Netti rikki? Mato? Virus? Apuja :(?

spladder · Jun 21, 2008

Tämä on jatkunut nyt jo 1 kuukauden. Eli pingit ovat HIRVEÄT servuissa. +300-800 ventrilossa ja cs 1.6 ja muissakin peleissä.

Itselläni on 1 megan taloyhtiön dna netti. Aina ennen toiminut hyvin. Yksi virus on löydetty: win32: trojan-gen (other) (avast löysi) ja poistettu. Spybot löysi jonkun session manager bootexecute? mikä se on? Muuta ei ole löytynyt!
Ostin jopa uuden modeemin kun luulin, että vika on siinä mutta ei?!?

Tässä hijackthis log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:05:36, on 21.6.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\PnkBstrA.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WhatPulse] C:\Program Files\WhatPulse\WhatPulse.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Paikallinen palve')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Verkkopalve')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://www.dnainternet.fi/portaali/Virusskanneri/OLS3/fscax.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour-palvelu (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod-palvelu (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Unknown owner - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

--
End of file - 7219 bytes

Mitä pitää fixata?!?!

Minulla on avast 4.8, adware, spybot s&d

Tänne äkkiä jtn ohjelmia!

Pystyn lataamaan netistä 100kt/s tiedostoja, mutta vieläkin pingit ovat korkeita. NOPEAA APUA! KIITOS! :evil:

Hujo · Jun 22, 2008

Poista lisää poista sovelutuksesta

Spybot - Search & Destroy

Poista vikasiedossa kansio

C:\Program Files\Spybot - Search & Destroy

===========

scannaa hjt:llä merkkaa paina Fix checked

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://www.dnainternet.fi/portaali/Virusskanneri/OLS3/fscax.cab

==========

Lataa Malwarebytes' Anti-Malware työpöydällesi.

1. Tuplaklikkaa mbam-setup.exe ja seuraa ohjeita asentaaksesi ohjelman.
2. Lopuksi varmistu, että seuraavat on valittu: Update Malwarebytes', Anti-Malwareja
Launch Malwarebytes' Anti-Malware ja sen jälkeen klikkaaFinish.
3. Jos päivitys löytyy. ohjelma lataa ja asentaa uusimman version.
4. Kun ohjelma on latautunut, valitse Perform full scan ja klikkaa Scan.
5. Kun skanni on valmis, klikkaa OK ja sitten Show Results nähdäksesi tulokset.
6. Varmistu, että kaikki on merkitty ja klikkaa Remove Selected.
7. Tämän jälkeen loki avautuu muistioon. Tallenna se paikkaan, josta löydät sen helposti. Loki
löytyy myös täältä: C:\Documents and Settings\Käyttäjänimi\Application
Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-päiväys.txt
8. Lähetä lokin sisältö seuraavassa viestissäsi.

spladder · Jun 22, 2008

Tässähän se, Taas kun aloin pelaamaan niin pingit nousivat 200-500 ja ei voi tehdä mitään. 1 megan TALOYHTIÖN netti. Voiko siinä olla vikaa. Dna Lännen puhelin hostaajana... Tämä lagaaminen loppuu joka päivä 20-22 välisenä aikana. Mikä on vikana? Pitääkö kone FORMATOIDA :O

Malwarebytes' Anti-Malware 1.18
Tietokantaversio: 878

19:45:14 22.6.2008
mbam-log-6-22-2008 (19-45-14).txt

Tarkistustyyppi: Täysi tarkistus (C:\|)
Tarkistetut kohteet: 148086
Kulunut aika: 25 minute(s), 59 second(s)

Saastuneita muistiprosesseja: 0
Saastuneita muistimoduuleja: 0
Saastuneita rekisteriavaimia: 0
Saastuneita rekisteriarvoja: 0
Saastuneita rekisterikohteita: 0
Saastuneita hakemistoja: 0
Saastuneita tiedostoja: 0

