onko tässä vikaa

kiitos etukäteen

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://finnish.toggle.com/index.php?rvs=hompag
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Paikallinen palve')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Verkkopalve')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: @c:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @c:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://a1540.g.akamai.net/7/1540/52/20070501/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1162323742234
O17 - HKLM\System\CCS\Services\Tcpip\..\{FF70EF43-372E-4397-B83F-5FC4E6D25D71}: NameServer = 192.89.123.231 192.89.123.230
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Norman eLogger service 6 (eLoggerSvc6) - Unknown owner - C:\Norman\Npm\bin\ELOGSVC.EXE (file missing)
O23 - Service: Norman NJeeves - Unknown owner - C:\Norman\Npm\bin\NJEEVES.EXE (file missing)
O23 - Service: Norman ZANDA - Unknown owner - C:\Norman\Npm\Bin\Zanda.exe (file missing)
O23 - Service: Norman Virus Control on-access component (nvcoas) - Unknown owner - C:\Norman\Nvc\bin\nvcoas.exe (file missing)
O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Unknown owner - C:\Norman\Nvc\BIN\NVCSCHED.EXE (file missing)
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

9

995

Äänestä

    Vastaukset

    Anonyymi (Kirjaudu / Rekisteröidy)
    5000
    • 123321

      lokit kokonaan

      • teen?

        vai tarviiko mitään toimenpiteitä..

      • 123321
        teen? kirjoitti:

        vai tarviiko mitään toimenpiteitä..

        1.Lataa combofix.exe työpöydällesi yhdestä, kahdesta klinkistä:
        http://download.bleepingcomputer.com/sUBs/ComboFix.exe
        http://subs.geekstogo.com/ComboFix.exe

        2. Tuplaklikkaa combofix.exe tiedostoa ja seuraa ohjeistuksia.
        3. Kun työkalu on valmis, se tuottaa lokin. Lähetä tämä loki viesti ketjuusi.
        Huom! Älä klikkaile combofixin ikkunaa käytön aikana. Tämä saattaa aiheuttaa ohjelman jumiutumisen.

      • Loki tässä.
        123321 kirjoitti:

        1.Lataa combofix.exe työpöydällesi yhdestä, kahdesta klinkistä:
        http://download.bleepingcomputer.com/sUBs/ComboFix.exe
        http://subs.geekstogo.com/ComboFix.exe

        2. Tuplaklikkaa combofix.exe tiedostoa ja seuraa ohjeistuksia.
        3. Kun työkalu on valmis, se tuottaa lokin. Lähetä tämä loki viesti ketjuusi.
        Huom! Älä klikkaile combofixin ikkunaa käytön aikana. Tämä saattaa aiheuttaa ohjelman jumiutumisen.

