|
Logi tarkastettavaksi
|
|
Member
8 tuotearviota
|
12. helmikuuta 2009 @ 19:29 |
Linkki tähän viestiin
|
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:28:01, on 12.2.2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Windows\System32\Ctxfihlp.exe
C:\Windows\SYSTEM32\CTXFISPI.EXE
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.pussytorrents.org/login.php
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CtxfiReg] CTXFIREG.exe /FAIL1 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CtxfiReg] CTXFIREG.exe /FAIL1 (User 'Default user')
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/fl...ent/swflash.cab
O20 - AppInit_DLLs:
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
O23 - Service: Norton2009 Reset (.norton2009Reset) - - (no file)
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
--
End of file - 6348 bytes
|
|
Hujo
Suspended permanently
|
12. helmikuuta 2009 @ 19:52 |
Linkki tähän viestiin
|
scannaa hjt:llä merkkaa paina Fix checked
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O20 - AppInit_DLLs:
O23 - Service: Norton2009 Reset (.norton2009Reset) - - (no file)
================
Lataa Malwarebytes' Anti-Malware työpöydällesi.
1. Tuplaklikkaa mbam-setup.exe ja seuraa ohjeita asentaaksesi ohjelman.
2. Lopuksi varmistu, että seuraavat on valittu: Update Malwarebytes', Anti-Malwareja
Launch Malwarebytes' Anti-Malware ja sen jälkeen klikkaaFinish.
3. Jos päivitys löytyy. ohjelma lataa ja asentaa uusimman version.
4. Kun ohjelma on latautunut, valitse Perform full scan ja klikkaa Scan.
5. Kun skanni on valmis, klikkaa OK ja sitten Show Results nähdäksesi tulokset.
6. Varmistu, että kaikki on merkitty ja klikkaa Remove Selected.
7. Tämän jälkeen loki avautuu muistioon. Tallenna se paikkaan, josta löydät sen helposti. Loki
löytyy myös täältä: C:\Documents and Settings\Käyttäjänimi\Application
Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-päiväys.txt
8. Lähetä lokin sisältö seuraavassa viestissäsi
Voiko tietsikka koskaan toimia?
|
Member
8 tuotearviota
|
12. helmikuuta 2009 @ 23:38 |
Linkki tähän viestiin
|
|
Tuo norton ei lähde millään.
Ei löytäny tuo ohjelma mitää.
|
|
Hujo
Suspended permanently
|
12. helmikuuta 2009 @ 23:43 |
Linkki tähän viestiin
|
|
Käynnistä suorita kirjoita
services.msc
Klikkaa OK
============
etsi tuo Norton2009 Reset
Tuplalikkaa sitä
laita seis
alasvetovalikosta ei käytössä
käytä ja ok
Voiko tietsikka koskaan toimia?
|
Member
8 tuotearviota
|
13. helmikuuta 2009 @ 00:21 |
Linkki tähän viestiin
|
|
Joo se ei ollutkaa käytössä.
|
|
Hujo
Suspended permanently
|
13. helmikuuta 2009 @ 00:27 |
Linkki tähän viestiin
|
Jokos se häipy hjt:n lokista
Avaa Windows Defender.
Klikkaa Tools ja General Settings.
Selaa alas ja ota rasti pois Turn on real-time protection (recommended)-kohdasta.
Tämän jälkeen klikkaa Save ja sulje Windows Defender.
Voiko tietsikka koskaan toimia?
Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 13. helmikuuta 2009 @ 00:28
|
Member
8 tuotearviota
|
13. helmikuuta 2009 @ 11:52 |
Linkki tähän viestiin
|
|
Ei vielläkää..Laitoin ton softan pois päält.
|
|
Hujo
Suspended permanently
|
13. helmikuuta 2009 @ 14:08 |
Linkki tähän viestiin
|
1.Lataa Combofix.exe työpöydällesi yhdestä linkistä:
Combofix1
Combofix2
älä asenna palautus consolia
2. Tuplaklikkaa Combofix.exe tiedostoa ja seuraa ohjeistuksia.
3. Kun työkalu on valmis, se tuottaa lokin. Lähetä tämä loki viesti ketjuusi.
Huom! Älä klikkaile combofixin ikkunaa käytön aikana. Tämä saattaa aiheuttaa ohjelman jumiutumisen.
Voiko tietsikka koskaan toimia?
|
Member
8 tuotearviota
|
13. helmikuuta 2009 @ 19:05 |
Linkki tähän viestiin
|
ComboFix 09-02-12.03 - Ydintalvi 2009-02-13 18:49:23.1 - NTFSx86
Microsoft® Windows Vista? Ultimate 6.0.6001.1.1252.1.1033.18.3070.2006 [GMT 2:00]
Sijainti: c:\users\Ydintalvi\Desktop\ComboFix.exe
* Uusi palautuspiste luotu
.
((((( Tiedostot, jotka on luotu seuraavalla aikavälillä: 2009-01-13 to 2009-02-13 )))))))))))))))))
.
