Jos joku viisas voisi vilkaista...

Sebde · Apr 21, 2007

Eli kone tuppaa sammuilemaan itsestään. Ensin päästää Biipperistä sellaisen diiduudiiduu äänen ja sammuu. Mikähän mahtaa olla ongelmana jos joku voisi valaista olisin kiitollinen.

Logfile of HijackThis v1.99.1
Scan saved at 11:42:04, on 21.4.2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
D:\Stuff\ZoneAlarm\ZoneAlarm\zlclient.exe
D:\Stuff\AVG Anti-Spyware 7.5\avgas.exe
D:\Stuff\AvS\avp.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\WINDOWS\System32\ctfmon.exe
D:\Stuff\AVG Anti-Spyware 7.5\guard.exe
D:\Stuff\AvS\avp.exe
C:\Program Files\Prevx1\PXAgent.exe
C:\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Stuff\Acrobat\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: XBTP06568 - {311F9DE8-6126-4EEE-B15F-65CBB3B4F9F6} - C:\Program Files\AOL Security Toolbar\AOL_security_toolbar.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Stuff\Acrobat\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: AOL Security Toolbar - {3BB63FD4-3C00-44D7-94A9-5DE211900DEF} - C:\Program Files\AOL Security Toolbar\AOL_security_toolbar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Stuff\Acrobat\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ZoneAlarm Client] "D:\Stuff\ZoneAlarm\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "D:\Stuff\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [aol] "D:\Stuff\AvS\avp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll
O20 - Winlogon Notify: !SASWinLogon - D:\Stuff\SuperAntiSpyware\SASWINLO.DLL
O20 - Winlogon Notify: klogon - C:\WINDOWS\System32\klogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - D:\Stuff\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Active Virus Shield (AVP) - AOL - D:\Stuff\AvS\avp.exe
O23 - Service: Prevx Agent (PREVXAgent) - Unknown owner - C:\Program Files\Prevx1\PXAgent.exe" -f (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Auttaja · Apr 21, 2007

1. Lataa combofix.exe työpöydällesi jommastakummasta linkistä:
http://www.techsupportforum.com/sectools/sUBs/ComboFix.exe
http://download.bleepingcomputer.com/sUBs/ComboFix.exe

2. Tuplaklikkaa combofix.exe tiedostoa ja seuraa ohjeistuksia.
3. Kun työkalu on valmis, se tuottaa lokin. (C:\ComboFix.txt) Lähetä tämä loki viesti ketjuusi.
Huom! Älä klikkaile combofixin ikkunaa käytön aikana. Tämä saattaa aiheuttaa ohjelman jumiutumisen.

Sebde · Apr 22, 2007

Tässäpä tämä combofix muistio...

"PeK" - 07-04-22 17:01:08 Service Pack 1
ComboFix 07-04-21.2V - Running from: C:\Documents and Settings\PeK\Ty”p”yt„\

(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

C:\Program Files\download plugin\DlPlugin-Moz\buddy.dat
C:\Program Files\download plugin\DlPlugin-Moz\buddy.uri
C:\Program Files\download plugin\DlPlugin-Moz\vendor.txt
C:\Program Files\download plugin

((((((((((((((((((((((((((((((( Files Created from 2007-03-22 to 2007-04-22 ))))))))))))))))))))))))))))))))))

