1. Tämä sivusto käyttää keksejä (cookie). Jatkamalla sivuston käyttämistä hyväksyt keksien käyttämisen. Lue lisää.

"Resurssienhallinta lakkasi toimimasta" ilmoitus

Viestiketju Virukset ja haittaohjelmat - HijackThis -logit -osiossa. Ketjun avasi Verdat 05.09.2008.

  1. Verdat

    Verdat Member

    Liittynyt:
    15.07.2008
    Viestejä:
    1
    Kiitokset:
    0
    Pisteet:
    11
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 10:45:53, on 5.9.2008
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16711)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Program Files\ASUS\GamerOSD\ATKFastUserSwitching.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Windows\RtHDVCpl.exe
    c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
    C:\Windows\System32\rundll32.exe
    C:\Program Files\ASUS\GamerOSD\GamerOSD.exe
    C:\Program Files\Sonera Tietoturva\Common\FSM32.EXE
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Steam\Steam.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\DAEMON Tools Lite\daemon.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
    C:\Users\Jussi & Riitta\AppData\Local\Google\Update\GoogleUpdate.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\MagicDisc\MagicDisc.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Windows\system32\conime.exe
    C:\Program Files\Sonera Tietoturva\FSGUI\fsguidll.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Program Files\Last.fm\LastFM.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\explorer.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [StartCCC] "c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [recinfo133] c:\RecInfo\RecInfo.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [recinfo] RecInfo.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [ASUSGamerOSD] C:\Program Files\ASUS\GamerOSD\GamerOSD.exe
    O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Sonera Tietoturva\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Sonera Tietoturva\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
    O4 - HKLM\..\Run: [soneraVista] wscript.exe "C:\Program Files\Sonera\InternetAvustaja\agentui\snapins\vista\vistaupdate.js" sonera
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [fsc-reg] C:\ProgramData\fsc-reg\fscreg.exe 20080830
    O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [NVIDIA nTune] C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe resetprofile
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKCU\..\Run: [Google Update] "C:\Users\Jussi & Riitta\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Paikallinen palvelu')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'Paikallinen palvelu')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Verkkopalvelu')
    O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
    O8 - Extra context menu item: V&ie Microsoft Exceliin - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
    O9 - Extra button: Lapsilukko... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Sonera Tietoturva\FSPC\fspcmsie.dll
    O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Sonera Tietoturva\FSPC\fspcmsie.dll
    O9 - Extra 'Tools' menuitem: Lapsilukko... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Sonera Tietoturva\FSPC\fspcmsie.dll
    O9 - Extra button: Lähetä OneNoteen - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Läh&etä OneNoteen - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O13 - Gopher Prefix:
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/VistaMSNPUpldfi-fi.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
    O23 - Service: ASDR - Unknown owner - C:\Windows\System32\ASDR.exe
    O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
    O23 - Service: ATK Fast User Switch Service (ATKFUSService) - ASUSTeK COMPUTER INC. - C:\Windows\system32\ATKFUSService.exe
    O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Sonera Tietoturva\Anti-Virus\fsgk32st.exe
    O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Sonera Tietoturva\FSAUA\program\fsaua.exe
    O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Sonera Tietoturva\FWES\Program\fsdfwd.exe
    O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Sonera Tietoturva\Common\FSMA32.EXE
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
    O23 - Service: Performance Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
    O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
    O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
    O23 - Service: Fujitsu Siemens Computers Diagnostic Testhandler (TestHandler) - Fujitsu Siemens Computers - C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe
    O23 - Service: Update Center Service (UpdateCenterService) - NVIDIA - C:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe

    --
    End of file - 8884 bytes
     
  2.  
  3. Hujo

    Hujo Guest

    1.Lataa combofix.exe työpöydällesi yhdestä linkistä:
    combofix1
    combofix2

    2. Tuplaklikkaa combofix.exe tiedostoa ja seuraa ohjeistuksia.
    3. Kun työkalu on valmis, se tuottaa lokin. Lähetä tämä loki viesti ketjuusi.
    Huom! Älä klikkaile combofixin ikkunaa käytön aikana. Tämä saattaa aiheuttaa ohjelman jumiutumisen.
     
  4. Verdat

    Verdat Member

    Liittynyt:
    15.07.2008
    Viestejä:
    1
    Kiitokset:
    0
    Pisteet:
    11
    ComboFix 08-09-04.09 - Jussi & Riitta 2008-09-05 20:52:40.1 - NTFSx86
    Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1035.18.1198 [GMT 3:00]
    Running from: C:\Users\Jussi & Riitta\Downloads\ComboFix.exe
    * Created a new restore point
    * Resident AV is active

    .

    ((((( Tiedostot, jotka on luotu seuraavalla aikavälillä: 2008-08-05 to 2008-09-05 )))))))))))))))))
    .