        2008-08-30 22:02 . 2008-08-30 22:02      d--------   C:\Program Files\Webteh
        2008-08-30 16:44 . 2008-08-30 16:44      d--------   C:\Program Files\CCleaner
        2008-08-30 16:41 . 2008-08-30 16:41      d--------   C:\Program Files\ToniArts
        2008-08-29 23:50 . 2008-08-30 23:38      d--------   C:\Program Files\PAFPoker
        2008-08-29 20:08 . 2007-08-24 19:45   101,120   -ra------   C:\WINDOWS\system32\drivers\ewusbmdm.sys
        2008-08-29 20:08 . 2007-08-24 19:45   24,448   -ra------   C:\WINDOWS\system32\drivers\ewdcsc.sys
        2008-08-29 15:48 . 2008-08-30 19:59      d--------   C:\Program Files\Spyware Doctor
        2008-08-29 15:48 . 2008-08-29 15:48      d--------   C:\Documents and Settings\OMA\Application Data\PC Tools
        2008-08-29 15:48 . 2008-06-10 21:22   81,288   --a------   C:\WINDOWS\system32\drivers\iksyssec.sys
        2008-08-29 15:48 . 2008-06-02 15:19   66,952   --a------   C:\WINDOWS\system32\drivers\iksysflt.sys
        2008-08-29 15:48 . 2008-06-02 15:19   42,376   --a------   C:\WINDOWS\system32\drivers\ikfilesec.sys
        2008-08-29 15:48 . 2008-06-02 15:19   29,576   --a------   C:\WINDOWS\system32\drivers\kcom.sys
        2008-08-27 14:14 . 2008-08-27 20:19      d--------   C:\WINDOWS\LastGood(2)
        2008-08-24 23:17 . 2008-08-24 23:17      dr-------   C:\Documents and Settings\KOTI\Omat tiedostot
        2008-08-24 20:34 . 2008-08-27 20:19      d--------   C:\d00e3e935169130fb2
        2008-08-20 13:46 . 2008-08-20 13:46      dr-------   C:\Documents and Settings\KOTI\Suosikit
        2008-08-17 16:05 . 2008-06-19 17:24   28,544   --a------   C:\WINDOWS\system32\drivers\pavboot.sys
        2008-08-16 22:38 . 2008-08-17 14:49      d--------   C:\Documents and Settings\OMA\dwhelper
        2008-08-15 13:44 . 2008-04-11 22:05   691,712   -----c---   C:\WINDOWS\system32\dllcache\inetcomm.dll
        2008-08-15 13:43 . 2008-05-01 17:35   331,776   -----c---   C:\WINDOWS\system32\dllcache\msadce.dll
        2008-08-04 22:36 . 2008-08-04 22:36      d--------   C:\Program Files\Java
        2008-08-04 22:36 . 2008-08-04 22:36      d--------   C:\Program Files\InterVideo
        2008-08-04 22:36 . 2008-08-04 22:36      d--------   C:\Program Files\Common Files\Java
        2008-08-04 22:36 . 2008-08-04 22:36      d--------   C:\Program Files\Avanquest update
        2008-08-04 22:35 . 2008-08-04 22:36      d--------   C:\Program Files\Motorola Phone Tools
        2008-08-04 22:35 . 2008-08-04 22:35      d--------   C:\Program Files\Lavasoft
        2008-08-04 22:35 . 2008-08-04 22:35      d--------   C:\Program Files\Common Files\Nokia
        2008-08-04 22:35 . 2008-08-17 14:57      d--------   C:\Documents and Settings\OMA\Application Data\Nokia Multimedia Player
        2008-08-04 22:34 . 2008-08-04 22:35      d--------   C:\Program Files\Nokia
        2008-08-04 22:34 . 2008-08-04 22:34      d--------   C:\Program Files\Apple Software Update
        2008-08-04 22:34 . 2008-08-04 22:34      d--h-----   C:\Documents and Settings\Vieras\Verkkoympäristö
        2008-08-04 22:34 . 2008-08-04 22:34      d--------   C:\Documents and Settings\Vieras\Työpöytä
        2008-08-04 22:34 . 2008-08-04 22:34      d--h-----   C:\Documents and Settings\Vieras\Tulostinympäristö
        2008-08-04 22:34 . 2008-08-04 22:34      dr-------   C:\Documents and Settings\Vieras\Suosikit
        2008-08-04 22:34 . 2008-08-04 22:34      dr-------   C:\Documents and Settings\Vieras\Omat tiedostot
        2008-08-04 22:34 . 2008-08-04 22:34      d--h-----   C:\Documents and Settings\Vieras\Mallit
        2008-08-04 22:34 . 2008-08-04 22:34      dr-------   C:\Documents and Settings\Vieras\Käynnistä-valikko
        2008-08-04 22:34 . 2008-08-04 22:34      d--------   C:\Documents and Settings\Vieras\Application Data\PC Suite
        2008-08-04 22:34 . 2008-08-27 20:21      d--------   C:\Documents and Settings\Vieras
        2008-08-04 22:34 . 2008-08-04 22:35      d--------   C:\Documents and Settings\KOTI\Työpöytä
        2008-08-04 22:34 . 2008-08-04 22:34      d--h-----   C:\Documents and Settings\KOTI\Tulostinympäristö
        2008-08-04 22:34 . 2008-08-04 22:34      d--h-----   C:\Documents and Settings\KOTI\Mallit
        2008-08-04 22:34 . 2008-08-04 22:34      dr-------   C:\Documents and Settings\KOTI\Käynnistä-valikko
        2008-08-04 22:34 . 2008-08-04 22:34      d--------   C:\Documents and Settings\KOTI\Application Data\PC Suite
        2008-08-04 22:34 . 2008-08-04 22:34      d--------   C:\Documents and Settings\KOTI\Application Data\InterVideo
        2008-08-04 22:34 . 2008-08-04 22:34      d--------   C:\Documents and Settings\KOTI\Application Data\BSplayer
        2008-08-04 22:34 . 2008-08-27 20:21      d--------   C:\Documents and Settings\KOTI
        2008-08-04 22:34 . 2008-08-04 22:34      d--------   C:\Documents and Settings\All Users\Application Data\Apple
        2008-08-03 14:36 . 2008-08-04 22:57      d--------   C:\Documents and Settings\All Users\Application Data\Lavasoft
        2008-08-03 12:36 . 2008-08-03 12:39   1,306   --a------   C:\WINDOWS\system32\tmp.reg
        2008-08-03 12:35 . 2007-09-06 00:22   289,144   --a------   C:\WINDOWS\system32\VCCLSID.exe
        2008-08-03 12:35 . 2006-04-27 17:49   288,417   --a------   C:\WINDOWS\system32\SrchSTS.exe
        2008-08-03 12:35 . 2008-05-29 09:35   86,528   --a------   C:\WINDOWS\system32\VACFix.exe
        2008-08-03 12:35 . 2008-05-18 21:40   82,944   --a------   C:\WINDOWS\system32\IEDFix.exe
        2008-08-03 12:35 . 2008-07-02 13:33   82,432   --a------   C:\WINDOWS\system32\IEDFix.C.exe
        2008-08-03 12:35 . 2008-05-23 18:21   81,920   --a------   C:\WINDOWS\system32\404Fix.exe
        2008-08-03 12:35 . 2003-06-05 21:13   53,248   --a------   C:\WINDOWS\system32\Process.exe
        2008-08-03 12:35 . 2004-07-31 18:50   51,200   --a------   C:\WINDOWS\system32\dumphive.exe
        2008-08-03 12:35 . 2007-10-04 00:36   25,600   --a------   C:\WINDOWS\system32\WS2Fix.exe
        2008-08-01 21:35 . 2008-06-10 02:32   73,728   --a------   C:\WINDOWS\system32\javacpl.cpl
        2008-07-24 18:34 . 2008-08-19 20:08      d--------   C:\Program Files\Microsoft Silverlight
        2008-07-22 11:20 . 2008-08-29 20:08      d--------   C:\Program Files\Mobile Partner
        2008-07-22 08:26 . 2008-07-22 08:26      d--------   C:\WINDOWS\system32\fi
        2008-07-22 08:26 . 2008-07-22 08:26      d--------   C:\WINDOWS\system32\bits
        2008-07-22 08:26 . 2008-07-22 08:27      d--------   C:\WINDOWS\l2schemas
        2008-07-22 08:01 . 2008-07-22 08:29      d--------   C:\WINDOWS\ServicePackFiles
        2008-07-22 07:09 . 2008-07-22 07:09      d--------   C:\WINDOWS\EHome
        2008-07-22 02:52 . 2004-08-03 22:41   1,041,536   ---------   C:\WINDOWS\system32\drivers\hsfdpsp2.sys
        2008-07-22 02:52 . 2004-08-03 22:41   685,056   ---------   C:\WINDOWS\system32\drivers\hsfcxts2.sys
        2008-07-22 02:52 . 2004-08-03 22:41   220,032   ---------   C:\WINDOWS\system32\drivers\hsfbs2s2.sys
        2008-07-22 02:52 . 2004-08-03 22:41   126,686   ---------   C:\WINDOWS\system32\drivers\mtlmnt5.sys
        2008-07-22 02:52 . 2004-08-03 22:41   11,868   ---------   C:\WINDOWS\system32\drivers\mdmxsdk.sys
        2008-07-22 02:51 . 2004-07-17 22:55   129,045   ---------   C:\WINDOWS\system32\drivers\cxthsfs2.cty
        2008-07-07 23:28 . 2008-07-07 23:28   253,952   -----c---   C:\WINDOWS\system32\dllcache\es.dll

