vähemmän oman pääoman

Magazine
Go Back   Tietokone Juice > Computer Software > Virusten, vakoiluohjelmien & Security
Reload this Page

Virus: iexplore.exe kuin järjestelmän prosessi

Rekisteröidy Sivustokartta Spy Käyttäjälista Lahjoita Haku Today's Posts Mark Forums Read Foorumin säännöt

Register


 Default 

Virus: iexplore.exe kuin järjestelmän prosessi




Reply
Sivu 1 / 2 1 2
 
Thread Tools
  #1  
Old 6 marraskuu 2008, 02:16
Uusi Jäsen
  
Default Virus: iexplore.exe kuin järjestelmän prosessi

En voi näyttää sulkea iexplore.exe vaikka ei Resurssienhallinta avattu. Mainokset aina pop up aika ajoin. Olen myös kuullut AD ääniä / ääniä taustalla. Se on ärsyttävää, ja minusta tuntuu kuin järjestelmän suorituskyky on hidastunut. Please help. Tämä on minun HiJackThis log:

Logfile tehty HijackThis v1.99.1
Scan tallennettu klo 4:15:28 AM, annettu 11.6.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Käynnissä olevista prosesseista:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ Winlogon.exe
C: \ WINDOWS \ system32 \ Services.exe
C: \ WINDOWS \ system32 \ Lsass.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ Program Files \ ALWIL Software \ Avast4 \ aswUpdSv.exe
C: \ Program Files \ ALWIL Software \ Avast4 \ ashServ.exe
C: \ WINDOWS \ Explorer.exe
C: \ Program Files \ ASUS \ Ai Suite \ AiNap \ AiNap.exe
C: \ Program Files \ Common Files \ Ulead Systems \ AutoDetector \ monitor.exe
C: \ WINDOWS \ RTHDCPL.EXE
C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe
C: \ Program Files \ iTunes \ iTunesHelper.exe
C: \ Program Files \ ASUS \ huoltoliike \ 1.00.61 \ aaCenter.exe
C: \ WINDOWS \ system32 \ rundll32.exe
C: \ PROGRA ~ 1 \ ALWILS ~ 1 \ Avast4 \ ashDisp.exe
C: \ WINDOWS \ system32 \ Ctfmon.exe
C: \ Program Files \ Nokia \ Nokia PC Suite 6 \ PcSync2.exe
C: \ PROGRA ~ 1 \ Common ~ 1 \ Nokia \ MPAPI \ MPAPI3s.exe
C: \ WINDOWS \ system32 \ spoolsv.exe
C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
C: \ Program Files \ Bonjour \ mDNSResponder.exe
C: \ WINDOWS \ system32 \ nvsvc32.exe
C: \ WINDOWS \ System32 \ PSIService.exe
C: \ Program Files \ näkökulmasta \ Common \ ViewpointService.exe
C: \ Program Files \ Common Files \ pcsuite \ Services \ ServiceLayer.exe
C: \ Program Files \ iPod \ bin \ iPodService.exe
C: \ Program Files \ ALWIL Software \ Avast4 \ ashMaiSv.exe
C: \ Program Files \ ALWIL Software \ Avast4 \ ashWebSv.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ Program Files \ Winamp \ winamp.exe
C: \ Program Files \ Real \ RealPlayer \ RealPlay.exe
C: \ WINDOWS \ system32 \ s1S8Dh6X.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ Program Files \ HijackThis \ HijackThis.exe
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Common Files \ Adobe \ Acrobat \ ActiveX \ AcroIEHelper.dll
O2 - BHO: IE2EMBHO Class - (0A0DDBD3-6641-40B9-873F-BBDD26D6C14E) - C: \ Program Files \ easyMule \ modules \ IE2EM.dll
O2 - BHO: RealPlayer Download ja Record Plugin for Internet Explorer - (3049C3E9-B461-4BC5-8870-4C09146192CA) - C: \ Program Files \ Real \ RealPlayer \ rpbrowserrecordplugin.dll
O2 - BHO: (no name) - (7E853D72-626A-48EC-A868-BA8D5E23E045) - (no file)
O4 - HKLM \ .. \ Run: [PHIME2002ASync] C: \ WINDOWS \ System32 \ IME \ TINTLGNT \ TINTSETP.EXE / SYNC
O4 - HKLM \ .. \ Run: [PHIME2002A] C: \ WINDOWS \ System32 \ IME \ TINTLGNT \ TINTSETP.EXE / IMEName
O4 - HKLM \ .. \ Run: [Ai Nap] "C: \ Program Files \ ASUS \ Ai Suite \ AiNap \ AiNap.exe"
O4 - HKLM \ .. \ Run: [CPU Power Monitor] "C: \ Program Files \ ASUS \ Ai Suite \ AiGear3 \ CpuPowerMonitor.exe"
O4 - HKLM \ .. \ Run: [Cpu Level Up auttaa] C: \ Program Files \ ASUS \ Ai Suite \ CpuLevelUpHelp.exe
O4 - HKLM \ .. \ Run: [ASUS Energiansäästö] "C: \ Program Files \ ASUS \ Ai Suite \ EnergySaving \ PwSave.exe"
O4 - HKLM \ .. \ Run: [Ulead AutoDetector v2] C: \ Program Files \ Common Files \ Ulead Systems \ AutoDetector \ monitor.exe
O4 - HKLM \ .. \ Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM \ .. \ Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM \ .. \ Run: [TkBellExe] "C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe"-osboot
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe"
O4 - HKLM \ .. \ Run: [NvCplDaemon] rundll32.exe C: \ WINDOWS \ system32 \ NvCpl.dll, NvStartup
O4 - HKLM \ .. \ Run: [nwiz] nwiz.exe / install
O4 - HKLM \ .. \ Run: [NvMediaCenter] rundll32.exe C: \ WINDOWS \ system32 \ NvMcTray.dll, NvTaskbarInit
O4 - HKLM \ .. \ Run: [Adobe Reader Speed Launcher] "C: \ Program Files \ Adobe \ Reader 8.0 \ Reader \ Reader_sl.exe"
O4 - HKLM \ .. \ Run: [NSLauncher] C: \ Program Files \ Nokia \ Nokia Software Launcher \ NSLauncher.exe / käynnistys
O4 - HKLM \ .. \ Run: [avast!] C: \ PROGRA ~ 1 \ ALWILS ~ 1 \ Avast4 \ ashDisp.exe
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe
O4 - HKCU \ .. \ Run: [\ \ MING3 \ EPSON Stylus C120 Series] C: \ WINDOWS \ System32 \ spool \ DRIVERS \ W32X86 \ 3 \ E_FATIC CA.EXE / FU "C: \ DOCUME ~ 1 \ MKJ \ LOCALS ~ 1 \ Temp \ E_S13.tmp "/ EF" HKCU "
O4 - HKCU \ .. \ Run: [PcSync] C: \ Program Files \ Nokia \ Nokia PC Suite 6 \ PcSync2.exe / NoDialog
O8 - Extra yhteydessä valikkotoimintoa: Lisää Google Photos Screensa & ver - res: / / C: \ WINDOWS \ system32 \ GPhotos.scr/200
O8 - Extra context menu item: Download by easyMule - C: \ Program Files \ easyMule \ IE2EM.htm
O9 - Extra button: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) -% windir% \ Network Diagnostic \ xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) -% windir% \ Network Diagnostic \ xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O10 - Tuntematon tiedosto Winsock LSP: c: \ program files \ Bonjour \ mdnsnsp.dll
O11 - Options group: [INTERNATIONAL] International *
O16 - DPF: (0CCA191D-13A6-4E29-B746-314DEE697D83) (Facebook Photo Uploader 5 Control) -- http://upload.facebook.com/controls/...oUploader5.cab
O16 - DPF: (6414512B-B978-451D-A0D8-FCFDF33E833C) (WUWebControl Class) -- http://www.update.microsoft.com/wind...?1224821007296
O16 - DPF: (6E32070A-766D-4EE6-879C-DC1FA91D2FC3) (MUWebControl Class) -- http://www.update.microsoft.com/micr...?1224825458984
O16 - DPF: (D27CDB6E-AE6D-11CF-96B8-444553540000) (Shockwave Flash Object) -- http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O18 - Protocol: livecall - (828030A1-22C1-4009-854F-8E305202313F) - C: \ PROGRA ~ 1 \ MSNMES ~ 1 \ MSGRAP ~ 1.DLL
O18 - Protocol: msnim - (828030A1-22C1-4009-854F-8E305202313F) - C: \ PROGRA ~ 1 \ MSNMES ~ 1 \ MSGRAP ~ 1.DLL
O20 - Winlogon Notify: dimsntfy -% SystemRoot% \ System32 \ dimsntfy.dll (file missing)
O20 - Winlogon Notify: WgaLogon - C: \ WINDOWS \ SYSTEM32 \ WgaLogon.dll
O21 - SSODL: WPDShServiceObj - (AAA288BA-9A4C-45B0-95D7-94D524869DB5) - C: \ WINDOWS \ system32 \ WPDShServiceObj.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C: \ Program Files \ ALWIL Software \ Avast4 \ aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C: \ Program Files \ ALWIL Software \ Avast4 \ ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C: \ Program Files \ ALWIL Software \ Avast4 \ ashMaiSv.exe "/ service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C: \ Program Files \ ALWIL Software \ Avast4 \ ashWebSv.exe "/ service (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C: \ Program Files \ Bonjour \ mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C: \ Program Files \ iPod \ bin \ iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C: \ WINDOWS \ system32 \ nvsvc32.exe
O23 - Service: ProtexisLicensing - Unknown owner - C: \ WINDOWS \ System32 \ PSIService.exe
O23 - Service: ServiceLayer - Nokia. - C: \ Program Files \ Common Files \ pcsuite \ Services \ ServiceLayer.exe
O23 - Service: näkökulmasta Manager Service - näkökulmasta Corporation - C: \ Program Files \ näkökulmasta \ Common \ ViewpointService.exe
  #2  
Old 6 marraskuu 2008, 09:37
Moderator Group
  
Default Virus: iexplore.exe kuin järjestelmän prosessi

Ladata CCleaner Slim ja tallenna se työpöydälle.
Kun tiedosto on tallennettu, mene Desktopin ja kaksoisosoita ccsetupxxx_slim.exe
Seuraa ohjeita asentaaksesi ohjelman.
Asennuksen jälkeen:
  • Kaksoisnapsauta CCleaner pikakuvaketta työpöydältä käynnistää ohjelman.
  • Klikkaa Valinnat estää vasemmalla, valitse Evästeet.
    • Alle Evästeet Poista, Esiin mahdolliset evästeet haluat säilyttää pysyvästi
    • Valitse oikea nuoli > siirtää ne edelleen Evästeitä Pidä ikkunassa.
  • Hyppää sisältöön Valinnat > Advanced unshekki Poistaa vain Windows Temp kansioissa yli 48 tuntia
  • Valitse Cleaner vasemmalla sitten Suorita Puhtaammat oikealla puolella ohjelman suorittamiseen.
  • Tärkeää: Varmista, että KAIKKI selainikkunat ovat kiinni ennen valintaa Suorita Puhtaammat
  • Varoitus: Se ei ole suositeltavaa, että käytät "Registry-toiminto, jos et ole hyvin perehtynyt rekisteriä.
  • Poistu CCleaner sen jälkeen, kun se on saanut prosessi.

