AfterDawn.com Mainosta sivuillamme
User Käyttäjä Salasana  
  Puuttuuko tunnus? Liity jäseneksi nyt!.
Salasana hukassa? Klikkaa tästä. 		 
  Etusivu   Uutiset   Oppaat   Ohjelmat   Sanasto   Laitevertailu   Profiilit   Keskustelu  
 Yksityisviestit     Luo uusi yksityisviesti     Kaikki uudet viestit     Ilman vastauksia olevat viestiketjut     Hae viestejä
maanantai 17.11.2025 / 17:37
Hae keskustelualueilta:        In English   Suomeksi   På svenska
afterdawn.com > keskustelu > yleistä keskustelua tietokoneista > virukset ja haittaohjelmat - hijackthis -logit > lsass.exe yrittää päästä nettiin
Näytä aiheet
 
Keskustelualueet
Keskustelualueet
lsass.exe yrittää päästä nettiin
  Siirry:
 
Kirjoittaja Viesti
jungleBu
Newbie
_ 		1. huhtikuuta 2009 @ 12:33 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Elikkä zone alarm valittaa, että lsass.exe yrittää päästä nettiin ja ja koskaa ennen ei oo moista ilmoitusta tullut kun nyt useampaan otteeseen joten ajoin ComboFixin ja SDFixin ja hijacjthis tuossa järjestyksessä. Ja tässä olisi logi tiedostot. Apu olisi jees. Viirustorjuntana minulla on Avast. Zone alarmin mukaan tiedoston sijaitsee c:\WINDOWS\system32\lsass.exe

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:10:14, on 1.4.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AskBarDis\bar\bin\AskService.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Nuance\PDF Professional 5\PDFProFiltSrv.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\GIANT Company Software\GIANT AntiSpyware\gcasServ.exe
C:\Program Files\Saitek\Software\ProfilerU.exe
C:\Program Files\Saitek\Software\SaiMfd.exe
C:\Program Files\ALIRAID\ALiRaid.exe
C:\Program Files\GIANT Company Software\GIANT AntiSpyware\gcasDtServ.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Nuance\PDF Professional 5\pdfpro5hook.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\TerraTec\DMX 6fire\DMX6Fire.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\3Dconnexion\3Dconnexion 3DxSoftware\3DxWare\3dxsrv.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: ZeonIEEventHelper Class - {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} - C:\Program Files\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Nuance PDF - {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - C:\Program Files\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll
O3 - Toolbar: ZoneAlarm Spy Blocker Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\GIANT Company Software\GIANT AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [Profiler] C:\Program Files\Saitek\Software\ProfilerU.exe
O4 - HKLM\..\Run: [SaiMfd] C:\Program Files\Saitek\Software\SaiMfd.exe
O4 - HKLM\..\Run: [ALiRaid] C:\Program Files\ALIRAID\ALiRaid.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [PDFHook] C:\Program Files\Nuance\PDF Professional 5\pdfpro5hook.exe
O4 - HKLM\..\Run: [PDF5 Registry Controller] C:\Program Files\Nuance\PDF Professional 5\RegistryController.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Nuance PDF Professional 5-reminder] "C:\Program Files\Nuance\PDF Professional 5\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Application Data\Nuance\PDF Professional 5\Ereg\Ereg.ini"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: DMX 6fire 2496 ControlPanel.lnk = ?
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = J:\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Start 3DxWare.lnk = C:\Program Files\3Dconnexion\3Dconnexion 3DxSoftware\3DxWare\3dxsrv.exe
O8 - Extra context menu item: Append the content of the link to existing PDF file - res://C:\Program Files\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
O8 - Extra context menu item: Append the content of the selected links to existing PDF file - res://C:\Program Files\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIEAppendSelLinks.HTML
O8 - Extra context menu item: Append to existing PDF file - res://C:\Program Files\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
O8 - Extra context menu item: Create PDF file - res://C:\Program Files\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
O8 - Extra context menu item: Create PDF file from the content of the link - res://C:\Program Files\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
O8 - Extra context menu item: Create PDF files from the selected links - res://C:\Program Files\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIECaptureSelLinks.HTML
O8 - Extra context menu item: Open with Nuance PDF Converter 5.0 - res://C:\Program Files\Nuance\PDF Professional 5\cnvres_eng.dll /100
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://J:\MICROS~1\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupd...b?1233411605812
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupd...b?1233411592562
O23 - Service: ABBYY FineReader 9.0 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
O23 - Service: ASKService - Unknown owner - C:\Program Files\AskBarDis\bar\bin\AskService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: FileZilla Server FTP server (FileZilla Server) - FileZilla Project - C:\Program Files\FileZilla Server\FileZilla Server.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate1c98c639d6309ef) (gupdate1c98c639d6309ef) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
O23 - Service: mental ray 3.6 Satellite for Autodesk 3ds Max 2009 32-bit 32-bit (mi-raysat_3dsMax2009_32) - Unknown owner - J:\Piirto\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PDFProFiltSrv - Nuance Communications, Inc. - C:\Program Files\Nuance\PDF Professional 5\PDFProFiltSrv.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Professional 2005\RpcDataSrv.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 12019 bytes

