onko tässä vikaa

kiitos etukäteen

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://finnish.toggle.com/index.php?rvs=hompag
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Paikallinen palve')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Verkkopalve')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: @c:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @c:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://a1540.g.akamai.net/7/1540/52/20070501/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1162323742234
O17 - HKLM\System\CCS\Services\Tcpip\..\{FF70EF43-372E-4397-B83F-5FC4E6D25D71}: NameServer = 192.89.123.231 192.89.123.230
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Norman eLogger service 6 (eLoggerSvc6) - Unknown owner - C:\Norman\Npm\bin\ELOGSVC.EXE (file missing)
O23 - Service: Norman NJeeves - Unknown owner - C:\Norman\Npm\bin\NJEEVES.EXE (file missing)
O23 - Service: Norman ZANDA - Unknown owner - C:\Norman\Npm\Bin\Zanda.exe (file missing)
O23 - Service: Norman Virus Control on-access component (nvcoas) - Unknown owner - C:\Norman\Nvc\bin\nvcoas.exe (file missing)
O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Unknown owner - C:\Norman\Nvc\BIN\NVCSCHED.EXE (file missing)
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

9

1095

Äänestä

    Vastaukset

    Anonyymi (Kirjaudu / Rekisteröidy)
    5000
    • 123321

      lokit kokonaan

      • teen?

        vai tarviiko mitään toimenpiteitä..

      • 123321
        teen? kirjoitti:

        vai tarviiko mitään toimenpiteitä..

        1.Lataa combofix.exe työpöydällesi yhdestä, kahdesta klinkistä:
        http://download.bleepingcomputer.com/sUBs/ComboFix.exe
        http://subs.geekstogo.com/ComboFix.exe

        2. Tuplaklikkaa combofix.exe tiedostoa ja seuraa ohjeistuksia.
        3. Kun työkalu on valmis, se tuottaa lokin. Lähetä tämä loki viesti ketjuusi.
        Huom! Älä klikkaile combofixin ikkunaa käytön aikana. Tämä saattaa aiheuttaa ohjelman jumiutumisen.

      • Loki tässä.
        123321 kirjoitti:

        1.Lataa combofix.exe työpöydällesi yhdestä, kahdesta klinkistä:
        http://download.bleepingcomputer.com/sUBs/ComboFix.exe
        http://subs.geekstogo.com/ComboFix.exe

        2. Tuplaklikkaa combofix.exe tiedostoa ja seuraa ohjeistuksia.
        3. Kun työkalu on valmis, se tuottaa lokin. Lähetä tämä loki viesti ketjuusi.
        Huom! Älä klikkaile combofixin ikkunaa käytön aikana. Tämä saattaa aiheuttaa ohjelman jumiutumisen.

