|
|
|
Keskustelualueet
Keskustelualueet
|
|
|
Troijalainen poistettu AntiVirillä mutta kone edelleen sekaisin.
|
|
|
malloc
Newbie
|
12. joulukuuta 2008 @ 22:02 |
Linkki tähän viestiin
|
Joo elikkä olen ajanut Advanced WindowsCear, Spybot - Search & Destroy , AntiVir scan , SD fix ja Malvarebytes - Anti-Malvaren mutta kone edelleen on hidas ja tökkii. Troijalainen löytyi AntiVirillä ja poistin sen..
Tässä nyt kuitenkin hjt:n tulokset
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:10:56, on 12.12.2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\SMINST\scheduler.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\PDF Complete\pdfsty.exe
C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\COMODO\SafeSurf\cssurf.exe
C:\Program Files\COMODO\Firewall\cfp.exe
C:\Windows\System32\wpcumi.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Windows\system32\conime.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comodo.com/search/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3...d=smb&pf=laptop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3...d=smb&pf=laptop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
O1 - Hosts: ::1 localhost
O2 - BHO: Ask Search Assistant BHO - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [PDF Complete] "C:\Program Files\PDF Complete\pdfsty.exe"
O4 - HKLM\..\Run: [PTHOSTTR] C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [COMODO SafeSurf] "C:\Program Files\COMODO\SafeSurf\cssurf.exe" -s
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [WPCUMI] C:\Windows\system32\WpcUmi.exe
O4 - HKLM\..\RunOnce: [ST Recovery Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\resource\steam.exe" -silent
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Verkkopalvelu')
O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: V&ie Microsoft Exceliin - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O13 - Gopher Prefix:
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab3.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Mes...nt.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O20 - AppInit_DLLs: C:\Windows\system32\guard32.dll C:\Windows\system32\cssdll32.dll
O20 - Winlogon Notify: DeviceNP - C:\Windows\SYSTEM32\DeviceNP.dll
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\Windows\system32\AEADISRV.EXE
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Automaattinen LiveUpdate-ajastustoiminto - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Ltd - C:\Windows\system32\flcdlock.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
--
End of file - 12186 bytes
Toivottavasti joku osaa auttaa.
|
|
Hujo
Suspended permanently
|
12. joulukuuta 2008 @ 22:49 |
Linkki tähän viestiin
|
nortoni ja antivir koneella Antiviriä meinaat siis käyttää
=========================
Luo poistolista:
? Avaa HiJackThis
? Klikkaa "Configure" valintaa oikealla alhaalla
? Klikkaa "Misc Tools"
? Klikkaa boxia joka sanoo "Uninstall Manager"
? Klikkaa valintaa "Save list"
? Kopioi ja liitä kyseinen lista muistiosta ketjuusi
Voiko tietsikka koskaan toimia?
|
|
malloc
Newbie
|
12. joulukuuta 2008 @ 23:02 |
Linkki tähän viestiin
|
Tässä tämä lista.
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
7-Zip 4.57
Activation Assistant for the 2007 Microsoft Office suites
Adobe Acrobat 5.0
Adobe Flash Player 9 ActiveX
Adobe Flash Player Plugin
Adobe Shockwave Player 11
Advanced WindowsCare Personal
Agere Systems HDA Modem
AppCore
Apple Software Update
Application Installer 4.00.B14
Automaattiset valikot (Windows Live Toolbar)
AV
Avira AntiVir Personal - Free Antivirus
BIOS Configuration for HP ProtectTools
Broadcom 802.11 Wireless LAN Adapter
ccCommon
COMODO SafeSurf
Condition Zero
Condition Zero Deleted Scenes
Counter-Strike(TM)
Day of Defeat
Device Access Manager for HP ProtectTools
ESU for Microsoft Vista
|
|
Hujo
Suspended permanently
|
12. joulukuuta 2008 @ 23:15 |
Linkki tähän viestiin
|
Onkos tuossa koko poistolista näyttää aika pieneltä
Poista lisää poista sovelutuksesta
Java(TM) SE Runtime Environment 6 Update 1
Norton AntiVirus
Norton Confidential Browser Component
Norton Confidential Web Protection Component
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security (Symantec Corporation)
Norton Protection Center
Spybot - Search & Destroy
Poista kansio vikasiedossa
C:\Program Files\Symantec
C:\Program Files\Common Files\Symantec Shared
============================
Lataa ja suorita Norton-poistotyökalu
========================
scannaa hjt:llä merkkaa paina Fix checked
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [COMODO SafeSurf] "C:\Program Files\COMODO\SafeSurf\cssurf.exe" -s
=====================
1.Lataa Combofix.exe työpöydällesi yhdestä linkistä:
Combofix1
Combofix2
2. Tuplaklikkaa Combofix.exe tiedostoa ja seuraa ohjeistuksia.
3. Kun työkalu on valmis, se tuottaa lokin. Lähetä tämä loki viesti ketjuusi.
Huom! Älä klikkaile combofixin ikkunaa käytön aikana. Tämä saattaa aiheuttaa ohjelman jumiutumisen.
Voiko tietsikka koskaan toimia?
Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 12. joulukuuta 2008 @ 23:34
|
|
malloc
Newbie
|
12. joulukuuta 2008 @ 23:19 |
Linkki tähän viestiin
|
Sori, mun moka. No tossa koko lista nyt sitten .
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
7-Zip 4.57
Activation Assistant for the 2007 Microsoft Office suites
Adobe Acrobat 5.0
Adobe Flash Player 9 ActiveX
Adobe Flash Player Plugin
Adobe Shockwave Player 11
Advanced WindowsCare Personal
Agere Systems HDA Modem
AppCore
Apple Software Update
Application Installer 4.00.B14
Automaattiset valikot (Windows Live Toolbar)
AV
Avira AntiVir Personal - Free Antivirus
BIOS Configuration for HP ProtectTools
Broadcom 802.11 Wireless LAN Adapter
ccCommon
COMODO SafeSurf
Condition Zero
Condition Zero Deleted Scenes
Counter-Strike(TM)
Day of Defeat
Device Access Manager for HP ProtectTools
ESU for Microsoft Vista
GDR 3068 for SQL Server Database Services 2005 ENU (KB948109)
Google Toolbar for Internet Explorer
Heroes of Might and Magic IV
Hewlett-Packard Active Check
Hewlett-Packard Asset Agent for Health Check
HijackThis 2.0.2
HP Active Support Library
HP Active Support Library 32 bit components
HP Backup & Recovery Manager -asennusohjelma
HP Customer Experience Enhancements
HP Doc Viewer
HP Easy Setup - Frontend
HP Notebook Accessories Product Tour
HP ProtectTools Security Manager
HP Quick Launch Buttons 6.40 B2
HP Update
HP User Guides 0084
HP Wireless Assistant
Intel(R) Graphics Media Accelerator Driver
Intel(R) PRO Network Connections Drivers
InterVideo DVD Check
InterVideo WinDVD
Java(TM) 6 Update 7
Java(TM) SE Runtime Environment 6 Update 1
Korostuksen katselu (Windows Live Toolbar)
Left 4 Dead Demo
LimeWire 4.18.8
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Finnish Language Pack
Microsoft .NET Framework 1.1 Hotfix (KB929729)
Microsoft Office 2003 Web-komponentit
Microsoft Office 2007 Primary Interop Assemblies
Microsoft Office Access MUI (Finnish) 2007
Microsoft Office Excel MUI (Finnish) 2007
Microsoft Office Outlook MUI (Finnish) 2007
Microsoft Office PowerPoint MUI (Finnish) 2007
Microsoft Office Professional Hybrid 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (Finnish) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proof (Swedish) 2007
Microsoft Office Proofing (Finnish) 2007
Microsoft Office Publisher MUI (Finnish) 2007
Microsoft Office Shared MUI (Finnish) 2007
Microsoft Office Small Business -yhteysosat
Microsoft Office Word MUI (Finnish) 2007
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
Mozilla Firefox (3.0.4)
MSRedist