2009-02-12 20:01 . 2009-02-12 20:01 <KANSIO> d-------- c:\windows\Java
2009-02-12 20:01 . 2009-02-12 20:01 <KANSIO> d-------- c:\program files\PC Wizard 2008
2009-02-12 20:01 . 2007-09-15 15:11 27,136 --a------ c:\windows\System32\PCWizard.cpl
2009-02-12 19:27 . 2009-02-12 19:27 <KANSIO> d-------- c:\program files\Trend Micro
2009-02-11 21:57 . 2009-02-11 21:57 <KANSIO> d-------- c:\users\YDINTA~1\AppData\Roaming\NASA
2009-02-11 21:53 . 2009-02-11 21:53 <KANSIO> d-------- c:\program files\Deep Silver
2009-02-11 21:30 . 2009-02-11 21:30 <KANSIO> d-------- c:\program files\NASA
2009-02-11 00:18 . 2009-02-11 00:18 <KANSIO> d-------- c:\program files\Sierra Entertainment
2009-02-11 00:10 . 2009-02-11 00:10 <KANSIO> d-------- c:\users\YDINTA~1\AppData\Roaming\InstallShield
2009-02-11 00:10 . 2009-02-11 00:10 <KANSIO> d-------- c:\program files\Blitzfront Game Studio
2009-02-10 23:31 . 2009-02-10 23:31 <KANSIO> d-------- c:\program files\MagicDisc
2009-02-10 23:31 . 2008-07-28 17:19 116,736 --a------ c:\windows\System32\drivers\mcdbus.sys
2009-02-10 23:28 . 2004-08-18 10:34 442,368 -ra------ c:\windows\System32\vp6vfw.dll
2009-02-10 23:22 . 2009-02-11 00:27 <KANSIO> d-------- c:\program files\MagicISO
2009-02-10 23:05 . 2009-02-10 23:07 <KANSIO> d--h----- c:\program files\Creative Installation Information
2009-02-10 23:05 . 2009-02-10 23:05 <KANSIO> d-------- c:\program files\Common Files\Creative
2009-02-10 20:00 . 2009-02-10 20:00 <KANSIO> d-------- c:\windows\System32\Futuremark
2009-02-10 20:00 . 2009-02-10 20:00 <KANSIO> d-------- c:\program files\Futuremark
2009-02-10 20:00 . 2009-02-10 20:00 262,144 --a------ c:\windows\System32\wrap_oal.dll
2009-02-10 20:00 . 2009-02-10 20:00 86,016 --a------ c:\windows\System32\OpenAL32.dll
2009-02-10 20:00 . 2004-10-25 20:02 21,664 --a------ c:\windows\System32\drivers\Entech.sys
2009-02-10 20:00 . 1999-11-02 10:01 6,173 --a------ c:\windows\System32\drivers\Entech.vxd
2009-02-10 20:00 . 2004-06-22 15:44 5,632 --a------ c:\windows\System32\drivers\Entech64.sys
2009-02-10 20:00 . 2001-11-19 19:05 3,972 --a------ c:\windows\System32\drivers\PciBus.sys
2009-02-09 21:32 . 2009-02-09 21:32 <KANSIO> d-------- c:\program files\ATI Technologies
2009-02-09 21:32 . 2009-02-09 21:32 <KANSIO> d-------- c:\program files\ATI
2009-02-09 21:32 . 2009-02-09 21:32 <KANSIO> d-------- C:\ATI
2009-02-09 21:06 . 2009-02-09 21:06 <KANSIO> d-------- C:\Roina#1
2009-02-08 19:10 . 2009-01-15 08:19 801,312 --a------ c:\windows\System32\nvcplui.exe
2009-02-08 19:10 . 2009-01-15 08:19 420,384 --a------ c:\windows\System32\nvcpl.cpl
2009-02-08 19:07 . 2009-02-08 19:07 <KANSIO> d-------- C:\NVIDIA
2009-02-08 19:03 . 2008-04-07 10:24 1,040,544 --a------ c:\windows\System32\drivers\nvmfdx32.sys
2009-02-08 19:03 . 2008-04-07 10:24 356,352 --a------ c:\windows\System32\nvunrm.exe
2009-02-08 19:03 . 2008-04-07 10:24 35,328 --a------ c:\windows\System32\nvconrm.dll
2009-02-08 18:56 . 2009-01-07 11:28 453,152 --a------ c:\windows\System32\NVUNINST.EXE
2009-02-08 18:55 . 2008-04-07 10:24 356,352 -ra------ c:\windows\System32\nvusmb.exe
2009-02-08 18:55 . 2008-04-07 10:24 8,535 -ra------ c:\windows\System32\nvide.nvu
2009-02-08 18:55 . 2008-04-07 10:24 3,582 -ra------ c:\windows\System32\nvnrm.nvu
2009-02-08 18:55 . 2008-04-07 10:24 1,950 -ra------ c:\windows\System32\nvsmb.nvu
2009-02-08 15:54 . 2009-02-08 16:04 <KANSIO> d-------- c:\users\All Users\comodo
2009-02-08 15:54 . 2009-02-08 16:04 <KANSIO> d-------- c:\programdata\comodo
2009-02-07 12:36 . 2009-02-07 12:36 0 --ah----- c:\windows\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2009-02-06 09:34 . 2009-02-06 09:34 <KANSIO> d-------- c:\users\All Users\NOS
2009-02-06 09:34 . 2009-02-06 09:34 <KANSIO> d-------- c:\programdata\NOS
2009-02-06 09:34 . 2009-02-06 09:34 <KANSIO> d-------- c:\program files\NOS
2009-02-05 21:20 . 2009-02-05 21:21 <KANSIO> d-------- c:\users\All Users\Adobe
2009-02-05 21:20 . 2009-02-05 21:21 <KANSIO> d-------- c:\program files\Common Files\Adobe
2009-02-03 12:45 . 2009-02-03 12:45 <KANSIO> d-------- c:\program files\AMX Mod X
2009-02-01 22:21 . 2009-02-01 22:21 1,905 --a------ c:\windows\diagwrn.xml