        2008-08-30 22:02 . 2008-08-30 22:02      d--------   C:\Program Files\Webteh
        2008-08-30 16:44 . 2008-08-30 16:44      d--------   C:\Program Files\CCleaner
        2008-08-30 16:41 . 2008-08-30 16:41      d--------   C:\Program Files\ToniArts
        2008-08-29 23:50 . 2008-08-30 23:38      d--------   C:\Program Files\PAFPoker
        2008-08-29 20:08 . 2007-08-24 19:45   101,120   -ra------   C:\WINDOWS\system32\drivers\ewusbmdm.sys
        2008-08-29 20:08 . 2007-08-24 19:45   24,448   -ra------   C:\WINDOWS\system32\drivers\ewdcsc.sys
        2008-08-29 15:48 . 2008-08-30 19:59      d--------   C:\Program Files\Spyware Doctor
        2008-08-29 15:48 . 2008-08-29 15:48      d--------   C:\Documents and Settings\OMA\Application Data\PC Tools
        2008-08-29 15:48 . 2008-06-10 21:22   81,288   --a------   C:\WINDOWS\system32\drivers\iksyssec.sys
        2008-08-29 15:48 . 2008-06-02 15:19   66,952   --a------   C:\WINDOWS\system32\drivers\iksysflt.sys
        2008-08-29 15:48 . 2008-06-02 15:19   42,376   --a------   C:\WINDOWS\system32\drivers\ikfilesec.sys
        2008-08-29 15:48 . 2008-06-02 15:19   29,576   --a------   C:\WINDOWS\system32\drivers\kcom.sys
        2008-08-27 14:14 . 2008-08-27 20:19      d--------   C:\WINDOWS\LastGood(2)
        2008-08-24 23:17 . 2008-08-24 23:17      dr-------   C:\Documents and Settings\KOTI\Omat tiedostot
        2008-08-24 20:34 . 2008-08-27 20:19      d--------   C:\d00e3e935169130fb2
        2008-08-20 13:46 . 2008-08-20 13:46      dr-------   C:\Documents and Settings\KOTI\Suosikit
        2008-08-17 16:05 . 2008-06-19 17:24   28,544   --a------   C:\WINDOWS\system32\drivers\pavboot.sys
        2008-08-16 22:38 . 2008-08-17 14:49      d--------   C:\Documents and Settings\OMA\dwhelper
        2008-08-15 13:44 . 2008-04-11 22:05   691,712   -----c---   C:\WINDOWS\system32\dllcache\inetcomm.dll
        2008-08-15 13:43 . 2008-05-01 17:35   331,776   -----c---   C:\WINDOWS\system32\dllcache\msadce.dll
        2008-08-04 22:36 . 2008-08-04 22:36      d--------   C:\Program Files\Java
        2008-08-04 22:36 . 2008-08-04 22:36      d--------   C:\Program Files\InterVideo
        2008-08-04 22:36 . 2008-08-04 22:36      d--------   C:\Program Files\Common Files\Java
        2008-08-04 22:36 . 2008-08-04 22:36      d--------   C:\Program Files\Avanquest update
        2008-08-04 22:35 . 2008-08-04 22:36      d--------   C:\Program Files\Motorola Phone Tools
        2008-08-04 22:35 . 2008-08-04 22:35      d--------   C:\Program Files\Lavasoft
        2008-08-04 22:35 . 2008-08-04 22:35      d--------   C:\Program Files\Common Files\Nokia
        2008-08-04 22:35 . 2008-08-17 14:57      d--------   C:\Documents and Settings\OMA\Application Data\Nokia Multimedia Player
        2008-08-04 22:34 . 2008-08-04 22:35      d--------   C:\Program Files\Nokia
        2008-08-04 22:34 . 2008-08-04 22:34      d--------   C:\Program Files\Apple Software Update
        2008-08-04 22:34 . 2008-08-04 22:34      d--h-----   C:\Documents and Settings\Vieras\Verkkoympäristö
        2008-08-04 22:34 . 2008-08-04 22:34      d--------   C:\Documents and Settings\Vieras\Työpöytä
        2008-08-04 22:34 . 2008-08-04 22:34      d--h-----   C:\Documents and Settings\Vieras\Tulostinympäristö
        2008-08-04 22:34 . 2008-08-04 22:34      dr-------   C:\Documents and Settings\Vieras\Suosikit
        2008-08-04 22:34 . 2008-08-04 22:34      dr-------   C:\Documents and Settings\Vieras\Omat tiedostot
        2008-08-04 22:34 . 2008-08-04 22:34      d--h-----   C:\Documents and Settings\Vieras\Mallit
        2008-08-04 22:34 . 2008-08-04 22:34      dr-------   C:\Documents and Settings\Vieras\Käynnistä-valikko
        2008-08-04 22:34 . 2008-08-04 22:34      d--------   C:\Documents and Settings\Vieras\Application Data\PC Suite
        2008-08-04 22:34 . 2008-08-27 20:21      d--------   C:\Documents and Settings\Vieras
        2008-08-04 22:34 . 2008-08-04 22:35      d--------   C:\Documents and Settings\KOTI\Työpöytä
        2008-08-04 22:34 . 2008-08-04 22:34      d--h-----   C:\Documents and Settings\KOTI\Tulostinympäristö
        2008-08-04 22:34 . 2008-08-04 22:34      d--h-----   C:\Documents and Settings\KOTI\Mallit
        2008-08-04 22:34 . 2008-08-04 22:34      dr-------   C:\Documents and Settings\KOTI\Käynnistä-valikko
        2008-08-04 22:34 . 2008-08-04 22:34      d--------   C:\Documents and Settings\KOTI\Application Data\PC Suite
        2008-08-04 22:34 . 2008-08-04 22:34      d--------   C:\Documents and Settings\KOTI\Application Data\InterVideo
        2008-08-04 22:34 . 2008-08-04 22:34      d--------   C:\Documents and Settings\KOTI\Application Data\BSplayer
        2008-08-04 22:34 . 2008-08-27 20:21      d--------   C:\Documents and Settings\KOTI
        2008-08-04 22:34 . 2008-08-04 22:34      d--------   C:\Documents and Settings\All Users\Application Data\Apple
        2008-08-03 14:36 . 2008-08-04 22:57      d--------   C:\Documents and Settings\All Users\Application Data\Lavasoft
        2008-08-03 12:36 . 2008-08-03 12:39   1,306   --a------   C:\WINDOWS\system32\tmp.reg
        2008-08-03 12:35 . 2007-09-06 00:22   289,144   --a------   C:\WINDOWS\system32\VCCLSID.exe
        2008-08-03 12:35 . 2006-04-27 17:49   288,417   --a------   C:\WINDOWS\system32\SrchSTS.exe
        2008-08-03 12:35 . 2008-05-29 09:35   86,528   --a------   C:\WINDOWS\system32\VACFix.exe
        2008-08-03 12:35 . 2008-05-18 21:40   82,944   --a------   C:\WINDOWS\system32\IEDFix.exe
        2008-08-03 12:35 . 2008-07-02 13:33   82,432   --a------   C:\WINDOWS\system32\IEDFix.C.exe
        2008-08-03 12:35 . 2008-05-23 18:21   81,920   --a------   C:\WINDOWS\system32\404Fix.exe
        2008-08-03 12:35 . 2003-06-05 21:13   53,248   --a------   C:\WINDOWS\system32\Process.exe
        2008-08-03 12:35 . 2004-07-31 18:50   51,200   --a------   C:\WINDOWS\system32\dumphive.exe
        2008-08-03 12:35 . 2007-10-04 00:36   25,600   --a------   C:\WINDOWS\system32\WS2Fix.exe
        2008-08-01 21:35 . 2008-06-10 02:32   73,728   --a------   C:\WINDOWS\system32\javacpl.cpl
        2008-07-24 18:34 . 2008-08-19 20:08      d--------   C:\Program Files\Microsoft Silverlight
        2008-07-22 11:20 . 2008-08-29 20:08      d--------   C:\Program Files\Mobile Partner
        2008-07-22 08:26 . 2008-07-22 08:26      d--------   C:\WINDOWS\system32\fi
        2008-07-22 08:26 . 2008-07-22 08:26      d--------   C:\WINDOWS\system32\bits
        2008-07-22 08:26 . 2008-07-22 08:27      d--------   C:\WINDOWS\l2schemas
        2008-07-22 08:01 . 2008-07-22 08:29      d--------   C:\WINDOWS\ServicePackFiles
        2008-07-22 07:09 . 2008-07-22 07:09      d--------   C:\WINDOWS\EHome
        2008-07-22 02:52 . 2004-08-03 22:41   1,041,536   ---------   C:\WINDOWS\system32\drivers\hsfdpsp2.sys
        2008-07-22 02:52 . 2004-08-03 22:41   685,056   ---------   C:\WINDOWS\system32\drivers\hsfcxts2.sys
        2008-07-22 02:52 . 2004-08-03 22:41   220,032   ---------   C:\WINDOWS\system32\drivers\hsfbs2s2.sys
        2008-07-22 02:52 . 2004-08-03 22:41   126,686   ---------   C:\WINDOWS\system32\drivers\mtlmnt5.sys
        2008-07-22 02:52 . 2004-08-03 22:41   11,868   ---------   C:\WINDOWS\system32\drivers\mdmxsdk.sys
        2008-07-22 02:51 . 2004-07-17 22:55   129,045   ---------   C:\WINDOWS\system32\drivers\cxthsfs2.cty
        2008-07-07 23:28 . 2008-07-07 23:28   253,952   -----c---   C:\WINDOWS\system32\dllcache\es.dll

