1. Tämä sivusto käyttää keksejä (cookie). Jatkamalla sivuston käyttämistä hyväksyt keksien käyttämisen. Lue lisää.

Combofix logi

Viestiketju Virukset ja haittaohjelmat - HijackThis -logit -osiossa. Ketjun avasi Yomito 17.10.2008.

  1. Yomito

    Yomito Member

    Liittynyt:
    28.07.2007
    Viestejä:
    59
    Kiitokset:
    0
    Pisteet:
    16
    ComboFix 08-10-16.08 - Omistaja 2008-10-17 17:12:38.6 - NTFSx86
    Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1035.18.1510 [GMT 3:00]
    Sijainti: D:\Ohjelmat\ComboFix.exe
    * Uusi palautuspiste luotu
    .

    (((((((((((((((((((((((((((((((((((((( Muut poistot ))))))))))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\WINDOWS\system32\drivers\oreans32.sys

    .
    ((((((((((((((((((((((((((((((((((((((( Ajurit/Palvelut )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    -------\Legacy_OREANS32
    -------\Service_oreans32


    ((((( Tiedostot, jotka on luotu seuraavalla aikavälillä: 2008-09-17 to 2008-10-17 )))))))))))))))))
    .

    2008-10-14 23:12 . 2008-10-14 23:12 <KANSIO> d-------- C:\Documents and Settings\Omistaja\Application Data\Ventrilo
    2008-10-11 20:46 . 2008-10-11 20:46 <KANSIO> d-------- C:\Program Files\Windows Media Connect 2
    2008-10-11 20:45 . 2008-10-11 20:45 <KANSIO> d-------- C:\WINDOWS\system32\LogFiles
    2008-10-11 20:45 . 2008-10-11 20:46 <KANSIO> d-------- C:\WINDOWS\system32\drivers\UMDF
    2008-10-07 17:38 . 2006-10-02 13:43 6,144 --a------ C:\WINDOWS\system32\ff_acm.acm
    2008-10-07 17:38 . 2006-10-02 13:44 5,120 --a------ C:\WINDOWS\system32\ff_vfw.dll
    2008-10-07 17:38 . 2006-08-05 12:06 547 --a------ C:\WINDOWS\system32\ff_vfw.dll.manifest
    2008-10-07 17:33 . 2008-10-07 17:33 <KANSIO> d-------- C:\Program Files\BS.Player ControlBar
    2008-10-07 17:33 . 2008-10-07 17:33 <KANSIO> d-------- C:\Documents and Settings\Omistaja\Application Data\BSplayer Pro
    2008-10-07 17:33 . 2008-10-07 17:36 <KANSIO> d-------- C:\Documents and Settings\Omistaja\Application Data\BSplayer
    2008-10-07 16:56 . 2008-10-07 16:56 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
    2008-10-05 01:19 . 2008-10-05 01:19 <KANSIO> d-------- C:\Program Files\Common Files\Adobe AIR
    2008-10-05 01:19 . 2008-10-05 01:19 <KANSIO> d-------- C:\Program Files\Common Files\Adobe
    2008-10-05 01:12 . 2008-10-05 10:19 <KANSIO> d-------- C:\Program Files\NOS
    2008-10-05 01:12 . 2008-10-05 10:19 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\NOS
    2008-10-02 16:32 . 2008-07-18 22:07 270,880 --a------ C:\WINDOWS\system32\mucltui.dll
    2008-10-02 16:32 . 2008-07-18 22:07 210,976 --a------ C:\WINDOWS\system32\muweb.dll
    2008-10-02 16:32 . 2008-07-18 22:07 29,728 --a------ C:\WINDOWS\system32\mucltui.dll.mui
    2008-10-01 14:52 . 2008-10-01 16:23 <KANSIO> d-------- C:\Documents and Settings\Omistaja\Contacts
    2008-10-01 14:49 . 2008-10-07 16:56 <KANSIO> d----c--- C:\WINDOWS\system32\DRVSTORE
    2008-10-01 14:46 . 2008-10-01 14:49 <KANSIO> d--hsc--- C:\Program Files\Common Files\WindowsLiveInstaller
    2008-10-01 14:45 . 2008-10-01 14:49 <KANSIO> d-------- C:\Program Files\Windows Live
    2008-10-01 14:45 . 2008-10-01 14:45 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
    2008-09-30 16:07 . 2008-09-30 16:08 8 --a------ C:\WINDOWS\system32\nvModes.dat
    2008-09-30 16:06 . 2008-09-30 16:06 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\nView_Profiles
    2008-09-25 18:02 . 2008-09-25 18:02 <KANSIO> d-------- C:\WINDOWS\Sun
    2008-09-23 21:47 . 2008-09-30 21:21 23 --a------ C:\WINDOWS\BlendSettings.ini
    2008-09-23 17:30 . 2008-09-23 17:30 <KANSIO> d-------- C:\Program Files\Winamp Toolbar
    2008-09-23 17:30 . 2008-09-23 17:30 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\Winamp Toolbar
    2008-09-23 17:25 . 2008-09-23 20:52 <KANSIO> d-------- C:\Documents and Settings\Omistaja\Application Data\Winamp
    2008-09-23 11:36 . 2008-10-05 19:44 <KANSIO> d-------- C:\Documents and Settings\Omistaja\Application Data\LimeWire
    2008-09-22 17:15 . 2008-09-22 17:15 <KANSIO> d-------- C:\Documents and Settings\Omistaja\Application Data\AdobeUM
    2008-09-19 16:52 . 2008-09-19 16:52 <KANSIO> d-------- C:\Program Files\Games-Masters.com
    2008-09-18 22:31 . 2008-09-18 22:31 <KANSIO> d-------- C:\WINDOWS\system32\Adobe
    2008-09-18 06:35 . 2008-09-18 06:35 <KANSIO> d-------- C:\Program Files\Common Files\INCA Shared
    2008-09-18 06:35 . 2003-07-21 06:17 5,174 --a------ C:\WINDOWS\system32\nppt9x.vxd
    2008-09-18 06:35 . 2005-01-04 21:43 4,682 --a------ C:\WINDOWS\system32\npptNT2.sys
    2008-09-17 15:11 . 2008-09-17 15:11 <KANSIO> d-------- C:\WINDOWS\RaidTool
    2008-09-17 15:11 . 2008-09-17 15:11 <KANSIO> d-------- C:\RaidTool
    2008-09-17 15:11 . 2008-09-17 15:10 1,953,792 --a------ C:\WINDOWS\system32\xRaidSetup.exe
    2008-09-17 15:11 . 2008-09-17 15:10 143,360 --a------ C:\WINDOWS\system32\xRaidAPI.dll
    2008-09-17 15:04 . 2008-09-17 15:04 <KANSIO> d-------- C:\WINDOWS\system32\AGEIA
    2008-09-17 15:04 . 2008-10-14 23:11 <KANSIO> d-------- C:\Program Files\Common Files\Wise Installation Wizard
    2008-09-17 15:04 . 2008-09-17 15:04 <KANSIO> d-------- C:\Program Files\AGEIA Technologies
    2008-09-17 14:03 . 2008-08-15 23:22 198,941 --a------ C:\WINDOWS\system32\nvapps.nvb
    2008-09-17 13:34 . 2008-09-17 13:34 <KANSIO> d-------- C:\WINDOWS\ERUNT
    2008-09-17 13:34 . 2008-09-17 13:38 <KANSIO> d-------- C:\SDFix
    2008-09-17 13:17 . 2008-09-17 13:17 <KANSIO> d-------- C:\Program Files\DNA
    2008-09-17 13:17 . 2008-10-17 17:13 <KANSIO> d-------- C:\Documents and Settings\Omistaja\Application Data\DNA
    2008-09-17 13:17 . 2008-10-07 22:44 <KANSIO> d-------- C:\Documents and Settings\Omistaja\Application Data\BitTorrent
    2008-09-17 13:10 . 2008-09-17 13:12 <KANSIO> d-------- C:\Documents and Settings\Omistaja\Application Data\uTorrent

