXE
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Fujitsu Siemens Computers Diagnostic Testhandler (TestHandler) - Fujitsu Siemens Computers - C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe
--
End of file - 7488 bytes
|
|
mind92
Member
|
30. maaliskuuta 2008 @ 16:17 |
Linkki tähän viestiin
|
1. Lataa combofix.exe työpöydällesi jommastakummasta linkistä:
combofix.exe
combofix.exe
2. Tuplaklikkaa combofix.exe tiedostoa ja seuraa ohjeistuksia.
3. Kun työkalu on valmis, se tuottaa lokin. (C:\ComboFix.txt) Lähetä tämä loki viesti ketjuusi.
Huom! Älä klikkaile combofixin ikkunaa käytön aikana. Tämä saattaa aiheuttaa ohjelman jumiutumisen.
Aina tulee olemaan eskimoita, jotka neuvovat Kongon alkuasukkaille miten menetellä helteen tullen.
- stanislaw jerzy lec -
|
|
etzka326
Senior Member
|
30. maaliskuuta 2008 @ 19:23 |
Linkki tähän viestiin
|
Tässä tulee.,..,.,
ComboFix 08-03-30.2 - Ezka 2008-03-30 20:11:27.1 - NTFSx86
Microsoft® Windows Vista? Home Premium 6.0.6000.0.1252.1.1035.18.1968 [GMT 3:00]
Running from: C:\Users\Ezka\Desktop\ComboFix.exe
* Created a new restore point
* Resident AV is active
.
((((( Tiedostot, jotka on luotu seuraavalla aikavälillä: 2008-02-28 to 2008-03-30 )))))))))))))))))
.
2008-03-29 20:47 . 2008-03-29 20:47 <KANSIO> d-------- C:\Windows\Java
2008-03-29 20:47 . 2008-03-29 20:47 <KANSIO> d-------- C:\Program Files\PC Wizard 2008
2008-03-29 20:47 . 2007-09-15 16:11 27,136 --a------ C:\Windows\System32\PCWizard.cpl
2008-03-28 21:16 . 2008-03-28 21:16 <KANSIO> d-------- C:\Users\Ezka\AppData\Roaming\Grisoft
2008-03-28 21:15 . 2007-05-30 15:10 10,872 --a------ C:\Windows\System32\drivers\AvgAsCln.sys
2008-03-28 21:06 . 2008-03-28 21:06 <KANSIO> d-------- C:\Program Files\Common Files\Java
2008-03-26 16:46 . 2008-03-26 16:47 <KANSIO> d-------- C:\Program Files\Safari
2008-03-26 16:39 . 2008-03-26 16:53 <KANSIO> d-------- C:\Users\Ezka\AppData\Roaming\Apple Computer
2008-03-26 16:39 . 2008-03-26 16:39 <KANSIO> d-------- C:\Program Files\iPod
2008-03-26 16:38 . 2008-03-26 16:38 <KANSIO> d-------- C:\Users\All Users\Apple Computer
2008-03-26 16:38 . 2008-03-26 16:38 <KANSIO> d-------- C:\ProgramData\Apple Computer
2008-03-26 16:38 . 2008-03-26 16:38 <KANSIO> d-------- C:\Program Files\QuickTime
2008-03-26 16:38 . 2008-03-26 16:39 <KANSIO> d-------- C:\Program Files\iTunes
2008-03-26 16:36 . 2008-03-26 16:36 <KANSIO> d-------- C:\Program Files\Common Files\Apple
2008-03-25 16:37 . 2008-03-25 16:42 <KANSIO> d-------- C:\Program Files\RivaTuner v2.08
2008-03-24 20:39 . 2008-03-05 16:56 3,786,760 --a------ C:\Windows\System32\D3DX9_37.dll
2008-03-24 20:39 . 2008-03-05 16:56 1,420,824 --a------ C:\Windows\System32\D3DCompiler_37.dll
2008-03-24 20:39 . 2008-03-05 17:03 479,752 --a------ C:\Windows\System32\XAudio2_0.dll
2008-03-24 20:39 . 2008-02-06 00:07 462,864 --a------ C:\Windows\System32\d3dx10_37.dll
2008-03-24 20:39 . 2008-03-05 17:03 238,088 --a------ C:\Windows\System32\xactengine3_0.dll
2008-03-24 20:39 . 2008-03-05 17:00 25,608 --a------ C:\Windows\System32\X3DAudio1_3.dll
