|
|
|
Keskustelualueet
Keskustelualueet
|
|
|
viruksia kenties?
|
|
Senior Member
|
29. tammikuuta 2009 @ 20:00 |
Linkki tähän viestiin
|
tälläsiä onkelmia konees: http://keskustelu.afterdawn.com/thread_view.cfm/744478
joten pistän lokin jos sattus jotain löytyyn...
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:57:29, on 29.1.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Tietoturvapalvelu\Common\FSM32.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Tietoturvapalvelu\ExploitShield\fsessrv.exe
C:\Program Files\Tietoturvapalvelu\Anti-Virus\fsgk32st.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Tietoturvapalvelu\Common\FSMA32.EXE
C:\Program Files\Tietoturvapalvelu\Anti-Virus\FSGK32.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Tietoturvapalvelu\Common\FSMB32.EXE
D:\Työkalut & Ohjelmat\Unlocker\UnlockerAssistant.exe
C:\Program Files\Tietoturvapalvelu\ExploitShield\fsesgui.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Tietoturvapalvelu\Common\FCH32.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Tietoturvapalvelu\Anti-Virus\fsqh.exe
C:\Program Files\Tietoturvapalvelu\Common\FAMEH32.EXE
D:\Työkalut & Ohjelmat\WinSnap\WinSnap.exe
D:\Työkalut & Ohjelmat\PeerGuardian2\pg2.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Tietoturvapalvelu\FSGUI\fsguidll.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
D:\Työkalut & Ohjelmat\VNC4\WinVNC4.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\WINDOWS\system32\ctfmon.exe
D:\Työkalut & Ohjelmat\Orbitdownloader\orbitdm.exe
D:\Työkalut & Ohjelmat\Orbitdownloader\orbitnet.exe
C:\Program Files\MessengerDiscovery\MessengerDiscovery Live.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Tietoturvapalvelu\FSAUA\program\fsaua.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Tietoturvapalvelu\Anti-Virus\fssm32.exe
C:\Program Files\Tietoturvapalvelu\FWES\Program\fsdfwd.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\Tietoturvapalvelu\FSAUA\program\fsus.exe
C:\Program Files\Tietoturvapalvelu\Anti-Virus\fsav32.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\inetsrv\DavCData.exe
D:\Työkalut & Ohjelmat\4t Tray Minimizer\4t-min.exe
D:\Työkalut & Ohjelmat\IObit SmartDefrag\IObit SmartDefrag.exe
C:\hjt\scanner.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Java\jre6\bin\jqsnotify.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;*.local
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - D:\Työkalut & Ohjelmat\Orbitdownloader\orbitcth.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - D:\Työkalut & Ohjelmat\BitComet\tools\BitCometBHO_1.2.8.7.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\TYKALU~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - D:\Työkalut & Ohjelmat\Orbitdownloader\GrabPro.dll
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Tietoturvapalvelu\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Tietoturvapalvelu\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [News Service] "C:\Program Files\Tietoturvapalvelu\FSGUI\ispnews.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [UnlockerAssistant] "D:\Työkalut & Ohjelmat\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [F-Secure ExploitShield] "C:\Program Files\Tietoturvapalvelu\ExploitShield\fsesgui.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [WinSnap] "D:\Työkalut & Ohjelmat\WinSnap\WinSnap.exe" /startup
O4 - HKCU\..\Run: [PeerGuardian] D:\Työkalut & Ohjelmat\PeerGuardian2\pg2.exe
O4 - HKCU\..\Run: [BitComet] "D:\Työkalut & Ohjelmat\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Paikallinen palve')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Verkkopalve')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Global Startup: Orbit.lnk = ?
O8 - Extra context menu item: &D&ownload &with BitComet - res://D:\Työkalut & Ohjelmat\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://D:\Työkalut & Ohjelmat\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://D:\Työkalut & Ohjelmat\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - D:\Työkalut & Ohjelmat\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - D:\Työkalut & Ohjelmat\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://D:\Työkalut & Ohjelmat\BitComet\tools\BitCometBHO_1.2.8.7.dll/206 (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\TYKALU~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\TYKALU~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: Messenger Backup - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - D:\Työkalut & Ohjelmat\Messenger Backup\Messenger Backup (file missing)
O9 - Extra 'Tools' menuitem: &Messenger Backup - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - D:\Työkalut & Ohjelmat\Messenger Backup\Messenger Backup (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Sol...wn.cab56986.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Mes...nt.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/sh...ash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe (file missing)
O23 - Service: Bonjour-palvelu (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DriveSitterService - Oliver Marr - C:\Program Files\Common Files\DriveSitter\DSSrv.exe
O23 - Service: F-Secure Exploit Shield Service (ExploitShield) - F-Secure Corporation - C:\Program Files\Tietoturvapalvelu\ExploitShield\fsessrv.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Tietoturvapalvelu\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Tietoturvapalvelu\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Tietoturvapalvelu\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Tietoturvapalvelu\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\Tietoturvapalvelu\ORSP Client\fsorsp.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod-palvelu (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: NBService - Unknown owner - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 3 - Unknown owner - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe (file missing)
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe (file missing)
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - D:\Työkalut & Ohjelmat\VNC4\WinVNC4.exe
--
End of file - 15091 bytes
|
|
Hujo
Suspended permanently
|
29. tammikuuta 2009 @ 23:51 |
Linkki tähän viestiin
|
|
Suorita -> Kirjoita luukkuun > devmgmt.msc
Paina ok
Ide ata tai atapi ohjaimet -> ensisijainen IDE-kanava -> Klikkaa hiiren oikeanpuoleisella napilla Ominaisuudet > lisäasetukset -> siirtotapa .
Mitä näkyy?
Voiko tietsikka koskaan toimia?
|
Senior Member
|
30. tammikuuta 2009 @ 14:53 |
Linkki tähän viestiin
|
|
|
|
Hujo
Suspended permanently
|
30. tammikuuta 2009 @ 15:59 |
Linkki tähän viestiin
|
Lataa Malwarebytes' Anti-Malware työpöydällesi.
1. Tuplaklikkaa mbam-setup.exe ja seuraa ohjeita asentaaksesi ohjelman.
2. Lopuksi varmistu, että seuraavat on valittu: Update Malwarebytes', Anti-Malwareja
Launch Malwarebytes' Anti-Malware ja sen jälkeen klikkaaFinish.
3. Jos päivitys löytyy. ohjelma lataa ja asentaa uusimman version.
4. Kun ohjelma on latautunut, valitse Perform full scan ja klikkaa Scan.
5. Kun skanni on valmis, klikkaa OK ja sitten Show Results nähdäksesi tulokset.
6. Varmistu, että kaikki on merkitty ja klikkaa Remove Selected.
7. Tämän jälkeen loki avautuu muistioon. Tallenna se paikkaan, josta löydät sen helposti. Loki
löytyy myös täältä: C:\Documents and Settings\Käyttäjänimi\Application
Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-päiväys.txt
8. Lähetä lokin sisältö seuraavassa viestissäsi
============
lataa ja aja AVG Anti-Spyware v7.5.1.36
Voiko tietsikka koskaan toimia?
|
Senior Member
|
31. tammikuuta 2009 @ 01:15 |
Linkki tähän viestiin
|
malwarebytes ei löytäny mitään.
Malwarebytes' Anti-Malware 1.33
Tietokantaversio: 1708
Windows 5.1.2600 Service Pack 3
30.1.2009 18:22:40
mbam-log-2009-01-30 (18-22-40).txt
Tarkistustyyppi: Täysi tarkistus (C:\|D:\|)
Tarkistetut kohteet: 260282
Kulunut aika: 1 hour(s), 41 minute(s), 34 second(s)
Saastuneita muistiprosesseja: 0
Saastuneita muistimoduuleja: 0
Saastuneita rekisteriavaimia: 0
Saastuneita rekisteriarvoja: 0
Saastuneita rekisterikohteita: 0
Saastuneita hakemistoja: 0
Saastuneita tiedostoja: 0
Saastuneita muistiprosesseja:
(Haitallisia kohteita ei löydetty)
Saastuneita muistimoduuleja:
(Haitallisia kohteita ei löydetty)
Saastuneita rekisteriavaimia:
(Haitallisia kohteita ei löydetty)
Saastuneita rekisteriarvoja:
(Haitallisia kohteita ei löydetty)
Saastuneita rekisterikohteita:
(Haitallisia kohteita ei löydetty)
Saastuneita hakemistoja:
(Haitallisia kohteita ei löydetty)
Saastuneita tiedostoja:
(Haitallisia kohteita ei löydetty)
eikä toi avg löytäny myöskään mitään vakavaa...
:mozilla.10:C:\Documents and Settings\ghjf\Application Data\Mozilla\Firefox\Profiles\eusngyxl.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.63:C:\Documents and Settings\ghjf\Application Data\Mozilla\Firefox\Profiles\eusngyxl.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.64:C:\Documents and Settings\ghjf\Application Data\Mozilla\Firefox\Profiles\eusngyxl.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.65:C:\Documents and Settings\ghjf\Application Data\Mozilla\Firefox\Profiles\eusngyxl.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.66:C:\Documents and Settings\ghjf\Application Data\Mozilla\Firefox\Profiles\eusngyxl.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.67:C:\Documents and Settings\ghjf\Application Data\Mozilla\Firefox\Profiles\eusngyxl.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.68:C:\Documents and Settings\ghjf\Application Data\Mozilla\Firefox\Profiles\eusngyxl.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.8:C:\Documents and Settings\ghjf\Application Data\Mozilla\Firefox\Profiles\eusngyxl.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.9:C:\Documents and Settings\ghjf\Application Data\Mozilla\Firefox\Profiles\eusngyxl.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.13:C:\Documents and Settings\ghjf\Application Data\Mozilla\Firefox\Profiles\eusngyxl.default\cookies.txt -> TrackingCookie.Adengage : Cleaned.
:mozilla.83:C:\Documents and Settings\ghjf\Application Data\Mozilla\Firefox\Profiles\eusngyxl.default\cookies.txt -> TrackingCookie.Paypal : Cleaned.
:mozilla.75:C:\Documents and Settings\ghjf\Application Data\Mozilla\Firefox\Profiles\eusngyxl.default\cookies.txt -> TrackingCookie.Statistik-gallup : Cleaned.
|
|
Hujo
Suspended permanently
|
31. tammikuuta 2009 @ 02:42 |
Linkki tähän viestiin
|
Voiko tietsikka koskaan toimia?
Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 31. tammikuuta 2009 @ 03:32
|
Senior Member
|
31. tammikuuta 2009 @ 13:47 |
Linkki tähän viestiin
|
tällästä löysi:
SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 01/31/2009 at 01:26 PM
Application Version : 4.25.1012
Core Rules Database Version : 3738
Trace Rules Database Version: 1707
Scan type : Complete Scan
Total Scan Time : 02:12:10
Memory items scanned : 821
Memory threats detected : 0
Registry items scanned : 8401
Registry threats detected : 0
File items scanned : 38381
File threats detected : 16
Adware.Tracking Cookie
.kontera.com [ C:\Documents and Settings\ghjf\Application Data\Mozilla\Firefox\Profiles\eusngyxl.default\cookies.txt ]
.kontera.com [ C:\Documents and Settings\ghjf\Application Data\Mozilla\Firefox\Profiles\eusngyxl.default\cookies.txt ]
.kontera.com [ C:\Documents and Settings\ghjf\Application Data\Mozilla\Firefox\Profiles\eusngyxl.default\cookies.txt ]
track.adform.net [ C:\Documents and Settings\ghjf\Application Data\Mozilla\Firefox\Profiles\eusngyxl.default\cookies.txt ]
track.adform.net [ C:\Documents and Settings\ghjf\Application Data\Mozilla\Firefox\Profiles\eusngyxl.default\cookies.txt ]
track.adform.net [ C:\Documents and Settings\ghjf\Application Data\Mozilla\Firefox\Profiles\eusngyxl.default\cookies.txt ]
www.deletedyoutube.ftvteen.com [ C:\Documents and Settings\ghjf\Application Data\Mozilla\Firefox\Profiles\eusngyxl.default\cookies.txt ]
.www.amaena.com [ C:\Documents and Settings\tyu\Application Data\Mozilla\Firefox\Profiles\bayfnjxk.default\cookies.txt ]
.www.amaena.com [ C:\Documents and Settings\tyu\Application Data\Mozilla\Firefox\Profiles\bayfnjxk.default\cookies.txt ]
.www.amaena.com [ C:\Documents and Settings\tyu\Application Data\Mozilla\Firefox\Profiles\bayfnjxk.default\cookies.txt ]
.www.amaena.com [ C:\Documents and Settings\tyu\Application Data\Mozilla\Firefox\Profiles\bayfnjxk.default\cookies.txt ]
.www.amaena.com [ C:\Documents and Settings\tyu\Application Data\Mozilla\Firefox\Profiles\bayfnjxk.default\cookies.txt ]
winantivirus.com [ C:\Documents and Settings\tyu\Application Data\Mozilla\Firefox\Profiles\bayfnjxk.default\cookies.txt ]
www.amaena.com [ C:\Documents and Settings\tyu\Application Data\Mozilla\Firefox\Profiles\bayfnjxk.default\cookies.txt ]
Adware.Vundo/Variant
D:\SYSTEM VOLUME INFORMATION\_RESTORE{13008B8B-28EC-4A95-8016-FDFC43DCF295}\RP11\A0039327.DLL
D:\PELIT\DIABLO II\D2NET.DLL
poistin kaikki paitsi ton diablohomman..
|
|
Hujo
Suspended permanently
|
31. tammikuuta 2009 @ 15:37 |
Linkki tähän viestiin
|
Lataa SDFix by AndyManchesta ja tallenna se työpöydällesi.
