HijackThis login tarkistus

Moro, tässä on viimepäivinä raksuttanut kovalevy 24/7 ja kone vähä hitaampi ollut. Eilen kun olin sammuttamassa konetta tuli jokin ohjelman lopetusviesti, jossa oli joku aivan ihme ohjelma.
Voisiko joku siis tämän tarkistaa?

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:36:03, on 19.6.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Avast4\aswUpdSv.exe
C:\Program Files\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\Avast4\ashDisp.exe
C:\Program Files\COMODO\Firewall\cfp.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
E:\Program Files\Valve\Steam\Steam.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\COMODO\Firewall\cmdagent.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Avast4\ashWebSv.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Steam] "E:\Program Files\Valve\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Paikallinen palve')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Verkkopalve')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Avast4\ashServ.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

--
End of file - 7275 bytes

 

scannaa hjt:llä merkkaa paina Fix checked

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

===========

Lataa Malwarebytes' Anti-Malware työpöydällesi.

1. Tuplaklikkaa mbam-setup.exe ja seuraa ohjeita asentaaksesi ohjelman.
2. Lopuksi varmistu, että seuraavat on valittu: Update Malwarebytes', Anti-Malwareja
Launch Malwarebytes' Anti-Malware ja sen jälkeen klikkaaFinish.
3. Jos päivitys löytyy. ohjelma lataa ja asentaa uusimman version.
4. Kun ohjelma on latautunut, valitse Perform full scan ja klikkaa Scan.
5. Kun skanni on valmis, klikkaa OK ja sitten Show Results nähdäksesi tulokset.
6. Varmistu, että kaikki on merkitty ja klikkaa Remove Selected.
7. Tämän jälkeen loki avautuu muistioon. Tallenna se paikkaan, josta löydät sen helposti. Loki
löytyy myös täältä: C:\Documents and Settings\Käyttäjänimi\Application
Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-päiväys.txt
8. Lähetä lokin sisältö seuraavassa viestissäsi.

 

Kone laitto malvare scannerillä tarkistaessa 2 kertaa blue screenin ja käynnisti itsensä uudelleen. malvarescanni oli kerinny pyörii muutaman minuutin molemmilla kerroilla. Ei kai sittenkin lähteny väärä tiedosto hijackilla?

Laitan hijack raportin uudestaan tähän

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:56:07, on 19.6.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\savedump.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Avast4\aswUpdSv.exe
C:\Program Files\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\Avast4\ashDisp.exe
C:\Program Files\COMODO\Firewall\cfp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
E:\Program Files\Valve\Steam\Steam.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\COMODO\Firewall\cmdagent.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Avast4\ashWebSv.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\U-ABIT\abitEQ\abiteq.exe
C:\Program Files\EVEREST Home Edition\everest.bin
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Steam] "E:\Program Files\Valve\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Paikallinen palve')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Verkkopalve')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Avast4\ashServ.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

--
End of file - 6963 bytes

 

1.Lataa combofix.exe työpöydällesi yhdestä linkistä:
combofix1
combofix2

2. Tuplaklikkaa combofix.exe tiedostoa ja seuraa ohjeistuksia.
3. Kun työkalu on valmis, se tuottaa lokin. Lähetä tämä loki viesti ketjuusi.
Huom! Älä klikkaile combofixin ikkunaa käytön aikana. Tämä saattaa aiheuttaa ohjelman jumiutumisen.

 

ComboFix 08-06-16.5 - Teemu Tanskanen 2008-06-19 15:20:57.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1035.18.2849 [GMT 3:00]
Running from: C:\Documents and Settings\Teemu Tanskanen\Työpöytä\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((( Tiedostot, jotka on luotu seuraavalla aikavälillä: 2008-05-19 to 2008-06-19 )))))))))))))))))
.