2008-03-24 18:37 . 2008-03-24 18:37 <KANSIO> d-------- C:\Program Files\Lavalys
2008-03-23 17:08 . 2008-03-23 17:08 <KANSIO> d-------- C:\Users\Aiti\AppData\Roaming\vlc
2008-03-23 14:03 . 2008-03-23 14:03 <KANSIO> d-------- C:\Users\Aiti\AppData\Roaming\DivX
2008-03-21 20:26 . 2008-03-21 20:27 1,000,245,832 --a------ C:\Users\Ezka\conflictdeniedopsdemo.exe
2008-03-21 18:16 . 2008-03-21 18:16 307,968 --a------ C:\Windows\System32\TuneUpDefragService.exe
2008-03-21 18:16 . 2008-02-27 14:15 28,416 --a------ C:\Windows\System32\uxtuneup.dll
2008-03-21 18:16 . 2008-02-27 14:15 16,640 --a------ C:\Windows\System32\authuitu.dll
2008-03-21 18:15 . 2008-03-21 18:15 <KANSIO> d-------- C:\Users\Ezka\AppData\Roaming\TuneUp Software
2008-03-21 18:15 . 2008-03-21 18:15 <KANSIO> d-------- C:\Users\All Users\TuneUp Software
2008-03-21 18:15 . 2008-03-21 18:15 <KANSIO> d-------- C:\ProgramData\TuneUp Software
2008-03-21 18:14 . 2008-03-21 18:15 <KANSIO> d-------- C:\Program Files\TuneUp Utilities 2008
2008-03-18 16:25 . 2008-03-18 16:25 <KANSIO> d-------- C:\Users\Ezka\AppData\Roaming\vlc
2008-03-18 16:18 . 2008-03-18 16:18 <KANSIO> d-------- C:\Program Files\VideoLAN
2008-03-15 22:16 . 2008-03-15 22:16 378,602,720 --a------ C:\Users\Ezka\Crysis_Patch_1_2.exe
2008-03-15 17:22 . 2008-03-18 20:18 <KANSIO> d-------- C:\Users\Ezka\VIDEOTDE
2008-03-15 15:43 . 2008-03-15 15:44 <KANSIO> d-------- C:\Users\Ezka\AppData\Roaming\DivX
2008-03-15 15:42 . 2008-03-15 15:42 <KANSIO> d-------- C:\Program Files\Common Files\PX Storage Engine
2008-03-14 22:31 . 2008-03-04 12:02 442,368 --a------ C:\Windows\System32\NVUNINST.EXE
2008-03-12 17:27 . 2008-03-12 17:27 <KANSIO> d-------- C:\Program Files\Microsoft Silverlight
2008-03-12 16:56 . 2007-12-17 01:52 1,061,944 --a------ C:\Windows\System32\drivers\ntfs.sys
2008-03-12 16:56 . 2007-12-16 12:50 41,984 --a------ C:\Windows\System32\drivers\monitor.sys
2008-03-09 17:32 . 2008-03-09 17:32 60,171,472 --a------ C:\Users\Ezka\169.25_forceware_winvista_32bit_international_whql.exe
2008-03-09 17:28 . 2008-03-09 17:28 <KANSIO> d-------- C:\Users\All Users\Media Center Programs
2008-03-09 17:28 . 2008-03-09 17:28 <KANSIO> d-------- C:\ProgramData\Media Center Programs
2008-03-09 12:20 . 2008-03-14 22:36 <KANSIO> d-------- C:\Windows\nvidia icons
2008-03-09 12:15 . 2008-03-09 12:15 60,554,696 --a------ C:\Users\Ezka\169.44_forceware_winvista_32bit_international_beta.exe
2008-03-08 22:38 . 2007-06-29 15:47 34,304 --a------ C:\Windows\System32\drivers\AmdLLD.sys
2008-03-08 22:37 . 2008-03-08 22:37 <KANSIO> d-------- C:\Program Files\AMD
2008-03-08 18:43 . 2008-03-08 18:43 <KANSIO> d-------- C:\Windows\System32\URTTEMP
2008-03-08 18:32 . 2008-03-09 17:29 669,184 --a------ C:\Windows\System32\pbsvc.exe
2008-03-08 18:32 . 2008-03-09 17:29 22,328 --a------ C:\Users\Ezka\AppData\Roaming\PnkBstrK.sys
2008-03-07 17:33 . 2008-03-09 17:29 103,736 --a------ C:\Windows\System32\PnkBstrB.exe
2008-03-07 17:33 . 2008-03-07 17:33 66,872 --a------ C:\Windows\System32\PnkBstrA.exe
2008-03-07 17:33 . 2008-03-09 17:29 22,328 --a------ C:\Windows\System32\drivers\PnkBstrK.sys
