Netti pätkii

Logfile of HijackThis v1.99.1
Scan saved at 18:53:10, on 25.04.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Norman\NPF\NPFSVICE.EXE
C:\Norman\Bin\Zanda.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Norman\Nvc\BIN\NVCSCHED.EXE
C:\Norman\Nvc\bin\nvcoas.exe
C:\Norman\Nvc\BIN\nipsvc.exe
C:\Norman\bin\NJEEVES.EXE
C:\WINDOWS\System32\alg.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\QuickTime\qttask.exe
C:\Norman\bin\ZLH.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Norman\NPF\NPFMSG.EXE
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Norman\Nvc\BIN\NIP.EXE
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
C:\Norman\Nvc\bin\cclaw.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\Program Files\HijackThis_v1.99.1.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe
O4 - HKLM\..\Run: [Norman ZANDA] C:\Norman\bin\ZLH.EXE /LOAD /SPLASH
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: NPF Messenger.lnk = ?
O4 - Global Startup: Officen käynnistys.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: wkcalrem.LNK = C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Imapi Helper - Alex Feinman - C:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\Norman\Nvc\BIN\nipsvc.exe
O23 - Service: Norman NJeeves - Unknown owner - C:\Norman\bin\NJEEVES.EXE
O23 - Service: Norman Type-R - Unknown owner - C:\Program Files\Norman\NPF\NPFSVICE.EXE
O23 - Service: Norman ZANDA - Unknown owner - C:\Norman\Bin\Zanda.exe
O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Norman\Nvc\bin\nvcoas.exe
O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman Data Defense Systems - C:\Norman\Nvc\BIN\NVCSCHED.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

Netti ei pysy päällä.Kaikki mahdolliset virus ohjelmat on ajettu,java päivitetty,levy eheytty,ccleaner on myös käytössä löytyiskö tosta lokista jotain

 

ei löydy



1. Lataa combofix.exe työpöydällesi jommastakummasta linkistä:
http://www.techsupportforum.com/sectools/sUBs/ComboFix.exe
http://download.bleepingcomputer.com/sUBs/ComboFix.exe

2. Tuplaklikkaa combofix.exe tiedostoa ja seuraa ohjeistuksia.
3. Kun työkalu on valmis, se tuottaa lokin. (C:\ComboFix.txt) Lähetä tämä loki viesti ketjuusi.
Huom! Älä klikkaile combofixin ikkunaa käytön aikana. Tämä saattaa aiheuttaa ohjelman jumiutumisen.

 

"Omistaja" - 07-04-25 21:47:58 Service Pack 2
ComboFix 07-04-25.4V - Running from: "C:\Documents and Settings\Omistaja\"


((((((((((((((((((((((((((((((( Files Created from 2007-03-25 to 2007-04-25 ))))))))))))))))))))))))))))))))))


2007-04-25 19:35 86,016 --a------ C:\WINDOWS\unvise32.exe
2007-04-25 18:18 6,112 -ra------ C:\WINDOWS\system32\drivers\k600cm.sys
2007-04-25 18:17 5,744 -ra------ C:\WINDOWS\system32\drivers\k600wh.sys
2007-04-25 18:17 <KANSIO> d-------- C:\WINDOWS\LastGood
2007-04-25 17:12 <KANSIO> d-------- C:\DOCUME~1\ALLUSE~1\Documents
2007-04-25 17:12 <KANSIO> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson
2007-04-25 17:11 <KANSIO> d-------- C:\WINDOWS\Downloaded Installations
2007-04-24 22:12 218,112 --a------ C:\Program Files\HijackThis_v1.99.1.exe
2007-04-24 21:55 <KANSIO> d-------- C:\Downloads
2007-04-24 21:55 <KANSIO> d-------- C:\Bases
2007-04-24 21:54 <KANSIO> d-------- C:\Kaspersky
2007-04-05 21:41 <KANSIO> d-------- C:\Program Files\Mystery Case Files Prime Suspects
2007-04-05 21:38 <KANSIO> d-------- C:\Program Files\ReflexiveArcade
2007-04-05 21:38 <KANSIO> d-------- C:\Program Files\Mystery Case Files Ravenhearst