2009-02-01 22:21 . 2009-02-01 22:21 1,905 --a------ c:\windows\diagerr.xml
2009-02-01 14:35 . 2009-02-01 14:35 <KANSIO> d-------- c:\program files\MSXML 4.0
2009-02-01 11:40 . 2009-02-09 21:18 <KANSIO> d-------- c:\users\All Users\Spybot - Search & Destroy
2009-02-01 11:40 . 2009-02-09 21:18 <KANSIO> d-------- c:\programdata\Spybot - Search & Destroy
2009-02-01 11:40 . 2009-02-01 11:40 <KANSIO> d-------- c:\program files\Spybot - Search & Destroy
2009-01-31 23:44 . 2009-01-31 23:44 <KANSIO> d-------- c:\users\All Users\Nokia
2009-01-31 23:44 . 2009-01-31 23:44 <KANSIO> d-------- c:\programdata\Nokia
2009-01-31 23:40 . 2009-01-31 23:40 0 --ah----- c:\windows\System32\drivers\Msft_User_PCCSWpdDriver_01_05_00.Wdf
2009-01-31 23:39 . 2009-01-31 23:40 <KANSIO> d-------- c:\users\YDINTA~1\AppData\Roaming\PC Suite
2009-01-31 23:39 . 2009-01-31 23:40 <KANSIO> d-------- c:\users\YDINTA~1\AppData\Roaming\Nokia
2009-01-31 23:39 . 2009-01-31 23:40 <KANSIO> d-------- c:\users\All Users\PC Suite
2009-01-31 23:39 . 2009-01-31 23:40 <KANSIO> d-------- c:\programdata\PC Suite
2009-01-31 23:39 . 2009-01-31 23:39 0 --ah----- c:\windows\System32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2009-01-31 23:38 . 2009-01-31 23:38 <KANSIO> d-------- c:\program files\DIFX
2009-01-31 23:38 . 2009-01-31 23:38 <KANSIO> d-------- c:\program files\Common Files\PCSuite
2009-01-31 23:38 . 2009-01-31 23:42 <KANSIO> d-------- c:\program files\Common Files\Nokia
2009-01-31 23:38 . 2008-08-26 09:26 18,816 --a------ c:\windows\System32\drivers\pccsmcfd.sys
2009-01-31 23:37 . 2009-01-31 23:38 <KANSIO> d----c--- c:\windows\System32\DRVSTORE
2009-01-31 23:37 . 2009-01-31 23:37 <KANSIO> d-------- c:\program files\PC Connectivity Solution
2009-01-31 23:34 . 2009-01-31 23:42 <KANSIO> d-------- c:\users\All Users\Installations
2009-01-31 23:34 . 2009-01-31 23:42 <KANSIO> d-------- c:\programdata\Installations
2009-01-31 23:34 . 2009-01-31 23:44 <KANSIO> d-------- c:\program files\Nokia
2009-01-31 23:34 . 2008-02-01 15:17 90,624 --a------ c:\windows\System32\nmwcdcls.dll
2009-01-31 19:04 . 2009-01-31 19:05 <KANSIO> d-------- c:\users\YDINTA~1\AppData\Roaming\Winamp
2009-01-31 18:26 . 2009-02-13 12:50 54,928 --a------ c:\windows\System32\BMXState-{00000008-00000000-00000006-00001102-00000005-00211102}.rfx
2009-01-31 18:26 . 2009-01-31 18:26 1,080 --a------ c:\windows\System32\settingsbkup.sfm
2009-01-31 18:26 . 2009-01-31 18:26 1,080 --a------ c:\windows\System32\settings.sfm
2009-01-31 18:26 . 2009-02-13 12:50 788 --a------ c:\windows\System32\DVCState-{00000008-00000000-00000006-00001102-00000005-00211102}.rfx
2009-01-31 18:20 . 2009-01-31 18:20 <KANSIO> d-------- c:\program files\Common Files\Creative Labs Shared
2009-01-31 15:30 . 2009-01-31 15:30 <KANSIO> d-------- c:\program files\Avira
2009-01-30 15:47 . 2009-01-30 15:47 0 --ah----- c:\windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2009-01-30 14:03 . 2008-06-20 03:14 781,344 --a------ c:\windows\System32\PresentationNative_v0300.dll
2009-01-30 14:03 . 2008-06-20 03:14 622,080 --a------ c:\windows\System32\icardagt.exe
2009-01-30 14:03 . 2008-06-20 03:14 326,160 --a------ c:\windows\System32\PresentationHost.exe
2009-01-30 14:03 . 2008-06-20 03:14 105,016 --a------ c:\windows\System32\PresentationCFFRasterizerNative_v0300.dll
2009-01-30 14:03 . 2008-06-20 03:14 97,800 --a------ c:\windows\System32\infocardapi.dll
2009-01-30 14:03 . 2008-06-20 03:14 43,544 --a------ c:\windows\System32\PresentationHostProxy.dll
2009-01-30 14:03 . 2008-06-20 03:14 37,384 --a------ c:\windows\System32\infocardcpl.cpl
2009-01-30 14:03 . 2008-06-20 03:14 11,264 --a------ c:\windows\System32\icardres.dll
2009-01-30 13:58 . 2008-07-27 20:03 282,112 --a------ c:\windows\System32\mscoree.dll
2009-01-30 13:58 . 2008-07-27 20:03 158,720 --a------ c:\windows\System32\mscorier.dll
2009-01-30 13:58 . 2008-07-27 20:03 96,760 --a------ c:\windows\System32\dfshim.dll
2009-01-30 13:58 . 2008-07-27 20:03 83,968 --a------ c:\windows\System32\mscories.dll
2009-01-30 13:58 . 2008-07-27 20:03 41,984 --a------ c:\windows\System32\netfxperf.dll
2009-01-29 16:32 . 2009-01-29 16:32 <KANSIO> d-------- c:\program files\NVIDIA Corporation