Saastuneita muistiprosesseja:
(Haitallisia kohteita ei löydetty)

Saastuneita muistimoduuleja:
(Haitallisia kohteita ei löydetty)

Saastuneita rekisteriavaimia:
(Haitallisia kohteita ei löydetty)

Saastuneita rekisteriarvoja:
(Haitallisia kohteita ei löydetty)

Saastuneita rekisterikohteita:
(Haitallisia kohteita ei löydetty)

Saastuneita hakemistoja:
(Haitallisia kohteita ei löydetty)

Saastuneita tiedostoja:
(Haitallisia kohteita ei löydetty)

Hujo · Jun 22, 2008

1.Lataa combofix.exe työpöydällesi yhdestä linkistä:
combofix1
combofix2

2. Tuplaklikkaa combofix.exe tiedostoa ja seuraa ohjeistuksia.
3. Kun työkalu on valmis, se tuottaa lokin. Lähetä tämä loki viesti ketjuusi.
Huom! Älä klikkaile combofixin ikkunaa käytön aikana. Tämä saattaa aiheuttaa ohjelman jumiutumisen.

spladder · Jun 22, 2008

COMBOFIX LOG
----------------------------------------------

ComboFix 08-06-20.4 - Omistaja 2008-06-22 22:22:28.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1035.18.594 [GMT 3:00]
Running from: C:\Program Files\Lataukset\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

(((((((((((((((((((((((((((((((((((((( Muut poistot ))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\msvrc20.dll
C:\WINDOWS\system32\pskill.exe

.
((((( Tiedostot, jotka on luotu seuraavalla aikavälillä: 2008-05-22 to 2008-06-22 )))))))))))))))))
.

