HjT - logi / Javaa ei saa poistettua

Nyt tuon alla olevan lainauksen sisällön Kopioit / liität Tyhjään muistioon
käynnistä nappi >apuohjelmat > muistio

Tallenna se nimellä CFScript.txt työpöydälle

Sitten raahaa CFScript ComboFix.exeen kuten alla.



Laita tuleva loki tänne.

Sammutat ja käynnistät koneen

 

ComboFix 09-02-06.01 - Veikko 2009-02-06 21:36:24.6 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1035.18.2045.1051 [GMT 2:00]
Sijainti: c:\users\Veikko\Desktop\ComboFix.exe
Käytetyt komentorivivalitsimet :: c:\users\Veikko\Desktop\CFScript.txt
AV: F-Secure Internet Security 2008 8.00 *On-access scanning disabled* (Updated)
FW: F-Secure Internet Security 2008 8.00 *disabled*
* Uusi palautuspiste luotu

FILE ::
C:\32788R22FWJFW.0.tmp
C:\32788R22FWJFW.1.tmp
C:\32788R22FWJFW.2.tmp
C:\32788R22FWJFW.3.tmp
C:\32788R22FWJFW.4.tmp
C:\32788R22FWJFW.5.tmp
c:\windows\System32\REN233.tmp
c:\windows\System32\REN234.tmp
c:\windows\System32\REN235.tmp
c:\windows\System32\REN26B2.tmp
c:\windows\System32\REN26B3.tmp
c:\windows\System32\REN2B4E.tmp
c:\windows\System32\REN2B4F.tmp
c:\windows\System32\REN2B50.tmp
c:\windows\System32\REN4155.tmp
c:\windows\System32\REN4156.tmp
c:\windows\System32\REN4157.tmp
c:\windows\System32\REN57C.tmp
c:\windows\System32\REN57D.tmp
c:\windows\System32\REN5EF1.tmp
c:\windows\System32\REN5EF2.tmp
c:\windows\System32\REN7AE.tmp
c:\windows\System32\REN7AF.tmp
c:\windows\System32\REN7B0.tmp
c:\windows\System32\REN83A.tmp
c:\windows\System32\REN84B.tmp
c:\windows\System32\REN8593.tmp
c:\windows\System32\REN85A4.tmp
c:\windows\System32\REN85A5.tmp
c:\windows\System32\REN8872.tmp
c:\windows\System32\REN8883.tmp
c:\windows\System32\REN8884.tmp
c:\windows\System32\RENB08E.tmp
c:\windows\System32\RENB08F.tmp
c:\windows\System32\RENB090.tmp
c:\windows\System32\RENB402.tmp
c:\windows\System32\RENB413.tmp
c:\windows\System32\RENB424.tmp
c:\windows\System32\RENB52C.tmp
c:\windows\System32\RENB52D.tmp
c:\windows\System32\RENBE01.tmp
c:\windows\System32\RENBE02.tmp
c:\windows\System32\RENBE03.tmp
c:\windows\System32\RENC2F1.tmp
c:\windows\System32\RENC2F2.tmp
c:\windows\System32\RENC30.tmp
c:\windows\System32\RENC31.tmp
c:\windows\System32\RENC32F.tmp
c:\windows\System32\RENC330.tmp
c:\windows\System32\RENC331.tmp
c:\windows\System32\RENCA22.tmp
c:\windows\System32\RENCA23.tmp
c:\windows\System32\RENCA24.tmp
c:\windows\System32\RENCC26.tmp
c:\windows\System32\RENCC27.tmp
c:\windows\System32\RENCC28.tmp
c:\windows\System32\REND22C.tmp
c:\windows\System32\REND23D.tmp
c:\windows\System32\RENDD9C.tmp
c:\windows\System32\RENDDAC.tmp
c:\windows\System32\RENDDAD.tmp
c:\windows\System32\RENE65A.tmp
c:\windows\System32\RENE65B.tmp
c:\windows\System32\RENE66C.tmp
c:\windows\System32\RENF392.tmp
c:\windows\System32\RENF393.tmp
c:\windows\System32\RENF3EF.tmp
c:\windows\System32\RENF3F0.tmp
c:\windows\System32\RENFA93.tmp
c:\windows\System32\RENFA94.tmp
.

(((((((((((((((((((((((((((((((((((((( Muut poistot ))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\System32\REN233.tmp
c:\windows\System32\REN234.tmp
c:\windows\System32\REN235.tmp
c:\windows\System32\REN26B2.tmp
c:\windows\System32\REN26B3.tmp
c:\windows\System32\REN2B4E.tmp
c:\windows\System32\REN2B4F.tmp
c:\windows\System32\REN2B50.tmp
c:\windows\System32\REN4155.tmp
c:\windows\System32\REN4156.tmp
c:\windows\System32\REN4157.tmp
c:\windows\System32\REN57C.tmp
c:\windows\System32\REN57D.tmp
c:\windows\System32\REN5EF1.tmp
c:\windows\System32\REN5EF2.tmp
c:\windows\System32\REN7AE.tmp
c:\windows\System32\REN7AF.tmp
c:\windows\System32\REN7B0.tmp
c:\windows\System32\REN83A.tmp
c:\windows\System32\REN84B.tmp
c:\windows\System32\REN8593.tmp
c:\windows\System32\REN85A4.tmp
c:\windows\System32\REN85A5.tmp
c:\windows\System32\REN8872.tmp
c:\windows\System32\REN8883.tmp
c:\windows\System32\REN8884.tmp
c:\windows\System32\RENB08E.tmp
c:\windows\System32\RENB08F.tmp
c:\windows\System32\RENB090.tmp
c:\windows\System32\RENB402.tmp
c:\windows\System32\RENB413.tmp
c:\windows\System32\RENB424.tmp
c:\windows\System32\RENB52C.tmp
c:\windows\System32\RENB52D.tmp
c:\windows\System32\RENBE01.tmp
c:\windows\System32\RENBE02.tmp
c:\windows\System32\RENBE03.tmp
c:\windows\System32\RENC2F1.tmp
c:\windows\System32\RENC2F2.tmp
c:\windows\System32\RENC30.tmp
c:\windows\System32\RENC31.tmp
c:\windows\System32\RENC32F.tmp
c:\windows\System32\RENC330.tmp
c:\windows\System32\RENC331.tmp
c:\windows\System32\RENCA22.tmp
c:\windows\System32\RENCA23.tmp
c:\windows\System32\RENCA24.tmp
c:\windows\System32\RENCC26.tmp
c:\windows\System32\RENCC27.tmp
c:\windows\System32\RENCC28.tmp
c:\windows\System32\REND22C.tmp
c:\windows\System32\REND23D.tmp
c:\windows\System32\RENDD9C.tmp
c:\windows\System32\RENDDAC.tmp
c:\windows\System32\RENDDAD.tmp
c:\windows\System32\RENE65A.tmp
c:\windows\System32\RENE65B.tmp
c:\windows\System32\RENE66C.tmp
c:\windows\System32\RENF392.tmp
c:\windows\System32\RENF393.tmp
c:\windows\System32\RENF3EF.tmp
c:\windows\System32\RENF3F0.tmp
c:\windows\System32\RENFA93.tmp
c:\windows\System32\RENFA94.tmp

.
((((( Tiedostot, jotka on luotu seuraavalla aikavälillä: 2009-01-06 to 2009-02-06 )))))))))))))))))
.

