ComboFix 08-06-07.1 - Marika 2008-06-09 10:45:32.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1035.18.128 [GMT 3:00]
Running from: C:\Documents and Settings\Marika\Työpöytä\ComboFix.exe
[color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color]
.
((((( Tiedostot, jotka on luotu seuraavalla aikavälillä: 2008-05-09 to 2008-06-09 )))))))))))))))))
.
2008-06-09 10:39 . 2008-06-09 10:39 d-------- C:\Program Files\Trend Micro
2008-06-09 09:03 . 2008-06-09 09:03 29,342 --------- C:\WINDOWS\winudmr.exe
2008-06-09 09:03 . 2008-06-09 09:26 29,342 --a--c--- C:\ps.exe
2008-06-09 09:03 . 2008-06-09 10:48 29,342 --a--c--- C:\pf.exe
2008-06-09 09:03 . 2008-06-09 09:28 29,342 --a--c--- C:\fp.exe
2008-06-08 22:20 . 2008-06-08 22:20 18,587 --a--c--- C:\Documents and Settings\Marika\packed.exe
2008-06-08 22:17 . 2008-06-08 22:18 18,587 --a--c--- C:\packed.exe
2008-06-06 22:06 . 2008-06-06 22:06 49,156 --a--c--- C:\sjgz.exe
2008-06-06 17:52 . 2008-06-06 19:20 49,156 --a--c--- C:\sjz.exe
2008-06-06 17:23 . 2008-06-08 20:15 2,231 --a--c--- C:\hszs.exe
2008-06-06 17:22 . 2008-06-08 20:18 2,229 --a--c--- C:\shz.exe
2008-06-06 15:32 . 2008-06-06 15:32 49,156 --a--c--- C:\szs.exe
2008-06-06 15:30 . 2008-06-06 17:22 49,156 --a--c--- C:\sz.exe
2008-06-06 15:30 . 2008-06-06 15:30 2,232 --a--c--- C:\sexx2.exe
2008-06-06 13:47 . 2008-06-06 13:51 49,156 --a--c--- C:\sex22.exe
2008-06-06 13:47 . 2008-06-06 13:55 49,156 --a--c--- C:\sex2.exe
2008-06-06 08:00 . 2008-06-06 10:01 2,232 --a--c--- C:\sf.exe
2008-06-06 08:00 . 2008-06-06 10:01 2,232 --a--c--- C:\fa.exe
2008-06-04 16:53 . 2008-06-04 16:53 3,424 --a--c--- C:\is155400.exe
2008-06-04 07:35 . 2008-06-04 09:31 3,423 --a------ C:\WINDOWS\is154890.exe
2008-06-02 22:29 . 2008-06-02 22:29 97,116 --a------ C:\WINDOWS\DC5177176.zip
2008-06-02 21:35 . 2008-06-02 22:33 96,950 --a--c--- C:\Documents and Settings\Marika\setup.exe
2008-06-02 21:27 . 2008-06-02 21:27 96,950 --a--c--- C:\stupx.exe
2008-06-02 21:23 . 2008-06-02 21:23 96,950 -r-hs---- C:\WINDOWS\mservice.exe
2008-06-02 21:22 . 2008-06-02 21:23 96,950 --a--c--- C:\stup.exe
2008-06-02 17:54 . 2008-06-03 17:50 60,114 --a--c--- C:\bot1.exe
2008-05-30 19:23 . 2008-05-30 22:11 60,132 --a--c--- C:\dcsi.exe
2008-05-30 09:26 . 2008-05-30 22:47 60,132 --a--c--- C:\dci.exe
2008-05-29 21:45 . 2008-05-29 21:45 60,132 --a--c--- C:\ddc.exe
2008-05-29 21:45 . 2008-06-08 20:19 2,231 --a--c--- C:\is154890.exe
2008-05-29 21:42 . 2008-05-29 21:44 86,340 -r-hs---- C:\WINDOWS\winudspm.exe
2008-05-20 17:07 . 2008-05-20 17:07 118 --a------ C:\WINDOWS\system32\MRT.INI
.