    .
    (((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-10-17 14:15 --------- d-----w C:\Program Files\Common Files\Symantec Shared
    2008-09-23 18:40 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-09-22 14:16 805 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.INF
    2008-09-22 14:16 60,800 ----a-w C:\WINDOWS\system32\S32EVNT1.DLL
    2008-09-22 14:16 123,952 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.SYS
    2008-09-22 14:16 10,671 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.CAT
    2008-09-22 14:16 --------- d-----w C:\Program Files\Symantec
    2008-09-22 14:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
    2008-09-17 12:10 6,912 ----a-w C:\WINDOWS\system32\drivers\JGOGO.sys
    2008-09-17 12:10 46,208 ----a-w C:\WINDOWS\system32\drivers\jraid.sys
    2008-09-17 07:41 --------- d-----w C:\Program Files\Norton 360
    2008-09-16 17:03 --------- d-----w C:\Documents and Settings\All Users\Application Data\InstallShield
    2008-09-16 17:01 --------- d-----w C:\Program Files\Common Files\InstallShield
    2008-09-16 11:47 --------- d-----w C:\Documents and Settings\Omistaja\Application Data\Symantec
    2008-09-16 09:21 --------- d-----w C:\Program Files\Windows Sidebar
    2008-09-16 08:55 --------- d-----w C:\Program Files\Java
    2008-09-16 08:54 --------- d-----w C:\Program Files\Common Files\Java
    2008-09-15 15:40 1,846,272 ----a-w C:\WINDOWS\system32\win32k.sys
    2008-09-14 13:21 --------- d-----w C:\Documents and Settings\Omistaja\Application Data\InstallShield
    2008-09-14 12:46 --------- d-----w C:\Program Files\SystemRequirementsLab
    2008-09-14 12:21 --------- d-----w C:\Program Files\ASUS
    2008-09-14 12:17 --------- d-----w C:\Program Files\Realtek
    2008-09-14 12:17 --------- d-----w C:\Program Files\Analog Devices
    2008-09-14 12:10 --------- d-----w C:\Program Files\microsoft frontpage
    2008-08-28 10:04 333,056 ----a-w C:\WINDOWS\system32\drivers\srv.sys
    2008-08-26 08:12 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
    2008-08-14 13:46 2,138,624 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
    2008-08-14 13:46 2,018,304 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe
    2008-08-06 04:51 453,152 ----a-w C:\WINDOWS\system32\NVUNINST.EXE
    2008-08-01 08:05 70,936 ----a-w C:\WINDOWS\system32\PhysXLoader.dll
    2008-07-18 19:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
    2008-07-18 19:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
    2008-07-18 19:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
    2008-07-18 19:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
    2008-07-18 19:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
    2008-07-18 19:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
    2008-07-18 19:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
    2008-07-18 19:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
    .