ComboFix 09-03-31.02 - joo 2009-04-01 11:08:39.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1023.519 [GMT 3:00]
Sijainti: c:\documents and settings\joo\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1335 [VPS 090331-0] *On-access scanning disabled* (Updated)
FW: ZoneAlarm Firewall *enabled*
* Uusi palautuspiste luotu

VAROITUS - PALAUTUSKONSOLIA EI OLE ASENNETTU !!
.

(((((((((((((((((((((((((((((((((((((( Muut poistot ))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\joo\Local Settings\Temporary Internet Files\ijjistarter_verinfo.dat

.
((((( Tiedostot, jotka on luotu seuraavalla aikavälillä: 2009-03-01 to 2009-04-01 )))))))))))))))))
.

2009-03-29 11:35 . 2009-03-29 11:35 <DIR> d-------- c:\documents and settings\All Users\Application Data\ALM
2009-03-29 11:27 . 2009-03-29 11:28 <DIR> d-------- c:\program files\QuickTime
2009-03-28 21:15 . 2009-03-28 21:40 <DIR> d-------- c:\documents and settings\joo\Application Data\vlc
2009-03-28 21:12 . 2009-03-28 21:12 <DIR> d-------- c:\program files\VideoLAN
2009-03-26 16:31 . 2009-03-26 16:31 <DIR> d-------- c:\program files\AskBarDis
2009-03-26 16:18 . 2009-03-26 16:18 <DIR> d-------- c:\documents and settings\joo\Application Data\3Dconnexion
2009-03-26 16:16 . 2009-03-26 16:16 <DIR> d-------- c:\program files\3Dconnexion
2009-03-23 18:43 . 2009-03-23 18:43 <DIR> d-------- c:\documents and settings\joo\Application Data\SPORE
2009-03-23 18:41 . 2009-03-23 18:41 <DIR> d-------- c:\program files\Electronic Arts
2009-03-15 21:25 . 2009-03-15 21:25 <DIR> d-------- c:\documents and settings\joo\Library
2009-03-15 21:25 . 2009-03-15 21:25 <DIR> d-------- c:\documents and settings\joo\Application Data\com.adobe.ExMan
2009-03-15 19:20 . 2009-03-15 19:20 42,592 --ah----- c:\windows\system32\mlfcache.dat
2009-03-15 19:19 . 2009-03-15 19:19 <DIR> d-------- c:\program files\Safari
2009-03-15 19:18 . 2009-03-15 19:18 <DIR> d-------- c:\documents and settings\All Users\Application Data\Apple
2009-03-15 11:33 . 2009-03-15 11:33 <DIR> d-------- c:\windows\system32\Futuremark
2009-03-15 11:33 . 2009-03-15 11:33 <DIR> d-------- c:\program files\Common Files\Futuremark Shared
2009-03-15 11:33 . 2008-09-17 16:14 27,672 -ra------ c:\windows\system32\drivers\Entech.sys
2009-03-13 14:53 . 2009-03-13 14:53 <DIR> d-------- c:\documents and settings\joo\Application Data\ABBYY
2009-03-13 14:38 . 2009-03-13 14:38 <DIR> d-------- c:\program files\Common Files\ABBYY
2009-03-13 14:38 . 2009-03-13 14:41 <DIR> d-------- c:\program files\ABBYY FineReader 9.0
2009-03-13 14:38 . 2009-03-13 15:30 <DIR> d-------- c:\documents and settings\All Users\Application Data\ABBYY