2008-06-19 14:26 . 2008-06-19 14:26 <KANSIO> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-06-19 14:26 . 2008-06-19 14:26 <KANSIO> d-------- C:\Documents and Settings\Teemu Tanskanen\Application Data\Malwarebytes
2008-06-19 14:26 . 2008-06-19 14:26 <KANSIO> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes
2008-06-19 14:26 . 2008-06-10 19:02 34,296 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-06-19 14:26 . 2008-06-10 19:02 15,864 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-06-18 10:32 . 2008-06-18 10:32 <KANSIO> d-------- C:\Program Files\Opera
2008-06-16 20:10 . 2008-06-16 20:10 <KANSIO> d-------- C:\Documents and Settings\Teemu Tanskanen\OngameNetwork
2008-06-15 20:45 . 2008-06-15 20:45 268 --ah----- C:\sqmdata00.sqm
2008-06-15 20:45 . 2008-06-15 20:45 244 --ah----- C:\sqmnoopt00.sqm
2008-06-15 17:29 . 2008-06-15 17:29 <KANSIO> dr------- C:\Documents and Settings\Järjestelmänvalvoja\Omat tiedostot
2008-06-15 17:29 . 2008-06-15 17:29 <KANSIO> dr------- C:\Documents and Settings\Järjestelmänvalvoja\Omat tiedostot
2008-06-14 21:52 . 2008-06-14 21:52 107,888 --a------ C:\WINDOWS\system32\CmdLineExt.dll
2008-06-14 21:30 . 2008-06-14 21:31 <KANSIO> d-------- C:\Program Files\SystemRequirementsLab
2008-06-14 21:30 . 2008-06-14 21:30 <KANSIO> d-------- C:\Documents and Settings\Teemu Tanskanen\Application Data\SystemRequirementsLab
2008-06-13 13:40 . 2008-06-13 13:40 <KANSIO> d-------- C:\NVIDIA
2008-06-13 13:31 . 2008-06-19 11:38 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-06-13 13:31 . 2008-06-13 13:31 1,409 --a------ C:\WINDOWS\QTFont.for
2008-06-12 16:26 . 2007-10-12 15:14 3,734,536 --a------ C:\WINDOWS\system32\d3dx9_36.dll
2008-06-12 16:26 . 2007-10-12 15:14 1,374,232 --a------ C:\WINDOWS\system32\D3DCompiler_36.dll
2008-06-12 16:26 . 2007-10-02 09:56 444,776 --a------ C:\WINDOWS\system32\d3dx10_36.dll
2008-06-12 16:26 . 2007-10-22 03:39 267,272 --a------ C:\WINDOWS\system32\xactengine2_10.dll
2008-06-12 16:26 . 2007-07-20 00:57 267,112 --a------ C:\WINDOWS\system32\xactengine2_9.dll
2008-06-11 11:29 . 2008-04-14 18:59 272,128 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys
2008-06-11 11:29 . 2008-05-08 17:02 203,136 -----c--- C:\WINDOWS\system32\dllcache\rmcast.sys
2008-06-10 21:32 . 2008-06-10 22:06 <KANSIO> d-------- C:\Documents and Settings\Teemu Tanskanen\Application Data\Mount&Blade
2008-06-01 16:55 . 2008-06-01 16:58 <KANSIO> d-------- C:\Documents and Settings\Teemu Tanskanen\Application Data\U3
2008-05-30 22:46 . 2008-05-30 22:46 <KANSIO> d-------- C:\Program Files\Apple Software Update
2008-05-30 22:46 . 2008-05-30 22:46 <KANSIO> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple
2008-05-26 14:50 . 2008-05-26 14:50 <KANSIO> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Ubisoft
2008-05-26 12:48 . 2008-05-26 12:48 <KANSIO> d-------- C:\Documents and Settings\Teemu Tanskanen\Application Data\PowerChallenge
2008-05-26 12:43 . 2008-05-26 12:44 <KANSIO> d-------- C:\WINDOWS\system32\Adobe
2008-05-26 12:43 . 2008-05-26 12:43 681 --a------ C:\WINDOWS\mozver.dat
2008-05-24 15:30 . 2008-05-24 15:30 <KANSIO> d-------- C:\Documents and Settings\Teemu Tanskanen\Application Data\TVU Networks
2008-05-24 15:27 . 2008-05-24 15:27 <KANSIO> d-------- C:\Documents and Settings\Teemu Tanskanen\LocalLow
2008-05-24 15:27 . 2008-05-24 15:27 <KANSIO> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\TVU Networks
2008-05-21 14:52 . 2008-05-21 14:52 <KANSIO> d-------- C:\WINDOWS\system32\fi
2008-05-21 14:52 . 2008-05-21 14:52 <KANSIO> d-------- C:\WINDOWS\system32\bits
2008-05-21 14:52 . 2008-05-21 14:52 <KANSIO> d-------- C:\WINDOWS\l2schemas
2008-05-21 14:51 . 2008-05-21 14:52 <KANSIO> d-------- C:\WINDOWS\ServicePackFiles
2008-05-21 14:41 . 2008-05-21 14:41 <KANSIO> d-------- C:\WINDOWS\EHome
2008-05-20 16:01 . 2008-05-20 16:01 <KANSIO> d-------- C:\Documents and Settings\Teemu Tanskanen\Application Data\Apple Computer
2008-05-20 15:57 . 2008-05-20 15:57 <KANSIO> d-------- C:\Program Files\QuickTime
2008-05-20 15:57 . 2008-05-20 15:57 <KANSIO> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple Computer