    ((((((((((((((((((((((((((((( snapshot_2008-10-14_13.20.42.29 )))))))))))))))))))))))))))))))))))))))))
    .
    - 2007-02-28 16:02:38 2,138,624 ------w C:\WINDOWS\Driver Cache\i386\ntkrnlmp.exe
    + 2008-08-14 13:46:12 2,138,624 ------w C:\WINDOWS\Driver Cache\i386\ntkrnlmp.exe
    - 2007-02-28 16:02:46 2,059,904 ------w C:\WINDOWS\Driver Cache\i386\ntkrnlpa.exe
    + 2008-08-14 13:46:15 2,060,032 ------w C:\WINDOWS\Driver Cache\i386\ntkrnlpa.exe
    - 2007-02-28 16:02:38 2,018,304 ------w C:\WINDOWS\Driver Cache\i386\ntkrpamp.exe
    + 2008-08-14 13:46:10 2,018,304 ------w C:\WINDOWS\Driver Cache\i386\ntkrpamp.exe
    - 2007-02-28 16:02:46 2,182,656 ------w C:\WINDOWS\Driver Cache\i386\ntoskrnl.exe
    + 2008-08-14 13:46:14 2,182,656 ------w C:\WINDOWS\Driver Cache\i386\ntoskrnl.exe
    + 2008-06-23 16:29:13 124,928 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\advpack.dll
    + 2008-06-23 16:29:13 347,136 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\dxtmsft.dll
    + 2008-06-23 16:29:13 214,528 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\dxtrans.dll
    + 2008-06-23 16:29:13 133,120 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\extmgr.dll
    + 2008-06-23 16:29:13 63,488 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\icardie.dll
    + 2008-06-23 09:21:15 70,656 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\ie4uinit.exe
    + 2008-06-23 16:29:13 153,088 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\ieakeng.dll
    + 2008-06-23 16:29:13 230,400 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\ieaksie.dll
    + 2008-06-21 05:23:54 161,792 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\ieakui.dll
    + 2008-06-23 16:29:13 383,488 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\ieapfltr.dll
    + 2008-06-23 16:29:13 384,512 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\iedkcs32.dll
    + 2008-06-23 16:29:14 6,066,176 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\ieframe.dll
    + 2008-06-23 16:29:14 44,544 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\iernonce.dll
    + 2008-06-23 16:29:14 267,776 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\iertutil.dll
    + 2008-06-23 09:20:26 13,824 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\ieudinit.exe
    + 2008-06-23 09:21:31 625,664 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\iexplore.exe
    + 2008-06-23 16:29:15 27,648 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\jsproxy.dll
    + 2008-06-23 16:29:15 459,264 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\msfeeds.dll
    + 2008-06-23 16:29:15 52,224 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\msfeedsbs.dll
    + 2008-06-24 07:29:16 3,592,192 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\mshtml.dll
    + 2008-06-23 16:29:15 477,696 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\mshtmled.dll
    + 2008-06-23 16:29:15 193,024 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\msrating.dll
    + 2008-06-23 16:29:15 671,232 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\mstime.dll
    + 2008-06-23 16:29:15 102,912 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\occache.dll
    + 2008-06-23 16:29:15 44,544 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\pngfilt.dll
    + 2007-03-06 01:31:14 214,752 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe
    + 2007-03-06 01:32:23 380,640 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\updspapi.dll
    + 2008-06-23 16:29:16 105,984 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\url.dll
    + 2008-06-23 16:29:16 1,159,680 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\urlmon.dll
    + 2008-06-23 16:29:16 233,472 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\webcheck.dll
    + 2008-06-23 16:29:16 826,368 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\wininet.dll
    - 2008-06-23 16:29:13 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
    + 2008-08-26 08:12:24 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
    - 2008-06-23 16:29:13 124,928 -c----w C:\WINDOWS\system32\dllcache\advpack.dll
    + 2008-08-26 08:12:24 124,928 -c----w C:\WINDOWS\system32\dllcache\advpack.dll
    - 2008-06-20 10:44:38 138,368 -c--a-w C:\WINDOWS\system32\dllcache\afd.sys
    + 2008-08-14 09:51:43 138,368 -c--a-w C:\WINDOWS\system32\dllcache\afd.sys
    - 2008-06-23 16:29:13 347,136 -c----w C:\WINDOWS\system32\dllcache\dxtmsft.dll
    + 2008-08-26 08:12:24 347,136 -c----w C:\WINDOWS\system32\dllcache\dxtmsft.dll
    - 2008-06-23 16:29:13 214,528 -c----w C:\WINDOWS\system32\dllcache\dxtrans.dll
    + 2008-08-26 08:12:24 214,528 -c----w C:\WINDOWS\system32\dllcache\dxtrans.dll
    - 2008-06-23 16:29:13 133,120 -c----w C:\WINDOWS\system32\dllcache\extmgr.dll
    + 2008-08-26 08:12:24 133,120 -c----w C:\WINDOWS\system32\dllcache\extmgr.dll
    - 2008-06-23 16:29:13 63,488 -c----w C:\WINDOWS\system32\dllcache\icardie.dll
    + 2008-08-26 08:12:24 63,488 -c----w C:\WINDOWS\system32\dllcache\icardie.dll
    - 2008-06-23 09:21:15 70,656 -c----w C:\WINDOWS\system32\dllcache\ie4uinit.exe
    + 2008-08-25 08:38:49 70,656 -c----w C:\WINDOWS\system32\dllcache\ie4uinit.exe
    - 2008-06-23 16:29:13 153,088 -c----w C:\WINDOWS\system32\dllcache\ieakeng.dll
    + 2008-08-26 08:12:24 153,088 -c----w C:\WINDOWS\system32\dllcache\ieakeng.dll
    - 2008-06-23 16:29:13 230,400 -c----w C:\WINDOWS\system32\dllcache\ieaksie.dll
    + 2008-08-26 08:12:24 230,400 -c----w C:\WINDOWS\system32\dllcache\ieaksie.dll
    - 2008-06-21 05:23:54 161,792 -c----w C:\WINDOWS\system32\dllcache\ieakui.dll
    + 2008-08-23 05:54:51 161,792 -c----w C:\WINDOWS\system32\dllcache\ieakui.dll
    - 2008-06-23 16:29:13 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll
    + 2008-08-26 08:12:24 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll
    - 2008-06-23 16:29:13 384,512 -c----w C:\WINDOWS\system32\dllcache\iedkcs32.dll
    + 2008-08-26 08:12:24 384,512 -c----w C:\WINDOWS\system32\dllcache\iedkcs32.dll
    - 2008-06-23 16:29:14 6,066,176 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll
    + 2008-10-03 17:12:24 6,066,176 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll
    - 2008-06-23 16:29:14 44,544 -c----w C:\WINDOWS\system32\dllcache\iernonce.dll
    + 2008-08-26 08:12:25 44,544 -c----w C:\WINDOWS\system32\dllcache\iernonce.dll
    - 2008-06-23 16:29:14 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll
    + 2008-08-26 08:12:25 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll
    - 2008-06-23 09:20:26 13,824 -c----w C:\WINDOWS\system32\dllcache\ieudinit.exe
    + 2008-08-25 08:38:00 13,824 -c----w C:\WINDOWS\system32\dllcache\ieudinit.exe
    - 2008-06-23 09:21:31 625,664 -c----w C:\WINDOWS\system32\dllcache\iexplore.exe
    + 2008-08-23 05:56:15 635,848 -c----w C:\WINDOWS\system32\dllcache\iexplore.exe
    - 2008-06-23 16:29:15 27,648 -c----w C:\WINDOWS\system32\dllcache\jsproxy.dll
    + 2008-08-26 08:12:25 27,648 -c----w C:\WINDOWS\system32\dllcache\jsproxy.dll
    - 2008-06-23 16:29:15 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll
    + 2008-08-26 08:12:25 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll
    - 2008-06-23 16:29:15 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
    + 2008-08-26 08:12:25 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