        .
        (((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
        .
        2008-08-30 17:06   ---------   d---a-w   C:\Documents and Settings\All Users\Application Data\TEMP
        2008-08-04 19:35   ---------   d-----w   C:\Program Files\Common Files\PCSuite
        2008-08-04 19:34   ---------   d-----w   C:\Program Files\Windows Media Connect 2
        2008-08-04 19:34   ---------   d-----w   C:\Program Files\Hewlett-Packard
        2008-08-04 16:28   ---------   d-----w   C:\Documents and Settings\All Users\Application Data\BVRP Software
        2008-08-04 16:27   ---------   d--h--w   C:\Program Files\InstallShield Installation Information
        2008-07-29 18:34   ---------   d-----w   C:\Documents and Settings\OMA\Application Data\BSplayer
        2008-07-18 19:10   94,920   ----a-w   C:\WINDOWS\system32\cdm.dll
        2008-07-18 19:10   53,448   ----a-w   C:\WINDOWS\system32\wuauclt.exe
        2008-07-18 19:10   45,768   ----a-w   C:\WINDOWS\system32\wups2.dll
        2008-07-18 19:10   36,552   ----a-w   C:\WINDOWS\system32\wups.dll
        2008-07-18 19:09   563,912   ----a-w   C:\WINDOWS\system32\wuapi.dll
        2008-07-18 19:09   325,832   ----a-w   C:\WINDOWS\system32\wucltui.dll
        2008-07-18 19:09   205,000   ----a-w   C:\WINDOWS\system32\wuweb.dll
        2008-07-18 19:09   1,811,656   ----a-w   C:\WINDOWS\system32\wuaueng.dll
        2008-07-18 19:07   270,880   ----a-w   C:\WINDOWS\system32\mucltui.dll
        2008-07-18 19:07   210,976   ----a-w   C:\WINDOWS\system32\muweb.dll
        2008-07-14 18:59   ---------   d-----w   C:\Documents and Settings\OMA\Application Data\Touchstone
        2008-07-07 20:28   253,952   ----a-w   C:\WINDOWS\system32\es.dll
        2008-06-29 20:30   107,888   ----a-w   C:\WINDOWS\system32\CmdLineExt.dll
        2008-06-24 16:44   74,240   ----a-w   C:\WINDOWS\system32\mscms.dll
        2008-06-23 16:29   826,368   ----a-w   C:\WINDOWS\system32\wininet.dll
        2008-06-22 17:17   0   ---ha-w   C:\Documents and Settings\All Users\hpothb07.dat
        2008-06-20 17:47   246,784   ----a-w   C:\WINDOWS\system32\mswsock.dll
        2008-05-09 10:55   90,112   ----a-w   C:\WINDOWS\system32\wshext.dll
        2008-05-09 10:55   430,080   ----a-w   C:\WINDOWS\system32\vbscript.dll
        2008-05-09 10:55   180,224   ----a-w   C:\WINDOWS\system32\scrobj.dll
        2008-05-09 10:55   172,032   ----a-w   C:\WINDOWS\system32\scrrun.dll
        2008-05-08 11:24   155,648   ----a-w   C:\WINDOWS\system32\wscript.exe
        2008-05-07 09:07   135,168   ----a-w   C:\WINDOWS\system32\cscript.exe
        2008-05-07 05:12   1,288,704   ----a-w   C:\WINDOWS\system32\quartz.dll
        2008-03-06 16:06   0   ----a-w   C:\Documents and Settings\OMA\Application Data\wklnhst.dat
        2007-10-14 14:32   24,192   ----a-w   C:\Documents and Settings\OMA\usbsermptxp.sys
        2007-10-14 14:32   22,768   ----a-w   C:\Documents and Settings\OMA\usbsermpt.sys
        .