2008-03-06 20:01 . 2008-03-06 20:05 <KANSIO> d-------- C:\Users\All Users\Lavasoft
2008-03-06 20:01 . 2008-03-06 20:05 <KANSIO> d-------- C:\ProgramData\Lavasoft
2008-03-06 20:01 . 2008-03-06 20:01 <KANSIO> d-------- C:\Program Files\Lavasoft
2008-03-06 19:57 . 2008-03-06 20:57 <KANSIO> d-------- C:\Users\All Users\Spybot - Search & Destroy
2008-03-06 19:57 . 2008-03-06 20:57 <KANSIO> d-------- C:\ProgramData\Spybot - Search & Destroy
2008-03-06 19:57 . 2008-03-06 19:58 <KANSIO> d-------- C:\Program Files\Spybot - Search & Destroy
2008-03-05 17:31 . 2008-03-08 18:06 <KANSIO> d-------- C:\Users\All Users\Microsoft Games
2008-03-05 17:31 . 2008-03-08 18:06 <KANSIO> d-------- C:\ProgramData\Microsoft Games
2008-03-05 17:26 . 2008-03-08 18:06 <KANSIO> d-------- C:\Users\Ezka\AppData\Roaming\Microsoft Game Studios
2008-03-04 19:16 . 2008-03-04 19:15 4,358,144 --a------ C:\Windows\uncsetup.exe
2008-03-04 19:16 . 2008-03-04 19:16 53,248 --a------ C:\Windows\System32\unrar.dll
2008-03-03 15:55 . 2008-03-30 17:58 12 --a------ C:\Windows\bthservsdp.dat
2008-03-02 21:38 . 2008-03-02 21:38 <KANSIO> d-------- C:\Users\Ezka\AppData\Roaming\InstallShield
2008-03-02 18:50 . 2008-03-02 18:50 268 --ah----- C:\sqmdata00.sqm
2008-03-02 18:50 . 2008-03-02 18:50 244 --ah----- C:\sqmnoopt00.sqm
2008-03-02 18:28 . 2008-03-02 18:29 <KANSIO> d-------- C:\Program Files\PeerGuardian2
2008-03-02 12:58 . 2008-03-02 12:58 <KANSIO> d-------- C:\Program Files\Common Files\Thraex Software
2008-03-01 21:33 . 2008-03-01 21:33 1,568,889 --a------ C:\Users\Ezka\P-660HW-D1_3.40(AGL.4)C0.zip
2008-03-01 17:47 . 2008-03-01 17:49 <KANSIO> d--hs---- C:\Users\Ezka\Phone Browser
2008-03-01 11:51 . 2008-03-01 11:51 651,896 --a------ C:\Users\Ezka\Metacafe4Windows.exe
2008-02-22 16:16 . 2008-02-22 16:16 <KANSIO> d-------- C:\Program Files\America's Army Server Manager
2008-02-21 05:05 . 2008-02-21 05:05 3,596,288 --a------ C:\Windows\System32\qt-dx331.dll
2008-02-21 05:05 . 2008-02-21 05:05 1,044,480 --a------ C:\Windows\System32\libdivx.dll
2008-02-21 05:05 . 2008-02-21 05:05 524,288 --a------ C:\Windows\System32\DivXsm.exe
2008-02-21 05:05 . 2008-02-21 05:05 200,704 --a------ C:\Windows\System32\ssldivx.dll
2008-02-21 05:05 . 2008-02-21 05:05 4,816 --a------ C:\Windows\System32\divxsm.tlb
2008-02-21 05:03 . 2008-02-21 05:03 630,784 --a------ C:\Windows\System32\divxdec.ax
2008-02-21 05:03 . 2008-02-21 05:03 156,992 --a------ C:\Windows\System32\DivXCodecVersionChecker.exe
2008-02-21 05:03 . 2008-02-21 05:03 12,288 --a------ C:\Windows\System32\DivXWMPExtType.dll
2008-02-20 08:36 . 2008-02-21 21:00 <KANSIO> d-------- C:\Users\Ezka\SmartMovie converted files
2008-02-19 09:03 . 2008-02-19 09:09 <KANSIO> d-------- C:\Users\Ezka\AppData\Roaming\Azureus
2008-02-19 09:03 . 2008-02-19 09:03 <KANSIO> d-------- C:\Users\All Users\Azureus
2008-02-19 09:03 . 2008-02-19 09:03 <KANSIO> d-------- C:\ProgramData\Azureus
2008-02-18 20:26 . 2008-02-18 21:01 <KANSIO> d-------- C:\Downloads
2008-02-18 18:57 . 2004-05-17 09:15 17,536 --a------ C:\Windows\System32\drivers\PCASp50.sys