.
(((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-19 11:46 --------- d-----w C:\Documents and Settings\Teemu Tanskanen\Application Data\uTorrent
2008-06-17 20:13 --------- d-----w C:\Documents and Settings\Teemu Tanskanen\Application Data\mIRC
2008-06-17 19:38 --------- d-----w C:\Program Files\mIRC
2008-06-16 10:46 --------- d-----w C:\Documents and Settings\Teemu Tanskanen\Application Data\LimeWire
2008-06-14 18:25 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-06-14 08:10 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
2008-06-14 08:10 107,832 ----a-w C:\WINDOWS\system32\PnkBstrB.exe
2008-06-13 10:16 --------- d---a-w C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
2008-06-13 10:14 --------- d-----w C:\Program Files\BSplayerPro
2008-06-12 13:31 66,872 ----a-w C:\WINDOWS\system32\PnkBstrA.exe
2008-06-12 13:31 22,328 ----a-w C:\Documents and Settings\Teemu Tanskanen\Application Data\PnkBstrK.sys
2008-06-12 13:31 2,337,865 ----a-w C:\WINDOWS\system32\pbsvc.exe
2008-06-05 15:08 --------- d-----w C:\Program Files\Avast4
2008-05-23 10:41 87,056 ----a-w C:\WINDOWS\system32\drivers\cmdguard.sys
2008-05-23 10:41 24,208 ----a-w C:\WINDOWS\system32\drivers\cmdhlp.sys
2008-05-23 10:41 143,104 ----a-w C:\WINDOWS\system32\guard32.dll
2008-05-18 09:11 --------- d-----w C:\Program Files\AVG Anti-Spyware 7.5
2008-05-18 09:10 --------- d-----w C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Grisoft
2008-05-18 09:04 --------- d-----w C:\Program Files\Common Files\Adobe
2008-05-18 08:57 --------- d-----w C:\Documents and Settings\Teemu Tanskanen\Application Data\Grisoft
2008-05-18 08:57 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Grisoft
2008-05-18 08:53 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Lavasoft
2008-05-18 08:52 --------- d-----w C:\Program Files\Lavasoft
2008-05-18 08:52 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-05-14 16:46 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\FLEXnet
2008-05-14 16:35 --------- d-----w C:\Program Files\Bonjour
2008-05-14 16:29 --------- d-----w C:\Program Files\Common Files\Macrovision Shared
2008-05-08 14:02 203,136 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2008-05-07 05:12 1,288,704 ----a-w C:\WINDOWS\system32\quartz.dll
2008-05-06 10:24 --------- d-----w C:\Documents and Settings\Teemu Tanskanen\Application Data\Ahead
2008-05-06 10:08 --------- d-----w C:\Program Files\CCleaner
2008-05-04 18:17 --------- d-----w C:\Program Files\DAEMON Tools Lite
2008-05-04 17:25 717,296 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2008-05-04 17:25 --------- d-----w C:\Documents and Settings\Teemu Tanskanen\Application Data\DAEMON Tools
2008-05-04 15:13 86,016 ----a-w C:\WINDOWS\system32\OpenAL32.dll
2008-05-04 15:13 262,144 ----a-w C:\WINDOWS\system32\wrap_oal.dll
2008-05-04 09:53 --------- d-----w C:\Documents and Settings\Teemu Tanskanen\Application Data\BSplayer PRO
2008-05-04 09:06 --------- d-----w C:\Documents and Settings\Teemu Tanskanen\Application Data\vlc
2008-05-04 09:05 --------- d-----w C:\Program Files\VideoLAN
2008-05-03 20:19 --------- d-----w C:\Program Files\LimeWire
2008-05-03 19:34 --------- d-----w C:\Program Files\uTorrent
2008-05-03 19:33 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\WinZip
2008-05-03 14:24 --------- d-----w C:\Program Files\ffdshow
2008-05-03 14:22 --------- d-----w C:\Program Files\AC3Filter
2008-05-03 14:17 --------- d-----w C:\Program Files\Java
2008-05-03 14:17 --------- d-----w C:\Program Files\Common Files\Java
2008-05-03 11:44 --------- d-----w C:\Program Files\MSXML 4.0