    - 2008-06-24 07:29:16 3,592,192 -c----w C:\WINDOWS\system32\dllcache\mshtml.dll
    + 2008-08-27 09:12:28 3,593,216 -c----w C:\WINDOWS\system32\dllcache\mshtml.dll
    - 2008-06-23 16:29:15 477,696 -c----w C:\WINDOWS\system32\dllcache\mshtmled.dll
    + 2008-08-26 08:12:26 477,696 -c----w C:\WINDOWS\system32\dllcache\mshtmled.dll
    - 2008-06-23 16:29:15 193,024 -c----w C:\WINDOWS\system32\dllcache\msrating.dll
    + 2008-08-26 08:12:26 193,024 -c----w C:\WINDOWS\system32\dllcache\msrating.dll
    - 2008-06-23 16:29:15 671,232 -c----w C:\WINDOWS\system32\dllcache\mstime.dll
    + 2008-08-26 08:12:26 671,232 -c----w C:\WINDOWS\system32\dllcache\mstime.dll
    - 2007-02-28 16:02:38 2,138,624 -c----w C:\WINDOWS\system32\dllcache\ntkrnlmp.exe
    + 2008-08-14 13:46:12 2,138,624 -c----w C:\WINDOWS\system32\dllcache\ntkrnlmp.exe
    - 2007-02-28 16:02:46 2,059,904 -c----w C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
    + 2008-08-14 13:46:15 2,060,032 -c----w C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
    - 2007-02-28 16:02:38 2,018,304 -c----w C:\WINDOWS\system32\dllcache\ntkrpamp.exe
    + 2008-08-14 13:46:10 2,018,304 -c----w C:\WINDOWS\system32\dllcache\ntkrpamp.exe
    - 2007-02-28 16:02:46 2,182,656 -c----w C:\WINDOWS\system32\dllcache\ntoskrnl.exe
    + 2008-08-14 13:46:14 2,182,656 -c----w C:\WINDOWS\system32\dllcache\ntoskrnl.exe
    - 2008-06-23 16:29:15 102,912 -c----w C:\WINDOWS\system32\dllcache\occache.dll
    + 2008-08-26 08:12:26 102,912 -c----w C:\WINDOWS\system32\dllcache\occache.dll
    - 2008-06-23 16:29:15 44,544 -c----w C:\WINDOWS\system32\dllcache\pngfilt.dll
    + 2008-08-26 08:12:26 44,544 -c----w C:\WINDOWS\system32\dllcache\pngfilt.dll
    - 2006-08-14 10:34:41 332,928 -c--a-w C:\WINDOWS\system32\dllcache\srv.sys
    + 2008-08-28 10:04:17 333,056 -c--a-w C:\WINDOWS\system32\dllcache\srv.sys
    - 2008-06-23 16:29:16 105,984 -c----w C:\WINDOWS\system32\dllcache\url.dll
    + 2008-08-26 08:12:26 105,984 -c----w C:\WINDOWS\system32\dllcache\url.dll
    - 2008-06-23 16:29:16 1,159,680 -c----w C:\WINDOWS\system32\dllcache\urlmon.dll
    + 2008-08-26 08:12:26 1,159,680 -c----w C:\WINDOWS\system32\dllcache\urlmon.dll
    - 2008-06-23 16:29:16 233,472 -c----w C:\WINDOWS\system32\dllcache\webcheck.dll
    + 2008-08-26 08:12:26 233,472 -c----w C:\WINDOWS\system32\dllcache\webcheck.dll
    - 2008-03-20 08:09:41 1,845,504 -c--a-w C:\WINDOWS\system32\dllcache\win32k.sys
    + 2008-09-15 15:40:30 1,846,272 -c--a-w C:\WINDOWS\system32\dllcache\win32k.sys
    - 2008-06-23 16:29:16 826,368 -c----w C:\WINDOWS\system32\dllcache\wininet.dll
    + 2008-08-26 08:12:26 826,368 -c----w C:\WINDOWS\system32\dllcache\wininet.dll
    - 2008-06-20 10:44:38 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys
    + 2008-08-14 09:51:43 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys
    - 2008-06-23 16:29:13 347,136 ----a-w C:\WINDOWS\system32\dxtmsft.dll
    + 2008-08-26 08:12:24 347,136 ----a-w C:\WINDOWS\system32\dxtmsft.dll
    - 2008-06-23 16:29:13 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll
    + 2008-08-26 08:12:24 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll
    - 2008-06-23 16:29:13 133,120 ------w C:\WINDOWS\system32\extmgr.dll
    + 2008-08-26 08:12:24 133,120 ------w C:\WINDOWS\system32\extmgr.dll
    - 2008-09-30 13:06:00 102,232 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
    + 2008-10-15 13:23:45 102,232 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
    - 2008-06-23 16:29:13 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
    + 2008-08-26 08:12:24 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
    - 2008-06-23 09:21:15 70,656 ------w C:\WINDOWS\system32\ie4uinit.exe
    + 2008-08-25 08:38:49 70,656 ------w C:\WINDOWS\system32\ie4uinit.exe
    - 2008-06-23 16:29:13 153,088 ------w C:\WINDOWS\system32\ieakeng.dll
    + 2008-08-26 08:12:24 153,088 ------w C:\WINDOWS\system32\ieakeng.dll
    - 2008-06-23 16:29:13 230,400 ------w C:\WINDOWS\system32\ieaksie.dll
    + 2008-08-26 08:12:24 230,400 ------w C:\WINDOWS\system32\ieaksie.dll
    - 2008-06-21 05:23:54 161,792 ------w C:\WINDOWS\system32\ieakui.dll
    + 2008-08-23 05:54:51 161,792 ------w C:\WINDOWS\system32\ieakui.dll
    - 2008-06-23 16:29:13 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
    + 2008-08-26 08:12:24 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
    - 2008-06-23 16:29:13 384,512 ------w C:\WINDOWS\system32\iedkcs32.dll
    + 2008-08-26 08:12:24 384,512 ------w C:\WINDOWS\system32\iedkcs32.dll
    - 2008-06-23 16:29:14 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll
    + 2008-10-03 17:12:24 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll
    - 2008-06-23 16:29:14 44,544 ------w C:\WINDOWS\system32\iernonce.dll
    + 2008-08-26 08:12:25 44,544 ------w C:\WINDOWS\system32\iernonce.dll
    - 2008-06-23 16:29:14 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
    + 2008-08-26 08:12:25 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
    - 2008-06-23 09:20:26 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
    + 2008-08-25 08:38:00 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
    - 2008-06-23 16:29:15 27,648 ------w C:\WINDOWS\system32\jsproxy.dll
    + 2008-08-26 08:12:25 27,648 ------w C:\WINDOWS\system32\jsproxy.dll
    - 2008-06-23 16:29:15 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
    + 2008-08-26 08:12:25 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
    - 2008-06-23 16:29:15 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
    + 2008-08-26 08:12:25 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
    - 2008-06-24 07:29:16 3,592,192 ----a-w C:\WINDOWS\system32\mshtml.dll
    + 2008-08-27 09:12:28 3,593,216 ----a-w C:\WINDOWS\system32\mshtml.dll
    - 2008-06-23 16:29:15 477,696 ----a-w C:\WINDOWS\system32\mshtmled.dll
    + 2008-08-26 08:12:26 477,696 ----a-w C:\WINDOWS\system32\mshtmled.dll
    - 2008-06-23 16:29:15 193,024 ------w C:\WINDOWS\system32\msrating.dll
    + 2008-08-26 08:12:26 193,024 ------w C:\WINDOWS\system32\msrating.dll
    - 2008-06-23 16:29:15 671,232 ------w C:\WINDOWS\system32\mstime.dll
    + 2008-08-26 08:12:26 671,232 ------w C:\WINDOWS\system32\mstime.dll
    - 2008-06-23 16:29:15 102,912 ------w C:\WINDOWS\system32\occache.dll
    + 2008-08-26 08:12:26 102,912 ------w C:\WINDOWS\system32\occache.dll
    - 2008-06-23 16:29:15 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll
    + 2008-08-26 08:12:26 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll
    - 2007-07-27 07:41:40 16,760 ------w C:\WINDOWS\system32\spmsg.dll
    + 2007-11-30 11:19:02 17,272 ------w C:\WINDOWS\system32\spmsg.dll
    - 2008-06-23 16:29:16 105,984 ----a-w C:\WINDOWS\system32\url.dll
    + 2008-08-26 08:12:26 105,984 ----a-w C:\WINDOWS\system32\url.dll
    - 2008-06-23 16:29:16 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
    + 2008-08-26 08:12:26 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
    - 2008-06-23 16:29:16 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll
    + 2008-08-26 08:12:26 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll
    + 2008-10-17 14:15:31 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_668.dat
    .
    -- Snapshot nollattu tähän hetkeen --
    .
    (((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä
    REGEDIT4