.
(((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-01 08:00 --------- d-----w c:\documents and settings\joo\Application Data\uTorrent
2009-04-01 06:20 --------- d-----w c:\documents and settings\All Users\Application Data\Google Updater
2009-03-31 04:48 5,274,529 ----a-w c:\windows\Internet Logs\tvDebug.Zip
2009-03-29 08:35 --------- d-----w c:\program files\Common Files\Adobe
2009-03-28 18:40 --------- d-----w c:\documents and settings\joo\Application Data\vlc
2009-03-26 13:16 --------- d--h--w c:\program files\InstallShield Installation Information
2009-03-23 12:14 --------- d-----w c:\program files\Common Files\Logitech
2009-03-19 11:18 --------- d-----w c:\program files\Google
2009-03-15 17:58 --------- d-----w c:\documents and settings\All Users\Application Data\FLEXnet
2009-03-15 16:20 --------- d-----w c:\documents and settings\joo\Application Data\Apple Computer
2009-03-15 16:18 --------- d-----w c:\program files\Apple Software Update
2009-02-24 13:07 --------- d-----w c:\program files\mp3DirectCut
2009-02-20 12:58 --------- d-----w c:\program files\foobar2000
2009-02-15 22:10 1,221,512 ----a-w c:\windows\system32\zpeng25.dll
2009-02-04 10:52 61,640 ----a-w c:\documents and settings\joo\Application Data\GDIPFONTCACHEV1.DAT
2009-02-04 09:53 --------- d-----w c:\documents and settings\joo\Application Data\ScanSoft
2009-02-04 09:52 --------- d-----w c:\documents and settings\All Users\Application Data\ScanSoft
2009-02-04 09:51 --------- d-----w c:\documents and settings\joo\Application Data\Zeon
2009-02-04 09:50 --------- d-----w c:\windows\system32\config\systemprofile\Application Data\Zeon
2009-02-04 09:50 --------- d-----w c:\program files\Common Files\ScanSoft Shared
2009-02-04 09:50 --------- d-----w c:\program files\Common Files\InstallShield
2009-02-04 09:50 --------- d-----w c:\documents and settings\All Users\Application Data\Nuance
2009-02-04 09:50 --------- d-----w c:\documents and settings\All Users\Application Data\InstallShield
2009-02-04 09:49 --------- d-----w c:\program files\Nuance
2009-02-04 09:49 --------- d-----w c:\documents and settings\All Users\Application Data\Zeon
2009-02-04 07:53 --------- d-----w c:\program files\gs
2009-02-04 07:52 --------- d-----w c:\program files\Ghostgum
2009-02-01 14:43 --------- d-----w c:\documents and settings\All Users\Application Data\MailFrontier
2009-02-01 14:42 --------- d-----w c:\program files\Zone Labs
2009-02-01 14:41 --------- d-----w c:\program files\Alwil Software
2009-02-01 14:38 --------- d-----w c:\program files\F-Secure
2009-02-01 14:35 --------- d-----w c:\documents and settings\All Users\Application Data\F-Secure
2006-12-29 22:22 66,936 --sha-w c:\windows\dlinfo_0.drv
2008-10-30 10:12 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012008103020081031\index.dat
.

