Trojan.lop_com - HJT Logi

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:11:33, on 17.10.2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18241)
Boot mode: Normal

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\PnkBstrA.exe
C:\Windows\system32\PnkBstrB.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Winamp\winampa.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\schtasks.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Windows\system32\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\iPod\bin\iPodService.exe
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\hp\kbd\kbd.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Opera\opera.exe
C:\Windows\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FI_FI&c=74&bd=Pavilion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FI_FI&c=74&bd=Pavilion&pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe /RegAll
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe /boot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SlowSite] "C:\ProgramData\DateRoamRoam.xwpicj5"
O4 - HKCU\..\Run: [dog about manager team] "C:\ProgramData\Less more bold.wmz0iqi"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Topi\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Verkkopalvelu')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O9 - Extra button: Lisää tämä blogiin - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Lisää tämä blogiin tuotteessa Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype add-on - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour-palvelu (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Update Service (gupdate1c9b53c20e0d300) (gupdate1c9b53c20e0d300) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-palvelu (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--
End of file - 15342 bytes

 

Kyllähän tuo lopilta näyttää ???

Jaksaako sun koneesi pyörittää tuon koko-ohjelmakuorman ???

------------------------------------------------------------------------------

Mene Windowsin ControlPaneliin (Ohjauspaneli) ja sieltä Lisää / Poista sovellus
Vistassa Ohjelmat ja toiminnot
Etsi ja poista ohjelma jonka nimessä on:

Ask Toolbar

----------------------------------------------------------------------------

Toimenpiteet Vistassa suoritetaan Järjestelmänvalvojana
(tarkista älä oleta)
Kun käynnistät Ehdotetun ohjelman = tee se hiiren oikealla napilla
ja valitset Suorita Järjestelmänvalvojana

**************************************************

b]On suositeltavaa ottaa virustorjunnan reaaliaikainen tarkistus pois päältä ettei se häiritse Lop S&D:n toimintaa; voit laittaa sen takaisin päälle tarkistuksen jälkeen[/b]

Lataa Lop S&D TÄÄLTÄ

Tuplaklikkaa Lop S&D.exeä
Valitse Suomi kieleksi painamalla U ja Enter.
Tämän jälkeen valitse Optio 1 (Etsi) painamalla 1 ja Enter
Odota, kunnes tarkistus on valmis
Loki avautuu muistioon. Lähetä se seuraavassa viestissäsi. Se löytyy myös sijainnista C:\lopR.txt

Poista kansio/t, jos löytyy:
C:\Program Files\AskBarDis\

Lähetä =>
C:\lopR.txt
Uusi HJT logi
.

 

Eka lopR

-------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft® Windows Vista™ Home Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 4400+ )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Topi ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:290 Go (Free:74 Go)
D:\ (Local Disk) - NTFS - Total:7 Go (Free:1 Go)
E:\ (CD or DVD) - CDFS - Total:4 Go (Free:0 Go)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (CD or DVD)
K:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( la 17.10.2009|16:49 )

[ UAC => 1 ]

--------------------\\ Listaa hakemistoja sijainnissa Local

[28.11.2008|17:59] C:\Users\Topi\AppData\Local\Activision
[06.12.2007|18:26] C:\Users\Topi\AppData\Local\Adobe
[29.09.2008|17:47] C:\Users\Topi\AppData\Local\Apple
[30.10.2008|20:40] C:\Users\Topi\AppData\Local\Apple Computer
[30.11.2007|20:28] C:\Users\Topi\AppData\Local\Application Data
[11.09.2009|21:05] C:\Users\Topi\AppData\Local\ApplicationHistory
[12.12.2008|18:44] C:\Users\Topi\AppData\Local\Comodo
[26.09.2009|23:49] C:\Users\Topi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[07.05.2008|16:48] C:\Users\Topi\AppData\Local\DNA
[03.08.2009|13:42] C:\Users\Topi\AppData\Local\Downloaded Installations
[12.08.2009|18:47] C:\Users\Topi\AppData\Local\Fallout3
[29.09.2008|17:38] C:\Users\Topi\AppData\Local\Flock
[16.09.2008|15:44] C:\Users\Topi\AppData\Local\fusioncache.dat
[25.01.2009|22:01] C:\Users\Topi\AppData\Local\gctmp
[28.08.2009|18:55] C:\Users\Topi\AppData\Local\GDIPFONTCACHEV1.DAT
[13.02.2009|18:02] C:\Users\Topi\AppData\Local\Google
[17.10.2009|01:57] C:\Users\Topi\AppData\Local\IconCache.db
[10.10.2008|20:51] C:\Users\Topi\AppData\Local\Logitech-LS
[10.08.2009|19:55] C:\Users\Topi\AppData\Local\Microsoft
[21.08.2009|22:05] C:\Users\Topi\AppData\Local\Microsoft Games
[28.12.2008|22:32] C:\Users\Topi\AppData\Local\Midway
[29.09.2008|17:56] C:\Users\Topi\AppData\Local\Mozilla
[20.07.2008|17:12] C:\Users\Topi\AppData\Local\My Games
[09.10.2009|16:54] C:\Users\Topi\AppData\Local\Oblivion
[07.08.2008|11:56] C:\Users\Topi\AppData\Local\Opera
[12.09.2009|00:54] C:\Users\Topi\AppData\Local\PMB Files
[30.11.2007|20:28] C:\Users\Topi\AppData\Local\Sivuhistoria
[17.10.2009|16:47] C:\Users\Topi\AppData\Local\Temp
[30.11.2007|20:28] C:\Users\Topi\AppData\Local\Temporary Internet Files
[11.09.2009|20:04] C:\Users\Topi\AppData\Local\Turbine
[05.12.2008|23:23] C:\Users\Topi\AppData\Local\vdownloader
[03.12.2007|16:49] C:\Users\Topi\AppData\Local\VirtualStore
[25.01.2009|21:27] C:\Users\Topi\AppData\Local\Xenocode
[4|tiedosto(a)] C:\Users\Topi\AppData\Local\tavua
[31|kansio(ta)] C:\Users\Topi\AppData\Local\tavua vapaana

--------------------\\ Ajoitetut tehtävät sijaitsee C:\Windows\Tasks

[16.10.2009 18:21][--a------] C:\Windows\tasks\Norton Security Scan for Topi.job
[17.10.2009 16:06][--a------] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-645257219-2166700425-1697413735-1000UA.job
[17.10.2009 16:06][--a------] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-645257219-2166700425-1697413735-1000Core.job
[17.10.2009 16:33][--a------] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[17.10.2009 11:57][--a------] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[17.10.2009 11:57][--ah-----] C:\Windows\tasks\SA.DAT
[17.10.2009 01:58][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Listaa hakemistoja sijainnissa C:\ProgramData