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
Norton AntiVirus
Norton Confidential Browser Component
Norton Confidential Web Protection Component
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security (Symantec Corporation)
Norton Protection Center
Opera 9.62
Outlook 2007 Business Contact Manager SP1
Outlook 2007 Business Contact Manager SP1
PDF Complete
QuickTime
Roxio Activation Module
Roxio Creator Audio
Roxio Creator Basic v9
Roxio Creator Copy
Roxio Creator Data
Roxio Creator Tools
Roxio Express Labeler 3
Roxio MyDVD Basic v9
Roxio Update Manager
Security Update for 2007 Microsoft Office System (KB951550)
Security Update for 2007 Microsoft Office System (KB951944)
Security Update for 2007 Microsoft Office System (KB955936)
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft Office Excel 2007 (KB958437)
Security Update for Microsoft Office PowerPoint 2007 (KB951338)
Security Update for Microsoft Office Publisher 2007 (KB950114)
Security Update for Microsoft Office system 2007 (KB954326)
Security Update for Microsoft Office system 2007 (KB956828)
Security Update for Microsoft Office Word 2007 (KB956358)
Sonic CinePlayer Decoder Pack
SoundMAX
SPBBC 32bit
Spybot - Search & Destroy
Steam
SymNet
Synaptics Pointing Device Driver
System Requirements Lab
TrackMania Nations Forever
Update for Microsoft Office Outlook 2007 (KB952142)
Update for Office 2007 (KB946691)
Update for Outlook 2007 Junk Email Filter (kb958619)
VideoLAN VLC media player 0.8.6c
Windows Live installer
Windows Live Messenger
Windows Live Toolbar
Windows Live Toolbar
Windows Live Toolbarin laajennus (Windows Live Toolbar)
Windows Liven kirjautumisavustaja
Windows Media Player Firefox Plugin
Vista Default Settings
Zombie Panic! Source Dedicated Server
|
|
malloc
Newbie
|
13. joulukuuta 2008 @ 08:56 |
Linkki tähän viestiin
|
ComboFix 08-12-12.02 - Jeppe 2008-12-13 8:34:07.2 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1035.18.2039.1134 [GMT 2:00]
Sijainti: c:\users\Jeppe\Desktop\ComboFix.exe
.
(((((((((((((((((((((((((((((((((((((( Muut poistot ))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
c:\windows\system32\x64
F:\Autorun.inf
.
((((( Tiedostot, jotka on luotu seuraavalla aikavälillä: 2008-11-13 to 2008-12-13 )))))))))))))))))
.
2008-12-12 18:50 . 2008-12-12 18:50 <KANSIO> d-------- c:\users\Jeppe\AppData\Roaming\Malwarebytes
2008-12-12 18:50 . 2008-12-03 19:52 15,504 --a------ c:\windows\System32\drivers\mbam.sys
2008-12-12 18:49 . 2008-12-12 18:49 <KANSIO> d-------- c:\users\All Users\Malwarebytes
2008-12-12 18:49 . 2008-12-12 18:49 <KANSIO> d-------- c:\programdata\Malwarebytes
2008-12-12 18:49 . 2008-12-12 18:50 <KANSIO> d-------- c:\program files\Malwarebytes' Anti-Malware
2008-12-12 18:49 . 2008-12-03 19:52 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys
2008-12-12 18:08 . 2008-12-12 18:08 <KANSIO> d-------- c:\program files\Trend Micro