        (((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
        .
        .
        *Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä
        REGEDIT4

        [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
        "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 19:12 15360]

        [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
        "PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-03-23 13:20 227328]

        [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
        "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 19:12 15360]
        "Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-03-27 15:58 1744896]

        [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
        "%windir%\\system32\\sessmgr.exe"=
        "C:\\Program Files\\Messenger\\Msmsgs.exe"=

        R3 EKBfltr;ENE Keyboard Controller;C:\WINDOWS\system32\DRIVERS\EKBfltr.sys [2005-07-28 11:53]
        S2 Ndiskio;Ndiskio;C:\Norman\Nse\bin\NDISKIO.SYS []
        S3 fixustor;fixustor;C:\WINDOWS\system32\drivers\fixustor.sys []
        S3 nvcfsr;nvcfsr;C:\Norman\Nvc\bin\nvcfsr.sys []
        S3 NvcMFlt;NvcMFlt;C:\WINDOWS\system32\DRIVERS\nvcw32mf.sys []
        S3 nvcoafl51;nvcoafl51;C:\Norman\Nvc\bin\nvcoafl51.sys []
        S3 nvcoaft51;nvcoaft51;C:\Norman\Nvc\bin\nvcoaft51.sys []
        S3 nvcoarc51;nvcoarc51;C:\Norman\Nvc\bin\nvcoarc51.sys []
        S3 nvcoas;Norman Virus Control on-access component;C:\Norman\Nvc\bin\nvcoas.exe []
        S3 NVCScheduler;Norman Virus Control Scheduler;C:\Norman\Nvc\BIN\NVCSCHED.EXE []

        [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{01e0ec62-745d-11dd-ae94-0014a55e7289}]
        \Shell\AutoRun\command - E:\AutoRun.exe

        [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{54aac896-7b2a-11dc-ad55-0014a55e7289}]
        \Shell\AutoRun\command - E:\PortableApps\PortableAppsMenu\PortableAppsMenu.exe

        [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fb45df98-75ec-11dd-ae98-0014a55e7289}]
        \Shell\AutoRun\command - E:\AutoRun.exe

        *Newly Created Service* - CATCHME
        *Newly Created Service* - PROCEXP90
        .
        'Ajoitetut tehtävät'-kansion sisältö

        2008-08-05 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
        - C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-04-11 17:57]
        .
        .
        ------- Supplementary Scan -------
        .
        FireFox -: Profile - C:\Documents and Settings\OMA\Application Data\Mozilla\Firefox\Profiles\ioioluvt.default\
        FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://finnish.toggle.com/fi/index.php?rvs=hompag&d=79919195
        .

        **************************************************************************

        catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
        Rootkit scan 2008-08-31 02:57:28
        Windows 5.1.2600 Service Pack 2 NTFS

        scanning hidden processes ...

        scanning hidden autostart entries ...

        scanning hidden files ...

        scan completed successfully
        hidden files: 0

        **************************************************************************
        .
        Completion time: 2008-08-31 2:58:41
        ComboFix-quarantined-files.txt 2008-08-30 23:58:34

        Pre-Run: 85,906,894,848 tavua vapaana
        Post-Run: 85,892,358,144 tavua vapaana

        179   --- E O F ---   2008-08-27 18:58:35

      • 123321
        Loki tässä. kirjoitti:

        2008-08-30 22:02 . 2008-08-30 22:02      d--------   C:\Program Files\Webteh
        2008-08-30 16:44 . 2008-08-30 16:44      d--------   C:\Program Files\CCleaner
        2008-08-30 16:41 . 2008-08-30 16:41      d--------   C:\Program Files\ToniArts
        2008-08-29 23:50 . 2008-08-30 23:38      d--------   C:\Program Files\PAFPoker
        2008-08-29 20:08 . 2007-08-24 19:45   101,120   -ra------   C:\WINDOWS\system32\drivers\ewusbmdm.sys
        2008-08-29 20:08 . 2007-08-24 19:45   24,448   -ra------   C:\WINDOWS\system32\drivers\ewdcsc.sys
        2008-08-29 15:48 . 2008-08-30 19:59      d--------   C:\Program Files\Spyware Doctor
        2008-08-29 15:48 . 2008-08-29 15:48      d--------   C:\Documents and Settings\OMA\Application Data\PC Tools
        2008-08-29 15:48 . 2008-06-10 21:22   81,288   --a------   C:\WINDOWS\system32\drivers\iksyssec.sys
        2008-08-29 15:48 . 2008-06-02 15:19   66,952   --a------   C:\WINDOWS\system32\drivers\iksysflt.sys
        2008-08-29 15:48 . 2008-06-02 15:19   42,376   --a------   C:\WINDOWS\system32\drivers\ikfilesec.sys
        2008-08-29 15:48 . 2008-06-02 15:19   29,576   --a------   C:\WINDOWS\system32\drivers\kcom.sys
        2008-08-27 14:14 . 2008-08-27 20:19      d--------   C:\WINDOWS\LastGood(2)
        2008-08-24 23:17 . 2008-08-24 23:17      dr-------   C:\Documents and Settings\KOTI\Omat tiedostot
        2008-08-24 20:34 . 2008-08-27 20:19      d--------   C:\d00e3e935169130fb2
        2008-08-20 13:46 . 2008-08-20 13:46      dr-------   C:\Documents and Settings\KOTI\Suosikit
        2008-08-17 16:05 . 2008-06-19 17:24   28,544   --a------   C:\WINDOWS\system32\drivers\pavboot.sys
        2008-08-16 22:38 . 2008-08-17 14:49      d--------   C:\Documents and Settings\OMA\dwhelper
        2008-08-15 13:44 . 2008-04-11 22:05   691,712   -----c---   C:\WINDOWS\system32\dllcache\inetcomm.dll
        2008-08-15 13:43 . 2008-05-01 17:35   331,776   -----c---   C:\WINDOWS\system32\dllcache\msadce.dll
        2008-08-04 22:36 . 2008-08-04 22:36      d--------   C:\Program Files\Java
        2008-08-04 22:36 . 2008-08-04 22:36      d--------   C:\Program Files\InterVideo
        2008-08-04 22:36 . 2008-08-04 22:36      d--------   C:\Program Files\Common Files\Java
        2008-08-04 22:36 . 2008-08-04 22:36      d--------   C:\Program Files\Avanquest update
        2008-08-04 22:35 . 2008-08-04 22:36      d--------   C:\Program Files\Motorola Phone Tools
        2008-08-04 22:35 . 2008-08-04 22:35      d--------   C:\Program Files\Lavasoft
        2008-08-04 22:35 . 2008-08-04 22:35      d--------   C:\Program Files\Common Files\Nokia
        2008-08-04 22:35 . 2008-08-17 14:57      d--------   C:\Documents and Settings\OMA\Application Data\Nokia Multimedia Player
        2008-08-04 22:34 . 2008-08-04 22:35      d--------   C:\Program Files\Nokia
        2008-08-04 22:34 . 2008-08-04 22:34      d--------   C:\Program Files\Apple Software Update
        2008-08-04 22:34 . 2008-08-04 22:34      d--h-----   C:\Documents and Settings\Vieras\Verkkoympäristö
        2008-08-04 22:34 . 2008-08-04 22:34      d--------   C:\Documents and Settings\Vieras\Työpöytä
        2008-08-04 22:34 . 2008-08-04 22:34      d--h-----   C:\Documents and Settings\Vieras\Tulostinympäristö
        2008-08-04 22:34 . 2008-08-04 22:34      dr-------   C:\Documents and Settings\Vieras\Suosikit
        2008-08-04 22:34 . 2008-08-04 22:34      dr-------   C:\Documents and Settings\Vieras\Omat tiedostot
        2008-08-04 22:34 . 2008-08-04 22:34      d--h-----   C:\Documents and Settings\Vieras\Mallit
        2008-08-04 22:34 . 2008-08-04 22:34      dr-------   C:\Documents and Settings\Vieras\Käynnistä-valikko
        2008-08-04 22:34 . 2008-08-04 22:34      d--------   C:\Documents and Settings\Vieras\Application Data\PC Suite
        2008-08-04 22:34 . 2008-08-27 20:21      d--------   C:\Documents and Settings\Vieras
        2008-08-04 22:34 . 2008-08-04 22:35      d--------   C:\Documents and Settings\KOTI\Työpöytä
        2008-08-04 22:34 . 2008-08-04 22:34      d--h-----   C:\Documents and Settings\KOTI\Tulostinympäristö
        2008-08-04 22:34 . 2008-08-04 22:34      d--h-----   C:\Documents and Settings\KOTI\Mallit
        2008-08-04 22:34 . 2008-08-04 22:34      dr-------   C:\Documents and Settings\KOTI\Käynnistä-valikko
        2008-08-04 22:34 . 2008-08-04 22:34      d--------   C:\Documents and Settings\KOTI\Application Data\PC Suite
        2008-08-04 22:34 . 2008-08-04 22:34      d--------   C:\Documents and Settings\KOTI\Application Data\InterVideo
        2008-08-04 22:34 . 2008-08-04 22:34      d--------   C:\Documents and Settings\KOTI\Application Data\BSplayer
        2008-08-04 22:34 . 2008-08-27 20:21      d--------   C:\Documents and Settings\KOTI
        2008-08-04 22:34 . 2008-08-04 22:34      d--------   C:\Documents and Settings\All Users\Application Data\Apple
        2008-08-03 14:36 . 2008-08-04 22:57      d--------   C:\Documents and Settings\All Users\Application Data\Lavasoft
        2008-08-03 12:36 . 2008-08-03 12:39   1,306   --a------   C:\WINDOWS\system32\tmp.reg
        2008-08-03 12:35 . 2007-09-06 00:22   289,144   --a------   C:\WINDOWS\system32\VCCLSID.exe
        2008-08-03 12:35 . 2006-04-27 17:49   288,417   --a------   C:\WINDOWS\system32\SrchSTS.exe
        2008-08-03 12:35 . 2008-05-29 09:35   86,528   --a------   C:\WINDOWS\system32\VACFix.exe
        2008-08-03 12:35 . 2008-05-18 21:40   82,944   --a------   C:\WINDOWS\system32\IEDFix.exe
        2008-08-03 12:35 . 2008-07-02 13:33   82,432   --a------   C:\WINDOWS\system32\IEDFix.C.exe
        2008-08-03 12:35 . 2008-05-23 18:21   81,920   --a------   C:\WINDOWS\system32\404Fix.exe
        2008-08-03 12:35 . 2003-06-05 21:13   53,248   --a------   C:\WINDOWS\system32\Process.exe
        2008-08-03 12:35 . 2004-07-31 18:50   51,200   --a------   C:\WINDOWS\system32\dumphive.exe
        2008-08-03 12:35 . 2007-10-04 00:36   25,600   --a------   C:\WINDOWS\system32\WS2Fix.exe
        2008-08-01 21:35 . 2008-06-10 02:32   73,728   --a------   C:\WINDOWS\system32\javacpl.cpl
        2008-07-24 18:34 . 2008-08-19 20:08      d--------   C:\Program Files\Microsoft Silverlight
        2008-07-22 11:20 . 2008-08-29 20:08      d--------   C:\Program Files\Mobile Partner
        2008-07-22 08:26 . 2008-07-22 08:26      d--------   C:\WINDOWS\system32\fi
        2008-07-22 08:26 . 2008-07-22 08:26      d--------   C:\WINDOWS\system32\bits
        2008-07-22 08:26 . 2008-07-22 08:27      d--------   C:\WINDOWS\l2schemas
        2008-07-22 08:01 . 2008-07-22 08:29      d--------   C:\WINDOWS\ServicePackFiles
        2008-07-22 07:09 . 2008-07-22 07:09      d--------   C:\WINDOWS\EHome
        2008-07-22 02:52 . 2004-08-03 22:41   1,041,536   ---------   C:\WINDOWS\system32\drivers\hsfdpsp2.sys
        2008-07-22 02:52 . 2004-08-03 22:41   685,056   ---------   C:\WINDOWS\system32\drivers\hsfcxts2.sys
        2008-07-22 02:52 . 2004-08-03 22:41   220,032   ---------   C:\WINDOWS\system32\drivers\hsfbs2s2.sys
        2008-07-22 02:52 . 2004-08-03 22:41   126,686   ---------   C:\WINDOWS\system32\drivers\mtlmnt5.sys
        2008-07-22 02:52 . 2004-08-03 22:41   11,868   ---------   C:\WINDOWS\system32\drivers\mdmxsdk.sys
        2008-07-22 02:51 . 2004-07-17 22:55   129,045   ---------   C:\WINDOWS\system32\drivers\cxthsfs2.cty
        2008-07-07 23:28 . 2008-07-07 23:28   253,952   -----c---   C:\WINDOWS\system32\dllcache\es.dll