2007-04-21 11:19 <KANSIO> d-------- C:\WINDOWS\Prefetch
2007-04-21 11:03 <KANSIO> d-------- C:\WINDOWS\ServicePackFiles
2007-04-21 11:03 <KANSIO> d-------- C:\WINDOWS\ehome
2007-04-21 11:00 9,216 --a------ C:\WINDOWS\system32\wuauserv.dll
2007-04-21 11:00 86,528 --a------ C:\WINDOWS\system32\wlnotify.dll
2007-04-21 11:00 86,016 --a------ C:\WINDOWS\system32\xactsrv.dll
2007-04-21 11:00 77,824 --a------ C:\WINDOWS\system32\wmpstub.exe
2007-04-21 11:00 77,824 --a------ C:\WINDOWS\system32\wmpshell.dll
2007-04-21 11:00 61,952 --a------ C:\WINDOWS\system32\webclnt.dll
2007-04-21 11:00 60,928 --a------ C:\WINDOWS\system32\wextract.exe
2007-04-21 11:00 56,832 --a------ C:\WINDOWS\system32\wzcdlg.dll
2007-04-21 11:00 48,640 --a------ C:\WINDOWS\system32\vdmredir.dll
2007-04-21 11:00 48,128 --a------ C:\WINDOWS\system32\winsta.dll
2007-04-21 11:00 479,261 --a------ C:\WINDOWS\system32\vbscript.dll
2007-04-21 11:00 446,464 --a------ C:\WINDOWS\system32\wmvdmoe.dll
2007-04-21 11:00 409,088 --a------ C:\WINDOWS\system32\vssapi.dll
2007-04-21 11:00 38,912 --a------ C:\WINDOWS\system32\wsnmp32.dll
2007-04-21 11:00 311,327 --a------ C:\WINDOWS\system32\wmv8dmod.dll
2007-04-21 11:00 296,448 --a------ C:\WINDOWS\system32\wmstream.dll
2007-04-21 11:00 266,752 --a------ C:\WINDOWS\winhlp32.exe
2007-04-21 11:00 264,704 --a------ C:\WINDOWS\system32\wzcsvc.dll
2007-04-21 11:00 253,952 --a------ C:\WINDOWS\system32\wmpcd.dll
2007-04-21 11:00 23,552 --a------ C:\WINDOWS\system32\wzcsapi.dll
2007-04-21 11:00 2,007,040 --a------ C:\WINDOWS\system32\wmploc.dll
2007-04-21 11:00 17,408 --a------ C:\WINDOWS\system32\wtsapi32.dll
2007-04-21 11:00 169,984 --a------ C:\WINDOWS\system32\winmm.dll
2007-04-21 11:00 168,960 --a------ C:\WINDOWS\system32\wldap32.dll
2007-04-21 11:00 165,376 --a------ C:\WINDOWS\system32\w32time.dll
2007-04-21 11:00 16,384 --a------ C:\WINDOWS\system32\watchdog.sys
2007-04-21 11:00 13,312 --a------ C:\WINDOWS\system32\wship6.dll
2007-04-21 11:00 125,440 --a------ C:\WINDOWS\system32\webvw.dll
2007-04-21 11:00 119,808 --a------ C:\WINDOWS\system32\wiadss.dll
2007-04-21 11:00 118,784 --a------ C:\WINDOWS\system32\wmsdmoe.dll
2007-04-21 11:00 1,404,928 --a------ C:\WINDOWS\system32\wmpui.dll
2007-04-21 10:59 9,856 --------- C:\WINDOWS\system32\drivers\tunmp.sys
2007-04-21 10:59 88,064 --a------ C:\WINDOWS\system32\tscfgwmi.dll
2007-04-21 10:59 87,304 --a------ C:\WINDOWS\system32\rdpdd.dll
2007-04-21 10:59 82,432 --a------ C:\WINDOWS\system32\smlogsvc.exe
2007-04-21 10:59 81,920 --a------ C:\WINDOWS\system32\trkwks.dll
2007-04-21 10:59 8,192 --a------ C:\WINDOWS\system32\scrnsave.scr
2007-04-21 10:59 75,912 --a------ C:\WINDOWS\system32\rdpwsx.dll
2007-04-21 10:59 73,728 --a------ C:\WINDOWS\system32\rtcshare.exe
2007-04-21 10:59 71,680 --a------ C:\WINDOWS\system32\telnet.exe
2007-04-21 10:59 71,680 --a------ C:\WINDOWS\system32\sdbinst.exe
2007-04-21 10:59 70,656 --a------ C:\WINDOWS\system32\storprop.dll
2007-04-21 10:59 671,744 --a------ C:\WINDOWS\system32\ss3dfo.scr
2007-04-21 10:59 66,560 --a------ C:\WINDOWS\system32\spoolss.dll
2007-04-21 10:59 66,560 --a------ C:\WINDOWS\system32\sigverif.exe
2007-04-21 10:59 638,976 --a------ C:\WINDOWS\system32\sstext3d.scr
2007-04-21 10:59 63,488 --a------ C:\WINDOWS\system32\srclient.dll
2007-04-21 10:59 62,976 --a------ C:\WINDOWS\system32\shgina.dll
2007-04-21 10:59 62,464 --a------ C:\WINDOWS\system32\sti.dll
2007-04-21 10:59 60,416 --a------ C:\WINDOWS\system32\shimeng.dll
2007-04-21 10:59 6,144 --a------ C:\WINDOWS\system32\sensapi.dll
2007-04-21 10:59 569,344 --a------ C:\WINDOWS\system32\sspipes.scr
2007-04-21 10:59 56,320 --a------ C:\WINDOWS\system32\remotepg.dll
2007-04-21 10:59 534,016 --a------ C:\WINDOWS\system32\spider.exe
2007-04-21 10:59 52,224 --a------ C:\WINDOWS\system32\secur32.dll
2007-04-21 10:59 5,504 --------- C:\WINDOWS\system32\drivers\smbali.sys
2007-04-21 10:59 49,152 --a------ C:\WINDOWS\system32\reg.exe
2007-04-21 10:59 47,616 --a------ C:\WINDOWS\system32\utilman.exe
2007-04-21 10:59 44,032 --a------ C:\WINDOWS\system32\regapi.dll
2007-04-21 10:59 44,032 --a------ C:\WINDOWS\system32\rdpclip.exe
2007-04-21 10:59 43,008 --a------ C:\WINDOWS\system32\ssdpsrv.dll
2007-04-21 10:59 420,864 --a------ C:\WINDOWS\system32\shimgvw.dll
2007-04-21 10:59 40,960 --a------ C:\WINDOWS\system32\tscupgrd.exe
2007-04-21 10:59 384,000 --a------ C:\WINDOWS\system32\themeui.dll
2007-04-21 10:59 364,544 --a------ C:\WINDOWS\system32\ssflwbox.scr
2007-04-21 10:59 36,352 --a------ C:\WINDOWS\system32\sens.dll
2007-04-21 10:59 339,456 --a------ C:\WINDOWS\system32\usp10.dll
2007-04-21 10:59 336,896 --a------ C:\WINDOWS\system32\smlogcfg.dll