        .
        (((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
        .
        2008-08-30 17:06   ---------   d---a-w   C:\Documents and Settings\All Users\Application Data\TEMP
        2008-08-04 19:35   ---------   d-----w   C:\Program Files\Common Files\PCSuite
        2008-08-04 19:34   ---------   d-----w   C:\Program Files\Windows Media Connect 2
        2008-08-04 19:34   ---------   d-----w   C:\Program Files\Hewlett-Packard
        2008-08-04 16:28   ---------   d-----w   C:\Documents and Settings\All Users\Application Data\BVRP Software
        2008-08-04 16:27   ---------   d--h--w   C:\Program Files\InstallShield Installation Information
        2008-07-29 18:34   ---------   d-----w   C:\Documents and Settings\OMA\Application Data\BSplayer
        2008-07-18 19:10   94,920   ----a-w   C:\WINDOWS\system32\cdm.dll
        2008-07-18 19:10   53,448   ----a-w   C:\WINDOWS\system32\wuauclt.exe
        2008-07-18 19:10   45,768   ----a-w   C:\WINDOWS\system32\wups2.dll
        2008-07-18 19:10   36,552   ----a-w   C:\WINDOWS\system32\wups.dll
        2008-07-18 19:09   563,912   ----a-w   C:\WINDOWS\system32\wuapi.dll
        2008-07-18 19:09   325,832   ----a-w   C:\WINDOWS\system32\wucltui.dll
        2008-07-18 19:09   205,000   ----a-w   C:\WINDOWS\system32\wuweb.dll
        2008-07-18 19:09   1,811,656   ----a-w   C:\WINDOWS\system32\wuaueng.dll
        2008-07-18 19:07   270,880   ----a-w   C:\WINDOWS\system32\mucltui.dll
        2008-07-18 19:07   210,976   ----a-w   C:\WINDOWS\system32\muweb.dll
        2008-07-14 18:59   ---------   d-----w   C:\Documents and Settings\OMA\Application Data\Touchstone
        2008-07-07 20:28   253,952   ----a-w   C:\WINDOWS\system32\es.dll
        2008-06-29 20:30   107,888   ----a-w   C:\WINDOWS\system32\CmdLineExt.dll
        2008-06-24 16:44   74,240   ----a-w   C:\WINDOWS\system32\mscms.dll
        2008-06-23 16:29   826,368   ----a-w   C:\WINDOWS\system32\wininet.dll
        2008-06-22 17:17   0   ---ha-w   C:\Documents and Settings\All Users\hpothb07.dat
        2008-06-20 17:47   246,784   ----a-w   C:\WINDOWS\system32\mswsock.dll
        2008-05-09 10:55   90,112   ----a-w   C:\WINDOWS\system32\wshext.dll
        2008-05-09 10:55   430,080   ----a-w   C:\WINDOWS\system32\vbscript.dll
        2008-05-09 10:55   180,224   ----a-w   C:\WINDOWS\system32\scrobj.dll
        2008-05-09 10:55   172,032   ----a-w   C:\WINDOWS\system32\scrrun.dll
        2008-05-08 11:24   155,648   ----a-w   C:\WINDOWS\system32\wscript.exe
        2008-05-07 09:07   135,168   ----a-w   C:\WINDOWS\system32\cscript.exe
        2008-05-07 05:12   1,288,704   ----a-w   C:\WINDOWS\system32\quartz.dll
        2008-03-06 16:06   0   ----a-w   C:\Documents and Settings\OMA\Application Data\wklnhst.dat
        2007-10-14 14:32   24,192   ----a-w   C:\Documents and Settings\OMA\usbsermptxp.sys
        2007-10-14 14:32   22,768   ----a-w   C:\Documents and Settings\OMA\usbsermpt.sys
        .