2008-02-16 14:47 . 2008-02-16 14:47 <KANSIO> d-------- C:\Program Files\Common Files\SupportSoft
2008-02-16 14:46 . 2008-02-18 15:45 <KANSIO> d-------- C:\Program Files\Sonera
2008-02-16 13:00 . 2008-02-16 13:00 <KANSIO> d-------- C:\Program Files\eRightSoft
2008-02-15 19:54 . 2008-01-10 08:42 1,244,672 --a------ C:\Windows\System32\mcmde.dll
2008-02-14 16:41 . 2008-03-08 18:06 <KANSIO> d-------- C:\Users\All Users\Google
2008-02-14 16:41 . 2008-03-08 21:31 <KANSIO> d-------- C:\Program Files\Google
2008-02-13 18:00 . 2008-02-13 18:00 196,096 --a------ C:\Windows\System32\WebClnt.dll
2008-02-13 18:00 . 2008-02-13 18:00 110,080 --a------ C:\Windows\System32\drivers\mrxdav.sys
2008-02-13 18:00 . 2008-02-13 18:00 48,640 --a------ C:\Windows\System32\davclnt.dll
2008-02-13 17:55 . 2008-02-13 17:55 806,400 --a------ C:\Windows\System32\drivers\tcpip.sys
.
(((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-29 17:28 --------- d-----w C:\Users\Ezka\AppData\Roaming\uTorrent
2008-03-28 18:07 --------- d-----w C:\Program Files\Java
2008-03-26 14:53 --------- d-----w C:\Users\Ezka\AppData\Roaming\IGN_DLM
2008-03-23 14:08 --------- d-----w C:\Users\Aiti\AppData\Roaming\vlc
2008-03-22 08:47 418,480 ----a-w C:\Windows\System32\wrap_oal.dll
2008-03-22 08:47 115,432 ----a-w C:\Windows\System32\OpenAL32.dll
2008-03-21 15:57 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-03-21 15:11 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-03-21 09:38 --------- d---a-w C:\ProgramData\TEMP
2008-03-19 14:26 --------- d-----w C:\Users\Ezka\AppData\Roaming\MP3Rocket
2008-03-18 13:25 --------- d-----w C:\Users\Ezka\AppData\Roaming\vlc
2008-03-17 12:10 60,064 ----a-w C:\Windows\system32\drivers\fsdfw.sys
2008-03-15 12:42 --------- d-----w C:\Program Files\DivX
2008-03-14 19:39 --------- d-----w C:\ProgramData\NVIDIA
2008-03-12 14:20 --------- d-----w C:\Program Files\Windows Mail
2008-03-12 14:09 --------- d-----w C:\ProgramData\Microsoft Help
2008-03-09 11:50 --------- d-----w C:\Program Files\Common Files\Adobe
2008-03-08 15:09 --------- d-----w C:\Users\Ezka\AppData\Roaming\InstallShield Installation Information
2008-03-08 15:06 --------- d-----w C:\Program Files\Microsoft Games
2008-03-08 15:06 --------- d-----w C:\Program Files\iolo
2008-03-06 18:00 --------- d-----w C:\Program Files\FreeRIP3
2008-03-05 15:52 --------- d-----w C:\ProgramData\iolo
2008-03-02 16:02 --------- d-----w C:\Program Files\Common Files\Steam
2008-03-02 15:32 --------- d-----w C:\Users\Ezka\AppData\Roaming\LimeWire
2008-03-02 15:23 --------- d-----w C:\Program Files\Windows Live
2008-03-02 15:20 --------- d-----w C:\ProgramData\WLInstaller
2008-02-29 19:22 --------- d-----w C:\Program Files\LimeWire
2008-02-21 02:04 823,296 ----a-w C:\Windows\System32\divx_xx0c.dll
2008-02-21 02:04 823,296 ----a-w C:\Windows\System32\divx_xx07.dll
2008-02-21 02:04 81,920 ----a-w C:\Windows\System32\dpl100.dll
2008-02-21 02:04 802,816 ----a-w C:\Windows\System32\divx_xx11.dll
2008-02-21 02:04 682,496 ----a-w C:\Windows\System32\DivX.dll
2008-02-21 02:04 593,920 ----a-w C:\Windows\System32\dpuGUI11.dll