2009-01-27 20:49 . 2009-01-31 15:30 <KANSIO> d-------- c:\users\All Users\Avira
2009-01-27 20:49 . 2009-01-31 15:30 <KANSIO> d-------- c:\programdata\Avira
2009-01-26 17:40 . 2009-01-26 17:42 <KANSIO> d-------- c:\users\YDINTA~1\AppData\Roaming\Command & Conquer 3 Tiberium Wars
2009-01-26 15:26 . 2009-01-26 15:26 <KANSIO> d-------- c:\windows\System32\URTTEMP
2009-01-26 15:25 . 2009-02-12 12:09 <KANSIO> d-a------ c:\users\All Users\TEMP
2009-01-26 15:25 . 2009-02-12 12:09 <KANSIO> d-a------ c:\programdata\TEMP
2009-01-26 15:25 . 2008-08-25 11:36 81,288 --a------ c:\windows\System32\drivers\iksyssec.sys
2009-01-26 15:25 . 2008-08-25 11:36 66,952 --a------ c:\windows\System32\drivers\iksysflt.sys
2009-01-26 15:25 . 2008-08-25 11:36 40,840 --a------ c:\windows\System32\drivers\ikfilesec.sys
2009-01-26 15:25 . 2008-06-02 15:19 29,576 --a------ c:\windows\System32\drivers\kcom.sys
2009-01-26 15:24 . 2009-01-26 15:24 <KANSIO> d-------- c:\users\YDINTA~1\AppData\Roaming\PC Tools
2009-01-26 15:24 . 2009-02-11 00:22 <KANSIO> d-------- c:\users\All Users\Media Center Programs
2009-01-26 15:24 . 2009-02-11 00:22 <KANSIO> d-------- c:\programdata\Media Center Programs
2009-01-26 15:24 . 2009-02-12 12:04 <KANSIO> d-------- c:\program files\Spyware Doctor
2009-01-26 13:44 . 2009-01-26 13:44 <KANSIO> d-------- c:\users\All Users\SUPERAntiSpyware.com
2009-01-26 13:44 . 2009-01-26 13:44 <KANSIO> d-------- c:\programdata\SUPERAntiSpyware.com
2009-01-26 13:43 . 2009-01-26 13:43 <KANSIO> d-------- c:\users\YDINTA~1\AppData\Roaming\SUPERAntiSpyware.com
2009-01-26 13:43 . 2009-01-26 13:43 <KANSIO> d-------- c:\program files\SUPERAntiSpyware
2009-01-26 13:42 . 2009-02-11 23:52 <KANSIO> d-------- c:\program files\a-squared Free
2009-01-26 13:24 . 2009-01-26 13:24 <KANSIO> d-------- c:\users\YDINTA~1\AppData\Roaming\Malwarebytes
2009-01-26 13:24 . 2009-01-26 13:24 <KANSIO> d-------- c:\users\All Users\Malwarebytes
2009-01-26 13:24 . 2009-01-26 13:24 <KANSIO> d-------- c:\programdata\Malwarebytes
2009-01-26 13:24 . 2009-02-11 23:11 <KANSIO> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-01-26 13:24 . 2009-02-11 10:19 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys
2009-01-26 13:24 . 2009-02-11 10:19 15,504 --a------ c:\windows\System32\drivers\mbam.sys
2009-01-25 21:24 . 2009-01-25 21:25 <KANSIO> d-------- c:\program files\Windows Live Safety Center
2009-01-25 21:18 . 2009-01-29 16:19 <KANSIO> d-------- c:\program files\Common Files\Wise Installation Wizard
2009-01-25 21:17 . 2009-01-25 21:17 <KANSIO> d-------- c:\users\YDINTA~1\AppData\Roaming\Red Alert 3
2009-01-25 20:48 . 2009-01-25 20:48 <KANSIO> d-------- c:\windows\Sun
2009-01-25 19:43 . 2009-02-10 19:11 <KANSIO> d-------- c:\program files\Driver Magician
2009-01-25 19:43 . 2004-03-09 00:00 1,081,616 --a------ c:\windows\System32\Mscomctl.ocx
.
(((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-11 13:15 --------- d-----w c:\program files\Windows Mail
2009-01-25 00:57 --------- d-----w c:\program files\Microsoft Games
2009-01-23 21:48 --------- d-----w c:\program files\Windows Sidebar
2009-01-23 21:48 --------- d-----w c:\program files\Windows Photo Gallery
2009-01-23 21:48 --------- d-----w c:\program files\Windows Journal
2009-01-23 21:48 --------- d-----w c:\program files\Windows Defender
2009-01-23 21:48 --------- d-----w c:\program files\Windows Collaboration
2009-01-23 21:48 --------- d-----w c:\program files\Windows Calendar
2009-01-23 21:09 --------- d-----w c:\users\YDINTA~1\AppData\Roaming\vlc
2009-01-15 06:11 827,392 ----a-w c:\windows\System32\wininet.dll
2008-12-11 00:33 86,016 ----a-w c:\windows\System32\dpl100.dll
2008-12-11 00:33 200,704 ----a-w c:\windows\System32\dtu100.dll
2008-12-09 02:28 593,920 ----a-w c:\windows\System32\dpuGUI11.dll
2008-12-09 02:28 57,344 ----a-w c:\windows\System32\dpv11.dll
2008-12-09 02:28 344,064 ----a-w c:\windows\System32\dpus11.dll
2008-12-09 02:28 294,912 ----a-w c:\windows\System32\dpu11.dll
2008-12-05 04:32 428,544 ----a-w c:\windows\System32\EncDec.dll
2008-12-05 04:32 293,376 ----a-w c:\windows\System32\psisdecd.dll
2008-12-02 20:37 49,480 ----a-w c:\windows\System32\sirenacm.dll
2008-01-21 02:41 174 --sha-w c:\program files\desktop.ini
.