2008-12-11 21:38 . 2008-10-22 03:22 2,048 --a------ c:\windows\System32\tzres.dll
2008-12-11 19:28 . 2008-12-11 19:28 598 --a------ c:\windows\wininit.ini
2008-12-11 18:50 . 2008-12-11 18:50 <KANSIO> d--hs---- C:\found.000
2008-12-11 17:55 . 2008-12-11 18:31 <KANSIO> d-------- c:\users\All Users\Spybot - Search & Destroy
2008-12-11 17:55 . 2008-12-11 18:31 <KANSIO> d-------- c:\programdata\Spybot - Search & Destroy
2008-12-11 17:55 . 2008-12-11 17:57 <KANSIO> d-------- c:\program files\Spybot - Search & Destroy
2008-12-11 08:02 . 2008-10-21 07:25 296,960 --a------ c:\windows\System32\gdi32.dll
2008-12-08 22:15 . 2008-12-11 20:51 <KANSIO> d-------- c:\program files\AskSBar
2008-12-08 22:15 . 2008-12-08 22:15 249,592 --a------ c:\windows\System32\cssdll32.dll
2008-12-08 22:13 . 2008-12-12 20:40 <KANSIO> d-------- c:\users\Jeppe\AppData\Roaming\Comodo
2008-12-08 22:13 . 2008-12-12 20:40 <KANSIO> d-------- c:\users\All Users\comodo
2008-12-08 22:13 . 2008-12-12 20:40 <KANSIO> d-------- c:\programdata\comodo
2008-12-08 22:13 . 2008-12-12 20:40 <KANSIO> d-------- c:\program files\COMODO
2008-12-07 15:45 . 2008-12-07 15:45 <KANSIO> d-------- c:\users\All Users\Adobe
2008-12-07 15:29 . 2008-12-07 15:29 <KANSIO> d-------- c:\users\All Users\FLEXnet
2008-12-07 15:29 . 2008-12-07 15:29 <KANSIO> d-------- c:\programdata\FLEXnet
2008-11-26 06:49 . 2008-10-21 07:25 1,645,568 --a------ c:\windows\System32\connect.dll
2008-11-26 06:49 . 2008-08-28 05:40 712,704 --a------ c:\windows\System32\WindowsCodecs.dll
2008-11-26 06:49 . 2008-08-28 05:40 425,472 --a------ c:\windows\System32\PhotoMetadataHandler.dll
2008-11-26 06:49 . 2008-08-28 05:40 347,136 --a------ c:\windows\System32\WindowsCodecsExt.dll
2008-11-26 06:49 . 2008-10-22 05:57 241,152 --a------ c:\windows\System32\PortableDeviceApi.dll
2008-11-17 15:38 . 2008-10-16 23:13 1,809,944 --a------ c:\windows\System32\wuaueng.dll
2008-11-17 15:38 . 2008-10-16 22:56 1,524,736 --a------ c:\windows\System32\wucltux.dll
2008-11-17 15:38 . 2008-10-16 23:12 561,688 --a------ c:\windows\System32\wuapi.dll
2008-11-17 15:38 . 2008-10-16 14:08 162,064 --a------ c:\windows\System32\wuwebv.dll
2008-11-17 15:38 . 2008-10-16 22:55 83,456 --a------ c:\windows\System32\wudriver.dll
2008-11-17 15:38 . 2008-10-16 23:09 51,224 --a------ c:\windows\System32\wuauclt.exe
2008-11-17 15:38 . 2008-10-16 23:09 43,544 --a------ c:\windows\System32\wups2.dll
2008-11-17 15:38 . 2008-10-16 23:08 34,328 --a------ c:\windows\System32\wups.dll
2008-11-17 15:38 . 2008-10-16 13:56 31,232 --a------ c:\windows\System32\wuapp.exe
2008-11-13 07:20 . 2008-09-10 05:40 1,334,272 --a------ c:\windows\System32\msxml6.dll
2008-11-13 07:20 . 2008-09-05 07:14 1,191,936 --a------ c:\windows\System32\msxml3.dll
2008-11-13 07:20 . 2008-08-27 03:05 212,480 --a------ c:\windows\System32\drivers\mrxsmb10.sys
.