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayExcluded]
    @="{4433A54A-1AC8-432F-90FC-85F045CF383C}"
    [HKEY_CLASSES_ROOT\CLSID\{4433A54A-1AC8-432F-90FC-85F045CF383C}]
    2008-02-26 11:34 576352 --a------ C:\Program Files\Common Files\Symantec Shared\Backup\buShell.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayPending]
    @="{F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225}"
    [HKEY_CLASSES_ROOT\CLSID\{F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225}]
    2008-02-26 11:34 576352 --a------ C:\Program Files\Common Files\Symantec Shared\Backup\buShell.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayProtected]
    @="{476D0EA3-80F9-48B5-B70B-05E677C9C148}"
    [HKEY_CLASSES_ROOT\CLSID\{476D0EA3-80F9-48B5-B70B-05E677C9C148}]
    2008-02-26 11:34 576352 --a------ C:\Program Files\Common Files\Symantec Shared\Backup\buShell.dll

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-02 15360]
    "BitTorrent DNA"="C:\Program Files\DNA\btdna.exe" [2008-09-17 289088]
    "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" [2006-03-02 208952]
    "PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2006-03-02 455168]
    "PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2006-03-02 455168]
    "SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2006-12-18 868352]
    "AsusServiceProvider"="C:\Program Files\ASUS\AASP\1.00.23\aaCenter.exe" [2007-01-05 597504]
    "AsusStartupHelp"="C:\Program Files\ASUS\AASP\1.00.23\AsRunHelp.exe" [2006-12-29 363008]
    "Ai Nap"="C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe" [2007-01-11 1423360]
    "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2008-08-15 13570048]
    "ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2008-02-18 51048]
    "osCheck"="C:\Program Files\Norton 360\osCheck.exe" [2008-02-26 988512]
    "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2008-08-15 86016]
    "JMB36X IDE Setup"="C:\WINDOWS\RaidTool\xInsIDE.exe" [2008-09-17 36864]
    "36X Raid Configurer"="C:\WINDOWS\system32\xRaidSetup.exe" [2008-09-17 1953792]
    "WinampAgent"="D:\Ohjelmat\Winamp\winampa.exe" [2008-08-04 36352]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
    "nwiz"="nwiz.exe" [2008-08-15 C:\WINDOWS\system32\nwiz.exe]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-03-02 15360]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "msacm.avis"= ff_acm.acm

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "C:\\Program Files\\DNA\\btdna.exe"=
    "D:\\Ohjelmat\\Torrent\\BitTorrent\\bittorrent.exe"=
    "C:\\Program Files\\Messenger\\msmsgs.exe"=
    "D:\\Ohjelmat\\LimeWire\\LimeWire.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

    R2 LiveUpdate Notice;LiveUpdate Notice;C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-02-18 149352]
    S3 COH_Mon;COH_Mon;C:\WINDOWS\system32\Drivers\COH_Mon.sys [2008-07-30 23888]

    *Newly Created Service* - COMHOST
    .
    .
    ------- Täydentävä tarkistus -------
    .
    FireFox -: Profile - C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\sjyz7jnx.default\
    FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query=
    FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.google.fi/
    FF -: plugin - C:\Program Files\DNA\plugins\npbtdna.dll
    FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\np_gp.dll
    FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll
    .