    2008-09-05 14:01 . 2008-09-05 14:21 <KANSIO> d-------- C:\dos
    2008-09-05 13:55 . 2008-09-05 13:55 <KANSIO> d-------- C:\Program Files\DOSBox-0.72
    2008-09-05 10:50 . 2008-09-05 10:50 <KANSIO> d-------- C:\Program Files\Yahoo!
    2008-09-04 21:55 . 2008-09-04 21:55 <KANSIO> d-------- C:\Windows\System32\Futuremark
    2008-09-04 21:55 . 2004-10-25 20:02 21,664 --a------ C:\Windows\System32\drivers\Entech.sys
    2008-09-04 21:55 . 2001-11-16 15:23 9,474 --------- C:\Windows\System32\drivers\PciBus.vxd
    2008-09-04 21:55 . 1999-11-02 10:01 6,173 --a------ C:\Windows\System32\Entech.vxd
    2008-09-04 21:55 . 1999-11-02 10:01 6,173 --------- C:\Windows\System32\drivers\Entech.vxd
    2008-09-04 21:55 . 2001-11-19 18:05 3,972 --------- C:\Windows\System32\drivers\PciBus.sys
    2008-09-04 21:54 . 2008-09-04 21:54 <KANSIO> d-------- C:\Program Files\Futuremark
    2008-09-04 21:46 . 2008-09-04 21:47 <KANSIO> d-------- C:\Program Files\RivaTuner v2.10
    2008-09-04 09:58 . 2008-09-04 09:58 <KANSIO> d-------- C:\Program Files\Sierra
    2008-09-03 09:17 . 2008-09-03 09:17 <KANSIO> d-------- C:\Program Files\Sun
    2008-09-03 09:12 . 2008-09-03 09:16 <KANSIO> d-------- C:\Program Files\Java
    2008-09-03 09:11 . 2008-09-03 09:11 <KANSIO> d-------- C:\Program Files\Common Files\Java
    2008-09-02 17:52 . 2008-09-02 17:52 <KANSIO> d-------- C:\Program Files\Common Files\SupportSoft
    2008-09-02 17:51 . 2008-09-02 17:51 <KANSIO> d-------- C:\Program Files\Sonera
    2008-09-02 11:11 . 2008-09-02 11:11 107,888 --a------ C:\Windows\System32\CmdLineExt.dll
    2008-09-02 10:51 . 2008-09-02 11:18 <KANSIO> d-------- C:\Users\Jussi & Riitta\AppData\Roaming\Command & Conquer 3 Kane's Wrath
    2008-09-02 09:49 . 2008-09-02 09:49 <KANSIO> d-------- C:\Program Files\Electronic Arts
    2008-09-01 18:27 . 2008-09-01 18:27 <KANSIO> d-------- C:\perflogs
    2008-08-28 00:03 . 2008-08-28 00:03 42,320 --a------ C:\Windows\System32\xfcodec.dll
    2008-08-26 22:30 . 2008-08-26 22:30 <KANSIO> d-------- C:\ProgramData\eMule
    2008-08-26 22:28 . 2008-08-26 22:28 <KANSIO> d-------- C:\Program Files\eMule
    2008-08-25 16:09 . 2008-08-25 16:09 134 --a------ C:\Windows\System32\CTSTATUS.FCS
    2008-08-25 16:02 . 2008-08-25 18:16 <KANSIO> d-------- C:\Users\Jussi & Riitta\AppData\Roaming\F-Secure
    2008-08-25 15:52 . 2008-02-13 13:39 574,376 --a------ C:\Windows\System32\msvcp50.dll
    2008-08-25 15:52 . 2008-08-25 16:08 60,064 --a------ C:\Windows\System32\drivers\fsdfw.sys
    2008-08-25 15:52 . 2008-02-13 13:38 36,616 --a------ C:\Windows\System32\drivers\fses.sys
    2008-08-25 15:49 . 2008-08-25 15:49 <KANSIO> d-------- C:\ProgramData\fssg
    2008-08-25 15:49 . 2008-08-25 15:51 <KANSIO> d-------- C:\ProgramData\F-Secure
    2008-08-25 15:49 . 2008-08-28 17:10 <KANSIO> d-------- C:\Program Files\Sonera Tietoturva
    2008-08-24 18:13 . 2008-08-24 18:13 <KANSIO> d-------- C:\Program Files\Alwil Software
    2008-08-24 17:49 . 2008-08-24 17:50 292,639,927 --a------ C:\Windows\MEMORY.DMP
    2008-08-23 20:21 . 2008-08-23 20:21 <KANSIO> d-------- C:\Program Files\Trend Micro
    2008-08-21 21:06 . 2008-09-04 10:07 <KANSIO> d-------- C:\ProgramData\Xfire
    2008-08-21 20:58 . 2008-08-21 20:58 <KANSIO> d-------- C:\ATI
    2008-08-18 21:53 . 2008-08-19 05:32 <KANSIO> d--h----- C:\Windows\msdownld.tmp
    2008-08-18 21:28 . 2008-08-18 21:29 <KANSIO> d-------- C:\Program Files\BOINC
    2008-08-18 18:43 . 2008-08-18 18:43 <KANSIO> d-------- C:\Program Files\Humax Digital
    2008-08-17 18:20 . 2008-08-17 18:20 <KANSIO> d-------- C:\Program Files\2K Games
    2008-08-17 18:09 . 2008-08-24 17:56 <KANSIO> d-------- C:\VideoSec
    2008-08-17 17:01 . 2008-08-18 19:05 <KANSIO> d-------- C:\Pelit
    2008-08-17 13:12 . 2008-08-17 13:12 <KANSIO> d-------- C:\Program Files\CAPCOM
    2008-08-17 12:28 . 2008-08-17 12:28 <KANSIO> d-------- C:\ProgramData\SUPERAntiSpyware.com
    2008-08-17 12:26 . 2008-08-17 12:26 <KANSIO> d-------- C:\Users\Jussi & Riitta\AppData\Roaming\SUPERAntiSpyware.com
    2008-08-17 12:26 . 2008-09-06 07:39 <KANSIO> d-------- C:\Program Files\SUPERAntiSpyware
    2008-08-17 12:24 . 2008-08-17 12:24 <KANSIO> d-------- C:\Program Files\Common Files\Wise Installation Wizard
    2008-08-15 10:41 . 2007-07-19 18:14 3,727,720 --a------ C:\Windows\System32\d3dx9_35.dll
    2008-08-15 10:20 . 2008-08-15 10:27 <KANSIO> d-------- C:\Program Files\NVIDIA Corporation