(((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-12 21:49 --------- d-----w c:\programdata\Microsoft Help
2008-12-12 21:26 --------- d-----w c:\program files\Common Files\Symantec Shared
2008-12-12 21:15 --------- d-----w c:\users\Jeppe\AppData\Roaming\LimeWire
2008-12-11 19:50 --------- d-----w c:\program files\Windows Mail
2008-12-10 20:35 --------- d-----w c:\program files\Norton Security Scan
2008-12-09 18:32 --------- d-----w c:\programdata\TrackMania
2008-12-09 17:57 --------- d-----w c:\program files\SystemRequirementsLab
2008-12-08 16:28 --------- d-----w c:\users\Jeppe\AppData\Roaming\uTorrent
2008-12-07 14:05 --------- d-----w c:\program files\Common Files\Adobe
2008-12-05 15:28 --------- d-----w c:\program files\Common Files\Steam
2008-11-09 18:26 --------- d-----w c:\program files\Opera
2008-11-08 07:06 30 ----a-w c:\users\Jeppe\jagex_runescape_preferences.dat
2008-11-01 21:44 --------- d-----w c:\program files\QuickTime
2008-11-01 21:43 --------- d-----w c:\programdata\Apple Computer
2008-11-01 03:44 541,696 ----a-w c:\windows\AppPatch\AcLayers.dll
2008-11-01 03:44 52,736 ----a-w c:\windows\AppPatch\iebrshim.dll
2008-11-01 03:44 460,288 ----a-w c:\windows\AppPatch\AcSpecfc.dll
2008-11-01 03:44 28,672 ----a-w c:\windows\System32\Apphlpdm.dll
2008-11-01 03:44 2,154,496 ----a-w c:\windows\AppPatch\AcGenral.dll
2008-11-01 03:44 173,056 ----a-w c:\windows\AppPatch\AcXtrnal.dll
2008-11-01 01:21 4,240,384 ----a-w c:\windows\System32\GameUXLegacyGDFs.dll
2008-10-29 06:29 2,927,104 ----a-w c:\windows\explorer.exe
2008-10-25 09:27 --------- d-----w c:\programdata\WinZip
2008-10-21 17:21 --------- d-----w c:\program files\LimeWire
2008-10-19 17:27 --------- d-----w c:\users\Jeppe\AppData\Roaming\FileZilla
2008-10-17 12:09 --------- d-----w c:\users\Jeppe\AppData\Roaming\Hewlett-Packard
2008-10-17 12:08 --------- d-----w c:\program files\Hewlett-Packard
2008-10-16 04:47 827,392 ----a-w c:\windows\System32\wininet.dll
2008-09-30 14:43 1,286,152 ----a-w c:\windows\System32\msxml4.dll
2008-09-18 05:09 3,601,464 ----a-w c:\windows\System32\ntkrnlpa.exe
2008-09-18 05:09 3,549,240 ----a-w c:\windows\System32\ntoskrnl.exe
2008-09-18 04:56 147,456 ----a-w c:\windows\System32\Faultrep.dll
2008-09-18 04:56 125,952 ----a-w c:\windows\System32\wersvc.dll
2008-09-18 02:16 2,032,640 ----a-w c:\windows\System32\win32k.sys
2008-09-15 18:09 111,928 ----a-w c:\windows\System32\PnkBstrB.exe
2008-08-04 18:13 174 --sha-w c:\program files\desktop.ini
.
((((((((((((((((((((((((((((( snapshot@2008-12-12_23.34.34,07 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-12-11 19:44:06 1,165,584 ----a-r c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\accicons.exe
+ 2008-12-12 21:49:21 1,165,584 ----a-r c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\accicons.exe
- 2008-12-11 19:44:18 20,240 ----a-r c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\cagicon.exe
+ 2008-12-12 21:49:21 20,240 ----a-r c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\cagicon.exe
- 2008-12-11 19:44:14 217,864 ----a-r c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\misc.exe
+ 2008-12-12 21:49:21 217,864 ----a-r c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\misc.exe
- 2008-12-11 19:44:19 18,704 ----a-r c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\mspicons.exe
+ 2008-12-12 21:49:21 18,704 ----a-r c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\mspicons.exe
- 2008-12-11 19:44:20 35,088 ----a-r c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\oisicon.exe
+ 2008-12-12 21:49:21 35,088 ----a-r c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\oisicon.exe
- 2008-12-11 19:44:07 845,584 ----a-r c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\outicon.exe
+ 2008-12-12 21:49:21 845,584 ----a-r c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\outicon.exe
- 2008-12-11 19:44:13 922,384 ----a-r c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\pptico.exe
+ 2008-12-12 21:49:21 922,384 ----a-r c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\pptico.exe
- 2008-12-11 19:44:18 272,648 ----a-r c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\pubs.exe
+ 2008-12-12 21:49:21 272,648 ----a-r c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\pubs.exe
- 2008-12-11 19:44:20 888,080 ----a-r c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\wordicon.exe
+ 2008-12-12 21:49:21 888,080 ----a-r c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\wordicon.exe
- 2008-12-11 19:44:07 1,172,240 ----a-r c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\xlicons.exe
+ 2008-12-12 21:49:21 1,172,240 ----a-r c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\xlicons.exe