    **************************************************************************

    catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-10-17 17:17:51
    Windows 5.1.2600 Service Pack 2 NTFS

    tarkistaa piilotettuja prosesseja ...

    tarkistaa piilotettuja käynnistysarvoja ...

    tarkistaa piilotettuja tiedostoja ...

    tarkistus on valmis
    piilotetut tiedostot: 0

    **************************************************************************
    .
    ------------------------ Muut prosessit ------------------------
    .
    C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    .
    **************************************************************************
    .
    Valmistumisajankohta: 2008-10-17 17:19:08 - kone käynnistettiin uudelleen
    ComboFix-quarantined-files.txt 2008-10-17 14:19:05
    ComboFix2.txt 2008-10-14 10:20:56
    ComboFix3.txt 2008-10-06 16:01:19
    ComboFix4.txt 2008-10-01 13:24:40
    ComboFix5.txt 2008-10-17 14:10:52

    Ennen ajoa: 34 089 725 952 tavua vapaana
    Ajon jälkeen: 34,124,824,576 tavua vapaana

    WindowsXP-KB310994-SP2-Home-BootDisk-FIN.EXE
    [boot loader]
    timeout=2
    default=signature(d7ead7ea)disk(0)rdisk(0)partition(1)\WINDOWS
    [operating systems]
    C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
    signature(d7ead7ea)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

    394 --- E O F --- 2008-10-15 09:12:39
     
  2.  
  3. kalminen

    kalminen Regular member

    Liittynyt:
    04.05.2007
    Viestejä:
    3,915
    Kiitokset:
    0
    Pisteet:
    46
    Lähetä HJT:n logi ja
    kerro minkälainen ongelma koneella on.
    D:
     
  4. Yomito

    Yomito Member

    Liittynyt:
    28.07.2007
    Viestejä:
    59
    Kiitokset:
    0
    Pisteet:
    16
    Kone on taas harvinaisen hitaalla. ja toiseen otteeseen oon joutunu jo formatoimaan. Sitten kannattaako ottaa tuon norton 360 lisäksi mitään muuta virustorjuntaaa?










    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 8:38:29, on 20.10.2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16735)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Analog Devices\Core\smax4pnp.exe
    C:\Program Files\ASUS\AASP\1.00.23\aaCenter.exe
    C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe
    C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    D:\Ohjelmat\Winamp\winampa.exe
    C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\DNA\btdna.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    D:\Pelit\Steam.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\explorer.exe
    C:\WINDOWS\system32\notepad.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    D:\Ohjelmat\HiJackThis_v2.0.2.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
    O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll
    O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll
    O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
    O4 - HKLM\..\Run: [AsusServiceProvider] C:\Program Files\ASUS\AASP\1.00.23\aaCenter.exe
    O4 - HKLM\..\Run: [AsusStartupHelp] C:\Program Files\ASUS\AASP\1.00.23\AsRunHelp.exe
    O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe"
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton 360\osCheck.exe"
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
    O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot
    O4 - HKLM\..\Run: [WinampAgent] D:\Ohjelmat\Winamp\winampa.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [Steam] "D:\Pelit\Steam.exe" -silent
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Paikallinen palve')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Verkkopalve')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab
    O23 - Service: Automaattinen LiveUpdate-ajastustoiminto (Automatic LiveUpdate Scheduler) - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
    O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe

    --
    End of file - 6960 bytes
     
  5. Yomito

    Yomito Member

    Liittynyt:
    28.07.2007
    Viestejä:
    59
    Kiitokset:
    0
    Pisteet:
    16
    Ja sitten viel uus combofix logi:



    ComboFix 08-10-19.04 - Omistaja 2008-10-20 8:30:31.7 - NTFSx86
    Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1035.18.1587 [GMT 3:00]
    Sijainti: D:\Ohjelmat\ComboFix.exe
    * Uusi palautuspiste luotu
    .

    (((((((((((((((((((((((((((((((((((((( Muut poistot ))))))))))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\WINDOWS\system32\drivers\oreans32.sys

    .
    ((((((((((((((((((((((((((((((((((((((( Ajurit/Palvelut )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    -------\Legacy_OREANS32
    -------\Service_oreans32


    ((((( Tiedostot, jotka on luotu seuraavalla aikavälillä: 2008-09-20 to 2008-10-20 )))))))))))))))))
    .

