SDFix Loki...

Elikkä tässä ongelmani... -> Proxy.agent.aek Jyllää koneella ProxyM.dll tiedostossa... AVG, ei auta, eScan ei auta, normaali tai vikasieto skannaus, EI AUTA... :/ Tässä SDFix loki, skannasin SDFixin jälkeen AVG:llä ja JÄLLEEN SE LÖYTY koneelta, Proxy.agent.aek... Loppu keinot tähän :/


[b]SDFix: Version 1.174 [/b]
Run by Tuomo on to 24.04.2008 at 17:22

Microsoft Windows XP [versio 5.1.2600]
Running From: C:\DOCUME~1\Tuomo\TYPYT~1\SDFix

[b]Checking Services [/b]:


Restoring Windows Registry Values
Restoring Windows Default Hosts File

Rebooting


[b]Checking Files [/b]:

No Trojan Files Found






Removing Temp Files

[b]ADS Check [/b]:



[b]Final Check [/b]:

catchme 0.3.1353.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-24 17:29:33
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:2df9c43f
"s2"=dword:110480d0
"h0"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:f4,75,3b,ae,5c,0f,44,3a,92,3b,7b,73,df,94,eb,23,fc,90,c9,26,a1,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:f4,75,3b,ae,5c,0f,44,3a,92,3b,7b,73,df,94,eb,23,fc,90,c9,26,a1,..

scanning hidden registry entries ...

scanning hidden files ...


scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 29


[b]Remaining Services [/b]:




Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\WINDOWS\\system32\\P2P Networking\\P2P Networking.exe"="C:\\WINDOWS\\system32\\P2P Networking\\P2P Networking.exe:*:Enabled:P2P Networking"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\Microsoft Games\\Links 2001 Demo\\LinksMMI.exe"="C:\\Program Files\\Microsoft Games\\Links 2001 Demo\\LinksMMI.exe:*:Disabled:LinksMMI"
"C:\\WINDOWS\\system32\\lxcgcoms.exe"="C:\\WINDOWS\\system32\\lxcgcoms.exe:*:Disabled:2300 Series"
"C:\\Kaspersky\\kavupd.exe"="C:\\Kaspersky\\kavupd.exe:*:Enabled:kavupd"
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox"
"C:\\Program Files\\DC \\DCPlusPlus.exe"="C:\\Program Files\\DC \\DCPlusPlus.exe:*:Enabled:DC "
"C:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"="C:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"C:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"="C:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"C:\\SIMS\\RACER\\racer.exe"="C:\\SIMS\\RACER\\racer.exe:*:Disabled:racer"
"C:\\Program Files\\Rockstar Games\\Midnight Club II Demo\\mc2_demo.exe"="C:\\Program Files\\Rockstar Games\\Midnight Club II Demo\\mc2_demo.exe:*:Disabled:mc2_demo"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\THQ\\MotoGP URT 3 Demo\\motogp_demo.exe"="C:\\Program Files\\THQ\\MotoGP URT 3 Demo\\motogp_demo.exe:*:Enabled:motogp_demo"
"C:\\Program Files\\THQ\\MotoGP URT 3\\motogp.exe"="C:\\Program Files\\THQ\\MotoGP URT 3\\motogp.exe:*:Enabled:motogp"
"C:\\Program Files\\DNA\\btdna.exe"="C:\\Program Files\\DNA\\btdna.exe:*:Enabled:DNA"
"C:\\Program Files\\BitTorrent\\bittorrent.exe"="C:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[b]Remaining Files [/b]:


File Backups: - C:\DOCUME~1\Tuomo\TYPYT~1\SDFix\backups\backups.zip

[b]Files with Hidden Attributes [/b]:

Mon 29 Aug 2005 210 A.SHR --- "C:\BOOT.BAK"
Fri 24 Sep 2004 10,912 A.SH. --- "C:\WINDOWS\system32\Proxy.Dll"
Fri 24 Sep 2004 134,067 A.SH. --- "C:\WINDOWS\system32\ProxyM.dll"
Fri 24 Sep 2004 10,912 A.SH. --- "C:\WINDOWS\system32\_Proxy.dll"
Fri 24 Sep 2004 134,067 A.SH. --- "C:\WINDOWS\system32\_ProxyM.dll"
Sat 1 Jul 2006 4,348 ..SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Fri 9 Feb 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Fri 9 Feb 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv02.tmp"
Fri 11 Apr 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\a7b63628b39fd8bdb7e535e34d0ea696\BIT2.tmp"
Fri 5 Oct 2007 19,456 ...H. --- "C:\Documents and Settings\Tuomo\Application Data\Microsoft\Word\~WRL0003.tmp"
Fri 5 Oct 2007 20,480 ...H. --- "C:\Documents and Settings\Tuomo\Application Data\Microsoft\Word\~WRL1663.tmp"
Fri 5 Oct 2007 20,480 ...H. --- "C:\Documents and Settings\Tuomo\Application Data\Microsoft\Word\~WRL3537.tmp"

[b]Finished![/b]