2009-02-05 23:49 . 2009-02-05 23:49 <KANSIO> d-------- c:\program files\Common Files\Java
2009-02-05 23:26 . 2009-02-05 23:27 <KANSIO> d-------- C:\32788R22FWJFW.5.tmp
2009-02-05 22:13 . 2009-02-05 22:14 <KANSIO> d-------- C:\32788R22FWJFW.4.tmp
2009-02-05 20:46 . 2009-02-05 20:47 <KANSIO> d-------- C:\32788R22FWJFW.3.tmp
2009-02-04 22:44 . 2009-02-04 22:44 <KANSIO> d-------- C:\32788R22FWJFW.2.tmp
2009-02-04 18:39 . 2009-02-04 18:39 <KANSIO> d-------- c:\program files\Windows Installer Clean Up
2009-02-04 18:39 . 2009-02-04 18:39 <KANSIO> d-------- c:\program files\MSECACHE
2009-02-04 17:02 . 2009-02-04 17:04 <KANSIO> d-------- C:\32788R22FWJFW.1.tmp
2009-02-04 17:02 . 2009-02-04 17:02 <KANSIO> d-------- C:\32788R22FWJFW.0.tmp
2009-02-03 22:06 . 2009-02-03 22:06 <KANSIO> d-------- c:\users\Veikko\AppData\Roaming\Malwarebytes
2009-02-03 22:06 . 2009-02-03 22:06 <KANSIO> d-------- c:\programdata\Malwarebytes
2009-02-03 22:06 . 2009-02-04 08:32 <KANSIO> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-02-03 22:06 . 2009-01-14 16:11 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys
2009-02-03 22:06 . 2009-01-14 16:11 15,504 --a------ c:\windows\System32\drivers\mbam.sys
2009-02-03 20:55 . 2009-02-03 20:55 <KANSIO> d-------- c:\program files\Trend Micro
2009-02-02 22:47 . 2009-02-03 21:24 <KANSIO> d-------- c:\program files\Mozilla Firefox 3.1 Beta 2
2009-02-02 21:18 . 2009-02-02 21:18 <KANSIO> d-------- c:\program files\CCleaner
2009-02-02 15:29 . 2009-02-05 22:45 410,984 --a------ c:\windows\System32\deploytk.dll
2009-01-22 00:22 . 2009-01-22 12:51 <KANSIO> d-------- c:\users\Veikko\AppData\Roaming\gtk-2.0
2009-01-22 00:21 . 2009-01-22 00:22 <KANSIO> d-------- c:\users\Veikko\AppData\Roaming\avidemux
2009-01-21 22:51 . 2009-01-21 22:51 <KANSIO> d-------- c:\program files\DC++
2009-01-14 12:35 . 2008-12-16 04:42 288,768 --a------ c:\windows\System32\drivers\srv.sys
2009-01-12 12:44 . 2009-02-06 21:04 <KANSIO> d-------- c:\users\Veikko\Tracing
2009-01-12 12:42 . 2009-01-12 12:42 <KANSIO> d-------- c:\program files\Microsoft
2009-01-12 12:41 . 2009-01-12 12:41 <KANSIO> d-------- c:\program files\Windows Live SkyDrive
2009-01-12 12:33 . 2009-01-12 12:33 <KANSIO> d-------- c:\program files\Common Files\Windows Live
2009-01-07 21:54 . 2009-01-07 21:54 <KANSIO> d-------- c:\program files\vixy.net

.
(((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-06 19:33 --------- d-----w c:\users\Veikko\AppData\Roaming\foobar2000
2009-02-06 17:23 --------- d-----w c:\program files\Opera
2009-02-05 17:06 --------- d-----w c:\program files\Frets on Fire
2009-02-05 16:25 --------- d-----w c:\users\Veikko\AppData\Roaming\Skype
2009-02-04 19:55 --------- d-----w c:\program files\Common Files\Adobe
2009-02-04 18:36 --------- d-----w c:\program files\Common Files\Steam
2009-02-04 18:31 --------- d-----w c:\users\Veikko\AppData\Roaming\mIRC
2009-02-03 19:58 --------- d-----w c:\program files\Logitech
2009-02-03 18:48 --------- d-----w c:\program files\Image-Line
2009-02-03 18:27 --------- d--h--w c:\program files\InstallShield Installation Information
2009-02-02 18:50 --------- d-----w c:\users\Veikko\AppData\Roaming\LimeWire
2009-01-31 12:24 --------- d-----w c:\program files\Microsoft SQL Server
2009-01-22 13:59 --------- d-----w c:\users\Veikko\AppData\Roaming\BitTorrent
2009-01-15 08:31 --------- d-----w c:\program files\Windows Mail
2009-01-12 10:41 --------- d-----w c:\program files\Windows Live
2009-01-07 19:54 --------- d-----w c:\program files\vixy.net
2009-01-04 22:20 --------- d-----w c:\program files\DVDVideoSoft
2009-01-04 22:20 --------- d-----w c:\program files\Common Files\DVDVideoSoft
2008-12-27 13:03 4,064,702 ----a-w c:\users\Veikko\Farmi15_SFX.exe
2008-12-26 23:13 --------- d-----w c:\program files\Deluxe Ski Jump 3
2008-12-24 13:58 --------- d-----w c:\program files\Sony
2008-12-22 22:10 --------- d-----w c:\users\Veikko\AppData\Roaming\Audacity
2008-12-22 11:29 --------- d-----w c:\users\Veikko\AppData\Roaming\teamspeak2
2008-12-13 19:56 --------- d-----w c:\program files\Teamspeak2_RC2
2008-12-02 20:37 49,480 ----a-w c:\windows\System32\sirenacm.dll
2008-11-24 20:31 65,888 ----a-w c:\windows\System32\sqlctr90.dll
2008-11-24 20:31 2,248,544 ----a-w c:\windows\System32\sqlncli.dll
2008-11-20 16:42 615,424 ----a-w c:\windows\System32\themeui.dll
2008-11-20 16:42 240,128 ----a-w c:\windows\System32\uxtheme.dll
2008-09-03 13:50 174 --sha-w c:\program files\desktop.ini
2007-05-21 10:58 0 ----a-w c:\users\Veikko\AppData\Roaming\wklnhst.dat
.