(((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-10-16 19:22 333192 --a------ c:\program files\AskBarDis\bar\bin\askBar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-10-16 333192]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTSyncU.exe"="c:\program files\Creative\Sync Manager Unicode\CTSyncU.exe" [2006-08-07 700416]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-04-01 486856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NVMixerTray"="c:\program files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" [2004-06-03 131072]
"gcasServ"="c:\program files\GIANT Company Software\GIANT AntiSpyware\gcasServ.exe" [2004-11-28 462848]
"DiskeeperSystray"="c:\program files\Diskeeper Corporation\Diskeeper\DkIcon.exe" [2005-11-22 221184]
"Profiler"="c:\program files\Saitek\Software\ProfilerU.exe" [2005-08-30 163840]
"SaiMfd"="c:\program files\Saitek\Software\SaiMfd.exe" [2005-09-09 126976]
"ALiRaid"="c:\program files\ALIRAID\ALiRaid.exe" [2004-01-09 401408]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-09-18 13574144]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-09-18 86016]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-06 81000]
"PDFHook"="c:\program files\Nuance\PDF Professional 5\pdfpro5hook.exe" [2008-03-15 1626112]
"PDF5 Registry Controller"="c:\program files\Nuance\PDF Professional 5\RegistryController.exe" [2008-02-02 58656]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2007-03-26 210472]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2005-02-16 221184]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-16 81920]
"Nuance PDF Professional 5-reminder"="c:\program files\Nuance\PDF Professional 5\Ereg\Ereg.exe" [2007-08-31 328992]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2009-02-16 981384]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 c:\windows\KHALMNPR.Exe]
"nwiz"="nwiz.exe" [2008-09-18 c:\windows\system32\nwiz.exe]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2007-12-23 113664]
DMX 6fire 2496 ControlPanel.lnk - c:\program files\TerraTec\DMX 6fire\DMX6Fire.exe [2007-10-24 335872]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2006-10-09 805392]
Microsoft Office.lnk - j:\microsoft office\Office10\OSA.EXE [2001-02-13 83360]
Start 3DxWare.lnk - c:\program files\3Dconnexion\3Dconnexion 3DxSoftware\3DxWare\3dxsrv.exe [2008-10-22 118272]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 304128]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2008-05-02 02:42 72208 c:\program files\Common Files\Logitech\Bluetooth\LBTWLgn.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.ffds"= c:\progra~1\COMBIN~1\Filters\FFDShow\ff_vfw.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Ohjelmat\\utorrent\\utorrent.exe"=
"c:\\Program Files\\mIRC\\mirc.exe"=
"c:\\evolutionv3\\mirc.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"f:\\Pelit\\Neverwinter Nights 2\\nwn2main.exe"=
"f:\\Pelit\\Neverwinter Nights 2\\nwn2main_amdxp.exe"=
"f:\\Pelit\\Neverwinter Nights 2\\nwupdate.exe"=
"f:\\Pelit\\Neverwinter Nights 2\\nwn2server.exe"=
"c:\\Program Files\\SiSoftware\\SiSoftware Sandra Professional 2005\\sandra.exe"=
"c:\\Program Files\\SiSoftware\\SiSoftware Sandra Professional 2005\\RpcSandraSrv.exe"=
"c:\\Program Files\\SiSoftware\\SiSoftware Sandra Professional 2005\\RpcDataSrv.exe"=
"c:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe"=
"l:\\Pelit\\Battlefield 2\\BF2.exe"=
"l:\\Pelit\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\XR_3DA.exe"=
"l:\\Pelit\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\dedicated\\XR_3DA.exe"=
"c:\\Program Files\\Hamachi\\hamachi.exe"=
"l:\\Pelit\\Nexus - The Jupiter Incident\\nexus_dx9.exe"=
"l:\\Pelit\\Serious Sam\\Bin\\SeriousSam.exe"=
"l:\\Pelit\\MX vs ATV Unleashed\\MXvsATV.exe"=
"l:\\Pelit\\Sins of a Solar Empire\\Sins of a Solar Empire.exe"=
"l:\\Pelit\\Tom Clancy's Rainbow Six Vegas\\Binaries\\R6Vegas_Game.exe"=
"l:\\Pelit\\Tom Clancy's Rainbow Six Vegas\\Binaries\\R6Vegas_Launcher.exe"=
"l:\\Pelit\\World in Conflict\\wic.exe"=
"l:\\Pelit\\World in Conflict\\wic_online.exe"=
"l:\\Pelit\\World in Conflict\\wic_ds.exe"=
"l:\\Pelit\\FEARCombat\\FEARMP.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Autodesk\\Backburner\\monitor.exe"=
"c:\\Program Files\\Autodesk\\Backburner\\manager.exe"=
"c:\\Program Files\\Autodesk\\Backburner\\server.exe"=
"j:\\Piirto\\3ds Max 2009\\3dsmax.exe"=
"l:\\Pelit\\Battlefield 2142\\BF2142.exe"=
"l:\\Pelit\\Space Siege\\Space Siege\\SpaceSiege.exe"=
"l:\\Pelit\\Space Siege\\GPGNet\\GPG.Multiplayer.Client.exe"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4