2007-04-21 10:59 33,280 --a------ C:\WINDOWS\system32\shmgrate.exe
2007-04-21 10:59 32,768 --a------ C:\WINDOWS\system32\umandlg.dll
2007-04-21 10:59 302,080 --a------ C:\WINDOWS\system32\scesrv.dll
2007-04-21 10:59 3,340 --a------ C:\WINDOWS\system32\redir.exe
2007-04-21 10:59 27,136 --a------ C:\WINDOWS\system32\ssdpapi.dll
2007-04-21 10:59 251,904 --a------ C:\WINDOWS\system32\strmdll.dll
2007-04-21 10:59 24,064 --a------ C:\WINDOWS\system32\skeys.exe
2007-04-21 10:59 233,984 --a------ C:\WINDOWS\system32\tapisrv.dll
2007-04-21 10:59 231,424 --a------ C:\WINDOWS\system32\upnpui.dll
2007-04-21 10:59 22,528 --a------ C:\WINDOWS\system32\slayerxp.dll
2007-04-21 10:59 22,528 --a------ C:\WINDOWS\system32\shfolder.dll
2007-04-21 10:59 22,016 --a------ C:\WINDOWS\system32\udhisapi.dll
2007-04-21 10:59 203,264 --a------ C:\WINDOWS\system32\uxtheme.dll
2007-04-21 10:59 200,192 --a------ C:\WINDOWS\system32\termsrv.dll
2007-04-21 10:59 20,992 --a------ C:\WINDOWS\system32\setup.exe
2007-04-21 10:59 19,456 --a------ C:\WINDOWS\system32\ssmarque.scr
2007-04-21 10:59 18,944 --a------ C:\WINDOWS\system32\ssbezier.scr
2007-04-21 10:59 177,152 --a------ C:\WINDOWS\system32\scecli.dll
2007-04-21 10:59 171,008 --a------ C:\WINDOWS\system32\sccsccp.dll
2007-04-21 10:59 17,408 --a------ C:\WINDOWS\system32\ssmyst.scr
2007-04-21 10:59 169,984 --a------ C:\WINDOWS\system32\sccbase.dll
2007-04-21 10:59 165,376 --a------ C:\WINDOWS\system32\tapi32.dll
2007-04-21 10:59 164,864 --a------ C:\WINDOWS\system32\upnphost.dll
2007-04-21 10:59 16,896 --a------ C:\WINDOWS\system32\snmpapi.dll
2007-04-21 10:59 16,384 --a------ C:\WINDOWS\system32\ups.exe
2007-04-21 10:59 158,720 --a------ C:\WINDOWS\system32\srsvc.dll
2007-04-21 10:59 14,848 --a------ C:\WINDOWS\system32\rdpsnd.dll
2007-04-21 10:59 135,680 --a------ C:\WINDOWS\system32\rdchost.dll
2007-04-21 10:59 134,656 --a------ C:\WINDOWS\regedit.exe
2007-04-21 10:59 133,632 --a------ C:\WINDOWS\system32\rsaenh.dll
2007-04-21 10:59 133,120 --a------ C:\WINDOWS\system32\sfc_os.dll
2007-04-21 10:59 131,072 --a------ C:\WINDOWS\system32\taskmgr.exe
2007-04-21 10:59 130,560 --a------ C:\WINDOWS\system32\sti_ci.dll
2007-04-21 10:59 13,312 --a------ C:\WINDOWS\system32\ssstars.scr
2007-04-21 10:59 120,320 --a------ C:\WINDOWS\system32\upnp.dll
2007-04-21 10:59 12,800 --a------ C:\WINDOWS\system32\runonce.exe
2007-04-21 10:59 12,288 --a------ C:\WINDOWS\system32\rdsaddin.exe
2007-04-21 10:59 117,760 --a------ C:\WINDOWS\system32\stobject.dll
2007-04-21 10:59 11,776 --a------ C:\WINDOWS\system32\sigtab.dll
2007-04-21 10:59 11,264 --a------ C:\WINDOWS\system32\tracert.exe
2007-04-21 10:59 107,520 --a------ C:\WINDOWS\system32\umpnpmgr.dll
2007-04-21 10:59 1,145,856 --a------ C:\WINDOWS\system32\sfcfiles.dll
2007-04-21 10:58 98,816 --a------ C:\WINDOWS\system32\oleprn.dll
2007-04-21 10:58 95,744 --a------ C:\WINDOWS\system32\nlhtml.dll
2007-04-21 10:58 91,648 --a------ C:\WINDOWS\system32\rastls.dll
2007-04-21 10:58 891,711 --------- C:\WINDOWS\system32\drivers\nv4_mini.sys
2007-04-21 10:58 83,456 --a------ C:\WINDOWS\system32\psbase.dll
2007-04-21 10:58 686,080 --a------ C:\WINDOWS\system32\opengl32.dll
2007-04-21 10:58 63,663 --------- C:\WINDOWS\system32\drivers\atinrvxx.sys
2007-04-21 10:58 61,440 --a------ C:\WINDOWS\system32\odbccu32.dll
2007-04-21 10:58 61,440 --a------ C:\WINDOWS\system32\odbccr32.dll
2007-04-21 10:58 6,912 --------- C:\WINDOWS\system32\drivers\hidir.sys
2007-04-21 10:58 59,904 --a------ C:\WINDOWS\system32\pautoenr.dll
2007-04-21 10:58 57,856 --a------ C:\WINDOWS\system32\raschap.dll
2007-04-21 10:58 56,591 --------- C:\WINDOWS\system32\drivers\atinbtxx.sys
2007-04-21 10:58 53,248 --a------ C:\WINDOWS\system32\packager.exe
2007-04-21 10:58 53,248 --a------ C:\WINDOWS\system32\odbcconf.exe
2007-04-21 10:58 5,120 --------- C:\WINDOWS\system32\hccoin.dll
2007-04-21 10:58 49,152 --a------ C:\WINDOWS\system32\npptools.dll
2007-04-21 10:58 403,456 --------- C:\WINDOWS\system32\winbrand.dll
2007-04-21 10:58 394,240 --a------ C:\WINDOWS\system32\ntmssvc.dll
2007-04-21 10:58 38,400 --a------ C:\WINDOWS\system32\ntmsapi.dll
2007-04-21 10:58 38,400 --a------ C:\WINDOWS\system32\ntlanman.dll
2007-04-21 10:58 36,463 --------- C:\WINDOWS\system32\drivers\atintuxx.sys
2007-04-21 10:58 34,735 --------- C:\WINDOWS\system32\drivers\atinxsxx.sys
2007-04-21 10:58 34,304 --a------ C:\WINDOWS\system32\rcimlby.exe
2007-04-21 10:58 329,216 --a------ C:\WINDOWS\system32\oakley.dll
2007-04-21 10:58 32,768 --a------ C:\WINDOWS\system32\odbcad32.exe
2007-04-21 10:58 31,744 --a------ C:\WINDOWS\system32\pid.dll
2007-04-21 10:58 30,671 --------- C:\WINDOWS\system32\drivers\atinraxx.sys