(((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"SsAAD.exe"="c:\progra~1\Sony\SONICS~1\SsAAD.exe" [2006-11-14 472632]
"Google Update"="c:\users\Veikko\AppData\Local\Google\Update\GoogleUpdate.exe" [2009-02-05 133104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\Apoint\Apoint.exe" [2006-09-11 118784]
"F-Secure Manager"="c:\program files\F-Secure Internet Security\Common\FSM32.EXE" [2007-05-25 183208]
"F-Secure TNB"="c:\program files\F-Secure Internet Security\FSGUI\TNBUtil.exe" [2007-05-25 740208]
"LogitechCommunicationsManager"="c:\program files\Common Files\Logitech\LComMgr\Communications_Helper.exe" [2006-06-26 497200]
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam10\QuickCam10.exe" [2006-06-26 614960]
"LVCOMSX"="c:\program files\Common Files\Logitech\LComMgr\LVComSX.exe" [2006-06-26 243248]
"RtHDVCpl"="RtHDVCpl.exe" [2006-11-09 c:\windows\RtHDVCpl.exe]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2006-11-24 20:36 73728 c:\windows\System32\VESWinlogon.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.dvsd"= c:\program files\Common Files\Sony Shared\VideoLib\sonydv.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{0BC8CEEB-0676-46F7-87F9-5C25E20A995C}"= UDP:c:\program files\Skype\Phone\Skype.exe:Skype
"{CA9C1993-E931-405E-AC12-3341F07F10C4}"= TCP:c:\program files\Skype\Phone\Skype.exe:Skype
"{BA5B2BA1-13B5-4D3D-B676-E6D636D013F7}"= Disabled:UDP:c:\program files\Adobe\Photoshop Elements 5.0\AdobePhotoshopElementsMediaServer.exe:Adobe Photoshop Elements Media Server
"{D2587E63-CCC3-4A4C-A4FC-0A34C21DD9E3}"= Disabled:TCP:c:\program files\Adobe\Photoshop Elements 5.0\AdobePhotoshopElementsMediaServer.exe:Adobe Photoshop Elements Media Server
"{1430669F-0AFF-467F-BC49-C64F0510427B}"= UDP:c:\program files\Winamp Remote\bin\Orb.exe:Orb
"{1E62F26C-48C6-48BA-8287-BAF995099108}"= TCP:c:\program files\Winamp Remote\bin\Orb.exe:Orb
"{D4DF20E9-563D-49E1-9AED-7BBEE7102F12}"= UDP:c:\program files\Winamp Remote\bin\OrbTray.exe:OrbTray
"{90992B76-A6C8-477F-83A4-C584083BEFC0}"= TCP:c:\program files\Winamp Remote\bin\OrbTray.exe:OrbTray
"{A493A5BF-5C2C-4899-BDAB-89D8BABC8C53}"= UDP:c:\program files\Winamp Remote\bin\OrbIR.exe:OrbIR
"{047B06FC-CF5A-443E-B74E-20B6C0C54B50}"= TCP:c:\program files\Winamp Remote\bin\OrbIR.exe:OrbIR
"{FA327854-EEF9-4100-9C2D-5D8581C273D5}"= UDP:c:\program files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client
"{6A9441CF-6F14-4447-8C49-84B70BA2E60F}"= TCP:c:\program files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client
"{B4B1A454-2C0D-4781-B8F3-E8E1ACAC5A13}"= UDP:c:\program files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.0
"{287BCAB3-8895-4662-BE8E-B3F1AB5AF53D}"= TCP:c:\program files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.0
"{BDF01D8E-195A-49F8-9F43-BA83F1BDBFFC}"= UDP:c:\program files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.0
"{E008766E-216E-462E-9235-12D7ED9229CC}"= TCP:c:\program files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.0
"{B7BF959B-71E4-4496-AA52-35CA5E64A87E}"= UDP:c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
"{70D4255D-B13E-46B7-9D7E-1B8E6FDA58D8}"= TCP:c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
"{8B495492-32D0-493B-BAC7-9C4789D3F2FD}"= UDP:c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
"{9BF74940-8E25-4C54-B7A3-4D4087E34AE1}"= TCP:c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
"TCP Query User{77C64838-273A-40A8-896F-05A75CB70D3F}c:\\users\\veikko\\desktop\\strongdc\\strongdc.exe"= UDP:c:\users\veikko\desktop\strongdc\strongdc.exe:strongdc.exe
"UDP Query User{47BC04A9-23EE-44F8-8EAD-E988CA38B0FB}c:\\users\\veikko\\desktop\\strongdc\\strongdc.exe"= TCP:c:\users\veikko\desktop\strongdc\strongdc.exe:strongdc.exe
"{B4A68D98-54B9-417C-B5CC-559BB6504EF3}"= UDP:c:\program files\DNA\btdna.exeNA
"{872C2044-5F03-4F48-9FA3-DB5DEFEB7466}"= TCP:c:\program files\DNA\btdna.exeNA
"TCP Query User{F034008E-5D36-45CE-A319-BCE49447D091}c:\\program files\\bittorrent\\bittorrent.exe"= UDP:c:\program files\bittorrent\bittorrent.exe:bittorrent
"UDP Query User{C52E8E10-31EA-4314-B93D-B9DE234C32F3}c:\\program files\\bittorrent\\bittorrent.exe"= TCP:c:\program files\bittorrent\bittorrent.exe:bittorrent
"TCP Query User{82252084-3908-498F-9119-8F3330596B11}c:\\program files\\dc++\\dcplusplus.exe"= UDP:c:\program files\dc++\dcplusplus.exeC++
"UDP Query User{F4066AD6-2D42-44CE-A369-0700FA7C1D03}c:\\program files\\dc++\\dcplusplus.exe"= TCP:c:\program files\dc++\dcplusplus.exeC++
"TCP Query User{0E777C11-0B5F-48A4-AA78-51A0E8F9820B}c:\\program files\\counter-strike 1.6 v31\\hl.exe"= UDP:c:\program files\counter-strike 1.6 v31\hl.exe:Half-Life Launcher
"UDP Query User{3CED78FE-4DDC-4A41-AD0A-4A29240680AC}c:\\program files\\counter-strike 1.6 v31\\hl.exe"= TCP:c:\program files\counter-strike 1.6 v31\hl.exe:Half-Life Launcher
"TCP Query User{841A7EE8-783A-4FEB-9BFA-74CD0515D1ED}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox
"UDP Query User{8C330778-AD56-4E31-8EA5-1B31A4500114}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox
"TCP Query User{ADA8C9B1-9042-4E17-9E5E-76B293647B4C}c:\\users\\veikko\\program files\\dna\\btdna.exe"= UDP:c:\users\veikko\program files\dna\btdna.exe:btdna.exe
"UDP Query User{04C9CE37-23F3-42CA-9599-1BD4EE26CCFE}c:\\users\\veikko\\program files\\dna\\btdna.exe"= TCP:c:\users\veikko\program files\dna\btdna.exe:btdna.exe
"TCP Query User{32270A38-D83B-4EC1-B772-EAB76486D992}c:\\downloads\\rfactor [pc-dvd] [english] [www.topetorrent.com]\\rfactor [pc-dvd] [english] [www.topetorrent.com]\\rfactor.exe"= UDP:c:\downloads\rfactor [pc-dvd] [english] [www.topetorrent.com]\rfactor [pc-dvd] [english] [www.topetorrent.com]\rfactor.exe:rFactor
"UDP Query User{69F6112A-C8F3-4258-A014-F4793017EF48}c:\\downloads\\rfactor [pc-dvd] [english] [www.topetorrent.com]\\rfactor [pc-dvd] [english] [www.topetorrent.com]\\rfactor.exe"= TCP:c:\downloads\rfactor [pc-dvd] [english] [www.topetorrent.com]\rfactor [pc-dvd] [english] [www.topetorrent.com]\rfactor.exe:rFactor
"TCP Query User{FECDC0D2-B86A-45EE-A4CE-3A908434D234}c:\\downloads\\steamapps\\derbiili\\counter-strike source\\hl2.exe"= UDP:c:\downloads\steamapps\derbiili\counter-strike source\hl2.exe:hl2
"UDP Query User{85632176-6999-4F00-8F82-E80235B1BB8A}c:\\downloads\\steamapps\\derbiili\\counter-strike source\\hl2.exe"= TCP:c:\downloads\steamapps\derbiili\counter-strike source\hl2.exe:hl2
"TCP Query User{E089B513-460D-4189-9757-5FDE8A69CD09}c:\\downloads\\steamapps\\derbiili\\counter-strike source\\hl2.exe"= UDP:c:\downloads\steamapps\derbiili\counter-strike source\hl2.exe:hl2
"UDP Query User{4852ADC9-F8E4-4887-92E4-1228015C1DBB}c:\\downloads\\steamapps\\derbiili\\counter-strike source\\hl2.exe"= TCP:c:\downloads\steamapps\derbiili\counter-strike source\hl2.exe:hl2
"TCP Query User{37C79CE0-96AA-4785-97A6-57D2D363457E}c:\\downloads\\steam\\steamapps\\derbiili\\counter-strike source\\hl2.exe"= UDP:c:\downloads\steam\steamapps\derbiili\counter-strike source\hl2.exe:hl2
"UDP Query User{BCB5C2F9-1318-461F-B983-3BF96A788511}c:\\downloads\\steam\\steamapps\\derbiili\\counter-strike source\\hl2.exe"= TCP:c:\downloads\steam\steamapps\derbiili\counter-strike source\hl2.exe:hl2
"TCP Query User{500F2B3B-9331-4769-B82A-06C6CCA99254}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{BE97C500-FC96-4F36-9B73-915952F2481B}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"TCP Query User{C5200D3C-1C0F-4375-91DC-E1BC96423357}c:\\program files\\msn messenger\\msnmsgr.exe"= UDP:c:\program files\msn messenger\msnmsgr.exe:MSN Messenger
"UDP Query User{4D2E2AB8-D7B7-467D-BD00-22F95ADCA588}c:\\program files\\msn messenger\\msnmsgr.exe"= TCP:c:\program files\msn messenger\msnmsgr.exe:MSN Messenger
"TCP Query User{4D69306B-8C96-4AA7-B76F-8D21FF8F22AC}c:\\users\\veikko\\program files\\bittorrent\\bittorrent.exe"= UDP:c:\users\veikko\program files\bittorrent\bittorrent.exe:bittorrent.exe
"UDP Query User{C98FBF60-CB71-4A51-B3AA-C3D9883E58EE}c:\\users\\veikko\\program files\\bittorrent\\bittorrent.exe"= TCP:c:\users\veikko\program files\bittorrent\bittorrent.exe:bittorrent.exe
"TCP Query User{0FF64EFF-593C-4AD7-A053-5F6861D8E5C1}c:\\downloads\\ra2\\game.exe"= UDP:c:\downloads\ra2\game.exe:Main executable for Red Alert 2
"UDP Query User{B2B53663-0CCE-4F13-BA76-163E2A0FAF58}c:\\downloads\\ra2\\game.exe"= TCP:c:\downloads\ra2\game.exe:Main executable for Red Alert 2
"TCP Query User{BDEB28E4-E095-4ABB-A65A-1A6F10992C7F}c:\\program files\\participatory culture foundation\\miro\\xulrunner\\python\\miro_downloader.exe"= UDP:c:\program files\participatory culture foundation\miro\xulrunner\python\miro_downloader.exe:Miro_Downloader
"UDP Query User{AB3CB54B-4576-4C31-B941-60E2316BC997}c:\\program files\\participatory culture foundation\\miro\\xulrunner\\python\\miro_downloader.exe"= TCP:c:\program files\participatory culture foundation\miro\xulrunner\python\miro_downloader.exe:Miro_Downloader
"TCP Query User{ECC29E4E-4AB5-4B98-959D-CB15006F50D2}c:\\program files\\mirc\\mirc.exe"= UDP:c:\program files\mirc\mirc.exe:mIRC
"UDP Query User{3A5830A4-709D-4693-9A3B-336436152326}c:\\program files\\mirc\\mirc.exe"= TCP:c:\program files\mirc\mirc.exe:mIRC
"TCP Query User{4123F98A-FFBF-4D92-A4D5-D262D0BD1235}c:\\program files\\opera\\opera.exe"= UDP:c:\program files\opera\opera.exe:Opera Internet Browser
"UDP Query User{32EAC0D9-3716-4BD4-A7C5-E8A0AF4A633E}c:\\program files\\opera\\opera.exe"= TCP:c:\program files\opera\opera.exe:Opera Internet Browser
"TCP Query User{C55972E0-776D-4B99-83AB-5F41CBD14FC4}c:\\program files\\skype\\phone\\skype.exe"= UDP:c:\program files\skype\phone\skype.exe:Skype. The whole world can talk for free.
"UDP Query User{4CE348D3-ED36-41E8-B62D-AA4EBC80B3FE}c:\\program files\\skype\\phone\\skype.exe"= TCP:c:\program files\skype\phone\skype.exe:Skype. The whole world can talk for free.
"TCP Query User{275A0A88-27B0-4833-9AD6-B226A6680102}c:\\program files\\atari\\deer hunter 2005\\dh2005.exe"= UDP:c:\program files\atari\deer hunter 2005\dh2005.exeH2005
"UDP Query User{C9DF7B6E-D436-4FD4-A140-AC7B88BB1461}c:\\program files\\atari\\deer hunter 2005\\dh2005.exe"= TCP:c:\program files\atari\deer hunter 2005\dh2005.exeH2005
"TCP Query User{CB436BD8-4777-49C2-B474-CE0E13F687E5}c:\\program files\\java\\jre1.6.0_07\\bin\\javaw.exe"= UDP:c:\program files\java\jre1.6.0_07\bin\javaw.exe:Java(TM) Platform SE binary
"UDP Query User{C7D544F6-2934-4F67-B0E6-E1FC9716C9DF}c:\\program files\\java\\jre1.6.0_07\\bin\\javaw.exe"= TCP:c:\program files\java\jre1.6.0_07\bin\javaw.exe:Java(TM) Platform SE binary
"TCP Query User{4377A7E9-4F14-4AB4-8AAB-BED4EBD5BC68}c:\\users\\veikko\\appdata\\locallow\\powerchallenge\\powersoccer\\powersoccer.exe"= UDP:c:\users\veikko\appdata\locallow\powerchallenge\powersoccer\powersoccer.exeowersoccer.exe
"UDP Query User{B032A9C5-1A7A-4042-817D-9AAF74E5BE5D}c:\\users\\veikko\\appdata\\locallow\\powerchallenge\\powersoccer\\powersoccer.exe"= TCP:c:\users\veikko\appdata\locallow\powerchallenge\powersoccer\powersoccer.exeowersoccer.exe
"TCP Query User{6BB43303-F778-4DF5-A84E-E1B4692FBC71}c:\\program files\\propilkki2\\propilkki2.exe"= UDP:c:\program files\propilkki2\propilkki2.exe:Main executable of PP2
"UDP Query User{511AB870-3106-4338-9500-448FA18FE4E4}c:\\program files\\propilkki2\\propilkki2.exe"= TCP:c:\program files\propilkki2\propilkki2.exe:Main executable of PP2
"TCP Query User{8CC9500E-B3BE-4644-A5A3-9EEC38FA8FD5}c:\\program files\\java\\jre6\\bin\\java.exe"= UDP:c:\program files\java\jre6\bin\java.exe:Java(TM) Platform SE binary
"UDP Query User{8FEB3118-C44F-4AFB-A5F9-B692DD88F9D0}c:\\program files\\java\\jre6\\bin\\java.exe"= TCP:c:\program files\java\jre6\bin\java.exe:Java(TM) Platform SE binary
"TCP Query User{80CFA458-3C93-44FE-9A6C-06F6A5D5C86D}c:\\program files\\java\\jre6\\bin\\javaw.exe"= UDP:c:\program files\java\jre6\bin\javaw.exe:Java(TM) Platform SE binary
"UDP Query User{E402AA20-078A-4276-9470-00B3C9CF5E46}c:\\program files\\java\\jre6\\bin\\javaw.exe"= TCP:c:\program files\java\jre6\bin\javaw.exe:Java(TM) Platform SE binary
"{C2E976F1-385A-480C-953A-4A310474E53B}"= UDP:c:\downloads\steam\steamapps\derbiili\race 07 demo crowne plaza raceway edition\SteamProxy.exe:RACE 07 Demo - Crowne Plaza Raceway edition
"{F74F0B38-9D82-4AAA-8A23-0D956DD2443D}"= TCP:c:\downloads\steam\steamapps\derbiili\race 07 demo crowne plaza raceway edition\SteamProxy.exe:RACE 07 Demo - Crowne Plaza Raceway edition
"{24BDAE99-E97C-4FAD-9771-4407A0F3FAAD}"= UDP:c:\downloads\steam\steamapps\derbiili\race 07 demo crowne plaza raceway edition\RaceConfig_Steam.exe:RACE 07 Demo - Crowne Plaza Raceway edition
"{D8C0C30D-9E51-4824-8A03-306BF7CD5F64}"= TCP:c:\downloads\steam\steamapps\derbiili\race 07 demo crowne plaza raceway edition\RaceConfig_Steam.exe:RACE 07 Demo - Crowne Plaza Raceway edition
"{A1B2A393-7697-4FA0-A6A7-8CB1E0C89704}"= UDP:c:\users\Veikko\AppData\Local\Temp\WZSE0.TMP\SymNRT.exe:Norton Removal Tool
"{59D7A2BD-9D28-4722-85B0-5B70AC31027C}"= TCP:c:\users\Veikko\AppData\Local\Temp\WZSE0.TMP\SymNRT.exe:Norton Removal Tool