2008-05-03 11:40 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
2008-05-03 11:40 --------- d-----w C:\Program Files\Windows Live
2008-05-03 11:38 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\WLInstaller
2008-05-03 11:15 --------- d-----w C:\Program Files\EVEREST Home Edition
2008-05-03 10:40 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\comodo
2008-05-03 10:38 --------- d-----w C:\Program Files\COMODO
2008-05-03 10:38 --------- d-----w C:\Documents and Settings\Teemu Tanskanen\Application Data\Comodo
2008-05-03 10:28 --------- d-----w C:\Program Files\F-Secure
2008-05-03 08:48 --------- d-----w C:\Documents and Settings\Teemu Tanskanen\Application Data\Microsoft Web Folders
2008-05-03 08:09 --------- d-----w C:\Program Files\U-ABIT
2008-05-03 08:09 --------- d-----w C:\Documents and Settings\Teemu Tanskanen\Application Data\InstallShield
2008-05-03 08:03 --------- d-----w C:\Program Files\Marvell
2008-05-03 08:03 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-05-03 07:57 315,392 ----a-w C:\WINDOWS\HideWin.exe
2008-05-03 07:57 --------- d-----w C:\Program Files\Realtek
2008-05-03 07:41 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Ahead
2008-05-03 07:40 --------- d-----w C:\Program Files\Common Files\Ahead
2008-05-03 07:36 --------- d-----w C:\Program Files\Nero
2008-05-03 07:36 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Nero
2008-05-02 19:09 --------- d-----w C:\Program Files\microsoft frontpage
2008-04-30 14:27 442,368 ----a-w C:\WINDOWS\system32\NVUNINST.EXE
2008-04-23 04:16 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-04-21 12:00 7,680 ----a-w C:\WINDOWS\system32\ff_vfw.dll
2008-04-21 12:00 60,273 ----a-w C:\WINDOWS\system32\pthreadGC2.dll
2008-04-14 16:27 1,804 ----a-w C:\WINDOWS\system32\dcache.bin
2008-04-14 16:15 331,264 ----a-w C:\WINDOWS\system32\netsetup.exe
2008-04-14 16:11 997,888 ----a-w C:\WINDOWS\system32\msgina.dll
2008-04-14 16:10 9,344 ----a-w C:\WINDOWS\system32\framebuf.dll
2008-04-14 16:09 3,072 ----a-w C:\WINDOWS\system32\dpnlobby.dll
2008-04-14 16:09 3,072 ----a-w C:\WINDOWS\system32\dpnaddr.dll
2008-04-14 16:09 285,696 ----a-w C:\WINDOWS\system32\atmfd.dll
2008-04-14 16:09 16,896 ----a-w C:\WINDOWS\system32\cfgmgr32.dll
2008-04-14 15:49 2,147,840 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
2008-04-14 15:49 2,026,496 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe
2008-04-14 15:48 4,096 ----a-w C:\WINDOWS\system32\dsprpres.dll
2008-04-14 15:46 79,872 ------w C:\WINDOWS\system32\msxml6r.dll
2008-04-14 15:45 80,384 ------w C:\WINDOWS\system32\msshavmsg.dll
2008-04-14 15:44 48,640 ----a-w C:\WINDOWS\system32\inetres.dll
2008-04-14 15:43 556,032 ----a-w C:\WINDOWS\system32\shdoclc.dll
2008-04-14 15:41 9,728 ----a-w C:\WINDOWS\system32\gpkrsrc.dll
2008-04-14 15:41 1,845,888 ----a-w C:\WINDOWS\system32\win32k.sys
2008-04-14 15:40 65,536 ----a-w C:\WINDOWS\system32\browselc.dll
2008-04-14 15:38 103,424 ----a-w C:\WINDOWS\system32\dpcdll.dll
2008-04-14 06:12 11,264 ----a-w C:\WINDOWS\system32\spnpinst.exe
2008-04-14 06:11 992,256 ----a-w C:\WINDOWS\system32\setupapi.dll
2008-04-14 06:11 423,936 ----a-w C:\WINDOWS\system32\licdll.dll
2008-04-13 18:44 17,664 ----a-w C:\WINDOWS\system32\watchdog.sys
2008-04-13 18:40 440,832 ----a-w C:\WINDOWS\system32\xpob2res.dll
2008-04-13 18:36 2,921,984 ----a-w C:\WINDOWS\system32\xpsp2res.dll
2008-04-13 18:35 24,064 ----a-w C:\WINDOWS\system32\pidgen.dll
2008-04-13 18:35 186,368 ----a-w C:\WINDOWS\system32\xpsp1res.dll
2008-04-13 18:31 7,424 ----a-w C:\WINDOWS\system32\kd1394.dll
2008-04-13 18:30 61,440 ----a-w C:\WINDOWS\system32\msvcrt40.dll
.