[17.02.2009|17:21] C:\ProgramData\_comodo_
[10.09.2009|17:20] C:\ProgramData\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[06.08.2009|00:25] C:\ProgramData\{7B6BA59A-FB0E-4499-8536-A7420338BF3B}
[22.08.2009|17:13] C:\ProgramData\Adobe
[25.09.2009|20:56] C:\ProgramData\Age of Empires 3
[29.09.2008|17:47] C:\ProgramData\Apple
[10.09.2009|17:19] C:\ProgramData\Apple Computer
[02.11.2006|16:02] C:\ProgramData\Application Data
[06.08.2009|00:20] C:\ProgramData\Avira
[26.08.2008|15:39] C:\ProgramData\AVS4YOU
[17.12.2008|22:07] C:\ProgramData\Azureus
[17.02.2009|18:24] C:\ProgramData\CheckPoint
[01.08.2008|12:35] C:\ProgramData\DateRoamRoam.3dfy0b
[01.08.2008|14:02] C:\ProgramData\DateRoamRoam.8t6cm
[01.08.2008|13:40] C:\ProgramData\DateRoamRoam.9arrpce
[23.07.2008|20:08] C:\ProgramData\DateRoamRoam.bac45r
[09.06.2008|10:45] C:\ProgramData\DateRoamRoam.c5bpxox
[07.05.2008|14:22] C:\ProgramData\DateRoamRoam.gum3dz8
[01.08.2008|14:24] C:\ProgramData\DateRoamRoam.i5msz
[01.08.2008|13:18] C:\ProgramData\DateRoamRoam.jl9ysw
[01.08.2008|11:29] C:\ProgramData\DateRoamRoam.km1br
[01.08.2008|12:56] C:\ProgramData\DateRoamRoam.liv5r
[29.03.2008|19:38] C:\ProgramData\DateRoamRoam.nkfqy3z
[01.08.2008|11:07] C:\ProgramData\DateRoamRoam.rm70r
[01.08.2008|11:51] C:\ProgramData\DateRoamRoam.s7ff9cw
[01.08.2008|14:46] C:\ProgramData\DateRoamRoam.sdpwso7
[01.08.2008|12:13] C:\ProgramData\DateRoamRoam.xcfdbdj
[01.08.2008|15:07] C:\ProgramData\DateRoamRoam.xwpicj5
[23.07.2008|20:08] C:\ProgramData\DateRoamRoam.z4eeg
[02.11.2006|16:02] C:\ProgramData\Desktop
[02.11.2006|16:02] C:\ProgramData\Documents
[29.08.2008|17:22] C:\ProgramData\Drv Audio Dog About
[02.11.2006|16:02] C:\ProgramData\Favorites
[07.11.2008|17:25] C:\ProgramData\F-Secure
[31.05.2009|23:10] C:\ProgramData\GameTap Web Player
[22.07.2009|01:53] C:\ProgramData\Google
[14.02.2009|14:56] C:\ProgramData\Google Updater
[17.09.2007|16:52] C:\ProgramData\Hewlett-Packard
[17.09.2007|16:14] C:\ProgramData\HP
[17.09.2007|16:15] C:\ProgramData\hpzinstall.log
[15.06.2008|02:07] C:\ProgramData\Installations
[30.11.2007|20:25] C:\ProgramData\K„ynnist„-valikko
[23.07.2008|20:09] C:\ProgramData\Less more bold.wmz0iqi
[08.03.2008|16:36] C:\ProgramData\Lionhead Studios
[30.11.2007|20:25] C:\ProgramData\Mallit
[10.10.2009|23:21] C:\ProgramData\Malwarebytes
[18.02.2009|16:47] C:\ProgramData\Microsoft
[17.09.2007|16:22] C:\ProgramData\muvee Technologies
[15.06.2008|02:15] C:\ProgramData\Nokia
[13.09.2009|18:02] C:\ProgramData\Norton
[03.08.2009|13:35] C:\ProgramData\NortonInstaller
[17.09.2007|16:13] C:\ProgramData\NVIDIA
[19.02.2008|19:22] C:\ProgramData\PC Suite
[10.10.2009|22:12] C:\ProgramData\PC Tools
[17.09.2007|16:28] C:\ProgramData\PC-Doctor
[30.12.2008|23:16] C:\ProgramData\pixelStorm
[11.09.2009|21:04] C:\ProgramData\PMB Files
[27.11.2008|21:42] C:\ProgramData\Roxio
[07.08.2009|14:42] C:\ProgramData\Simply Super Software
[06.11.2008|20:00] C:\ProgramData\Skype
[20.12.2007|22:52] C:\ProgramData\Sonic
[10.10.2009|22:08] C:\ProgramData\Spybot - Search & Destroy
[02.11.2006|16:02] C:\ProgramData\Start Menu
[30.11.2007|20:25] C:\ProgramData\Suosikit
[13.09.2009|18:01] C:\ProgramData\Symantec
[17.10.2009|12:14] C:\ProgramData\TEMP
[02.11.2006|16:02] C:\ProgramData\Templates
[30.11.2007|20:25] C:\ProgramData\Tiedostot
[30.11.2007|20:25] C:\ProgramData\Ty”p”yt„
[05.11.2008|22:27] C:\ProgramData\Wait Axis More
[28.08.2008|17:01] C:\ProgramData\WindowsSearch
[16.03.2008|20:25] C:\ProgramData\WLInstaller
[22.11.2008|00:36] C:\ProgramData\Yahoo! Companion
[19|tiedosto(a)] C:\ProgramData\tavua
[56|kansio(ta)] C:\ProgramData\tavua vapaana