    2008-08-15 10:14 . 2008-08-15 10:14 <KANSIO> d-------- C:\NVIDIA
    2008-08-15 10:00 . 2008-08-15 10:00 <KANSIO> d-------- C:\Users\Jussi & Riitta\AppData\Roaming\PC Tools
    2008-08-15 10:00 . 2008-08-17 15:23 <KANSIO> d-a------ C:\ProgramData\TEMP
    2008-08-15 10:00 . 2008-08-16 14:57 <KANSIO> d-------- C:\Program Files\Spyware Doctor
    2008-08-15 10:00 . 2008-06-10 21:22 81,288 --a------ C:\Windows\System32\drivers\iksyssec.sys
    2008-08-15 10:00 . 2008-06-02 15:19 66,952 --a------ C:\Windows\System32\drivers\iksysflt.sys
    2008-08-15 10:00 . 2008-06-02 15:19 42,376 --a------ C:\Windows\System32\drivers\ikfilesec.sys
    2008-08-15 10:00 . 2008-06-02 15:19 29,576 --a------ C:\Windows\System32\drivers\kcom.sys
    2008-08-15 09:16 . 2008-08-15 09:16 12,800 --a------ C:\Windows\System32\drivers\EIO.sys
    2008-08-15 09:13 . 2008-08-15 09:17 <KANSIO> d-------- C:\Program Files\ASUS
    2008-08-15 09:05 . 2008-08-15 09:05 <KANSIO> d-------- C:\Program Files\Common Files\Adobe
    2008-08-15 06:40 . 2008-08-15 06:40 <KANSIO> d-------- C:\Program Files\Lavalys
    2008-08-15 06:37 . 2006-09-28 16:05 2,414,360 --a------ C:\Windows\System32\d3dx9_31.dll
    2008-08-15 06:37 . 2006-09-28 16:05 237,848 --a------ C:\Windows\System32\xactengine2_4.dll
    2008-08-15 06:37 . 2006-07-28 09:30 236,824 --a------ C:\Windows\System32\xactengine2_3.dll
    2008-08-15 06:37 . 2006-07-28 09:30 62,744 --a------ C:\Windows\System32\xinput1_2.dll
    2008-08-15 06:22 . 2008-08-15 06:22 <KANSIO> d-------- C:\Program Files\Ubisoft
    2008-08-15 06:21 . 2008-08-15 06:21 <KANSIO> d-------- C:\Users\Jussi & Riitta\AppData\Roaming\InstallShield
    2008-08-14 17:39 . 2008-08-14 17:39 <KANSIO> d-------- C:\ProgramData\NVIDIA
    2008-08-14 17:37 . 2008-08-14 17:37 <KANSIO> d-------- C:\Program Files\My Company Name
    2008-08-14 17:36 . 2008-08-14 17:38 <KANSIO> d-------- C:\Windows\nvtmpinst
    2008-08-14 17:36 . 2008-03-11 11:25 1,079,840 --a------ C:\Windows\System32\nvcpluir.dll
    2008-08-14 17:36 . 2008-03-11 11:25 764,448 --a------ C:\Windows\System32\nvcplui.exe
    2008-08-14 17:36 . 2008-03-11 11:25 420,384 --a------ C:\Windows\System32\nvcpl.cpl
    2008-08-14 17:36 . 2008-03-11 11:25 313,888 --a------ C:\Windows\System32\nvexpbar.dll
    2008-08-14 17:35 . 2008-03-11 11:25 442,368 --a------ C:\Windows\System32\nvudisp.exe
    2008-08-14 17:35 . 2008-03-11 11:25 7,672 --a------ C:\Windows\System32\nvdisp.nvu
    2008-08-14 17:34 . 2008-06-04 16:29 446,464 --a------ C:\Windows\System32\NVUNINST.EXE
    2008-08-13 06:33 . 2008-07-16 02:48 2,048 --a------ C:\Windows\System32\tzres.dll
    2008-08-13 06:23 . 2008-06-19 06:25 361,984 --a------ C:\Windows\System32\IPSECSVC.DLL
    2008-08-13 06:23 . 2008-06-19 06:25 272,896 --a------ C:\Windows\System32\polstore.dll
    2008-08-13 06:23 . 2008-06-19 06:25 61,440 --a------ C:\Windows\System32\winipsec.dll
    2008-08-13 06:23 . 2008-06-19 06:25 28,672 --a------ C:\Windows\System32\FwRemoteSvr.dll
    2008-08-13 06:22 . 2008-04-10 08:01 737,792 --a------ C:\Windows\System32\inetcomm.dll
    2008-08-13 06:22 . 2008-04-10 05:43 84,480 --a------ C:\Windows\System32\INETRES.dll
    2008-08-13 06:21 . 2008-04-19 11:13 268,800 --a------ C:\Windows\System32\es.dll
    2008-08-12 06:09 . 2008-08-12 06:09 <KANSIO> d-------- C:\Users\Jussi & Riitta\Uusi kansio
    2008-08-10 21:21 . 2008-08-11 18:11 <KANSIO> d-------- C:\srcds
    2008-08-10 21:17 . 2008-08-10 21:17 <KANSIO> d-------- C:\Program Files\Valve
    2008-08-10 11:26 . 2008-08-17 16:38 <KANSIO> d-------- C:\ProgramData\TrackMania
    2008-08-09 15:51 . 2008-08-09 15:55 <KANSIO> d-------- C:\Users\Jussi & Riitta\AppData\Roaming\Command & Conquer 3 Tiberium Wars
    2008-08-09 14:00 . 2006-11-29 13:06 3,426,072 --a------ C:\Windows\System32\d3dx9_32.dll
    2008-08-09 07:26 . 2008-08-09 07:26 <KANSIO> d-------- C:\Users\Jussi & Riitta\AppData\Roaming\FLVPlayer4Free
    2008-08-09 07:24 . 2008-08-09 07:24 <KANSIO> d-------- C:\Program Files\FLVPlayer4Free
    2008-08-08 19:30 . 2008-08-08 19:30 <KANSIO> d-------- C:\Program Files\directx
    2008-08-08 19:12 . 2008-08-08 19:12 <KANSIO> d-------- C:\Program Files\B2BPOKER
    2008-08-05 16:40 . 2008-08-05 16:40 <KANSIO> d-------- C:\Users\Jussi & Riitta\AppData\Roaming\Songbird2
    2008-08-05 16:40 . 2008-08-05 16:47 <KANSIO> d-------- C:\ProgramData\SongbirdVLC
    2008-08-05 16:40 . 2008-08-05 16:40 <KANSIO> d-------- C:\Program Files\Songbird