        (((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
        .
        .
        *Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä
        REGEDIT4

        [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
        "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 19:12 15360]

        [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
        "PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-03-23 13:20 227328]

        [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
        "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 19:12 15360]
        "Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-03-27 15:58 1744896]

        [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
        "%windir%\\system32\\sessmgr.exe"=
        "C:\\Program Files\\Messenger\\Msmsgs.exe"=

        R3 EKBfltr;ENE Keyboard Controller;C:\WINDOWS\system32\DRIVERS\EKBfltr.sys [2005-07-28 11:53]
        S2 Ndiskio;Ndiskio;C:\Norman\Nse\bin\NDISKIO.SYS []
        S3 fixustor;fixustor;C:\WINDOWS\system32\drivers\fixustor.sys []
        S3 nvcfsr;nvcfsr;C:\Norman\Nvc\bin\nvcfsr.sys []
        S3 NvcMFlt;NvcMFlt;C:\WINDOWS\system32\DRIVERS\nvcw32mf.sys []
        S3 nvcoafl51;nvcoafl51;C:\Norman\Nvc\bin\nvcoafl51.sys []
        S3 nvcoaft51;nvcoaft51;C:\Norman\Nvc\bin\nvcoaft51.sys []
        S3 nvcoarc51;nvcoarc51;C:\Norman\Nvc\bin\nvcoarc51.sys []
        S3 nvcoas;Norman Virus Control on-access component;C:\Norman\Nvc\bin\nvcoas.exe []
        S3 NVCScheduler;Norman Virus Control Scheduler;C:\Norman\Nvc\BIN\NVCSCHED.EXE []

        [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{01e0ec62-745d-11dd-ae94-0014a55e7289}]
        \Shell\AutoRun\command - E:\AutoRun.exe

        [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{54aac896-7b2a-11dc-ad55-0014a55e7289}]
        \Shell\AutoRun\command - E:\PortableApps\PortableAppsMenu\PortableAppsMenu.exe

        [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fb45df98-75ec-11dd-ae98-0014a55e7289}]
        \Shell\AutoRun\command - E:\AutoRun.exe

        *Newly Created Service* - CATCHME
        *Newly Created Service* - PROCEXP90
        .
        'Ajoitetut tehtävät'-kansion sisältö

        2008-08-05 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
        - C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-04-11 17:57]
        .
        .
        ------- Supplementary Scan -------
        .
        FireFox -: Profile - C:\Documents and Settings\OMA\Application Data\Mozilla\Firefox\Profiles\ioioluvt.default\
        FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://finnish.toggle.com/fi/index.php?rvs=hompag&d=79919195
        .

        **************************************************************************

        catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
        Rootkit scan 2008-08-31 02:57:28
        Windows 5.1.2600 Service Pack 2 NTFS

        scanning hidden processes ...

        scanning hidden autostart entries ...

        scanning hidden files ...

        scan completed successfully
        hidden files: 0

        **************************************************************************
        .
        Completion time: 2008-08-31 2:58:41
        ComboFix-quarantined-files.txt 2008-08-30 23:58:34

        Pre-Run: 85,906,894,848 tavua vapaana
        Post-Run: 85,892,358,144 tavua vapaana

        179   --- E O F ---   2008-08-27 18:58:35

      • 123321
        Loki tässä. kirjoitti:

        2008-08-30 22:02 . 2008-08-30 22:02      d--------   C:\Program Files\Webteh
        2008-08-30 16:44 . 2008-08-30 16:44      d--------   C:\Program Files\CCleaner
        2008-08-30 16:41 . 2008-08-30 16:41      d--------   C:\Program Files\ToniArts
        2008-08-29 23:50 . 2008-08-30 23:38      d--------   C:\Program Files\PAFPoker
        2008-08-29 20:08 . 2007-08-24 19:45   101,120   -ra------   C:\WINDOWS\system32\drivers\ewusbmdm.sys
        2008-08-29 20:08 . 2007-08-24 19:45   24,448   -ra------   C:\WINDOWS\system32\drivers\ewdcsc.sys
        2008-08-29 15:48 . 2008-08-30 19:59      d--------   C:\Program Files\Spyware Doctor
        2008-08-29 15:48 . 2008-08-29 15:48      d--------   C:\Documents and Settings\OMA\Application Data\PC Tools
        2008-08-29 15:48 . 2008-06-10 21:22   81,288   --a------   C:\WINDOWS\system32\drivers\iksyssec.sys
        2008-08-29 15:48 . 2008-06-02 15:19   66,952   --a------   C:\WINDOWS\system32\drivers\iksysflt.sys
        2008-08-29 15:48 . 2008-06-02 15:19   42,376   --a------   C:\WINDOWS\system32\drivers\ikfilesec.sys
        2008-08-29 15:48 . 2008-06-02 15:19   29,576   --a------   C:\WINDOWS\system32\drivers\kcom.sys
        2008-08-27 14:14 . 2008-08-27 20:19      d--------   C:\WINDOWS\LastGood(2)
        2008-08-24 23:17 . 2008-08-24 23:17      dr-------   C:\Documents and Settings\KOTI\Omat tiedostot
        2008-08-24 20:34 . 2008-08-27 20:19      d--------   C:\d00e3e935169130fb2
        2008-08-20 13:46 . 2008-08-20 13:46      dr-------   C:\Documents and Settings\KOTI\Suosikit
        2008-08-17 16:05 . 2008-06-19 17:24   28,544   --a------   C:\WINDOWS\system32\drivers\pavboot.sys
        2008-08-16 22:38 . 2008-08-17 14:49      d--------   C:\Documents and Settings\OMA\dwhelper
        2008-08-15 13:44 . 2008-04-11 22:05   691,712   -----c---   C:\WINDOWS\system32\dllcache\inetcomm.dll
        2008-08-15 13:43 . 2008-05-01 17:35   331,776   -----c---   C:\WINDOWS\system32\dllcache\msadce.dll
        2008-08-04 22:36 . 2008-08-04 22:36      d--------   C:\Program Files\Java
        2008-08-04 22:36 . 2008-08-04 22:36      d--------   C:\Program Files\InterVideo
        2008-08-04 22:36 . 2008-08-04 22:36      d--------   C:\Program Files\Common Files\Java
        2008-08-04 22:36 . 2008-08-04 22:36      d--------   C:\Program Files\Avanquest update
        2008-08-04 22:35 . 2008-08-04 22:36      d--------   C:\Program Files\Motorola Phone Tools
        2008-08-04 22:35 . 2008-08-04 22:35      d--------   C:\Program Files\Lavasoft
        2008-08-04 22:35 . 2008-08-04 22:35      d--------   C:\Program Files\Common Files\Nokia
        2008-08-04 22:35 . 2008-08-17 14:57      d--------   C:\Documents and Settings\OMA\Application Data\Nokia Multimedia Player
        2008-08-04 22:34 . 2008-08-04 22:35      d--------   C:\Program Files\Nokia
        2008-08-04 22:34 . 2008-08-04 22:34      d--------   C:\Program Files\Apple Software Update
        2008-08-04 22:34 . 2008-08-04 22:34      d--h-----   C:\Documents and Settings\Vieras\Verkkoympäristö
        2008-08-04 22:34 . 2008-08-04 22:34      d--------   C:\Documents and Settings\Vieras\Työpöytä
        2008-08-04 22:34 . 2008-08-04 22:34      d--h-----   C:\Documents and Settings\Vieras\Tulostinympäristö
        2008-08-04 22:34 . 2008-08-04 22:34      dr-------   C:\Documents and Settings\Vieras\Suosikit
        2008-08-04 22:34 . 2008-08-04 22:34      dr-------   C:\Documents and Settings\Vieras\Omat tiedostot
        2008-08-04 22:34 . 2008-08-04 22:34      d--h-----   C:\Documents and Settings\Vieras\Mallit
        2008-08-04 22:34 . 2008-08-04 22:34      dr-------   C:\Documents and Settings\Vieras\Käynnistä-valikko
        2008-08-04 22:34 . 2008-08-04 22:34      d--------   C:\Documents and Settings\Vieras\Application Data\PC Suite
        2008-08-04 22:34 . 2008-08-27 20:21      d--------   C:\Documents and Settings\Vieras
        2008-08-04 22:34 . 2008-08-04 22:35      d--------   C:\Documents and Settings\KOTI\Työpöytä
        2008-08-04 22:34 . 2008-08-04 22:34      d--h-----   C:\Documents and Settings\KOTI\Tulostinympäristö
        2008-08-04 22:34 . 2008-08-04 22:34      d--h-----   C:\Documents and Settings\KOTI\Mallit
        2008-08-04 22:34 . 2008-08-04 22:34      dr-------   C:\Documents and Settings\KOTI\Käynnistä-valikko
        2008-08-04 22:34 . 2008-08-04 22:34      d--------   C:\Documents and Settings\KOTI\Application Data\PC Suite
        2008-08-04 22:34 . 2008-08-04 22:34      d--------   C:\Documents and Settings\KOTI\Application Data\InterVideo
        2008-08-04 22:34 . 2008-08-04 22:34      d--------   C:\Documents and Settings\KOTI\Application Data\BSplayer
        2008-08-04 22:34 . 2008-08-27 20:21      d--------   C:\Documents and Settings\KOTI
        2008-08-04 22:34 . 2008-08-04 22:34      d--------   C:\Documents and Settings\All Users\Application Data\Apple
        2008-08-03 14:36 . 2008-08-04 22:57      d--------   C:\Documents and Settings\All Users\Application Data\Lavasoft
        2008-08-03 12:36 . 2008-08-03 12:39   1,306   --a------   C:\WINDOWS\system32\tmp.reg
        2008-08-03 12:35 . 2007-09-06 00:22   289,144   --a------   C:\WINDOWS\system32\VCCLSID.exe
        2008-08-03 12:35 . 2006-04-27 17:49   288,417   --a------   C:\WINDOWS\system32\SrchSTS.exe
        2008-08-03 12:35 . 2008-05-29 09:35   86,528   --a------   C:\WINDOWS\system32\VACFix.exe
        2008-08-03 12:35 . 2008-05-18 21:40   82,944   --a------   C:\WINDOWS\system32\IEDFix.exe
        2008-08-03 12:35 . 2008-07-02 13:33   82,432   --a------   C:\WINDOWS\system32\IEDFix.C.exe
        2008-08-03 12:35 . 2008-05-23 18:21   81,920   --a------   C:\WINDOWS\system32\404Fix.exe
        2008-08-03 12:35 . 2003-06-05 21:13   53,248   --a------   C:\WINDOWS\system32\Process.exe
        2008-08-03 12:35 . 2004-07-31 18:50   51,200   --a------   C:\WINDOWS\system32\dumphive.exe
        2008-08-03 12:35 . 2007-10-04 00:36   25,600   --a------   C:\WINDOWS\system32\WS2Fix.exe
        2008-08-01 21:35 . 2008-06-10 02:32   73,728   --a------   C:\WINDOWS\system32\javacpl.cpl
        2008-07-24 18:34 . 2008-08-19 20:08      d--------   C:\Program Files\Microsoft Silverlight
        2008-07-22 11:20 . 2008-08-29 20:08      d--------   C:\Program Files\Mobile Partner
        2008-07-22 08:26 . 2008-07-22 08:26      d--------   C:\WINDOWS\system32\fi
        2008-07-22 08:26 . 2008-07-22 08:26      d--------   C:\WINDOWS\system32\bits
        2008-07-22 08:26 . 2008-07-22 08:27      d--------   C:\WINDOWS\l2schemas
        2008-07-22 08:01 . 2008-07-22 08:29      d--------   C:\WINDOWS\ServicePackFiles
        2008-07-22 07:09 . 2008-07-22 07:09      d--------   C:\WINDOWS\EHome
        2008-07-22 02:52 . 2004-08-03 22:41   1,041,536   ---------   C:\WINDOWS\system32\drivers\hsfdpsp2.sys
        2008-07-22 02:52 . 2004-08-03 22:41   685,056   ---------   C:\WINDOWS\system32\drivers\hsfcxts2.sys
        2008-07-22 02:52 . 2004-08-03 22:41   220,032   ---------   C:\WINDOWS\system32\drivers\hsfbs2s2.sys
        2008-07-22 02:52 . 2004-08-03 22:41   126,686   ---------   C:\WINDOWS\system32\drivers\mtlmnt5.sys
        2008-07-22 02:52 . 2004-08-03 22:41   11,868   ---------   C:\WINDOWS\system32\drivers\mdmxsdk.sys
        2008-07-22 02:51 . 2004-07-17 22:55   129,045   ---------   C:\WINDOWS\system32\drivers\cxthsfs2.cty
        2008-07-07 23:28 . 2008-07-07 23:28   253,952   -----c---   C:\WINDOWS\system32\dllcache\es.dll