(((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 19:12 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-01 10:21 153136]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]
"Steam"="E:\Program Files\Valve\Steam\Steam.exe" [2008-05-04 16:34 1271032]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2008-04-01 12:39 486856]
"AdobeUpdater"="C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe" [2007-02-28 23:06 2321600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 15:57 153136]
"RTHDCPL"="RTHDCPL.EXE" [2007-01-30 13:54 16116224 C:\WINDOWS\RTHDCPL.EXE]
"SkyTel"="SkyTel.EXE" [2006-05-16 13:04 2879488 C:\WINDOWS\SkyTel.exe]
"avast!"="C:\PROGRA~1\Avast4\ashDisp.exe" [2008-05-16 02:19 79224]
"COMODO Firewall Pro"="C:\Program Files\COMODO\Firewall\cfp.exe" [2008-06-01 11:44 1655552]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2008-05-03 05:46 13529088]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2008-05-03 05:46 86016]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 19:12 15360]

C:\Documents and Settings\All Users.WINDOWS\K„ynnist„-valikko\Ohjelmat\K„ynnistys\
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [2000-01-20 18:15:54 65588]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"= C:\WINDOWS\system32\guard32.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.ac3filter"= ac3filter.acm
"msacm.avis"= ff_acm.acm

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\mIRC\\mirc.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\uTorrent\\utorrent.exe"=
"E:\\Program Files\\Battlefield 2\\BF2.exe"=
"C:\\Program Files\\Common Files\\Ahead\\Nero Web\\SetupX.exe"=
"E:\\Program Files\\Crysis\\Bin32\\Crysis.exe"=
"E:\\Program Files\\Crysis\\Bin32\\CrysisDedicatedServer.exe"=
"C:\\WINDOWS\\system32\\PnkBstrA.exe"=
"C:\\WINDOWS\\system32\\PnkBstrB.exe"=
"E:\\Program Files\\Valve\\Steam\\SteamApps\\pasipasanen\\counter-strike\\hl.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"E:\\Program Files\\TVUPlayer\\TVUPlayer.exe"=
"E:\\Program Files\\Tom Clancy's Splinter Cell Double Agent Demo\\SCDA-Offline\\System\\SplinterCell4.exe"=
"E:\\Program Files\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"E:\\Program Files\\Ubisoft\\Tom Clancy's Rainbow Six Vegas 2\\Binaries\\R6Vegas2_Game.exe"=
"E:\\Program Files\\Ubisoft\\Tom Clancy's Rainbow Six Vegas 2\\Binaries\\R6Vegas2_Launcher.exe"=
"E:\\Program Files\\Neverwinter Nights 2\\nwn2main.exe"=
"E:\\Program Files\\Neverwinter Nights 2\\nwn2main_amdxp.exe"=
"E:\\Program Files\\Neverwinter Nights 2\\nwupdate.exe"=
"E:\\Program Files\\Neverwinter Nights 2\\nwn2server.exe"=