    .
    (((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-09-06 04:39 --------- d-----w C:\Users\Jussi & Riitta\AppData\Roaming\foobar2000
    2008-09-06 04:39 --------- d-----w C:\Users\Jussi & Riitta\AppData\Roaming\BitTorrent
    2008-09-05 17:43 --------- d-----w C:\Program Files\Steam
    2008-09-05 03:56 --------- d-----w C:\Program Files\Common Files\Steam
    2008-09-04 18:54 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-09-04 07:03 349 ----a-w C:\Program Files\INSTALL.LOG
    2008-08-31 10:26 --------- d-----w C:\Users\Jussi & Riitta\AppData\Roaming\DNA
    2008-08-27 02:33 --------- d-----w C:\Program Files\Common Files\InstallShield
    2008-08-24 15:09 --------- d-----w C:\ProgramData\Kaspersky Lab
    2008-08-15 07:10 --------- d-----w C:\Program Files\DAEMON Tools Toolbar
    2008-08-13 13:52 --------- d-----w C:\ProgramData\Microsoft Help
    2008-08-13 13:49 --------- d-----w C:\Program Files\Windows Mail
    2008-08-03 13:43 409,600 ----a-w C:\Windows\System32\wrap_oal.dll
    2008-08-03 13:43 114,688 ----a-w C:\Windows\System32\OpenAL32.dll
    2008-08-03 13:43 --------- d-----w C:\Program Files\OpenAL
    2008-08-02 15:57 --------- d-----w C:\Program Files\EA GAMES
    2008-08-02 14:52 --------- d-----w C:\Program Files\DC++
    2008-08-02 11:31 --------- d-----w C:\Users\Jussi & Riitta\AppData\Roaming\Lionhead Studios
    2008-08-02 10:56 --------- d-----w C:\Users\Jussi & Riitta\AppData\Roaming\BSplayer
    2008-08-02 09:29 --------- d-----w C:\Program Files\MagicDisc
    2008-08-02 05:36 --------- d-----w C:\Users\Jussi & Riitta\AppData\Roaming\BSplayer Pro
    2008-08-02 05:36 --------- d-----w C:\Program Files\Webteh
    2008-08-02 05:34 --------- d-----w C:\Program Files\ToniArts
    2008-08-02 05:18 --------- d-----w C:\ProgramData\Last.fm
    2008-08-02 05:17 --------- d-----w C:\Program Files\Last.fm
    2008-08-02 05:07 --------- d-----w C:\Program Files\foobar2000
    2008-08-01 08:00 --------- d-----w C:\Program Files\DAEMON Tools Lite
    2008-08-01 03:20 717,296 ----a-w C:\Windows\system32\drivers\sptd.sys
    2008-08-01 03:19 --------- d-----w C:\Users\Jussi & Riitta\AppData\Roaming\DAEMON Tools
    2008-08-01 00:18 174 --sha-w C:\Program Files\desktop.ini
    2008-08-01 00:13 --------- d-----w C:\Program Files\Windows Sidebar
    2008-07-31 18:40 48,640 ----a-w C:\Windows\System32\davclnt.dll
    2008-07-31 18:40 196,096 ----a-w C:\Windows\System32\WebClnt.dll
    2008-07-31 18:40 110,080 ----a-w C:\Windows\system32\drivers\mrxdav.sys
    2008-07-31 18:39 --------- d-----w C:\Program Files\Common Files\Enterbrain
    2008-07-31 18:37 41,984 ----a-w C:\Windows\system32\drivers\monitor.sys
    2008-07-31 18:37 1,061,944 ----a-w C:\Windows\system32\drivers\ntfs.sys
    2008-07-31 18:35 --------- d-----w C:\Program Files\Enterbrain
    2008-07-31 18:34 806,400 ----a-w C:\Windows\system32\drivers\tcpip.sys
    2008-07-31 18:34 24,064 ----a-w C:\Windows\System32\netcfg.exe
    2008-07-31 18:34 22,016 ----a-w C:\Windows\System32\netiougc.exe
    2008-07-31 18:34 217,144 ----a-w C:\Windows\system32\drivers\netio.sys
    2008-07-31 18:34 167,424 ----a-w C:\Windows\System32\tcpipcfg.dll
    2008-07-31 18:32 9,845,248 ----a-w C:\Windows\System32\NlsData000a.dll
    2008-07-31 18:29 --------- d-----w C:\Program Files\ffdshow
    2008-07-31 18:28 1,585,664 ----a-w C:\Windows\System32\setupapi.dll
    2008-07-31 18:25 2,028,544 ----a-w C:\Windows\System32\win32k.sys
    2008-07-31 18:24 9,728 ----a-w C:\Windows\System32\LAPRXY.DLL
    2008-07-31 18:24 296,448 ----a-w C:\Windows\System32\gdi32.dll