--------------------\\ Listaa hakemistoja sijainnissa C:\Program Files

[22.07.2009|08:36] C:\Program Files\7-Zip
[04.01.2009|16:30] C:\Program Files\Activision
[22.08.2009|17:13] C:\Program Files\Adobe
[22.06.2009|23:52] C:\Program Files\Alwil Software
[27.10.2008|21:55] C:\Program Files\Apple Software Update
[22.07.2009|01:51] C:\Program Files\Areena 5
[07.11.2008|17:25] C:\Program Files\AVG
[06.08.2009|00:20] C:\Program Files\Avira
[26.08.2008|15:41] C:\Program Files\AVS4YOU
[09.10.2009|16:41] C:\Program Files\Bethesda Softworks
[01.03.2009|14:50] C:\Program Files\bin
[02.08.2009|23:17] C:\Program Files\BitTorrent
[01.01.2009|17:42] C:\Program Files\Bonjour
[28.12.2008|02:12] C:\Program Files\CCleaner
[10.10.2009|22:12] C:\Program Files\Common Files
[17.02.2009|18:08] C:\Program Files\COMODO
[13.11.2008|23:09] C:\Program Files\Counter-Strike 1.6 V35
[01.10.2008|18:48] C:\Program Files\Creative
[22.11.2008|00:36] C:\Program Files\DAEMON Tools Lite
[22.11.2008|00:36] C:\Program Files\DAEMON Tools Toolbar
[15.06.2009|13:48] C:\Program Files\Deluxe Ski Jump 3
[19.02.2008|19:17] C:\Program Files\DIFX
[04.01.2009|00:35] C:\Program Files\DivX
[07.05.2008|16:48] C:\Program Files\DNA
[15.06.2009|01:28] C:\Program Files\EA GAMES
[08.10.2009|20:07] C:\Program Files\Electronic Arts
[19.07.2008|17:48] C:\Program Files\Firaxis Games
[29.09.2008|17:38] C:\Program Files\Flock
[07.11.2008|19:56] C:\Program Files\F-Secure
[15.06.2009|13:48] C:\Program Files\Game Cam V2
[09.11.2008|20:44] C:\Program Files\GameSpy Arcade
[31.05.2009|23:09] C:\Program Files\GameTap Web Player
[28.08.2009|18:57] C:\Program Files\garrysmod
[13.10.2008|18:27] C:\Program Files\Gimp-2.0
[22.07.2009|08:36] C:\Program Files\Google
[17.09.2007|16:29] C:\Program Files\Hewlett-Packard
[01.03.2009|15:15] C:\Program Files\hl2
[29.08.2009|00:03] C:\Program Files\HP
[09.10.2009|16:08] C:\Program Files\InstallShield Installation Information
[27.10.2008|21:36] C:\Program Files\Internet Explorer
[10.09.2009|17:40] C:\Program Files\iPhone Configuration Utility
[10.09.2009|17:19] C:\Program Files\iPod
[10.09.2009|17:20] C:\Program Files\iTunes
[11.10.2008|17:41] C:\Program Files\Java
[15.08.2009|22:33] C:\Program Files\LimeWire
[08.03.2008|16:36] C:\Program Files\Lionhead Studios Ltd
[10.10.2008|20:43] C:\Program Files\Logitech
[10.10.2009|23:21] C:\Program Files\Malwarebytes' Anti-Malware
[16.01.2009|23:47] C:\Program Files\Microsoft
[03.12.2007|14:34] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[24.09.2009|19:41] C:\Program Files\Microsoft Games
[12.08.2009|18:39] C:\Program Files\Microsoft Games for Windows - LIVE
[17.09.2007|16:25] C:\Program Files\Microsoft Office
[04.10.2009|11:48] C:\Program Files\Microsoft Silverlight
[02.10.2009|20:15] C:\Program Files\Microsoft SQL Server Compact Edition
[16.01.2009|23:48] C:\Program Files\Microsoft Sync Framework
[14.10.2009|22:55] C:\Program Files\Microsoft Works
[08.10.2009|20:26] C:\Program Files\Microsoft WSE
[07.08.2009|21:57] C:\Program Files\Mount&Blade
[18.07.2008|19:46] C:\Program Files\Movie Maker
[08.10.2009|20:35] C:\Program Files\Mozilla Firefox
[29.09.2008|17:55] C:\Program Files\mozilla.org
[02.11.2006|15:37] C:\Program Files\MSBuild
[03.12.2007|14:29] C:\Program Files\MSXML 4.0
[20.09.2009|17:32] C:\Program Files\MTA San Andreas
[17.09.2007|16:22] C:\Program Files\muvee Technologies
[15.06.2008|02:13] C:\Program Files\Nokia
[13.09.2009|18:02] C:\Program Files\Norton Security Scan
[13.09.2009|18:01] C:\Program Files\NortonInstaller
[17.09.2007|16:30] C:\Program Files\Online Services
[25.01.2009|17:12] C:\Program Files\OpenOffice.org 3
[09.09.2009|16:59] C:\Program Files\Opera
[06.09.2009|00:24] C:\Program Files\Pando Networks
[19.02.2008|19:16] C:\Program Files\PC Connectivity Solution
[17.09.2007|16:47] C:\Program Files\PC-Doctor 5 for Windows
[06.12.2007|00:52] C:\Program Files\Pivot Stickfigure Animator
[01.03.2009|14:50] C:\Program Files\platform
[07.12.2008|23:34] C:\Program Files\Project64 1.6
[10.09.2009|17:17] C:\Program Files\QuickTime
[17.09.2007|16:11] C:\Program Files\Realtek
[02.11.2006|15:37] C:\Program Files\Reference Assemblies
[19.09.2009|19:59] C:\Program Files\Rockstar Games
[17.09.2007|16:21] C:\Program Files\Roxio
[10.09.2009|17:34] C:\Program Files\Safari
[10.07.2009|14:55] C:\Program Files\Sierra
[06.11.2008|20:00] C:\Program Files\Skype
[17.09.2009|22:26] C:\Program Files\Spybot - Search & Destroy
[16.10.2009|10:58] C:\Program Files\Spyware Doctor
[17.10.2009|11:58] C:\Program Files\Steam
[07.08.2009|14:36] C:\Program Files\Sygate
[24.09.2009|22:34] C:\Program Files\SystemRequirementsLab
[17.10.2009|16:10] C:\Program Files\Trend Micro
[07.08.2009|14:42] C:\Program Files\Trojan Remover
[02.11.2006|16:01] C:\Program Files\Uninstall Information
[23.11.2008|23:14] C:\Program Files\VALVe
[26.09.2009|22:23] C:\Program Files\VDOWNLOADER
[04.01.2009|01:03] C:\Program Files\VideoLAN
[29.08.2008|17:13] C:\Program Files\Winamp
[18.07.2008|19:46] C:\Program Files\Windows Calendar
[18.07.2008|19:46] C:\Program Files\Windows Collaboration
[18.07.2008|19:46] C:\Program Files\Windows Defender
[18.07.2008|19:46] C:\Program Files\Windows Journal
[02.10.2009|20:17] C:\Program Files\Windows Live
[11.08.2009|13:59] C:\Program Files\Windows Live Safety Center
[16.01.2009|23:46] C:\Program Files\Windows Live SkyDrive
[16.01.2009|23:48] C:\Program Files\Windows Live Toolbar
[15.10.2009|13:59] C:\Program Files\Windows Mail
[14.08.2009|13:25] C:\Program Files\Windows Media Player
[30.11.2007|20:25] C:\Program Files\Windows NT
[18.07.2008|19:46] C:\Program Files\Windows Photo Gallery
[18.07.2008|19:46] C:\Program Files\Windows Sidebar
[21.10.2008|14:58] C:\Program Files\WinRAR
[05.08.2009|20:35] C:\Program Files\VS Revo Group
[22.08.2009|22:01] C:\Program Files\Vuze
[05.11.2008|18:46] C:\Program Files\Yahoo!
[0|tiedosto(a)] C:\Program Files\tavua
[117|kansio(ta)] C:\Program Files\tavua vapaana

--------------------\\ Listaa hakemistoja sijainnissa C:\Program Files\Common Files

[22.08.2009|17:13] C:\Program Files\Common Files\Adobe
[10.09.2009|17:19] C:\Program Files\Common Files\Apple
[26.08.2008|15:38] C:\Program Files\Common Files\AVSMedia
[18.08.2008|18:55] C:\Program Files\Common Files\EasyInfo
[10.10.2008|20:43] C:\Program Files\Common Files\FotoWire
[17.09.2007|16:14] C:\Program Files\Common Files\HP
[25.12.2007|19:00] C:\Program Files\Common Files\InstallShield
[17.09.2007|16:24] C:\Program Files\Common Files\Java
[17.09.2007|16:22] C:\Program Files\Common Files\LightScribe
[17.09.2007|16:22] C:\Program Files\Common Files\LS Getting Started
[28.09.2009|15:57] C:\Program Files\Common Files\Microsoft Games
[18.02.2009|16:46] C:\Program Files\Common Files\microsoft shared
[17.09.2007|16:23] C:\Program Files\Common Files\muvee Technologies
[15.06.2008|02:08] C:\Program Files\Common Files\Nokia
[10.10.2009|22:16] C:\Program Files\Common Files\PC Tools
[19.02.2008|19:18] C:\Program Files\Common Files\PCSuite
[04.01.2009|00:29] C:\Program Files\Common Files\PX Storage Engine
[17.09.2007|16:21] C:\Program Files\Common Files\Roxio Shared
[02.11.2006|14:18] C:\Program Files\Common Files\Services
[06.11.2008|20:00] C:\Program Files\Common Files\Skype
[17.09.2007|16:21] C:\Program Files\Common Files\Sonic Shared
[02.11.2006|14:18] C:\Program Files\Common Files\SpeechEngines
[15.10.2009|14:05] C:\Program Files\Common Files\Steam
[17.09.2007|16:15] C:\Program Files\Common Files\SureThing Shared
[26.09.2008|21:41] C:\Program Files\Common Files\SWF Studio
[16.10.2009|18:00] C:\Program Files\Common Files\Symantec Shared
[18.07.2008|19:46] C:\Program Files\Common Files\System
[16.01.2009|23:31] C:\Program Files\Common Files\Windows Live
[02.12.2007|22:06] C:\Program Files\Common Files\WindowsLiveInstaller
[10.10.2009|22:58] C:\Program Files\Common Files\Wise Installation Wizard
[0|tiedosto(a)] C:\Program Files\Common Files\tavua
[32|kansio(ta)] C:\Program Files\Common Files\tavua vapaana

--------------------\\ Process

( 89 Processes )

... OK !