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"c:\\Program Files\\BitTorrent\\bittorrent.exe"= c:\program files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent

R1 F-Secure HIPS;F-Secure HIPS;c:\program files\F-Secure Internet Security\HIPS\fshs.sys [2008-05-02 41184]
R1 FSES;F-Secure Email Scanning Driver;c:\windows\System32\drivers\fses.sys [2008-05-02 35024]
R1 FSFW;F-Secure Firewall Driver;c:\windows\System32\drivers\fsdfw.sys [2008-05-02 60064]
R1 fsvista;F-Secure Vista Support Driver;c:\program files\F-Secure Internet Security\Anti-Virus\minifilter\fsvista.sys [2008-05-02 13168]
R2 MSSQL$VAIO_VEDB;SQL Server (VAIO_VEDB);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2008-11-24 29263712]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\F-Secure Internet Security\Anti-Virus\minifilter\fsgk.sys [2008-05-02 59760]
R3 ti21sony;ti21sony;c:\windows\System32\drivers\ti21sony.sys [2006-11-30 227328]
S3 TfBulk;TfBulk;c:\windows\System32\drivers\TfBulk.SYS [2008-03-20 13312]
S3 VAIOMediaPlatform-UCLS-AppServer;VAIO Media Content Collection;c:\program files\Sony\VAIO Media Integrated Server\UCLS.exe [2007-03-01 741376]
S3 VAIOMediaPlatform-UCLS-HTTP;VAIO Media Content Collection (HTTP);c:\program files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [2007-03-01 397312]
S3 VAIOMediaPlatform-UCLS-UPnP;VAIO Media Content Collection (UPnP);c:\program files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [2007-03-01 1089536]
S4 F-Secure Filter;F-Secure File System Filter;c:\program files\F-Secure Internet Security\Anti-Virus\win2k\fsfilter.sys [2008-05-02 40048]
S4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files\F-Secure Internet Security\Anti-Virus\win2k\fsrec.sys [2008-05-02 25456]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
\shell\AutoRun\command - G:\Autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{17cfdf7a-f686-11dc-b475-0019c18d9023}]
\shell\AutoRun\command - f:\portableapps\PortableAppsMenu\PortableAppsMenu.exe
.
'Ajoitetut tehtävät'-kansion sisältö

2009-02-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3215037636-2131323785-3305771590-1003.job
- c:\users\Veikko\AppData\Local\Google\Update\GoogleUpdate.exe [2009-02-05 21:04]

2009-02-06 c:\windows\Tasks\User_Feed_Synchronization-{5A2A3500-5E6F-470A-AC91-4591A2526C09}.job
- c:\windows\system32\msfeedssync.exe [2008-01-19 09:33]
.
.
------- Täydentävä tarkistus -------
.
IE: &Winamp Search - c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: Add RSS Support Site to VAIO Information FLOW - c:\program files\Sony\VAIO Information FLOW\aiesc.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
LSP: c:\program files\F-Secure Internet Security\FSPS\program\FSLSP.DLL
FF - ProfilePath - c:\users\Veikko\AppData\Roaming\Mozilla\Firefox\Profiles\duaww0ta.default\

---- FIREFOXIN KÄYTÄNNÖT ----
c:\program files\Mozilla Firefox 3.1 Beta 2\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\Mozilla Firefox 3.1 Beta 2\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\Mozilla Firefox 3.1 Beta 2\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\program files\Mozilla Firefox 3.1 Beta 2\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\Mozilla Firefox 3.1 Beta 2\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-06 21:39:36
Windows 6.0.6001 Service Pack 1 NTFS

tarkistaa piilotettuja prosesseja ...

tarkistaa piilotettuja käynnistysarvoja ...

tarkistaa piilotettuja tiedostoja ...

tarkistus on valmis
piilotetut tiedostot: 0

**************************************************************************
.
Valmistumisajankohta: 2009-02-06 21:42:38
ComboFix-quarantined-files.txt 2009-02-06 19:42:35
ComboFix2.txt 2009-02-06 18:50:51
ComboFix3.txt 2009-02-05 20:25:18

Ennen ajoa: 36 337 954 816 tavua vapaana
Ajon jälkeen: 36,085,096,448 tavua vapaana

374 --- E O F --- 2009-02-05 16:31:15

 

Nyt tuon alla olevan lainauksen sisällön Kopioit / liität Tyhjään muistioon
käynnistä nappi >apuohjelmat > muistio

Tallenna se nimellä CFScript.txt työpöydälle

Sitten raahaa CFScript ComboFix.exeen kuten alla.