2007-04-21 10:58 3,584 --------- C:\WINDOWS\system32\dsprpres.dll
2007-04-21 10:58 3,494,303 --------- C:\WINDOWS\system32\nv4_disp.dll
2007-04-21 10:58 29,455 --------- C:\WINDOWS\system32\drivers\atinxbxx.sys
2007-04-21 10:58 26,367 --------- C:\WINDOWS\system32\drivers\atinsnxx.sys
2007-04-21 10:58 254,976 --a------ C:\WINDOWS\system32\pdh.dll
2007-04-21 10:58 24,576 --a------ C:\WINDOWS\system32\nmmkcert.dll
2007-04-21 10:58 238,592 --a------ C:\WINDOWS\system32\newdev.dll
2007-04-21 10:58 218,112 --------- C:\WINDOWS\system32\sbe.dll
2007-04-21 10:58 212,992 --a------ C:\WINDOWS\system32\osk.exe
2007-04-21 10:58 21,343 --------- C:\WINDOWS\system32\drivers\atinttxx.sys
2007-04-21 10:58 193,536 --a------ C:\WINDOWS\system32\rasppp.dll
2007-04-21 10:58 19,328 --------- C:\WINDOWS\system32\drivers\usbehci.sys
2007-04-21 10:58 186,880 --------- C:\WINDOWS\system32\xpsp1res.dll
2007-04-21 10:58 18,944 --------- C:\WINDOWS\system32\faxpatch.exe
2007-04-21 10:58 172,032 --------- C:\WINDOWS\system32\mssap.dll
2007-04-21 10:58 17,408 --a------ C:\WINDOWS\system32\psapi.dll
2007-04-21 10:58 167,424 --a------ C:\WINDOWS\system32\ntmsdba.dll
2007-04-21 10:58 16,384 --a------ C:\WINDOWS\system32\ping.exe
2007-04-21 10:58 16,384 --a------ C:\WINDOWS\system32\odbc32gt.dll
2007-04-21 10:58 155,648 --------- C:\WINDOWS\system32\encdec.dll
2007-04-21 10:58 147,456 --a------ C:\WINDOWS\system32\odbctrac.dll
2007-04-21 10:58 137,728 --a------ C:\WINDOWS\system32\ntshrui.dll
2007-04-21 10:58 13,824 --a------ C:\WINDOWS\system32\rassapi.dll
2007-04-21 10:58 13,056 --------- C:\WINDOWS\system32\drivers\wacompen.sys
2007-04-21 10:58 122,880 --a------ C:\WINDOWS\system32\odbcconf.dll
2007-04-21 10:58 12,288 --a------ C:\WINDOWS\system32\odbcp32r.dll
2007-04-21 10:58 12,047 --------- C:\WINDOWS\system32\drivers\atinpdxx.sys
2007-04-21 10:58 112,128 --a------ C:\WINDOWS\system32\ntmarta.dll
2007-04-21 10:58 110,080 --------- C:\WINDOWS\system32\sbeio.dll
2007-04-21 10:58 11,904 --------- C:\WINDOWS\system32\drivers\mutohpen.sys
2007-04-21 10:58 11,615 --------- C:\WINDOWS\system32\drivers\atinmdxx.sys
2007-04-21 10:58 109,568 --a------ C:\WINDOWS\system32\offfilt.dll
2007-04-21 10:58 1,677,312 --------- C:\WINDOWS\system32\wmvcore2.dll
2007-04-21 10:58 1,351,680 --a------ C:\WINDOWS\system32\query.dll
2007-04-21 10:57 921,475 --------- C:\WINDOWS\system32\ati3d2ag.dll
2007-04-21 10:57 858,112 --a------ C:\WINDOWS\system32\netplwiz.dll
2007-04-21 10:57 844,675 --------- C:\WINDOWS\system32\ati3d1ag.dll
2007-04-21 10:57 81,408 --a------ C:\WINDOWS\system32\msoert2.dll
2007-04-21 10:57 699,392 --a------ C:\WINDOWS\system32\msxml2.dll
2007-04-21 10:57 64,512 --a------ C:\WINDOWS\system32\msiexec.exe
2007-04-21 10:57 598,016 --a------ C:\WINDOWS\system32\mstscax.dll
2007-04-21 10:57 585,216 --a------ C:\WINDOWS\system32\netcfgx.dll
2007-04-21 10:57 56,832 --a------ C:\WINDOWS\system32\mshtmler.dll
2007-04-21 10:57 42,496 --a------ C:\WINDOWS\system32\ncobjapi.dll
2007-04-21 10:57 401,462 --a------ C:\WINDOWS\system32\msvcp60.dll
2007-04-21 10:57 4,608 --a------ C:\WINDOWS\system32\msimg32.dll
2007-04-21 10:57 399,360 --a------ C:\WINDOWS\system32\netlogon.dll
2007-04-21 10:57 39,424 --a------ C:\WINDOWS\system32\net.exe
2007-04-21 10:57 386,560 --a------ C:\WINDOWS\system32\mstsc.exe
2007-04-21 10:57 377,984 --------- C:\WINDOWS\system32\ati2dvaa.dll
2007-04-21 10:57 368,710 --a------ C:\WINDOWS\system32\msisam11.dll
2007-04-21 10:57 340,992 --a------ C:\WINDOWS\system32\mspaint.exe
2007-04-21 10:57 328,192 --a------ C:\WINDOWS\system32\netsetup.exe
2007-04-21 10:57 326,912 --------- C:\WINDOWS\system32\drivers\ati2mtaa.sys
2007-04-21 10:57 323,072 --a------ C:\WINDOWS\system32\msvcrt.dll
2007-04-21 10:57 319,760 --a------ C:\WINDOWS\system32\msnsspc.dll
2007-04-21 10:57 305,664 --a------ C:\WINDOWS\system32\msihnd.dll
2007-04-21 10:57 241,725 --a------ C:\WINDOWS\system32\msuni11.dll
2007-04-21 10:57 230,912 --a------ C:\WINDOWS\system32\msieftp.dll
2007-04-21 10:57 228,864 --a------ C:\WINDOWS\system32\msoeacct.dll
2007-04-21 10:57 22,528 --a------ C:\WINDOWS\system32\mslbui.dll
2007-04-21 10:57 2,086,400 --a------ C:\WINDOWS\system32\msi.dll
2007-04-21 10:57 182,784 --a------ C:\WINDOWS\system32\msutb.dll
2007-04-21 10:57 154,112 --a------ C:\WINDOWS\system32\netman.dll
2007-04-21 10:57 143,872 --a------ C:\WINDOWS\system32\msimtf.dll
2007-04-21 10:57 131,072 --a------ C:\WINDOWS\system32\msorcl32.dll
2007-04-21 10:57 115,200 --a------ C:\WINDOWS\system32\net1.exe
2007-04-21 10:57 114,176 --a------ C:\WINDOWS\system32\msvfw32.dll
2007-04-21 10:57 10,240 --a------ C:\WINDOWS\system32\msrle32.dll