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2007-04-25 21:44 -------- d-------- C:\DOCUME~1\Omistaja\APPLIC~1\skype
2007-04-25 19:35 -------- d-------- C:\Program Files\divx
2007-04-25 18:53 6586 --a------ C:\Program Files\hijackthis.log
2007-04-25 18:49 -------- d-------- C:\Program Files\mozilla thunderbird
2007-04-25 17:53 11278 --a------ C:\WINDOWS\mozver.dat
2007-04-25 17:41 5 --a------ C:\NPF_USER.DAT
2007-04-25 17:12 -------- d-------- C:\Program Files\Common Files\teleca shared
2007-04-23 18:25 -------- d-------- C:\Program Files\dc++
2007-04-22 19:27 428 --a------ C:\DOCUME~1\Omistaja\APPLIC~1\wklnhst.dat
2007-04-19 21:55 -------- d-------- C:\DOCUME~1\Omistaja\APPLIC~1\vso
2007-04-16 16:58 -------- d-------- C:\DOCUME~1\Omistaja\APPLIC~1\openoffice.org2
2007-03-30 17:02 -------- d-------- C:\Program Files\yahoo!
2007-03-25 11:28 75822 --a------ C:\WINDOWS\system32\perfc00b.dat
2007-03-25 11:28 375934 --a------ C:\WINDOWS\system32\perfh00b.dat
2007-03-22 23:47 46344 --a------ C:\WINDOWS\nssetdefaultbrowser.exe
2007-03-22 19:40 -------- d-------- C:\Program Files\visualtooltip
2007-03-22 19:40 -------- d-------- C:\Program Files\styler
2007-03-22 19:40 -------- d-------- C:\Program Files\microsoft windows vista upgrade advisor
2007-03-22 19:40 -------- d-------- C:\Program Files\lclock
2007-03-20 20:55 -------- d-------- C:\Program Files\skype
2007-03-17 20:39 -------- d-------- C:\DOCUME~1\Omistaja\APPLIC~1\stardock
2007-03-17 16:44 292864 --a------ C:\WINDOWS\system32\winsrv.dll
2007-03-13 19:06 -------- d--h----- C:\Program Files\installshield installation information
2007-03-13 19:06 -------- d-------- C:\Program Files\norman
2007-03-13 18:51 -------- d-------- C:\Program Files\google
2007-03-11 17:22 -------- d-------- C:\Program Files\Common Files\scanner
2007-03-11 17:19 -------- d-------- C:\DOCUME~1\Omistaja\APPLIC~1\netscape
2007-03-11 13:51 -------- d-------- C:\Program Files\yamicsoft
2007-03-08 18:38 578048 --a------ C:\WINDOWS\system32\user32.dll
2007-03-08 18:37 40960 --a------ C:\WINDOWS\system32\mf3216.dll
2007-03-08 18:37 281600 --a------ C:\WINDOWS\system32\gdi32.dll
2007-03-08 18:34 1843840 --a------ C:\WINDOWS\system32\win32k.sys
2007-03-04 20:45 -------- d-------- C:\DOCUME~1\Omistaja\APPLIC~1\divx
2007-03-04 14:05 -------- d-------- C:\DOCUME~1\Omistaja\APPLIC~1\real
2007-03-03 20:39 -------- d-------- C:\Program Files\netscape
2007-03-03 19:50 774144 --a------ C:\Program Files\rnginterstitial.dll
2007-03-03 18:20 -------- d-------- C:\DOCUME~1\Omistaja\APPLIC~1\template
2007-03-03 18:06 -------- d-------- C:\Program Files\oo2-soikko-windows-1.1.2
2007-03-03 17:54 -------- d-------- C:\Program Files\openoffice.org 2.1
2007-03-03 15:54 -------- d-------- C:\Program Files\windows media connect 2
2007-03-03 00:27 -------- d-------- C:\DOCUME~1\Omistaja\APPLIC~1\bsplayer pro
2007-03-03 00:13 -------- d-------- C:\Program Files\nimocodec pack
2007-03-02 22:01 -------- d-------- C:\DOCUME~1\Omistaja\APPLIC~1\olympus
2007-03-02 21:01 -------- d-------- C:\DOCUME~1\Omistaja\APPLIC~1\lavasoft
2007-03-02 20:58 87608 --a------ C:\DOCUME~1\Omistaja\APPLIC~1\ezpinst.exe
2007-03-02 20:58 47360 --a------ C:\WINDOWS\system32\drivers\pcouffin.sys
2007-03-02 20:58 47360 --a------ C:\DOCUME~1\Omistaja\APPLIC~1\pcouffin.sys
2007-03-02 20:58 34 --a------ C:\DOCUME~1\Omistaja\APPLIC~1\pcouffin.log
2007-03-02 20:58 1144 --a------ C:\DOCUME~1\Omistaja\APPLIC~1\pcouffin.inf
2007-03-02 20:58 1074 --a------ C:\DOCUME~1\Omistaja\APPLIC~1\pcouffin.cat
2007-03-02 20:23 -------- d-------- C:\Program Files\tukicd
2007-03-02 20:14 -------- d-------- C:\DOCUME~1\Omistaja\APPLIC~1\help
2007-03-02 20:01 -------- d-------- C:\Program Files\pixela
2007-03-02 20:00 -------- d-------- C:\Program Files\quicktime
2007-03-02 19:56 -------- d-------- C:\Program Files\microsoft works