        .
        (((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
        .
        2008-08-30 17:06   ---------   d---a-w   C:\Documents and Settings\All Users\Application Data\TEMP
        2008-08-04 19:35   ---------   d-----w   C:\Program Files\Common Files\PCSuite
        2008-08-04 19:34   ---------   d-----w   C:\Program Files\Windows Media Connect 2
        2008-08-04 19:34   ---------   d-----w   C:\Program Files\Hewlett-Packard
        2008-08-04 16:28   ---------   d-----w   C:\Documents and Settings\All Users\Application Data\BVRP Software
        2008-08-04 16:27   ---------   d--h--w   C:\Program Files\InstallShield Installation Information
        2008-07-29 18:34   ---------   d-----w   C:\Documents and Settings\OMA\Application Data\BSplayer
        2008-07-18 19:10   94,920   ----a-w   C:\WINDOWS\system32\cdm.dll
        2008-07-18 19:10   53,448   ----a-w   C:\WINDOWS\system32\wuauclt.exe
        2008-07-18 19:10   45,768   ----a-w   C:\WINDOWS\system32\wups2.dll
        2008-07-18 19:10   36,552   ----a-w   C:\WINDOWS\system32\wups.dll
        2008-07-18 19:09   563,912   ----a-w   C:\WINDOWS\system32\wuapi.dll
        2008-07-18 19:09   325,832   ----a-w   C:\WINDOWS\system32\wucltui.dll
        2008-07-18 19:09   205,000   ----a-w   C:\WINDOWS\system32\wuweb.dll
        2008-07-18 19:09   1,811,656   ----a-w   C:\WINDOWS\system32\wuaueng.dll
        2008-07-18 19:07   270,880   ----a-w   C:\WINDOWS\system32\mucltui.dll
        2008-07-18 19:07   210,976   ----a-w   C:\WINDOWS\system32\muweb.dll
        2008-07-14 18:59   ---------   d-----w   C:\Documents and Settings\OMA\Application Data\Touchstone
        2008-07-07 20:28   253,952   ----a-w   C:\WINDOWS\system32\es.dll
        2008-06-29 20:30   107,888   ----a-w   C:\WINDOWS\system32\CmdLineExt.dll
        2008-06-24 16:44   74,240   ----a-w   C:\WINDOWS\system32\mscms.dll
        2008-06-23 16:29   826,368   ----a-w   C:\WINDOWS\system32\wininet.dll
        2008-06-22 17:17   0   ---ha-w   C:\Documents and Settings\All Users\hpothb07.dat
        2008-06-20 17:47   246,784   ----a-w   C:\WINDOWS\system32\mswsock.dll
        2008-05-09 10:55   90,112   ----a-w   C:\WINDOWS\system32\wshext.dll
        2008-05-09 10:55   430,080   ----a-w   C:\WINDOWS\system32\vbscript.dll
        2008-05-09 10:55   180,224   ----a-w   C:\WINDOWS\system32\scrobj.dll
        2008-05-09 10:55   172,032   ----a-w   C:\WINDOWS\system32\scrrun.dll
        2008-05-08 11:24   155,648   ----a-w   C:\WINDOWS\system32\wscript.exe
        2008-05-07 09:07   135,168   ----a-w   C:\WINDOWS\system32\cscript.exe
        2008-05-07 05:12   1,288,704   ----a-w   C:\WINDOWS\system32\quartz.dll
        2008-03-06 16:06   0   ----a-w   C:\Documents and Settings\OMA\Application Data\wklnhst.dat
        2007-10-14 14:32   24,192   ----a-w   C:\Documents and Settings\OMA\usbsermptxp.sys
        2007-10-14 14:32   22,768   ----a-w   C:\Documents and Settings\OMA\usbsermpt.sys
        .