2007-04-21 10:57 1,619,968 --a------ C:\WINDOWS\system32\netshell.dll
2007-04-21 10:57 1,122,304 --a------ C:\WINDOWS\system32\msxml3.dll
2007-04-21 10:56 68,096 --a------ C:\WINDOWS\system32\mscms.dll
2007-04-21 10:56 67,584 --a------ C:\WINDOWS\system32\msctfp.dll
2007-04-21 10:56 65,536 --a------ C:\WINDOWS\system32\msconf.dll
2007-04-21 10:56 57,856 --a------ C:\WINDOWS\system32\licwmi.dll
2007-04-21 10:56 504,832 --a------ C:\WINDOWS\system32\logonui.exe
2007-04-21 10:56 4,126 --a------ C:\WINDOWS\system32\msdxmlc.dll
2007-04-21 10:56 381,440 --a------ C:\WINDOWS\system32\lmrt.dll
2007-04-21 10:56 32,256 --a------ C:\WINDOWS\system32\mnmdd.dll
2007-04-21 10:56 266,752 --a------ C:\WINDOWS\system32\msctf.dll
2007-04-21 10:56 233,472 --a------ C:\WINDOWS\system32\mpg4dmod.dll
2007-04-21 10:56 219,648 --a------ C:\WINDOWS\system32\logon.scr
2007-04-21 10:56 210,944 --a------ C:\WINDOWS\system32\moricons.dll
2007-04-21 10:56 196,096 --a------ C:\WINDOWS\system32\mobsync.dll
2007-04-21 10:56 19,456 --a------ C:\WINDOWS\system32\licmgr10.dll
2007-04-21 10:56 163,840 --a------ C:\WINDOWS\system32\mindex.dll
2007-04-21 10:56 12,288 --a------ C:\WINDOWS\system32\mscpx32r.dll
2007-04-21 10:56 116,736 --a------ C:\WINDOWS\system32\mplay32.exe
2007-04-21 10:56 10,240 --a------ C:\WINDOWS\system32\localui.dll
2007-04-21 10:56 1,131,520 --a------ C:\WINDOWS\system32\mmcndmgr.dll
2007-04-21 10:55 42,537 --a------ C:\WINDOWS\system32\keyboard.sys
2007-04-21 10:54 91,648 --a------ C:\WINDOWS\system32\iuctl.dll
2007-04-21 10:54 9,216 --a------ C:\WINDOWS\system32\icaapi.dll
2007-04-21 10:54 8,832 --a------ C:\WINDOWS\system32\framebuf.dll
2007-04-21 10:54 73,728 --a------ C:\WINDOWS\system32\ils.dll
2007-04-21 10:54 7,040 --a------ C:\WINDOWS\system32\kd1394.dll
2007-04-21 10:54 62,464 --a------ C:\WINDOWS\system32\ipv6.exe
2007-04-21 10:54 59,904 --a------ C:\WINDOWS\system32\iesetup.dll
2007-04-21 10:54 587,776 --a------ C:\WINDOWS\system32\inetcomm.dll
2007-04-21 10:54 50,176 --a------ C:\WINDOWS\system32\ipconfig.exe
2007-04-21 10:54 49,664 --a------ C:\WINDOWS\system32\ixsso.dll
2007-04-21 10:54 36,922 --a------ C:\WINDOWS\system32\imeshare.dll
2007-04-21 10:54 323,072 --a------ C:\WINDOWS\system32\ippromon.dll
2007-04-21 10:54 30,208 --a------ C:\WINDOWS\system32\imgutil.dll
2007-04-21 10:54 29,696 --------- C:\WINDOWS\system32\asr_pfu.exe
2007-04-21 10:54 272,896 --a------ C:\WINDOWS\system32\kerberos.dll
2007-04-21 10:54 27,648 --a------ C:\WINDOWS\system32\pidgen.dll
2007-04-21 10:54 240,640 --a------ C:\WINDOWS\system32\hnetcfg.dll
2007-04-21 10:54 236,032 --a------ C:\WINDOWS\system32\icm32.dll
2007-04-21 10:54 17,792 --------- C:\WINDOWS\system32\drivers\irbus.sys
2007-04-21 10:54 155,648 --a------ C:\WINDOWS\system32\ipsecsvc.dll
2007-04-21 10:54 134,656 --a------ C:\WINDOWS\system32\ipv6mon.dll
2007-04-21 10:54 123,904 --a------ C:\WINDOWS\system32\imapi.exe
2007-04-21 10:54 115,712 --a------ C:\WINDOWS\system32\input.dll
2007-04-21 10:54 115,200 --a------ C:\WINDOWS\system32\dpcdll.dll
2007-04-21 10:54 113,152 --a------ C:\WINDOWS\system32\idq.dll
2007-04-21 10:54 103,936 --a------ C:\WINDOWS\system32\imm32.dll
2007-04-21 10:54 10,752 --------- C:\WINDOWS\system32\spiisupd.exe
2007-04-21 10:53 98,304 --a------ C:\WINDOWS\system32\clipbrd.exe
2007-04-21 10:53 91,648 --a------ C:\WINDOWS\system32\ahui.exe
2007-04-21 10:53 9,216 --a------ C:\WINDOWS\system32\dumprep.exe
2007-04-21 10:53 802,304 --a------ C:\WINDOWS\system32\dxmrtp.dll
2007-04-21 10:53 8,192 --a------ C:\WINDOWS\system32\autolfn.exe
2007-04-21 10:53 76,288 --a------ C:\WINDOWS\system32\dfrgfat.exe
2007-04-21 10:53 76,288 --a------ C:\WINDOWS\system32\avifil32.dll
2007-04-21 10:53 74,810 --a------ C:\WINDOWS\system32\atl.dll
2007-04-21 10:53 71,680 --a------ C:\WINDOWS\system32\browsewm.dll
2007-04-21 10:53 70,656 --a------ C:\WINDOWS\system32\defrag.exe
2007-04-21 10:53 70,656 --a------ C:\WINDOWS\system32\cryptdlg.dll
2007-04-21 10:53 66,560 --a------ C:\WINDOWS\system32\faultrep.dll
2007-04-21 10:53 65,024 --a------ C:\WINDOWS\system32\browselc.dll
2007-04-21 10:53 64,512 --a------ C:\WINDOWS\system32\ciodm.dll
2007-04-21 10:53 62,464 --a------ C:\WINDOWS\system32\adsmsext.dll
2007-04-21 10:53 6,656 --a------ C:\WINDOWS\system32\batt.dll
2007-04-21 10:53 59,904 --a------ C:\WINDOWS\system32\cabinet.dll
2007-04-21 10:53 59,392 --a------ C:\WINDOWS\system32\6to4svc.dll
2007-04-21 10:53 55,296 --a------ C:\WINDOWS\system32\digest.dll
2007-04-21 10:53 54,272 --a------ C:\WINDOWS\system32\clusapi.dll
2007-04-21 10:53 53,248 --a------ C:\WINDOWS\system32\cryptsvc.dll
2007-04-21 10:53 5,120 --a------ C:\WINDOWS\system32\asferror.dll