2007-03-02 19:45 -------- dr------- C:\Program Files\program files
2007-03-02 19:44 -------- d-------- C:\Program Files\windows nt
2007-03-02 19:43 -------- d-------- C:\Program Files\picasa2
2007-03-02 19:43 -------- d-------- C:\Program Files\online services
2007-03-02 19:42 -------- d-------- C:\Program Files\movie maker
2007-03-02 19:41 -------- d-------- C:\Program Files\messenger
2007-03-02 19:35 -------- d-------- C:\Program Files\disc2phone
2007-03-02 19:35 -------- d-------- C:\Program Files\Common Files\xing shared
2007-03-02 19:35 -------- d-------- C:\Program Files\Common Files\real
2007-03-02 19:35 -------- d-------- C:\Program Files\Common Files\mozilla.org
2007-03-02 19:35 -------- d-------- C:\Program Files\ccleaner
2007-03-02 19:34 -------- d-------- C:\Program Files\lexmark 510 series
2007-03-02 19:34 -------- d-------- C:\Program Files\lavasoft
2007-03-02 19:34 -------- d-------- C:\Program Files\intervideo
2007-03-02 19:34 -------- d-------- C:\Program Files\ifi
2007-03-02 19:33 -------- d-------- C:\Program Files\microsoft games
2007-03-02 19:32 -------- d-------- C:\Program Files\olympus
2007-03-02 19:30 -------- d-------- C:\Program Files\vso
2007-03-02 19:30 -------- d-------- C:\Program Files\sony ericsson
2007-03-02 19:30 -------- d-------- C:\Program Files\real
2007-03-02 19:29 -------- d-------- C:\Program Files\webteh
2007-03-02 19:15 -------- d-------- C:\DOCUME~1\Omistaja\APPLIC~1\intervideo
2007-03-02 19:12 0 --a------ C:\WINDOWS\nsreg.dat
2007-03-02 19:12 -------- d-------- C:\DOCUME~1\Omistaja\APPLIC~1\thunderbird
2007-03-02 19:12 -------- d-------- C:\DOCUME~1\Omistaja\APPLIC~1\talkback
2007-03-02 18:13 -------- d-------- C:\Program Files\western digital technologies
2007-03-02 18:13 -------- d-------- C:\DOCUME~1\Omistaja\APPLIC~1\google
2007-03-02 00:07 -------- d-------- C:\Program Files\Common Files\speechengines
2007-03-02 00:07 -------- d-------- C:\Program Files\Common Files\odbc
2007-03-02 00:06 62 --ahs---- C:\DOCUME~1\Omistaja\APPLIC~1\desktop.ini
2007-03-01 22:41 -------- d-------- C:\Program Files\microsoft frontpage
2007-03-01 22:40 0 -rahs---- C:\MSDOS.SYS
2007-03-01 22:40 0 -rahs---- C:\IO.SYS
2007-03-01 22:40 0 --a------ C:\CONFIG.SYS
2007-03-01 22:40 0 --------- C:\AUTOEXEC.BAT
2007-03-01 22:39 21672 --a------ C:\WINDOWS\system32\emptyregdb.dat
2007-03-01 22:39 -------- d-------- C:\Program Files\Common Files\mssoap
2007-03-01 22:38 -------- d-------- C:\Program Files\msn gaming zone
2007-02-23 07:29 524288 --a------ C:\WINDOWS\system32\divxsm.exe
2007-02-23 07:29 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2007-02-23 07:29 200704 --a------ C:\WINDOWS\system32\ssldivx.dll
2007-02-23 07:29 129784 --------- C:\WINDOWS\system32\pxafs.dll
2007-02-23 07:29 118520 --------- C:\WINDOWS\system32\pxinsi64.exe
2007-02-23 07:29 116472 --------- C:\WINDOWS\system32\pxcpyi64.exe
2007-02-23 07:29 1044480 --a------ C:\WINDOWS\system32\libdivx.dll
2007-02-23 07:25 823296 --a------ C:\WINDOWS\system32\divx_xx0c.dll
2007-02-23 07:25 823296 --a------ C:\WINDOWS\system32\divx_xx07.dll
2007-02-23 07:25 802816 --a------ C:\WINDOWS\system32\divx_xx11.dll
2007-02-23 07:25 73728 --a------ C:\WINDOWS\system32\dpl100.dll
2007-02-23 07:25 593920 --a------ C:\WINDOWS\system32\dpugui11.dll
2007-02-23 07:25 57344 --a------ C:\WINDOWS\system32\dpv11.dll
2007-02-23 07:25 53248 --a------ C:\WINDOWS\system32\dpugui10.dll
2007-02-23 07:25 344064 --a------ C:\WINDOWS\system32\dpus11.dll
2007-02-23 07:25 294912 --a------ C:\WINDOWS\system32\dpu11.dll
2007-02-23 07:25 294912 --a------ C:\WINDOWS\system32\dpu10.dll
2007-02-23 07:25 196608 --a------ C:\WINDOWS\system32\dtu100.dll
2007-02-16 04:40 124472 --a------ C:\WINDOWS\system32\divxcodecupdatechecker.exe
2007-02-05 23:19 185344 --a------ C:\WINDOWS\system32\upnphost.dll