R0 m5228;m5228;c:\windows\system32\drivers\m5228.sys [2007-01-22 44925]
R0 m5281;m5281;c:\windows\system32\drivers\m5281.sys [2007-01-22 49357]
R0 SI3112r;Silicon Image SiI 3112 SATARaid Controller;c:\windows\system32\drivers\SI3112r.sys [2006-01-12 116264]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-02-01 114768]
R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service;c:\program files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [2007-12-06 660768]
R2 ASKService;ASKService;c:\program files\AskBarDis\bar\bin\AskService.exe [2009-03-26 464264]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-02-01 20560]
R2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepKE.sys [2006-10-09 3712]
R2 PDFProFiltSrv;PDFProFiltSrv;c:\program files\Nuance\PDF Professional 5\PDFProFiltSrv.exe [2008-02-02 144672]
R3 dmxfire;DMX6fire WDM Audio;c:\windows\system32\drivers\dmx6fire.sys [2003-03-24 148724]
R3 dmxsens;dmxsens;c:\windows\system32\drivers\dmxsens.sys [2003-07-22 403968]
S2 gupdate1c98c639d6309ef;Google Update Service (gupdate1c98c639d6309ef);c:\program files\Google\Update\GoogleUpdate.exe [2009-02-11 133104]
S2 mi-raysat_3dsMax2009_32;mental ray 3.6 Satellite for Autodesk 3ds Max 2009 32-bit 32-bit;j:\piirto\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe [2008-03-10 65536]
S3 bfturboh;BUFFALO TurboUSB for HD Filter;c:\windows\system32\drivers\bfturboh.sys [2008-06-26 15872]
S3 cpuz130;cpuz130;\??\c:\docume~1\joo\LOCALS~1\Temp\cpuz130\cpuz_x32.sys --> c:\docume~1\joo\LOCALS~1\Temp\cpuz130\cpuz_x32.sys [?]
S3 SaiH80C0;SaiH80C0;c:\windows\system32\drivers\SaiH80C0.sys [2006-10-25 176384]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c1526e3d-36a6-11db-8658-806d6172696f}]
\Shell\AutoRun\command - G:\autorun.exe
.
'Ajoitetut tehtävät'-kansion sisältö

2009-04-01 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-25 22:26]

2009-04-01 c:\windows\Tasks\GoogleUpdateTaskMachine.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-11 19:12]
.
- - - - POISTETUT JÄMÄRIVIT - - - -

HKU-Default-RunOnce-3DxAssociateFileExts - c:\program files\3Dconnexion\3Dconnexion 3DxSoftware\3DxViewer\register.exe


.
------- Täydentävä tarkistus -------
.
uInternet Settings,ProxyOverride = localhost
IE: Append the content of the link to existing PDF file - c:\program files\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
IE: Append the content of the selected links to existing PDF file - c:\program files\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIEAppendSelLinks.HTML
IE: Append to existing PDF file - c:\program files\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
IE: Create PDF file - c:\program files\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
IE: Create PDF file from the content of the link - c:\program files\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
IE: Create PDF files from the selected links - c:\program files\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIECaptureSelLinks.HTML
IE: Open with Nuance PDF Converter 5.0 - c:\program files\Nuance\PDF Professional 5\cnvres_eng.dll /100
IE: Vie Microsoft E&xceliin - j:\micros~1\Office10\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\joo\Application Data\Mozilla\Firefox\Profiles\nvfft9my.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: network.proxy.http - localhost
FF - prefs.js: network.proxy.http_port - 12080
FF - prefs.js: network.proxy.type - 1
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Google\Update\1.2.141.5\npGoogleOneClick7.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npmozax.dll
.

**************************************************************************

catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-01 11:11:18
Windows 5.1.2600 Service Pack 3 NTFS

tarkistaa piilotettuja prosesseja ...

tarkistaa piilotettuja käynnistysarvoja ...

tarkistaa piilotettuja tiedostoja ...

tarkistus on valmis
piilotetut tiedostot: 0

**************************************************************************
.
--------------------- LUKITUT REKISTERIAVAIMET ---------------------

[HKEY_USERS\S-1-5-21-1177238915-725345543-986591610-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:01,43,c9,28,23,5b,f5,63,0b,aa,ad,36,2e,18,1d,34,2d,1e,ab,ac,d2,29,ca,
b7,f4,b7,2e,7f,36,5c,45,52,f7,90,9d,fc,91,cf,83,08,d3,05,3a,f8,76,dc,49,d5,\
"??"=hex:85,fe,9a,1e,38,ed,f6,d0,0f,e0,f2,9d,ab,46,52,04

[HKEY_USERS\S-1-5-21-1177238915-725345543-986591610-1003\Software\SecuROM\License information*]
"datasecu"=hex:55,43,d3,05,51,28,6b,af,fc,69,68,45,80,a5,2a,88,9f,02,ff,64,c0,
89,77,0a,cf,5a,71,c7,50,11,15,d8,13,27,97,92,ed,2c,0e,08,b9,6a,d7,4c,de,bf,\
"rkeysecu"=hex:09,6a,a8,3b,4d,a4,2b,5c,29,95,07,fd,e8,b0,f3,c6
.
--------------------- Prosesseihin ladatut DLLt ---------------------

- - - - - - - > 'winlogon.exe'(732)
c:\program files\common files\logitech\bluetooth\LBTWlgn.dll
c:\program files\common files\logitech\bluetooth\LBTServ.dll
.
Valmistumisajankohta: 2009-04-01 11:13:17
ComboFix-quarantined-files.txt 2009-04-01 08:12:57