        (((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
        .
        .
        *Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä
        REGEDIT4

        [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
        "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 19:12 15360]

        [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
        "PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-03-23 13:20 227328]

        [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
        "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 19:12 15360]
        "Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-03-27 15:58 1744896]

        [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
        "%windir%\\system32\\sessmgr.exe"=
        "C:\\Program Files\\Messenger\\Msmsgs.exe"=

        R3 EKBfltr;ENE Keyboard Controller;C:\WINDOWS\system32\DRIVERS\EKBfltr.sys [2005-07-28 11:53]
        S2 Ndiskio;Ndiskio;C:\Norman\Nse\bin\NDISKIO.SYS []
        S3 fixustor;fixustor;C:\WINDOWS\system32\drivers\fixustor.sys []
        S3 nvcfsr;nvcfsr;C:\Norman\Nvc\bin\nvcfsr.sys []
        S3 NvcMFlt;NvcMFlt;C:\WINDOWS\system32\DRIVERS\nvcw32mf.sys []
        S3 nvcoafl51;nvcoafl51;C:\Norman\Nvc\bin\nvcoafl51.sys []
        S3 nvcoaft51;nvcoaft51;C:\Norman\Nvc\bin\nvcoaft51.sys []
        S3 nvcoarc51;nvcoarc51;C:\Norman\Nvc\bin\nvcoarc51.sys []
        S3 nvcoas;Norman Virus Control on-access component;C:\Norman\Nvc\bin\nvcoas.exe []
        S3 NVCScheduler;Norman Virus Control Scheduler;C:\Norman\Nvc\BIN\NVCSCHED.EXE []

        [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{01e0ec62-745d-11dd-ae94-0014a55e7289}]
        \Shell\AutoRun\command - E:\AutoRun.exe

        [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{54aac896-7b2a-11dc-ad55-0014a55e7289}]
        \Shell\AutoRun\command - E:\PortableApps\PortableAppsMenu\PortableAppsMenu.exe

        [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fb45df98-75ec-11dd-ae98-0014a55e7289}]
        \Shell\AutoRun\command - E:\AutoRun.exe

        *Newly Created Service* - CATCHME
        *Newly Created Service* - PROCEXP90
        .
        'Ajoitetut tehtävät'-kansion sisältö

        2008-08-05 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
        - C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-04-11 17:57]
        .
        .
        ------- Supplementary Scan -------
        .
        FireFox -: Profile - C:\Documents and Settings\OMA\Application Data\Mozilla\Firefox\Profiles\ioioluvt.default\
        FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://finnish.toggle.com/fi/index.php?rvs=hompag&d=79919195
        .