--------------------\\ Etsii S_Lopilla

C:\ProgramData\DateRoamRoam.8t6cm
C:\ProgramData\DateRoamRoam.i5msz
C:\ProgramData\DateRoamRoam.km1br
C:\ProgramData\DateRoamRoam.liv5r
C:\ProgramData\DateRoamRoam.rm70r
C:\ProgramData\DateRoamRoam.z4eeg
C:\ProgramData\DateRoamRoam.3dfy0b
C:\ProgramData\DateRoamRoam.bac45r
C:\ProgramData\DateRoamRoam.jl9ysw
C:\ProgramData\DateRoamRoam.9arrpce
C:\ProgramData\DateRoamRoam.c5bpxox
C:\ProgramData\DateRoamRoam.gum3dz8
C:\ProgramData\DateRoamRoam.nkfqy3z
C:\ProgramData\DateRoamRoam.s7ff9cw
C:\ProgramData\DateRoamRoam.sdpwso7
C:\ProgramData\DateRoamRoam.xcfdbdj
C:\ProgramData\DateRoamRoam.xwpicj5
C:\ProgramData\Less more bold.wmz0iqi

--------------------\\ Etsii Lopin tiedostoja ja kansioita

C:\ProgramData\Drv Audio Dog About

--------------------\\ Etsii rekisterikohteita

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SlowSite"="\"C:\\ProgramData\\DateRoamRoam.xwpicj5\""
"dog about manager team"="\"C:\\ProgramData\\Less more bold.wmz0iqi\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

--------------------\\ Tarkistaa Hosts-tiedostoa

Hosts-tiedosto PUHDAS


--------------------\\ Tarkistaa Catchmella onko piilotettuja tiedostoja

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-17 16:50:04
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 18

--------------------\\ Tarkistaa muita infektioita

--------------------\\ Cracks & Keygens ..

C:\Users\Topi\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.crack.ms%2Fcracks%2Ffavicon.ico
C:\Users\Topi\AppData\Local\Opera\Opera\icons\www.crack.ms.idx
C:\Users\Topi\AppData\Roaming\Azureus\torrents\GTA_San_Andreas_full_game_pc___with_crack__.3649668.TPB.torrent
C:\Users\Topi\AppData\Roaming\BitTorrent\AOE III Inc Warchiefs Asian Dynasties and Cracks[h33t][mattlb0619].torrent
C:\Users\Topi\Desktop\AOE III Inc Warchiefs Asian Dynasties and Cracks[h33t][mattlb0619]
C:\Users\Topi\Desktop\AOE III Inc Warchiefs Asian Dynasties and Cracks[h33t][mattlb0619]\AoE III Images
C:\Users\Topi\Desktop\AOE III Inc Warchiefs Asian Dynasties and Cracks[h33t][mattlb0619]\Asian Dynasties Expansion Image
C:\Users\Topi\Desktop\AOE III Inc Warchiefs Asian Dynasties and Cracks[h33t][mattlb0619]\Warchiefs Expansion Image
C:\Users\Topi\Desktop\AOE III Inc Warchiefs Asian Dynasties and Cracks[h33t][mattlb0619]\AoE III Images\Crack + Patch
C:\Users\Topi\Desktop\AOE III Inc Warchiefs Asian Dynasties and Cracks[h33t][mattlb0619]\AoE III Images\rld-aoe-cd1.iso
C:\Users\Topi\Desktop\AOE III Inc Warchiefs Asian Dynasties and Cracks[h33t][mattlb0619]\AoE III Images\rld-aoe-cd2.iso
C:\Users\Topi\Desktop\AOE III Inc Warchiefs Asian Dynasties and Cracks[h33t][mattlb0619]\AoE III Images\rld-aoe-cd3.iso
C:\Users\Topi\Desktop\AOE III Inc Warchiefs Asian Dynasties and Cracks[h33t][mattlb0619]\AoE III Images\Crack + Patch\aoe3112english.exe
C:\Users\Topi\Desktop\AOE III Inc Warchiefs Asian Dynasties and Cracks[h33t][mattlb0619]\Asian Dynasties Expansion Image\AOE3_ASIANDYNASTIES.iso
C:\Users\Topi\Desktop\AOE III Inc Warchiefs Asian Dynasties and Cracks[h33t][mattlb0619]\Asian Dynasties Expansion Image\Crack + Patch
C:\Users\Topi\Desktop\AOE III Inc Warchiefs Asian Dynasties and Cracks[h33t][mattlb0619]\Asian Dynasties Expansion Image\Crack + Patch\aoe3y-101a-english.exe
C:\Users\Topi\Desktop\AOE III Inc Warchiefs Asian Dynasties and Cracks[h33t][mattlb0619]\Warchiefs Expansion Image\EMPIRES.iso
C:\Users\Topi\Desktop\SHITLOAD OF SHIT!\Uusi kansio (2)\d3dx9_37\Call.of.Duty.5.WAW-Crack_RELOADED[Up_by_MaZ].zip
C:\Users\Topi\Documents\Azureus Downloads\The Sims 3 - Razor1911 Final MAXSPEED\Crack
C:\Users\Topi\Documents\Azureus Downloads\The Sims 3 - Razor1911 Final MAXSPEED\Crack\TS3.exe
C:\Users\Topi\Documents\Azureus Downloads\The Sims 3 - Razor1911 Final MAXSPEED\Crack\TSLHost.dll
C:\Users\Topi\Documents\Counter-Strike 1.6.Exe\Counter-Strike Souce Crack & CS 1.6 Exe.jpg
C:\Users\Topi\Documents\Downloads\Age_of_Empires_III_inc_Warchiefs__Asian_Dynasties_and_Cracks-Pat.4586949.TPB.torrent
C:\Users\Topi\Documents\Downloads\The Sims 3 - Razor1911 Final MAXSPEED\Crack


[F:96][D:32]-> C:\Users\Topi\AppData\Local\Temp
[F:28][D:1]-> C:\Users\Topi\AppData\Roaming\MICROS~1\Windows\Cookies
[F:772][D:6]-> C:\Users\Topi\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:536][D:42]-> C:\$Recycle.Bin

1 - "C:\Lop SD\LopR_1.txt" - la 17.10.2009|16:59 - Option : [1]