    2008-10-19 00:33 . 2004-08-03 23:08 26,496 --a--c--- C:\WINDOWS\system32\dllcache\usbstor.sys
    2008-10-17 17:23 . 2008-10-17 17:23 <KANSIO> d-------- C:\Documents and Settings\Omistaja\Application Data\Nexon
    2008-10-14 23:12 . 2008-10-14 23:12 <KANSIO> d-------- C:\Documents and Settings\Omistaja\Application Data\Ventrilo
    2008-10-11 20:46 . 2008-10-11 20:46 <KANSIO> d-------- C:\Program Files\Windows Media Connect 2
    2008-10-11 20:45 . 2008-10-11 20:45 <KANSIO> d-------- C:\WINDOWS\system32\LogFiles
    2008-10-11 20:45 . 2008-10-11 20:46 <KANSIO> d-------- C:\WINDOWS\system32\drivers\UMDF
    2008-10-07 17:38 . 2006-10-02 13:43 6,144 --a------ C:\WINDOWS\system32\ff_acm.acm
    2008-10-07 17:38 . 2006-10-02 13:44 5,120 --a------ C:\WINDOWS\system32\ff_vfw.dll
    2008-10-07 17:38 . 2006-08-05 12:06 547 --a------ C:\WINDOWS\system32\ff_vfw.dll.manifest
    2008-10-07 17:33 . 2008-10-07 17:33 <KANSIO> d-------- C:\Program Files\BS.Player ControlBar
    2008-10-07 17:33 . 2008-10-07 17:33 <KANSIO> d-------- C:\Documents and Settings\Omistaja\Application Data\BSplayer Pro
    2008-10-07 17:33 . 2008-10-07 17:36 <KANSIO> d-------- C:\Documents and Settings\Omistaja\Application Data\BSplayer
    2008-10-07 16:56 . 2008-10-07 16:56 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
    2008-10-05 01:19 . 2008-10-05 01:19 <KANSIO> d-------- C:\Program Files\Common Files\Adobe AIR
    2008-10-05 01:19 . 2008-10-05 01:19 <KANSIO> d-------- C:\Program Files\Common Files\Adobe
    2008-10-05 01:12 . 2008-10-05 10:19 <KANSIO> d-------- C:\Program Files\NOS
    2008-10-05 01:12 . 2008-10-05 10:19 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\NOS
    2008-10-02 16:32 . 2008-07-18 22:07 270,880 --a------ C:\WINDOWS\system32\mucltui.dll
    2008-10-02 16:32 . 2008-07-18 22:07 210,976 --a------ C:\WINDOWS\system32\muweb.dll
    2008-10-02 16:32 . 2008-07-18 22:07 29,728 --a------ C:\WINDOWS\system32\mucltui.dll.mui
    2008-10-01 14:52 . 2008-10-01 16:23 <KANSIO> d-------- C:\Documents and Settings\Omistaja\Contacts
    2008-10-01 14:49 . 2008-10-07 16:56 <KANSIO> d----c--- C:\WINDOWS\system32\DRVSTORE
    2008-10-01 14:46 . 2008-10-01 14:49 <KANSIO> d--hsc--- C:\Program Files\Common Files\WindowsLiveInstaller
    2008-10-01 14:45 . 2008-10-01 14:49 <KANSIO> d-------- C:\Program Files\Windows Live
    2008-10-01 14:45 . 2008-10-01 14:45 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
    2008-09-30 16:07 . 2008-10-19 14:36 8 --a------ C:\WINDOWS\system32\nvModes.dat
    2008-09-30 16:06 . 2008-09-30 16:06 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\nView_Profiles
    2008-09-25 18:02 . 2008-09-25 18:02 <KANSIO> d-------- C:\WINDOWS\Sun
    2008-09-23 21:47 . 2008-09-30 21:21 23 --a------ C:\WINDOWS\BlendSettings.ini
    2008-09-23 17:30 . 2008-09-23 17:30 <KANSIO> d-------- C:\Program Files\Winamp Toolbar
    2008-09-23 17:30 . 2008-09-23 17:30 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\Winamp Toolbar
    2008-09-23 17:25 . 2008-09-23 20:52 <KANSIO> d-------- C:\Documents and Settings\Omistaja\Application Data\Winamp
    2008-09-23 11:36 . 2008-10-19 22:57 <KANSIO> d-------- C:\Documents and Settings\Omistaja\Application Data\LimeWire
    2008-09-22 17:15 . 2008-09-22 17:15 <KANSIO> d-------- C:\Documents and Settings\Omistaja\Application Data\AdobeUM

    .
    (((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-10-20 05:33 --------- d-----w C:\Program Files\Common Files\Symantec Shared
    2008-10-20 05:31 --------- d-----w C:\Documents and Settings\Omistaja\Application Data\DNA
    2008-10-14 20:11 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
    2008-10-07 19:44 --------- d-----w C:\Documents and Settings\Omistaja\Application Data\BitTorrent
    2008-09-23 18:40 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-09-22 14:16 805 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.INF
    2008-09-22 14:16 60,800 ----a-w C:\WINDOWS\system32\S32EVNT1.DLL
    2008-09-22 14:16 123,952 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.SYS
    2008-09-22 14:16 10,671 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.CAT
    2008-09-22 14:16 --------- d-----w C:\Program Files\Symantec
    2008-09-22 14:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
    2008-09-19 13:52 --------- d-----w C:\Program Files\Games-Masters.com
    2008-09-18 03:35 --------- d-----w C:\Program Files\Common Files\INCA Shared
    2008-09-17 12:10 6,912 ----a-w C:\WINDOWS\system32\drivers\JGOGO.sys
    2008-09-17 12:10 46,208 ----a-w C:\WINDOWS\system32\drivers\jraid.sys
    2008-09-17 12:10 143,360 ----a-w C:\WINDOWS\system32\xRaidAPI.dll
    2008-09-17 12:10 1,953,792 ----a-w C:\WINDOWS\system32\xRaidSetup.exe
    2008-09-17 12:04 --------- d-----w C:\Program Files\AGEIA Technologies
    2008-09-17 10:17 --------- d-----w C:\Program Files\DNA
    2008-09-17 10:12 --------- d-----w C:\Documents and Settings\Omistaja\Application Data\uTorrent
    2008-09-17 07:41 --------- d-----w C:\Program Files\Norton 360
    2008-09-16 17:03 --------- d-----w C:\Documents and Settings\All Users\Application Data\InstallShield
    2008-09-16 17:01 --------- d-----w C:\Program Files\Common Files\InstallShield
    2008-09-16 11:47 --------- d-----w C:\Documents and Settings\Omistaja\Application Data\Symantec
    2008-09-16 09:21 --------- d-----w C:\Program Files\Windows Sidebar
    2008-09-16 08:55 --------- d-----w C:\Program Files\Java
    2008-09-16 08:54 --------- d-----w C:\Program Files\Common Files\Java
    2008-09-15 15:40 1,846,272 ----a-w C:\WINDOWS\system32\win32k.sys
    2008-09-14 13:21 --------- d-----w C:\Documents and Settings\Omistaja\Application Data\InstallShield
    2008-09-14 12:46 --------- d-----w C:\Program Files\SystemRequirementsLab
    2008-09-14 12:21 --------- d-----w C:\Program Files\ASUS
    2008-09-14 12:17 --------- d-----w C:\Program Files\Realtek
    2008-09-14 12:17 --------- d-----w C:\Program Files\Analog Devices
    2008-09-14 12:10 --------- d-----w C:\Program Files\microsoft frontpage
    2008-08-28 10:04 333,056 ----a-w C:\WINDOWS\system32\drivers\srv.sys
    2008-08-26 08:12 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
    2008-08-14 13:46 2,138,624 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
    2008-08-14 13:46 2,018,304 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe
    2008-08-06 04:51 453,152 ----a-w C:\WINDOWS\system32\NVUNINST.EXE
    2008-08-01 08:05 70,936 ----a-w C:\WINDOWS\system32\PhysXLoader.dll
    .