(((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-09 07:48 --------- dc----w C:\Documents and Settings\Marika\Application Data\Skype
2008-06-09 06:53 --------- dc----w C:\Documents and Settings\Marika\Application Data\skypePM
2008-06-06 07:50 --------- d-----w C:\Program Files\DCPlusPlus
2008-04-28 10:53 --------- d-----w C:\Program Files\Samurize
2008-04-21 17:08 --------- d-----w C:\Program Files\Nokia
2008-04-21 17:08 --------- d-----w C:\Program Files\Common Files\PCSuite
2008-04-21 17:08 --------- d-----w C:\Program Files\Common Files\Nokia
2008-04-21 17:05 --------- d-----w C:\Program Files\PC Connectivity Solution
2008-04-21 15:53 --------- dc----w C:\Documents and Settings\All Users\Application Data\Installations
2008-04-12 17:14 32 -c--a-w C:\Documents and Settings\All Users\Application Data\ezsid.dat
2008-04-12 17:00 --------- dc----w C:\Documents and Settings\All Users\Application Data\Skype
2008-04-12 17:00 --------- d-----w C:\Program Files\Skype
2008-04-12 17:00 --------- d-----w C:\Program Files\Common Files\Skype
2008-03-25 04:51 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll
2008-03-25 04:51 621,344 ----a-w C:\WINDOWS\system32\dllcache\mswstr10.dll
2008-03-25 04:51 166,688 ----a-w C:\WINDOWS\system32\msjint40.dll
2008-03-25 04:51 166,688 ----a-w C:\WINDOWS\system32\dllcache\msjint40.dll
2008-03-20 08:09 1,845,504 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-20 08:09 1,845,504 ----a-w C:\WINDOWS\system32\dllcache\win32k.sys
2007-03-06 13:18 12,628 -c--a-w C:\Documents and Settings\Marika\Application Data\wklnhst.dat
2006-01-10 14:53 60,960 -c--a-w C:\Documents and Settings\Marika\Application Data\GDIPFONTCACHEV1.DAT
2005-09-29 15:04 774,144 -c--a-w C:\Program Files\RngInterstitial.dll
.
(((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{97100B87-8C67-7ACD-73A0-9448EC2263FC}]
C:\DOCUME~1\Marika\APPLIC~1\OOZEID~1\Ref base.exe
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-09-15 15:00 15360]
"Drive Amen"="C:\DOCUME~1\LOCALS~1\APPLIC~1\Update\Bits idol.exe" [ ]
"MessengerPlus3"="C:\Program Files\MessengerPlus! 3\MsgPlus.exe" [2006-08-11 16:05 190024]
"Felix II"="C:\Program Files\ScreenMates\Felix II\Felix2.exe" [ ]
"msnmsgr"="~C:\Program Files\MSN Messenger\msnmsgr.exe" [ ]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-25 22:30 68856]
"SweetIM"="C:\Program Files\Macrogaming\SweetIM\SweetIM.exe" [2006-12-27 16:53 73840]
"PC Suite Tray"="C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" [2008-03-28 11:20 1079296]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2008-02-01 17:22 21898024]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe" [2008-03-26 18:41 1232896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25 144784]
"SiSPower"="SiSPower.dll" [2004-09-02 14:47 49152 C:\WINDOWS\system32\SiSPower.dll]
"SiS Windows KeyHook"="C:\WINDOWS\system32\keyhook.exe" [2004-09-02 14:44 249856]
"SiSUSBRG"="C:\WINDOWS\SiSUSBrg.exe" [2002-07-12 19:15 106496]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 12:50 155648]
"dxvid"="c:\windows\system32\dxvid.exe" [ ]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2005-10-27 02:01 33792]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-02-08 16:28 155648]
"Microsoft Works Update Detection"="C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe" [2003-06-10 03:11 50688]
"barb bits pile drv"="C:\Documents and Settings\All Users\Application Data\Mapi View Barb Bits\name dvd.exe" [ ]
"gdimx"="c:\windows\system32\gdimx.exe" [ ]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-02-16 23:11 49152]
"Windows UDP Control"="winudspm.exe" [2008-05-29 21:44 86340 C:\WINDOWS\winudspm.exe]
"Windows svchost"="ups.exe" [2004-09-15 15:00 18432 C:\WINDOWS\system32\ups.exe]
