IRC-Galleria

_ad_

_ad_

So long, and thanks for all the fish.

Uusimmat blogimerkinnät

Selaa blogimerkintöjä

Että sellastaTorstai 23.04.2009 22:10

Oli toimintaa sunnutaina ja maanantaina
_ad_

Malwarebytes' Anti-Malware 1.36
Tietokantaversio: 2013
Windows 5.1.2600 Service Pack 2

20.4.2009 22:30:07
mbam-log-2009-04-20 (22-30-07).txt

Tarkistustyyppi: Täysi tarkistus (C:\|)
Tarkistetut kohteet: 163025
Kulunut aika: 2 hour(s), 4 minute(s), 55 second(s)

Saastuneita muistiprosesseja: 2
Saastuneita muistimoduuleja: 1
Saastuneita rekisteriavaimia: 3
Saastuneita rekisteriarvoja: 12
Saastuneita rekisterikohteita: 14
Saastuneita hakemistoja: 1
Saastuneita tiedostoja: 20

Saastuneita muistiprosesseja:
C:\WINDOWS\ctfmon.exe (Trojan.Agent) -> Unloaded process successfully.
C:\WINDOWS\servicelayer.exe (Backdoor.Bot) -> Unloaded process successfully.

Saastuneita muistimoduuleja:
C:\Documents and Settings\Tytti\Local Settings\Temp\wndutl32.dll (Trojan.FakeAlert) -> Delete on reboot.

Saastuneita rekisteriavaimia:
HKEY_CLASSES_ROOT\CLSID\{020487cc-fc04-4b1e-863f-d9801796230b} (Trojan.FakeAlert) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Trymedia Systems (Adware.Trymedia) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Saastuneita rekisteriarvoja:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{020487cc-fc04-4b1e-863f-d9801796230b} (Trojan.FakeAlert) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ctfmon (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices\UpdateWin (Backdoor.Bot) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices\UpdateWin (Backdoor.Bot) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\UpdateWin (Backdoor.Bot) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\UpdateWin (Backdoor.Bot) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\servicelayer (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\UpdateWin (Worm.Sdbot) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\UpdateWin (Worm.Sdbot) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OLE\UpdateWin (Worm.Sdbot) -> Delete on reboot.
HKEY_CURRENT_USER\SYSTEM\CurrentControlSet\Control\Lsa\UpdateWin (Worm.Sdbot) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Userinit (Trojan.Agent) -> Quarantined and deleted successfully.

Saastuneita rekisterikohteita:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools (Hijack.Regedit) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools (Hijack.Regedit) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Hijack.UserInit) -> Bad: (C:\WINDOWS\system32\userinit.exe,C:\Documents and Settings\Tytti\Application Data\ntos.exe,) Good: (userinit.exe) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop\NoChangingWallpaper (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\activedesktop\NoChangingWallpaper (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetActiveDesktop (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetActiveDesktop (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Saastuneita hakemistoja:
C:\Documents and Settings\Tytti\Application Data\wsnpoem (Trojan.Agent) -> Quarantined and deleted successfully.

Saastuneita tiedostoja:
C:\Documents and Settings\Tytti\Local Settings\Temp\wndutl32.dll (Trojan.FakeAlert) -> Delete on reboot.
C:\Documents and Settings\Tytti\Application Data\wsnpoem\audio.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tytti\Application Data\wsnpoem\video.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\ctfmon.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tytti\Local Settings\Temp\6_ldr.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tytti\Local Settings\Temp\60325cahp25ca0.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tytti\Local Settings\Temp\60325cahp25caa.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tytti\Local Settings\Temp\q2.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tytti\Local Settings\Temp\q3.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tytti\Local Settings\Temp\q7.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tytti\Local Settings\Temp\q8.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tytti\Local Settings\Temp\q9.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tytti\Local Settings\Temp\teste1_p.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tytti\Local Settings\Temp\teste2_p.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tytti\Local Settings\Temp\teste3_p.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\advpack.dllz.exe (Backdoor.Bot) -> Delete on reboot.
C:\WINDOWS\servicelayer.exe (Backdoor.Bot) -> Delete on reboot.
C:\Program Files\MsnHandWriting.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tytti\Application Data\config.cfg (Malware.Trace) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tytti\Application Data\~tmp.html (Malware.Trace) -> Quarantined and deleted successfully.

............Lauantai 18.04.2009 17:00

Tänään on todella tylsää. joten jos jollain on tekemisen ideoita niin otetaan vastaan...

KesäSunnuntai 12.04.2009 21:24

Nyt se on alkanu!!
Savusaunassa ja uimassa on käyty
sekä grillikausi on avattu


niinpäTorstai 26.03.2009 20:53

Vaikka taikasauvan ydinaine ei näykään päällepäin, on sen olemassaolo sauvan haltijalle mieltäylentävää.

...Torstai 19.03.2009 22:31

Sitä oikein vapautuu,
kun saapuu monitasoliittymään,
Ja ellei varo,
niin käy lopullisesti

[Ei aihetta]Keskiviikko 18.03.2009 22:37

14,5 tuntia

Työnarkomaanit

jepLauantai 21.02.2009 12:41

ei jumalautaTorstai 19.02.2009 22:13