    2008-07-31 18:24 223,232 ----a-w C:\Windows\System32\WMASF.DLL
    2008-07-31 18:24 2,048 ----a-w C:\Windows\System32\asferror.dll
    2008-07-31 18:23 14,848 ----a-w C:\Windows\System32\wshrm.dll
    2008-07-31 18:23 113,664 ----a-w C:\Windows\system32\drivers\rmcast.sys
    2008-07-31 18:22 11,776 ----a-w C:\Windows\System32\sbunattend.exe
    2008-07-31 18:09 --------- d-----w C:\Program Files\BitTorrent
    2008-07-31 18:08 --------- d-----w C:\Program Files\DNA
    2008-07-31 17:57 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
    2008-07-31 17:57 --------- d-----w C:\Program Files\Windows Live
    2008-07-31 17:55 2,560 ----a-w C:\Windows\AppPatch\AcRes.dll
    2008-07-31 17:54 84,480 ----a-w C:\Windows\System32\dnsrslvr.dll
    2008-07-31 17:54 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
    2008-07-31 17:54 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
    2008-07-31 17:54 4,247,552 ----a-w C:\Windows\System32\GameUXLegacyGDFs.dll
    2008-07-31 17:54 24,576 ----a-w C:\Windows\System32\dnscacheugc.exe
    2008-07-31 17:54 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
    2008-07-31 17:54 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
    2008-07-31 17:54 1,686,528 ----a-w C:\Windows\System32\gameux.dll
    2008-07-31 17:52 84,992 ----a-w C:\Windows\system32\drivers\srvnet.sys
    2008-07-31 17:52 58,368 ----a-w C:\Windows\system32\drivers\mrxsmb20.sys
    2008-07-31 17:52 130,048 ----a-w C:\Windows\system32\drivers\srv2.sys
    2008-07-31 17:52 102,400 ----a-w C:\Windows\system32\drivers\mrxsmb.sys
    2008-07-31 17:51 1,327,104 ----a-w C:\Windows\System32\quartz.dll
    2008-07-31 17:50 428,032 ----a-w C:\Windows\System32\EncDec.dll
    2008-07-31 17:50 292,352 ----a-w C:\Windows\System32\psisdecd.dll
    2008-07-31 17:50 1,244,672 ----a-w C:\Windows\System32\mcmde.dll
    2008-07-31 17:47 3,505,848 ----a-w C:\Windows\System32\ntkrnlpa.exe
    2008-07-31 17:47 3,472,056 ----a-w C:\Windows\System32\ntoskrnl.exe
    2008-07-31 17:36 --------- d-----w C:\ProgramData\WLInstaller
    2008-07-31 17:30 --------- d-----w C:\ProgramData\fsc-reg
    2008-07-31 17:30 --------- d-----w C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
    2008-07-31 17:30 --------- d-----w C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
    2008-07-31 17:28 --------- d-----w C:\Program Files\Microsoft Works
    2008-07-31 17:23 --------- d-----w C:\Program Files\Microsoft.NET
    2008-07-31 17:19 --------- d-----w C:\Program Files\Common Files\Ahead
    2008-07-31 17:17 --------- d-----w C:\ProgramData\Nero
    2008-07-31 17:17 --------- d-----w C:\Program Files\Nero
    2008-07-31 17:14 --------- d-----w C:\Users\Jussi & Riitta\AppData\Roaming\ATI
    2008-07-31 17:06 53,080 ----a-w C:\Windows\System32\wuauclt.exe
    2008-07-31 17:06 43,352 ----a-w C:\Windows\System32\wups2.dll
    2008-07-31 17:06 1,524,224 ----a-w C:\Windows\System32\wucltux.dll
    2008-07-31 17:05 1,712,984 ----a-w C:\Windows\System32\wuaueng.dll
    2008-07-31 17:04 80,896 ----a-w C:\Windows\System32\wudriver.dll
    2008-07-31 17:04 549,720 ----a-w C:\Windows\System32\wuapi.dll
    2008-07-31 17:04 33,624 ----a-w C:\Windows\System32\wups.dll
    2008-07-31 17:04 31,232 ----a-w C:\Windows\System32\wuapp.exe
    2008-07-31 17:04 163,000 ----a-w C:\Windows\System32\wuwebv.dll
    2008-07-28 14:19 116,736 ----a-w C:\Windows\system32\drivers\mcdbus.sys
    2008-06-27 03:54 826,368 ----a-w C:\Windows\System32\wininet.dll
    2008-06-27 03:54 56,320 ----a-w C:\Windows\System32\iesetup.dll
    2008-06-27 03:54 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
    .