- 2008-12-12 21:26:11 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2008-12-13 06:31:00 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2008-12-12 21:26:11 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2008-12-13 06:31:00 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2008-12-12 21:27:40 262,144 --sha-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2008-12-13 06:31:58 262,144 --sha-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2008-12-13 06:31:58 262,144 ---ha-w c:\windows\ServiceProfiles\LocalService\ntuser.dat.LOG1
- 2008-12-12 21:34:03 262,144 --sha-w c:\windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2008-12-13 06:31:53 262,144 --sha-w c:\windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2008-12-13 06:31:53 262,144 ---ha-w c:\windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1
- 2008-12-12 21:32:52 122,462 ----a-w c:\windows\System32\perfc009.dat
+ 2008-12-13 06:38:12 122,462 ----a-w c:\windows\System32\perfc009.dat
- 2008-12-12 21:32:52 102,968 ----a-w c:\windows\System32\perfc00B.dat
+ 2008-12-13 06:38:14 102,968 ----a-w c:\windows\System32\perfc00B.dat
- 2008-12-12 21:32:52 642,214 ----a-w c:\windows\System32\perfh009.dat
+ 2008-12-13 06:38:12 642,214 ----a-w c:\windows\System32\perfh009.dat
- 2008-12-12 21:32:52 490,838 ----a-w c:\windows\System32\perfh00B.dat
+ 2008-12-13 06:38:14 490,838 ----a-w c:\windows\System32\perfh00B.dat
- 2008-12-12 21:28:08 11,482 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-731148649-997563980-2546183717-1006_UserData.bin
+ 2008-12-13 06:32:54 11,498 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-731148649-997563980-2546183717-1006_UserData.bin
- 2008-12-12 21:28:08 77,434 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2008-12-13 06:32:54 77,536 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
- 2008-12-12 21:28:07 47,046 ----a-w c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2008-12-13 06:32:53 47,214 ----a-w c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
- 2008-12-12 12:45:30 260,500 ----a-w c:\windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2008-12-12 21:39:38 260,612 ----a-w c:\windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S3.bin
.
-- Snapshot nollattu tähän hetkeen --
.
(((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2}"= "c:\program files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL" [2008-12-08 66912]
[HKEY_CLASSES_ROOT\clsid\{0579b4b6-0293-4d73-b02d-5ebb0ba0f0a2}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2}]
2008-12-08 22:15 66912 --a------ c:\program files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-04-19 484904]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"swg"="c:\program files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2008-07-20 171448]
"Steam"="c:\program files\steam\resource\steam.exe" [2008-10-08 1410296]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PDF Complete"="c:\program files\PDF Complete\pdfsty.exe" [2007-05-08 331552]
"PTHOSTTR"="c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE" [2007-01-09 145184]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-06-07 833072]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-05-11 472632]
"WAWifiMessage"="c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-10 317128]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2007-06-05 71176]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-11-06 177456]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-07-20 266497]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2007-02-21 1183744]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-04-04 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-04-04 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-04-04 133656]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-05-27 413696]
"COMODO SafeSurf"="c:\program files\COMODO\SafeSurf\cssurf.exe" [2008-12-08 278264]
"COMODO Firewall Pro"="c:\program files\COMODO\Firewall\cfp.exe" [BU]
"WPCUMI"="c:\windows\system32\WpcUmi.exe" [2006-11-02 176128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"ST Recovery Launcher"="c:\windows\SMINST\launcher.exe" [2007-06-06 44168]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
DVD Check.lnk - c:\program files\InterVideo\DVD Check\DVDCheck.exe [2008-07-15 192512]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP]