Laita tuleva loki tänne.

Sammutat ja käynnistät koneen

 

ComboFix 09-02-06.01 - Veikko 2009-02-06 22:08:36.7 - NTFSx86
Microsoft® Windows Vista&#8482; Home Premium 6.0.6001.1.1252.1.1035.18.2045.1138 [GMT 2:00]
Sijainti: c:\users\Veikko\Desktop\ComboFix.exe
Käytetyt komentorivivalitsimet :: c:\users\Veikko\Desktop\CFScript.txt
AV: F-Secure Internet Security 2008 8.00 *On-access scanning disabled* (Updated)
FW: F-Secure Internet Security 2008 8.00 *disabled*
* Uusi palautuspiste luotu

FILE ::
C:\32788R22FWJFW.0.tmp
C:\32788R22FWJFW.1.tmp
C:\32788R22FWJFW.2.tmp
C:\32788R22FWJFW.3.tmp
C:\32788R22FWJFW.4.tmp
C:\32788R22FWJFW.5.tmp
.

((((( Tiedostot, jotka on luotu seuraavalla aikavälillä: 2009-01-06 to 2009-02-06 )))))))))))))))))
.

2009-02-05 23:49 . 2009-02-05 23:49 <KANSIO> d-------- c:\program files\Common Files\Java
2009-02-05 23:26 . 2009-02-05 23:27 <KANSIO> d-------- C:\32788R22FWJFW.5.tmp
2009-02-05 22:13 . 2009-02-05 22:14 <KANSIO> d-------- C:\32788R22FWJFW.4.tmp
2009-02-05 20:46 . 2009-02-05 20:47 <KANSIO> d-------- C:\32788R22FWJFW.3.tmp
2009-02-04 22:44 . 2009-02-04 22:44 <KANSIO> d-------- C:\32788R22FWJFW.2.tmp
2009-02-04 18:39 . 2009-02-04 18:39 <KANSIO> d-------- c:\program files\Windows Installer Clean Up
2009-02-04 18:39 . 2009-02-04 18:39 <KANSIO> d-------- c:\program files\MSECACHE
2009-02-04 17:02 . 2009-02-04 17:04 <KANSIO> d-------- C:\32788R22FWJFW.1.tmp
2009-02-04 17:02 . 2009-02-04 17:02 <KANSIO> d-------- C:\32788R22FWJFW.0.tmp
2009-02-03 22:06 . 2009-02-03 22:06 <KANSIO> d-------- c:\users\Veikko\AppData\Roaming\Malwarebytes
2009-02-03 22:06 . 2009-02-03 22:06 <KANSIO> d-------- c:\programdata\Malwarebytes
2009-02-03 22:06 . 2009-02-04 08:32 <KANSIO> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-02-03 22:06 . 2009-01-14 16:11 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys
2009-02-03 22:06 . 2009-01-14 16:11 15,504 --a------ c:\windows\System32\drivers\mbam.sys
2009-02-03 20:55 . 2009-02-03 20:55 <KANSIO> d-------- c:\program files\Trend Micro
2009-02-02 22:47 . 2009-02-03 21:24 <KANSIO> d-------- c:\program files\Mozilla Firefox 3.1 Beta 2
2009-02-02 21:18 . 2009-02-02 21:18 <KANSIO> d-------- c:\program files\CCleaner
2009-02-02 15:29 . 2009-02-05 22:45 410,984 --a------ c:\windows\System32\deploytk.dll
2009-01-22 00:22 . 2009-01-22 12:51 <KANSIO> d-------- c:\users\Veikko\AppData\Roaming\gtk-2.0
2009-01-22 00:21 . 2009-01-22 00:22 <KANSIO> d-------- c:\users\Veikko\AppData\Roaming\avidemux
2009-01-21 22:51 . 2009-01-21 22:51 <KANSIO> d-------- c:\program files\DC++
2009-01-14 12:35 . 2008-12-16 04:42 288,768 --a------ c:\windows\System32\drivers\srv.sys
2009-01-12 12:44 . 2009-02-06 21:54 <KANSIO> d-------- c:\users\Veikko\Tracing
2009-01-12 12:42 . 2009-01-12 12:42 <KANSIO> d-------- c:\program files\Microsoft
2009-01-12 12:41 . 2009-01-12 12:41 <KANSIO> d-------- c:\program files\Windows Live SkyDrive
2009-01-12 12:33 . 2009-01-12 12:33 <KANSIO> d-------- c:\program files\Common Files\Windows Live
2009-01-07 21:54 . 2009-01-07 21:54 <KANSIO> d-------- c:\program files\vixy.net

.
(((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-06 19:33 --------- d-----w c:\users\Veikko\AppData\Roaming\foobar2000
2009-02-06 17:23 --------- d-----w c:\program files\Opera
2009-02-05 17:06 --------- d-----w c:\program files\Frets on Fire
2009-02-05 16:25 --------- d-----w c:\users\Veikko\AppData\Roaming\Skype
2009-02-04 19:55 --------- d-----w c:\program files\Common Files\Adobe
2009-02-04 18:36 --------- d-----w c:\program files\Common Files\Steam
2009-02-04 18:31 --------- d-----w c:\users\Veikko\AppData\Roaming\mIRC
2009-02-03 19:58 --------- d-----w c:\program files\Logitech
2009-02-03 18:48 --------- d-----w c:\program files\Image-Line
2009-02-03 18:27 --------- d--h--w c:\program files\InstallShield Installation Information
2009-02-02 18:50 --------- d-----w c:\users\Veikko\AppData\Roaming\LimeWire
2009-01-31 12:24 --------- d-----w c:\program files\Microsoft SQL Server
2009-01-22 13:59 --------- d-----w c:\users\Veikko\AppData\Roaming\BitTorrent
2009-01-15 08:31 --------- d-----w c:\program files\Windows Mail
2009-01-12 10:41 --------- d-----w c:\program files\Windows Live
2009-01-07 19:54 --------- d-----w c:\program files\vixy.net
2009-01-04 22:20 --------- d-----w c:\program files\DVDVideoSoft
2009-01-04 22:20 --------- d-----w c:\program files\Common Files\DVDVideoSoft
2008-12-27 13:03 4,064,702 ----a-w c:\users\Veikko\Farmi15_SFX.exe
2008-12-26 23:13 --------- d-----w c:\program files\Deluxe Ski Jump 3
2008-12-24 13:58 --------- d-----w c:\program files\Sony
2008-12-22 22:10 --------- d-----w c:\users\Veikko\AppData\Roaming\Audacity
2008-12-22 11:29 --------- d-----w c:\users\Veikko\AppData\Roaming\teamspeak2
2008-12-13 19:56 --------- d-----w c:\program files\Teamspeak2_RC2
2008-12-02 20:37 49,480 ----a-w c:\windows\System32\sirenacm.dll
2008-11-24 20:31 65,888 ----a-w c:\windows\System32\sqlctr90.dll
2008-11-24 20:31 2,248,544 ----a-w c:\windows\System32\sqlncli.dll
2008-11-20 16:42 615,424 ----a-w c:\windows\System32\themeui.dll
2008-11-20 16:42 240,128 ----a-w c:\windows\System32\uxtheme.dll
2008-09-03 13:50 174 --sha-w c:\program files\desktop.ini
2007-05-21 10:58 0 ----a-w c:\users\Veikko\AppData\Roaming\wklnhst.dat
.