2008-02-21 02:04 57,344 ----a-w C:\Windows\System32\dpv11.dll
2008-02-21 02:04 53,248 ----a-w C:\Windows\System32\dpuGUI10.dll
2008-02-21 02:04 344,064 ----a-w C:\Windows\System32\dpus11.dll
2008-02-21 02:04 294,912 ----a-w C:\Windows\System32\dpu11.dll
2008-02-21 02:04 294,912 ----a-w C:\Windows\System32\dpu10.dll
2008-02-21 02:04 196,608 ----a-w C:\Windows\System32\dtu100.dll
2008-02-17 15:55 --------- d-----w C:\Users\Ezka\AppData\Roaming\iolo
2008-02-13 14:54 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-02-13 14:54 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-02-13 14:54 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-02-13 14:54 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-02-13 14:52 824,832 ----a-w C:\Windows\System32\wininet.dll
2008-02-13 14:52 56,320 ----a-w C:\Windows\System32\iesetup.dll
2008-02-13 14:52 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2008-02-13 14:52 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
2008-02-12 14:57 --------- d-----w C:\Users\Ezka\AppData\Roaming\Media Center Programs
2008-02-08 13:56 --------- d-----w C:\Users\Ezka\AppData\Roaming\Nokia
2008-02-07 15:32 --------- d-----w C:\Program Files\Common Files\Nokia
2008-02-07 15:31 --------- d-----w C:\ProgramData\Installations
2008-02-05 15:18 32,768 ----a-w C:\Windows\System32\iolobtdfg.exe
2008-02-05 15:18 24,064 ----a-w C:\Windows\System32\smrgdf.exe
2008-01-31 15:31 --------- d-----w C:\Users\Ezka\AppData\Roaming\Media Player Classic
2008-01-30 17:30 --------- d-----w C:\Program Files\Video Converter
2008-01-30 17:25 --------- d-----w C:\Program Files\K-Lite Codec Pack
2008-01-29 14:25 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-01-28 17:04 --------- d-----w C:\Program Files\Mopokorttikoulu
2008-01-28 16:37 74,703 ----a-w C:\Windows\System32\mfc45.dll
2008-01-09 13:16 11,776 ----a-w C:\Windows\System32\sbunattend.exe
2007-12-22 05:58 9,728 ----a-w C:\Windows\System32\LAPRXY.DLL
2007-12-22 05:58 223,232 ----a-w C:\Windows\System32\WMASF.DLL
2007-12-22 05:58 1,327,104 ----a-w C:\Windows\System32\quartz.dll
2007-12-22 05:55 3,505,848 ----a-w C:\Windows\System32\ntkrnlpa.exe
2007-12-22 05:55 3,472,056 ----a-w C:\Windows\System32\ntoskrnl.exe
2007-12-22 05:19 53,080 ----a-w C:\Windows\System32\wuauclt.exe
2007-12-22 05:19 43,352 ----a-w C:\Windows\System32\wups2.dll
2007-12-22 05:19 1,712,984 ----a-w C:\Windows\System32\wuaueng.dll
2007-12-22 05:19 1,524,224 ----a-w C:\Windows\System32\wucltux.dll
2007-12-22 05:18 80,896 ----a-w C:\Windows\System32\wudriver.dll
2007-12-22 05:18 549,720 ----a-w C:\Windows\System32\wuapi.dll
2007-12-22 05:18 33,624 ----a-w C:\Windows\System32\wups.dll
2007-12-22 05:18 31,232 ----a-w C:\Windows\System32\wuapp.exe
2007-12-22 05:18 163,000 ----a-w C:\Windows\System32\wuwebv.dll
2007-12-20 12:53 108,144 ----a-w C:\Windows\System32\CmdLineExt.dll
2007-12-19 17:14 0 ----a-w C:\Users\Ezka\AppData\Roaming\wklnhst.dat
2007-12-14 09:32 12,632 ----a-w C:\Windows\System32\lsdelete.exe
2007-12-11 15:06 795,104 ----a-w C:\Windows\System32\dpinst.exe
2007-01-01 08:23 174 --sha-w C:\Program Files\desktop.ini
.