----------

Nyt asenna uusi versio HijackThis ja sen jälkeen loki siitä.

Ladata TrendMicro HijackThis.exe (HJT) muuttamisesta Desktop.
  • Kaksoisnapsauta HJTInstall.
  • Klikkaa Asenna painiketta.
  • Se automaattisesti HJT vuonna C: \ Program Files \ TrendMicro \ HijackThis \ HijackThis.exe.
  • Kun asentaa, HijackThis pitäisi avata sinulle.
  • Klikkaa Onko järjestelmä skannaa ja tallentaa lokitiedoston painiketta
  • HijackThis tarkistaa ja sen jälkeen loki avautuu muistioon.
  • Kopioi ja liitä koko sisältöä, kirjaudu blogitekstiisi.
  • Älä on HijackThis vahvistaa mitään vielä. Suurin osa siitä, mitä se havaitsee on harmittomia tai jopa vaaditaan.
__________________
  #3  
Old 6 marraskuu 2008, 16:19
Uusi Jäsen
  
Default Virus: iexplore.exe kuin järjestelmän prosessi

Minä juoksin CCleaner ja asentanut uuden version HiJackThis.

Logfile ja Trend Micro HijackThis v2.0.2
Scan tallennettu 6:18:15 PM, on 11.6.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Käynnissä olevista prosesseista:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ Winlogon.exe
C: \ WINDOWS \ system32 \ Services.exe
C: \ WINDOWS \ system32 \ Lsass.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ Program Files \ ALWIL Software \ Avast4 \ aswUpdSv.exe
C: \ Program Files \ ALWIL Software \ Avast4 \ ashServ.exe
C: \ WINDOWS \ Explorer.exe
C: \ Program Files \ ASUS \ Ai Suite \ AiNap \ AiNap.exe
C: \ Program Files \ Common Files \ Ulead Systems \ AutoDetector \ monitor.exe
C: \ WINDOWS \ RTHDCPL.EXE
C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe
C: \ Program Files \ iTunes \ iTunesHelper.exe
C: \ Program Files \ ASUS \ huoltoliike \ 1.00.61 \ aaCenter.exe
C: \ WINDOWS \ system32 \ rundll32.exe
C: \ PROGRA ~ 1 \ ALWILS ~ 1 \ Avast4 \ ashDisp.exe
C: \ WINDOWS \ system32 \ Ctfmon.exe
C: \ WINDOWS \ system32 \ spoolsv.exe
C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
C: \ Program Files \ Bonjour \ mDNSResponder.exe
C: \ WINDOWS \ system32 \ nvsvc32.exe
C: \ WINDOWS \ System32 \ PSIService.exe
C: \ Program Files \ näkökulmasta \ Common \ ViewpointService.exe
C: \ Program Files \ Common Files \ pcsuite \ Services \ ServiceLayer.exe
C: \ Program Files \ iPod \ bin \ iPodService.exe
C: \ Program Files \ ALWIL Software \ Avast4 \ ashMaiSv.exe
C: \ Program Files \ ALWIL Software \ Avast4 \ ashWebSv.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ WINDOWS \ system32 \ s1S8Dh6X.exe
C: \ Program Files \ Adobe \ Reader 8.0 \ Reader \ AcroRd32.exe
C: \ PROGRA ~ 1 \ Common ~ 1 \ PC Connectivity Solution \ DATALA ~ 1 \ DATALA ~ 1.EXE
C: \ WINDOWS \ system32 \ conime.exe
C: \ Program Files \ CCleaner \ CCleaner.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ WINDOWS \ system32 \ wuauclt.exe
C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Common Files \ Adobe \ Acrobat \ ActiveX \ AcroIEHelper.dll
O2 - BHO: IE2EMBHO Class - (0A0DDBD3-6641-40B9-873F-BBDD26D6C14E) - C: \ Program Files \ easyMule \ modules \ IE2EM.dll
O2 - BHO: RealPlayer Download ja Record Plugin for Internet Explorer - (3049C3E9-B461-4BC5-8870-4C09146192CA) - C: \ Program Files \ Real \ RealPlayer \ rpbrowserrecordplugin.dll
O2 - BHO: (no name) - (7E853D72-626A-48EC-A868-BA8D5E23E045) - (no file)
O4 - HKLM \ .. \ Run: [PHIME2002ASync] C: \ WINDOWS \ System32 \ IME \ TINTLGNT \ TINTSETP.EXE / SYNC
O4 - HKLM \ .. \ Run: [PHIME2002A] C: \ WINDOWS \ System32 \ IME \ TINTLGNT \ TINTSETP.EXE / IMEName
O4 - HKLM \ .. \ Run: [Ai Nap] "C: \ Program Files \ ASUS \ Ai Suite \ AiNap \ AiNap.exe"
O4 - HKLM \ .. \ Run: [CPU Power Monitor] "C: \ Program Files \ ASUS \ Ai Suite \ AiGear3 \ CpuPowerMonitor.exe"
O4 - HKLM \ .. \ Run: [Cpu Level Up auttaa] C: \ Program Files \ ASUS \ Ai Suite \ CpuLevelUpHelp.exe
O4 - HKLM \ .. \ Run: [ASUS Energiansäästö] "C: \ Program Files \ ASUS \ Ai Suite \ EnergySaving \ PwSave.exe"
O4 - HKLM \ .. \ Run: [Ulead AutoDetector v2] C: \ Program Files \ Common Files \ Ulead Systems \ AutoDetector \ monitor.exe
O4 - HKLM \ .. \ Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM \ .. \ Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM \ .. \ Run: [TkBellExe] "C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe"-osboot
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe"
O4 - HKLM \ .. \ Run: [NvCplDaemon] rundll32.exe C: \ WINDOWS \ system32 \ NvCpl.dll, NvStartup
O4 - HKLM \ .. \ Run: [nwiz] nwiz.exe / install
O4 - HKLM \ .. \ Run: [NvMediaCenter] rundll32.exe C: \ WINDOWS \ system32 \ NvMcTray.dll, NvTaskbarInit
O4 - HKLM \ .. \ Run: [Adobe Reader Speed Launcher] "C: \ Program Files \ Adobe \ Reader 8.0 \ Reader \ Reader_sl.exe"
O4 - HKLM \ .. \ Run: [NSLauncher] C: \ Program Files \ Nokia \ Nokia Software Launcher \ NSLauncher.exe / käynnistys
O4 - HKLM \ .. \ Run: [avast!] C: \ PROGRA ~ 1 \ ALWILS ~ 1 \ Avast4 \ ashDisp.exe
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe
O4 - HKCU \ .. \ Run: [\ \ MING3 \ EPSON Stylus C120 Series] C: \ WINDOWS \ System32 \ spool \ DRIVERS \ W32X86 \ 3 \ E_FATIC CA.EXE / FU "C: \ DOCUME ~ 1 \ MKJ \ LOCALS ~ 1 \ Temp \ E_S13.tmp "/ EF" HKCU "
O4 - HKCU \ .. \ Run: [PcSync] C: \ Program Files \ Nokia \ Nokia PC Suite 6 \ PcSync2.exe / NoDialog
O4 - HKCU \ .. \ Run: [Uniblue RegistryBooster 2009] C: \ Program Files \ Uniblue \ RegistryBooster \ RegistryBooster.exe / S
O4 - HKUS \ S-1-5-19 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ System32 \ Ctfmon.exe (User 'LOCAL SERVICE')
O4 - HKUS \ S-1-5-20 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ System32 \ Ctfmon.exe (User 'NETWORK SERVICE')
O4 - HKUS \ S-1-5-18 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ System32 \ Ctfmon.exe (User 'SYSTEM')
O4 - HKUS \. DEFAULT \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ System32 \ Ctfmon.exe (User 'Default user')
O8 - Extra yhteydessä valikkotoimintoa: Lisää Google Photos Screensa & ver - res: / / C: \ WINDOWS \ system32 \ GPhotos.scr/200
O8 - Extra context menu item: Download by easyMule - C: \ Program Files \ easyMule \ IE2EM.htm
O9 - Extra button: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra button: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O15 - ESC Luotetut Alue: http:// *. update.microsoft.com
O16 - DPF: (0CCA191D-13A6-4E29-B746-314DEE697D83) (Facebook Photo Uploader 5 Control) -- http://upload.facebook.com/controls/...oUploader5.cab
O16 - DPF: (6414512B-B978-451D-A0D8-FCFDF33E833C) (WUWebControl Class) -- http://www.update.microsoft.com/wind...?1224821007296
O16 - DPF: (6E32070A-766D-4EE6-879C-DC1FA91D2FC3) (MUWebControl Class) -- http://www.update.microsoft.com/micr...?1224825458984
O16 - DPF: (D27CDB6E-AE6D-11CF-96B8-444553540000) (Shockwave Flash Object) -- http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O23 - Service: Apple Mobile Device - Apple Inc. - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C: \ Program Files \ ALWIL Software \ Avast4 \ aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C: \ Program Files \ ALWIL Software \ Avast4 \ ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C: \ Program Files \ ALWIL Software \ Avast4 \ ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C: \ Program Files \ ALWIL Software \ Avast4 \ ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C: \ Program Files \ Bonjour \ mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C: \ Program Files \ iPod \ bin \ iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C: \ WINDOWS \ system32 \ nvsvc32.exe
O23 - Service: ProtexisLicensing - Unknown owner - C: \ WINDOWS \ System32 \ PSIService.exe
O23 - Service: ServiceLayer - Nokia. - C: \ Program Files \ Common Files \ pcsuite \ Services \ ServiceLayer.exe
O23 - Service: näkökulmasta Manager Service - näkökulmasta Corporation - C: \ Program Files \ näkökulmasta \ Common \ ViewpointService.exe
--
End of file - 7422 bytes



Mikä on seuraava askel?

Thanks for your help.
  #4  
Old 6 marraskuu 2008, 16:53
Moderator Group
  
Default Virus: iexplore.exe kuin järjestelmän prosessi

Epäilyttäviä tiedostoja scan

Siirry VirSCAN.org VAPAA-on-line-scan palvelun
(Jos useampi kuin yksi tiedosto tarvitsee skannata ne on tehtävä erikseen ja lokit lähetetty kunkin yksi)

1. Kopioi ja liitä seuraava tiedostopolku osaksi Epäilyttäviä tiedostoja scan laatikko sivulla.
Code:
C: \ WINDOWS \ system32 \ s1S8Dh6X.exe
2. Kun lataa osoittamalla kerran sisällä ikkunan vieressä Selaa.
3. Paina Ctrl + V -näppäintä (molemmat samanaikaisesti) liittää tiedoston polku ikkuna.
4. Klikkaa Upload painiketta.
Tämä tulee tehdä tarkistuksen useiden eri virustarkistusta moottoreita.
Tiedostosi mahdollisesti tulleet jonoon joka kestää yleensä alle minuutissa selvä.
Tärkeää: Odota kaikki hakunopeutta moottoreiden valmis.
5. Kun skannaus on valmis siirry alas ja klikkaa Kopioi leikepöydälle painiketta. Tämä kopioi linkki raportista Leikepöytä.
6. Liitä sisältöä Leikepöytä näkyy seuraavassa vastausta.
__________________
  #5  
Old 6 marraskuu 2008, 17:19
Uusi Jäsen
  
Default Virus: iexplore.exe kuin järjestelmän prosessi

Tässä on leikepöydälle tiedot tiedoston s1S8Dh6X.exe.