        .
        (((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
        .
        2008-08-30 17:06   ---------   d---a-w   C:\Documents and Settings\All Users\Application Data\TEMP
        2008-08-04 19:35   ---------   d-----w   C:\Program Files\Common Files\PCSuite
        2008-08-04 19:34   ---------   d-----w   C:\Program Files\Windows Media Connect 2
        2008-08-04 19:34   ---------   d-----w   C:\Program Files\Hewlett-Packard
        2008-08-04 16:28   ---------   d-----w   C:\Documents and Settings\All Users\Application Data\BVRP Software
        2008-08-04 16:27   ---------   d--h--w   C:\Program Files\InstallShield Installation Information
        2008-07-29 18:34   ---------   d-----w   C:\Documents and Settings\OMA\Application Data\BSplayer
        2008-07-18 19:10   94,920   ----a-w   C:\WINDOWS\system32\cdm.dll
        2008-07-18 19:10   53,448   ----a-w   C:\WINDOWS\system32\wuauclt.exe
        2008-07-18 19:10   45,768   ----a-w   C:\WINDOWS\system32\wups2.dll
        2008-07-18 19:10   36,552   ----a-w   C:\WINDOWS\system32\wups.dll
        2008-07-18 19:09   563,912   ----a-w   C:\WINDOWS\system32\wuapi.dll
        2008-07-18 19:09   325,832   ----a-w   C:\WINDOWS\system32\wucltui.dll
        2008-07-18 19:09   205,000   ----a-w   C:\WINDOWS\system32\wuweb.dll
        2008-07-18 19:09   1,811,656   ----a-w   C:\WINDOWS\system32\wuaueng.dll
        2008-07-18 19:07   270,880   ----a-w   C:\WINDOWS\system32\mucltui.dll
        2008-07-18 19:07   210,976   ----a-w   C:\WINDOWS\system32\muweb.dll
        2008-07-14 18:59   ---------   d-----w   C:\Documents and Settings\OMA\Application Data\Touchstone
        2008-07-07 20:28   253,952   ----a-w   C:\WINDOWS\system32\es.dll
        2008-06-29 20:30   107,888   ----a-w   C:\WINDOWS\system32\CmdLineExt.dll
        2008-06-24 16:44   74,240   ----a-w   C:\WINDOWS\system32\mscms.dll
        2008-06-23 16:29   826,368   ----a-w   C:\WINDOWS\system32\wininet.dll
        2008-06-22 17:17   0   ---ha-w   C:\Documents and Settings\All Users\hpothb07.dat
        2008-06-20 17:47   246,784   ----a-w   C:\WINDOWS\system32\mswsock.dll
        2008-05-09 10:55   90,112   ----a-w   C:\WINDOWS\system32\wshext.dll
        2008-05-09 10:55   430,080   ----a-w   C:\WINDOWS\system32\vbscript.dll
        2008-05-09 10:55   180,224   ----a-w   C:\WINDOWS\system32\scrobj.dll
        2008-05-09 10:55   172,032   ----a-w   C:\WINDOWS\system32\scrrun.dll
        2008-05-08 11:24   155,648   ----a-w   C:\WINDOWS\system32\wscript.exe
        2008-05-07 09:07   135,168   ----a-w   C:\WINDOWS\system32\cscript.exe
        2008-05-07 05:12   1,288,704   ----a-w   C:\WINDOWS\system32\quartz.dll
        2008-03-06 16:06   0   ----a-w   C:\Documents and Settings\OMA\Application Data\wklnhst.dat
        2007-10-14 14:32   24,192   ----a-w   C:\Documents and Settings\OMA\usbsermptxp.sys
        2007-10-14 14:32   22,768   ----a-w   C:\Documents and Settings\OMA\usbsermpt.sys
        .