Käynnistä koneesi vikasietotilaan:
sammuta ja käynnistä
käynnistyksen yhteydessä hakkaa F8 nappia
valitse nuolinäppäimellä vikasietotila
paina enter ja enter
valitse käyttäjätilisi
paina kyllä
Jossakin koneissa hakataan F8:sin sijasta F5:tä
" Kun vikasietotilassa, pura tiedoston SDFix.zip sisältö (SDFix kansio) työpöydällesi. Työpöydälle pitäisi ilmestyä kansio nimeltä SDFix.
" Avaa SDFix-kansio ja tuplaklikkaa tiedostoa RunThis.bat käynnistääksesi ohjelman.
" Paina Y käynnistääksesi skriptin.
" Työkalu puhdistaa troijalaisen palvelut ja tekee myös joitakin korjauksia rekisteriin. Lopuksi se pyytää käynnistämään koneen uudelleen, "Press any key to Reboot".
" Paina mitä tahansa näppäintä ja kone käynnistyy uudelleen.
" Käynnistyminen kestää normaalia kauemmin sillä SDFix puhdistaa konetta.
" Kun kone on käynnistynyt ja työpöytä latautunut, SDFix kertoo että puhdistus on suoritettu, "Finished".
" Paina sitten mitä tahansa näppäintä sulkeaksesi skriptin ja ladataksesi pikakuvakkeet työpöydälle.
" Lopuksi avaa SDFix kansio (työpöydällä) ja kopioi & liitä tiedoston Report.txt sisältö viestiketjuusi uuden HijackThis:n lokin kera.
Voiko tietsikka koskaan toimia?
|
Senior Member
|
3. helmikuuta 2009 @ 16:56 |
Linkki tähän viestiin
|
tässä olis:
SDFix: Version 1.240
Run by Johtaja on ti 03.02.2009 at 15:53
Microsoft Windows XP [versio 5.1.2600]
Running From: C:\Documents and Settings\Johtaja\Desktop\SDFix
Checking Services :
Restoring Default Security Values
Restoring Default Hosts File
Rebooting
Checking Files :
No Trojan Files Found
Removing Temp Files
ADS Check :
Final Check :
catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-03 16:33:34
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"p0"="D:\Työkalut & Ohjelmat\Alcohol 120\"
"h0"=dword:00000001
"ujdew"=hex:cf,78,79,2a,6e,65,e4,5b,8f,1e,c4,99,32,ee,41,66,70,cb,8c,ae,9d,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:26,67,62,40,87,f1,f8,d8,01,66,a0,01,39,89,8d,7b,36,a4,a3,08,a3,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,6e,cd,b8,e8,d7,3c,66,9f,0a,f9,0e,c0,4e,7e,f9,4f,80,..
"khjeh"=hex:48,9e,f5,26,ae,66,7a,82,f8,fb,4e,c8,e3,2b,b2,6e,1f,ce,21,0c,2f,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:66,50,ea,85,e1,b4,3a,9e,fb,2a,08,b4,66,83,56,17,b4,e7,3e,01,ec,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"h0"=dword:00000001
"ujdew"=hex:81,0f,6f,bc,47,42,be,14,b5,12,09,b0,2e,05,fe,c0,5c,fd,4e,e0,23,..
"p0"="D:\Työkalut & Ohjelmat\Alcohol 120%\"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:18,94,1a,be,7c,14,62,0b,d1,e6,55,ca,59,53,7c,20,91,73,bc,19,b5,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"p0"="D:\Työkalut & Ohjelmat\Alcohol 120\"
"h0"=dword:00000001
"ujdew"=hex:6c,57,52,04,e1,48,b6,f4,79,e0,86,e1,2f,84,37,6c,be,23,9f,cf,41,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:26,67,62,40,87,f1,f8,d8,01,66,a0,01,39,89,8d,7b,36,a4,a3,08,a3,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,6e,cd,b8,e8,d7,3c,66,9f,0a,f9,0e,c0,4e,7e,f9,4f,80,..
"khjeh"=hex:48,9e,f5,26,ae,66,7a,82,f8,fb,4e,c8,e3,2b,b2,6e,1f,ce,21,0c,2f,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:66,50,ea,85,e1,b4,3a,9e,fb,2a,08,b4,66,83,56,17,b4,e7,3e,01,ec,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"h0"=dword:00000001
"ujdew"=hex:81,0f,6f,bc,47,42,be,14,b5,12,09,b0,2e,05,fe,c0,5c,fd,4e,e0,23,..
"p0"="D:\Työkalut & Ohjelmat\Alcohol 120%\"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:18,94,1a,be,7c,14,62,0b,d1,e6,55,ca,59,53,7c,20,91,73,bc,19,b5,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:2bb70d58
"s2"=dword:23bb4873
"h0"=dword:00000002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"h0"=dword:00000001
"ujdew"=hex:e8,bd,8f,05,9a,92,76,e9,e8,ab,e2,cf,e6,f1,fd,1b,b2,d0,41,9a,13,..
"p0"="D:\Työkalut & Ohjelmat\Alcohol 120%\"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:18,94,1a,be,7c,14,62,0b,d1,e6,55,ca,59,53,7c,20,91,73,bc,19,b5,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"h0"=dword:00000001
"ujdew"=hex:e8,bd,8f,05,9a,92,76,e9,e8,ab,e2,cf,e6,f1,fd,1b,b2,d0,41,9a,13,..
"p0"="D:\Työkalut & Ohjelmat\Alcohol 120%\"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:18,94,1a,be,7c,14,62,0b,d1,e6,55,ca,59,53,7c,20,91,73,bc,19,b5,..
scanning hidden registry entries ...
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{36361C48-D9AC-38F4-6A27-2F88212F1EE0}]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{A0451CAE-67AB-78A9-646B-B5FCA21810F2}]
"iadnkcegkgbnklihej"=hex:6a,61,6b,66,6b,69,64,6f,6a,62,70,6b,6e,6a,70,6f,6a,6c,6d,64,00,..
"hajmpjoolfjicpee"=hex:6a,61,6b,66,6b,69,64,6f,6a,62,70,6b,6e,6a,70,6f,6a,6c,6d,64,00,..
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{B6CDABD2-23D9-02D4-F388-16AB1A27033F}]
"iakpoempjfofgflapa"=hex:6a,61,6c,6b,69,6a,6f,69,6e,6a,6a,65,6d,67,6f,67,6b,61,6c,69,00,..
"haipeogjcemojbgb"=hex:6b,61,6f,6a,6c,6c,6a,64,66,6e,6e,61,61,67,6c,62,66,6c,6b,6f,6d,..
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{F7421E15-A93C-283E-E641-B63CD638FD1E}]
"abbaadapahnfecaapgbpnhgnediiofgaeb"=hex:61,62,70,61,6e,66,6d,64,65,64,6d,66,62,6a,68,66,6e,69,6c,6f,61,..
"bbbaadapahnfecaapgmpibmkhplgpcackfge"=hex:61,62,67,62,64,66,67,70,6c,65,65,66,61,70,62,69,70,64,63,63,61,..
scanning hidden files ...
C:\Documents and Settings\Johtaja\Application Data\Software Informer\cache\icons\EW : Cossacks.ico 4398 bytes hidden from API
C:\Documents and Settings\Johtaja\Application Data\Software Informer\cache\icons\Cossacks : The Art Of War.ico 4398 bytes hidden from API
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 2
Remaining Services :
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\\Pelit\\Tom Clancy's rainbow six Vegas 2\\Binaries\\R6Vegas2_Launcher.exe"="D:\\Pelit\\Tom Clancy's rainbow six Vegas 2\\Binaries\\R6Vegas2_Launcher.exe:*:Enabled:Tom Clancy's Rainbow Six Vegas 2 Update"
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"D:\\Työkalut & Ohjelmat\\Orbitdownloader\\orbitdm.exe"="D:\\Työkalut & Ohjelmat\\Orbitdownloader\\orbitdm.exe:*:Enabled:Orbit"
"D:\\Työkalut & Ohjelmat\\Orbitdownloader\\orbitnet.exe"="D:\\Työkalut & Ohjelmat\\Orbitdownloader\\orbitnet.exe:*:Enabled:Orbit"
"D:\\Työkalut & Ohjelmat\\LimeWire\\LimeWire.exe"="D:\\Työkalut & Ohjelmat\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
Remaining Files :
Files with Hidden Attributes :
Sat 16 Sep 2006 14,640 A..H. --- "C:\ce4ae7aa35582e0643bff8aa5f07ec\spmsg.dll"
Sat 16 Sep 2006 221,488 A..H. --- "C:\ce4ae7aa35582e0643bff8aa5f07ec\spuninst.exe"
Sat 16 Sep 2006 23,856 A..H. --- "C:\ce4ae7aa35582e0643bff8aa5f07ec\spupdsvc.exe"
Fri 15 Sep 2006 87,040 A..H. --- "C:\ce4ae7aa35582e0643bff8aa5f07ec\wudfcoinstaller.dll"
Fri 15 Sep 2006 70,656 A..H. --- "C:\ce4ae7aa35582e0643bff8aa5f07ec\wudfcustom.dll"
Fri 15 Sep 2006 142,848 A..H. --- "C:\ce4ae7aa35582e0643bff8aa5f07ec\wudfhost.exe"
Fri 15 Sep 2006 76,544 A..H. --- "C:\ce4ae7aa35582e0643bff8aa5f07ec\wudfpf.sys"
Fri 15 Sep 2006 163,840 A..H. --- "C:\ce4ae7aa35582e0643bff8aa5f07ec\wudfplatform.dll"
Fri 15 Sep 2006 82,688 A..H. --- "C:\ce4ae7aa35582e0643bff8aa5f07ec\wudfrd.sys"
Fri 15 Sep 2006 55,296 A..H. --- "C:\ce4ae7aa35582e0643bff8aa5f07ec\wudfsvc.dll"
Fri 15 Sep 2006 308,224 A..H. --- "C:\ce4ae7aa35582e0643bff8aa5f07ec\wudfx.dll"
Sat 16 Sep 2006 742,192 A..H. --- "C:\ce4ae7aa35582e0643bff8aa5f07ec\update\update.exe"
Sat 16 Sep 2006 379,184 A..H. --- "C:\ce4ae7aa35582e0643bff8aa5f07ec\update\updspapi.dll"
Fri 15 Sep 2006 70,656 A..H. --- "C:\ce4ae7aa35582e0643bff8aa5f07ec\update\wudfcustom.dll"
Tue 17 Jun 2008 65,536 A.SH. --- "C:\Program Files\MessengerDiscovery\AlertSkinInstaller.exe"
Sun 22 Jun 2008 40,960 A.SH. --- "C:\Program Files\MessengerDiscovery\SpellCHK.exe"
Wed 2 Dec 1998 143,360 A.SH. --- "C:\Program Files\MessengerDiscovery\unzip.dll"
Mon 21 Jan 2008 88 ..SHR --- "C:\WINDOWS\system32\A843755FCC.sys"
Sat 26 Jan 2008 56 ..SHR --- "C:\WINDOWS\system32\CC5F7543A8.sys"
Wed 3 May 2006 163,328 ..SHR --- "C:\WINDOWS\system32\flvDX.dll"
Wed 16 Apr 2008 4,184 A.SH. --- "C:\WINDOWS\system32\KGyGaAvL.sys"
Wed 21 Feb 2007 31,232 ..SHR --- "C:\WINDOWS\system32\msfDX.dll"
Wed 14 Nov 2007 4,348 A.SH. --- "C:\Documents and Settings\All Users.WINDOWS\DRM\DRMv1.bak"
Sat 20 Jan 2007 2,547 A..H. --- "C:\Program Files\InterActual\InterActual Player\iti9B.tmp"
Thu 15 Feb 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Wed 7 Jan 2009 3,510,048 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\47fac4988ef421d00b79077f7dfbdecb\BIT9BB.tmp"
Sat 30 Jun 2007 857 ...HR --- "C:\Documents and Settings\ghjf\Application Data\SecuROM\UserData\securom_v7_01.bak"
Sat 1 Dec 2007 1,326 ...HR --- "C:\Documents and Settings\Johtaja\Application Data\SecuROM\UserData\securom_v7_01.bak"
Finished!
|
|
Hujo
Suspended permanently
|
3. helmikuuta 2009 @ 19:16 |
Linkki tähän viestiin
|
laitetaas pikku lakasu väliin
Lataa OTMoveIt
OTMoveIt ja tallenna se työpöydällesi.
Tuplaklikkaa OTMoveIt.exe.
Klikkaa CleanUp!.
Valitse Yes kun kysytään "Begin cleanup Process?".
Jos pyydetään, että saako koneen käynnistää uudeelleen, valitse Yes.OTMoveIt poistaa itsensä kun se on valmis, jos näin ei käy poista se itse.
HUOM: Jos palomuurisi tai joku muu tietoturvaohjelma varoittaa, että OTMoveIt yrittää päästä nettin, niin anna sen päästä sinne.
==============
1. Klikkaa käynnistä > Oma tietokone oikean puoleisella hiiren napilla
2. Valitse ominaisuudet
3. Valitse järjestelmän palauttaminen välilehti
4. Ruksi eteen ¤ poista järjestelmän palauttaminen kaikissa asemissa
5. Paina Käytä
6. Paina ok
7. Sammuta ja käynnistä
8. Ota ruksi pois ¤ poista järjestelmän palauttaminen kaikissa asemissa
9. Käytä ja OK
==============
Lataa Tästä Ccleaner
CCleaner v 2.14.750.- Standard Build, ÄLÄ aseenna Yahoo toolbaria!
Asennuksessa poista merkki/rasti kohdasta "asenna Yahoo! toolbar/työkalupalkki".
Asennuksen jälkeen aukaise CCleaneri.
Valitse vasemmalta pystyrivistä Options.
Valitse viereisestä pystyrivistä Settings.
Language kohtaan valitse Suomi.
Puhdistaja
Valitse vasemmalta pystyrivistä Puhdistaja.