    (((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-07-31 1232896]
    "fsc-reg"="C:\ProgramData\fsc-reg\fscreg.exe" [2007-11-08 470288]
    "Steam"="c:\program files\steam\steam.exe" [2008-07-31 1271032]
    "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
    "DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2008-07-24 490952]
    "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 201728]
    "NVIDIA nTune"="C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" [2008-06-06 114688]
    "SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-08-27 1576176]
    "Google Update"="C:\Users\Jussi & Riitta\AppData\Local\Google\Update\GoogleUpdate.exe" [2008-09-03 133104]
    "ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 125440]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "StartCCC"="c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
    "recinfo133"="c:\RecInfo\RecInfo.exe" [2007-10-23 2764800]
    "NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-02-26 153136]
    "NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2008-03-11 13527584]
    "NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2008-03-11 92704]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
    "ASUSGamerOSD"="C:\Program Files\ASUS\GamerOSD\GamerOSD.exe" [2008-03-21 380928]
    "F-Secure Manager"="C:\Program Files\Sonera Tietoturva\Common\FSM32.EXE" [2008-02-13 184800]
    "F-Secure TNB"="C:\Program Files\Sonera Tietoturva\FSGUI\TNBUtil.exe" [2008-02-13 741800]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
    "RtHDVCpl"="RtHDVCpl.exe" [2007-10-31 C:\Windows\RtHDVCpl.exe]
    "soneraVista"="wscript.exe" [2006-11-02 C:\Windows\System32\wscript.exe]