((((((((((((((((((((((((((((( SnapShot@2009-02-06_20.48.55,32 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-02-06 17:54:55 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-02-06 19:47:03 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-02-06 17:54:55 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2009-02-06 19:47:03 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2009-02-06 17:57:24 262,144 --sha-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2009-02-06 19:49:26 262,144 --sha-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2009-02-06 19:49:26 262,144 ---ha-w c:\windows\ServiceProfiles\LocalService\ntuser.dat.LOG1
- 2009-02-06 17:57:18 262,144 --sha-w c:\windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2009-02-06 19:49:21 262,144 --sha-w c:\windows\ServiceProfiles\NetworkService\NTUSER.DAT
- 2009-02-06 17:15:54 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-02-06 19:54:26 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-02-06 17:15:54 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-02-06 19:54:26 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-02-06 17:15:54 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-02-06 19:54:26 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-02-06 17:57:34 11,258 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3215037636-2131323785-3305771590-1003_UserData.bin
+ 2009-02-06 19:49:40 11,258 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3215037636-2131323785-3305771590-1003_UserData.bin
- 2009-02-06 17:57:33 73,740 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2009-02-06 19:49:40 73,740 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
- 2009-02-06 17:57:33 58,226 ----a-w c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-02-06 19:49:35 58,242 ----a-w c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
.
(((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"SsAAD.exe"="c:\progra~1\Sony\SONICS~1\SsAAD.exe" [2006-11-14 472632]
"Google Update"="c:\users\Veikko\AppData\Local\Google\Update\GoogleUpdate.exe" [2009-02-05 133104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\Apoint\Apoint.exe" [2006-09-11 118784]
"F-Secure Manager"="c:\program files\F-Secure Internet Security\Common\FSM32.EXE" [2007-05-25 183208]
"F-Secure TNB"="c:\program files\F-Secure Internet Security\FSGUI\TNBUtil.exe" [2007-05-25 740208]
"LogitechCommunicationsManager"="c:\program files\Common Files\Logitech\LComMgr\Communications_Helper.exe" [2006-06-26 497200]
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam10\QuickCam10.exe" [2006-06-26 614960]
"LVCOMSX"="c:\program files\Common Files\Logitech\LComMgr\LVComSX.exe" [2006-06-26 243248]
"RtHDVCpl"="RtHDVCpl.exe" [2006-11-09 c:\windows\RtHDVCpl.exe]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2006-11-24 20:36 73728 c:\windows\System32\VESWinlogon.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.dvsd"= c:\program files\Common Files\Sony Shared\VideoLib\sonydv.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{0BC8CEEB-0676-46F7-87F9-5C25E20A995C}"= UDP:c:\program files\Skype\Phone\Skype.exe:Skype
"{CA9C1993-E931-405E-AC12-3341F07F10C4}"= TCP:c:\program files\Skype\Phone\Skype.exe:Skype
"{BA5B2BA1-13B5-4D3D-B676-E6D636D013F7}"= Disabled:UDP:c:\program files\Adobe\Photoshop Elements 5.0\AdobePhotoshopElementsMediaServer.exe:Adobe Photoshop Elements Media Server
"{D2587E63-CCC3-4A4C-A4FC-0A34C21DD9E3}"= Disabled:TCP:c:\program files\Adobe\Photoshop Elements 5.0\AdobePhotoshopElementsMediaServer.exe:Adobe Photoshop Elements Media Server
"{1430669F-0AFF-467F-BC49-C64F0510427B}"= UDP:c:\program files\Winamp Remote\bin\Orb.exe:Orb
"{1E62F26C-48C6-48BA-8287-BAF995099108}"= TCP:c:\program files\Winamp Remote\bin\Orb.exe:Orb
"{D4DF20E9-563D-49E1-9AED-7BBEE7102F12}"= UDP:c:\program files\Winamp Remote\bin\OrbTray.exe:OrbTray
"{90992B76-A6C8-477F-83A4-C584083BEFC0}"= TCP:c:\program files\Winamp Remote\bin\OrbTray.exe:OrbTray
"{A493A5BF-5C2C-4899-BDAB-89D8BABC8C53}"= UDP:c:\program files\Winamp Remote\bin\OrbIR.exe:OrbIR
"{047B06FC-CF5A-443E-B74E-20B6C0C54B50}"= TCP:c:\program files\Winamp Remote\bin\OrbIR.exe:OrbIR
"{FA327854-EEF9-4100-9C2D-5D8581C273D5}"= UDP:c:\program files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client
"{6A9441CF-6F14-4447-8C49-84B70BA2E60F}"= TCP:c:\program files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client
"{B4B1A454-2C0D-4781-B8F3-E8E1ACAC5A13}"= UDP:c:\program files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.0
"{287BCAB3-8895-4662-BE8E-B3F1AB5AF53D}"= TCP:c:\program files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.0
"{BDF01D8E-195A-49F8-9F43-BA83F1BDBFFC}"= UDP:c:\program files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.0
"{E008766E-216E-462E-9235-12D7ED9229CC}"= TCP:c:\program files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.0
"{B7BF959B-71E4-4496-AA52-35CA5E64A87E}"= UDP:c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
"{70D4255D-B13E-46B7-9D7E-1B8E6FDA58D8}"= TCP:c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
"{8B495492-32D0-493B-BAC7-9C4789D3F2FD}"= UDP:c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
"{9BF74940-8E25-4C54-B7A3-4D4087E34AE1}"= TCP:c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
"TCP Query User{77C64838-273A-40A8-896F-05A75CB70D3F}c:\\users\\veikko\\desktop\\strongdc\\strongdc.exe"= UDP:c:\users\veikko\desktop\strongdc\strongdc.exe:strongdc.exe
"UDP Query User{47BC04A9-23EE-44F8-8EAD-E988CA38B0FB}c:\\users\\veikko\\desktop\\strongdc\\strongdc.exe"= TCP:c:\users\veikko\desktop\strongdc\strongdc.exe:strongdc.exe
"{B4A68D98-54B9-417C-B5CC-559BB6504EF3}"= UDP:c:\program files\DNA\btdna.exeNA
"{872C2044-5F03-4F48-9FA3-DB5DEFEB7466}"= TCP:c:\program files\DNA\btdna.exeNA
"TCP Query User{F034008E-5D36-45CE-A319-BCE49447D091}c:\\program files\\bittorrent\\bittorrent.exe"= UDP:c:\program files\bittorrent\bittorrent.exe:bittorrent
"UDP Query User{C52E8E10-31EA-4314-B93D-B9DE234C32F3}c:\\program files\\bittorrent\\bittorrent.exe"= TCP:c:\program files\bittorrent\bittorrent.exe:bittorrent
"TCP Query User{82252084-3908-498F-9119-8F3330596B11}c:\\program files\\dc++\\dcplusplus.exe"= UDP:c:\program files\dc++\dcplusplus.exeC++
"UDP Query User{F4066AD6-2D42-44CE-A369-0700FA7C1D03}c:\\program files\\dc++\\dcplusplus.exe"= TCP:c:\program files\dc++\dcplusplus.exeC++
"TCP Query User{0E777C11-0B5F-48A4-AA78-51A0E8F9820B}c:\\program files\\counter-strike 1.6 v31\\hl.exe"= UDP:c:\program files\counter-strike 1.6 v31\hl.exe:Half-Life Launcher
"UDP Query User{3CED78FE-4DDC-4A41-AD0A-4A29240680AC}c:\\program files\\counter-strike 1.6 v31\\hl.exe"= TCP:c:\program files\counter-strike 1.6 v31\hl.exe:Half-Life Launcher
"TCP Query User{841A7EE8-783A-4FEB-9BFA-74CD0515D1ED}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox
"UDP Query User{8C330778-AD56-4E31-8EA5-1B31A4500114}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox
"TCP Query User{ADA8C9B1-9042-4E17-9E5E-76B293647B4C}c:\\users\\veikko\\program files\\dna\\btdna.exe"= UDP:c:\users\veikko\program files\dna\btdna.exe:btdna.exe
"UDP Query User{04C9CE37-23F3-42CA-9599-1BD4EE26CCFE}c:\\users\\veikko\\program files\\dna\\btdna.exe"= TCP:c:\users\veikko\program files\dna\btdna.exe:btdna.exe
"TCP Query User{32270A38-D83B-4EC1-B772-EAB76486D992}c:\\downloads\\rfactor [pc-dvd] [english] [www.topetorrent.com]\\rfactor [pc-dvd] [english] [www.topetorrent.com]\\rfactor.exe"= UDP:c:\downloads\rfactor [pc-dvd] [english] [www.topetorrent.com]\rfactor [pc-dvd] [english] [www.topetorrent.com]\rfactor.exe:rFactor