Paina alhaalta Tutki.
Nyt CCleaneri tutkii, mitä voidaan poistaa (tempit, cookiessit jne.).
Kun tutkiminen on valmis, paina Aja CCleaner.
Nyt CCleaneri poistaa löydetyt tempit, cookiessit jne.
Rekisterin virheiden korjaus
Valitse vasemmalta pystyrivistä Rekisteri.
Paina alhaalta Etsi rekisterin virheitä.
Kun etsintä on valmis ja olet varma, että haluat korjata ne rivit jotka ovat merkattuja, niin paina Korjaa valitut rekisterin virheet.
Sinulta kysytään "haluatko varmuuskopioida muutokset rekisteriin", paina Kyllä. Tallenna varmuuskopio vaikka "Omat tiedostot" -kansioon.
Klikkaa uudesta aukeavasta ikkunasta Korjaa kaikki valitut virheet.
Saat vielä varmistus kysymyksen, paina Ok.
Kun virheet on korjattu, paina Sulje.
Nyt voit sulkea CCleanerin painamalla oikealta ylhäältä punaista rastia.
Voiko tietsikka koskaan toimia?
|
Senior Member
|
3. helmikuuta 2009 @ 19:38 |
Linkki tähän viestiin
|
|
molemmat ajettu.
|
|
Hujo
Suspended permanently
|
3. helmikuuta 2009 @ 19:47 |
Linkki tähän viestiin
|
Nyt kun selain on auki klikkaa työkalut > asetukset > Tietosuoja > Kohta yksityisyys tiedot
laita täppi kohtaan
Tyhjennä valitut yksityisyystiedot, aina kun firefox suljetaan
Klikkaa asetukset nappia
laita kaikkin kohtiin täppi
jos haluat säilyttää tallennetut salasanat, niin älä laita täppiä
Ok ok
==========
1.Lataa Combofix.exe työpöydällesi yhdestä linkistä:
Combofix1
Combofix2
älä asenna palutus consolia
2. Tuplaklikkaa Combofix.exe tiedostoa ja seuraa ohjeistuksia.
3. Kun työkalu on valmis, se tuottaa lokin. Lähetä tämä loki viesti ketjuusi.
Huom! Älä klikkaile combofixin ikkunaa käytön aikana. Tämä saattaa aiheuttaa ohjelman jumiutumisen.
Voiko tietsikka koskaan toimia?
|
Senior Member
|
5. helmikuuta 2009 @ 16:21 |
Linkki tähän viestiin
|
ennen homman alkua muuten toi valitti että f-securen ja threatfiren reaaliaikasuojaus on päällä.. suljin f-securen mut threatfiren oon tietääkseni poistanu jo ajat sitten koneelta.. vai oonko?...
ComboFix 09-02-04.04 - Johtaja 2009-02-05 16:05:07.8 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1359 [GMT 2:00]
Sijainti: c:\documents and settings\Johtaja\Desktop\ComboFix.exe
AV: ThreatFire *On-access scanning enabled* (Updated)
AV: Tietoturvapalvelu 8.00 *On-access scanning enabled* (Updated)
FW: Tietoturvapalvelu 8.00 *enabled*
* Uusi palautuspiste luotu
VAROITUS - PALAUTUSKONSOLIA EI OLE ASENNETTU !!
.
(((((((((((((((((((((((((((((((((((((( Muut poistot ))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\SrchSTS.exe
.
((((( Tiedostot, jotka on luotu seuraavalla aikavälillä: 2009-01-05 to 2009-02-05 )))))))))))))))))
.
2009-01-31 15:08 . 2008-04-14 05:42 116,224 --a--c--- c:\windows\system32\dllcache\xrxwiadr.dll
2009-01-31 15:08 . 2001-08-17 22:37 27,648 --a--c--- c:\windows\system32\dllcache\xrxftplt.exe
2009-01-31 15:08 . 2001-08-17 22:36 23,040 --a--c--- c:\windows\system32\dllcache\xrxwbtmp.dll
2009-01-31 15:08 . 2008-04-14 05:42 18,944 --a--c--- c:\windows\system32\dllcache\xrxscnui.dll
2009-01-31 15:08 . 2001-08-17 22:37 4,608 --a--c--- c:\windows\system32\dllcache\xrxflnch.exe
2009-01-31 15:07 . 2008-04-13 22:05 154,624 --a--c--- c:\windows\system32\dllcache\wlluc48.sys
2009-01-31 15:07 . 2001-08-17 22:37 99,865 --a--c--- c:\windows\system32\dllcache\xlog.exe
2009-01-31 15:07 . 2001-08-17 12:12 34,890 --a--c--- c:\windows\system32\dllcache\wlandrv2.sys
2009-01-31 15:07 . 2008-04-13 22:04 19,455 --a--c--- c:\windows\system32\dllcache\wvchntxx.sys
2009-01-31 15:07 . 2001-08-17 12:11 16,970 --a--c--- c:\windows\system32\dllcache\xem336n5.sys
2009-01-31 15:07 . 2008-04-13 22:04 12,063 --a--c--- c:\windows\system32\dllcache\wsiintxx.sys
2009-01-31 15:07 . 2008-04-14 00:06 8,832 --a--c--- c:\windows\system32\dllcache\wmiacpi.sys
2009-01-31 15:07 . 2008-04-14 05:42 8,192 --a--c--- c:\windows\system32\dllcache\wshirda.dll
2009-01-31 15:05 . 2001-08-17 12:13 19,528 --a--c--- c:\windows\system32\dllcache\w840nd.sys
2009-01-31 15:05 . 2001-08-17 12:13 19,016 --a--c--- c:\windows\system32\dllcache\w926nd.sys
2009-01-31 15:05 . 2001-08-17 12:13 16,925 --a--c--- c:\windows\system32\dllcache\w940nd.sys
2009-01-31 15:04 . 2001-08-17 13:28 687,999 --a--c--- c:\windows\system32\dllcache\usrwdxjs.sys
2009-01-31 15:04 . 2001-08-17 13:28 604,253 --a--c--- c:\windows\system32\dllcache\vmodem.sys
2009-01-31 15:04 . 2001-08-17 13:28 397,502 --a--c--- c:\windows\system32\dllcache\vpctcom.sys
2009-01-31 15:04 . 2001-08-17 12:14 249,402 --a--c--- c:\windows\system32\dllcache\vinwm.sys
2009-01-31 15:04 . 2001-08-17 13:28 64,605 --a--c--- c:\windows\system32\dllcache\vvoice.sys
2009-01-31 15:04 . 2001-08-17 13:49 24,576 --a--c--- c:\windows\system32\dllcache\viairda.sys
2009-01-31 15:04 . 2008-04-14 00:10 5,376 --a--c--- c:\windows\system32\dllcache\viaide.sys
2009-01-31 15:03 . 2001-08-17 13:28 794,654 --a--c--- c:\windows\system32\dllcache\usr1801.sys
2009-01-31 15:03 . 2001-08-17 13:28 794,399 --a--c--- c:\windows\system32\dllcache\usr1806v.sys
2009-01-31 15:03 . 2001-08-17 13:28 793,598 --a--c--- c:\windows\system32\dllcache\usr1806.sys
2009-01-31 15:03 . 2001-08-17 13:28 765,884 --a--c--- c:\windows\system32\dllcache\usrti.sys
2009-01-31 15:03 . 2001-08-17 13:28 224,802 --a--c--- c:\windows\system32\dllcache\usr1807a.sys
2009-01-31 15:03 . 2001-08-17 13:28 113,762 --a--c--- c:\windows\system32\dllcache\usrpda.sys
2009-01-31 15:03 . 2001-08-17 22:36 94,720 --a--c--- c:\windows\system32\dllcache\umaxud32.dll
2009-01-31 15:03 . 2008-04-13 22:05 32,384 --a--c--- c:\windows\system32\dllcache\usb101et.sys
2009-01-31 15:03 . 2008-04-14 00:17 25,856 --a--c--- c:\windows\system32\dllcache\usbprint.sys
2009-01-31 15:03 . 2008-04-14 00:15 17,152 --a--c--- c:\windows\system32\dllcache\usbohci.sys
2009-01-31 15:03 . 2001-08-17 13:28 7,556 --a--c--- c:\windows\system32\dllcache\usroslba.sys
2009-01-31 15:02 . 2001-08-17 22:36 69,632 --a--c--- c:\windows\system32\dllcache\umaxu12.dll
2009-01-31 15:02 . 2001-08-17 22:36 50,688 --a--c--- c:\windows\system32\dllcache\umaxscan.dll
2009-01-31 15:02 . 2001-08-17 22:36 50,176 --a--c--- c:\windows\system32\dllcache\umaxp60.dll
2009-01-31 15:02 . 2001-08-17 22:36 28,160 --a--c--- c:\windows\system32\dllcache\umaxu40.dll
2009-01-31 15:02 . 2001-08-17 22:36 26,624 --a--c--- c:\windows\system32\dllcache\umaxu22.dll
2009-01-31 15:02 . 2001-08-17 13:58 22,912 --a--c--- c:\windows\system32\dllcache\umaxpcls.sys
2009-01-31 15:01 . 2001-08-17 22:36 216,064 --a--c--- c:\windows\system32\dllcache\um34scan.dll
2009-01-31 15:01 . 2001-08-17 22:36 211,968 --a--c--- c:\windows\system32\dllcache\um54scan.dll
2009-01-31 15:01 . 2001-08-17 12:51 166,784 --a--c--- c:\windows\system32\dllcache\tridxpm.sys
2009-01-31 15:01 . 2001-08-17 22:36 47,616 --a--c--- c:\windows\system32\dllcache\umaxcam.dll
2009-01-31 15:01 . 2001-08-17 13:52 36,736 --a--c--- c:\windows\system32\dllcache\ultra.sys
2009-01-31 15:01 . 2001-08-17 13:48 11,520 --a--c--- c:\windows\system32\dllcache\twotrack.sys
2009-01-31 15:00 . 2001-08-17 22:36 525,568 --a--c--- c:\windows\system32\dllcache\tridxp.dll
2009-01-31 15:00 . 2001-08-17 14:56 440,576 --a--c--- c:\windows\system32\dllcache\tridkb.dll
2009-01-31 15:00 . 2001-08-17 14:56 315,520 --a--c--- c:\windows\system32\dllcache\trid3d.dll
2009-01-31 15:00 . 2001-08-17 12:51 222,336 --a--c--- c:\windows\system32\dllcache\trid3dm.sys
2009-01-31 15:00 . 2001-08-17 12:51 159,232 --a--c--- c:\windows\system32\dllcache\tridkbm.sys
2009-01-31 15:00 . 2008-04-14 05:42 82,944 --a--c--- c:\windows\system32\dllcache\tp4mon.exe
2009-01-31 15:00 . 2001-08-17 22:35 42,496 --a--c--- c:\windows\system32\dllcache\tp4res.dll
2009-01-31 15:00 . 2001-08-17 12:12 34,375 --a--c--- c:\windows\system32\dllcache\tpro4.sys
2009-01-31 14:59 . 2001-08-17 14:01 241,664 --a--c--- c:\windows\system32\dllcache\tosdvd02.sys
2009-01-31 14:59 . 2001-08-17 14:02 230,912 --a--c--- c:\windows\system32\dllcache\tosdvd03.sys
2009-01-31 14:59 . 2008-04-14 00:10 149,376 --a--c--- c:\windows\system32\dllcache\tffsport.sys
2009-01-31 14:59 . 2001-08-17 12:51 138,528 --a--c--- c:\windows\system32\dllcache\tgiulnt5.sys
2009-01-31 14:59 . 2001-08-17 12:14 123,995 --a--c--- c:\windows\system32\dllcache\tjisdn.sys
2009-01-31 14:59 . 2001-08-17 14:56 81,408 --a--c--- c:\windows\system32\dllcache\tgiul50.dll
2009-01-31 14:59 . 2001-08-17 22:36 31,744 --a--c--- c:\windows\system32\dllcache\tp4.dll
2009-01-31 14:59 . 2001-08-17 12:10 28,232 --a--c--- c:\windows\system32\dllcache\tos4mo.sys
2009-01-31 14:59 . 2001-08-17 13:51 4,992 --a--c--- c:\windows\system32\dllcache\toside.sys
2009-01-31 14:58 . 2001-08-17 14:56 172,768 --a--c--- c:\windows\system32\dllcache\t2r4disp.dll
2009-01-31 14:58 . 2001-08-17 12:13 37,961 --a--c--- c:\windows\system32\dllcache\tdk100b.sys
2009-01-31 14:58 . 2001-08-17 12:50 36,640 --a--c--- c:\windows\system32\dllcache\t2r4mini.sys
2009-01-31 14:58 . 2001-08-17 14:07 32,640 --a--c--- c:\windows\system32\dllcache\symc8xx.sys
2009-01-31 14:58 . 2001-08-17 13:49 30,464 --a--c--- c:\windows\system32\dllcache\tbatm155.sys
2009-01-31 14:58 . 2001-08-17 12:13 17,129 --a--c--- c:\windows\system32\dllcache\tdkcd31.sys
2009-01-31 14:58 . 2001-08-17 13:52 7,040 --a--c--- c:\windows\system32\dllcache\tandqic.sys
2009-01-31 14:57 . 2001-08-17 13:50 103,936 --a--c--- c:\windows\system32\dllcache\sx.sys
2009-01-31 14:57 . 2001-08-17 22:36 94,293 --a--c--- c:\windows\system32\dllcache\sxports.dll
2009-01-31 14:57 . 2001-08-17 14:07 30,688 --a--c--- c:\windows\system32\dllcache\sym_u3.sys
2009-01-31 14:57 . 2001-08-17 14:07 28,384 --a--c--- c:\windows\system32\dllcache\sym_hi.sys
2009-01-31 14:57 . 2001-08-17 14:07 16,256 --a--c--- c:\windows\system32\dllcache\symc810.sys
2009-01-31 14:57 . 2001-08-17 22:36 10,240 --a--c--- c:\windows\system32\dllcache\swpidflt.dll
2009-01-31 14:57 . 2001-08-17 22:36 10,240 --a--c--- c:\windows\system32\dllcache\swpdflt2.dll
2009-01-31 14:57 . 2001-08-17 14:02 3,968 --a--c--- c:\windows\system32\dllcache\swusbflt.sys
2009-01-31 14:56 . 2001-08-17 12:18 285,760 --a--c--- c:\windows\system32\dllcache\stlnata.sys
2009-01-31 14:56 . 2001-08-17 22:36 155,648 --a--c--- c:\windows\system32\dllcache\stlnprop.dll
2009-01-31 14:56 . 2001-08-17 22:36 53,760 --a--c--- c:\windows\system32\dllcache\sw_wheel.dll
2009-01-31 14:56 . 2001-08-17 22:36 53,248 --a--c--- c:\windows\system32\dllcache\stlncoin.dll
2009-01-31 14:56 . 2001-08-17 12:11 48,736 --a--c--- c:\windows\system32\dllcache\srwlnd5.sys
2009-01-31 14:56 . 2001-08-17 22:36 41,472 --a--c--- c:\windows\system32\dllcache\sw_effct.dll
2009-01-31 14:56 . 2001-08-17 13:51 16,896 --a--c--- c:\windows\system32\dllcache\stcusb.sys
2009-01-31 14:55 . 2001-08-17 22:36 114,688 --a--c--- c:\windows\system32\dllcache\sonypi.dll
2009-01-31 14:55 . 2001-08-17 22:36 106,584 --a--c--- c:\windows\system32\dllcache\spdports.dll
2009-01-31 14:55 . 2001-08-17 22:36 99,328 --a--c--- c:\windows\system32\dllcache\srusd.dll
2009-01-31 14:55 . 2001-08-17 13:51 61,824 --a--c--- c:\windows\system32\dllcache\speed.sys
2009-01-31 14:55 . 2001-08-17 12:51 37,040 --a--c--- c:\windows\system32\dllcache\sonypi.sys
2009-01-31 14:55 . 2001-08-17 22:36 24,660 --a--c--- c:\windows\system32\dllcache\spxupchk.dll