    C:\Users\Jussi & Riitta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    MagicDisc.lnk - C:\Program Files\MagicDisc\MagicDisc.exe [2008-08-02 575488]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
    "LogonHoursAction"= 2 (0x2)
    "DontDisplayLogonHoursWarnings"= 1 (0x1)

    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
    "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "C:\Program Files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
    2008-08-27 21:06 352256 C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "vidc.asv2"= asusasv2.dll
    "VIDC.XFR1"= xfcodec.dll

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
    "{45FA77E8-DDBF-42A4-A3CC-C0CC40264FE7}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
    "{7D7F2569-01E9-41C2-B639-8AFF4260EDC8}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
    "{C2983502-BB10-49F3-9D56-895753661682}"= UDP:C:\Program Files\DNA\btdna.exe:DNA (TCP-In)
    "{D5C9221C-D73B-475C-A7AC-F60C4D566C3F}"= TCP:C:\Program Files\DNA\btdna.exe:DNA (UDP-In)
    "{0465A34D-E605-42D6-A52C-A03111CFE6E4}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
    "{5D29FFA2-4123-4784-A769-03EE00503142}"= UDP:C:\Program Files\Ubisoft\Tom Clancy's Rainbow Six Vegas\Binaries\R6Vegas_Game.exe:Rainbow Six Vegas
    "{A81297BF-B8A6-484E-849B-1EF6A943821A}"= TCP:C:\Program Files\Ubisoft\Tom Clancy's Rainbow Six Vegas\Binaries\R6Vegas_Game.exe:Rainbow Six Vegas
    "{EE4FFB6D-B33D-4AE5-BC0C-4A5445072776}"= UDP:C:\Program Files\Ubisoft\Tom Clancy's Rainbow Six Vegas\Binaries\R6Vegas_Launcher.exe:Rainbow Six Vegas Updater
    "{5BA70781-1C1C-4B70-BB3E-0988246EDB78}"= TCP:C:\Program Files\Ubisoft\Tom Clancy's Rainbow Six Vegas\Binaries\R6Vegas_Launcher.exe:Rainbow Six Vegas Updater
    "{BCB12860-95EB-4DB1-86AE-1A509B38F048}"= UDP:C:\Program Files\2K Games\Firaxis Games\Sid Meier's Railroads!\RailRoads.exe:Sid Meier's Railroads!
    "{4C8F3D6B-3537-4AE1-AD56-56B5D6BE9179}"= TCP:C:\Program Files\2K Games\Firaxis Games\Sid Meier's Railroads!\RailRoads.exe:Sid Meier's Railroads!
    "TCP Query User{331E72C4-137D-4C18-9CD5-41F78664E562}C:\\users\\jussi & riitta\\program files\\dna\\btdna.exe"= UDP:C:\users\jussi & riitta\program files\dna\btdna.exe:btdna.exe
    "UDP Query User{E3E33DFD-2568-4E2D-8F16-0D646A8FA015}C:\\users\\jussi & riitta\\program files\\dna\\btdna.exe"= TCP:C:\users\jussi & riitta\program files\dna\btdna.exe:btdna.exe
    "TCP Query User{7171744F-9506-4CFA-8E4E-1C30D60E83E6}C:\\program files\\xfire\\xfire.exe"= UDP:C:\program files\xfire\xfire.exe:Xfire
    "UDP Query User{F11960CD-645E-433C-A592-B378CBCC6D5C}C:\\program files\\xfire\\xfire.exe"= TCP:C:\program files\xfire\xfire.exe:Xfire
    "TCP Query User{04F10270-0EA3-4255-B4FF-28B32829DBD7}C:\\program files\\bittorrent\\bittorrent.exe"= UDP:C:\program files\bittorrent\bittorrent.exe:bittorrent
    "UDP Query User{FF4F32A9-A40D-4F50-ACA2-FE21D07B7D02}C:\\program files\\bittorrent\\bittorrent.exe"= TCP:C:\program files\bittorrent\bittorrent.exe:bittorrent
    "{CBEC2FEB-6227-48DD-B5D7-3E89A3150485}"= D:\Asennetut\Command & Conquer 3\RetailExe\1.9\cnc3game.dat:Command & Conquer 3 Tiberium Wars
    "TCP Query User{3E98239B-E684-4868-A5B3-04A3E299F76E}C:\\users\\jussi & riitta\\program files\\dna\\btdna.exe"= UDP:C:\users\jussi & riitta\program files\dna\btdna.exe:btdna.exe
    "UDP Query User{8BE2CC97-C438-469F-B08A-9A50A2159131}C:\\users\\jussi & riitta\\program files\\dna\\btdna.exe"= TCP:C:\users\jussi & riitta\program files\dna\btdna.exe:btdna.exe
    "TCP Query User{CD11D07D-668B-41D6-8E42-831F3BEC7809}C:\\program files\\steam\\steamapps\\verdat\\day of defeat source\\hl2.exe"= UDP:C:\program files\steam\steamapps\verdat\day of defeat source\hl2.exe:hl2
    "UDP Query User{5BF61CF7-6F8D-4A4D-8B89-1D96B4D56735}C:\\program files\\steam\\steamapps\\verdat\\day of defeat source\\hl2.exe"= TCP:C:\program files\steam\steamapps\verdat\day of defeat source\hl2.exe:hl2

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
    "DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
    "C:\\Program Files\\BitTorrent\\bittorrent.exe"= C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent

    R0 AtiPcie;ATI PCI Express (3GIO) Filter;C:\Windows\system32\DRIVERS\AtiPcie.sys [2006-10-30 8192]
    R1 F-Secure HIPS;F-Secure HIPS;C:\Program Files\Sonera Tietoturva\HIPS\fshs.sys [2008-08-25 41184]
    R1 FSES;F-Secure Email Scanning Driver;C:\Windows\system32\drivers\fses.sys [2008-02-13 36616]
    R1 FSFW;F-Secure Firewall Driver;C:\Windows\system32\drivers\fsdfw.sys [2008-08-25 60064]
    R1 fsvista;F-Secure Vista Support Driver;C:\Program Files\Sonera Tietoturva\Anti-Virus\minifilter\fsvista.sys [2008-02-13 14760]
    R2 ASDR;ASDR;C:\Windows\System32\ASDR.exe [2007-03-20 61440]
    R2 ATKFUSService;ATK Fast User Switch Service;C:\Windows\system32\ATKFUSService.exe [2008-03-21 67072]
    R2 NVR0FLASHDev;NVR0FLASHDev;C:\Windows\nvflash.sys [2008-05-23 36640]
    R2 TestHandler;Fujitsu Siemens Computers Diagnostic Testhandler;C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe [2006-12-08 204800]
    R2 UpdateCenterService;Update Center Service;C:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe [2008-05-23 114688]
    R3 asusgsb;ASUS Virtual Video Capture Device Driver;C:\Windows\system32\drivers\asusgsb.sys [2008-03-21 15232]
    R3 ASUSVRC;ASUSTeK Virtual Capture Device;C:\Windows\system32\DRIVERS\AsusVRC.sys [2007-01-29 18432]
    R3 atkdisplf;ASUS Kernel Mode Enhanced Driver;C:\Windows\system32\drivers\ATKDispLowFilter.sys [2008-03-21 30848]
    R3 F-Secure Gatekeeper;F-Secure Gatekeeper;C:\Program Files\Sonera Tietoturva\Anti-Virus\minifilter\fsgk.sys [2008-02-13 63912]
    R3 Steam Client Service;Steam Client Service;C:\Program Files\Common Files\Steam\SteamService.exe [2008-09-04 92656]
    S3 atikmdag;atikmdag;C:\Windows\system32\DRIVERS\atikmdag.sys [2007-09-29 3154944]
    S3 humaxfl;HUMAX - Filter Driver;C:\Windows\system32\DRIVERS\humaxfl.sys [2004-06-25 19584]
    S3 humaxst;HUMAX - Stub Driver;C:\Windows\system32\DRIVERS\humaxst.sys [2004-06-25 2944]
    S4 F-Secure Filter;F-Secure File System Filter;C:\Program Files\Sonera Tietoturva\Anti-Virus\Win2K\FSfilter.sys [2008-02-13 41640]
    S4 F-Secure Recognizer;F-Secure File System Recognizer;C:\Program Files\Sonera Tietoturva\Anti-Virus\Win2K\FSrec.sys [2008-02-13 27048]
    S4 nvrd32;NVIDIA nForce RAID Driver;C:\Windows\system32\drivers\nvrd32.sys [2007-07-02 131616]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0a7c6dea-5f9f-11dd-a88e-001bb9fed23e}]
    \shell\AutoRun\command - K:\autoplay.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3968f929-5f75-11dd-a78c-806e6f6e6963}]
    \shell\AutoRun\command - E:\autorun.exe