(((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 15:35 125440]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 15:36 201728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2007-10-01 12:53 4702208 C:\Windows\RtHDVCpl.exe]
"recinfo919"="c:\RecInfo\RecInfo.exe" [2007-10-23 15:52 2764800]
"F-Secure Manager"="E:\Program Files\Sonera Tietoturva\Common\FSM32.exe" [2007-04-26 20:12 183208]
"F-Secure TNB"="E:\Program Files\Sonera Tietoturva\FSGUI\TNBUtil.exe" [2007-04-26 20:10 740208]
"soneraVista"="wscript.exe" [2006-11-02 12:46 135168 C:\Windows\System32\wscript.exe]
"amd_dc_opt"="C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2007-07-23 12:06 77824]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2008-03-04 12:02 92704]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2008-03-04 12:02 8530464]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2008-03-04 12:02 88608]
"MSConfig"="C:\Windows\system32\msconfig.exe" [2007-11-03 17:21 222208]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25 144784]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Nokia.PCSync"="E:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-11-07 18:35 1294336]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igndlm.exe]
--a------ 2007-03-06 00:57 1103480 E:\Program Files\Download Manager\DLM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iolo Startup]
--a------ 2008-02-11 18:35 302448 C:\Program Files\iolo\Common\Lib\ioloLManager.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-02-19 14:10 267048 C:\Program Files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2007-02-26 21:46 153136 C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
--a------ 2007-12-10 11:12 695808 E:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-02-01 00:13 385024 C:\Program Files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
--a------ 2007-11-03 16:03 1006264 C:\Program Files\Windows Defender\MSASCui.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-332621374-1900857233-3605568749-1000]
"EnableNotificationsRef"=dword:00000004
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{86CDBB66-BC8B-451D-8E6E-F474F38AC052}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{D80FDAEC-251F-49B2-9463-2F58DC92E289}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{A87687EC-A822-4CDD-8566-9B7A26094B8E}"= UDP:D:\PELIT\Electronic Arts\Crytek\Crysis SP Demo\Bin32\Crysis.exe:Crysis_32_sp_demo
"{D3F461DD-698A-4314-B755-6EDFDD6A6C33}"= TCP:D:\PELIT\Electronic Arts\Crytek\Crysis SP Demo\Bin32\Crysis.exe:Crysis_32_sp_demo
"{9FF213A0-2DD8-416D-814E-C0FAC2F79613}"= UDP:D:\PELIT\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI)
"{AD8AEA3C-D981-451D-9E24-325121AEBA6F}"= TCP:D:\PELIT\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI)
"{13FCD21A-1B21-41F8-A8FA-76B0681A292C}"= UDP:D:\PELIT\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV)
"{0723B84C-B28A-4CC0-BB9E-40A98A444EDB}"= TCP:D:\PELIT\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV)
"{AF3B243B-EF96-480A-B1A4-4182DB600B56}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{E908A133-3CD0-4208-83E0-2870E074CFAB}"= UDP:D:\PELIT\EA GAMES\Battlefield 2\BF2.exe:Battlefield 2
"{FD98D057-7F81-43AB-BC89-8530754A1D1F}"= TCP:D:\PELIT\EA GAMES\Battlefield 2\BF2.exe:Battlefield 2