2007-04-21 10:53 498,717 --a------ C:\WINDOWS\system32\dxmasf.dll
2007-04-21 10:53 49,152 --a------ C:\WINDOWS\system32\eventlog.dll
2007-04-21 10:53 49,152 --a------ C:\WINDOWS\system32\browser.dll
2007-04-21 10:53 489,984 --a------ C:\WINDOWS\system32\dbghelp.dll
2007-04-21 10:53 46,080 --a------ C:\WINDOWS\system32\docprop2.dll
2007-04-21 10:53 41,984 --a------ C:\WINDOWS\system32\alg.exe
2007-04-21 10:53 41,472 --a------ C:\WINDOWS\system32\cmdl32.exe
2007-04-21 10:53 38,912 --a------ C:\WINDOWS\system32\audiosrv.dll
2007-04-21 10:53 35,328 --a------ C:\WINDOWS\system32\dfrgsnap.dll
2007-04-21 10:53 35,072 --------- C:\WINDOWS\system32\drivers\amdk7.sys
2007-04-21 10:53 33,280 --a------ C:\WINDOWS\system32\cfgbkend.dll
2007-04-21 10:53 326,144 --a------ C:\WINDOWS\system32\cmdial32.dll
2007-04-21 10:53 310,784 --a------ C:\WINDOWS\system32\cscui.dll
2007-04-21 10:53 28,672 --a------ C:\WINDOWS\system32\dbnmpntw.dll
2007-04-21 10:53 263,680 --a------ C:\WINDOWS\system32\duser.dll
2007-04-21 10:53 262,144 --a------ C:\WINDOWS\system32\devmgr.dll
2007-04-21 10:53 25,600 --a------ C:\WINDOWS\system32\dfsshlex.dll
2007-04-21 10:53 24,576 --a------ C:\WINDOWS\system32\dbmsvinn.dll
2007-04-21 10:53 24,576 --a------ C:\WINDOWS\system32\dbmsrpcn.dll
2007-04-21 10:53 24,576 --a------ C:\WINDOWS\system32\conime.exe
2007-04-21 10:53 239,616 --a------ C:\WINDOWS\system32\adsnt.dll
2007-04-21 10:53 239,104 --a------ C:\WINDOWS\system32\compatui.dll
2007-04-21 10:53 228,352 --a------ C:\WINDOWS\system32\dsquery.dll
2007-04-21 10:53 22,528 --a------ C:\WINDOWS\system32\at.exe
2007-04-21 10:53 20,480 --a------ C:\WINDOWS\system32\dbmsadsn.dll
2007-04-21 10:53 19,968 --a------ C:\WINDOWS\system32\fontview.exe
2007-04-21 10:53 19,456 --a------ C:\WINDOWS\system32\ersvc.dll
2007-04-21 10:53 188,416 --a------ C:\WINDOWS\system32\certcli.dll
2007-04-21 10:53 180,224 --a------ C:\WINDOWS\system32\dwwin.exe
2007-04-21 10:53 179,712 --a------ C:\WINDOWS\system32\eudcedit.exe
2007-04-21 10:53 176,128 --a------ C:\WINDOWS\system32\dinput8.dll
2007-04-21 10:53 165,888 --a------ C:\WINDOWS\system32\els.dll
2007-04-21 10:53 162,816 --a------ C:\WINDOWS\system32\adsldp.dll
2007-04-21 10:53 16,384 --a------ C:\WINDOWS\system32\ds32gt.dll
2007-04-21 10:53 159,232 --a------ C:\WINDOWS\system32\dinput.dll
2007-04-21 10:53 158,720 --a------ C:\WINDOWS\system32\credui.dll
2007-04-21 10:53 14,366 --a------ C:\WINDOWS\system32\asfsipc.dll
2007-04-21 10:53 139,776 --a------ C:\WINDOWS\system32\adsldpc.dll
2007-04-21 10:53 135,680 --a------ C:\WINDOWS\system32\dsprop.dll
2007-04-21 10:53 13,312 --a------ C:\WINDOWS\system32\ctfmon.exe
2007-04-21 10:53 124,928 --a------ C:\WINDOWS\system32\dssenh.dll
2007-04-21 10:53 113,152 --a------ C:\WINDOWS\system32\dfrgui.dll
2007-04-21 10:53 111,616 --a------ C:\WINDOWS\system32\apphelp.dll
2007-04-21 10:53 104,960 --a------ C:\WINDOWS\system32\dgnet.dll
2007-04-21 10:53 1,740 --a------ C:\WINDOWS\system32\dcache.bin
2007-04-21 10:53 1,004,544 --a------ C:\WINDOWS\explorer.exe
2007-04-20 21:09 <KANSIO> d-------- C:\HJT
2007-04-19 19:48 21,840 --a----t- C:\WINDOWS\system32\SIntfNT.dll
2007-04-19 19:48 17,212 --a----t- C:\WINDOWS\system32\SIntf32.dll
2007-04-19 19:48 12,067 --a----t- C:\WINDOWS\system32\SIntf16.dll
2007-04-19 19:08 1,060,864 --a------ C:\WINDOWS\system32\mfc71.dll
2007-04-12 13:43 63,488 --a------ C:\WINDOWS\system32\unam4ie.exe
2007-04-12 13:43 4,608 --a------ C:\WINDOWS\system32\w95inf32.dll
2007-04-12 13:43 38,160 --a------ C:\WINDOWS\system32\LMRTREND.dll
2007-04-12 13:43 2,272 --a------ C:\WINDOWS\system32\w95inf16.dll
2007-04-12 13:43 194,320 --a------ C:\WINDOWS\system32\qcut.dll
2007-04-12 13:43 182,032 --a------ C:\WINDOWS\system32\dxtmsft3.dll
2007-04-12 13:43 10,240 --a------ C:\WINDOWS\system32\vidx16.dll
2007-04-11 16:10 <KANSIO> d-------- C:\Program Files\Common Files\Adobe Systems Shared
2007-04-11 16:10 <KANSIO> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision
2007-04-09 21:14 <KANSIO> d-------- C:\DOCUME~1\PeK\APPLIC~1\AdobeUM
2007-04-09 20:32 5,632 --a------ C:\WINDOWS\system32\drivers\d343port.sys
2007-04-09 20:32 136,704 --a------ C:\WINDOWS\system32\drivers\d343bus.sys
2007-04-09 20:32 <KANSIO> d-------- C:\WINDOWS\Downloaded Installations
2007-04-09 20:32 <KANSIO> d-------- C:\Program Files\D-Tools
2007-04-09 20:04 98,816 --a------ C:\WINDOWS\system32\dmstyle.dll
2007-04-09 20:04 937,984 --a------ C:\WINDOWS\system32\dxdiag.exe
2007-04-09 20:04 83,968 --a------ C:\WINDOWS\system32\drivers\nabtsfec.sys
2007-04-09 20:04 80,896 --a------ C:\WINDOWS\system32\dpvsetup.exe
2007-04-09 20:04 8,192 --a------ C:\WINDOWS\system32\d3d8thk.dll