--------------------\\ Tarkistus valmistui 16:59:25
[ UAC => 1 ]

Ja sitten HJT

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:06:26, on 17.10.2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18241)
Boot mode: Normal

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\PnkBstrA.exe
C:\Windows\system32\PnkBstrB.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Winamp\winampa.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\schtasks.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Windows\system32\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\iPod\bin\iPodService.exe
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\hp\kbd\kbd.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FI_FI&c=74&bd=Pavilion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FI_FI&c=74&bd=Pavilion&pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe /RegAll
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe /boot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SlowSite] "C:\ProgramData\DateRoamRoam.xwpicj5"
O4 - HKCU\..\Run: [dog about manager team] "C:\ProgramData\Less more bold.wmz0iqi"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Topi\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Verkkopalvelu')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O9 - Extra button: Lisää tämä blogiin - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Lisää tämä blogiin tuotteessa Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype add-on - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour-palvelu (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Update Service (gupdate1c9b53c20e0d300) (gupdate1c9b53c20e0d300) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-palvelu (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--
End of file - 15234 bytes

 

Käynnistä Lop S&D

Valitse Optio 3 (Korjaa - Hosts) painamalla 3 ja Enter
ÄLÄ sulje ikkunaa korjauksen aikana!
Loki avautuu muistioon. Lähetä se seuraavassa viestissäsi. Se löytyy myös sijainnista C:\lopR.txt

.

 

--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft® Windows Vista™ Home Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 4400+ )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Topi ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:290 Go (Free:74 Go)
D:\ (Local Disk) - NTFS - Total:7 Go (Free:1 Go)
E:\ (CD or DVD) - CDFS - Total:4 Go (Free:0 Go)
J:\ (CD or DVD)
K:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [3] ( la 17.10.2009|21:18 )

[ UAC => 1 ]


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ Korjaa

Poistettu! - C:\ProgramData\DateRoamRoam.8t6cm
Poistettu! - C:\ProgramData\DateRoamRoam.i5msz
Poistettu! - C:\ProgramData\DateRoamRoam.km1br
Poistettu! - C:\ProgramData\DateRoamRoam.liv5r
Poistettu! - C:\ProgramData\DateRoamRoam.rm70r
Poistettu! - C:\ProgramData\DateRoamRoam.z4eeg
Poistettu! - C:\ProgramData\DateRoamRoam.3dfy0b
Poistettu! - C:\ProgramData\DateRoamRoam.bac45r
Poistettu! - C:\ProgramData\DateRoamRoam.jl9ysw
Poistettu! - C:\ProgramData\DateRoamRoam.9arrpce
Poistettu! - C:\ProgramData\DateRoamRoam.c5bpxox
Poistettu! - C:\ProgramData\DateRoamRoam.gum3dz8
Poistettu! - C:\ProgramData\DateRoamRoam.nkfqy3z
Poistettu! - C:\ProgramData\DateRoamRoam.s7ff9cw
Poistettu! - C:\ProgramData\DateRoamRoam.sdpwso7
Poistettu! - C:\ProgramData\DateRoamRoam.xcfdbdj
Poistettu! - C:\ProgramData\DateRoamRoam.xwpicj5
Poistettu! - C:\ProgramData\Less more bold.wmz0iqi
Poistettu! - C:\ProgramData\Drv Audio Dog About

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listaa hakemistoja sijainnissa Local

[28.11.2008|17:59] C:\Users\Topi\AppData\Local\Activision
[06.12.2007|18:26] C:\Users\Topi\AppData\Local\Adobe
[29.09.2008|17:47] C:\Users\Topi\AppData\Local\Apple
[30.10.2008|20:40] C:\Users\Topi\AppData\Local\Apple Computer
[30.11.2007|20:28] C:\Users\Topi\AppData\Local\Application Data
[11.09.2009|21:05] C:\Users\Topi\AppData\Local\ApplicationHistory
[12.12.2008|18:44] C:\Users\Topi\AppData\Local\Comodo
[26.09.2009|23:49] C:\Users\Topi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[07.05.2008|16:48] C:\Users\Topi\AppData\Local\DNA
[03.08.2009|13:42] C:\Users\Topi\AppData\Local\Downloaded Installations
[12.08.2009|18:47] C:\Users\Topi\AppData\Local\Fallout3
[29.09.2008|17:38] C:\Users\Topi\AppData\Local\Flock
[16.09.2008|15:44] C:\Users\Topi\AppData\Local\fusioncache.dat
[25.01.2009|22:01] C:\Users\Topi\AppData\Local\gctmp
[28.08.2009|18:55] C:\Users\Topi\AppData\Local\GDIPFONTCACHEV1.DAT
[13.02.2009|18:02] C:\Users\Topi\AppData\Local\Google
[17.10.2009|01:57] C:\Users\Topi\AppData\Local\IconCache.db
[10.10.2008|20:51] C:\Users\Topi\AppData\Local\Logitech-LS
[17.10.2009|19:13] C:\Users\Topi\AppData\Local\Microsoft
[21.08.2009|22:05] C:\Users\Topi\AppData\Local\Microsoft Games
[28.12.2008|22:32] C:\Users\Topi\AppData\Local\Midway
[29.09.2008|17:56] C:\Users\Topi\AppData\Local\Mozilla
[20.07.2008|17:12] C:\Users\Topi\AppData\Local\My Games
[09.10.2009|16:54] C:\Users\Topi\AppData\Local\Oblivion
[07.08.2008|11:56] C:\Users\Topi\AppData\Local\Opera
[12.09.2009|00:54] C:\Users\Topi\AppData\Local\PMB Files
[30.11.2007|20:28] C:\Users\Topi\AppData\Local\Sivuhistoria
[17.10.2009|21:18] C:\Users\Topi\AppData\Local\Temp
[30.11.2007|20:28] C:\Users\Topi\AppData\Local\Temporary Internet Files
[11.09.2009|20:04] C:\Users\Topi\AppData\Local\Turbine
[05.12.2008|23:23] C:\Users\Topi\AppData\Local\vdownloader
[03.12.2007|16:49] C:\Users\Topi\AppData\Local\VirtualStore
[25.01.2009|21:27] C:\Users\Topi\AppData\Local\Xenocode
[4|tiedosto(a)] C:\Users\Topi\AppData\Local\tavua
[31|kansio(ta)] C:\Users\Topi\AppData\Local\tavua vapaana

--------------------\\ Ajoitetut tehtävät sijaitsee C:\Windows\Tasks

[16.10.2009 18:21][--a------] C:\Windows\tasks\Norton Security Scan for Topi.job
[17.10.2009 21:06][--a------] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-645257219-2166700425-1697413735-1000UA.job
[17.10.2009 16:06][--a------] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-645257219-2166700425-1697413735-1000Core.job
[17.10.2009 20:33][--a------] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[17.10.2009 18:46][--a------] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[17.10.2009 11:57][--ah-----] C:\Windows\tasks\SA.DAT
[17.10.2009 01:58][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Listaa hakemistoja sijainnissa C:\ProgramData