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{02478D38-C3F9-4EFB-9B51-7695ECA05670} C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"SoundMAXPnP"="C:\\Program Files\\Analog Devices\\SoundMAX\\SMax4PNP.exe"
"SoundMAX"="\"C:\\Program Files\\Analog Devices\\SoundMAX\\Smax4.exe\" /tray"
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"nwiz"="nwiz.exe /install"
"Picasa Media Detector"="C:\\Program Files\\Picasa2\\PicasaMediaDetector.exe"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"OM_Monitor"="C:\\Program Files\\OLYMPUS\\OLYMPUS Master\\FirstStart.exe"
"Norman ZANDA"="C:\\Norman\\bin\\ZLH.EXE /LOAD /SPLASH"
"Google Desktop Search"="\"C:\\Program Files\\Google\\Google Desktop Search\\GoogleDesktop.exe\" /startup"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.6.0_01\\bin\\jusched.exe\""

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
"OM_Monitor"="C:\\Program Files\\OLYMPUS\\OLYMPUS Master\\Monitor.exe"
"Skype"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /nosplash /minimized"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"appinit_dlls"="C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL"

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa
Authentication Packages REG_MULTI_SZ msv1_0\0\0
Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0wdigest\0\0
Notification Packages REG_MULTI_SZ scecli\0\0


[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0


********************************************************************

catchme 0.3.660 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-04-25 21:50:34
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


********************************************************************

Completion time: 07-04-25 21:50:39
C:\ComboFix-quarantined-files.txt ... 07-04-25 21:50

 

lokit kunnossa.

 

Kiitos etsin vikaa seuraavaksi operaattorilta