2008-06-22 19:07 . 2008-06-22 19:07 <KANSIO> d-------- C:\Documents and Settings\Omistaja\Application Data\Malwarebytes
2008-06-22 19:07 . 2008-06-22 19:07 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-06-21 19:38 . 2008-03-19 15:23 <KANSIO> d--h----- C:\Documents and Settings\Järjestelmänvalvoja\Verkkoympäristö
2008-06-21 19:38 . 2008-03-19 15:23 <KANSIO> d--h----- C:\Documents and Settings\Järjestelmänvalvoja\Verkkoympäristö
2008-06-21 19:38 . 2008-03-19 13:30 <KANSIO> d-------- C:\Documents and Settings\Järjestelmänvalvoja\Työpöytä
2008-06-21 19:38 . 2008-03-19 13:30 <KANSIO> d-------- C:\Documents and Settings\Järjestelmänvalvoja\Työpöytä
2008-06-21 19:38 . 2008-03-19 15:23 <KANSIO> d--h----- C:\Documents and Settings\Järjestelmänvalvoja\Tulostinympäristö
2008-06-21 19:38 . 2008-03-19 15:23 <KANSIO> d--h----- C:\Documents and Settings\Järjestelmänvalvoja\Tulostinympäristö
2008-06-21 19:38 . 2008-03-19 15:23 <KANSIO> d-------- C:\Documents and Settings\Järjestelmänvalvoja\Suosikit
2008-06-21 19:38 . 2008-03-19 15:23 <KANSIO> d-------- C:\Documents and Settings\Järjestelmänvalvoja\Suosikit
2008-06-21 19:38 . 2008-06-21 19:38 <KANSIO> dr------- C:\Documents and Settings\Järjestelmänvalvoja\Omat tiedostot
2008-06-21 19:38 . 2008-06-21 19:38 <KANSIO> dr------- C:\Documents and Settings\Järjestelmänvalvoja\Omat tiedostot
2008-06-21 19:38 . 2008-03-19 13:26 <KANSIO> d--h----- C:\Documents and Settings\Järjestelmänvalvoja\Mallit
2008-06-21 19:38 . 2008-03-19 13:26 <KANSIO> d--h----- C:\Documents and Settings\Järjestelmänvalvoja\Mallit
2008-06-21 19:38 . 2008-03-19 15:23 <KANSIO> dr------- C:\Documents and Settings\Järjestelmänvalvoja\Käynnistä-valikko
2008-06-21 19:38 . 2008-03-19 15:23 <KANSIO> dr------- C:\Documents and Settings\Järjestelmänvalvoja\Käynnistä-valikko
2008-06-21 19:38 . 2008-06-21 19:38 <KANSIO> d-------- C:\Documents and Settings\Järjestelmänvalvoja
2008-06-21 18:29 . 2008-06-22 18:56 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-06-21 18:12 . 2008-06-21 18:12 <KANSIO> d-------- C:\Program Files\IObit
2008-06-18 18:19 . 2008-06-18 18:23 <KANSIO> d-------- C:\Documents and Settings\Omistaja\Application Data\gtk-2.0
2008-06-18 18:11 . 2008-06-18 18:11 <KANSIO> d-------- C:\Documents and Settings\Omistaja\.thumbnails
2008-06-18 18:04 . 2008-06-18 22:30 <KANSIO> d-------- C:\Documents and Settings\Omistaja\.gimp-2.4
2008-06-18 18:03 . 2008-06-18 18:03 <KANSIO> d-------- C:\Program Files\GIMP-2.0
2008-06-18 15:07 . 2008-06-18 15:07 <KANSIO> d-------- C:\Documents and Settings\Omistaja\dwhelper
2008-06-17 20:49 . 1999-12-19 03:00 198,656 --------- C:\WINDOWS\UnWiz32.exe
2008-06-17 20:49 . 1994-05-31 06:22 16,129 --------- C:\WINDOWS\Expand.exe
2008-06-17 20:49 . 1994-11-21 04:50 15,259 --------- C:\WINDOWS\Compress.exe
2008-06-17 20:33 . 2008-06-17 20:42 <KANSIO> d-------- C:\Program Files\WhatPulse
2008-06-15 18:10 . 2008-06-15 18:10 <KANSIO> d-------- C:\Program Files\VentriloMIX
2008-06-12 11:49 . 2008-06-19 23:12 <KANSIO> d-------- C:\Program Files\mIRC
2008-06-11 10:21 . 2008-06-14 20:34 272,128 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys
2008-06-11 10:21 . 2008-05-08 17:02 203,136 -----c--- C:\WINDOWS\system32\dllcache\rmcast.sys
2008-06-09 20:36 . 2008-06-09 20:36 <KANSIO> d-------- C:\Program Files\foobar2000
2008-06-09 20:36 . 2008-06-22 21:33 <KANSIO> d-------- C:\Documents and Settings\Omistaja\Application Data\foobar2000
2008-06-08 18:03 . 2008-06-08 18:03 <KANSIO> d-------- C:\Program Files\Google
2008-06-07 21:28 . 2008-06-07 21:30 <KANSIO> d-------- C:\Program Files\Silkroad
2008-06-06 21:35 . 2008-06-06 21:38 <KANSIO> d-------- C:\Program Files\EsetOnlineScanner
2008-06-06 21:13 . 2008-04-17 16:19 90,668 --a------ C:\WINDOWS\system32\vobis32.dll
2008-06-06 21:09 . 2008-06-06 21:09 23,600 --a------ C:\WINDOWS\system32\drivers\TVICHW32.SYS
2008-06-06 14:17 . 2008-06-06 14:17 <KANSIO> d-------- C:\Program Files\AmitySource
2008-06-05 22:29 . 2008-06-05 22:29 <KANSIO> d-------- C:\Fraps
2008-06-04 11:01 . 2008-06-04 11:01 <KANSIO> d-------- C:\Program Files\AMX Mod X
2008-06-03 03:56 . 2008-06-03 03:56 41,296 --a------ C:\WINDOWS\system32\xfcodec.dll
2008-06-02 21:27 . 2008-06-02 21:27 <KANSIO> d-------- C:\Program Files\Web Publish
2008-06-02 21:27 . 2008-06-02 21:27 298 --a------ C:\WINDOWS\ODBC.INI
2008-06-02 19:36 . 2002-07-08 01:14 1,294,336 --a------ C:\WINDOWS\system32\vorbis.acm
2008-06-02 19:36 . 2006-06-20 11:56 225,280 --a------ C:\WINDOWS\system32\rewire.dll
2008-06-02 12:47 . 2008-06-22 21:37 <KANSIO> d-------- C:\Program Files\Steam
2008-06-01 23:37 . 2008-06-01 23:37 <KANSIO> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-05-31 14:40 . 2003-02-21 15:42 348,160 -ra------ C:\WINDOWS\system\msvcr71.dll
2008-05-31 14:37 . 2008-06-10 13:11 <KANSIO> d-------- C:\Program Files\Common Files\Logitech
2008-05-31 11:29 . 2008-05-31 11:29 <KANSIO> dr-h----- C:\Documents and Settings\Omistaja\Application Data\SecuROM
2008-05-31 11:29 . 2008-05-31 11:29 108,144 --a------ C:\WINDOWS\system32\CmdLineExt.dll
2008-05-31 11:16 . 2008-05-31 11:16 <KANSIO> d-------- C:\Program Files\EA GAMES
2008-05-31 11:16 . 2007-04-05 01:39 442,368 -ra------ C:\WINDOWS\system32\vp6vfw.dll
2008-05-30 18:41 . 2008-06-20 01:22 <KANSIO> d-------- C:\Documents and Settings\Omistaja\Application Data\mIRC
2008-05-29 18:36 . 2008-05-29 18:36 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\Trymedia
2008-05-28 14:07 . 2008-05-28 14:07 <KANSIO> d-------- C:\Program Files\Trend Micro
2008-05-25 20:47 . 2008-05-25 20:56 <KANSIO> d-------- C:\WINDOWS\ShellNew