Tiedoston tiedot Tiedoston nimi: s1S8Dh6X.exeFile Koko: 62464 byteFile Tyyppi: PE32 executable for MS Windows (GUI) Intel 80386 32-bitMD5: 895f4e2eed5a30e317460e66989042d0SHA1: 8d133ba222ce2d511ff28d900586e79041a8b4cfScanner tulokset Skanneri Tulokset: 8% Scanner (3 / 39) löytyi haittaohjelmia! Aika: 2008 / 11/06 19:15:08 (EST)ScannerMoottorin VerSig VerSig PäiväysScan tulosAika-squared4.0.0.232008.11.032008-11-03--
1.832AhnLab V32008.11.07.012008.11.072008-11-07--
0.987AntiVir7.9.0.267.1.0.492008-11-06--
1.503Antiy2.0.1820081106.15602992008-11-06--
0.122Arcavir1.0.52008110611442008-11-06--
1.227Authentium5.1.12008110611422008-11-06--
1.367AVAST! 3.0.1081106-02008-11-06--
0.725AVG7.5.52.442270.9.0/17722008-11-06Clicker.TXO
1.691BitDefender7.60825.20709477.217192008-11-07--
3.401CA (VET) 9.0.0.14331.6.61952008-11-06--
7.230ClamAV0.9485842008-11-07--
0.021Comodo2.112.0.0.6992008-11-06--
0.422CP Secure1.1.0.7152008.11.062008-11-06--
6.447Dr.Web4.44.0.91702008.11.062008-11-06--
3.465ewido4.0.0.22008.11.062008-11-06--
3.024F-Prot4.4.4.56200811062008-11-06--
1.293F-Secure5.51.61002008.11.06.112008-11-06--
3.681Fortinet2.81-3.1179.6922008-11-06--
0.215GData19.1393/19.94200811072008-11-07--
2.739IkarusT3.1.01.452008.11.06.718072008-11-06--
3.517JiangMin11.0.7062008.11.062008-11-06--
1.312Kaspersky5.5.102008.11.062008-11-06--
0.034KingSoft2008.9.8.182008.11.6.202008-11-06--
0.690McAfee5.3.0054262008-11-06--
2.352Microsoft1.41042008.11.072008-11-07--
8.785mks_vir2.012008.11.062008-11-06--
2.720Norman5.93.015.93.002008-11-06--
5.480nProtect2008-11-06,0023828662008-11-06--
5.379Panda9.05.012008.11.062008-11-06--
3.744Quick Heal9.502008.09.122008-09-12--
2.520Rising20.021.02.32.002008-11-06--
3.054Sophos2.80.04.352008-11-07Mal / EncPk-CZ
1.881Sunbelt3.1.1783.223742008-11-04--
1.058Symantec1.3.0.2420081106.0042008-11-06Infostealer
0.046The Hacker6.3.1.1v001432008-11-06--
0.445Trend Micro8.700-10045.642.172008-11-06--
0.028VBA323.12.8.920081106.17172008-11-06--
1.390ViRobot200811052008.11.052008-11-05--
0.398VirusBuster4.5.11.1010.90.27/6712492008-11-06--
0.876Thanks
  #6  
Old 6 marraskuu 2008, 17:30
Uusi Jäsen
  
Default Virus: iexplore.exe kuin järjestelmän prosessi

http://virscan.org/report/3510c11282...b9674c0c1.html

thats linkki skannatun tiedoston.
  #7  
Old 6 marraskuu 2008, 17:39
Moderator Group
  
Default Virus: iexplore.exe kuin järjestelmän prosessi

Lataa ComboFix jonka Subs jonkin alle linkkejä. Olla varma alkuun tallentaa ne Desktop.

Linkki # 1
Linkki # 2

** Huomautus: On tärkeää, että se on tallennettu suoraan Desktopin

Sulje kaikki avoimet Internet-selaimissa. (Firefox, Internet Explorer jne.) ennen ComboFix.

Väliaikaisesti poistaa käytöstä sinun antivirus, Ja mikä tahansa AntiSpyware reaaliaikainen suoja ennen suorittamalla skannata. Valitse linkki nähdä luettelon tietoturvaohjelmia, että otetaan huomioon myös vammaisten ja miten poistaa ne käytöstä.

Kaksoisnapsauta combofix.exe ja seuraa ohjeita.

Windows XP Systems asentaa palautuskonsolin:

- Jos käytössäsi on Windows XP ja ei vielä ole palautuskonsolin asennettu, varmista, Internet-yhteys on aktiivinen (jos mahdollista) ja napsauta Kyllä.
- Jos jostain syystä Internet ei toimi napsauta Ei.
-- Jos et käytä Windows XP: n, sinun ei kehota.
- Kun kehotus hyväksyä käyttöoikeussopimus valitsemalla OK.
- Hyväksy Microsoftin EULA (Napsauta Kyllä).
- Kun sanotaan, että RC on asennettu oikein napsauta KYLLÄ jatkaa tarkistaisi haittaohjelmia.

Kun olet valmis ComboFix tuottaa lokin sinulle.
Postata ComboFix loki näkyy seuraavassa vastausta.

Tärkeää: Älä mouseclick ComboFix ikkunassa, kun se on käynnissä. Tämä saattaa aiheuttaa sen, pilttuu.

Muista uudelleen käyttöön virustentorjuntaohjelmasi ja antispyware suojelun ComboFix on valmis.
__________________
  #8  
Old 6 marraskuu 2008, 17:57
Uusi Jäsen
  