"{25762E4E-0AC8-411D-AC8C-A1133CEFE5E4}"= UDP:D:\PELIT\Unreal Tournament 3 Demo\Binaries\UT3Demo.exe:Unreal Tournament 3 Demo
"{C1778E0E-664C-4AE3-8FA2-E44F9ED122DB}"= TCP:D:\PELIT\Unreal Tournament 3 Demo\Binaries\UT3Demo.exe:Unreal Tournament 3 Demo
"{DF0E2772-7757-4A7E-BD30-205388824C1B}"= UDP:C:\Users\Ezka\Program Files\uTorrent\uTorrent.exe:µTorrent
"{2C6BDEF8-5844-4279-9F24-851FAB7B0C2F}"= TCP:C:\Users\Ezka\Program Files\uTorrent\uTorrent.exe:µTorrent
"{F2192CF2-C239-4D9C-886F-A1D634885803}"= UDP:16969:BitComet 16969 TCP
"{F60C91D4-9C45-448C-90A3-19B67C21C3ED}"= TCP:16969:BitComet 16969 UDP
"{78D3F9A3-AADE-4473-9E53-D680C3C8AE0F}"= UDP:9336:BitComet 9336 TCP
"{CE0AC8A1-0751-4703-8AF8-D6455D6F078E}"= TCP:9336:BitComet 9336 UDP
"TCP Query User{CBC9B237-E44B-42CA-B490-191ED9FCC79E}D:\\pelit\\america's army\\system\\armyops.exe"= UDP:D:\pelit\america's army\system\armyops.exe:ArmyOps
"UDP Query User{593DABF5-31F3-486D-8C5C-E0431D7ED99E}D:\\pelit\\america's army\\system\\armyops.exe"= TCP:D:\pelit\america's army\system\armyops.exe:ArmyOps
"TCP Query User{E9DE1D66-CA30-433B-B06E-1F6CA6AA169F}C:\\users\\ezka\\desktop\\utorrent.exe"= UDP:C:\users\ezka\desktop\utorrent.exe:utorrent.exe
"UDP Query User{4A8D2846-9545-4A26-8765-D52DD2E7DFA6}C:\\users\\ezka\\desktop\\utorrent.exe"= TCP:C:\users\ezka\desktop\utorrent.exe:utorrent.exe
"TCP Query User{8AB0AEEC-F8B4-4F70-B421-DCEDF0C26E7A}D:\\pelit\\steam\\steamapps\\etzka333\\half-life 2 deathmatch\\hl2.exe"= UDP:D:\pelit\steam\steamapps\etzka333\half-life 2 deathmatch\hl2.exe:hl2
"UDP Query User{3F71303D-C49F-4C95-9AED-43BB73C6707E}D:\\pelit\\steam\\steamapps\\etzka333\\half-life 2 deathmatch\\hl2.exe"= TCP:D:\pelit\steam\steamapps\etzka333\half-life 2 deathmatch\hl2.exe:hl2
"TCP Query User{84B04250-8A73-411B-B448-26C86D6A31A2}C:\\program files\\java\\jre1.6.0_03\\bin\\javaw.exe"= UDP:C:\program files\java\jre1.6.0_03\bin\javaw.exe:Java(TM) Platform SE binary
"UDP Query User{106968E6-3F62-454C-8F4B-557A796ED2D8}C:\\program files\\java\\jre1.6.0_03\\bin\\javaw.exe"= TCP:C:\program files\java\jre1.6.0_03\bin\javaw.exe:Java(TM) Platform SE binary
"{A292E65D-B0A8-4817-A656-9B772F390EA5}"= UDP:C:\Program Files\Messenger\Msmsgs.exe:Windows Messenger
"{01A8ABD7-8EFB-43CC-9AB9-40513F8670CD}"= TCP:C:\Program Files\Messenger\Msmsgs.exe:Windows Messenger
"{F55229CF-F5E8-4B83-9218-582F6369391B}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{D280E26C-F92B-4800-A8FE-B97974516923}"= UDP:C:\Windows\System32\PnkBstrA.exe:PnkBstrA
"{C38041B1-03C4-442B-BE6D-9997666F1D7E}"= TCP:C:\Windows\System32\PnkBstrA.exe:PnkBstrA
"{CE884FC8-A62C-468D-9710-164880807A4B}"= UDP:C:\Windows\System32\PnkBstrB.exe:PnkBstrB
"{74836543-086D-49E6-88B8-7B35AF37DE49}"= TCP:C:\Windows\System32\PnkBstrB.exe:PnkBstrB
"{865AEDD1-7503-4801-9D71-A8BEC0447EDF}"= UDP:D:\PELIT\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:Crysis_32
"{CEAB9948-E3A6-4103-8A57-AFFB9DC2AE1A}"= TCP:D:\PELIT\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:Crysis_32
"{7E00EC66-82C5-4A61-BE92-034112BF7158}"= UDP:D:\PELIT\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:CrysisDedicatedServer_32
"{BC506A33-0C58-455E-92A5-DA2A4707832C}"= TCP:D:\PELIT\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:CrysisDedicatedServer_32
"{88ABBD47-A9EF-4832-A2E5-3DBC5E832319}"= UDP:D:\PELIT\Eidos\Conflict Denied Ops Demo\ConflictDeniedOps.exe:Conflict: Denied Ops Demo