2009-01-31 14:55 . 2001-08-17 14:07 19,072 --a--c--- c:\windows\system32\dllcache\sparrow.sys
2009-01-31 14:55 . 2001-08-17 13:56 7,552 --a--c--- c:\windows\system32\dllcache\sonypvu1.sys
2009-01-31 14:54 . 2001-08-17 14:56 147,200 --a--c--- c:\windows\system32\dllcache\smidispb.dll
2009-01-31 14:54 . 2001-08-17 12:51 58,368 --a--c--- c:\windows\system32\dllcache\smiminib.sys
2009-01-31 14:54 . 2001-08-17 12:10 35,913 --a--c--- c:\windows\system32\dllcache\smcirda.sys
2009-01-31 14:54 . 2001-08-17 12:12 25,034 --a--c--- c:\windows\system32\dllcache\smcpwr2n.sys
2009-01-31 14:54 . 2001-08-17 12:12 24,576 --a--c--- c:\windows\system32\dllcache\smc8000n.sys
2009-01-31 14:54 . 2001-08-17 12:51 20,752 --a--c--- c:\windows\system32\dllcache\sonync.sys
2009-01-31 14:54 . 2001-08-17 13:53 9,600 --a--c--- c:\windows\system32\dllcache\sonymc.sys
2009-01-31 14:54 . 2008-04-14 00:10 7,552 --a--c--- c:\windows\system32\dllcache\sonyait.sys
2009-01-31 14:54 . 2001-08-17 13:53 7,040 --a--c--- c:\windows\system32\dllcache\snyaitmc.sys
2009-01-31 14:53 . 2001-08-17 12:12 94,698 --a--c--- c:\windows\system32\dllcache\sk98xwin.sys
2009-01-31 14:53 . 2001-08-17 12:12 91,294 --a--c--- c:\windows\system32\dllcache\skfpwin.sys
2009-01-31 14:53 . 2008-04-13 22:05 63,547 --a--c--- c:\windows\system32\dllcache\sla30nd5.sys
2009-01-31 14:53 . 2001-08-17 22:36 45,568 --a--c--- c:\windows\system32\dllcache\smb3w.dll
2009-01-31 14:53 . 2001-08-17 22:36 33,792 --a--c--- c:\windows\system32\dllcache\smb0w.dll
2009-01-31 14:53 . 2001-08-17 22:36 28,672 --a--c--- c:\windows\system32\dllcache\sma0w.dll
2009-01-31 14:53 . 2001-08-17 22:36 28,160 --a--c--- c:\windows\system32\dllcache\sm91w.dll
2009-01-31 14:53 . 2008-04-14 00:06 16,000 --a--c--- c:\windows\system32\dllcache\smbbatt.sys
2009-01-31 14:53 . 2008-04-14 00:06 6,912 --a--c--- c:\windows\system32\dllcache\smbclass.sys
2009-01-31 14:53 . 2001-08-17 13:57 6,784 --a--c--- c:\windows\system32\dllcache\smbhc.sys
2009-01-31 14:52 . 2001-08-17 14:56 252,032 --a--c--- c:\windows\system32\dllcache\sis300iv.dll
2009-01-31 14:52 . 2001-08-17 22:36 238,592 --a--c--- c:\windows\system32\dllcache\sisgrv.dll
2009-01-31 14:52 . 2001-08-17 14:56 157,696 --a--c--- c:\windows\system32\dllcache\sisv256.dll
2009-01-31 14:52 . 2001-08-17 14:56 150,144 --a--c--- c:\windows\system32\dllcache\sis6306v.dll
2009-01-31 14:52 . 2001-08-17 12:50 104,064 --a--c--- c:\windows\system32\dllcache\sisgrp.sys
2009-01-31 14:52 . 2001-08-17 12:50 68,608 --a--c--- c:\windows\system32\dllcache\sis6306p.sys
2009-01-31 14:52 . 2001-08-17 12:50 50,432 --a--c--- c:\windows\system32\dllcache\sisv.sys
2009-01-31 14:52 . 2008-04-13 22:05 32,768 --a--c--- c:\windows\system32\dllcache\sisnic.sys
2009-01-31 14:51 . 2001-08-17 22:36 386,560 --a--c--- c:\windows\system32\dllcache\sgiul50.dll
2009-01-31 14:51 . 2001-07-21 14:29 161,568 --a--c--- c:\windows\system32\dllcache\sgsmusb.sys
2009-01-31 14:51 . 2001-08-17 12:50 101,760 --a--c--- c:\windows\system32\dllcache\sis300ip.sys
2009-01-31 14:51 . 2001-08-17 12:51 98,080 --a--c--- c:\windows\system32\dllcache\sgiulnt5.sys
2009-01-31 14:51 . 2001-08-17 12:19 36,480 --a--c--- c:\windows\system32\dllcache\sfmanm.sys
.
(((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-05 12:46 --------- d-----w c:\program files\Tietoturvapalvelu
2009-02-05 10:43 --------- d-----w c:\documents and settings\Johtaja\Application Data\Orbit
2009-02-05 02:57 --------- d-----w c:\documents and settings\Johtaja\Application Data\TeraCopy
2009-02-03 20:40 --------- d-----w c:\documents and settings\All Users.WINDOWS\Application Data\Microsoft Help
2009-02-03 17:34 --------- d-----w c:\documents and settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
2009-01-31 15:48 2,285,056 ----a-w c:\windows\system32\TUKernel.exe
2009-01-31 15:29 --------- d-----w c:\documents and settings\Johtaja\Application Data\OpenOffice.org2
2009-01-31 02:01 --------- d-----w c:\program files\Common Files\Wise Installation Wizard
2009-01-30 23:09 --------- d-----w c:\documents and settings\Johtaja\Application Data\dvdcss
2009-01-28 14:39 --------- d---a-w c:\documents and settings\All Users.WINDOWS\Application Data\TEMP
2009-01-27 18:55 --------- d-----w c:\program files\Cossacks - The Art Of War
2009-01-25 10:26 --------- d-----w c:\documents and settings\All Users.WINDOWS\Application Data\X-Setup Pro
2009-01-24 01:27 --------- d-----w c:\program files\DivX
2009-01-23 18:23 --------- d-----w c:\documents and settings\All Users.WINDOWS\Application Data\fssg
2009-01-23 10:39 --------- d-----w c:\documents and settings\All Users.WINDOWS\Application Data\F-Secure
2009-01-20 06:09 --------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-01-19 17:32 --------- d-----w c:\documents and settings\All Users.WINDOWS\Application Data\Installations
2009-01-19 13:44 --------- d-----w c:\program files\Messenger Plus! Live
2009-01-18 09:03 --------- d-----w c:\program files\Common Files\Download Manager
2009-01-17 00:44 --------- d-----w c:\documents and settings\Johtaja\Application Data\LimeWire
2009-01-14 14:11 38,496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-14 14:11 15,504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-01-11 08:19 410,984 ----a-w c:\windows\system32\deploytk.dll
2009-01-11 08:19 --------- d-----w c:\program files\Java
2009-01-10 20:21 --------- d-----w c:\program files\WinPcap
2009-01-10 16:11 --------- d-----w c:\documents and settings\All Users.WINDOWS\Application Data\SecTaskMan
2009-01-10 09:59 --------- d-----w c:\program files\Common Files\Nokia
2009-01-09 14:09 --------- d-----w c:\program files\QuickTime
2009-01-09 13:20 --------- d-----w c:\documents and settings\Johtaja\Application Data\Software Informer
2009-01-09 12:31 --------- d-----w c:\documents and settings\All Users.WINDOWS\Application Data\Apple Computer
2009-01-09 11:31 --------- d-----w c:\program files\Nokia
2009-01-09 05:48 --------- d-----w c:\program files\PC Connectivity Solution
2009-01-08 13:25 --------- d-----w c:\program files\Heart Of Darkness
2009-01-05 16:41 --------- d-----w c:\program files\ATI
2009-01-05 16:04 --------- d-----w c:\program files\TuneUp Utilities 2008
2009-01-05 09:24 --------- d-----w c:\program files\Common Files\Logitech
2008-12-31 15:01 --------- d-----w c:\program files\Common Files\Nero
2008-12-29 14:36 --------- d-----w c:\documents and settings\Johtaja\Application Data\uTorrent
2008-12-28 22:48 2,330,643 ----a-w c:\windows\system32\x264vfw.dll
2008-12-28 13:51 --------- d-----w c:\documents and settings\Johtaja\Application Data\GrabIt
2008-12-28 13:18 --------- d-----w c:\documents and settings\Johtaja\Application Data\NewsLeecher
2008-12-27 15:25 --------- d-----w c:\documents and settings\Johtaja\Application Data\AVSMedia
2008-12-23 14:38 --------- d-----w c:\documents and settings\All Users.WINDOWS\Application Data\ATI
2008-12-23 13:56 --------- d-----w c:\program files\ATI Technologies
2008-12-23 13:36 --------- d-----w c:\documents and settings\All Users.WINDOWS\Application Data\DriverScanner
2008-12-23 13:34 --------- dc-h--w c:\documents and settings\All Users.WINDOWS\Application Data\{D5ABFFAD-D592-4F98-B02B-587125B4801F}
2008-12-23 13:34 --------- d-----w c:\program files\Uniblue
2008-12-23 10:28 --------- d-----w c:\documents and settings\Johtaja\Application Data\NeroDigital(TM)
2008-12-23 10:23 --------- d-----w c:\documents and settings\All Users.WINDOWS\Application Data\Nero
2008-12-22 16:09 --------- d-----w c:\documents and settings\Johtaja\Application Data\EditPlus 3
2008-12-22 16:08 --------- d-----w c:\documents and settings\Johtaja\Application Data\Vso
2008-12-22 16:07 --------- d-----w c:\documents and settings\Johtaja\Application Data\BSplayer Pro
2008-12-21 19:31 --------- d-----w c:\program files\Common Files\AVSMedia
2008-12-21 12:35 --------- d-----w c:\documents and settings\Johtaja\Application Data\.wyzo
2008-12-21 08:11 --------- d-----w c:\documents and settings\Johtaja\Application Data\PC Suite
2008-12-18 13:57 --------- d-----w c:\documents and settings\Johtaja\Application Data\vlc
2008-12-11 10:57 333,952 ----a-w c:\windows\system32\drivers\srv.sys
2008-12-11 00:33 86,016 ----a-w c:\windows\system32\dpl100.dll
2008-12-10 14:17 7,808 ----a-w c:\windows\system32\drivers\psi_mf.sys
2008-12-09 17:40 --------- d-----w c:\documents and settings\Johtaja\Application Data\Nero
2008-12-09 15:30 --------- d-----w c:\program files\Nero
2008-12-09 15:27 --------- d-----w c:\program files\Windows Sidebar
2008-12-08 11:53 57,344 ----a-w c:\windows\system32\ff_vfw.dll
2008-12-07 18:08 795,648 ----a-w c:\windows\system32\xvidcore.dll
2008-12-07 18:08 130,048 ----a-w c:\windows\system32\xvidvfw.dll
2008-12-06 09:44 --------- d-----w c:\program files\ReClock
2008-12-05 21:24 --------- d-----w c:\documents and settings\Johtaja\Application Data\r2 Studios
2008-12-05 21:24 --------- d-----w c:\documents and settings\All Users.WINDOWS\Application Data\r2 Studios
2008-12-05 18:18 --------- d-----w c:\program files\iTunes
2008-12-05 15:05 --------- d-----w c:\program files\OpenOffice.org 2.4
2008-12-05 15:02 --------- d-----w c:\program files\OpenOffice.org 2.2
2008-12-05 14:55 --------- d-----w c:\program files\OpenOffice
2008-12-05 11:46 --------- d-----w c:\program files\Common Files\Adobe AIR
2008-11-06 16:37 3,596,288 ----a-w c:\windows\system32\qt-dx331.dll
2008-11-06 16:33 684,032 ----a-w c:\windows\system32\divx.dll
2008-06-14 11:00 47,360 ----a-w c:\documents and settings\Johtaja\Application Data\pcouffin.sys
2008-06-05 19:59 22,328 ----a-w c:\documents and settings\Johtaja\Application Data\PnkBstrK.sys
2007-08-10 20:33 47,360 ----a-w c:\documents and settings\ghjf\Application Data\pcouffin.sys
2007-08-05 14:09 94,208 ----a-w c:\documents and settings\ghjf\Application Data\ezplay.sys
2007-08-04 12:00 81,920 ----a-w c:\documents and settings\ghjf\Application Data\ezpinst.exe
2007-06-08 21:18 60,488,734 ----a-w c:\program files\openofficeorg3.cab
2007-06-08 21:18 3,107,691 ----a-w c:\program files\openofficeorg4.cab
2007-06-08 21:15 15,241,445 ----a-w c:\program files\openofficeorg2.cab
2007-06-08 21:14 4,849,664 ----a-w c:\program files\openofficeorg22.msi
2007-06-08 21:14 217 ----a-w c:\program files\setup.ini
2007-06-08 21:14 17,937,115 ----a-w c:\program files\openofficeorg1.cab
2007-06-08 21:14 1,821,008 ----a-w c:\program files\instmsiw.exe
2007-06-08 21:14 1,707,856 ----a-w c:\program files\instmsia.exe
2007-02-02 20:36 21,822,168 ----a-w c:\program files\AdbeRdr80_en_US.exe
2007-01-27 15:48 1,951,432 ----a-w c:\program files\ppviewer.exe
2007-01-18 16:18 87,608 ----a-w c:\documents and settings\Administrator\Application Data\ezpinst.exe
2007-01-18 16:18 47,360 ----a-w c:\documents and settings\Administrator\Application Data\pcouffin.sys
2008-01-21 16:49 88 --sh--r c:\windows\system32\A843755FCC.sys
2008-01-26 12:41 56 --sh--r c:\windows\system32\CC5F7543A8.sys
2006-05-03 09:06 163,328 --sh--r c:\windows\system32\flvDX.dll
2008-04-16 19:35 4,184 --sha-w c:\windows\system32\KGyGaAvL.sys
2007-02-21 10:47 31,232 --sh--r c:\windows\system32\msfDX.dll
.