Default Virus: iexplore.exe kuin järjestelmän prosessi

ComboFix Kirjaudu

ComboFix 08-11-05.02 - MKJ 2008-11-06 19:51:34.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3144 [GMT -5:00]
Running from: C: \ Documents and Settings \ MKJ \ Desktop \ ComboFix.exe
.
((((((((((((((((((((((((( Files Created from 2008-10-07 to 2008-11-07 ))))))))))) ))))))))))))))))))))
.
2008-11-06 18:15. 2008-11-06 18:15 <KANSIO> d -------- C: \ Program Files \ CCleaner
2008-11-06 03:51. 2008-11-06 03:51 <KANSIO> d -------- C: \ Program Files \ Trend Micro
2008-11-06 03:22. 2008-11-06 03:22 <KANSIO> d -------- C: \ Program Files \ Alwil Software
2008-11-06 02:10. 2008-11-06 02:10 <KANSIO> d -------- C: \ Program Files \ Reference Assemblies
2008-11-06 02:07. 2008-11-06 02:07 <DIR> dr-h ----- C: \ AHCache
2008-11-05 23:11. 2008-11-06 02:12 <KANSIO> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ Uniblue
2008-11-05 22:05. 2008-11-05 22:05 <KANSIO> d -------- C: \ Documents and Settings \ Administrator \ Application Application Data \ Malwarebytes
2008-11-05 22:04. 2008-11-05 22:04 <KANSIO> d -------- C: \ Documents and Settings \ Administrator
2008-11-05 16:34. 2008-11-05 16:34 <KANSIO> d -------- C: \ Program Files \ Xanga Uploader
2008-11-05 16:34. 2008-11-05 16:34 <KANSIO> d -------- C: \ Documents and Settings \ MKJ \ Application Data \. Xuploader
2008-11-05 16:08. 2008-11-05 16:08 <KANSIO> d -------- C: \ Program Files \ Malwarebytes 'Anti-Malware
2008-11-05 16:08. 2008-11-05 16:08 <KANSIO> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ Malwarebytes
2008-11-05 16:08. 2008-11-05 16:08 <KANSIO> d -------- C: \ Documents and Settings \ All Users \ Application Application Data \ Malwarebytes
2008-11-05 16:08. 2008-10-22 16:10 38.496 - a ------ C: \ windows \ system32 \ drivers \ mbamswissarmy.sys
2008-11-05 16:08. 2008-10-22 16:10 15.504 - a ------ C: \ windows \ system32 \ drivers \ mbam.sys
2008-11-05 15:38. 2008-11-05 15:38 62.464 - a ------ C: \ windows \ system32 \ s1S8Dh6X.exe
2008-11-01 16:18. 2008-11-01 16:18 <KANSIO> d -------- C: \ windows \ system32 \ IOSUBSYS
2008-11-01 16:18. 2008-11-01 16:18 <KANSIO> d -------- C: \ Program Files \ Google
2008-10-28 02:00. 2008-10-28 02:00 <KANSIO> d -------- C: \ Program Files \ MSXML 4.0
2008-10-28 01:19. 2008-10-28 01:19 <KANSIO> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ Nokia
2008-10-28 01:19. 2008-10-28 01:19 <KANSIO> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ Datalayer
2008-10-28 01:18. 2008-10-30 05:43 <KANSIO> d -------- C: \ Documents and Settings \ MKJ \ Phone Browser
2008-10-28 00:55. 2008-10-28 00:55 <KANSIO> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ DivX
2008-10-28 00:54. 2008-10-28 00:54 <KANSIO> d -------- C: \ Program Files \ Windows Media Components
2008-10-28 00:54. 2005-06-10 09:43 73.728 - a ------ C: \ windows \ system32 \ ISUSPM.cpl
2008-10-28 00:50. 2008-10-28 00:50 <KANSIO> d -------- C: \ Program Files \ DIFX
2008-10-28 00:50. 2008-10-28 00:50 <KANSIO> d -------- C: \ Program Files \ Common Files \ Nokia
2008-10-28 00:50. 2008-10-28 00:58 <KANSIO> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ PC Suite
2008-10-28 00:50. 2008-10-28 00:58 <KANSIO> d -------- C: \ Documents and Settings \ All Users \ Application Data \ PC Suite
2008-10-28 00:50. 2008-10-28 00:50 <KANSIO> d -------- C: \ Documents and Settings \ All Users \ Application Application Data \ Downloaded Installations
2008-10-28 00:50. 2006-05-29 07:26 127.488 - a ------ C: \ windows \ system32 \ drivers \ nmwcd.sys
2008-10-28 00:50. 2006-05-29 07:26 50.688 - a ------ C: \ windows \ system32 \ nmwcdcls.dll
2008-10-28 00:50. 2006-05-29 07:26 30.720 - a ------ C: \ windows \ system32 \ nmwcdcocls.dll
2008-10-28 00:50. 2006-05-29 07:26 13.312 - a ------ C: \ windows \ system32 \ drivers \ nmwcdcm.sys
2008-10-28 00:50. 2006-05-29 07:26 13.312 - a ------ C: \ windows \ system32 \ drivers \ nmwcdcj.sys
2008-10-28 00:50. 2006-05-29 07:26 8.704 - a ------ C: \ windows \ system32 \ drivers \ nmwcdc.sys
2008-10-28 00:50. 2006-05-29 07:26 4.608 - a ------ C: \ windows \ system32 \ nmwcdlog.dll
2008-10-28 00:49. 2008-10-28 00:49 <KANSIO> d -------- C: \ Windows \ Downloaded Installations
2008-10-28 00:49. 2008-10-28 00:51 <KANSIO> d -------- C: \ Program Files \ Nokia
2008-10-28 00:49. 2008-10-28 00:50 <KANSIO> d -------- C: \ Program Files \ Common Files \ PC Connectivity Solution
2008-10-27 23:54. 2008-10-27 23:54 <KANSIO> d -------- C: \ Documents and Settings \ All Users \ Application Application Data \ EPSON
2008-10-27 21:55. 2008-10-27 21:55 <KANSIO> d -------- C: \ Program Files \ Ventrilo
2008-10-27 21:55. 2008-10-27 21:55 <KANSIO> d -------- C: \ Program Files \ Common Files \ Wise Installation Wizard
2008-10-27 21:55. 2008-10-27 21:56 <KANSIO> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ Ventrilo
2008-10-27 21:13. 2008-11-06 19:50 160.100 - a ------ C: \ windows \ system32 \ nvapps.xml
2008-10-27 21:05. 2008-11-05 16:09 <DIR> da ------ C: \ Documents and Settings \ All Users \ Application Application Data \ TEMP
2008-10-26 23:48. 2008-11-06 05:29 <KANSIO> d -------- C: \ Program Files \ easyMule
2008-10-26 13:53. 2008-10-26 13:53 <KANSIO> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ Viewpoint
2008-10-25 19:37. 2008-10-25 19:37 <KANSIO> d -------- C: \ Program Files \ iPod
2008-10-25 19:37. 2008-10-25 19:37 <KANSIO> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ Apple Computer
2008-10-25 19:37. 2008-04-17 12:12 107.368 - a ------ C: \ windows \ system32 \ GEARAspi.dll
2008-10-25 19:37. 2008-04-17 12:12 15.464 - a ------ C: \ windows \ system32 \ drivers \ GEARAspiWDM.sys
2008-10-25 19:36. 2008-10-25 19:36 <KANSIO> d -------- C: \ Program Files \ QuickTime
2008-10-25 19:36. 2008-10-25 19:37 <KANSIO> d -------- C: \ Program Files \ iTunes
2008-10-25 19:36. 2008-10-25 19:36 <KANSIO> d -------- C: \ Program Files \ Bonjour
2008-10-25 19:36. 2008-10-25 19:36 <KANSIO> d -------- C: \ Program Files \ Apple Software Update
2008-10-25 19:36. 2008-10-25 19:36 <KANSIO> d -------- C: \ Documents and Settings \ All Users \ Application Application Data \ Apple Computer
2008-10-25 19:36. 2008-10-25 19:37 <KANSIO> d -------- C: \ Documents and Settings \ All Users \ Application Data \ (3276BE95_AF08_429F_A64F_CA64CB79BCF6)
2008-10-25 19:35. 2008-10-25 19:36 <KANSIO> d -------- C: \ Program Files \ Common Files \ Apple
2008-10-25 19:35. 2008-10-25 19:35 <KANSIO> d -------- C: \ Documents and Settings \ All Users \ Application Application Data \ Apple
2008-10-24 18:11. 2007-07-30 18:19 271.224 - a ------ C: \ windows \ system32 \ mucltui.dll
2008-10-24 18:11. 2007-07-30 18:19 30.072 - a ------ C: \ windows \ system32 \ mucltui.dll.mui
2008-10-24 15:39. 2008-10-24 15:39 <KANSIO> d -------- C: \ Documents and Settings \ All Users \ Application Application Data \ Blizzard
2008-10-24 14:24. 2008-10-24 14:24 <KANSIO> d -------- C: \ Program Files \ Real
2008-10-24 14:24. 2008-10-24 14:24 <KANSIO> d -------- C: \ Program Files \ Common Files \ xing jaettu
2008-10-24 14:24. 2008-10-24 14:24 <KANSIO> d -------- C: \ Program Files \ Common Files \ Real
2008-10-24 14:07. 2008-10-24 14:07 <KANSIO> d -------- C: \ Documents and Settings \ MKJ \ Logs
2008-10-24 13:59. 2008-10-24 13:59 <KANSIO> d -------- C: \ Logs
2008-10-24 10:05. 2008-10-27 21:15 <KANSIO> d -------- C: \ windows \ nview
2008-10-24 10:05. 2008-01-10 01:30 442.368-ra ------ C: \ windows \ system32 \ nvusmb.exe
2008-10-24 10:05. 2008-03-06 15:23 442.368 - a ------ C: \ windows \ system32 \ NVUNINST.EXE
2008-10-24 10:05. 2008-03-19 04:04 442.368 - a ------ C: \ windows \ system32 \ nvudisp.exe
2008-10-24 10:05. 2007-09-27 22:32 356.352-ra ------ C: \ windows \ system32 \ nvusmu.exe
2008-10-24 10:05. 2008-01-03 17:26 17.737 - a ------ C: \ windows \ system32 \ nvdisp.nvu
2008-10-24 10:05. 2007-10-12 03:53 13.312-ra ------ C: \ windows \ system32 \ drivers \ nvsmu.sys
2008-10-24 10:05. 2007-12-07 03:12 5.836 - a ------ C: \ windows \ system32 \ nvnrm.nvu
2008-10-24 10:05. 2008-01-16 17:17 3.948-ra ------ C: \ windows \ system32 \ drivers \ nvphy.bin
2008-10-24 10:05. 2007-12-07 01:34 2.016-ra ------ C: \ windows \ system32 \ nvsmb.nvu
2008-10-24 10:05. 2007-09-12 01:14 659-ra ------ C: \ windows \ system32 \ nvsmu.nvu
2008-10-24 10:04. 2008-10-23 22:44 35.647 - a ------ C: \ windows \ Ascd_log.ini
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))) ))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-06 10:37 --------- d ----- WC: \ program files \ AIMTunes
2008-11-04 21:36 --------- d ----- WC: \ Program Files \ World of Warcraft
2008-10-28 05:55 --------- d ----- WC: \ Program Files \ Common Files \ Ulead Systems
2008-10-28 05:55 --------- d ----- WC: \ Documents and Settings \ MKJ \ Application Data \ Ulead Systems
2008-10-28 05:54 --------- d ----- WC: \ Program Files \ Ulead Systems
2008-10-28 05:54 --------- d ----- WC: \ Documents and Settings \ All Users \ Application Application Data \ Ulead Systems
2008-10-28 05:53 --------- d - h - WC: \ Program Files \ InstallShield Installation Information
2008-10-28 05:02 --------- d ----- WC: \ Program Files \ Common Files \ Adobe
2008-10-24 19:24 499.712 ---- aw C: \ windows \ system32 \ msvcp71.dll
2008-10-24 19:24 348.160 ---- aw C: \ windows \ system32 \ msvcr71.dll
2008-10-24 14:51 --------- d ----- WC: \ Program Files \ Microsoft FrontPage
2008-10-24 07:55 --------- d ----- WC: \ Program Files \ MSN Messenger
2008-10-24 06:09 --------- d ----- WC: \ Program Files \ Microsoft CAPICOM 2.1.0.2
2008-10-24 05:44 --------- d ----- WC: \ Program Files \ Winamp
2008-10-24 05:44 --------- d ----- WC: \ Documents and Settings \ MKJ \ Application Data \ Winamp
2008-10-24 05:40 --------- d ----- WC: \ Documents and Settings \ MKJ \ Application Data \ acccore
2008-10-24 05:39 --------- d ----- WC: \ program files \ AIM6
2008-10-24 05:39 --------- d ----- WC: \ Documents and Settings \ All Users \ Application Application Data \ AOL Downloads
2008-10-24 05:38 --------- d ----- WC: \ Program Files \ Viewpoint
2008-10-24 05:38 --------- d ----- WC: \ Program Files \ Common Files \ AOL
2008-10-24 05:38 --------- d ----- WC: \ Documents and Settings \ All Users \ Application Application Data \ Viewpoint
2008-10-24 05:38 --------- d ----- WC: \ Documents and Settings \ All Users \ Application Application Data \ AOL OCP
2008-10-24 05:38 --------- d ----- WC: \ Documents and Settings \ All Users \ Application Application Data \ AOL
2008-10-24 05:38 --------- d ----- WC: \ Documents and Settings \ All Users \ Application Application Data \ acccore
2008-10-24 05:32 --------- d ----- WC: \ Program Files \ Common Files \ Blizzard Entertainment
2008-10-24 05:20 --------- d ----- WC: \ Program Files \ Windows Media Connect 2
2008-10-24 05:10 --------- d ----- WC: \ Program Files \ DivX
2008-10-24 05:08 --------- d ----- WC: \ program files \ DefilerPak
2008-10-24 04:37 --------- d ----- WC: \ Program Files \ Realtek
2008-10-24 04:33 --------- d ----- WC: \ Documents and Settings \ All Users \ Application Data \ Symantec
2008-10-24 04:18 --------- d ----- WC: \ Program Files \ Common Files \ Symantec Shared
2008-10-24 03:58 --------- d ----- WC: \ Documents and Settings \ All Users \ Application Application Data \ InstallShield
2008-10-24 03:57 --------- d ----- WC: \ Program Files \ Common Files \ InstallShield
2008-10-24 03:54 --------- d ----- WC: \ Documents and Settings \ All Users \ Application Application Data \ Corel
2008-10-24 03:33 --------- d ----- WC: \ Program Files \ ASUS
2008-10-24 03:08 315.392 ---- aw C: \ windows \ HideWin.exe
2008-10-24 03:08 --------- d ----- WC: \ Program Files \ profiilia
2008-10-24 00:18 2.302.017 ---- aw C: \ windows \ system32 \ GPhotos.scr
2008-09-23 22:46 245.408 ---- aw C: \ windows \ system32 \ unicows.dll
2008-09-15 12:12 1.846.400 ---- aw C: \ Windows \ system32 \ Win32k.sys
2008-09-08 10:41 333.824 ---- aw C: \ windows \ system32 \ drivers \ Srv.sys
2008-08-29 14:18 87.336 ---- aw C: \ windows \ system32 \ dns-sd.exe
2008-08-29 13:53 61.440 ---- aw C: \ windows \ system32 \ dnssd.dll
2008-08-26 07:24 826.368 ---- aw C: \ Windows \ system32 \ Wininet.dll
2008-08-14 10:09 2.145.280 ---- aw C: \ windows \ system32 \ ntoskrnl.exe
2008-08-14 09:33 2.023.936 ---- aw C: \ windows \ system32 \ ntkrnlpa.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))) ))))))))))))))))))))))))))))))))))))))))
.
.
* Note * empty entries & legit default merkinnät eivät näy
REGEDIT4
[HKEY_LOCAL_MACHINE \ ~ \ Browser Helper Objects \ (0A0DDBD3-6641-40B9-873F-BBDD26D6C14E)]
2008-10-23 02:37 147928 - a ------ C: \ Program Files \ easyMule \ modules \ IE2EM.dll
[HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ Run]
"CTFMON.EXE" = "C: \ windows \ system32 \ CTFMON.EXE" [2008-04-13 15360]
"\ \ MING3 \ EPSON Stylus C120 Series "=" C: \ Windows \ System32 \ spool \ DRIVERS \ W32X86 \ 3 \ E_FATICCA.EXE "[2007-03-12 182272]
"PcSync" = "C: \ Program Files \ Nokia \ Nokia PC Suite 6 \ PcSync2.exe" [2006-06-27 1449984]
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ curr entVersion \ Run]
"PHIME2002ASync" = "C: \ Windows \ System32 \ IME \ TINTLGNT \ TINTSETP.EXE" [2004-08-04 455168]
"PHIME2002A" = "C: \ Windows \ System32 \ IME \ TINTLGNT \ TIN TSETP.EXE" [2004-08-04 455168]
"Ai Nap" = "C: \ Program Files \ ASUS \ Ai Suite \ AiNap \ AiNap.exe" [2008-01-28 1413120]
"CPU Power Monitor" = "C: \ Program Files \ ASUS \ Ai Suite \ AiGear3 \ CpuPowerMonitor.exe" [2008-01-09 627200]
"CPU Level Up help" = "C: \ Program Files \ ASUS \ Ai Suite \ CpuLevelUpHelp.exe" [2007-11-30 881152]
"ASUS Energiansäästö" = "C: \ Program Files \ ASUS \ Ai Suite \ EnergySaving \ PwSave.exe" [2008-01-28 1352704]
"Ulead AutoDetector v2" = "C: \ Program Files \ Common Files \ Ulead Systems \ AutoDetector \ monitor.exe" [2006-11-29 90112]
"SunJavaUpdateSched" = "C: \ Program Files \ Common Files \ Real \ qttask.exe" [2008-10-24 185872]
"QuickTime Task" = "C: \ Program Files \ QuickTime \ qttask.exe" [2008-09-06 413696]
"iTunesHelper" = "C: \ Program Files \ iTunes \ iTunesHelper.exe" [2008-10-01 289576]
"NvCplDaemon" = "C: \ WINDOWS \ system32 \ ctfmon.exe" [2008-01-03 13508608]
"NvMediaCenter" = "C: \ WINDOWS \ system32 \ NvMcTray. Dll" [2008-01-03 86016]
"Adobe Reader Speed Launcher" = "C: \ Program Files \ Adobe \ Reader 8.0 \ Reader \ Reader_sl.exe" [2008-01-11 39792]
"NSLauncher" = "C: \ Program Files \ Nokia \ Nokia Software Launcher \ NSLauncher.exe" [2006-11-28 2658304]
"avast!" = "c: \ progra ~ 1 \ ALWILS ~ 1 \ Avast4 \ ashDisp. exe" [2008-07-19 78008]
"RTHDCPL" = "RTHDCPL.EXE" [2008-05-07 C: \ windows \ RTHDCPL.exe]
"nwiz" = "nwiz.exe" [2008-01-03 C: \ WINDOWS \ system32 \ nwiz.exe]
[HKEY_USERS \. DEFAULT \ Software \ Microsoft \ Windows \ Cur rentVersion \ Run]
"CTFMON.EXE" = "C: \ Windows \ System32 \ CTFMON.EXE" [2008-04-13 15360]
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ drivers32]
"msacm.dvacm" = C: \ progra ~ 1 \ Common ~ 1 \ ULEADS ~ 1 \ Vio \ Dvacm.acm
"msacm.divxa32" = DivXa32.acm
"msacm.ulmp3acm" = C: \ PROGRA ~ 1 \ Common ~ 1 \ ULEADS ~ 1 \ MPEG \ ulmp3acm.acm
"msacm.mpegacm" = C: \ PROGRA ~ 1 \ Common ~ 1 \ ULEADS ~ 1 \ MPEG \ mpegacm.acm
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ dotnet3.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ dotnet3 [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ dotnet3 [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ dotnetfx.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ dotnetfx3.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ dotnetfx30SP1setup.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ dotnetfx30SP1setup [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ dotnetfx30SP1setup [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ dotnetfx35.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ dotnetfx35setup.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ dotnetfx35setup [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ dotnetfx35setup [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ dotnetfx35 [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ dotnetfx35 [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ dotnetfx3setup.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ dotnetfx3setup [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ dotnetfx3setup [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ dotnetfx3 [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ dotnetfx3 [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ dotnetfx3_ia64.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ dotnetfx3_ia64 [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ dotnetfx3_ia64 [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ dotnetfx3_x64.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ dotnetfx3_x64 [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ dotnetfx3_x64 [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ dotnetfx [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ dotnetfx [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx20SP1_ia64.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx20SP1_ia64 [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx20SP1_ia64 [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx20SP1_x64.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx20SP1_x64 [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx20SP1_x64 [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx20SP1_x86.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx20SP1_x86 [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx20SP1_x86 [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx20SP2_ia64.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx20SP2_ia64 [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx20SP2_ia64 [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx20SP2_x64.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx20SP2_x64 [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx20SP2_x64 [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx20SP2_x86.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx20SP2_x86 [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx20SP2_x86 [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx30SP1_x64.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx30SP1_x64 [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx30SP1_x64 [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx30SP1_x86.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx30SP1_x86 [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx30SP1_x86 [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx35_ia64.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx35_ia64 [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx35_ia64 [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx35_x64.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx35_x64 [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx35_x64 [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx35_x86.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx35_x86 [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx35_x86 [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx64.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx64 [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx64 [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKLM \ ~ \ Services \ sharedaccess \ Parameters \ firewallpo licy \ standardprofile \ AuthorizedApplications \ List]
"% windir% \ \ system32 \ \ sessmgr.exe" =
"% windir% \ \ Network Diagnostic \ \ xpnetdiag.exe" =
"c: \ \ Program Files \ \ Common Files \ \ AOL \ \ Loader \ \ aolload.exe" =
"c: \ \ Program Files \ \ AIM6 \ \ aim6.exe" =
"C: \ \ Program Files \ \ World of Warcraft \ \ WoW-2.3.0-enUS-Downloader.exe" =
"c: \ \ Program Files \ \ MSN Messenger \ \ msnmsgr.exe" =
"c: \ \ Program Files \ \ MSN Messenger \ \ livecall.exe" =
"c: \ \ Program Files \ \ Bonjour \ \ mDNSResponder.exe" =
"c: \ \ Program Files \ \ iTunes \ \ iTunes.exe" =
"C: \ \ Program Files \ \ easyMule \ \ emule.exe" =
[HKLM \ ~ \ Services \ sharedaccess \ Parameters \ firewallpo licy \ standardprofile \ GloballyOpenPorts \ List]
"3724: TCP" = 3724: TCP: Blizzard Downloader: 3724
"12178: TCP" = 12178: TCP: BitComet 12178 TCP:
"12178: UDP" = 12178: UDP: BitComet 12178 UDP:
R1 aswSP; avast! Self Protection; c: \ windows \ system32 \ drivers \ aswSP.sys [2008-07-19 78416]
R2 aswFsBlk; aswFsBlk c: \ windows \ system32 \ DRIVERS \ aswF sBlk.sys [2008-07-19 20560]
R2 Viewpoint Manager Service; Viewpoint Manager Service C: \ Program Files \ Viewpoint \ Common \ ViewpointService.exe [2007-01-04 24652]
R3 NVHDA; Service NVIDIA High Definition Audio Driver c: \ windows \ system32 \ drivers \ nvhda32.sys [2008-05-04 38560]
.
Contents of the 'Scheduled Tasks-kansioon
2008-11-01 C: \ Windows \ Tasks \ AppleSoftwareUpdate.job
- C: \ program files \ Apple Software Update \ SoftwareUpdate.exe [2008-07-30 11:34]
2008-11-06 C: \ Windows \ Tasks \ At1.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008-11-06 C: \ Windows \ Tasks \ At10.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008-11-06 C: \ Windows \ Tasks \ At11.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008-11-06 C: \ Windows \ Tasks \ At12.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008-11-06 C: \ Windows \ Tasks \ At13.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008-11-06 C: \ Windows \ Tasks \ At14.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008-11-06 C: \ Windows \ Tasks \ At15.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008-11-06 C: \ Windows \ Tasks \ At16.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008-11-06 C: \ Windows \ Tasks \ At17.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008-11-06 C: \ Windows \ Tasks \ At18.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008-11-06 C: \ Windows \ Tasks \ At19.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008-11-06 C: \ Windows \ Tasks \ At2.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008-11-07 C: \ Windows \ Tasks \ At20.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008-11-06 C: \ Windows \ Tasks \ At21.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008-11-06 C: \ Windows \ Tasks \ At22.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008-11-06 C: \ Windows \ Tasks \ At23.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008-11-06 C: \ Windows \ Tasks \ At24.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008-11-06 C: \ Windows \ Tasks \ At3.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008-11-06 C: \ Windows \ Tasks \ At4.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008-11-06 C: \ Windows \ Tasks \ At5.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008-11-06 C: \ Windows \ Tasks \ At6.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008-11-06 C: \ Windows \ Tasks \ At7.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008-11-06 C: \ Windows \ Tasks \ At8.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008-11-06 C: \ Windows \ Tasks \ At9.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
.
- - - - Orvolla poistettu - - - --
HKLM-Run-Uniblue RegistryBooster 2009 - C: \ Program Files \ Uniblue \ RegistryBooster \ RegistryBooster.exe
MSConfigStartUp-Uniblue RegistryBooster 2009 - C: \ Program Files \ Uniblue \ RegistryBooster \ RegistryBooster.exe