"{162A0C1B-36EE-4EC8-8BCC-6A9AF2EAF938}"= TCP:D:\PELIT\Eidos\Conflict Denied Ops Demo\ConflictDeniedOps.exe:Conflict: Denied Ops Demo
"{31D4E799-D7CF-4024-A938-20064E9D6C0F}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{CE9C6782-7771-4ECE-B2CA-20F488220B26}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)
R0 AtiPcie;ATI PCI Express (3GIO) Filter;C:\Windows\system32\DRIVERS\AtiPcie.sys [2006-10-30 12:22]
R1 ElRawDisk;ElRawDisk;C:\Windows\system32\drivers\elrawdsk.sys [2007-09-20 14:12]
R1 F-Secure HIPS;F-Secure HIPS;E:\Program Files\Sonera Tietoturva\HIPS\fshs.sys [2008-02-13 17:30]
R1 FSES;F-Secure Email Scanning Driver;C:\Windows\system32\drivers\fses.sys [2007-04-26 20:08]
R1 FSFW;F-Secure Firewall Driver;C:\Windows\system32\drivers\fsdfw.sys [2008-03-17 15:10]
R1 fsvista;F-Secure Vista Support Driver;E:\Program Files\Sonera Tietoturva\Anti-Virus\minifilter\fsvista.sys [2007-04-26 20:07]
R2 TestHandler;Fujitsu Siemens Computers Diagnostic Testhandler;C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe [2006-12-08 21:52]
R2 UxTuneUp;TuneUp Theme Extension;C:\Windows\System32\svchost.exe [2006-11-02 12:45]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper;E:\Program Files\Sonera Tietoturva\Anti-Virus\minifilter\fsgk.sys [2007-04-26 20:07]
S3 ADM8511;USB To Fast Ethernet/ HomePNA Adapter;C:\Windows\system32\DRIVERS\NETUSB.SYS [2001-10-24 17:43]
S3 PCASp50;PCASp50 NDIS Protocol Driver;C:\Windows\system32\Drivers\PCASp50.sys [2004-05-17 09:15]
S4 F-Secure Filter;F-Secure File System Filter;E:\Program Files\Sonera Tietoturva\Anti-Virus\Win2K\FSfilter.sys [2007-04-26 20:08]
S4 F-Secure Recognizer;F-Secure File System Recognizer;E:\Program Files\Sonera Tietoturva\Anti-Virus\Win2K\FSrec.sys [2007-04-26 20:08]
S4 ioloFileInfoList;iolo FileInfoList Service;C:\Program Files\iolo\common\lib\ioloServiceManager.exe [2007-11-22 01:11]
S4 ioloSystemService;iolo System Service;C:\Program Files\iolo\common\lib\ioloServiceManager.exe [2007-11-22 01:11]
S4 nvrd32;NVIDIA nForce RAID Driver;C:\Windows\system32\drivers\nvrd32.sys [2007-07-02 18:37]
S4 Steam Client Service;Steam Client Service;C:\Program Files\Common Files\Steam\SteamService.exe [2008-03-02 13:20]
S4 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\Windows\System32\TuneUpDefragService.exe [2008-03-21 18:16]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
*Newly Created Service* - CATCHME
.
'Ajoitetut tehtävät'-kansion sisältö
"2008-03-30 17:04:21 C:\Windows\Tasks\1-Click Maintenance.job"
- C:\Program Files\TuneUp Utilities 2008\OneClickStarter.exe
"2008-03-30 12:32:59 C:\Windows\Tasks\Scheduled scanning task.job"
- E:\PROGRA~1\SONERA~1\ANTI-V~1\fsav.exeQ /HARD /POLICY /SCHED /NOBREAK /REPORT=E:\PROGRA~1\SONERA~1\ANTI-V~1\report.txt
"2008-02-17 05:57:02 C:\Windows\Tasks\SmartDefrag.job"
- C:\Program Files\IObit\IObit SmartDefrag\schedule.exe
"2007-12-22 09:03:25 C:\Windows\Tasks\Tarkistetaan Windows Live -työkalurivin päivitykset.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-30 20:15:04
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-03-30 20:15:48
ComboFix-quarantined-files.txt 2008-03-30 17:15:45
Pre-Run: 221,238,669,312 tavua vapaana
Post-Run: 221,205,381,120 tavua vapaana
.
2008-03-28 16:32:24 --- E O F ---
|
|
Mainos
|
|
|
|
etzka326
Senior Member
|
5. huhtikuuta 2008 @ 14:04 |
Linkki tähän viestiin
|
|
Missä viipyy mind92? ;)
|
|