        (((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
        .
        .
        *Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä
        REGEDIT4

        [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
        "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 19:12 15360]

        [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
        "PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-03-23 13:20 227328]

        [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
        "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 19:12 15360]
        "Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-03-27 15:58 1744896]

        [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
        "%windir%\\system32\\sessmgr.exe"=
        "C:\\Program Files\\Messenger\\Msmsgs.exe"=

        R3 EKBfltr;ENE Keyboard Controller;C:\WINDOWS\system32\DRIVERS\EKBfltr.sys [2005-07-28 11:53]
        S2 Ndiskio;Ndiskio;C:\Norman\Nse\bin\NDISKIO.SYS []
        S3 fixustor;fixustor;C:\WINDOWS\system32\drivers\fixustor.sys []
        S3 nvcfsr;nvcfsr;C:\Norman\Nvc\bin\nvcfsr.sys []
        S3 NvcMFlt;NvcMFlt;C:\WINDOWS\system32\DRIVERS\nvcw32mf.sys []
        S3 nvcoafl51;nvcoafl51;C:\Norman\Nvc\bin\nvcoafl51.sys []
        S3 nvcoaft51;nvcoaft51;C:\Norman\Nvc\bin\nvcoaft51.sys []
        S3 nvcoarc51;nvcoarc51;C:\Norman\Nvc\bin\nvcoarc51.sys []
        S3 nvcoas;Norman Virus Control on-access component;C:\Norman\Nvc\bin\nvcoas.exe []
        S3 NVCScheduler;Norman Virus Control Scheduler;C:\Norman\Nvc\BIN\NVCSCHED.EXE []