(((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{FEEA54B4-D80F-41C7-87B9-DC08E6D3255F}"= "d:\tykalu~1\NetWorx\deskband.dll" [2009-01-13 491520]
[HKEY_CLASSES_ROOT\clsid\{feea54b4-d80f-41c7-87b9-dc08e6d3255f}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinSnap"="d:\työkalut & ohjelmat\WinSnap\WinSnap.exe" [2008-08-22 386456]
"PeerGuardian"="d:\työkalut & ohjelmat\PeerGuardian2\pg2.exe" [2005-09-18 1421824]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2008-09-05 5724184]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2008-12-03 1205760]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"AlcoholAutomount"="d:\työkalut & ohjelmat\Alcohol 120%\axcmd.exe" [2008-07-09 4608]
"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 7\PCSync2.exe" [2008-11-10 1253376]
"BitComet"="d:\työkalut & ohjelmat\BitComet\BitComet.exe" [2008-08-22 2567992]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"F-Secure Manager"="c:\program files\Tietoturvapalvelu\Common\FSM32.EXE" [2008-09-23 182936]
"F-Secure TNB"="c:\program files\Tietoturvapalvelu\FSGUI\TNBUtil.exe" [2008-09-23 957024]
"News Service"="c:\program files\Tietoturvapalvelu\FSGUI\ispnews.exe" [2005-05-31 356352]
"LogitechCommunicationsManager"="c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2008-08-14 565008]
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2008-08-14 2407184]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2008-06-10 1406024]
"UnlockerAssistant"="d:\työkalut & ohjelmat\Unlocker\UnlockerAssistant.exe" [2008-05-02 15872]
"F-Secure ExploitShield"="c:\program files\Tietoturvapalvelu\ExploitShield\fsesgui.exe" [2008-12-17 678528]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-29 61440]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-01-11 136600]
"NetWorx"="d:\työkalut & ohjelmat\NetWorx\networx.exe" [2009-01-13 1114624]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator"="Narrator.exe" [2008-04-14 c:\windows\system32\narrator.exe]
c:\documents and settings\All Users.WINDOWS\Start Menu\Programs\Startup\
Orbit.lnk - d:\ty?kalut & ohjelmat\Orbitdownloader\orbitdm.exe [2007-09-29 1707208]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoRecentDocsNetHood"= 1 (0x1)
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "d:\työkalut & ohjelmat\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="c:\documents and settings\All Users.WINDOWS\Application Data\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 11:05 356352 d:\työkalut & ohjelmat\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=sockspy.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.tscc"= d:\tykalu~1\MpcStar\Codecs\tscc\tsccvid.dll
"msacm.divxa32"= divxa32.acm
"VIDC.X264"= x264vfw.dll
"VIDC.HFYU"= huffyuv.dll
"vidc.i263"= i263_32.drv
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcohol.bin]
--a------ 2008-02-22 13:30 1589704 d:\työkalut & ohjelmat\Alcohol 120%\Alcohol.bin
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitComet]
--a------ 2008-08-22 08:07 2567992 d:\työkalut & ohjelmat\BitComet\BitComet.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
--a------ 2007-08-24 06:00 33648 c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
--a------ 2009-01-15 16:17 1830128 d:\työkalut & ohjelmat\SUPERAntiSpyware\SUPERAntiSpyware.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"swg"=c:\program files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
"msnmsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" /background
"Alcohol.bin Autorun"=d:\työkalut & ohjelmat\Alcohol 120%\Alcohol.bin /startup
"_Alcohol.exe Autorun"=d:\työkalut & ohjelmat\Alcohol 120\_Alcohol.exe /startup
"AlcoholAutomount"="d:\työkalut & ohjelmat\Alcohol 120%\axcmd.exe" /automount
"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 7\PCSync2.exe" /NoDialog
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\Pelit\\Tom Clancy's rainbow six Vegas 2\\Binaries\\R6Vegas2_Launcher.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"d:\\Työkalut & Ohjelmat\\Orbitdownloader\\orbitdm.exe"=
"d:\\Työkalut & Ohjelmat\\Orbitdownloader\\orbitnet.exe"=
"d:\\Työkalut & Ohjelmat\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3587:TCP"= 3587:TCP:Windowsin vertaisjärjestelmäryhmittely
"3540:UDP"= 3540:UDP:PNRP (Peer Name Resolution Protocol)
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"27453:TCP"= 27453:TCP:BitComet 27453 TCP
"27453:UDP"= 27453:UDP:BitComet 27453 UDP
"21683:TCP"= 21683:TCP:BitComet 21683 TCP
"21683:UDP"= 21683:UDP:BitComet 21683 UDP
"27328:TCP"= 27328:TCP:BitComet 27328 TCP
"27328:UDP"= 27328:UDP:BitComet 27328 UDP
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
R0 fsbts;fsbts;c:\windows\system32\drivers\fsbts.sys [2009-01-23 33408]
R0 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [2007-08-19 79904]
R1 F-Secure HIPS;F-Secure HIPS;c:\program files\Tietoturvapalvelu\HIPS\drivers\fshs.sys [2009-01-23 66720]
R1 SASDIFSV;SASDIFSV;d:\työkalut & ohjelmat\SUPERAntiSpyware\sasdifsv.sys [2009-01-15 8944]
R1 SASKUTIL;SASKUTIL;d:\työkalut & ohjelmat\SUPERAntiSpyware\SASKUTIL.SYS [2009-01-15 55024]
R2 ExploitShield;F-Secure Exploit Shield Service;c:\program files\Tietoturvapalvelu\ExploitShield\fsessrv.exe [2008-12-18 257152]
R2 FSORSPClient;F-Secure ORSP Client;c:\program files\Tietoturvapalvelu\ORSP Client\fsorsp.exe [2008-12-18 49152]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [2009-01-05 603904]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\Tietoturvapalvelu\Anti-Virus\minifilter\fsgk.sys [2007-05-30 84096]
S3 BTCAMDRV;Mobiola Web Camera driver;c:\windows\system32\drivers\BTCamDrv.sys [2008-07-18 219136]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2009-01-19 138112]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2009-01-19 8320]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2007-11-06 34064]
S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2008-12-10 7808]
S3 SASENUM;SASENUM;d:\työkalut & ohjelmat\SUPERAntiSpyware\SASENUM.SYS [2009-01-15 7408]
S4 F-Secure Filter;F-Secure File System Filter;c:\program files\Tietoturvapalvelu\Anti-Virus\win2k\fsfilter.sys [2007-01-18 39776]
S4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files\Tietoturvapalvelu\Anti-Virus\win2k\fsrec.sys [2007-01-18 25184]
S4 ThreatFire;ThreatFire;c:\program files\ThreatFire\TFService.exe service --> c:\program files\ThreatFire\TFService.exe service [?]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
'Ajoitetut tehtävät'-kansion sisältö
2009-02-05 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 21:36]
2009-02-03 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
2009-02-05 c:\windows\Tasks\ktwlstvc.job
- c:\windows\system32\awttqrRk.dll []
2009-02-05 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 17:20]
2009-02-03 c:\windows\Tasks\SmartDefrag.job
- D:\Ty []
2009-02-03 c:\windows\Tasks\SmartDefrag.job
- D:\Ty []
.
- - - - POISTETUT JÄMÄRIVIT - - - -
WebBrowser-{C3CD744D-2FAE-4640-8297-16B5DA423104} - (no file)
MSConfigStartUp-DriveSitter Pro - d:\työkalut & ohjelmat\DriveSitter\DriveSitter.exe
.
------- Täydentävä tarkistus -------
.
uStart Page = hxxp://www.google.fi/
uInternet Settings,ProxyServer = 127.0.0.1:8080
uInternet Settings,ProxyOverride = local;*.local
IE: &D&ownload &with BitComet - d:\työkalut & ohjelmat\BitComet\BitComet.exe/AddLink.htm
IE: &D&ownload all video with BitComet - d:\työkalut & ohjelmat\BitComet\BitComet.exe/AddVideo.htm
IE: &D&ownload all with BitComet - d:\työkalut & ohjelmat\BitComet\BitComet.exe/AddAllLink.htm
IE: {{ECC5777A-6E88-BFCE-13CE-81F134789E7B} - d:\työkalut & ohjelmat\Messenger Backup\Messenger Backup
FF - ProfilePath - c:\documents and settings\Johtaja\Application Data\Mozilla\Firefox\Profiles\bq9j7446.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fi/
FF - prefs.js: keyword.URL - hxxp://search.sweetim.com/search.asp?src=2&q=
FF - component: c:\documents and settings\Johtaja\Application Data\Mozilla\Firefox\Profiles\bq9j7446.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\components\IBitCometExtension.dll
FF - component: c:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
---- FIREFOXIN KÄYTÄNNÖT ----
FF - user.js: network.proxy.type - 0
FF - user.js: network.proxy.http -
user_pref(network.proxy.http_port,);
FF - user.js: network.proxy.no_proxies_on -
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-05 16:06:33
Windows 5.1.2600 Service Pack 3 NTFS
tarkistaa piilotettuja prosesseja ...
tarkistaa piilotettuja käynnistysarvoja ...
tarkistaa piilotettuja tiedostoja ...
c:\documents and settings\Johtaja\Application Data\Software Informer\cache\icons\EW : Cossacks.ico 4398 bytes hidden from API
c:\documents and settings\Johtaja\Application Data\Software Informer\cache\icons\Cossacks : The Art Of War.ico 4398 bytes hidden from API
tarkistus on valmis
piilotetut tiedostot: 2
**************************************************************************
.
--------------------- LUKITUT REKISTERIAVAIMET ---------------------
[HKEY_USERS\S-1-5-21-527237240-764733703-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{36361C48-D9AC-38F4-6A27-2F88212F1EE0}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
[HKEY_USERS\S-1-5-21-527237240-764733703-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{A0451CAE-67AB-78A9-646B-B5FCA21810F2}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"iadnkcegkgbnklihej"=hex:6a,61,6b,66,6b,69,64,6f,6a,62,70,6b,6e,6a,70,6f,6a,6c,
6d,64,00,f0
"hajmpjoolfjicpee"=hex:6a,61,6b,66,6b,69,64,6f,6a,62,70,6b,6e,6a,70,6f,6a,6c,
6d,64,00,f0
[HKEY_USERS\S-1-5-21-527237240-764733703-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{B6CDABD2-23D9-02D4-F388-16AB1A27033F}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"iakpoempjfofgflapa"=hex:6a,61,6c,6b,69,6a,6f,69,6e,6a,6a,65,6d,67,6f,67,6b,61,
6c,69,00,00
"haipeogjcemojbgb"=hex:6b,61,6f,6a,6c,6c,6a,64,66,6e,6e,61,61,67,6c,62,66,6c,
6b,6f,6d,6f,00,00
[HKEY_USERS\S-1-5-21-527237240-764733703-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{F7421E15-A93C-283E-E641-B63CD638FD1E}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"abbaadapahnfecaapgbpnhgnediiofgaeb"=hex:61,62,70,61,6e,66,6d,64,65,64,6d,66,
62,6a,68,66,6e,69,6c,6f,61,61,6b,64,6b,6f,65,6e,65,61,69,68,68,6f,00,77
"bbbaadapahnfecaapgmpibmkhplgpcackfge"=hex:61,62,67,62,64,66,67,70,6c,65,65,66,
61,70,62,69,70,64,63,63,61,6c,62,6c,6d,63,6c,68,65,6c,67,6b,62,64,00,77
[HKEY_USERS\S-1-5-21-527237240-764733703-682003330-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:b9,f9,b2,65,74,0c,29,b8,8b,c1,55,f3,5b,a8,50,7e,ee,8e,3f,16,eb,88,90,
f7,ae,44,d4,24,82,ba,75,74,30,15,f2,33,74,c6,5f,3d,0f,f2,07,88,68,5d,ed,5e,\
"??"=hex:0e,5d,e1,30,1f,6e,1a,7c,98,2e,98,05,31,03,79,83
[HKEY_USERS\S-1-5-21-527237240-764733703-682003330-1003\Software\YourCompanyName\YourProductName\Version*]
"VersionData"=hex:bf,41,6e,38,2e,1a,4a,92,9f,0e,10,3a,95,b4,49,66,97,38,6d,ee,
b6,1b,ce,47,49,57,bc,c3,0f,ca,10,9b,58,8e,62,16,f8,f6,58,c2,a6,75,70,1c,75,\
.