[17.02.2009|17:21] C:\ProgramData\_comodo_
[10.09.2009|17:20] C:\ProgramData\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[06.08.2009|00:25] C:\ProgramData\{7B6BA59A-FB0E-4499-8536-A7420338BF3B}
[22.08.2009|17:13] C:\ProgramData\Adobe
[25.09.2009|20:56] C:\ProgramData\Age of Empires 3
[29.09.2008|17:47] C:\ProgramData\Apple
[10.09.2009|17:19] C:\ProgramData\Apple Computer
[02.11.2006|16:02] C:\ProgramData\Application Data
[06.08.2009|00:20] C:\ProgramData\Avira
[26.08.2008|15:39] C:\ProgramData\AVS4YOU
[17.12.2008|22:07] C:\ProgramData\Azureus
[17.02.2009|18:24] C:\ProgramData\CheckPoint
[02.11.2006|16:02] C:\ProgramData\Desktop
[02.11.2006|16:02] C:\ProgramData\Documents
[02.11.2006|16:02] C:\ProgramData\Favorites
[07.11.2008|17:25] C:\ProgramData\F-Secure
[31.05.2009|23:10] C:\ProgramData\GameTap Web Player
[22.07.2009|01:53] C:\ProgramData\Google
[14.02.2009|14:56] C:\ProgramData\Google Updater
[17.09.2007|16:52] C:\ProgramData\Hewlett-Packard
[17.09.2007|16:14] C:\ProgramData\HP
[17.09.2007|16:15] C:\ProgramData\hpzinstall.log
[15.06.2008|02:07] C:\ProgramData\Installations
[30.11.2007|20:25] C:\ProgramData\K„ynnist„-valikko
[08.03.2008|16:36] C:\ProgramData\Lionhead Studios
[30.11.2007|20:25] C:\ProgramData\Mallit
[10.10.2009|23:21] C:\ProgramData\Malwarebytes
[18.02.2009|16:47] C:\ProgramData\Microsoft
[17.09.2007|16:22] C:\ProgramData\muvee Technologies
[15.06.2008|02:15] C:\ProgramData\Nokia
[13.09.2009|18:02] C:\ProgramData\Norton
[03.08.2009|13:35] C:\ProgramData\NortonInstaller
[17.09.2007|16:13] C:\ProgramData\NVIDIA
[19.02.2008|19:22] C:\ProgramData\PC Suite
[10.10.2009|22:12] C:\ProgramData\PC Tools
[17.09.2007|16:28] C:\ProgramData\PC-Doctor
[30.12.2008|23:16] C:\ProgramData\pixelStorm
[11.09.2009|21:04] C:\ProgramData\PMB Files
[27.11.2008|21:42] C:\ProgramData\Roxio
[07.08.2009|14:42] C:\ProgramData\Simply Super Software
[06.11.2008|20:00] C:\ProgramData\Skype
[20.12.2007|22:52] C:\ProgramData\Sonic
[10.10.2009|22:08] C:\ProgramData\Spybot - Search & Destroy
[02.11.2006|16:02] C:\ProgramData\Start Menu
[30.11.2007|20:25] C:\ProgramData\Suosikit
[13.09.2009|18:01] C:\ProgramData\Symantec
[17.10.2009|18:16] C:\ProgramData\TEMP
[02.11.2006|16:02] C:\ProgramData\Templates
[30.11.2007|20:25] C:\ProgramData\Tiedostot
[30.11.2007|20:25] C:\ProgramData\Ty”p”yt„
[05.11.2008|22:27] C:\ProgramData\Wait Axis More
[28.08.2008|17:01] C:\ProgramData\WindowsSearch
[16.03.2008|20:25] C:\ProgramData\WLInstaller
[22.11.2008|00:36] C:\ProgramData\Yahoo! Companion
[1|tiedosto(a)] C:\ProgramData\tavua
[55|kansio(ta)] C:\ProgramData\tavua vapaana