        [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{01e0ec62-745d-11dd-ae94-0014a55e7289}]
        \Shell\AutoRun\command - E:\AutoRun.exe

        [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{54aac896-7b2a-11dc-ad55-0014a55e7289}]
        \Shell\AutoRun\command - E:\PortableApps\PortableAppsMenu\PortableAppsMenu.exe

        [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fb45df98-75ec-11dd-ae98-0014a55e7289}]
        \Shell\AutoRun\command - E:\AutoRun.exe

        *Newly Created Service* - CATCHME
        *Newly Created Service* - PROCEXP90
        .
        'Ajoitetut tehtävät'-kansion sisältö

        2008-08-05 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
        - C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-04-11 17:57]
        .
        .
        ------- Supplementary Scan -------
        .
        FireFox -: Profile - C:\Documents and Settings\OMA\Application Data\Mozilla\Firefox\Profiles\ioioluvt.default\
        FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://finnish.toggle.com/fi/index.php?rvs=hompag&d=79919195
        .

        **************************************************************************

        catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
        Rootkit scan 2008-08-31 02:57:28
        Windows 5.1.2600 Service Pack 2 NTFS

        scanning hidden processes ...

        scanning hidden autostart entries ...

        scanning hidden files ...

        scan completed successfully
        hidden files: 0

        **************************************************************************
        .
        Completion time: 2008-08-31 2:58:41
        ComboFix-quarantined-files.txt 2008-08-30 23:58:34

        Pre-Run: 85,906,894,848 tavua vapaana
        Post-Run: 85,892,358,144 tavua vapaana

        179   --- E O F ---   2008-08-27 18:58:35

        Lataa http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe
        OTMoveIt ja tallenna se työpöydällesi.

        Tuplaklikkaa OTMoveIt.exe.
        Klikkaa CleanUp!.
        Valitse Yes kun kysytään "Begin cleanup Process?".
        Jos pyydetään, että saako koneen käynnistää uudeelleen, valitse Yes.OTMoveIt poistaa itsensä kun se on valmis, jos näin ei käy poista se itse.


        HUOM: Jos palomuurisi tai joku muu tietoturvaohjelma varoittaa, että OTMoveIt yrittää päästä nettin, niin anna sen päästä sinne.

    • muuta kuin

      vikaa. formatoi konees kaikki uusiksi.

    • sillain

      nyt on näppylät

      • tosi!

        onko tuo formatointi ihan aiheellista ja ainoa lääke? onko muita vaihtoehtoja..

        antakaa selko ohjeita kiitos..

      • dssdgsdgdfghdfsh
        tosi! kirjoitti:

        onko tuo formatointi ihan aiheellista ja ainoa lääke? onko muita vaihtoehtoja..

        antakaa selko ohjeita kiitos..

        yksi paskimmista keskusteluista mitä on koskaan käyty!

    Ketjusta on poistettu 0 sääntöjenvastaista viestiä.

    Takaisin ylös

    Luetuimmat keskustelut

    1. Mitä ominaisuutta arvostat eniten hänessä?

      Ihastuksessasi, rakkautesi kohteessa
      Ikävä
      167
      2804

    2. Miksi mies kääntyy poispäin

      Ja teeskentelee, ettei näe minua, kun törmäämme vahingossa? 🫣
      Ikävä
      201
      2087

    3. Oletko kertonut jo muille tunteistasi?

      Ystävillesi esimerkiksi? Minä en ole vielä kertonut kenellekään tästä meidän jutusta.
      Ikävä
      50
      1922

    4. Kerro kaivatustasi.

      1. Minkälainen koti 2. Ammatti 3. Ulkonäkö 4. Ikä
      Ikävä
      71
      1776

    5. Kysy jotain kaivatultasi

      Laita tunnisteet molemmista
      Ikävä
      92
      1658

    6. Kesä, kesä!

      Veikkaan, ettet juuri nyt ikävöi minua, ehket enää koskaan? Näkemättömyys on laimentanut tunteet, ja katselet iloisena k
      Tunteet
      9
      1531

    7. Minkälaisesta seksistä

      haaveilet kaivattusi kanssa?
      Ikävä
      81
      1244

    8. Kai me nainen jollain tasolla tykätään

      Toisistamme kun tämä on kestänyt niin kauan
      Ikävä
      81
      1080

    9. Tarkkanäköisyys

      Oon muuten pirun hyvä huomaamaan asioita! Senhän sä varmaan kyllä jo tiesitkin.
      Ikävä
      95
      1039

    10. Miksi sanotaan että Suomella on suuri armeija, tykistö jne.

      Asioita tarkemmin seuranneet tietävät että tuolla Ukrainassa palaa kuukaudessa sen verran mitä Suomella on kokonaisuudes
      Maailman menoa
      196
      1030
    Aihe
    TietosuojaselosteKäyttöehdotEvästeasetuksetSäännöt