(((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-12-29 687560]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2008-12-02 3882312]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2008-12-03 1205760]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"Steam"="c:\program files\steam\steam.exe" [2009-01-23 1410296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-01-15 13683232]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-01-15 92704]
"CTxfiHlp"="CTXFIHLP.EXE" [2008-10-07 c:\windows\System32\Ctxfihlp.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CtxfiReg"="CTXFIREG.exe" [2008-10-07 c:\windows\System32\CTxfiReg.exe]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 11:05 356352 c:\program files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.XFR1"= xfcodec.dll
[HKLM\~\startupfolder\C:^Users^Ydintalvi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk]
path=c:\users\Ydintalvi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk
backup=c:\windows\pss\MagicDisc.lnk.Startup
backupExtension=.Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
--a------ 2008-08-04 01:02 36352 c:\program files\Winamp\winampa.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{C589E666-B43F-4122-9EFB-5D28AD069EC7}"= UDP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{A8806315-17B5-43B5-BA6A-68394888238C}"= TCP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{84346F9E-1AD3-461A-8AC4-07A806B20F8F}"= UDP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"{274C09D3-A23F-4A10-9F38-64908BC93DE2}"= TCP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"{C0DEF3B4-3DBA-4A28-A5C3-5F4AE53C3AAE}"= UDP:c:\program files\Electronic Arts\Battlefield 2142\BF2142.exe:Battlefield 2
"{CFAD8D7D-A9ED-44DA-A6ED-A7E25A4D679B}"= TCP:c:\program files\Electronic Arts\Battlefield 2142\BF2142.exe:Battlefield 2
"{AF70C4AD-0685-4A70-87B4-F0F2C92F15A4}"= UDP:c:\program files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
"{52388D66-272B-4540-A7CD-D9AF32D379FE}"= TCP:c:\program files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
"TCP Query User{07FD7EF9-D1CC-43E8-A1B2-ADC41717195E}c:\\program files\\xfire\\xfire.exe"= UDP:c:\program files\xfire\xfire.exe:Xfire
"UDP Query User{9A6F8653-6B3E-4178-BA65-A18071A880FE}c:\\program files\\xfire\\xfire.exe"= TCP:c:\program files\xfire\xfire.exe:Xfire
"{9A0CA1BC-CDFC-48DA-9111-B7B8D5D28299}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
"{39137F2F-2D6E-460D-B746-558924D4BAC9}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
"{1FB01F2F-1738-4F3B-B9CC-9B7C542223DC}"= UDP:c:\program files\ApexDC++\ApexDC.exe:ApexDC++ - Pinnacle of File Sharing
"{04BD8556-4A5B-45FE-A47F-CECE9C92175A}"= TCP:c:\program files\ApexDC++\ApexDC.exe:ApexDC++ - Pinnacle of File Sharing
"{2CFA1F84-505C-45D8-8F97-AA2150DB9091}"= UDP:c:\program files\Ubisoft\Far Cry 2\bin\FarCry2.exe:Far Cry 2
"{AD3F67A6-084A-4F6A-8782-CF6197B1C2C8}"= TCP:c:\program files\Ubisoft\Far Cry 2\bin\FarCry2.exe:Far Cry 2
"{2DF40F7D-D1C0-4C51-A465-49C2E55533D7}"= UDP:c:\program files\Ubisoft\Far Cry 2\bin\FC2Launcher.exe:Far Cry 2 Updater
"{AA3BBDFD-67AE-4860-B342-50E1826504B6}"= TCP:c:\program files\Ubisoft\Far Cry 2\bin\FC2Launcher.exe:Far Cry 2 Updater
"{68FC87C8-A4E7-4CAC-8EEF-1389A4A48231}"= UDP:c:\program files\Ubisoft\Far Cry 2\bin\FC2Editor.exe:Editor
"{B61083BC-4820-4ADE-8B19-7FCD91B5C88B}"= TCP:c:\program files\Ubisoft\Far Cry 2\bin\FC2Editor.exe:Editor
"TCP Query User{7F502278-3C20-490D-8D04-2E9330691B28}c:\\program files\\electronic arts\\eadm\\core.exe"= UDP:c:\program files\electronic arts\eadm\core.exe:EA Download Manager
"UDP Query User{4E88596D-E663-430A-A6A6-E451F9FF3C5C}c:\\program files\\electronic arts\\eadm\\core.exe"= TCP:c:\program files\electronic arts\eadm\core.exe:EA Download Manager
"{D1C882B0-EDFE-4A48-8D81-C4680742622C}"= UDP:c:\program files\EA GAMES\Battlefield 2\BF2.exe:Battlefield 2
"{E6BF7ED9-B33E-4C62-A7F8-434083EF09D0}"= TCP:c:\program files\EA GAMES\Battlefield 2\BF2.exe:Battlefield 2
"{23E25B71-6C64-4A80-95AF-9A5DABFCEE75}"= UDP:c:\users\Ydintalvi\AppData\Local\Temp\WZSE0.TMP\SymNRT.exe:Norton Removal Tool
"{1929663D-2EF8-4F25-83C8-BBF2C18EDEFA}"= TCP:c:\users\Ydintalvi\AppData\Local\Temp\WZSE0.TMP\SymNRT.exe:Norton Removal Tool