.
(((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-22 19:20 --------- d-----r C:\Program Files\Lataukset
2008-06-21 19:28 --------- d-----w C:\Documents and Settings\Omistaja\Application Data\Xfire
2008-06-21 18:39 --------- d-----w C:\Program Files\Xfire
2008-06-21 15:59 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-06-16 16:11 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-06-15 15:10 --------- d-----w C:\Program Files\VentriloMIX
2008-06-14 17:34 272,128 ------w C:\WINDOWS\system32\drivers\bthport.sys
2008-06-10 16:09 --------- d-----w C:\Program Files\FLV Player
2008-06-09 17:40 --------- d-----w C:\Documents and Settings\Omistaja\Application Data\LimeWire
2008-06-06 20:06 --------- d-----w C:\Documents and Settings\Omistaja\Application Data\IObit
2008-06-06 18:19 --------- d-----w C:\Program Files\Windows Media Connect 2
2008-06-05 18:48 --------- d-----w C:\Program Files\Lavasoft
2008-06-05 18:48 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-06-03 05:36 --------- d-----w C:\Documents and Settings\Omistaja\Application Data\uTorrent
2008-06-02 17:02 --------- d-----w C:\Program Files\Vstplugins
2008-06-02 15:03 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
2008-06-02 15:03 107,832 ----a-w C:\WINDOWS\system32\PnkBstrB.exe
2008-06-02 15:02 --------- d-----w C:\Program Files\WarRock
2008-06-02 05:54 --------- d-----w C:\Program Files\Conquer 2.0
2008-05-31 11:39 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-05-30 16:37 --------- d-----w C:\Documents and Settings\Omistaja\Application Data\HLSW
2008-05-30 14:34 --------- d-----w C:\Documents and Settings\Omistaja\Application Data\Publish Providers
2008-05-28 05:32 --------- d-----w C:\Program Files\SystemRequirementsLab
2008-05-28 05:32 --------- d-----w C:\Documents and Settings\Omistaja\Application Data\SystemRequirementsLab
2008-05-22 12:16 --------- d-----w C:\Program Files\HyCam2
2008-05-22 11:12 --------- d-----w C:\Documents and Settings\All Users\Application Data\TrackMania
2008-05-18 15:42 --------- d-----w C:\Documents and Settings\Omistaja\Application Data\GanymedeNet
2008-05-17 16:29 102,664 ----a-w C:\WINDOWS\system32\drivers\tmcomm.sys
2008-05-16 15:08 --------- d-----w C:\Program Files\Common Files\NSV
2008-05-16 08:58 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe
2008-05-11 19:57 --------- d-----w C:\Program Files\Crimson Editor
2008-05-11 14:55 43,520 ----a-w C:\WINDOWS\system32\CmdLineExt03.dll
2008-05-11 14:44 --------- d-----w C:\Documents and Settings\Omistaja\Application Data\Atari
2008-05-11 14:01 --------- d-----w C:\Program Files\Common Files\PocketSoft
2008-05-11 13:58 --------- d-----w C:\Program Files\Atari
2008-05-08 14:02 203,136 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2008-05-07 13:22 --------- d-----w C:\Program Files\LimeWire
2008-05-07 05:12 1,288,704 ----a-w C:\WINDOWS\system32\quartz.dll
2008-05-01 18:24 --------- d-----w C:\Program Files\BlueVoda Website Builder
2008-05-01 18:23 737,280 ----a-w C:\WINDOWS\iun6002.exe
2008-04-29 13:09 --------- d-----w C:\Program Files\Robster Productions
2008-04-29 08:20 15,648 ----a-w C:\WINDOWS\system32\drivers\NSDriver.sys
2008-04-29 08:19 15,648 ----a-w C:\WINDOWS\system32\drivers\Awrtrd.sys
2008-04-29 08:19 12,960 ----a-w C:\WINDOWS\system32\drivers\Awrtpd.sys
2008-04-28 17:51 --------- d-----w C:\Documents and Settings\Omistaja\Application Data\Ventrilo
2008-04-28 16:46 --------- d-----w C:\Program Files\Ventrilo
2008-04-28 05:19 --------- d-----w C:\Program Files\Pinnacle