Ennen ajoa: 2 556 862 464 bytes free
Ajon jälkeen: 2,871,488,512 bytes free

248



SDFix: Version 1.240
Run by joo on ke 01.04.2009 at 11:42

Microsoft Windows XP [Version 5.1.2600]
Running From: C:\Documents and Settings\joo\Desktop\SDFix

Checking Services :


Restoring Default Security Values
Restoring Default Hosts File

Rebooting


Checking Files :

No Trojan Files Found






Removing Temp Files

ADS Check :



Final Check :

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-01 11:54:53
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:137e5fc5
"s2"=dword:3b1ce52a
"h0"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:18,dd,28,f5,28,36,0e,76,f0,3a,bd,6e,db,57,5c,a4,f7,73,d4,27,38,..
"p0"="C:\Program Files\DAEMON Tools Lite\"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"khjeh"=hex:c0,2f,2b,9a,bd,d4,46,a1,0a,3f,b7,53,1e,67,aa,c1,38,d3,01,bc,72,..
"a0"=hex:20,01,00,00,74,c2,99,82,34,b7,50,39,dc,12,ca,b3,88,a3,8c,97,1a,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:c9,53,e6,e5,76,d8,03,63,33,0a,bf,d9,00,39,78,8d,55,05,e0,ae,ac,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:fd,63,91,f9,ba,6d,bf,a3,8a,e9,fc,a2,eb,1b,7f,4d,bc,89,52,8e,ac,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:18,dd,28,f5,28,36,0e,76,f0,3a,bd,6e,db,57,5c,a4,f7,73,d4,27,38,..
"p0"="C:\Program Files\DAEMON Tools Lite\"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"khjeh"=hex:c0,2f,2b,9a,bd,d4,46,a1,0a,3f,b7,53,1e,67,aa,c1,38,d3,01,bc,72,..
"a0"=hex:20,01,00,00,74,c2,99,82,34,b7,50,39,dc,12,ca,b3,88,a3,8c,97,1a,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:97,ba,96,87,ac,14,08,7d,7e,a7,89,0d,94,b0,06,01,76,9e,1f,16,11,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:e9,93,e8,40,51,59,11,17,a8,5f,ac,ae,19,43,00,0b,9e,06,54,6f,f7,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:18,dd,28,f5,28,36,0e,76,f0,3a,bd,6e,db,57,5c,a4,f7,73,d4,27,38,..
"p0"="C:\Program Files\DAEMON Tools Lite\"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"khjeh"=hex:c0,2f,2b,9a,bd,d4,46,a1,0a,3f,b7,53,1e,67,aa,c1,38,d3,01,bc,72,..
"a0"=hex:20,01,00,00,74,c2,99,82,34,b7,50,39,dc,12,ca,b3,88,a3,8c,97,1a,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:c9,53,e6,e5,76,d8,03,63,33,0a,bf,d9,00,39,78,8d,55,05,e0,ae,ac,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:fd,63,91,f9,ba,6d,bf,a3,8a,e9,fc,a2,eb,1b,7f,4d,bc,89,52,8e,ac,..

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


Remaining Services :




Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Ohjelmat\\utorrent\\utorrent.exe"="C:\\Ohjelmat\\utorrent\\utorrent.exe:*:Enabled:µTorrent"
"C:\\Program Files\\mIRC\\mirc.exe"="C:\\Program Files\\mIRC\\mirc.exe:*:Enabled:mIRC"
"C:\\evolutionv3\\mirc.exe"="C:\\evolutionv3\\mirc.exe:*:Enabled:mIRC"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"F:\\Pelit\\Neverwinter Nights 2\\nwn2main.exe"="F:\\Pelit\\Neverwinter Nights 2\\nwn2main.exe:*:Enabled:Neverwinter Nights 2 Main"
"F:\\Pelit\\Neverwinter Nights 2\\nwn2main_amdxp.exe"="F:\\Pelit\\Neverwinter Nights 2\\nwn2main_amdxp.exe:*:Enabled:Neverwinter Nights 2 AMD"
"F:\\Pelit\\Neverwinter Nights 2\\nwupdate.exe"="F:\\Pelit\\Neverwinter Nights 2\\nwupdate.exe:*:Enabled:Neverwinter Nights 2 Updater"
"F:\\Pelit\\Neverwinter Nights 2\\nwn2server.exe"="F:\\Pelit\\Neverwinter Nights 2\\nwn2server.exe:*:Enabled:Neverwinter Nights 2 Server"
"C:\\Program Files\\SiSoftware\\SiSoftware Sandra Professional 2005\\sandra.exe"="C:\\Program Files\\SiSoftware\\SiSoftware Sandra Professional 2005\\sandra.exe:*:Enabled:SiSoftware Sandra Professional"
"C:\\Program Files\\SiSoftware\\SiSoftware Sandra Professional 2005\\RpcSandraSrv.exe"="C:\\Program Files\\SiSoftware\\SiSoftware Sandra Professional 2005\\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Professional"
"C:\\Program Files\\SiSoftware\\SiSoftware Sandra Professional 2005\\RpcDataSrv.exe"="C:\\Program Files\\SiSoftware\\SiSoftware Sandra Professional 2005\\RpcDataSrv.exe:*:Enabled:SiSoftware Sandra Professional"
"C:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe"="C:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe:*:Enabled:Nero Home"
"L:\\Pelit\\Battlefield 2\\BF2.exe"="L:\\Pelit\\Battlefield 2\\BF2.exe:*:Enabled:Battlefield 2"
"L:\\Pelit\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\XR_3DA.exe"="L:\\Pelit\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI)"
"L:\\Pelit\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\dedicated\\XR_3DA.exe"="L:\\Pelit\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\dedicated\\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV)"
"C:\\Program Files\\Hamachi\\hamachi.exe"="C:\\Program Files\\Hamachi\\hamachi.exe:*:Enabled:Hamachi Client"
"L:\\Pelit\\Nexus - The Jupiter Incident\\nexus_dx9.exe"="L:\\Pelit\\Nexus - The Jupiter Incident\\nexus_dx9.exe:*:Enabled:Nexus"
"L:\\Pelit\\Serious Sam\\Bin\\SeriousSam.exe"="L:\\Pelit\\Serious Sam\\Bin\\SeriousSam.exe:*:Enabled:SeriousSam"
"L:\\Pelit\\MX vs ATV Unleashed\\MXvsATV.exe"="L:\\Pelit\\MX vs ATV Unleashed\\MXvsATV.exe:*:Enabled:MXvsATV"
"L:\\Pelit\\Sins of a Solar Empire\\Sins of a Solar Empire.exe"="L:\\Pelit\\Sins of a Solar Empire\\Sins of a Solar Empire.exe:*:Enabled:Sins of a Solar Empire"
"L:\\Pelit\\Tom Clancy's Rainbow Six Vegas\\Binaries\\R6Vegas_Game.exe"="L:\\Pelit\\Tom Clancy's Rainbow Six Vegas\\Binaries\\R6Vegas_Game.exe:*:Enabled:Rainbow Six Vegas"
"L:\\Pelit\\Tom Clancy's Rainbow Six Vegas\\Binaries\\R6Vegas_Launcher.exe"="L:\\Pelit\\Tom Clancy's Rainbow Six Vegas\\Binaries\\R6Vegas_Launcher.exe:*:Enabled:Rainbow Six Vegas Updater"
"L:\\Pelit\\World in Conflict\\wic.exe"="L:\\Pelit\\World in Conflict\\wic.exe:*:Enabled:World in Conflict"
"L:\\Pelit\\World in Conflict\\wic_online.exe"="L:\\Pelit\\World in Conflict\\wic_online.exe:*:Enabled:World in Conflict - Online Only"
"L:\\Pelit\\World in Conflict\\wic_ds.exe"="L:\\Pelit\\World in Conflict\\wic_ds.exe:*:Enabled:World in Conflict - Dedicated Server"
"L:\\Pelit\\FEARCombat\\FEARMP.exe"="L:\\Pelit\\FEARCombat\\FEARMP.exe:*:Enabled:FEAR Combat"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Autodesk\\Backburner\\monitor.exe"="C:\\Program Files\\Autodesk\\Backburner\\monitor.exe:*:Enabled:backburner 2.3 monitor"
"C:\\Program Files\\Autodesk\\Backburner\\manager.exe"="C:\\Program Files\\Autodesk\\Backburner\\manager.exe:*:Enabled:backburner 2.3 manager"
"C:\\Program Files\\Autodesk\\Backburner\\server.exe"="C:\\Program Files\\Autodesk\\Backburner\\server.exe:*:Enabled:backburner 2.3 server"
"J:\\Piirto\\3ds Max 2009\\3dsmax.exe"="J:\\Piirto\\3ds Max 2009\\3dsmax.exe:*:Enabled:Autodesk 3ds Max 2009 32-bit"
"L:\\Pelit\\Battlefield 2142\\BF2142.exe"="L:\\Pelit\\Battlefield 2142\\BF2142.exe:*:Enabled:Battlefield 2"
"L:\\Pelit\\Space Siege\\Space Siege\\SpaceSiege.exe"="L:\\Pelit\\Space Siege\\Space Siege\\SpaceSiege.exe:*:Enabled:Space Siege"
"L:\\Pelit\\Space Siege\\GPGNet\\GPG.Multiplayer.Client.exe"="L:\\Pelit\\Space Siege\\GPGNet\\GPG.Multiplayer.Client.exe:*:Enabled:GPGNet"
"C:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"="C:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\SiSoftware\\SiSoftware Sandra Professional 2005\\sandra.exe"="C:\\Program Files\\SiSoftware\\SiSoftware Sandra Professional 2005\\sandra.exe:*:Enabled:SiSoftware Sandra Professional"
"C:\\Program Files\\SiSoftware\\SiSoftware Sandra Professional 2005\\RpcSandraSrv.exe"="C:\\Program Files\\SiSoftware\\SiSoftware Sandra Professional 2005\\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Professional"
"C:\\Program Files\\SiSoftware\\SiSoftware Sandra Professional 2005\\RpcDataSrv.exe"="C:\\Program Files\\SiSoftware\\SiSoftware Sandra Professional 2005\\RpcDataSrv.exe:*:Enabled:SiSoftware Sandra Professional"
"L:\\Pelit\\Exteel\\System\\Exteel.exe"="L:\\Pelit\\Exteel\\System\\Exteel.exe:*:Enabled:Exteel"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