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 02:20]
R1 cmdGuard;COMODO Firewall Pro Sandbox Driver;C:\WINDOWS\system32\DRIVERS\cmdguard.sys [2008-05-23 13:41]
R1 cmdHlp;COMODO Firewall Pro Helper Driver;C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [2008-05-23 13:41]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 02:16]
R3 ABIT-IO;ABIT-IO;C:\Program Files\U-ABIT\abitEQ\ABIT-IO.sys [2005-12-08 14:53]
S3 MBAMCatchMe;MBAMCatchMe;C:\WINDOWS\system32\drivers\mbamcatchme.sys [2008-06-10 19:02]

*Newly Created Service* - CATCHME
.
'Ajoitetut tehtävät'-kansion sisältö
"2008-06-07 16:11:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-19 15:22:20
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\WINDOWS\system32\winlogon.exe
-> C:\WINDOWS\system32\guard32.dll

PROCESS: C:\WINDOWS\system32\lsass.exe
-> C:\WINDOWS\system32\guard32.dll
.
Completion time: 2008-06-19 15:23:14
ComboFix-quarantined-files.txt 2008-06-19 12:22:53

Pre-Run: 68,226,711,552 tavua vapaana
Post-Run: 68,224,790,528 tavua vapaana

245 --- E O F --- 2008-06-11 08:32:03

 

Poista kansio

C:\Program Files\F-Secure

koitas uudelleen Malwarebytes' Anti-Malware ajoa

 

Malwarebytes' Anti-Malware 1.17
Tietokantaversio: 869

18:58:18 19.6.2008
mbam-log-6-19-2008 (18-58-18).txt

Tarkistustyyppi: Täysi tarkistus (C:\|E:\|)
Tarkistetut kohteet: 175182
Kulunut aika: 26 minute(s), 2 second(s)

Saastuneita muistiprosesseja: 0
Saastuneita muistimoduuleja: 0
Saastuneita rekisteriavaimia: 0
Saastuneita rekisteriarvoja: 0
Saastuneita rekisterikohteita: 0
Saastuneita hakemistoja: 0
Saastuneita tiedostoja: 0

Saastuneita muistiprosesseja:
(Haitallisia kohteita ei löydetty)

Saastuneita muistimoduuleja:
(Haitallisia kohteita ei löydetty)

Saastuneita rekisteriavaimia:
(Haitallisia kohteita ei löydetty)

Saastuneita rekisteriarvoja:
(Haitallisia kohteita ei löydetty)

Saastuneita rekisterikohteita:
(Haitallisia kohteita ei löydetty)

Saastuneita hakemistoja:
(Haitallisia kohteita ei löydetty)

Saastuneita tiedostoja:
(Haitallisia kohteita ei löydetty)


Ei siis löytynyt middään.

Taitaa nyt olla puhdas?
Mitä noista ohjelmista uskaltaa käyttää ilman, että tänne laittaa noita raportteja?

 

tätä voit käyttää Malwarebytes' Anti-Malware päivitä se ennen ajoa.

===========

Lataa OTMoveIt
OTMoveIt ja tallenna se työpöydällesi.

Tuplaklikkaa OTMoveIt.exe.
Klikkaa CleanUp!.
Valitse Yes kun kysytään "Begin cleanup Process?".
Jos pyydetään, että saako koneen käynnistää uudeelleen, valitse Yes.OTMoveIt poistaa itsensä kun se on valmis, jos näin ei käy poista se itse.

HUOM: Jos palomuurisi tai joku muu tietoturvaohjelma varoittaa, että OTMoveIt yrittää päästä nettin, niin anna sen päästä sinne.

 

Tein tuon, ei tainnut siitä tulla mitään raporttia.

 

eipä tuu ei