2008-04-23 17:54 --------- d-----w C:\Documents and Settings\Omistaja\Application Data\Sony
2008-04-23 17:48 --------- d-----w C:\Program Files\Sony
2008-04-23 17:48 --------- d-----w C:\Documents and Settings\All Users\Application Data\Sony
2008-04-23 17:47 --------- d-----w C:\Program Files\MSBuild
2008-04-23 17:45 --------- d-----w C:\Program Files\Reference Assemblies
2008-04-23 17:36 --------- d-----w C:\Documents and Settings\Omistaja\Application Data\Sony Setup
2008-04-23 17:35 --------- d-----w C:\Program Files\Sony Setup
2008-04-23 17:32 --------- d-----w C:\Program Files\MSXML 6.0
2008-04-23 17:32 --------- d-----w C:\Program Files\Microsoft.NET
2008-04-23 17:32 --------- d-----w C:\Program Files\Microsoft SQL Server
2008-04-23 04:16 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-04-22 16:45 --------- d-s---w C:\Program Files\HLSW
2008-04-19 19:21 66,872 ----a-w C:\WINDOWS\system32\PnkBstrA.exe
2008-04-15 05:43 53,760 ----a-w C:\WINDOWS\system32\zlib.dll
2008-04-15 05:43 49,152 ----a-w C:\WINDOWS\UNINS.EXE
2008-04-15 05:43 28,672 ----a-w C:\WINDOWS\system32\shelllnk.dll
2008-04-15 05:42 1,700,352 ----a-w C:\WINDOWS\system32\gdiplus.dll
2008-04-14 16:27 1,804 ----a-w C:\WINDOWS\system32\dcache.bin
2008-04-14 16:15 331,264 ----a-w C:\WINDOWS\system32\netsetup.exe
2008-04-14 16:11 997,888 ----a-w C:\WINDOWS\system32\msgina.dll
2008-04-14 16:10 9,344 ----a-w C:\WINDOWS\system32\framebuf.dll
2008-04-14 16:09 7,168 ----a-w C:\WINDOWS\system32\f3ahvoas.dll
2008-04-14 16:09 3,072 ----a-w C:\WINDOWS\system32\dpnlobby.dll
2008-04-14 16:09 3,072 ----a-w C:\WINDOWS\system32\dpnaddr.dll
2008-04-14 16:09 285,696 ----a-w C:\WINDOWS\system32\atmfd.dll
2008-04-14 16:09 16,896 ----a-w C:\WINDOWS\system32\cfgmgr32.dll
2008-04-14 15:49 2,191,360 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
2008-04-14 15:49 2,068,224 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe
2008-04-14 15:48 4,096 ----a-w C:\WINDOWS\system32\dsprpres.dll
2008-04-14 15:46 79,872 ----a-w C:\WINDOWS\system32\msxml6r.dll
2008-04-14 15:45 80,384 ------w C:\WINDOWS\system32\msshavmsg.dll
2008-04-14 15:44 48,640 ----a-w C:\WINDOWS\system32\inetres.dll
2008-04-14 15:43 556,032 ----a-w C:\WINDOWS\system32\shdoclc.dll
2008-04-14 15:41 9,728 ----a-w C:\WINDOWS\system32\gpkrsrc.dll
2008-04-14 15:41 1,845,888 ----a-w C:\WINDOWS\system32\win32k.sys
2008-04-14 15:40 65,536 ----a-w C:\WINDOWS\system32\browselc.dll
2008-04-14 15:38 103,424 ----a-w C:\WINDOWS\system32\dpcdll.dll
2008-04-14 06:12 11,264 ----a-w C:\WINDOWS\system32\spnpinst.exe
2008-04-14 06:11 992,256 ----a-w C:\WINDOWS\system32\setupapi.dll
2008-04-14 06:11 423,936 ----a-w C:\WINDOWS\system32\licdll.dll
2008-04-13 18:44 17,664 ----a-w C:\WINDOWS\system32\watchdog.sys
2008-04-13 18:40 440,832 ----a-w C:\WINDOWS\system32\xpob2res.dll
2008-04-13 18:36 2,921,984 ----a-w C:\WINDOWS\system32\xpsp2res.dll
2008-04-13 18:35 24,064 ----a-w C:\WINDOWS\system32\pidgen.dll
2008-04-13 18:35 186,368 ----a-w C:\WINDOWS\system32\xpsp1res.dll
2008-04-13 18:31 7,424 ----a-w C:\WINDOWS\system32\kd1394.dll
2008-04-13 18:30 61,440 ----a-w C:\WINDOWS\system32\msvcrt40.dll
2008-04-13 17:37 208,384 ----a-w C:\WINDOWS\system32\rsaenh.dll
2008-04-13 17:37 138,752 ----a-w C:\WINDOWS\system32\dssenh.dll
2008-04-13 17:26 12,288 ----a-w C:\WINDOWS\system32\odbcp32r.dll
2008-04-13 17:26 12,288 ----a-w C:\WINDOWS\system32\mscpx32r.dll
2008-04-13 17:21 733,696 ----a-w C:\WINDOWS\system32\qedwipes.dll
2008-04-13 16:48 1,647,616 ----a-w C:\WINDOWS\system32\winbrand.dll
.