        **************************************************************************

        catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
        Rootkit scan 2008-08-31 02:57:28
        Windows 5.1.2600 Service Pack 2 NTFS

        scanning hidden processes ...

        scanning hidden autostart entries ...

        scanning hidden files ...

        scan completed successfully
        hidden files: 0

        **************************************************************************
        .
        Completion time: 2008-08-31 2:58:41
        ComboFix-quarantined-files.txt 2008-08-30 23:58:34

        Pre-Run: 85,906,894,848 tavua vapaana
        Post-Run: 85,892,358,144 tavua vapaana

        179   --- E O F ---   2008-08-27 18:58:35

        Lataa http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe
        OTMoveIt ja tallenna se työpöydällesi.

        Tuplaklikkaa OTMoveIt.exe.
        Klikkaa CleanUp!.
        Valitse Yes kun kysytään "Begin cleanup Process?".
        Jos pyydetään, että saako koneen käynnistää uudeelleen, valitse Yes.OTMoveIt poistaa itsensä kun se on valmis, jos näin ei käy poista se itse.


        HUOM: Jos palomuurisi tai joku muu tietoturvaohjelma varoittaa, että OTMoveIt yrittää päästä nettin, niin anna sen päästä sinne.

    • muuta kuin

      vikaa. formatoi konees kaikki uusiksi.

    • sillain

      nyt on näppylät

      • tosi!

        onko tuo formatointi ihan aiheellista ja ainoa lääke? onko muita vaihtoehtoja..

        antakaa selko ohjeita kiitos..

      • dssdgsdgdfghdfsh
        tosi! kirjoitti:

        onko tuo formatointi ihan aiheellista ja ainoa lääke? onko muita vaihtoehtoja..

        antakaa selko ohjeita kiitos..

        yksi paskimmista keskusteluista mitä on koskaan käyty!

    Ketjusta on poistettu 0 sääntöjenvastaista viestiä.

    Takaisin ylös

    Luetuimmat keskustelut

    1. Onko sulla

      suoja työ paikka? 🤔🤷‍♂️
      Ikävä
      34
      3986

    2. Joensuun kaupunki levittelee tonttitietoja Keskisuomalaiselle

      Sähköposteja ja tonttitietoja levitellään mm. Pasi Koivumaalle
      Joensuu
      13
      1899

    3. Oletko nainen alkanut kammoamaan minua

      Sinua ei näy eikä kuulu, ja ilmeisesti kiertelet tilanteita. Oletko huomannut, että olet vieläkin ajatuksissani luvattom
      Ikävä
      63
      1364

    4. Saako 60 v vielä töitä? Arto Nyberg puhuu suoraan elämästä ilman töitä

      Arto Nyberg täyttää tänään 60 v. Onnea! Nyberg totuttiin näkemään suoran haastatteluohjelman kapteenina vuodesta toise
      Maailman menoa
      95
      1296

    5. Toivoisitko Rakas vielä?

      Haluaisitko vielä? Uskoisin osaavani näyttää sinulle, kuinka ainutlaatuinen nainen olet.
      Ikävä
      68
      1185

    6. Tiesitkö tätä ex-miehistä? Noriko Salo jysäytti yllätyspaljastuksen

      Noriko Salo ja ex-F1 kuski Mika Salo olivat naimisissa v. 1999-2022. Kirsi Salon ex-mies puolestaan on muusikko Sammy A
      Kotimaiset julkkisjuorut
      5
      1041

    7. Koska tajusit silloin aikanaan

      että olin ihastunut sinuun? 🤭😍 Taisin olla aika läpinäkyvä 🫣❤️
      Ikävä
      47
      951

    8. Keskustelua kasteesta

      You tubessa kaksi pappia keskustelivat kasteesta ja kritisoivat raamatullista uskovien kastetta. Toinen heistä yritti
      Kaste
      333
      914

    9. Ihan pieni näkeminen vaan

      👋 ja minä olisin valmis jo vaikka mihin sun kanssa. Nämä on näitä.. 🤫🫣😘💥
      Ikävä
      26
      911

    10. En haluaisi kaiken kuihtuvan pois

      ilman, että olemme voineet jutella rauhassa kasvotusten... Mutta mistä ihmeestä löydän sinut?
      Ikävä
      39
      892
    Aihe
    TietosuojaselosteKäyttöehdotEvästeasetuksetSäännöt