--------------------- Prosesseihin ladatut DLLt ---------------------
- - - - - - - > 'winlogon.exe'(1140)
d:\työkalut & ohjelmat\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\Ati2evxx.dll
c:\program files\Tietoturvapalvelu\FWES\Program\fsdc32.dll
- - - - - - - > 'lsass.exe'(1212)
c:\program files\Tietoturvapalvelu\FWES\Program\fsdc32.dll
- - - - - - - > 'csrss.exe'(940)
c:\program files\Tietoturvapalvelu\FWES\Program\fsdc32.dll
.
Valmistumisajankohta: 2009-02-05 16:09:03
ComboFix-quarantined-files.txt 2009-02-05 14:09:00
Ennen ajoa: 3 844 149 248 bytes free
Ajon jälkeen: 3,822,141,440 tavua vapaana
Current=5 Default=5 Failed=4 LastKnownGood=6 Sets=1,2,3,4,5,6
470 --- E O F --- 2009-02-03 23:38:46
|
|
Hujo
Suspended permanently
|
5. helmikuuta 2009 @ 16:50 |
Linkki tähän viestiin
|
scannaa uusi hjt:n loki
==========
Luo poistolista:
? Avaa HiJackThis
? Klikkaa "Configure" valintaa oikealla alhaalla
? Klikkaa "Misc Tools"
? Klikkaa boxia joka sanoo "Uninstall Manager"
? Klikkaa valintaa "Save list"
? Kopioi ja liitä kyseinen lista muistiosta ketjuusi
Voiko tietsikka koskaan toimia?
|
Senior Member
|
5. helmikuuta 2009 @ 17:05 |
Linkki tähän viestiin
|
loki
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:00:07, on 5.2.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Tietoturvapalvelu\Common\FSM32.EXE
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Tietoturvapalvelu\ExploitShield\fsesgui.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
D:\Työkalut & Ohjelmat\NetWorx\networx.exe
D:\Työkalut & Ohjelmat\WinSnap\WinSnap.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
D:\Työkalut & Ohjelmat\PeerGuardian2\pg2.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Tietoturvapalvelu\ExploitShield\fsessrv.exe
C:\Program Files\Tietoturvapalvelu\Anti-Virus\fsgk32st.exe
C:\Program Files\Tietoturvapalvelu\Common\FSMA32.EXE
C:\Program Files\Tietoturvapalvelu\Anti-Virus\FSGK32.EXE
C:\Program Files\Tietoturvapalvelu\Common\FSMB32.EXE
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Tietoturvapalvelu\Common\FCH32.EXE
C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\Program Files\Tietoturvapalvelu\Common\FAMEH32.EXE
C:\Program Files\Tietoturvapalvelu\Anti-Virus\fsqh.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\Program Files\Tietoturvapalvelu\FSGUI\fsguidll.exe
D:\Työkalut & Ohjelmat\VNC4\WinVNC4.exe
D:\Työkalut & Ohjelmat\Orbitdownloader\orbitdm.exe
D:\Työkalut & Ohjelmat\Orbitdownloader\orbitnet.exe
C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Tietoturvapalvelu\Anti-Virus\fssm32.exe
C:\Program Files\Tietoturvapalvelu\FSAUA\program\fsaua.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\Tietoturvapalvelu\FWES\Program\fsdfwd.exe
C:\Program Files\Tietoturvapalvelu\FSAUA\program\fsus.exe
C:\Program Files\Tietoturvapalvelu\Anti-Virus\fsav32.exe
C:\WINDOWS\explorer.exe
D:\Työkalut & Ohjelmat\Smartin konvertteri\smartmovie.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\hjt\scanner.exe
C:\WINDOWS\system32\rundll32.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;*.local
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - D:\Työkalut & Ohjelmat\Orbitdownloader\orbitcth.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - D:\Työkalut & Ohjelmat\BitComet\tools\BitCometBHO_1.2.8.7.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\TYKALU~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - D:\Työkalut & Ohjelmat\Orbitdownloader\GrabPro.dll
O3 - Toolbar: &NetWorx Desk Band - {FEEA54B4-D80F-41C7-87B9-DC08E6D3255F} - D:\TYKALU~1\NetWorx\deskband.dll
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Tietoturvapalvelu\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Tietoturvapalvelu\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [News Service] "C:\Program Files\Tietoturvapalvelu\FSGUI\ispnews.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "D:\Työkalut & Ohjelmat\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [F-Secure ExploitShield] "C:\Program Files\Tietoturvapalvelu\ExploitShield\fsesgui.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [NetWorx] "D:\Työkalut & Ohjelmat\NetWorx\networx.exe" /auto
O4 - HKCU\..\Run: [WinSnap] "D:\Työkalut & Ohjelmat\WinSnap\WinSnap.exe" /startup
O4 - HKCU\..\Run: [PeerGuardian] D:\Työkalut & Ohjelmat\PeerGuardian2\pg2.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "D:\Työkalut & Ohjelmat\Alcohol 120%\axcmd.exe" /automount
O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe" /NoDialog
O4 - HKCU\..\Run: [BitComet] "D:\Työkalut & Ohjelmat\BitComet\BitComet.exe" /tray
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Global Startup: Orbit.lnk = ?
O8 - Extra context menu item: &D&ownload &with BitComet - res://D:\Työkalut & Ohjelmat\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://D:\Työkalut & Ohjelmat\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://D:\Työkalut & Ohjelmat\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - D:\Työkalut & Ohjelmat\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - D:\Työkalut & Ohjelmat\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://D:\Työkalut & Ohjelmat\BitComet\tools\BitCometBHO_1.2.8.7.dll/206 (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\TYKALU~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\TYKALU~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: Messenger Backup - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - D:\Työkalut & Ohjelmat\Messenger Backup\Messenger Backup (file missing)
O9 - Extra 'Tools' menuitem: &Messenger Backup - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - D:\Työkalut & Ohjelmat\Messenger Backup\Messenger Backup (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Sol...wn.cab56986.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Mes...nt.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/sh...ash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - Winlogon Notify: !SASWinLogon - D:\Työkalut & Ohjelmat\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe (file missing)
O23 - Service: Bonjour-palvelu (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: F-Secure Exploit Shield Service (ExploitShield) - F-Secure Corporation - C:\Program Files\Tietoturvapalvelu\ExploitShield\fsessrv.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Tietoturvapalvelu\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Tietoturvapalvelu\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Tietoturvapalvelu\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Tietoturvapalvelu\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\Tietoturvapalvelu\ORSP Client\fsorsp.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod-palvelu (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: NBService - Unknown owner - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 3 - Unknown owner - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe (file missing)
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe (file missing)
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - D:\Työkalut & Ohjelmat\VNC4\WinVNC4.exe
--
End of file - 14884 bytes
tässä se lista
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
4 Search w google search
4t Tray Minimizer Free 4.40
4U WMA MP3 Converter 6.2.6
Acrobat.com
Acrobat.com
ActiveState ActivePython 2.5.1.1
Adobe AIR
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9
Adobe Shockwave Player 11
All Media Fixer 9.11
AoA Audio Extractor 1.0
Apple Mobile Device Support
Apple Software Update
ATI - Software Uninstall Utility
ATI Catalyst Control Center
ATI Catalyst Registration
ATI Display Driver
ATI Parental Control & Encoder
AviSynth 2.5
AVS DVDMenu Editor 1.2.1.19
AVS Video Tools 5.6
Bonjour
Cartman's Authoritah 1.3
Catalyst Control Center - Branding
CCleaner (remove only)
Cinema Craft Encoder SP
Command & Conquer 3
CommuniCrypt Mail
Compare It!
ConvertXtoDVD 3.2.1.55b
CoreAVC Professional Edition
Cossacks - The Art Of War
Crimsonland
Crysis(R)
DC++ 0.7091
Diablo II
DVD Rebuilder
DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5.2.2.0
DVDFab Multi Setup
DVDFab Platinum
DVD-lab PRO 2.5
Easy Symbian Suite
EW : Cossacks
EVEREST Ultimate Edition v4.60
F-Secure ExploitShield
F-Secure ORSP Client
Google Toolbar for Internet Explorer
GrabIt 1.7.2 Beta 3 (build 996)
GrabPro - Toolbar
Heart Of Darkness
Hellfire
Hero Editor V0.90
HexEdit
HijackThis 2.0.2
Hitman Blood Money
Hotfix for Windows Internet Explorer 7 (KB947864)
Internet Cyclone 1.96
iTunes
IZArc 3.81
Java DB 10.3.1.4
Java(TM) 6 Update 11
Java(TM) 6 Update 7
Java(TM) SE Development Kit 6 Update 7
K-Lite Codec Pack 4.5.3 (Full)
LimeWire PRO 4.18.3
Little Fighter 2 version 2.0
Logitech Legacy USB Camera Driver Package
Logitech QuickCam
Logitech QuickCam Driver Package
Logitech Updater
Malwarebytes' Anti-Malware
Messenger Plus! Live
MessengerDiscovery 1.5.0800
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - FIN
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 1
Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - FIN
Microsoft .NET Framework 3.5
Microsoft .NET Framework 3.5
Microsoft .NET Framework 3.5 Language Pack - fin
Microsoft .NET Framework 3.5:n kielitukipaketti - FI
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft Office Access MUI (English) 2007
Microsoft Office Access MUI (Finnish) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Excel MUI (Finnish) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove MUI (Finnish) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office InfoPath MUI (Finnish) 2007
Microsoft Office Language Pack 2007 - Finnish/suomi
Microsoft Office O MUI (Finnish) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office OneNote MUI (Finnish) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office Outlook MUI (Finnish) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint MUI (Finnish) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (Finnish) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proof (Swedish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing (Finnish) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Publisher MUI (Finnish) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared MUI (Finnish) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office SharePoint Designer 2007 Service Pack 1 (SP1)
Microsoft Office SharePoint Designer MUI (Finnish) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Office Word MUI (Finnish) 2007
Microsoft Office X MUI (Finnish) 2007
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
MobileMe Control Panel
Mozilla Firefox (3.0.5)
Mp3tag v2.42
MpcStar 3.3
MSN Content Adder
MSVC80_x86
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 6.0 Parser
Nero 9 Trial
neroxml
NetWorx 4.6.2
Nokia Connectivity Cable Driver
Nokia Flashing Cable Driver
Nokia PC Suite
Nokia PC Suite
Nokia Software Updater
Oblivion
Oblivion - Horse Armor Pack
Oblivion - Knights of the Nine
Oblivion - Mehrunes Razor
Oblivion - Orrery
Oblivion - Spell Tomes
Oblivion - The Fighter's Stronghold
Oblivion - Thieves Den
Oblivion - Vile Lair
Oblivion - Wizard's Tower
OpenOffice.org 2.4
Orbit Downloader
PC Connectivity Solution
PeerGuardian 2.0
Photo-Brush 4.4
Proxy Finder Enterprise Edition
PunkBuster Services
Python 2.5 pyserial-2.2
Python 2.5.2
QuickTime
REALTEK GbE & FE Ethernet PCI-E NIC Driver
ReClock
Revo Uninstaller 1.75
Secunia PSI
Security Update for 2007 Microsoft Office System (KB951550)
Security Update for 2007 Microsoft Office System (KB951944)
Security Update for 2007 Microsoft Office System (KB958439)
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft Office Excel 2007 (KB958437)
Security Update for Microsoft Office OneNote 2007 (KB950130)
Security Update for Microsoft Office PowerPoint 2007 (KB951338)
Security Update for Microsoft Office Publisher 2007 (KB950114)
Security Update for Microsoft Office system 2007 (KB954326)
Security Update for Microsoft Office system 2007 (KB956828)
Security Update for Microsoft Office Word 2007 (KB956358)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB958687)
Sierra Utilities
SimpPro 2.2
Smart Defrag 1.10
SmartMovie Converter
Software Informer 1.0 BETA
SoundMAX
Spybot - Search & Destroy
SpywareBlaster 4.1
StuffPlug 3
Subtitle Workshop 2.51
SUPER © Version 2007.bld.23 (July 4, 2007)
SUPERAntiSpyware Free Edition
SWF Opener
System Requirements Lab
TeraCopy 1.22 Pro
Tietoturvapalvelu
Tom Clancy's Rainbow Six Vegas 2
TuneUp Utilities 2009
Uniblue DriverScanner 2009
Uniblue DriverScanner 2009
Unlocker 1.8.7
Unofficial Official Mods Patch v12
Unofficial Shivering Isles Patch v1.2.0
Update for Microsoft Office Outlook 2007 (KB952142)
Update for Office 2007 (KB946691)
Update for Outlook 2007 Junk Email Filter (kb959141)
Win IP Config 2.7
Windows Defender
Windows Internet Explorer 7 Multilingual User Interface (MUI)
Windows Live installer
Windows Live Messenger
Windows Live OneCare safety scanner
Windows Liven kirjautumisavustaja
Windows Media Format Runtime
Windowsin ohjainpaketti - Nokia Modem (10/27/2008 3.9)
Windowsin ohjainpaketti - Nokia Modem (10/27/2008 7.01.0.1)
Windowsin ohjainpaketti - Nokia pccsmcfd (08/22/2008 7.0.0.0)
WinHTTrack Website Copier 3.43
WinPcap 4.0.2
WinRAR archiver
WinSnap
Visual USB
VLC media player 0.9.8a
WM Recorder 12.1
VNC Enterprise Edition E4.4.2
VNC Mirror Driver 1.8.0
VobSub v2.23
Wolfenstein - Enemy Territory
Worms World Party
wxPython 2.8.7.1 (ansi) for Python 2.5
xp-AntiSpy 3.96-8
XQDC X-Setup Pro 9.0.100
XviD MPEG4 Video Codec
|
|
Hujo
Suspended permanently
|
5. helmikuuta 2009 @ 18:08 |
Linkki tähän viestiin
|
Poista lisää poista sovelutuksesta
Java(TM) 6 Update 7
xp-AntiSpy 3.96-8
Poista kansio vikasiedossa
c:\program files\ThreatFire
================
katso että ei ole windowsin palomuuri päällä
============
Päivitä Malwarebytes' Anti-Malware aja täysi scannaus
===========
Lataa Atribunen ATF Cleaner
Ohjeet;
Tupla-klikkaa ATF-Cleaner.exe käynnistääksesi ohjelman.Main:n alla valitse: Select All
Klikkaa Empty Selected valintaa.