"UDP Query User{69F6112A-C8F3-4258-A014-F4793017EF48}c:\\downloads\\rfactor [pc-dvd] [english] [www.topetorrent.com]\\rfactor [pc-dvd] [english] [www.topetorrent.com]\\rfactor.exe"= TCP:c:\downloads\rfactor [pc-dvd] [english] [www.topetorrent.com]\rfactor [pc-dvd] [english] [www.topetorrent.com]\rfactor.exe:rFactor
"TCP Query User{FECDC0D2-B86A-45EE-A4CE-3A908434D234}c:\\downloads\\steamapps\\derbiili\\counter-strike source\\hl2.exe"= UDP:c:\downloads\steamapps\derbiili\counter-strike source\hl2.exe:hl2
"UDP Query User{85632176-6999-4F00-8F82-E80235B1BB8A}c:\\downloads\\steamapps\\derbiili\\counter-strike source\\hl2.exe"= TCP:c:\downloads\steamapps\derbiili\counter-strike source\hl2.exe:hl2
"TCP Query User{E089B513-460D-4189-9757-5FDE8A69CD09}c:\\downloads\\steamapps\\derbiili\\counter-strike source\\hl2.exe"= UDP:c:\downloads\steamapps\derbiili\counter-strike source\hl2.exe:hl2
"UDP Query User{4852ADC9-F8E4-4887-92E4-1228015C1DBB}c:\\downloads\\steamapps\\derbiili\\counter-strike source\\hl2.exe"= TCP:c:\downloads\steamapps\derbiili\counter-strike source\hl2.exe:hl2
"TCP Query User{37C79CE0-96AA-4785-97A6-57D2D363457E}c:\\downloads\\steam\\steamapps\\derbiili\\counter-strike source\\hl2.exe"= UDP:c:\downloads\steam\steamapps\derbiili\counter-strike source\hl2.exe:hl2
"UDP Query User{BCB5C2F9-1318-461F-B983-3BF96A788511}c:\\downloads\\steam\\steamapps\\derbiili\\counter-strike source\\hl2.exe"= TCP:c:\downloads\steam\steamapps\derbiili\counter-strike source\hl2.exe:hl2
"TCP Query User{500F2B3B-9331-4769-B82A-06C6CCA99254}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{BE97C500-FC96-4F36-9B73-915952F2481B}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"TCP Query User{C5200D3C-1C0F-4375-91DC-E1BC96423357}c:\\program files\\msn messenger\\msnmsgr.exe"= UDP:c:\program files\msn messenger\msnmsgr.exe:MSN Messenger
"UDP Query User{4D2E2AB8-D7B7-467D-BD00-22F95ADCA588}c:\\program files\\msn messenger\\msnmsgr.exe"= TCP:c:\program files\msn messenger\msnmsgr.exe:MSN Messenger
"TCP Query User{4D69306B-8C96-4AA7-B76F-8D21FF8F22AC}c:\\users\\veikko\\program files\\bittorrent\\bittorrent.exe"= UDP:c:\users\veikko\program files\bittorrent\bittorrent.exe:bittorrent.exe
"UDP Query User{C98FBF60-CB71-4A51-B3AA-C3D9883E58EE}c:\\users\\veikko\\program files\\bittorrent\\bittorrent.exe"= TCP:c:\users\veikko\program files\bittorrent\bittorrent.exe:bittorrent.exe
"TCP Query User{0FF64EFF-593C-4AD7-A053-5F6861D8E5C1}c:\\downloads\\ra2\\game.exe"= UDP:c:\downloads\ra2\game.exe:Main executable for Red Alert 2
"UDP Query User{B2B53663-0CCE-4F13-BA76-163E2A0FAF58}c:\\downloads\\ra2\\game.exe"= TCP:c:\downloads\ra2\game.exe:Main executable for Red Alert 2
"TCP Query User{BDEB28E4-E095-4ABB-A65A-1A6F10992C7F}c:\\program files\\participatory culture foundation\\miro\\xulrunner\\python\\miro_downloader.exe"= UDP:c:\program files\participatory culture foundation\miro\xulrunner\python\miro_downloader.exe:Miro_Downloader
"UDP Query User{AB3CB54B-4576-4C31-B941-60E2316BC997}c:\\program files\\participatory culture foundation\\miro\\xulrunner\\python\\miro_downloader.exe"= TCP:c:\program files\participatory culture foundation\miro\xulrunner\python\miro_downloader.exe:Miro_Downloader
"TCP Query User{ECC29E4E-4AB5-4B98-959D-CB15006F50D2}c:\\program files\\mirc\\mirc.exe"= UDP:c:\program files\mirc\mirc.exe:mIRC
"UDP Query User{3A5830A4-709D-4693-9A3B-336436152326}c:\\program files\\mirc\\mirc.exe"= TCP:c:\program files\mirc\mirc.exe:mIRC
"TCP Query User{4123F98A-FFBF-4D92-A4D5-D262D0BD1235}c:\\program files\\opera\\opera.exe"= UDP:c:\program files\opera\opera.exe:Opera Internet Browser
"UDP Query User{32EAC0D9-3716-4BD4-A7C5-E8A0AF4A633E}c:\\program files\\opera\\opera.exe"= TCP:c:\program files\opera\opera.exe:Opera Internet Browser
"TCP Query User{C55972E0-776D-4B99-83AB-5F41CBD14FC4}c:\\program files\\skype\\phone\\skype.exe"= UDP:c:\program files\skype\phone\skype.exe:Skype. The whole world can talk for free.
"UDP Query User{4CE348D3-ED36-41E8-B62D-AA4EBC80B3FE}c:\\program files\\skype\\phone\\skype.exe"= TCP:c:\program files\skype\phone\skype.exe:Skype. The whole world can talk for free.
"TCP Query User{275A0A88-27B0-4833-9AD6-B226A6680102}c:\\program files\\atari\\deer hunter 2005\\dh2005.exe"= UDP:c:\program files\atari\deer hunter 2005\dh2005.exeH2005
"UDP Query User{C9DF7B6E-D436-4FD4-A140-AC7B88BB1461}c:\\program files\\atari\\deer hunter 2005\\dh2005.exe"= TCP:c:\program files\atari\deer hunter 2005\dh2005.exeH2005
"TCP Query User{CB436BD8-4777-49C2-B474-CE0E13F687E5}c:\\program files\\java\\jre1.6.0_07\\bin\\javaw.exe"= UDP:c:\program files\java\jre1.6.0_07\bin\javaw.exe:Java(TM) Platform SE binary
"UDP Query User{C7D544F6-2934-4F67-B0E6-E1FC9716C9DF}c:\\program files\\java\\jre1.6.0_07\\bin\\javaw.exe"= TCP:c:\program files\java\jre1.6.0_07\bin\javaw.exe:Java(TM) Platform SE binary
"TCP Query User{4377A7E9-4F14-4AB4-8AAB-BED4EBD5BC68}c:\\users\\veikko\\appdata\\locallow\\powerchallenge\\powersoccer\\powersoccer.exe"= UDP:c:\users\veikko\appdata\locallow\powerchallenge\powersoccer\powersoccer.exeowersoccer.exe
"UDP Query User{B032A9C5-1A7A-4042-817D-9AAF74E5BE5D}c:\\users\\veikko\\appdata\\locallow\\powerchallenge\\powersoccer\\powersoccer.exe"= TCP:c:\users\veikko\appdata\locallow\powerchallenge\powersoccer\powersoccer.exeowersoccer.exe
"TCP Query User{6BB43303-F778-4DF5-A84E-E1B4692FBC71}c:\\program files\\propilkki2\\propilkki2.exe"= UDP:c:\program files\propilkki2\propilkki2.exe:Main executable of PP2
"UDP Query User{511AB870-3106-4338-9500-448FA18FE4E4}c:\\program files\\propilkki2\\propilkki2.exe"= TCP:c:\program files\propilkki2\propilkki2.exe:Main executable of PP2
"TCP Query User{8CC9500E-B3BE-4644-A5A3-9EEC38FA8FD5}c:\\program files\\java\\jre6\\bin\\java.exe"= UDP:c:\program files\java\jre6\bin\java.exe:Java(TM) Platform SE binary
"UDP Query User{8FEB3118-C44F-4AFB-A5F9-B692DD88F9D0}c:\\program files\\java\\jre6\\bin\\java.exe"= TCP:c:\program files\java\jre6\bin\java.exe:Java(TM) Platform SE binary
"TCP Query User{80CFA458-3C93-44FE-9A6C-06F6A5D5C86D}c:\\program files\\java\\jre6\\bin\\javaw.exe"= UDP:c:\program files\java\jre6\bin\javaw.exe:Java(TM) Platform SE binary
"UDP Query User{E402AA20-078A-4276-9470-00B3C9CF5E46}c:\\program files\\java\\jre6\\bin\\javaw.exe"= TCP:c:\program files\java\jre6\bin\javaw.exe:Java(TM) Platform SE binary
"{C2E976F1-385A-480C-953A-4A310474E53B}"= UDP:c:\downloads\steam\steamapps\derbiili\race 07 demo crowne plaza raceway edition\SteamProxy.exe:RACE 07 Demo - Crowne Plaza Raceway edition
"{F74F0B38-9D82-4AAA-8A23-0D956DD2443D}"= TCP:c:\downloads\steam\steamapps\derbiili\race 07 demo crowne plaza raceway edition\SteamProxy.exe:RACE 07 Demo - Crowne Plaza Raceway edition
"{24BDAE99-E97C-4FAD-9771-4407A0F3FAAD}"= UDP:c:\downloads\steam\steamapps\derbiili\race 07 demo crowne plaza raceway edition\RaceConfig_Steam.exe:RACE 07 Demo - Crowne Plaza Raceway edition
"{D8C0C30D-9E51-4824-8A03-306BF7CD5F64}"= TCP:c:\downloads\steam\steamapps\derbiili\race 07 demo crowne plaza raceway edition\RaceConfig_Steam.exe:RACE 07 Demo - Crowne Plaza Raceway edition
"{A1B2A393-7697-4FA0-A6A7-8CB1E0C89704}"= UDP:c:\users\Veikko\AppData\Local\Temp\WZSE0.TMP\SymNRT.exe:Norton Removal Tool
"{59D7A2BD-9D28-4722-85B0-5B70AC31027C}"= TCP:c:\users\Veikko\AppData\Local\Temp\WZSE0.TMP\SymNRT.exe:Norton Removal Tool