    ((((((((((((((((((((((((((((( snapshot_2008-10-17_17.18.54.15 )))))))))))))))))))))))))))))))))))))))))
    .
    + 2006-10-24 00:01:44 780,800 ----a-w C:\WINDOWS\Resources\Themes\Zune\Shell\NormalColor\shellstyle.dll
    + 2004-08-03 20:08:48 26,496 ----a-w C:\WINDOWS\system32\drivers\USBSTOR.SYS
    + 2008-10-20 05:33:24 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_66c.dat
    .
    (((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä
    REGEDIT4

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayExcluded]
    @="{4433A54A-1AC8-432F-90FC-85F045CF383C}"
    [HKEY_CLASSES_ROOT\CLSID\{4433A54A-1AC8-432F-90FC-85F045CF383C}]
    2008-02-26 11:34 576352 --a------ C:\Program Files\Common Files\Symantec Shared\Backup\buShell.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayPending]
    @="{F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225}"
    [HKEY_CLASSES_ROOT\CLSID\{F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225}]
    2008-02-26 11:34 576352 --a------ C:\Program Files\Common Files\Symantec Shared\Backup\buShell.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayProtected]
    @="{476D0EA3-80F9-48B5-B70B-05E677C9C148}"
    [HKEY_CLASSES_ROOT\CLSID\{476D0EA3-80F9-48B5-B70B-05E677C9C148}]
    2008-02-26 11:34 576352 --a------ C:\Program Files\Common Files\Symantec Shared\Backup\buShell.dll

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-02 15360]
    "BitTorrent DNA"="C:\Program Files\DNA\btdna.exe" [2008-09-17 289088]
    "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
    "Steam"="D:\Pelit\Steam.exe" [2008-10-19 1410296]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" [2006-03-02 208952]
    "PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2006-03-02 455168]
    "PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2006-03-02 455168]
    "SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2006-12-18 868352]
    "AsusServiceProvider"="C:\Program Files\ASUS\AASP\1.00.23\aaCenter.exe" [2007-01-05 597504]
    "AsusStartupHelp"="C:\Program Files\ASUS\AASP\1.00.23\AsRunHelp.exe" [2006-12-29 363008]
    "Ai Nap"="C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe" [2007-01-11 1423360]
    "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2008-08-15 13570048]
    "ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2008-02-18 51048]
    "osCheck"="C:\Program Files\Norton 360\osCheck.exe" [2008-02-26 988512]
    "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2008-08-15 86016]
    "JMB36X IDE Setup"="C:\WINDOWS\RaidTool\xInsIDE.exe" [2008-09-17 36864]
    "36X Raid Configurer"="C:\WINDOWS\system32\xRaidSetup.exe" [2008-09-17 1953792]
    "WinampAgent"="D:\Ohjelmat\Winamp\winampa.exe" [2008-08-04 36352]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
    "nwiz"="nwiz.exe" [2008-08-15 C:\WINDOWS\system32\nwiz.exe]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-03-02 15360]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "msacm.avis"= ff_acm.acm

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "C:\\Program Files\\DNA\\btdna.exe"=
    "D:\\Ohjelmat\\Torrent\\BitTorrent\\bittorrent.exe"=
    "C:\\Program Files\\Messenger\\msmsgs.exe"=
    "D:\\Ohjelmat\\LimeWire\\LimeWire.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

    R2 LiveUpdate Notice;LiveUpdate Notice;C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-02-18 149352]
    S3 COH_Mon;COH_Mon;C:\WINDOWS\system32\Drivers\COH_Mon.sys [2008-07-30 23888]

    *Newly Created Service* - COMHOST
    .
    .
    ------- Täydentävä tarkistus -------
    .
    FireFox -: Profile - C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\sjyz7jnx.default\
    FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query=
    FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.google.fi/
    FF -: plugin - C:\Program Files\DNA\plugins\npbtdna.dll
    FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\np_gp.dll
    FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll
    .

    **************************************************************************

    catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-10-20 08:33:37
    Windows 5.1.2600 Service Pack 2 NTFS

    tarkistaa piilotettuja prosesseja ...

    tarkistaa piilotettuja käynnistysarvoja ...

    tarkistaa piilotettuja tiedostoja ...

    tarkistus on valmis
    piilotetut tiedostot: 0

    **************************************************************************
    .
    ------------------------ Muut prosessit ------------------------
    .
    C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    .
    **************************************************************************
    .
    Valmistumisajankohta: 2008-10-20 8:35:17 - kone käynnistettiin uudelleen
    ComboFix-quarantined-files.txt 2008-10-20 05:35:13
    ComboFix2.txt 2008-10-17 14:19:09
    ComboFix3.txt 2008-10-14 10:20:56
    ComboFix4.txt 2008-10-06 16:01:19
    ComboFix5.txt 2008-10-20 05:30:04

    Ennen ajoa: 33 918 427 136 tavua vapaana
    Ajon jälkeen: 33,953,808,384 tavua vapaana

    201 --- E O F --- 2008-10-15 09:12:39
     
  6. kalminen

    kalminen Regular member

    Liittynyt:
    04.05.2007
    Viestejä:
    3,915
    Kiitokset:
    0
    Pisteet:
    46
    Ei kannata !!!

    Mutta päivitä Winukka:
    http://www.microsoft.com/downloads/Search.aspx?displaylang=fi

    ---------------

    Sammuta selain ja muut ohjelmat Fixin ajaksi. (ei virustorjuntaa)
    Käynnistä HijackThis:ja Scan ja ruksaa seuraavat punaisella listatut tiedostot sekä poista ne.(fix Chekked)

    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"


    Logit on kunnossa D:
    .
     

Jaa tämä sivu