Jos käytät FireFoxia selaimenasi Klikkaa Firefox yläpuolelta ja valitse: Select All
Klikkaa Empty Selected valintaa.
HUOMIO: Jos haluaisit pitää tallennetut salasanasi, klikkaa No kun se sitä kysyy.
Jos käytät Operaa selaimenasiKlikkaa Opera yläpuolelta ja valitse: Select All
Klikkaa Empty Selected valintaa taas.
HUOMIO: Jos haluaisit pitää tallennetut salasanasi, klikkaa No kun se sitä kysyy.
Klikkaa Exit päävalikosta sulkeaksesi ohjelman.
Teknistä tukea tulee jos tupla-klikkaat sähköpostiosoitetta joka sijaitsee jokaisen menun alapuolella kyseisessä työkalussa. (Huomatkaa että se tuki on sitten englanniksi)
Voiko tietsikka koskaan toimia?
Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 5. helmikuuta 2009 @ 18:08
|
Senior Member
|
9. helmikuuta 2009 @ 21:38 |
Linkki tähän viestiin
|
|
ei löytäny malwarebytes mitään. tein noi muut mutten en löytäny koneelta tuota threatfiren kansiota!... en mistään
|
|
Hujo
Suspended permanently
|
9. helmikuuta 2009 @ 23:20 |
Linkki tähän viestiin
|
|
Mikäs on koneen toiminta
Voiko tietsikka koskaan toimia?
|
Senior Member
|
10. helmikuuta 2009 @ 15:42 |
Linkki tähän viestiin
|
|
toimii se nyt ihan hyvin muuten paitsi että siinä on edelleen se että kun käynnistää koneen uudelleen nii se alapalkki muuttuu edelleen harmaaks. Ja sit äänet ei kuulu.. Meniskö se johonkin vikasietotilaan ehkä.. Kun nimittäin kun menee vikasietotilaan nii se alapalkki muuttuu myös silloin harmaaksi. Mut en usko että se enää viruksista johtuu kun on tässä sen verran jo putsailtu..
|
|
Hujo
Suspended permanently
|
10. helmikuuta 2009 @ 16:06 |
Linkki tähän viestiin
|
|
Joo,,, sille vois tehä sen korjausasennuksen.
Ei sen nyt pitäs harmaaksi muuttua.
tuntuis että siellä olis niinkuin kaksi käyttöjärjestelmää sisällä.
Löytyykö sieltä resusinhallinasta
C:\windows
C:\windows.0000
jotakin tuohon tyyliin
Voiko tietsikka koskaan toimia?
Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 10. helmikuuta 2009 @ 16:08
|
Senior Member
|
10. helmikuuta 2009 @ 20:08 |
Linkki tähän viestiin
|
|
eipä löydy mitään tollaista..
|
|
Hujo
Suspended permanently
|
10. helmikuuta 2009 @ 20:28 |
Linkki tähän viestiin
|
Lataa NoLop työpöydällesi yhdestä seuraavista linkeistä...
Linkki1
Linkki2
Linkki3
1.Sulje kaikki ohjelmat, koska tämä vaihe vaatii uudelleenkäynnistyksen
2.Tuplaklikkaa NoLop.exe ajaaksesi sen
3.Klikkaa nappulaa "Search and Destroy"
<<Tietokoneesi skannataan saastuneiden tiedostojen osalta>>
4, Kun skannaus on valmis, sinua pyydetään käynnistämään kone uudestaan, jos infektio löytyy. Klikkaa OK
5. Klikkaa "REBOOT"-painiketta.
6. NoLopin pitäisi antaa viesti. Jos ei, tuplaklikkaa ohjelmaa ja se valmistuu. Lähetä C:\NoLop.log-tiedoston sisältö uuden HijackThis-lokin kera.
-- Jos saat seuraavan virheen, "mscomctl.ocx or one of its dependencies are not correctly registered," lataa mscomctl.ocx ja tallenna se system32-hakemistoosi (yleensä c:\Windows\system32). Tämän jälkeen aja ohjelma uudestaan.
Voiko tietsikka koskaan toimia?
|
|
Mainos
|
|
|
Senior Member
|
11. helmikuuta 2009 @ 18:26 |
Linkki tähän viestiin
|
ëi löytäny mitään..
NoLop! Log by Skate_Punk_21
Fix running from: C:\Documents and Settings\Johtaja\Desktop
[2009-02-11]
[18:18:04]
---Infection Files Found/Removed---
NO INFECTION FILES FOUND - Cleaning Aborted.
---Listing AppData sub directories---
C:\Documents and Settings\Administrator\Application Data\Adobe
C:\Documents and Settings\Administrator\Application Data\Apple Computer
C:\Documents and Settings\Administrator\Application Data\Ati -- EMPTY Directory
C:\Documents and Settings\Administrator\Application Data\Bsplayer
C:\Documents and Settings\Administrator\Application Data\Divx
C:\Documents and Settings\Administrator\Application Data\F-secure
C:\Documents and Settings\Administrator\Application Data\Getrighttogo
C:\Documents and Settings\Administrator\Application Data\Identities
C:\Documents and Settings\Administrator\Application Data\Ispnews
C:\Documents and Settings\Administrator\Application Data\Lavasoft -- EMPTY Directory
C:\Documents and Settings\Administrator\Application Data\Macromedia
C:\Documents and Settings\Administrator\Application Data\Media Player Classic
C:\Documents and Settings\Administrator\Application Data\Microsoft
C:\Documents and Settings\Administrator\Application Data\Mozilla
C:\Documents and Settings\Administrator\Application Data\Pex
C:\Documents and Settings\Administrator\Application Data\Sun
C:\Documents and Settings\Administrator\Application Data\Talkback
C:\Documents and Settings\Administrator\Application Data\Tor
C:\Documents and Settings\Administrator\Application Data\Vidalia
C:\Documents and Settings\Administrator\Application Data\Vso -- EMPTY Directory
C:\Documents and Settings\Administrator\Application Data\Winrar -- EMPTY Directory
C:\Documents and Settings\Administrator.jk-cf13c05ee1e2\Application Data\Microsoft
C:\Documents and Settings\All Users\Application Data\1click Dvd Copy
C:\Documents and Settings\All Users\Application Data\Acronis
C:\Documents and Settings\All Users\Application Data\Adobe
C:\Documents and Settings\All Users\Application Data\Ahead
C:\Documents and Settings\All Users\Application Data\Apple
C:\Documents and Settings\All Users\Application Data\Apple Computer
C:\Documents and Settings\All Users\Application Data\Dvd Shrink
C:\Documents and Settings\All Users\Application Data\F-secure
C:\Documents and Settings\All Users\Application Data\Google
C:\Documents and Settings\All Users\Application Data\Grisoft
C:\Documents and Settings\All Users\Application Data\Installations
C:\Documents and Settings\All Users\Application Data\Mcafee
C:\Documents and Settings\All Users\Application Data\Microsoft
C:\Documents and Settings\All Users\Application Data\Nero
C:\Documents and Settings\All Users\Application Data\Pc Suite
C:\Documents and Settings\All Users\Application Data\River Past G5
C:\Documents and Settings\All Users\Application Data\Siteadvisor -- EMPTY Directory
C:\Documents and Settings\All Users\Application Data\Slysoft
C:\Documents and Settings\All Users\Application Data\Temp -- EMPTY Directory
C:\Documents and Settings\All Users\Application Data\Trymedia
C:\Documents and Settings\All Users\Application Data\Vsosdk
C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
C:\Documents and Settings\All Users.windows\Application Data\Adobe
C:\Documents and Settings\All Users.windows\Application Data\Ahead
C:\Documents and Settings\All Users.windows\Application Data\Apple
C:\Documents and Settings\All Users.windows\Application Data\Apple Computer
C:\Documents and Settings\All Users.windows\Application Data\Ati
C:\Documents and Settings\All Users.windows\Application Data\Avs4you
C:\Documents and Settings\All Users.windows\Application Data\Corel
C:\Documents and Settings\All Users.windows\Application Data\Driverscanner
C:\Documents and Settings\All Users.windows\Application Data\F-secure
C:\Documents and Settings\All Users.windows\Application Data\Fssg
C:\Documents and Settings\All Users.windows\Application Data\Google
C:\Documents and Settings\All Users.windows\Application Data\Grisoft
C:\Documents and Settings\All Users.windows\Application Data\Hkpobqdg -- EMPTY Directory
C:\Documents and Settings\All Users.windows\Application Data\Installations
C:\Documents and Settings\All Users.windows\Application Data\Logishrd
C:\Documents and Settings\All Users.windows\Application Data\Logitech
C:\Documents and Settings\All Users.windows\Application Data\Malwarebytes
C:\Documents and Settings\All Users.windows\Application Data\Messenger Plus!