2007-06-08 09:04 49152 c:\windows\System32\DeviceNP.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"= c:\windows\system32\cssdll32.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{208F716A-F6D6-491E-801E-3D2111539993}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{EC296FB3-E219-464E-A989-A47FEB09D1BD}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{0DF18E19-CC5D-4E89-A2BE-E21EE2384A2D}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
"{AE8E23C4-D1FB-4CAD-B9BA-0065592A08C9}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
"{6D1AC065-4AE2-4F80-B8AF-D844C57B05A4}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent
"{BB004074-89FF-48C8-A4AB-BF8E38952894}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent
"{739EC2DF-9ED0-4959-BA3C-D35956072102}"= Disabled:UDP:c:\program files\DNA\btdna.exe:DNA
"{47F4CEC2-9835-4766-AC97-1311981E4E35}"= Disabled:TCP:c:\program files\DNA\btdna.exe:DNA
"TCP Query User{CB491919-9B41-44FC-A7C7-E217A7E8C8BE}c:\\program files\\utorrent\\utorrent.exe"= UDP:c:\program files\utorrent\utorrent.exe:µTorrent
"UDP Query User{40065C0D-3B2F-4857-AF2A-24D30CF597C3}c:\\program files\\utorrent\\utorrent.exe"= TCP:c:\program files\utorrent\utorrent.exe:µTorrent
"TCP Query User{14E1F2FD-92FE-4941-914D-A59F220BA019}c:\\program files\\steam\\resource\\steamapps\\common\\trackmania nations forever\\tmforever.exe"= UDP:c:\program files\steam\resource\steamapps\common\trackmania nations forever\tmforever.exe:TmForever
"UDP Query User{4AD2CEE1-5ECC-4256-BA11-6469FDE19ACA}c:\\program files\\steam\\resource\\steamapps\\common\\trackmania nations forever\\tmforever.exe"= TCP:c:\program files\steam\resource\steamapps\common\trackmania nations forever\tmforever.exe:TmForever
"TCP Query User{104D94B3-2AE1-4680-ACF5-4045CE0DD191}c:\\program files\\limewire\\limewire.exe"= UDP:c:\program files\limewire\limewire.exe:LimeWire
"UDP Query User{D50D580B-E3D9-4264-BF81-6C73B409375E}c:\\program files\\limewire\\limewire.exe"= TCP:c:\program files\limewire\limewire.exe:LimeWire
"TCP Query User{28BA79AB-C565-4A17-85F5-42BABC7F2C1F}c:\\program files\\steam\\resource\\steamapps\\common\\trackmania nations forever\\tmforever.exe"= UDP:c:\program files\steam\resource\steamapps\common\trackmania nations forever\tmforever.exe:TmForever
"UDP Query User{8E243995-0AFA-4B84-BFBB-14CE1EFAE2D5}c:\\program files\\steam\\resource\\steamapps\\common\\trackmania nations forever\\tmforever.exe"= TCP:c:\program files\steam\resource\steamapps\common\trackmania nations forever\tmforever.exe:TmForever
"TCP Query User{F6641117-7006-491C-81CA-89B0E17600AA}c:\\program files\\steam\\resource\\steamapps\\malloc25\\day of defeat\\hl.exe"= UDP:c:\program files\steam\resource\steamapps\malloc25\day of defeat\hl.exe:Half-Life Launcher
"UDP Query User{5BF6EEB0-A9F3-4D14-8B2D-2B13EE54C01E}c:\\program files\\steam\\resource\\steamapps\\malloc25\\day of defeat\\hl.exe"= TCP:c:\program files\steam\resource\steamapps\malloc25\day of defeat\hl.exe:Half-Life Launcher
"TCP Query User{C0ABF9D9-78C1-4517-9F36-09524E4C54D1}c:\\program files\\opera\\opera.exe"= UDP:c:\program files\opera\opera.exe:Opera Internet Browser
"UDP Query User{0FF14531-FD0B-4411-9F94-44BCF11CB510}c:\\program files\\opera\\opera.exe"= TCP:c:\program files\opera\opera.exe:Opera Internet Browser
"TCP Query User{A2CCBC5F-7D59-409D-9C91-C6C3898E4907}c:\\program files\\opera\\opera.exe"= UDP:c:\program files\opera\opera.exe:Opera Internet Browser
"UDP Query User{D0AC0247-BBB2-4BAE-98E4-27DDA68D545F}c:\\program files\\opera\\opera.exe"= TCP:c:\program files\opera\opera.exe:Opera Internet Browser
"{A9554AE7-4FD9-43CF-9DD4-C3564C87922B}"= UDP:c:\users\Jeppe\AppData\Local\Temp\WZSE0.TMP\SymNRT.exe:Norton Removal Tool
"{038891A3-E8C5-431D-9E34-573029F1CD7F}"= TCP:c:\users\Jeppe\AppData\Local\Temp\WZSE0.TMP\SymNRT.exe:Norton Removal Tool
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"c:\\Program Files\\BitTorrent\\bittorrent.exe"= c:\program files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent
R2 BcmSqlStartupSvc;Business Contact Managerin SQL Server -käynnistyspalvelu;"c:\program files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe" [2008-01-16 30312]
R2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService [2007-12-15 540448]
S2 Automaattinen LiveUpdate-ajastustoiminto;Automaattinen LiveUpdate-ajastustoiminto;"c:\program files\Symantec\LiveUpdate\ALUSchedulerSvc.exe" []
S3 DAMDrv;DAMDrv;c:\windows\system32\DRIVERS\DAMDrv.sys [2007-12-15 30008]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;c:\windows\system32\flcdlock.exe [2007-06-08 172131]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ);"c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sMSSMLBIZ [2008-02-26 29183504]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"c:\program files\Common Files\LightScribe\LSRunOnce.exe"
.