(((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 12:34 5724184]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 19:12 15360]
"WhatPulse"="C:\Program Files\WhatPulse\WhatPulse.exe" [2006-08-21 20:48 665600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"SoundMan"="SOUNDMAN.EXE" [2006-08-03 07:12 577536 C:\WINDOWS\SOUNDMAN.EXE]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-05-16 02:19 79224]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 12:17 61440]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 19:12 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveSearch"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.XFR1"= xfcodec.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Xfire\\xfire.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"C:\\Program Files\\Steam\\Steam.exe"=
"C:\\Program Files\\HLSW\\hlsw.exe"=
"C:\\Program Files\\Steam\\steamapps\\spladder0\\counter-strike source\\hl2.exe"=
"C:\\Program Files\\Steam\\steamapps\\spladder0\\day of defeat source\\hl2.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\Common Files\\PocketSoft\\RTPatch\\AutoRTP\\artpschd.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Steam\\SteamApps\\spladder0\\counter-strike\\hl.exe"=
"C:\\Program Files\\Steam\\SteamApps\\spladder0\\condition zero deleted scenes\\hl.exe"=
"C:\\Program Files\\Steam\\SteamApps\\spladder0\\condition zero\\hl.exe"=
"C:\\Program Files\\Steam\\SteamApps\\spladder0\\day of defeat\\hl.exe"=
"C:\\Program Files\\Steam\\SteamApps\\spladder0\\day of defeat source beta\\hl2.exe"=
"C:\\Program Files\\Steam\\SteamApps\\spladder0\\dedicated server\\hlds.exe"=
"C:\\Program Files\\Steam\\SteamApps\\spladder0\\half-life 2 deathmatch\\hl2.exe"=
"C:\\Program Files\\Lataukset\\SRO_NEW_Full-Client_Downloader.exe"=
"C:\\Program Files\\mIRC\\mirc.exe"=