C:\Documents and Settings\All Users.windows\Application Data\Microsoft
C:\Documents and Settings\All Users.windows\Application Data\Microsoft Help
C:\Documents and Settings\All Users.windows\Application Data\Nero
C:\Documents and Settings\All Users.windows\Application Data\Nokia
C:\Documents and Settings\All Users.windows\Application Data\Nos -- EMPTY Directory
C:\Documents and Settings\All Users.windows\Application Data\Office Genuine Advantage
C:\Documents and Settings\All Users.windows\Application Data\Passmark -- EMPTY Directory
C:\Documents and Settings\All Users.windows\Application Data\Pc Suite
C:\Documents and Settings\All Users.windows\Application Data\Pc Tools
C:\Documents and Settings\All Users.windows\Application Data\R2 Studios
C:\Documents and Settings\All Users.windows\Application Data\Sectaskman
C:\Documents and Settings\All Users.windows\Application Data\Softperfect
C:\Documents and Settings\All Users.windows\Application Data\Spybot - Search & Destroy
C:\Documents and Settings\All Users.windows\Application Data\Superantispyware.com
C:\Documents and Settings\All Users.windows\Application Data\Temp -- EMPTY Directory
C:\Documents and Settings\All Users.windows\Application Data\Trymedia
C:\Documents and Settings\All Users.windows\Application Data\Tuneup Software
C:\Documents and Settings\All Users.windows\Application Data\Ubisoft
C:\Documents and Settings\All Users.windows\Application Data\Vsosdk
C:\Documents and Settings\All Users.windows\Application Data\Windows Genuine Advantage
C:\Documents and Settings\All Users.windows\Application Data\Wlinstaller
C:\Documents and Settings\All Users.windows\Application Data\X-setup Pro
C:\Documents and Settings\All Users.windows\Application Data\{3276be95_af08_429f_a64f_ca64cb79bcf6}
C:\Documents and Settings\All Users.windows\Application Data\{51019853-129c-4ede-9030-d5fd7bbd9ad0} -- EMPTY Directory
C:\Documents and Settings\All Users.windows\Application Data\{55a29068-f2ce-456c-9148-c869879e2357}
C:\Documents and Settings\All Users.windows\Application Data\{d5abffad-d592-4f98-b02b-587125b4801f}
C:\Documents and Settings\Default User\Application Data\Microsoft
C:\Documents and Settings\Default User.windows\Application Data\Microsoft
C:\Documents and Settings\Ghjf\Application Data\Accuraterip -- EMPTY Directory
C:\Documents and Settings\Ghjf\Application Data\Acronis
C:\Documents and Settings\Ghjf\Application Data\Adobe
C:\Documents and Settings\Ghjf\Application Data\Ahead
C:\Documents and Settings\Ghjf\Application Data\Apple Computer
C:\Documents and Settings\Ghjf\Application Data\Ati -- EMPTY Directory
C:\Documents and Settings\Ghjf\Application Data\Bsplayer Pro
C:\Documents and Settings\Ghjf\Application Data\Divx
C:\Documents and Settings\Ghjf\Application Data\Dvdcss
C:\Documents and Settings\Ghjf\Application Data\Dvdfab
C:\Documents and Settings\Ghjf\Application Data\F-secure
C:\Documents and Settings\Ghjf\Application Data\Foxiespywareswiftsweeper
C:\Documents and Settings\Ghjf\Application Data\Google
C:\Documents and Settings\Ghjf\Application Data\Grisoft
C:\Documents and Settings\Ghjf\Application Data\Hamachi
C:\Documents and Settings\Ghjf\Application Data\Help -- EMPTY Directory
C:\Documents and Settings\Ghjf\Application Data\Identities
C:\Documents and Settings\Ghjf\Application Data\Installshield
C:\Documents and Settings\Ghjf\Application Data\Ispnews
C:\Documents and Settings\Ghjf\Application Data\Limewire
C:\Documents and Settings\Ghjf\Application Data\Macromedia
C:\Documents and Settings\Ghjf\Application Data\Microsoft
C:\Documents and Settings\Ghjf\Application Data\Mozilla
C:\Documents and Settings\Ghjf\Application Data\Mp3tag
C:\Documents and Settings\Ghjf\Application Data\Newsleecher
C:\Documents and Settings\Ghjf\Application Data\Nokia
C:\Documents and Settings\Ghjf\Application Data\Nokia Multimedia Player
C:\Documents and Settings\Ghjf\Application Data\Openoffice.org2
C:\Documents and Settings\Ghjf\Application Data\Pc Suite
C:\Documents and Settings\Ghjf\Application Data\Pgcedit
C:\Documents and Settings\Ghjf\Application Data\River Past G5
C:\Documents and Settings\Ghjf\Application Data\Securom
C:\Documents and Settings\Ghjf\Application Data\Siteadvisor
C:\Documents and Settings\Ghjf\Application Data\Sun
C:\Documents and Settings\Ghjf\Application Data\Talkback
C:\Documents and Settings\Ghjf\Application Data\Teracopy
C:\Documents and Settings\Ghjf\Application Data\Tor
C:\Documents and Settings\Ghjf\Application Data\Tvu Networks
C:\Documents and Settings\Ghjf\Application Data\Uniblue
C:\Documents and Settings\Ghjf\Application Data\Urusoft
C:\Documents and Settings\Ghjf\Application Data\Utorrent
C:\Documents and Settings\Ghjf\Application Data\Vidalia
C:\Documents and Settings\Ghjf\Application Data\Vlc
C:\Documents and Settings\Ghjf\Application Data\Vso
C:\Documents and Settings\Ghjf\Application Data\Winrar -- EMPTY Directory
C:\Documents and Settings\Guest\Application Data\Ispnews
C:\Documents and Settings\Guest\Application Data\Microsoft
C:\Documents and Settings\Guest\Application Data\Mozilla
C:\Documents and Settings\Guest\Application Data\Orbit
C:\Documents and Settings\Guest\Application Data\Pc Suite
C:\Documents and Settings\Johtaja\Application Data\.wyzo -- EMPTY Directory
C:\Documents and Settings\Johtaja\Application Data\Adobe
C:\Documents and Settings\Johtaja\Application Data\Adobeum -- EMPTY Directory
C:\Documents and Settings\Johtaja\Application Data\Ahead
C:\Documents and Settings\Johtaja\Application Data\Apple Computer
C:\Documents and Settings\Johtaja\Application Data\Ati
C:\Documents and Settings\Johtaja\Application Data\Avsmedia
C:\Documents and Settings\Johtaja\Application Data\Bsplayer Pro
C:\Documents and Settings\Johtaja\Application Data\Com.adobe.mauby.4875e02d9fb21ee389f73b8d1702b320485df8ce.1
C:\Documents and Settings\Johtaja\Application Data\Command & Conquer 3 Tiberium Wars
C:\Documents and Settings\Johtaja\Application Data\Corel
C:\Documents and Settings\Johtaja\Application Data\Daemon Tools
C:\Documents and Settings\Johtaja\Application Data\Deepburner Pro
C:\Documents and Settings\Johtaja\Application Data\Divx
C:\Documents and Settings\Johtaja\Application Data\Dvdcss
C:\Documents and Settings\Johtaja\Application Data\Dvdfab
C:\Documents and Settings\Johtaja\Application Data\Ecsoftware
C:\Documents and Settings\Johtaja\Application Data\Editplus 3
C:\Documents and Settings\Johtaja\Application Data\Eltima Software -- EMPTY Directory
C:\Documents and Settings\Johtaja\Application Data\F-secure
C:\Documents and Settings\Johtaja\Application Data\Filezilla
C:\Documents and Settings\Johtaja\Application Data\Ftweak -- EMPTY Directory
C:\Documents and Settings\Johtaja\Application Data\Google
C:\Documents and Settings\Johtaja\Application Data\Grabit -- EMPTY Directory
C:\Documents and Settings\Johtaja\Application Data\Grabpro
C:\Documents and Settings\Johtaja\Application Data\Gtk-2.0
C:\Documents and Settings\Johtaja\Application Data\Help -- EMPTY Directory
C:\Documents and Settings\Johtaja\Application Data\Hide Ip Ng
C:\Documents and Settings\Johtaja\Application Data\Identities
C:\Documents and Settings\Johtaja\Application Data\Installshield
C:\Documents and Settings\Johtaja\Application Data\Iobit
C:\Documents and Settings\Johtaja\Application Data\Ispnews
C:\Documents and Settings\Johtaja\Application Data\Joost
C:\Documents and Settings\Johtaja\Application Data\Kc Softwares
C:\Documents and Settings\Johtaja\Application Data\Leadertech
C:\Documents and Settings\Johtaja\Application Data\Limewire
C:\Documents and Settings\Johtaja\Application Data\Macromedia
C:\Documents and Settings\Johtaja\Application Data\Malwarebytes
C:\Documents and Settings\Johtaja\Application Data\Media Player Classic
C:\Documents and Settings\Johtaja\Application Data\Microsoft
C:\Documents and Settings\Johtaja\Application Data\Mozilla
C:\Documents and Settings\Johtaja\Application Data\Mp3tag
C:\Documents and Settings\Johtaja\Application Data\Nero
C:\Documents and Settings\Johtaja\Application Data\Nerodigital(tm) -- EMPTY Directory
C:\Documents and Settings\Johtaja\Application Data\Newsleecher
C:\Documents and Settings\Johtaja\Application Data\Nokia
C:\Documents and Settings\Johtaja\Application Data\Openoffice.org2
C:\Documents and Settings\Johtaja\Application Data\Orbit
C:\Documents and Settings\Johtaja\Application Data\Pc Suite
C:\Documents and Settings\Johtaja\Application Data\R2 Studios
C:\Documents and Settings\Johtaja\Application Data\Realvnc
C:\Documents and Settings\Johtaja\Application Data\Securom
C:\Documents and Settings\Johtaja\Application Data\Simplogs
C:\Documents and Settings\Johtaja\Application Data\Software Informer
C:\Documents and Settings\Johtaja\Application Data\Sun
C:\Documents and Settings\Johtaja\Application Data\Superantispyware.com
C:\Documents and Settings\Johtaja\Application Data\Systemrequirementslab
C:\Documents and Settings\Johtaja\Application Data\Talkback
C:\Documents and Settings\Johtaja\Application Data\Teamviewer
C:\Documents and Settings\Johtaja\Application Data\Teracopy
C:\Documents and Settings\Johtaja\Application Data\Tigerplayer
C:\Documents and Settings\Johtaja\Application Data\Tuneup Software
C:\Documents and Settings\Johtaja\Application Data\Ubisoft
C:\Documents and Settings\Johtaja\Application Data\Uniblue
C:\Documents and Settings\Johtaja\Application Data\Utorrent
C:\Documents and Settings\Johtaja\Application Data\Vlc
C:\Documents and Settings\Johtaja\Application Data\Vso
C:\Documents and Settings\Johtaja\Application Data\Webcam Recorder
C:\Documents and Settings\Johtaja\Application Data\Winrar -- EMPTY Directory
C:\Documents and Settings\Johtaja\Application Data\X-setup Pro
C:\Documents and Settings\Localservice\Application Data\Microsoft
C:\Documents and Settings\Localservice\Application Data\Mozilla
C:\Documents and Settings\Localservice\Application Data\Siteadvisor
C:\Documents and Settings\Localservice\Application Data\Talkback
C:\Documents and Settings\Localservice.nt Authority\Application Data\Macromedia
C:\Documents and Settings\Localservice.nt Authority\Application Data\Microsoft
C:\Documents and Settings\Localservice.nt Authority\Application Data\Mozilla
C:\Documents and Settings\Networkservice\Application Data\Microsoft
C:\Documents and Settings\Networkservice.nt Authority\Application Data\Microsoft
C:\Documents and Settings\Tyu\Application Data\Adobe
C:\Documents and Settings\Tyu\Application Data\Ati -- EMPTY Directory
C:\Documents and Settings\Tyu\Application Data\F-secure
C:\Documents and Settings\Tyu\Application Data\Google -- EMPTY Directory
C:\Documents and Settings\Tyu\Application Data\Identities
C:\Documents and Settings\Tyu\Application Data\Ispnews
C:\Documents and Settings\Tyu\Application Data\Limewire
C:\Documents and Settings\Tyu\Application Data\Microsoft
C:\Documents and Settings\Tyu\Application Data\Mozilla
C:\Documents and Settings\Tyu\Application Data\Pc Suite
C:\Documents and Settings\Tyu\Application Data\Siteadvisor
C:\Documents and Settings\Tyu\Application Data\Talkback
hijackthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:25, on 2009-02-11
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Tietoturvapalvelu\Common\FSM32.EXE
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
D:\Työkalut & Ohjelmat\Unlocker\UnlockerAssistant.exe
C:\Program Files\Tietoturvapalvelu\ExploitShield\fsesgui.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
D:\Työkalut & Ohjelmat\NetWorx\networx.exe
D:\Työkalut & Ohjelmat\WinSnap\WinSnap.exe
D:\Työkalut & Ohjelmat\PeerGuardian2\pg2.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe
D:\Työkalut & Ohjelmat\Orbitdownloader\orbitdm.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Tietoturvapalvelu\ExploitShield\fsessrv.exe
C:\Program Files\Tietoturvapalvelu\Anti-Virus\fsgk32st.exe
C:\Program Files\Tietoturvapalvelu\Common\FSMA32.EXE
C:\Program Files\Tietoturvapalvelu\Anti-Virus\FSGK32.EXE
C:\Program Files\Tietoturvapalvelu\Common\FSMB32.EXE
D:\Työkalut & Ohjelmat\Orbitdownloader\orbitnet.exe
C:\Program Files\Tietoturvapalvelu\Common\FCH32.EXE
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Tietoturvapalvelu\Anti-Virus\fsqh.exe
C:\Program Files\Tietoturvapalvelu\Common\FAMEH32.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Tietoturvapalvelu\FSGUI\fsguidll.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
D:\Työkalut & Ohjelmat\VNC4\WinVNC4.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Tietoturvapalvelu\FSAUA\program\fsaua.exe
C:\Program Files\Tietoturvapalvelu\Anti-Virus\fssm32.exe
C:\Program Files\Tietoturvapalvelu\FWES\Program\fsdfwd.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Tietoturvapalvelu\FSAUA\program\fsus.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\Tietoturvapalvelu\Anti-Virus\fsav32.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\inetsrv\DavCData.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\hjt\scanner.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;*.local
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - D:\Työkalut & Ohjelmat\Orbitdownloader\orbitcth.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - D:\Työkalut & Ohjelmat\BitComet\tools\BitCometBHO_1.2.8.7.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\TYKALU~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - D:\Työkalut & Ohjelmat\Orbitdownloader\GrabPro.dll
O3 - Toolbar: &NetWorx Desk Band - {FEEA54B4-D80F-41C7-87B9-DC08E6D3255F} - D:\TYKALU~1\NetWorx\deskband.dll
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Tietoturvapalvelu\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Tietoturvapalvelu\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [News Service] "C:\Program Files\Tietoturvapalvelu\FSGUI\ispnews.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "D:\Työkalut & Ohjelmat\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [F-Secure ExploitShield] "C:\Program Files\Tietoturvapalvelu\ExploitShield\fsesgui.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [NetWorx] "D:\Työkalut & Ohjelmat\NetWorx\networx.exe" /auto
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [WinSnap] "D:\Työkalut & Ohjelmat\WinSnap\WinSnap.exe" /startup
O4 - HKCU\..\Run: [PeerGuardian] D:\Työkalut & Ohjelmat\PeerGuardian2\pg2.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "D:\Työkalut & Ohjelmat\Alcohol 120%\axcmd.exe" /automount
O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe" /NoDialog
O4 - HKCU\..\Run: [BitComet] "D:\Työkalut & Ohjelmat\BitComet\BitComet.exe" /tray
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Global Startup: Orbit.lnk = ?
O8 - Extra context menu item: &D&ownload &with BitComet - res://D:\Työkalut & Ohjelmat\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://D:\Työkalut & Ohjelmat\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://D:\Työkalut & Ohjelmat\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - D:\Työkalut & Ohjelmat\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - D:\Työkalut & Ohjelmat\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://D:\Työkalut & Ohjelmat\BitComet\tools\BitCometBHO_1.2.8.7.dll/206 (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\TYKALU~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\TYKALU~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: Messenger Backup - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - D:\Työkalut & Ohjelmat\Messenger Backup\Messenger Backup (file missing)
O9 - Extra 'Tools' menuitem: &Messenger Backup - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - D:\Työkalut & Ohjelmat\Messenger Backup\Messenger Backup (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Sol...wn.cab56986.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Mes...nt.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/sh...ash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - Winlogon Notify: !SASWinLogon - D:\Työkalut & Ohjelmat\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe (file missing)
O23 - Service: Bonjour-palvelu (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: F-Secure Exploit Shield Service (ExploitShield) - F-Secure Corporation - C:\Program Files\Tietoturvapalvelu\ExploitShield\fsessrv.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Tietoturvapalvelu\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Tietoturvapalvelu\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Tietoturvapalvelu\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Tietoturvapalvelu\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\Tietoturvapalvelu\ORSP Client\fsorsp.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod-palvelu (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: NBService - Unknown owner - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 3 - Unknown owner - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe (file missing)
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe (file missing)
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - D:\Työkalut & Ohjelmat\VNC4\WinVNC4.exe
--
End of file - 15120 bytes
|
|