'Ajoitetut tehtävät'-kansion sisältö
2008-12-08 c:\windows\Tasks\Norton Internet Security - Suorita täyd. järj.tarkistus - Jeppe.job
- c:\program files\Norton Internet Security\Norton AntiVirus\Navw32.exe []
2008-07-15 c:\windows\Tasks\Tarkistetaan Windows Live -työkalurivin päivitykset.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 10:20]
2008-10-25 c:\windows\Tasks\Uniblue SpeedUpMyPC Nag.job
- c:\program files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe []
2008-07-27 c:\windows\Tasks\Uniblue SpeedUpMyPC.job
- c:\program files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe []
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-13 08:38:12
Windows 6.0.6001 Service Pack 1 NTFS
tarkistaa piilotettuja prosesseja ...
tarkistaa piilotettuja käynnistysarvoja ...
tarkistaa piilotettuja tiedostoja ...
tarkistus on valmis
piilotetut tiedostot: 0
**************************************************************************
.
Valmistumisajankohta: 2008-12-13 8:45:47
ComboFix-quarantined-files.txt 2008-12-13 06:45:17
Ennen ajoa: 77,491,478,528 tavua vapaana
Ajon jälkeen: 77,457,850,368 tavua vapaana
265 --- E O F --- 2008-12-12 21:49:32
|
|
malloc
Newbie
|
13. joulukuuta 2008 @ 19:14 |
Linkki tähän viestiin
|
|
nyt tähän koneeseen on tullu todellakin joku koska tämä on niin hidas että rupeaa jo ärsyttämään kun yrität avata netti selaimen niin menee noin 20 sek ennen kuin mitää tapahtuu ja sittenkun sivusto on ladannut ja yrität esim. rullaa sivustoa alas niin tulee vaan että (ei vastaa)...
|
|
Lada1500s
Member
26 tuotearviota
|
13. joulukuuta 2008 @ 19:59 |
Linkki tähän viestiin
|
Lainaus, alkuperäisen viestin kirjoitti malloc:
nyt tähän koneeseen on tullu todellakin joku koska tämä on niin hidas että rupeaa jo ärsyttämään kun yrität avata netti selaimen niin menee noin 20 sek ennen kuin mitää tapahtuu ja sittenkun sivusto on ladannut ja yrität esim. rullaa sivustoa alas niin tulee vaan että (ei vastaa)...
Kotelon jäähdytys..? Mulla oli sitä, että jos kovo lämpes tarpeeksi, mikään ei enää auennu tai toiminu kovin nopeasti.
Emo: ASUS M4N72-E; Prossu: AMD Phenom II 955; Muistit: 4Gt Kingston 800MHz DDR2; Näyttis: ASUS Geforce 9800GTX+; Äänikortti: SoundBlaster Audigy; Virtalähde: Antec Earthwatts 500w; Kotelo: Antec Sonata III; Näyttö: LG:n 22" 22LS4D 1650x1050
|
|
Mainos
|
|
|
|
malloc
Newbie
|
13. joulukuuta 2008 @ 20:17 |
Linkki tähän viestiin
|
|
kyllä ainakin joku tuuletin huutaa täysillä aina välillä mutta nyt taas toimii kun poistin pari ohjelmaa :)
|
|