"Windows Controls Center"="winudmr.exe" [2008-06-09 09:03 29342 C:\WINDOWS\winudmr.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-09-15 15:00 15360]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2008-03-26 18:41 1232896]
C:\Documents and Settings\All Users\K„ynnist„-valikko\Ohjelmat\K„ynnistys\
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-01-10 14:16:47 113664]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2004-11-04 19:28:24 258048]
HP Image Zone -pikak„ynnistys.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [2004-11-04 19:50:52 53248]
Microsoft Office.lnk - C:\Program Files\Office\Office10\OSA.EXE [2004-10-01 02:23:17 83360]
Utility Tray.lnk - C:\WINDOWS\system32\sistray.exe [2004-11-24 12:22:22 331776]
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\Program Files\\DCPlusPlus\\DCPlusPlus.exe"=
"C:\\Program Files\\Azureus\\Azureus.exe"=
"C:\\WINDOWS\\system32\\sessmgr.exe"=
"C:\\Program Files\\mIRC\\mirc.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Sony Ericsson\\Update Service\\ma3platform.exe"=
"C:\\Program Files\\TVUPlayer\\TVUPlayer.exe"=
"C:\\Program Files\\SopCast\\SopCast.exe"=
"C:\\Documents and Settings\\Marika\\Application Data\\SopCast\\adv\\SopAdver.exe"=
"C:\\Program Files\\Internet Explorer\\iexplore.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"=
R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 02:20]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 02:16]
R3 CONAN;CONAN;C:\WINDOWS\system32\drivers\o2mmb.sys [2004-02-12 02:18]
R3 MbxStby;MbxStby;C:\WINDOWS\system32\drivers\MbxStby.sys [2004-01-28 00:00]
S3 pccsmcfd;PCCS Mode Change Filter Driver;C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 15:53]
S3 PRISM_A00;PRISM 802.11 Driver;C:\WINDOWS\system32\DRIVERS\PRISMA00.sys [2004-07-20 21:16]
.
'Ajoitetut tehtävät'-kansion sisältö
"2008-06-09 07:00:00 C:\WINDOWS\Tasks\AB1BFCF090B473F8.job"
- c:\docume~1\marika\applic~1\update\Move Four Dog.exe
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-09 10:48:42
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-06-09 10:52:42
ComboFix-quarantined-files.txt 2008-06-09 07:51:33
ComboFix2.txt 2008-06-09 07:07:31
Pre-Run: 19,486,031,872 tavua vapaana
Post-Run: 19,482,021,888 tavua vapaana
152 --- E O F --- 2008-05-28 17:02:23
ja tällane ku ajettu nu 2krt combofix.. mitäs ny?
tessa...
1
550
Vastaukset
- FixFix
tuohon alapuolelle kun olet hommat tenyt mitä sinne laitoin.
Ketjusta on poistettu 0 sääntöjenvastaista viestiä.
Luetuimmat keskustelut
Tällä kertaa Marinia kadehtii Minäminä Päivärinta
Kokoomuksen tyhjäntoimittelija itkeä tuhertaa, kun kansainvälinen superstaramme ei leiki hänen kanssaan. Oikean puoluee4241849Miksi jollain jää "talvi päälle"
Huvittaa kastoa ullkona jotain vahempaa äijää joka pukeutuu edelleen kun olisi +5 astetta lämmittä vaikka on helle keli1901507- 1091421
Miksi koulut pakottavat
Lapset uimaan sekaryhmänä? Murrosikäiset tunnetusti häpeilevät vartalossa tapahtuvia muutoksia. Tulee turhia poissaoloja1681386- 451046
Suomen Pallolitto: Tasoryhmät lasten jalkapallossa - Erätauko-tilaisuus ma 20.5.2024
Tasoryhmät lasten ja nuorten jalkapallossa herättävät paljon keskustelua. Mitä tasoryhmät ovat ja mikä on niiden tarkoit0990- 63966
Mitä et hyväksy miehessä/naisessa josta olet kiinnostunut?
Itse en halua, että miehellä olisi lapsia!119933Susanne Päivärinta kirjassaan: Sannalla nousi valta päähän, Big Time!
Päivärinta toteaa ettei ole nähnyt kenenkään muuttuvan niin totaalisesti kuin Marinin, eikä siis todellakaan parempaan s91921Se katse silloin
Oli hetki, jolloin katseemme kohtasivat. Oli talvi vielä. Kerta toisensa jälkeen palaan tuohon jaettuun katseeseen. Tunt32886