Remaining Files :



Files with Hidden Attributes :

Fri 9 Mar 2007 4,348 ..SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Mon 10 Apr 2006 1,061 A..H. --- "C:\Program Files\Outlook Express\fqT6QtG7eXq\csfbK8pbRZYO37H.tmp"
Sun 11 Mar 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Sun 11 Feb 2007 940 A..H. --- "C:\Documents and Settings\joo\Application Data\PACE Anti-Piracy\5AKMpjZL\vNl1VlE7qFXX8pE.tmp"
Mon 23 Mar 2009 1,301 ...HR --- "C:\Documents and Settings\joo\Application Data\SecuROM\UserData\securom_v7_01.bak"
Wed 4 Oct 2006 3,072,000 A..H. --- "C:\Documents and Settings\joo\Application Data\U3\temp\Launchpad Removal.exe"

Finished!
[ + lainaa]
jungleBu
Newbie
_ 		1. huhtikuuta 2009 @ 15:35 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
On myös tälläinen ongelma, että välillä netti yhteys ei toimi, eli nettiliikenne ei kuje vaikka yhteys ei valitakkaan mitää vikaa, eli ei pääse internet sivuille eikä p2p liikenne toimi mutta yhteys näyttää olevansa kunnossa. Pääsin nettiin taas irrottamalla nettipiuhan ja laittamalla sen takaisin kiinni ja ajamalla repairin. Mikähän mahtaisi aiheuttaa tälläistä. Myös tätäkään ei ole tapahtunu ennemmin, kuin tässä parin päivän aikana.
[ + lainaa]
afterdawn.com > keskustelu > yleistä keskustelua tietokoneista > virukset ja haittaohjelmat - hijackthis -logit > lsass.exe yrittää päästä nettiin
 

Apua ongelmiin: AfterDawnin keskustelualueet | AfterDawnin Vastaukset
Uutiset: IT-alan uutiset | Uutisia puhelimista
Musiikkia: MP3Lizard.com
Tuotearviot: Laitevertailu | Vertaa puhelimia | Vertaa kännykkäliittymiä
Pelit: Pelitiedostot, pelidemot ja trailerit
Ohjelmat: download.fi | AfterDawnin ohjelma-alueet
International: AfterDawn in English | Software downloads | Free, legal MP3s | AfterDawn på svenska
RSS -syötteet: AfterDawnin uutiset | Uusimmat ohjelmapäivitykset | Keskustelualueiden viestit
Tietoja: Tietoa AfterDawn Oy:stä | Mainosta sivuillamme | Sivuston käyttöehdot ja tietoja yksityisyydensuojasta
Ota yhteyttä: Lähetä palautetta | Ota yhteyttä mainosmyyntiimme
 
  © 1999-2025 AfterDawn Oy