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"c:\\Program Files\\BitTorrent\\bittorrent.exe"= c:\program files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent

R1 F-Secure HIPS;F-Secure HIPS;c:\program files\F-Secure Internet Security\HIPS\fshs.sys [2008-05-02 41184]
R1 FSES;F-Secure Email Scanning Driver;c:\windows\System32\drivers\fses.sys [2008-05-02 35024]
R1 FSFW;F-Secure Firewall Driver;c:\windows\System32\drivers\fsdfw.sys [2008-05-02 60064]
R1 fsvista;F-Secure Vista Support Driver;c:\program files\F-Secure Internet Security\Anti-Virus\minifilter\fsvista.sys [2008-05-02 13168]
R2 MSSQL$VAIO_VEDB;SQL Server (VAIO_VEDB);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2008-11-24 29263712]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\F-Secure Internet Security\Anti-Virus\minifilter\fsgk.sys [2008-05-02 59760]
R3 ti21sony;ti21sony;c:\windows\System32\drivers\ti21sony.sys [2006-11-30 227328]
S3 TfBulk;TfBulk;c:\windows\System32\drivers\TfBulk.SYS [2008-03-20 13312]
S3 VAIOMediaPlatform-UCLS-AppServer;VAIO Media Content Collection;c:\program files\Sony\VAIO Media Integrated Server\UCLS.exe [2007-03-01 741376]
S3 VAIOMediaPlatform-UCLS-HTTP;VAIO Media Content Collection (HTTP);c:\program files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [2007-03-01 397312]
S3 VAIOMediaPlatform-UCLS-UPnP;VAIO Media Content Collection (UPnP);c:\program files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [2007-03-01 1089536]
S4 F-Secure Filter;F-Secure File System Filter;c:\program files\F-Secure Internet Security\Anti-Virus\win2k\fsfilter.sys [2008-05-02 40048]
S4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files\F-Secure Internet Security\Anti-Virus\win2k\fsrec.sys [2008-05-02 25456]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
\shell\AutoRun\command - G:\Autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{17cfdf7a-f686-11dc-b475-0019c18d9023}]
\shell\AutoRun\command - f:\portableapps\PortableAppsMenu\PortableAppsMenu.exe
.
'Ajoitetut tehtävät'-kansion sisältö

2009-02-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3215037636-2131323785-3305771590-1003.job
- c:\users\Veikko\AppData\Local\Google\Update\GoogleUpdate.exe [2009-02-05 21:04]

2009-02-06 c:\windows\Tasks\User_Feed_Synchronization-{5A2A3500-5E6F-470A-AC91-4591A2526C09}.job
- c:\windows\system32\msfeedssync.exe [2008-01-19 09:33]
.
.
------- Täydentävä tarkistus -------
.
IE: &Winamp Search - c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: Add RSS Support Site to VAIO Information FLOW - c:\program files\Sony\VAIO Information FLOW\aiesc.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
LSP: c:\program files\F-Secure Internet Security\FSPS\program\FSLSP.DLL
FF - ProfilePath - c:\users\Veikko\AppData\Roaming\Mozilla\Firefox\Profiles\duaww0ta.default\

---- FIREFOXIN KÄYTÄNNÖT ----
c:\program files\Mozilla Firefox 3.1 Beta 2\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\Mozilla Firefox 3.1 Beta 2\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\Mozilla Firefox 3.1 Beta 2\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\program files\Mozilla Firefox 3.1 Beta 2\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\Mozilla Firefox 3.1 Beta 2\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-06 22:11:38
Windows 6.0.6001 Service Pack 1 NTFS

tarkistaa piilotettuja prosesseja ...

tarkistaa piilotettuja käynnistysarvoja ...

tarkistaa piilotettuja tiedostoja ...

tarkistus on valmis
piilotetut tiedostot: 0

**************************************************************************
.
Valmistumisajankohta: 2009-02-06 22:14:51
ComboFix-quarantined-files.txt 2009-02-06 20:14:47
ComboFix2.txt 2009-02-06 19:42:39
ComboFix3.txt 2009-02-06 18:50:51
ComboFix4.txt 2009-02-05 20:25:18

Ennen ajoa: 36 225 642 496 tavua vapaana
Ajon jälkeen: 36,523,515,904 tavua vapaana

268 --- E O F --- 2009-02-05 16:31:15

 

Kirjoita suorita luukkuun

ComboFix /u

Klikkaa OK

==========

siellä koneella on CCleaner
aja puhdistaja ja rekisteri

 

Tehty

 

Jooh ei ne javat vaan toimi, pakko sanoa suoraan että nyt jo pikkasen vituttaa tämä.. taitaa olla sultakin Hujo konstit loppu?

 

Lataa Tästä Ccleaner
CCleaner v 2.14.750.- Standard Build, ÄLÄ aseenna Yahoo toolbaria!
Asennuksessa poista merkki/rasti kohdasta "asenna Yahoo! toolbar/työkalupalkki".
Asennuksen jälkeen aukaise CCleaneri.
Valitse vasemmalta pystyrivistä Options.
Valitse viereisestä pystyrivistä Settings.
Language kohtaan valitse Suomi.

Puhdistaja
Valitse vasemmalta pystyrivistä Puhdistaja.
Paina alhaalta Tutki.
Nyt CCleaneri tutkii, mitä voidaan poistaa (tempit, cookiessit jne.).
Kun tutkiminen on valmis, paina Aja CCleaner.
Nyt CCleaneri poistaa löydetyt tempit, cookiessit jne.

Rekisterin virheiden korjaus
Valitse vasemmalta pystyrivistä Rekisteri.
Paina alhaalta Etsi rekisterin virheitä.
Kun etsintä on valmis ja olet varma, että haluat korjata ne rivit jotka ovat merkattuja, niin paina Korjaa valitut rekisterin virheet.
Sinulta kysytään "haluatko varmuuskopioida muutokset rekisteriin", paina Kyllä. Tallenna varmuuskopio vaikka "Omat tiedostot" -kansioon.
Klikkaa uudesta aukeavasta ikkunasta Korjaa kaikki valitut virheet.
Saat vielä varmistus kysymyksen, paina Ok.
Kun virheet on korjattu, paina Sulje.
Nyt voit sulkea CCleanerin painamalla oikealta ylhäältä punaista rastia.

 

Juu tein näin.

Tuolla rekisteri-paikassa ilmoitettiin että " ei virheitä".

Koitan nyt ladata vaikka tuon Java 6 update 10 jos toimisi

 

Kuten saatoimmekin arvata, java ei toimi

....

 

ei kai siellä ole tuo vistan palomuuri päällä

 

Kyllä oli, otin poies. Tässä olisi kuva joka kertoo enemmän kuin tuhat sanaa.. http://i400.photobucket.com/albums/pp90/Aprilia91/niinnii.jpg

 

näyttää sieltä löytvän java 6 7 kahvikuppi työpöydältä
firefox
chrome
explorer
ooperakin löyty
Logitech Desktop Messenger

 

juu onhan ne siellä. Ihmettelen sitäkun tuon javan asentaa niin se sanoo että se onnistutta asentamaan yms. Mutta silti vaan ohjauspaneelissa lukee tuo että sovellusta ei löydy, ei mikään selain löydä javaa

 

eipä löydy javaa tuolta

c:\program files\????????

 

Kyllä se siellä on : http://i400.photobucket.com/albums/pp90/Aprilia91/loytyy.jpg

Kokeilin pelata yhtä nettipeliä ja tätä mm. Firefoxi sanoo :
http://i400.photobucket.com/albums/pp90/Aprilia91/jaei.jpg

 

työkalut > asetukset > sisältö täppi salli java-sovelmat

 

raksit löytyy.. miksei tuo ohjauspaneeli tajua että oon asentanut javan?

 

ihmeellinen juttu tämä: Koitan asentaa Java 6 Update 11-version ja kun alkaa asentamaan tulee tälläinen ilmoitus: http://i400.photobucket.com/albums/pp90/Aprilia91/Error.jpg


Painan OK tuossa kohtaa kun se ilmoittaa että ohjelma on mukamas jo koneelle asennettu. Vaikka olen Javarella yms ohjelmilla poistanut kaikki javat koneelta.

Kuitenkin Java 6 Update 12-versio toimii. Mutta se vaan pätkii niin hemmetisti.

 

ihmeellinen juttu tämä: Koitan asentaa Java 6 Update 11-version ja kun alkaa asentamaan tulee tälläinen ilmoitus: http://i400.photobucket.com/albums/pp90/Aprilia91/Error.jpg


Painan OK tuossa kohtaa kun se ilmoittaa että ohjelma on mukamas jo koneelle asennettu. Vaikka olen Javarella yms ohjelmilla poistanut kaikki javat koneelta.

Kuitenkin Java 6 Update 12-versio toimii. Mutta se vaan pätkii niin hemmetisti