    *Newly Created Service* - CATCHME
    *Newly Created Service* - PROCEXP90
    .
    'Ajoitetut tehtävät'-kansion sisältö
    .
    - - - - ORPHANS REMOVED - - - -

    HKLM-Run-recinfo - RecInfo.exe


    .
    ------- Supplementary Scan -------
    .
    FireFox -: Profile - C:\Users\Jussi & Riitta\AppData\Roaming\Mozilla\Firefox\Profiles\x5x7tnvd.default\
    FireFox -: prefs.js - STARTUP.HOMEPAGE - www.google.com
    FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll
    FF -: plugin - C:\Users\Jussi & Riitta\AppData\Local\Google\Update\1.2.131.11\npGoogleOneClick5.dll
    FF -: plugin - C:\Users\Jussi & Riitta\Program Files\DNA\plugins\npbtdna.dll
    .

    **************************************************************************

    catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-09-05 21:13:38
    Windows 6.0.6000 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    Completion time: 2008-09-05 21:15:57
    ComboFix-quarantined-files.txt 2008-09-05 18:15:45

    Pre-Run: 9,656,713,216 tavua vapaana
    Post-Run: 8,997,310,464 tavua vapaana

    341 --- E O F --- 2008-09-03 07:15:56
     
  5. Hujo

    Hujo Guest

    Lataa Malwarebytes' Anti-Malware työpöydällesi.

    1. Tuplaklikkaa mbam-setup.exe ja seuraa ohjeita asentaaksesi ohjelman.
    2. Lopuksi varmistu, että seuraavat on valittu: Update Malwarebytes', Anti-Malwareja
    Launch Malwarebytes' Anti-Malware ja sen jälkeen klikkaaFinish.
    3. Jos päivitys löytyy. ohjelma lataa ja asentaa uusimman version.
    4. Kun ohjelma on latautunut, valitse Perform full scan ja klikkaa Scan.
    5. Kun skanni on valmis, klikkaa OK ja sitten Show Results nähdäksesi tulokset.
    6. Varmistu, että kaikki on merkitty ja klikkaa Remove Selected.
    7. Tämän jälkeen loki avautuu muistioon. Tallenna se paikkaan, josta löydät sen helposti. Loki
    löytyy myös täältä: C:\Documents and Settings\Käyttäjänimi\Application
    Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-päiväys.txt
    8. Lähetä lokin sisältö seuraavassa viestissäsi.
     
  6. Verdat

    Verdat Member

    Liittynyt:
    15.07.2008
    Viestejä:
    1
    Kiitokset:
    0
    Pisteet:
    11
    Malwarebytes' Anti-Malware 1.26
    Tietokantaversio: 1116
    Windows 6.0.6000

    6.9.2008 7:43:50
    mbam-log-2008-09-06 (07-43-50).txt

    Tarkistustyyppi: Täysi tarkistus (C:\|D:\|)
    Tarkistetut kohteet: 150021
    Kulunut aika: 2 hour(s), 33 minute(s), 2 second(s)

    Saastuneita muistiprosesseja: 0
    Saastuneita muistimoduuleja: 0
    Saastuneita rekisteriavaimia: 0
    Saastuneita rekisteriarvoja: 0
    Saastuneita rekisterikohteita: 0
    Saastuneita hakemistoja: 0
    Saastuneita tiedostoja: 0

    Saastuneita muistiprosesseja:
    (Haitallisia kohteita ei löydetty)

    Saastuneita muistimoduuleja:
    (Haitallisia kohteita ei löydetty)

    Saastuneita rekisteriavaimia:
    (Haitallisia kohteita ei löydetty)

    Saastuneita rekisteriarvoja:
    (Haitallisia kohteita ei löydetty)

    Saastuneita rekisterikohteita:
    (Haitallisia kohteita ei löydetty)

    Saastuneita hakemistoja:
    (Haitallisia kohteita ei löydetty)

    Saastuneita tiedostoja:
    (Haitallisia kohteita ei löydetty)
     
  7. Hujo

    Hujo Guest

    mites kone toimii
     
  8. Verdat

    Verdat Member

    Liittynyt:
    15.07.2008
    Viestejä:
    1
    Kiitokset:
    0
    Pisteet:
    11
    nyt se taas toimii. kiitos avusta :9
     

Jaa tämä sivu