--------------------\\ Listaa hakemistoja sijainnissa C:\Program Files

[22.07.2009|08:36] C:\Program Files\7-Zip
[04.01.2009|16:30] C:\Program Files\Activision
[22.08.2009|17:13] C:\Program Files\Adobe
[22.06.2009|23:52] C:\Program Files\Alwil Software
[27.10.2008|21:55] C:\Program Files\Apple Software Update
[22.07.2009|01:51] C:\Program Files\Areena 5
[07.11.2008|17:25] C:\Program Files\AVG
[06.08.2009|00:20] C:\Program Files\Avira
[26.08.2008|15:41] C:\Program Files\AVS4YOU
[09.10.2009|16:41] C:\Program Files\Bethesda Softworks
[01.03.2009|14:50] C:\Program Files\bin
[02.08.2009|23:17] C:\Program Files\BitTorrent
[01.01.2009|17:42] C:\Program Files\Bonjour
[28.12.2008|02:12] C:\Program Files\CCleaner
[10.10.2009|22:12] C:\Program Files\Common Files
[17.02.2009|18:08] C:\Program Files\COMODO
[13.11.2008|23:09] C:\Program Files\Counter-Strike 1.6 V35
[01.10.2008|18:48] C:\Program Files\Creative
[22.11.2008|00:36] C:\Program Files\DAEMON Tools Lite
[22.11.2008|00:36] C:\Program Files\DAEMON Tools Toolbar
[15.06.2009|13:48] C:\Program Files\Deluxe Ski Jump 3
[19.02.2008|19:17] C:\Program Files\DIFX
[04.01.2009|00:35] C:\Program Files\DivX
[07.05.2008|16:48] C:\Program Files\DNA
[15.06.2009|01:28] C:\Program Files\EA GAMES
[08.10.2009|20:07] C:\Program Files\Electronic Arts
[19.07.2008|17:48] C:\Program Files\Firaxis Games
[29.09.2008|17:38] C:\Program Files\Flock
[07.11.2008|19:56] C:\Program Files\F-Secure
[15.06.2009|13:48] C:\Program Files\Game Cam V2
[09.11.2008|20:44] C:\Program Files\GameSpy Arcade
[31.05.2009|23:09] C:\Program Files\GameTap Web Player
[28.08.2009|18:57] C:\Program Files\garrysmod
[13.10.2008|18:27] C:\Program Files\Gimp-2.0
[22.07.2009|08:36] C:\Program Files\Google
[17.09.2007|16:29] C:\Program Files\Hewlett-Packard
[01.03.2009|15:15] C:\Program Files\hl2
[29.08.2009|00:03] C:\Program Files\HP
[09.10.2009|16:08] C:\Program Files\InstallShield Installation Information
[27.10.2008|21:36] C:\Program Files\Internet Explorer
[10.09.2009|17:40] C:\Program Files\iPhone Configuration Utility
[10.09.2009|17:19] C:\Program Files\iPod
[10.09.2009|17:20] C:\Program Files\iTunes
[11.10.2008|17:41] C:\Program Files\Java
[15.08.2009|22:33] C:\Program Files\LimeWire
[08.03.2008|16:36] C:\Program Files\Lionhead Studios Ltd
[10.10.2008|20:43] C:\Program Files\Logitech
[10.10.2009|23:21] C:\Program Files\Malwarebytes' Anti-Malware
[16.01.2009|23:47] C:\Program Files\Microsoft
[03.12.2007|14:34] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[24.09.2009|19:41] C:\Program Files\Microsoft Games
[12.08.2009|18:39] C:\Program Files\Microsoft Games for Windows - LIVE
[17.09.2007|16:25] C:\Program Files\Microsoft Office
[04.10.2009|11:48] C:\Program Files\Microsoft Silverlight
[02.10.2009|20:15] C:\Program Files\Microsoft SQL Server Compact Edition
[16.01.2009|23:48] C:\Program Files\Microsoft Sync Framework
[14.10.2009|22:55] C:\Program Files\Microsoft Works
[08.10.2009|20:26] C:\Program Files\Microsoft WSE
[07.08.2009|21:57] C:\Program Files\Mount&Blade
[18.07.2008|19:46] C:\Program Files\Movie Maker
[08.10.2009|20:35] C:\Program Files\Mozilla Firefox
[29.09.2008|17:55] C:\Program Files\mozilla.org
[02.11.2006|15:37] C:\Program Files\MSBuild
[03.12.2007|14:29] C:\Program Files\MSXML 4.0
[20.09.2009|17:32] C:\Program Files\MTA San Andreas
[17.09.2007|16:22] C:\Program Files\muvee Technologies
[15.06.2008|02:13] C:\Program Files\Nokia
[13.09.2009|18:02] C:\Program Files\Norton Security Scan
[13.09.2009|18:01] C:\Program Files\NortonInstaller
[17.09.2007|16:30] C:\Program Files\Online Services
[25.01.2009|17:12] C:\Program Files\OpenOffice.org 3
[09.09.2009|16:59] C:\Program Files\Opera
[06.09.2009|00:24] C:\Program Files\Pando Networks
[19.02.2008|19:16] C:\Program Files\PC Connectivity Solution
[17.09.2007|16:47] C:\Program Files\PC-Doctor 5 for Windows
[06.12.2007|00:52] C:\Program Files\Pivot Stickfigure Animator
[01.03.2009|14:50] C:\Program Files\platform
[07.12.2008|23:34] C:\Program Files\Project64 1.6
[10.09.2009|17:17] C:\Program Files\QuickTime
[17.09.2007|16:11] C:\Program Files\Realtek
[02.11.2006|15:37] C:\Program Files\Reference Assemblies
[19.09.2009|19:59] C:\Program Files\Rockstar Games
[17.09.2007|16:21] C:\Program Files\Roxio
[10.09.2009|17:34] C:\Program Files\Safari
[10.07.2009|14:55] C:\Program Files\Sierra
[06.11.2008|20:00] C:\Program Files\Skype
[17.09.2009|22:26] C:\Program Files\Spybot - Search & Destroy
[16.10.2009|10:58] C:\Program Files\Spyware Doctor
[17.10.2009|11:58] C:\Program Files\Steam
[07.08.2009|14:36] C:\Program Files\Sygate
[24.09.2009|22:34] C:\Program Files\SystemRequirementsLab
[17.10.2009|16:10] C:\Program Files\Trend Micro
[07.08.2009|14:42] C:\Program Files\Trojan Remover
[02.11.2006|16:01] C:\Program Files\Uninstall Information
[23.11.2008|23:14] C:\Program Files\VALVe
[26.09.2009|22:23] C:\Program Files\VDOWNLOADER
[04.01.2009|01:03] C:\Program Files\VideoLAN
[29.08.2008|17:13] C:\Program Files\Winamp
[18.07.2008|19:46] C:\Program Files\Windows Calendar
[18.07.2008|19:46] C:\Program Files\Windows Collaboration
[18.07.2008|19:46] C:\Program Files\Windows Defender
[18.07.2008|19:46] C:\Program Files\Windows Journal
[02.10.2009|20:17] C:\Program Files\Windows Live
[11.08.2009|13:59] C:\Program Files\Windows Live Safety Center
[16.01.2009|23:46] C:\Program Files\Windows Live SkyDrive
[16.01.2009|23:48] C:\Program Files\Windows Live Toolbar
[15.10.2009|13:59] C:\Program Files\Windows Mail
[14.08.2009|13:25] C:\Program Files\Windows Media Player
[30.11.2007|20:25] C:\Program Files\Windows NT
[18.07.2008|19:46] C:\Program Files\Windows Photo Gallery
[18.07.2008|19:46] C:\Program Files\Windows Sidebar
[21.10.2008|14:58] C:\Program Files\WinRAR
[05.08.2009|20:35] C:\Program Files\VS Revo Group
[22.08.2009|22:01] C:\Program Files\Vuze
[05.11.2008|18:46] C:\Program Files\Yahoo!
[0|tiedosto(a)] C:\Program Files\tavua
[117|kansio(ta)] C:\Program Files\tavua vapaana

--------------------\\ Listaa hakemistoja sijainnissa C:\Program Files\Common Files

[22.08.2009|17:13] C:\Program Files\Common Files\Adobe
[10.09.2009|17:19] C:\Program Files\Common Files\Apple
[26.08.2008|15:38] C:\Program Files\Common Files\AVSMedia
[18.08.2008|18:55] C:\Program Files\Common Files\EasyInfo
[10.10.2008|20:43] C:\Program Files\Common Files\FotoWire
[17.09.2007|16:14] C:\Program Files\Common Files\HP
[25.12.2007|19:00] C:\Program Files\Common Files\InstallShield
[17.09.2007|16:24] C:\Program Files\Common Files\Java
[17.09.2007|16:22] C:\Program Files\Common Files\LightScribe
[17.09.2007|16:22] C:\Program Files\Common Files\LS Getting Started
[28.09.2009|15:57] C:\Program Files\Common Files\Microsoft Games
[18.02.2009|16:46] C:\Program Files\Common Files\microsoft shared
[17.09.2007|16:23] C:\Program Files\Common Files\muvee Technologies
[15.06.2008|02:08] C:\Program Files\Common Files\Nokia
[10.10.2009|22:16] C:\Program Files\Common Files\PC Tools
[19.02.2008|19:18] C:\Program Files\Common Files\PCSuite
[04.01.2009|00:29] C:\Program Files\Common Files\PX Storage Engine
[17.09.2007|16:21] C:\Program Files\Common Files\Roxio Shared
[02.11.2006|14:18] C:\Program Files\Common Files\Services
[06.11.2008|20:00] C:\Program Files\Common Files\Skype
[17.09.2007|16:21] C:\Program Files\Common Files\Sonic Shared
[02.11.2006|14:18] C:\Program Files\Common Files\SpeechEngines
[15.10.2009|14:05] C:\Program Files\Common Files\Steam
[17.09.2007|16:15] C:\Program Files\Common Files\SureThing Shared
[26.09.2008|21:41] C:\Program Files\Common Files\SWF Studio
[16.10.2009|18:00] C:\Program Files\Common Files\Symantec Shared
[18.07.2008|19:46] C:\Program Files\Common Files\System
[16.01.2009|23:31] C:\Program Files\Common Files\Windows Live
[02.12.2007|22:06] C:\Program Files\Common Files\WindowsLiveInstaller
[10.10.2009|22:58] C:\Program Files\Common Files\Wise Installation Wizard
[0|tiedosto(a)] C:\Program Files\Common Files\tavua
[32|kansio(ta)] C:\Program Files\Common Files\tavua vapaana

--------------------\\ Process

( 86 Processes )

... OK !

--------------------\\ Etsii S_Lopilla

Lopin kansioita ei löytynyt !

--------------------\\ Etsii Lopin tiedostoja ja kansioita

Lopin kansioita ei löytynyt !

--------------------\\ Etsii rekisterikohteita

..... OK !