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 02:20]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 02:16]
S3 MSSQL$SONY_MEDIAMGR2;SQL Server (SONY_MEDIAMGR2);"c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSONY_MEDIAMGR2 []
S3 SIS163u;SiS163 usb Wireless LAN Adapter Driver;C:\WINDOWS\system32\DRIVERS\sis163u.sys [2005-06-20 10:12]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2cdc76c1-f5af-11dc-b99d-806d6172696f}]
\Shell\AutoRun\command - D:\wizard.exe

*Newly Created Service* - CATCHME
.
'Ajoitetut tehtävät'-kansion sisältö
"2008-06-13 07:10:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-22 22:23:54
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-06-22 22:24:21
ComboFix-quarantined-files.txt 2008-06-22 19:24:18

Pre-Run: 197,927,776,256 tavua vapaana
Post-Run: 197,986,136,064 tavua vapaana

249 --- E O F --- 2008-06-20 22:17:02

--------------------------------------

HIJACKTHIS LOG

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:26:33, on 22.6.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\PnkBstrA.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WhatPulse] C:\Program Files\WhatPulse\WhatPulse.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Paikallinen palve')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Verkkopalve')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour-palvelu (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod-palvelu (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Unknown owner - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

--
End of file - 6108 bytes

Hujo · Jun 22, 2008

Escan
Ohjeet tuolla sivulla.
http://koti.mbnet.fi/pattaya1/escanmwav.htm
lataa tuosta
http://www.spywareinfo.dk/download/mwav.exe
päivitä tuosta
http://koti.mbnet.fi/pattaya1/lataus/Mwav.bat
laita täpit merkkauksien mukaan
http://koti.mbnet.fi/pattaya1/eScan6.jpg

scannaa

jos ala luukkuun tulee jotain niin kopioi se näin:
Käytä komentoa Ctrl+A.
Kopioi rivit komennolla Ctrl+C.
Liitä rivit komennolla Ctrl+V.

Laita virus log tänne.

Log in or Sign up

Netti rikki? Mato? Virus? Apuja :(?

spladder Member

Hujo Guest

spladder Member

Hujo Guest

spladder Member

Hujo Guest

Share This Page

Log in or Sign up

Netti rikki? Mato? Virus? Apuja :(?

spladder Member

Hujo Guest

spladder Member

Hujo Guest

spladder Member

Hujo Guest

Share This Page

Useful Searches