.
------- Supplementary Scan -------
.
R0 -: HKCU-Main, Start Page = noin: tyhjä
R1 -: HKCU-Internet Settings, ProxyOverride = *. paikallisten
O8 -: Add to Google Kuvat Screensa & ver - C: \ windows \ system32 \ GPhotos.scr/200
O8 -: Download by easyMule - C: \ Program Files \ easyMule \ IE2EM.htm
.
************************************************** ************************
catchme 0.3.1367 W2K/XP/Vista - rootkit / varkain haittaohjelmien detektori on Gmer, http://www.gmer.net
Rootkit scan 2008-11-06 19:54:20
Windows 5.1.2600 Service Pack 3 NTFS
skannaus piilotettu prosessien ...
skannaus piilotettu Autostart merkinnät ...
skannaus piilotetut tiedostot ...
scan loppuun onnistuneesti
piilotetut tiedostot: 0
************************************************** ************************
.
Täydennys aika: 2008-11-06 19:54:45
ComboFix-karanteenissa-files.txt 2008-11-07 00:54:42
Pre-Run: 41621639168 tavua vapaana
Post-Run: 41699291136 tavua vapaana
396 --- EOF --- 2008-10-28 07:00:21
  #9  
Old 6 marraskuu 2008, 18:28
Moderator Group
  
Default Virus: iexplore.exe kuin järjestelmän prosessi

Huom: seuraavat ohjeet on luotu erityisesti tälle käyttäjälle. Jos et ole tämän käyttäjän, ÄLÄ noudattaa näitä ohjeita, koska ne saattavat vahingoittaa toimintaa järjestelmän

Poista nämä tiedostot / kansiot, seuraavasti:

1. Siirry Alku > Juosta > Tyyppi Notepad.exe ja napsauta OK Avaa Muistio.
Se täytyä on Muistiossa ei Wordpad.
2. Kopioi teksti jäljempänä koodi ruutuun korostamalla kaiken tekstin ja painamalla Ctrl + C

Code:
Killall:: File:: C: \ Windows \ system32 \ s1S8Dh6X.exe C: \ Windows \ Tasks \ At1.job C: \ Windows \ Tasks \ At10.job C: \ Windows \ Tasks \ At11.job C: \ Windows \ Tasks \ At12.job C: \ Windows \ Tasks \ At13.job C: \ Windows \ Tasks \ At14.job C: \ Windows \ Tasks \ At15.job C: \ Windows \ Tasks \ At16.job C: \ windows \ Tasks \ At17.job C: \ Windows \ Tasks \ At18.job C: \ Windows \ Tasks \ At19.job C: \ Windows \ Tasks \ At2.job C: \ Windows \ Tasks \ At20.job C: \ windows \ Tasks \ At21.job C: \ Windows \ Tasks \ At22.job C: \ Windows \ Tasks \ At23.job C: \ Windows \ Tasks \ At24.job C: \ Windows \ Tasks \ At3.job C: \ windows \ Tasks \ At4.job C: \ Windows \ Tasks \ At5.job C: \ Windows \ Tasks \ At6.job C: \ Windows \ Tasks \ At7.job C: \ Windows \ Tasks \ At8.job C: \ windows \ Tasks \ At9.job
3. Go to Notepadia ikkunasta ja napsauta Muokkaa > Liitä
4. Valitse sitten Tiedosto > Tallentaa
5. Nimeä tiedosto CFScript.txt - Tallenna tiedosto Desktop
6. Vedä CFScript (Pidä vasenta hiiren painiketta, kun vetämällä tiedosto) ja pudottaa sen (vapauta hiiren vasen painike) osaksi ComboFix.exe kuten näette kuvakaappaus alla. Tärkeää: Tehdään tämä ohje huolellisesti!



ComboFix alkaa toteuttaa, seuraa ohjeita.
After reboot (jos se kysyy käynnistää), se tuottaa lokin sinulle.
Post että log (Combofix.txt) näkyy seuraavassa vastausta.

Huom: Älä mouseclick ComboFix ikkunassa, kun se on käynnissä. Tämä voi aiheuttaa järjestelmän jäätyä
__________________
  #10  
Old 6 marraskuu 2008, 18:37
Uusi Jäsen
  