"TCP Query User{A7E5B314-AFBC-402C-8711-0E6B30C4E1B5}c:\\program files\\steam\\steamapps\\corvustr00\\counter-strike\\hl.exe"= UDP:c:\program files\steam\steamapps\corvustr00\counter-strike\hl.exe:Half-Life Launcher
"UDP Query User{5D8F200F-F6C4-48C5-B758-314938D6CF35}c:\\program files\\steam\\steamapps\\corvustr00\\counter-strike\\hl.exe"= TCP:c:\program files\steam\steamapps\corvustr00\counter-strike\hl.exe:Half-Life Launcher
"TCP Query User{4924EA9E-5A4A-491F-8E85-A9BD914911E1}c:\\program files\\steam\\steamapps\\corvustr00\\dedicated server\\hlds.exe"= UDP:c:\program files\steam\steamapps\corvustr00\dedicated server\hlds.exe:HLDS Launcher
"UDP Query User{8EA4CC03-07FB-44FA-93DB-ED5FB5609C24}c:\\program files\\steam\\steamapps\\corvustr00\\dedicated server\\hlds.exe"= TCP:c:\program files\steam\steamapps\corvustr00\dedicated server\hlds.exe:HLDS Launcher
"TCP Query User{7F664A21-1B03-4978-9243-B0B99851366B}c:\\program files\\mirc\\mirc.exe"= UDP:c:\program files\mirc\mirc.exe:mIRC
"UDP Query User{6B2C6A88-6370-40FD-ABDB-55910E01FC85}c:\\program files\\mirc\\mirc.exe"= TCP:c:\program files\mirc\mirc.exe:mIRC
"TCP Query User{60B26612-934E-4BEB-A305-46C22F34BFFC}c:\\program files\\steam\\steamapps\\corvustr00\\counter-strike source\\hl2.exe"= UDP:c:\program files\steam\steamapps\corvustr00\counter-strike source\hl2.exe:hl2
"UDP Query User{4A3E723E-E647-4DC6-B9DA-B3AE1FA2AE33}c:\\program files\\steam\\steamapps\\corvustr00\\counter-strike source\\hl2.exe"= TCP:c:\program files\steam\steamapps\corvustr00\counter-strike source\hl2.exe:hl2
"{6850568B-8AD7-433C-863E-9B0715D82C74}"= UDP:c:\program files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:Crysis_32
"{4C77EBF9-4FCC-46A5-8BC0-3EE28039C672}"= TCP:c:\program files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:Crysis_32
"{7CC952DF-3FE2-4DA2-821C-6F05DE87349A}"= UDP:c:\program files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:CrysisDedicatedServer_32
"{572BF34A-AC82-46BE-9C88-005CBD05D007}"= TCP:c:\program files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:CrysisDedicatedServer_32
"TCP Query User{9FEC2F77-3FD7-4432-9BDA-5C897BA8D0C6}c:\\program files\\steam\\steamapps\\corvustr00\\source dedicated server\\srcds.exe"= UDP:c:\program files\steam\steamapps\corvustr00\source dedicated server\srcds.exe:srcds
"UDP Query User{2659F618-A1ED-476B-98AD-06F38E31EC3A}c:\\program files\\steam\\steamapps\\corvustr00\\source dedicated server\\srcds.exe"= TCP:c:\program files\steam\steamapps\corvustr00\source dedicated server\srcds.exe:srcds
"TCP Query User{6D327B4F-A540-481F-B12A-F0D442A4A27D}c:\\program files\\common files\\nokia\\service layer\\a\\nsl_host_process.exe"= UDP:c:\program files\common files\nokia\service layer\a\nsl_host_process.exe:Nokia Service Layer Host Process
"TCP Query User{9030EA09-BA23-4E7F-9F72-20131B8DD89E}c:\\program files\\nokia\\nokia software updater\\nsu_ui_client.exe"= UDP:c:\program files\nokia\nokia software updater\nsu_ui_client.exe:Nokia Software Updater
"UDP Query User{20482B33-E42D-4752-9DBD-275C10D3EC81}c:\\program files\\common files\\nokia\\service layer\\a\\nsl_host_process.exe"= TCP:c:\program files\common files\nokia\service layer\a\nsl_host_process.exe:Nokia Service Layer Host Process
"UDP Query User{DD26D48C-479E-4F13-97BB-B5BAF3E20EEF}c:\\program files\\nokia\\nokia software updater\\nsu_ui_client.exe"= TCP:c:\program files\nokia\nokia software updater\nsu_ui_client.exe:Nokia Software Updater
"TCP Query User{4B2140B7-0BCD-4030-BBB5-D377093E5BD9}c:\\program files\\steam\\steamapps\\pekoni_one\\counter-strike\\hl.exe"= UDP:c:\program files\steam\steamapps\pekoni_one\counter-strike\hl.exe:Half-Life Launcher
"UDP Query User{BB1D278A-45B0-4802-AD07-12628028A222}c:\\program files\\steam\\steamapps\\pekoni_one\\counter-strike\\hl.exe"= TCP:c:\program files\steam\steamapps\pekoni_one\counter-strike\hl.exe:Half-Life Launcher
"{A12BD59B-9D28-47D2-A714-C48AD2AED120}"= UDP:c:\program files\Activision\Call of Duty - World at War\CoDWaW.exe:Call of Duty(R) - World at War(TM)
"{BBDA6C6D-8DC3-449B-ACF2-E9EBB2C13FE9}"= TCP:c:\program files\Activision\Call of Duty - World at War\CoDWaW.exe:Call of Duty(R) - World at War(TM)