2007-04-09 20:04 797,184 --a------ C:\WINDOWS\system32\d3dim700.dll
2007-04-09 20:04 77,824 --a------ C:\WINDOWS\system32\dpmodemx.dll
2007-04-09 20:04 76,800 --a------ C:\WINDOWS\system32\dpwsockx.dll
2007-04-09 20:04 76,800 --a------ C:\WINDOWS\system32\dmscript.dll
2007-04-09 20:04 733,184 --a------ C:\WINDOWS\system32\qedwipes.dll
2007-04-09 20:04 723,968 --a------ C:\WINDOWS\system32\dpnet.dll
2007-04-09 20:04 7,424 --a------ C:\WINDOWS\system32\drivers\mskssrv.sys
2007-04-09 20:04 68,096 --a------ C:\WINDOWS\system32\dpnhupnp.dll
2007-04-09 20:04 64,512 --a------ C:\WINDOWS\system32\amstream.dll
2007-04-09 20:04 602,624 --a------ C:\WINDOWS\system32\dx7vb.dll
2007-04-09 20:04 58,368 --a------ C:\WINDOWS\system32\dmcompos.dll
2007-04-09 20:04 52,096 --a------ C:\WINDOWS\system32\drivers\msdv.sys
2007-04-09 20:04 5,504 --a------ C:\WINDOWS\system32\drivers\mstee.sys
2007-04-09 20:04 5,248 --a------ C:\WINDOWS\system32\drivers\mspclock.sys
2007-04-09 20:04 491,520 --a------ C:\WINDOWS\system32\dsdmoprp.dll
2007-04-09 20:04 47,104 --a------ C:\WINDOWS\system32\wstdecod.dll
2007-04-09 20:04 467,968 --a------ C:\WINDOWS\system32\diactfrm.dll
2007-04-09 20:04 45,696 --a------ C:\WINDOWS\system32\drivers\stream.sys
2007-04-09 20:04 449,024 --a------ C:\WINDOWS\system32\qdvd.dll
2007-04-09 20:04 44,544 --a------ C:\WINDOWS\system32\dxdllreg.exe
2007-04-09 20:04 4,608 --a------ C:\WINDOWS\system32\drivers\mspqm.sys
2007-04-09 20:04 4,096 --a------ C:\WINDOWS\system32\ksuser.dll
2007-04-09 20:04 4,096 --a------ C:\WINDOWS\system32\drivers\swenum.sys
2007-04-09 20:04 381,952 --a------ C:\WINDOWS\system32\dpvoice.dll
2007-04-09 20:04 355,328 --a------ C:\WINDOWS\system32\dsound.dll
2007-04-09 20:04 354,816 --a------ C:\WINDOWS\system32\psisdecd.dll
2007-04-09 20:04 34,304 --a------ C:\WINDOWS\system32\mciqtz32.dll
2007-04-09 20:04 33,280 --a------ C:\WINDOWS\system32\dmloader.dll
2007-04-09 20:04 324,096 --a------ C:\WINDOWS\system32\mswebdvd.dll
2007-04-09 20:04 32,768 --a------ C:\WINDOWS\system32\dpnhpast.dll
2007-04-09 20:04 311,808 --a------ C:\WINDOWS\system32\qdv.dll
2007-04-09 20:04 3,072 --a------ C:\WINDOWS\system32\dpnlobby.dll
2007-04-09 20:04 3,072 --a------ C:\WINDOWS\system32\dpnaddr.dll
2007-04-09 20:04 284,160 --a------ C:\WINDOWS\system32\ddraw.dll
2007-04-09 20:04 28,160 --a------ C:\WINDOWS\system32\dplaysvr.exe
2007-04-09 20:04 27,136 --a------ C:\WINDOWS\system32\dmband.dll
2007-04-09 20:04 257,024 --a------ C:\WINDOWS\system32\qcap.dll
2007-04-09 20:04 24,064 --a------ C:\WINDOWS\system32\ddrawex.dll
2007-04-09 20:04 223,232 --a------ C:\WINDOWS\system32\gcdef.dll
2007-04-09 20:04 217,600 --a------ C:\WINDOWS\system32\dplayx.dll
2007-04-09 20:04 19,968 --a------ C:\WINDOWS\system32\dpvacm.dll
2007-04-09 20:04 186,880 --a------ C:\WINDOWS\system32\dsdmo.dll
2007-04-09 20:04 18,944 --a------ C:\WINDOWS\system32\encapi.dll
2007-04-09 20:04 18,688 --a------ C:\WINDOWS\system32\drivers\wstcodec.sys
2007-04-09 20:04 18,432 --a------ C:\WINDOWS\system32\dswave.dll
2007-04-09 20:04 171,520 --a------ C:\WINDOWS\system32\dmime.dll
2007-04-09 20:04 16,896 --a------ C:\WINDOWS\system32\msyuv.dll
2007-04-09 20:04 16,896 --a------ C:\WINDOWS\system32\dpnsvr.exe
2007-04-09 20:04 16,384 --a------ C:\WINDOWS\system32\drivers\ccdecode.sys
2007-04-09 20:04 15,104 --a------ C:\WINDOWS\system32\drivers\mpe.sys
2007-04-09 20:04 14,976 --a------ C:\WINDOWS\system32\drivers\streamip.sys
2007-04-09 20:04 132,608 --a------ C:\WINDOWS\system32\devenum.dll
2007-04-09 20:04 130,304 --a------ C:\WINDOWS\system32\drivers\ks.sys
2007-04-09 20:04 13,312 --a------ C:\WINDOWS\system32\msdmo.dll
2007-04-09 20:04 116,736 --a------ C:\WINDOWS\system32\dmusic.dll
2007-04-09 20:04 112,128 --a------ C:\WINDOWS\system32\dpvvox.dll
2007-04-09 20:04 11,392 --a------ C:\WINDOWS\system32\drivers\bdasup.sys
2007-04-09 20:04 100,864 --a------ C:\WINDOWS\system32\dmsynth.dll
2007-04-09 20:04 10,880 --a------ C:\WINDOWS\system32\drivers\slip.sys
2007-04-09 20:04 10,112 --a------ C:\WINDOWS\system32\drivers\ndisip.sys
2007-04-09 20:04 1,962,496 --a------ C:\WINDOWS\system32\quartz.dll
2007-04-09 20:04 1,798,144 --a------ C:\WINDOWS\system32\qedit.dll
2007-04-09 20:04 1,675,264 --a------ C:\WINDOWS\system32\dxdiagn.dll
2007-04-09 20:04 1,634,304 --a------ C:\WINDOWS\system32\d3d9.dll
2007-04-09 20:04 1,294,336 --a------ C:\WINDOWS\system32\dsound3d.dll
2007-04-09 20:04 1,230,336 --a------ C:\WINDOWS\system32\msvidctl.dll
2007-04-09 20:04 1,189,888 --a------ C:\WINDOWS\system32\dx8vb.dll
2007-04-09 20:04 1,177,600 --a------ C:\WINDOWS\system32\d3d8.dll
2007-04-08 19:52 304,128 --a------ C:\WINDOWS\IsUninst.exe