--------------------\\ Tarkistaa Hosts-tiedostoa

Hosts-tiedosto PUHDAS


--------------------\\ Tarkistaa Catchmella onko piilotettuja tiedostoja

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-17 21:20:00
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
C:\Users\Topi\AppData\Local\Opera\Opera\cache\opr06C8Q 262 bytes
C:\Users\Topi\AppData\Local\Opera\Opera\vps\0008\adoc.bx-g 8 bytes
C:\Users\Topi\AppData\Local\Opera\Opera\vps\0008\adoc.bx-j 163 bytes
C:\Users\Topi\AppData\Local\Opera\Opera\vps\0008\md.dat-j 13289 bytes
C:\Users\Topi\AppData\Local\Opera\Opera\vps\0008\url.axx-g 8 bytes
C:\Users\Topi\AppData\Local\Opera\Opera\vps\0008\url.axx-j 727 bytes
C:\Users\Topi\AppData\Local\Opera\Opera\vps\0008\w.axx-g 8 bytes
C:\Users\Topi\AppData\Local\Opera\Opera\vps\0008\w.axx-j 44440 bytes
C:\Users\Topi\AppData\Local\Opera\Opera\vps\0008\wb.vx-j 25304 bytes
scan completed successfully
hidden processes: 0
hidden files: 27

--------------------\\ Tarkistaa muita infektioita

--------------------\\ Cracks & Keygens ..

C:\Users\Topi\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.crack.ms%2Fcracks%2Ffavicon.ico
C:\Users\Topi\AppData\Local\Opera\Opera\icons\www.crack.ms.idx
C:\Users\Topi\AppData\Roaming\Azureus\torrents\GTA_San_Andreas_full_game_pc___with_crack__.3649668.TPB.torrent
C:\Users\Topi\AppData\Roaming\BitTorrent\AOE III Inc Warchiefs Asian Dynasties and Cracks[h33t][mattlb0619].torrent
C:\Users\Topi\Desktop\AOE III Inc Warchiefs Asian Dynasties and Cracks[h33t][mattlb0619]
C:\Users\Topi\Desktop\AOE III Inc Warchiefs Asian Dynasties and Cracks[h33t][mattlb0619]\AoE III Images
C:\Users\Topi\Desktop\AOE III Inc Warchiefs Asian Dynasties and Cracks[h33t][mattlb0619]\Asian Dynasties Expansion Image
C:\Users\Topi\Desktop\AOE III Inc Warchiefs Asian Dynasties and Cracks[h33t][mattlb0619]\Warchiefs Expansion Image
C:\Users\Topi\Desktop\AOE III Inc Warchiefs Asian Dynasties and Cracks[h33t][mattlb0619]\AoE III Images\Crack + Patch
C:\Users\Topi\Desktop\AOE III Inc Warchiefs Asian Dynasties and Cracks[h33t][mattlb0619]\AoE III Images\rld-aoe-cd1.iso
C:\Users\Topi\Desktop\AOE III Inc Warchiefs Asian Dynasties and Cracks[h33t][mattlb0619]\AoE III Images\rld-aoe-cd2.iso
C:\Users\Topi\Desktop\AOE III Inc Warchiefs Asian Dynasties and Cracks[h33t][mattlb0619]\AoE III Images\rld-aoe-cd3.iso
C:\Users\Topi\Desktop\AOE III Inc Warchiefs Asian Dynasties and Cracks[h33t][mattlb0619]\AoE III Images\Crack + Patch\aoe3112english.exe
C:\Users\Topi\Desktop\AOE III Inc Warchiefs Asian Dynasties and Cracks[h33t][mattlb0619]\Asian Dynasties Expansion Image\AOE3_ASIANDYNASTIES.iso
C:\Users\Topi\Desktop\AOE III Inc Warchiefs Asian Dynasties and Cracks[h33t][mattlb0619]\Asian Dynasties Expansion Image\Crack + Patch
C:\Users\Topi\Desktop\AOE III Inc Warchiefs Asian Dynasties and Cracks[h33t][mattlb0619]\Asian Dynasties Expansion Image\Crack + Patch\aoe3y-101a-english.exe
C:\Users\Topi\Desktop\AOE III Inc Warchiefs Asian Dynasties and Cracks[h33t][mattlb0619]\Warchiefs Expansion Image\EMPIRES.iso
C:\Users\Topi\Desktop\SHITLOAD OF SHIT!\Uusi kansio (2)\d3dx9_37\Call.of.Duty.5.WAW-Crack_RELOADED[Up_by_MaZ].zip
C:\Users\Topi\Documents\Azureus Downloads\The Sims 3 - Razor1911 Final MAXSPEED\Crack
C:\Users\Topi\Documents\Azureus Downloads\The Sims 3 - Razor1911 Final MAXSPEED\Crack\TS3.exe
C:\Users\Topi\Documents\Azureus Downloads\The Sims 3 - Razor1911 Final MAXSPEED\Crack\TSLHost.dll
C:\Users\Topi\Documents\Counter-Strike 1.6.Exe\Counter-Strike Souce Crack & CS 1.6 Exe.jpg
C:\Users\Topi\Documents\Downloads\Age_of_Empires_III_inc_Warchiefs__Asian_Dynasties_and_Cracks-Pat.4586949.TPB.torrent
C:\Users\Topi\Documents\Downloads\The Sims 3 - Razor1911 Final MAXSPEED\Crack


[F:108][D:33]-> C:\Users\Topi\AppData\Local\Temp
[F:31][D:1]-> C:\Users\Topi\AppData\Roaming\MICROS~1\Windows\Cookies
[F:818][D:6]-> C:\Users\Topi\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:536][D:42]-> C:\$Recycle.Bin

1 - "C:\Lop SD\LopR_1.txt" - la 17.10.2009|16:59 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - la 17.10.2009|21:24 - Option : [3]

--------------------\\ Tarkistus valmistui 21:24:12
[ UAC => 1 ]

 

Lähetä =>
Uusi HJT logi
.

 

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:15:42, on 18.10.2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18241)
Boot mode: Normal

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\PnkBstrA.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Windows\system32\schtasks.exe
C:\Program Files\Winamp\winampa.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Windows\system32\jusched.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\System32\mobsync.exe
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\hp\kbd\kbd.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Opera\opera.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FI_FI&c=74&bd=Pavilion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FI_FI&c=74&bd=Pavilion&pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe /RegAll
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe /boot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Google Update] "C:\Users\Topi\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Verkkopalvelu')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O9 - Extra button: Lisää tämä blogiin - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Lisää tämä blogiin tuotteessa Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype add-on - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour-palvelu (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Update Service (gupdate1c9b53c20e0d300) (gupdate1c9b53c20e0d300) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-palvelu (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--
End of file - 14748 bytes

 

Loppi lähti !!!

Avira AntiVir tai avast! Antivirus pois koneelta.

---------------------------------------------------------------------------

Sammuta selain ja muut ohjelmat Fixin ajaksi. (ei virustorjuntaa)
Käynnistä HijackThis:ja Scan ja ruksaa seuraavat punaisella listatut tiedostot
(HJT sammuttaa ohjelman ei poista)

R3 - URLSearchHook: (no name) - CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter

sekä sammuta ne.(fix Chekked) napista.

Tyhjennä roskakori ja käynnistä koneesi uudelleen.

Poista Lopin kansio =>
C:\QooBox\
C:\NoLopBackups\ tai jotain sinnepäin

*
* Onko ongelmia ???
*