"{E0D3397E-0EE5-4653-886D-12CC539BD021}"= UDP:c:\program files\Activision\Call of Duty - World at War\CoDWaWmp.exe:Call of Duty(R) - World at War(TM)
"{73862A59-D4B5-4CAE-89CF-2B1A486F5814}"= TCP:c:\program files\Activision\Call of Duty - World at War\CoDWaWmp.exe:Call of Duty(R) - World at War(TM)
"{B86551E0-44D0-4657-987F-6DAC6CCC452D}"= UDP:c:\program files\Sierra Entertainment\World in Conflict\wic.exe:World in Conflict
"{C4C293F1-1971-4F93-B4F4-2CC5D1543FC9}"= TCP:c:\program files\Sierra Entertainment\World in Conflict\wic.exe:World in Conflict
"{84B2F626-C93E-4BB9-867F-EE93769864E2}"= UDP:c:\program files\Sierra Entertainment\World in Conflict\wic_online.exe:World in Conflict - Online Only
"{D8E58465-D60D-46C4-8665-DCC1CA5D62B2}"= TCP:c:\program files\Sierra Entertainment\World in Conflict\wic_online.exe:World in Conflict - Online Only
"{3C1E4A59-5536-4E5E-9FDF-FD1B26A27BC9}"= UDP:c:\program files\Sierra Entertainment\World in Conflict\wic_ds.exe:World in Conflict - Dedicated Server
"{67ED34CF-4493-4640-97A2-F04C7F33BF51}"= TCP:c:\program files\Sierra Entertainment\World in Conflict\wic_ds.exe:World in Conflict - Dedicated Server
"{6BB85AEF-EF30-4632-B3FF-1DF172EB4590}"= UDP:c:\program files\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\xrEngine.exe:S.T.A.L.K.E.R. - Clear Sky (CLI)
"{FAC7348F-C032-4D4D-AB0C-A748DC695D6B}"= TCP:c:\program files\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\xrEngine.exe:S.T.A.L.K.E.R. - Clear Sky (CLI)
"{4DDBBD55-3B6D-429F-93D0-EF6F0B5435A5}"= UDP:c:\program files\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\dedicated\xrEngine.exe:S.T.A.L.K.E.R. - Clear Sky (SRV)
"{435508F5-F7A7-450B-A846-F1BCB7E4E086}"= TCP:c:\program files\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\dedicated\xrEngine.exe:S.T.A.L.K.E.R. - Clear Sky (SRV)
R0 SI3112r;Silicon Image SiI 3512 SATARaid Controller;c:\windows\System32\drivers\SI3112r.sys [2007-08-29 116264]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2009-01-15 8944]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2009-01-15 55024]
R3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\System32\drivers\CT20XUT.sys [2008-10-08 171032]
R3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\System32\drivers\CTEXFIFX.sys [2008-10-08 1324056]
R3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\System32\drivers\CTHWIUT.sys [2008-10-08 72728]
S2 .norton2009Reset;Norton2009 Reset; [x]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2009-01-31 79360]
S3 CT20XUT;CT20XUT;c:\windows\System32\drivers\CT20XUT.sys [2008-10-08 171032]
S3 CTEXFIFX;CTEXFIFX;c:\windows\System32\drivers\CTEXFIFX.sys [2008-10-08 1324056]
S3 CTHWIUT;CTHWIUT;c:\windows\System32\drivers\CTHWIUT.sys [2008-10-08 72728]
S3 getPlus(R) Helper;getPlus(R) Helper;c:\program files\NOS\bin\getPlus_HelperSvc.exe [2009-02-06 33752]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2009-01-15 7408]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [2009-01-26 356920]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{58fdb233-f798-11dd-be34-001d92a52f61}]
\shell\AutoRun\command - G:\RunGame.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bcba93f4-e96f-11dd-8d40-806e6f6e6963}]
\shell\AutoRun\command - E:\Autorun.exe
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7070D8E0-650A-46b3-B03C-9497582E6A74}]
%SystemRoot%\system32\soundschemes.exe /AddRegistration
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{B3688A53-AB2A-4b1d-8CEF-8F93D8C51C24}]
%SystemRoot%\system32\soundschemes2.exe /AddRegistration
.
- - - - POISTETUT JÄMÄRIVIT - - - -
MSConfigStartUp-Comrade - c:\program files\GameSpy\Comrade\Comrade.exe
.
------- Täydentävä tarkistus -------
.
uStart Page = hxxp://www.pussytorrents.org/login.php
FF - ProfilePath - c:\users\YDINTA~1\AppData\Roaming\Mozilla\Firefox\Profiles\5pokoobi.default\
FF - prefs.js: browser.startup.homepage - iltasanomat.fi
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-13 18:50:44
Windows 6.0.6001 Service Pack 1 NTFS
tarkistaa piilotettuja prosesseja ...
tarkistaa piilotettuja käynnistysarvoja ...
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
CTxfiHlp = CTXFIHLP.EXE?
tarkistaa piilotettuja tiedostoja ...
tarkistus on valmis
piilotetut tiedostot: 0
**************************************************************************
.