Default Virus: iexplore.exe kuin järjestelmän prosessi

ComboFix Kirjaudu

ComboFix 08-11-05.02 - MKJ 2008-11-06 20:31:01.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2458 [GMT -5:00]
Running from: C: \ Documents and Settings \ MKJ \ Desktop \ ComboFix.exe
Command kytkimiä käytetään:: C: \ Documents and Settings \ MKJ \ Desktop \ CFScript.txt
* Luonut uuden palautuspisteen
FILE::
C: \ windows \ system32 \ s1S8Dh6X.exe
c: \ windows \ Tasks \ At1.job
C: \ Windows \ Tasks \ At10.job
C: \ Windows \ Tasks \ At11.job
C: \ Windows \ Tasks \ At12.job
C: \ Windows \ Tasks \ At13.job
C: \ Windows \ Tasks \ At14.job
C: \ Windows \ Tasks \ At15.job
C: \ Windows \ Tasks \ At16.job
C: \ Windows \ Tasks \ At17.job
C: \ Windows \ Tasks \ At18.job
C: \ Windows \ Tasks \ At19.job
C: \ Windows \ Tasks \ At2.job
C: \ Windows \ Tasks \ At20.job
C: \ Windows \ Tasks \ At21.job
C: \ Windows \ Tasks \ At22.job
C: \ Windows \ Tasks \ At23.job
C: \ Windows \ Tasks \ At24.job
C: \ Windows \ Tasks \ At3.job
C: \ Windows \ Tasks \ At4.job
C: \ Windows \ Tasks \ At5.job
C: \ Windows \ Tasks \ At6.job
C: \ Windows \ Tasks \ At7.job
C: \ Windows \ Tasks \ At8.job
C: \ Windows \ Tasks \ At9.job
.
((((((((((((((((((((((((((((((((((((((( Muut Poistetut ))))))))) ))))))))))))))))))))))))))))))))))))))))
.
C: \ windows \ system32 \ s1S8Dh6X.exe
c: \ windows \ Tasks \ At1.job
C: \ Windows \ Tasks \ At10.job
C: \ Windows \ Tasks \ At11.job
C: \ Windows \ Tasks \ At12.job
C: \ Windows \ Tasks \ At13.job
C: \ Windows \ Tasks \ At14.job
C: \ Windows \ Tasks \ At15.job
C: \ Windows \ Tasks \ At16.job
C: \ Windows \ Tasks \ At17.job
C: \ Windows \ Tasks \ At18.job
C: \ Windows \ Tasks \ At19.job
C: \ Windows \ Tasks \ At2.job
C: \ Windows \ Tasks \ At20.job
C: \ Windows \ Tasks \ At21.job
C: \ Windows \ Tasks \ At22.job
C: \ Windows \ Tasks \ At23.job
C: \ Windows \ Tasks \ At24.job
C: \ Windows \ Tasks \ At3.job
C: \ Windows \ Tasks \ At4.job
C: \ Windows \ Tasks \ At5.job
C: \ Windows \ Tasks \ At6.job
C: \ Windows \ Tasks \ At7.job
C: \ Windows \ Tasks \ At8.job
C: \ Windows \ Tasks \ At9.job
.
((((((((((((((((((((((((( Files Created from 2008-10-07 to 2008-11-07 ))))))))))) ))))))))))))))))))))
.
2008-11-06 18:15. 2008-11-06 18:15 <KANSIO> d -------- C: \ Program Files \ CCleaner
2008-11-06 03:51. 2008-11-06 03:51 <KANSIO> d -------- C: \ Program Files \ Trend Micro
2008-11-06 03:22. 2008-11-06 03:22 <KANSIO> d -------- C: \ Program Files \ Alwil Software
2008-11-06 02:10. 2008-11-06 02:10 <KANSIO> d -------- C: \ Program Files \ Reference Assemblies
2008-11-06 02:07. 2008-11-06 02:07 <DIR> dr-h ----- C: \ AHCache
2008-11-05 23:11. 2008-11-06 02:12 <KANSIO> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ Uniblue
2008-11-05 22:05. 2008-11-05 22:05 <KANSIO> d -------- C: \ Documents and Settings \ Administrator \ Application Application Data \ Malwarebytes
2008-11-05 22:04. 2008-11-05 22:04 <KANSIO> d -------- C: \ Documents and Settings \ Administrator
2008-11-05 16:34. 2008-11-05 16:34 <KANSIO> d -------- C: \ Program Files \ Xanga Uploader
2008-11-05 16:34. 2008-11-05 16:34 <KANSIO> d -------- C: \ Documents and Settings \ MKJ \ Application Data \. Xuploader
2008-11-05 16:08. 2008-11-05 16:08 <KANSIO> d -------- C: \ Program Files \ Malwarebytes 'Anti-Malware
2008-11-05 16:08. 2008-11-05 16:08 <KANSIO> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ Malwarebytes
2008-11-05 16:08. 2008-11-05 16:08 <KANSIO> d -------- C: \ Documents and Settings \ All Users \ Application Application Data \ Malwarebytes
2008-11-05 16:08. 2008-10-22 16:10 38.496 - a ------ C: \ windows \ system32 \ drivers \ mbamswissarmy.sys
2008-11-05 16:08. 2008-10-22 16:10 15.504 - a ------ C: \ windows \ system32 \ drivers \ mbam.sys
2008-11-01 16:18. 2008-11-01 16:18 <KANSIO> d -------- C: \ windows \ system32 \ IOSUBSYS
2008-11-01 16:18. 2008-11-01 16:18 <KANSIO> d -------- C: \ Program Files \ Google
2008-10-28 02:00. 2008-10-28 02:00 <KANSIO> d -------- C: \ Program Files \ MSXML 4.0
2008-10-28 01:19. 2008-10-28 01:19 <KANSIO> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ Nokia
2008-10-28 01:19. 2008-10-28 01:19 <KANSIO> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ Datalayer
2008-10-28 01:18. 2008-10-30 05:43 <KANSIO> d -------- C: \ Documents and Settings \ MKJ \ Phone Browser
2008-10-28 00:55. 2008-10-28 00:55 <KANSIO> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ DivX
2008-10-28 00:54. 2008-10-28 00:54 <KANSIO> d -------- C: \ Program Files \ Windows Media Components
2008-10-28 00:54. 2005-06-10 09:43 73.728 - a ------ C: \ windows \ system32 \ ISUSPM.cpl
2008-10-28 00:50. 2008-10-28 00:50 <KANSIO> d -------- C: \ Program Files \ DIFX
2008-10-28 00:50. 2008-10-28 00:50 <KANSIO> d -------- C: \ Program Files \ Common Files \ Nokia
2008-10-28 00:50. 2008-10-28 00:58 <KANSIO> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ PC Suite
2008-10-28 00:50. 2008-10-28 00:58 <KANSIO> d -------- C: \ Documents and Settings \ All Users \ Application Data \ PC Suite
2008-10-28 00:50. 2008-10-28 00:50 <KANSIO> d -------- C: \ Documents and Settings \ All Users \ Application Application Data \ Downloaded Installations
2008-10-28 00:50. 2006-05-29 07:26 127.488 - a ------ C: \ windows \ system32 \ drivers \ nmwcd.sys
2008-10-28 00:50. 2006-05-29 07:26 50.688 - a ------ C: \ windows \ system32 \ nmwcdcls.dll
2008-10-28 00:50. 2006-05-29 07:26 30.720 - a ------ C: \ windows \ system32 \ nmwcdcocls.dll
2008-10-28 00:50. 2006-05-29 07:26 13.312 - a ------ C: \ windows \ system32 \ drivers \ nmwcdcm.sys
2008-10-28 00:50. 2006-05-29 07:26 13.312 - a ------ C: \ windows \ system32 \ drivers \ nmwcdcj.sys
2008-10-28 00:50. 2006-05-29 07:26 8.704 - a ------ C: \ windows \ system32 \ drivers \ nmwcdc.sys
2008-10-28 00:50. 2006-05-29 07:26 4.608 - a ------ C: \ windows \ system32 \ nmwcdlog.dll
2008-10-28 00:49. 2008-10-28 00:49 <KANSIO> d -------- C: \ Windows \ Downloaded Installations
2008-10-28 00:49. 2008-10-28 00:51 <KANSIO> d -------- C: \ Program Files \ Nokia
2008-10-28 00:49. 2008-10-28 00:50 <KANSIO> d -------- C: \ Program Files \ Common Files \ PC Connectivity Solution
2008-10-27 23:54. 2008-10-27 23:54 <KANSIO> d -------- C: \ Documents and Settings \ All Users \ Application Application Data \ EPSON
2008-10-27 21:55. 2008-10-27 21:55 <KANSIO> d -------- C: \ Program Files \ Ventrilo
2008-10-27 21:55. 2008-10-27 21:55 <KANSIO> d -------- C: \ Program Files \ Common Files \ Wise Installation Wizard
2008-10-27 21:55. 2008-10-27 21:56 <KANSIO> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ Ventrilo
2008-10-27 21:13. 2008-11-06 20:34 160.100 - a ------ C: \ windows \ system32 \ nvapps.xml
2008-10-27 21:05. 2008-11-05 16:09 <DIR> da ------ C: \ Documents and Settings \ All Users \ Application Application Data \ TEMP
2008-10-26 23:48. 2008-11-06 05:29 <KANSIO> d -------- C: \ Program Files \ easyMule
2008-10-26 13:53. 2008-10-26 13:53 <KANSIO> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ Viewpoint
2008-10-25 19:37. 2008-10-25 19:37 <KANSIO> d -------- C: \ Program Files \ iPod
2008-10-25 19:37. 2008-10-25 19:37 <KANSIO> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ Apple Computer
2008-10-25 19:37. 2008-04-17 12:12 107.368 - a ------ C: \ windows \ system32 \ GEARAspi.dll
2008-10-25 19:37. 2008-04-17 12:12 15.464 - a ------ C: \ windows \ system32 \ drivers \ GEARAspiWDM.sys
2008-10-25 19:36. 2008-10-25 19:36 <KANSIO> d -------- C: \ Program Files \ QuickTime
2008-10-25 19:36. 2008-10-25 19:37 <KANSIO> d -------- C: \ Program Files \ iTunes
2008-10-25 19:36. 2008-10-25 19:36 <KANSIO> d -------- C: \ Program Files \ Bonjour
2008-10-25 19:36. 2008-10-25 19:36 <KANSIO> d -------- C: \ Program Files \ Apple Software Update
2008-10-25 19:36. 2008-10-25 19:36 <KANSIO> d -------- C: \ Documents and Settings \ All Users \ Application Application Data \ Apple Computer
2008-10-25 19:36. 2008-10-25 19:37 <KANSIO> d -------- C: \ Documents and Settings \ All Users \ Application Data \ (3276BE95_AF08_429F_A64F_CA64CB79BCF6)
2008-10-25 19:35. 2008-10-25 19:36 <KANSIO> d -------- C: \ Program Files \ Common Files \ Apple
2008-10-25 19:35. 2008-10-25 19:35 <KANSIO> d -------- C: \ Documents and Settings \ All Users \ Application Application Data \ Apple
2008-10-24 18:11. 2007-07-30 18:19 271.224 - a ------ C: \ windows \ system32 \ mucltui.dll
2008-10-24 18:11. 2007-07-30 18:19 30.072 - a ------ C: \ windows \ system32 \ mucltui.dll.mui
2008-10-24 15:39. 2008-10-24 15:39 <KANSIO> d -------- C: \ Documents and Settings \ All Users \ Application Application Data \ Blizzard
2008-10-24 14:24. 2008-10-24 14:24 <KANSIO> d -------- C: \ Program Files \ Real
2008-10-24 14:24. 2008-10-24 14:24 <KANSIO> d -------- C: \ Program Files \ Common Files \ xing jaettu
2008-10-24 14:24. 2008-10-24 14:24 <KANSIO> d -------- C: \ Program Files \ Common Files \ Real
2008-10-24 14:07. 2008-10-24 14:07 <KANSIO> d -------- C: \ Documents and Settings \ MKJ \ Logs
2008-10-24 13:59. 2008-10-24 13:59 <KANSIO> d -------- C: \ Logs
2008-10-24 10:05. 2008-10-27 21:15 <KANSIO> d -------- C: \ windows \ nview
2008-10-24 10:05. 2008-01-10 01:30 442.368-ra ------ C: \ windows \ system32 \ nvusmb.exe
2008-10-24 10:05. 2008-03-06 15:23 442.368 - a ------ C: \ windows \ system32 \ NVUNINST.EXE
2008-10-24 10:05. 2008-03-19 04:04 442.368 - a ------ C: \ windows \ system32 \ nvudisp.exe
2008-10-24 10:05. 2007-09-27 22:32 356.352-ra ------ C: \ windows \ system32 \ nvusmu.exe
2008-10-24 10:05. 2008-01-03 17:26 17.737 - a ------ C: \ windows \ system32 \ nvdisp.nvu
2008-10-24 10:05. 2007-10-12 03:53 13.312-ra ------ C: \ windows \ system32 \ drivers \ nvsmu.sys
2008-10-24 10:05. 2007-12-07 03:12 5.836 - a ------ C: \ windows \ system32 \ nvnrm.nvu
2008-10-24 10:05. 2008-01-16 17:17 3.948-ra ------ C: \ windows \ system32 \ drivers \ nvphy.bin
2008-10-24 10:05. 2007-12-07 01:34 2.016-ra ------ C: \ windows \ system32 \ nvsmb.nvu
2008-10-24 10:05. 2007-09-12 01:14 659-ra ------ C: \ windows \ system32 \ nvsmu.nvu
2008-10-24 10:04. 2008-10-23 22:44 35.647 - a ------ C: \ windows \ Ascd_log.ini
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))) ))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-06 10:37 --------- d ----- WC: \ program files \ AIMTunes
2008-11-04 21:36 --------- d ----- WC: \ Program Files \ World of Warcraft
2008-10-28 05:55 --------- d ----- WC: \ Program Files \ Common Files \ Ulead Systems
2008-10-28 05:55 --------- d ----- WC: \ Documents and Settings \ MKJ \ Application Data \ Ulead Systems
2008-10-28 05:54 --------- d ----- WC: \ Program Files \ Ulead Systems
2008-10-28 05:54 --------- d ----- WC: \ Documents and Settings \ All Users \ Application Application Data \ Ulead Systems
2008-10-28 05:53 --------- d - h - WC: \ Program Files \ InstallShield Installation Information
2008-10-28 05:02 --------- d ----- WC: \ Program Files \ Common Files \ Adobe
2008-10-24 19:24 499.712 ---- aw C: \ windows \ system32 \ msvcp71.dll
2008-10-24 19:24 348.160 ---- aw C: \ windows \ system32 \ msvcr71.dll
2008-10-24 14:51 --------- d ----- WC: \ Program Files \ Microsoft FrontPage
2008-10-24 07:55 --------- d ----- WC: \ Program Files \ MSN Messenger
2008-10-24 06:09 --------- d ----- WC: \ Program Files \ Microsoft CAPICOM 2.1.0.2
2008-10-24 05:44 --------- d ----- WC: \ Program Files \ Winamp
2008-10-24 05:44 --------- d ----- WC: \ Documents and Settings \ MKJ \ Application Data \ Winamp
2008-10-24 05:40 --------- d ----- WC: \ Documents and Settings \ MKJ \ Application Data \ acccore
2008-10-24 05:39 --------- d ----- WC: \ program files \ AIM6
2008-10-24 05:39 --------- d ----- WC: \ Documents and Settings \ All Users \ Application Application Data \ AOL Downloads
2008-10-24 05:38 --------- d ----- WC: \ Program Files \ Viewpoint
2008-10-24 05:38 --------- d ----- WC: \ Program Files \ Common Files \ AOL
2008-10-24 05:38 --------- d ----- WC: \ Documents and Settings \ All Users \ Application Application Data \ Viewpoint
2008-10-24 05:38 --------- d ----- WC: \ Documents and Settings \ All Users \ Application Application Data \ AOL OCP
2008-10-24 05:38 --------- d ----- WC: \ Documents and Settings \ All Users \ Application Application Data \ AOL
2008-10-24 05:38 --------- d ----- WC: \ Documents and Settings \ All Users \ Application Application Data \ acccore
2008-10-24 05:32 --------- d ----- WC: \ Program Files \ Common Files \ Blizzard Entertainment
2008-10-24 05:20 --------- d ----- WC: \ Program Files \ Windows Media Connect 2
2008-10-24 05:10 --------- d ----- WC: \ Program Files \ DivX
2008-10-24 05:08 --------- d ----- WC: \ program files \ DefilerPak
2008-10-24 04:37 --------- d ----- WC: \ Program Files \ Realtek
2008-10-24 04:33 --------- d ----- WC: \ Documents and Settings \ All Users \ Application Data \ Symantec
2008-10-24 04:18 --------- d ----- WC: \ Program Files \ Common Files \ Symantec Shared
2008-10-24 03:58 --------- d ----- WC: \ Documents and Settings \ All Users \ Application Application Data \ InstallShield
2008-10-24 03:57 --------- d ----- WC: \ Program Files \ Common Files \ InstallShield
2008-10-24 03:54 --------- d ----- WC: \ Documents and Settings \ All Users \ Application Application Data \ Corel
2008-10-24 03:33 --------- d ----- WC: \ Program Files \ ASUS
2008-10-24 03:08 315.392 ---- aw C: \ windows \ HideWin.exe
2008-10-24 03:08 --------- d ----- WC: \ Program Files \ profiilia
2008-10-24 00:18 2.302.017 ---- aw C: \ windows \ system32 \ GPhotos.scr
2008-09-23 22:46 245.408 ---- aw C: \ windows \ system32 \ unicows.dll
2008-09-15 12:12 1.846.400 ---- aw C: \ Windows \ system32 \ Win32k.sys
2008-09-08 10:41 333.824 ---- aw C: \ windows \ system32 \ drivers \ Srv.sys
2008-08-29 14:18 87.336 ---- aw C: \ windows \ system32 \ dns-sd.exe
2008-08-29 13:53 61.440 ---- aw C: \ windows \ system32 \ dnssd.dll
2008-08-26 07:24 826.368 ---- aw C: \ Windows \ system32 \ Wininet.dll
2008-08-14 10:09 2.145.280 ---- aw C: \ windows \ system32 \ ntoskrnl.exe
2008-08-14 09:33 2.023.936 ---- aw C: \ windows \ system32 \ ntkrnlpa.exe
.
((((((((((((((((((((((((((((( Snapshot@2008-11-06_19.54.31.75 )))))))))) )))))))))))))))))))))))))))))))
.
- 2008-11-06 23:26:54 49.198 ---- aw C: \ windows \ system32 \ perfc009.dat
+ 2008-11-07 00:54:48 49.198 ---- aw C: \ windows \ system32 \ perfc009.dat
- 2008-11-06 23:26:54 390.094 ---- aw C: \ windows \ system32 \ perfh009.dat
+ 2008-11-07 00:54:48 390.094 ---- aw C: \ windows \ system32 \ perfh009.dat
+ 2008-11-07 01:33:47 16.384 ---- atwig C: \ Windows \ Temp \ Perflib_Perfdata_584.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))) ))))))))))))))))))))))))))))))))))))))))
.
.
* Note * empty entries & legit default merkinnät eivät näy
REGEDIT4
[HKEY_LOCAL_MACHINE \ ~ \ Browser Helper Objects \ (0A0DDBD3-6641-40B9-873F-BBDD26D6C14E)]
2008-10-23 02:37 147928 - a ------ C: \ Program Files \ easyMule \ modules \ IE2EM.dll
[HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ Run]
"CTFMON.EXE" = "C: \ windows \ system32 \ CTFMON.EXE" [2008-04-13 15360]
"\ \ MING3 \ EPSON Stylus C120 Series "=" C: \ Windows \ System32 \ spool \ DRIVERS \ W32X86 \ 3 \ E_FATICCA.EXE "[2007-03-12 182272]
"PcSync" = "C: \ Program Files \ Nokia \ Nokia PC Suite 6 \ PcSync2.exe" [2006-06-27 1449984]
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ curr entVersion \ Run]
"PHIME2002ASync" = "C: \ Windows \ System32 \ IME \ TINTLGNT \ TINTSETP.EXE" [2004-08-04 455168]
"PHIME2002A" = "C: \ Windows \ System32 \ IME \ TINTLGNT \ TIN TSETP.EXE" [2004-08-04 455168]
"Ai Nap" = "C: \ Program Files \ ASUS \ Ai Suite \ AiNap \ AiNap.exe" [2008-01-28 1413120]
"CPU Power Monitor" = "C: \ Program Files \ ASUS \ Ai Suite \ AiGear3 \ CpuPowerMonitor.exe" [2008-01-09 627200]
"CPU Level Up help" = "C: \ Program Files \ ASUS \ Ai Suite \ CpuLevelUpHelp.exe" [2007-11-30 881152]
"ASUS Energiansäästö" = "C: \ Program Files \ ASUS \ Ai Suite \ EnergySaving \ PwSave.exe" [2008-01-28 1352704]
"Ulead AutoDetector v2" = "C: \ Program Files \ Common Files \ Ulead Systems \ AutoDetector \ monitor.exe" [2006-11-29 90112]
"SunJavaUpdateSched" = "C: \ Program Files \ Common Files \ Real \ qttask.exe" [2008-10-24 185872]
"QuickTime Task" = "C: \ Program Files \ QuickTime \ qttask.exe" [2008-09-06 413696]
"iTunesHelper" = "C: \ Program Files \ iTunes \ iTunesHelper.exe" [2008-10-01 289576]
"NvCplDaemon" = "C: \ WINDOWS \ system32 \ ctfmon.exe" [2008-01-03 13508608]
"NvMediaCenter" = "C: \ WINDOWS \ system32 \ NvMcTray. Dll" [2008-01-03 86016]
"Adobe Reader Speed Launcher" = "C: \ Program Files \ Adobe \ Reader 8.0 \ Reader \ Reader_sl.exe" [2008-01-11 39792]
"NSLauncher" = "C: \ Program Files \ Nokia \ Nokia Software Launcher \ NSLauncher.exe" [2006-11-28 2658304]
"RTHDCPL" = "RTHDCPL.EXE" [2008-05-07 C: \ windows \ RTHDCPL.exe]
"nwiz" = "nwiz.exe" [2008-01-03 C: \ WINDOWS \ system32 \ nwiz.exe]
[HKEY_USERS \. DEFAULT \ Software \ Microsoft \ Windows \ Cur rentVersion \ Run]
"CTFMON.EXE" = "C: \ Windows \ System32 \ CTFMON.EXE" [2008-04-13 15360]
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ drivers32]
"msacm.dvacm" = C: \ progra ~ 1 \ Common ~ 1 \ ULEADS ~ 1 \ Vio \ Dvacm.acm
"msacm.divxa32" = DivXa32.acm
"msacm.ulmp3acm" = C: \ PROGRA ~ 1 \ Common ~ 1 \ ULEADS ~ 1 \ MPEG \ ulmp3acm.acm
"msacm.mpegacm" = C: \ PROGRA ~ 1 \ Common ~ 1 \ ULEADS ~ 1 \ MPEG \ mpegacm.acm
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ dotnet3.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ dotnet3 [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ dotnet3 [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ dotnetfx.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ dotnetfx3.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ dotnetfx30SP1setup.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ dotnetfx30SP1setup [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ dotnetfx30SP1setup [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ dotnetfx35.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ dotnetfx35setup.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ dotnetfx35setup [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ dotnetfx35setup [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ dotnetfx35 [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ dotnetfx35 [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ dotnetfx3setup.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ dotnetfx3setup [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ dotnetfx3setup [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ dotnetfx3 [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ dotnetfx3 [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ dotnetfx3_ia64.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ dotnetfx3_ia64 [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ dotnetfx3_ia64 [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ dotnetfx3_x64.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ dotnetfx3_x64 [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ dotnetfx3_x64 [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ dotnetfx [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ dotnetfx [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx20SP1_ia64.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx20SP1_ia64 [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx20SP1_ia64 [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx20SP1_x64.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx20SP1_x64 [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx20SP1_x64 [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx20SP1_x86.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx20SP1_x86 [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx20SP1_x86 [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx20SP2_ia64.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx20SP2_ia64 [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx20SP2_ia64 [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx20SP2_x64.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx20SP2_x64 [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx20SP2_x64 [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx20SP2_x86.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx20SP2_x86 [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx20SP2_x86 [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx30SP1_x64.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx30SP1_x64 [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx30SP1_x64 [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx30SP1_x86.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx30SP1_x86 [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx30SP1_x86 [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx35_ia64.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx35_ia64 [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx35_ia64 [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx35_x64.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx35_x64 [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx35_x64 [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx35_x86.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx35_x86 [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx35_x86 [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx64.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx64 [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ kuvatiedoston toteuttamisen vaihtoehtoja \ NetFx64 [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKLM \ ~ \ Services \ sharedaccess \ Parameters \ firewallpo licy \ standardprofile \ AuthorizedApplications \ List]
"% windir% \ \ system32 \ \ sessmgr.exe" =
"% windir% \ \ Network Diagnostic \ \ xpnetdiag.exe" =
"c: \ \ Program Files \ \ Common Files \ \ AOL \ \ Loader \ \ aolload.exe" =
"c: \ \ Program Files \ \ AIM6 \ \ aim6.exe" =
"C: \ \ Program Files \ \ World of Warcraft \ \ WoW-2.3.0-enUS-Downloader.exe" =
"c: \ \ Program Files \ \ MSN Messenger \ \ msnmsgr.exe" =
"c: \ \ Program Files \ \ MSN Messenger \ \ livecall.exe" =
"c: \ \ Program Files \ \ Bonjour \ \ mDNSResponder.exe" =
"c: \ \ Program Files \ \ iTunes \ \ iTunes.exe" =
"C: \ \ Program Files \ \ easyMule \ \ emule.exe" =
[HKLM \ ~ \ Services \ sharedaccess \ Parameters \ firewallpo licy \ standardprofile \ GloballyOpenPorts \ List]
"3724: TCP" = 3724: TCP: Blizzard Downloader: 3724
"12178: TCP" = 12178: TCP: BitComet 12178 TCP:
"12178: UDP" = 12178: UDP: BitComet 12178 UDP:
R1 aswSP; avast! Self Protection; c: \ windows \ system32 \ drivers \ aswSP.sys [2008-07-19 78416]
R2 aswFsBlk; aswFsBlk c: \ windows \ system32 \ DRIVERS \ aswF sBlk.sys [2008-07-19 20560]
R2 Viewpoint Manager Service; Viewpoint Manager Service C: \ Program Files \ Viewpoint \ Common \ ViewpointService.exe [2007-01-04 24652]
R3 NVHDA; Service NVIDIA High Definition Audio Driver c: \ windows \ system32 \ drivers \ nvhda32.sys [2008-05-04 38560]
.
Contents of the 'Scheduled Tasks-kansioon
2008-11-01 C: \ Windows \ Tasks \ AppleSoftwareUpdate.job
- C: \ program files \ Apple Software Update \ SoftwareUpdate.exe [2008-07-30 11:34]
.
************************************************** ************************
catchme 0.3.1367 W2K/XP/Vista - rootkit / varkain haittaohjelmien detektori on Gmer, http://www.gmer.net
Rootkit scan 2008-11-06 20:34:11
Windows 5.1.2600 Service Pack 3 NTFS
skannaus piilotettu prosessien ...
skannaus piilotettu Autostart merkinnät ...
skannaus piilotetut tiedostot ...
scan loppuun onnistuneesti
piilotetut tiedostot: 0
************************************************** ************************
.
------------------------ Other Running Processes ----------------------- --
.
c: \ program files \ ALWIL Software \ Avast4 \ aswUpdSv.exe
c: \ program files \ ALWIL Software \ Avast4 \ ashServ.exe
C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
C: \ Program Files \ Bonjour \ mDNSResponder.exe
c: \ windows \ system32 \ nvsvc32.exe
c: \ windows \ system32 \ PSIService.exe
C: \ Program Files \ ASUS \ huoltoliike \ 1.00.61 \ aaCenter.exe
c: \ program files \ ALWIL Software \ Avast4 \ ashMaiSv.exe
c: \ program files \ ALWIL Software \ Avast4 \ ashWebSv.exe
c: \ windows \ system32 \ rundll32.exe
C: \ Program Files \ iPod \ bin \ iPodService.exe
C: \ Program Files \ Common Files \ pcsuite \ Services \ ServiceLayer.exe
c: \ progra ~ 1 \ Common ~ 1 \ Nokia \ MPAPI \ MPAPI3s.exe
.
************************************************** ************************
.
Täydennys aika: 2008-11-06 20:36:06 - kone käynnistettiin uudelleen
ComboFix-karanteenissa-files.txt 2008-11-07 01:36:02
ComboFix2.txt 2008-11-07 00:54:46
Pre-Run: 41668276224 tavua vapaana
Post-Run: 41678303232 tavua vapaana
418 --- EOF --- 2008-10-28 07:00:21

