| afterdawn.com > keskustelu > yleistä keskustelua tietokoneista > virukset ja haittaohjelmat - hijackthis -logit > netti ihan jumissa |
|
|
|
Keskustelualueet
Keskustelualueet
|
|
|
Netti ihan jumissa
|
|
Junior Member
|
27. joulukuuta 2008 @ 16:34 |
Linkki tähän viestiin
|
Tässä vieläensimmäsen koneen SDFix loki:
SDFix: Version 1.240
Run by J?rjestelm?nvalvoja on la 27.12.2008 at 16:09
Microsoft Windows XP [versio 5.1.2600]
Running From: C:\Documents and Settings\Mika Pesonen\Ty?p?yt?\SDFix\SDFix
Checking Services :
Restoring Default Security Values
Restoring Default Hosts File
Rebooting
Checking Files :
No Trojan Files Found
Removing Temp Files
ADS Check :
Final Check :
catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-27 16:20:46
Windows 5.1.2600 Service Pack 3 FAT NTAPI
scanning hidden processes ...
IPC error: 2 Määritettyä tiedostoa ei löydy.
scanning hidden services ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
Remaining Services :
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Disabled:Firefox"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Elisa Tietoturvapalvelu\\backweb\\4119343\\Program\\fspex.exe"="C:\\Program Files\\Elisa Tietoturvapalvelu\\backweb\\4119343\\Program\\fspex.exe:*:Enabled:Elisa Tietoturvapalvelu"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
Remaining Files :
Files with Hidden Attributes :
Sat 28 Feb 2004 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Sat 28 Feb 2004 401 ..SH. --- "C:\Documents and Settings\All Users\DRM\DRMv11.bak"
Fri 24 Sep 2004 48 ..SH. --- "C:\Documents and Settings\All Users\DRM\v2ks.sec.bak"
Fri 24 Sep 2004 400 ..SH. --- "C:\Documents and Settings\All Users\DRM\v2ks.bla.bak"
Fri 24 Sep 2004 400 A.SH. --- "C:\Documents and Settings\All Users\DRM\v3ks.bla.bak"
Fri 19 Aug 2005 135,168 ...HR --- "C:\Program Files\Microsoft Works Suite 2006\Setup\EULARegn.dll"
Fri 22 Apr 2005 95,232 ...HR --- "C:\Program Files\Microsoft Works Suite 2006\Setup\RmvSuite.exe"
Thu 6 Oct 2005 1,847,296 ...HR --- "C:\Program Files\Microsoft Works Suite 2006\Setup\launcher.exe"
Fri 5 Nov 2004 53,760 ...HR --- "C:\Program Files\Microsoft Works Suite 2006\Setup\mnyinsta.dll"
Thu 20 Oct 2005 36,864 ...HR --- "C:\Program Files\Microsoft Works Suite 2006\Setup\setuplng.dll"
Wed 25 May 2005 20,480 ...HR --- "C:\Program Files\Microsoft Works Suite 2006\Setup\unregwtr.exe"
Wed 28 Sep 2005 13,824 ...HR --- "C:\Program Files\Microsoft Works Suite 2006\Setup\wkernlng.dll"
Mon 27 Nov 2006 266 A..H. --- "C:\Program Files\InterActual\InterActual Player\iti229.tmp"
Thu 6 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\f7db876e78b88fd8276fd7d29cb7e4eb\BITA.tmp"
Sun 16 Nov 2008 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Finished!
|
|
| afterdawn.com > keskustelu > yleistä keskustelua tietokoneista > virukset ja haittaohjelmat - hijackthis -logit > netti ihan jumissa |