Valmistumisajankohta: 2009-02-13 18:52:04
ComboFix-quarantined-files.txt 2009-02-13 16:52:03
Ennen ajoa: 322 910 547 968 tavua vapaana
Ajon jälkeen: 322,890,555,392 tavua vapaana
299 --- E O F --- 2009-02-11 13:17:17
|
|
Hujo
Suspended permanently
|
13. helmikuuta 2009 @ 19:31 |
Linkki tähän viestiin
|
Luo poistolista:
? Avaa HiJackThis
? Klikkaa "Configure" valintaa oikealla alhaalla
? Klikkaa "Misc Tools"
? Klikkaa boxia joka sanoo "Uninstall Manager"
? Klikkaa valintaa "Save list"
? Kopioi ja liitä kyseinen lista muistiosta ketjuusi
Voiko tietsikka koskaan toimia?
|
Member
8 tuotearviota
|
13. helmikuuta 2009 @ 19:48 |
Linkki tähän viestiin
|
3DMark06
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9 - Suomi
Advanced SystemCare 3
AMX Mod X Installer 1.8.1
ApexDC++ 1.1.0
a-squared Free 4.0
Avira AntiVir Personal - Free Antivirus
Battlefield 2(TM)
Battlefield 2: Special Forces
Battlefield 2142
Call of Duty(R) - World at War(TM)
Call of Duty(R) - World at War(TM) 1.1 Patch
Call of Duty(R) - World at War(TM) 1.2 Patch
Call of Duty(R) 4 - Modern Warfare(TM)
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
CCleaner (remove only)
Choice Guard
Command & Conquer 3
Command & Conquer? 3: Kane's Wrath
Command & Conquer? Red Alert? 3
Counter-Strike
Counter-Strike: Source
Creative Audio Control Panel
Creative Console Launcher
Creative MediaSource 5
Creative Sound Blaster Properties
Crysis(R)
Day of Defeat
Day of Defeat: Source
Dedicated Server
DivX Codec
Driver Magician 3.30
EA Download Manager
Far Cry 2
Half-Life 2
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Java(TM) 6 Update 11
Magic ISO Maker v5.5 (build 0265)
MagicDisc 2.7.105
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB929729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable
mIRC
Mozilla Firefox (3.0.6)
MSVC80_x86
MSVCRT
MSXML 4.0 SP2 (KB954430)
NASA World Wind 1.4
Nero 8 Micro 8.3.6.0
Nokia Connectivity Cable Driver
Nokia Flashing Cable Driver
Nokia PC Suite
Nokia PC Suite
Nokia Software Updater
NVIDIA Drivers
PC Connectivity Solution
PC Wizard 2008.1.871
PunkBuster Services
S.T.A.L.K.E.R. - Clear Sky [v1.0005]
Smart Defrag 1.10
Source Dedicated Server
Source SDK
Spybot - Search & Destroy
Spyware Doctor 6.0
Steam
SUPERAntiSpyware Free Edition
System Requirements Lab
Talvisota - Icy Hell
The Sims 2
Ultimate Extras sounds from Microsoft® Tinker?
Winamp
Windows Driver Package - Nokia Modem (10/27/2008 3.9)
Windows Driver Package - Nokia Modem (10/27/2008 7.01.0.1)
Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
Windows Live Call
Windows Live Communications Platform
Windows Live Messenger
Windows Live OneCare safety scanner
Windows Live OneCare safety scanner
Windows Liven asennustyökalu
Windows Liven asennustyökalu
Windows Liven kirjautumisavustaja
Windows Liven lataustyökalu
Windowsin äänivalikoimat
WinRAR archiver
VLC media player 0.9.8a
World in Conflict
Xfire (remove only)
|
|
Hujo
Suspended permanently
|
13. helmikuuta 2009 @ 20:05 |
Linkki tähän viestiin
|
Voiko tietsikka koskaan toimia?
Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 13. helmikuuta 2009 @ 20:24
|
Member
8 tuotearviota
|
13. helmikuuta 2009 @ 20:13 |
Linkki tähän viestiin
|
|
Siis poistan noi kansiot? Siis miten laitan pois käynnistä noi softat?
|
|
Hujo
Suspended permanently
|
13. helmikuuta 2009 @ 20:22 |
Linkki tähän viestiin
|
|
niin eli poistaaa lisää poista sovelutuksesta
sitten poistaa kansiot.
Voiko tietsikka koskaan toimia?
|
Member
8 tuotearviota
|
13. helmikuuta 2009 @ 20:25 |
Linkki tähän viestiin
|
|
Ahaa siis noi softat kokonaa pois? Noihan on hyviä haittaohjelmien poistajia?
|
|
Hujo
Suspended permanently
|
13. helmikuuta 2009 @ 20:28 |
Linkki tähän viestiin
|
|
Malwarebytes' Anti-Malware tän kun päivittää ja ajaa täys scannauksen.
vastaa noita hila vitkuttimia.
sitten otetaan muuta käyttöön jos ei lähe.
Voiko tietsikka koskaan toimia?
|
Member
8 tuotearviota
|
13. helmikuuta 2009 @ 20:31 |
Linkki tähän viestiin
|
|
Juu juu.. :) Mitäs muista ois kun toi yks softa? Mil ois tehokas poistaa pöpöjä?
|
|
Hujo
Suspended permanently
|
13. helmikuuta 2009 @ 21:05 |
Linkki tähän viestiin
|
|
no mahakko ees keretä talvisodasta ajeleen noita softia.
ja ohan sulla avira siellä koneela.
Voiko tietsikka koskaan toimia?
|
Member
8 tuotearviota
|
13. helmikuuta 2009 @ 21:37 |
Linkki tähän viestiin
|
|
Jep,eiköhän tää oo tässä.. Kiitos sulle viel
|
|
Hujo
Suspended permanently
|
13. helmikuuta 2009 @ 21:43 |
Linkki tähän viestiin
|
|
Kirjoita suorita luukkuun
ComboFix /u
Klikkaa OK
Voiko tietsikka koskaan toimia?
|
Member
8 tuotearviota
|
13. helmikuuta 2009 @ 22:23 |
Linkki tähän viestiin
|
|
Jep,se poistettu koneelta.
|
|
Mainos
|
|
|
Member
8 tuotearviota
|
13. helmikuuta 2009 @ 22:36 |
Linkki tähän viestiin
|
|
Tuntu kun poistin noi softat nii paremmin kone pyörii.... ;)
|