Kiitos
Reply
Sivu 1 / 2 1 2

Register

Kirjanmerkit

Samanlaisia Threads
Kierre Thread Starter Forum Vastaukset Last Post
System Idle Process enintään 99 Cpu sgonzalez90 Windows-käyttöjärjestelmät 4 6. Huhtikuu 2009 14:50
System tyhjäkäyntitilassa prosessi - Windows Task Manager pest79456 Windows-käyttöjärjestelmät 3 8th Feb 2009 09:20
Napsauttamalla, piippaa ja piilossa iexplore.exe prosessi ad hoc Virusten, vakoiluohjelmien & Security 5 7. Lokakuu 2008 18:44
IEXPLORE.EXE järjestelmän virus? HijackThis loki, katsokoot. samDd Virusten, vakoiluohjelmien & Security 4 29. Sep 2008 17:13
Ongelmia ponnahdusikkunat ja iexplore käynnissä prosessi 1carly1 Virusten, vakoiluohjelmien & Security 3 15th Feb 2008 10:36
Thread Tools



Arabic Bulgarian Chinese (Simplified) Chinese (Traditional) Croatian Czech Danish Dutch English Finnish French German Greek Hebrew Hungarian Italian Japanese Korean Latvian Lithuanian Norwegian Polish Portuguese Romanian Russian Serbian Slovak Spanish Swedish Thai Turkish Ukrainian

Copyright © 2006 - 2009 Computer Juice.
Yhteydenotto -- Yksityisyydensuoja -- Sivukartta -- Ylös

Powered by vBulletin ® Copyright © 2000 - 2009 Jelsoft Enterprises Ltd SEO on vBSEO © 2009, indeksoitavuutta, Inc.