(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-04-21 11:24 48448 --a------ C:\WINDOWS\system32\perfc00b.dat
2007-04-21 11:24 283024 --a------ C:\WINDOWS\system32\perfh00b.dat
2007-04-21 11:04 -------- d-------- C:\Program Files\messenger
2007-04-21 11:03 -------- d-------- C:\Program Files\movie maker
2007-04-19 19:44 -------- d--h----- C:\Program Files\installshield installation information
2007-03-11 17:29 -------- d-------- C:\DOCUME~1\PeK\APPLIC~1\prevx
2007-03-07 13:49 -------- d-------- C:\Program Files\Common Files\wise installation wizard
2007-03-07 13:49 -------- d-------- C:\DOCUME~1\PeK\APPLIC~1\superantispyware.com
2007-03-06 23:08 663 --a------ C:\WINDOWS\mozver.dat
2007-03-06 21:38 123392 --a------ C:\WINDOWS\system32\itss.dll
2007-03-06 21:36 261632 --a------ C:\WINDOWS\system32\mstask.dll
2007-03-06 21:36 172544 --a------ C:\WINDOWS\system32\schedsvc.dll
2007-03-06 21:36 10752 --a------ C:\WINDOWS\system32\mstinit.exe
2007-03-06 21:15 -------- d-------- C:\DOCUME~1\PeK\APPLIC~1\media player classic
2007-03-06 21:12 -------- d-------- C:\DOCUME~1\PeK\APPLIC~1\vlc
2007-03-06 19:58 -------- d--h----- C:\Program Files\windowsupdate
2007-03-05 21:17 -------- d-------- C:\DOCUME~1\PeK\APPLIC~1\tuneup software
2007-03-05 20:56 -------- d-------- C:\DOCUME~1\PeK\APPLIC~1\real
2007-03-05 20:34 -------- d-------- C:\Program Files\winamp
2007-03-05 19:20 0 --a------ C:\WINDOWS\nsreg.dat
2007-03-05 18:52 4212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2007-03-05 18:46 -------- d-------- C:\Program Files\realtek ac97
2007-03-05 18:35 0 -rahs---- C:\MSDOS.SYS
2007-03-05 18:35 0 -rahs---- C:\IO.SYS
2007-03-05 18:35 0 --a------ C:\CONFIG.SYS
2007-03-05 18:35 0 --------- C:\AUTOEXEC.BAT
2007-03-05 18:35 -------- d-------- C:\Program Files\microsoft frontpage
2007-03-05 18:34 -------- d-------- C:\Program Files\online services
2007-03-05 18:33 -------- d-------- C:\Program Files\Common Files\mssoap
2007-03-05 18:32 21672 --a------ C:\WINDOWS\system32\emptyregdb.dat
2007-03-05 18:31 -------- d-------- C:\Program Files\windows nt
2007-03-05 18:31 -------- d-------- C:\Program Files\msn gaming zone
2007-03-05 18:26 62 --ahs---- C:\DOCUME~1\PeK\APPLIC~1\desktop.ini
2007-03-05 18:26 -------- d-------- C:\Program Files\Common Files\speechengines
2007-03-05 18:26 -------- d-------- C:\Program Files\Common Files\odbc
2007-02-21 22:00 10752 --a------ C:\WINDOWS\system32\ff_vfw.dll
2007-02-02 23:17 307200 --a------ C:\WINDOWS\system32\atiiiexx.dll
2007-02-02 23:04 307200 --a------ C:\WINDOWS\system32\atidemgx.dll
2007-02-02 23:03 264704 --a------ C:\WINDOWS\system32\ati2dvag.dll
2007-02-02 22:57 118784 --a------ C:\WINDOWS\system32\atipdlxx.dll
2007-02-02 22:56 42496 --a------ C:\WINDOWS\system32\ati2edxx.dll
2007-02-02 22:56 26112 --a------ C:\WINDOWS\system32\ati2mdxx.exe
2007-02-02 22:56 110592 --a------ C:\WINDOWS\system32\oemdspif.dll
2007-02-02 22:56 110592 --a------ C:\WINDOWS\system32\ati2evxx.dll
2007-02-02 22:55 446464 --a------ C:\WINDOWS\system32\ati2evxx.exe
2007-02-02 22:54 53248 --a------ C:\WINDOWS\system32\atiddc.dll
2007-02-02 22:46 2827968 --a------ C:\WINDOWS\system32\ati3duag.dll
2007-02-02 22:40 3107788 --a------ C:\WINDOWS\system32\ativvaxx.dat
2007-02-02 22:40 1272960 --a------ C:\WINDOWS\system32\ativvaxx.dll
2007-02-02 22:27 241664 --a------ C:\WINDOWS\system32\atikvmag.dll
2007-02-02 22:25 17408 --a------ C:\WINDOWS\system32\atitvo32.dll
2007-02-02 22:20 348160 --a------ C:\WINDOWS\system32\ati2cqag.dll
2007-02-02 22:19 5312512 --a------ C:\WINDOWS\system32\atioglxx.dll
2007-02-02 19:34 520192 --------- C:\WINDOWS\system32\ati2sgag.exe
2007-02-01 06:56 639066 --a------ C:\WINDOWS\system32\divx.dll
2007-01-30 19:21 128813 --a------ C:\WINDOWS\system32\atiicdxx.dat
2007-01-30 07:03 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2007-01-30 07:03 200704 --a------ C:\WINDOWS\system32\ssldivx.dll
2007-01-30 07:03 1044480 --a------ C:\WINDOWS\system32\libdivx.dll
2007-01-30 06:56 73728 --a------ C:\WINDOWS\system32\dpl100.dll
2007-01-30 06:56 196608 --a------ C:\WINDOWS\system32\dtu100.dll

(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} D:\Stuff\Acrobat\Acrobat\ActiveX\AcroIEHelper.dll
{311F9DE8-6126-4EEE-B15F-65CBB3B4F9F6} C:\Program Files\AOL Security Toolbar\AOL_security_toolbar.dll
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
{AE7CD045-E861-484f-8273-0445EE161910} D:\Stuff\Acrobat\Acrobat\AcroIEFavClient.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"SoundMan"="SOUNDMAN.EXE"
"ZoneAlarm Client"="\"D:\\Stuff\\ZoneAlarm\\ZoneAlarm\\zlclient.exe\""
"!AVG Anti-Spyware"="\"D:\\Stuff\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"
"aol"="\"D:\\Stuff\\AvS\\avp.exe\""
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.6.0_01\\bin\\jusched.exe\""

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"ctfmon.exe"="C:\\WINDOWS\\System32\\ctfmon.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=""

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa
Authentication Packages REG_MULTI_SZ msv1_0\0\0
Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0wdigest\0\0
Notification Packages REG_MULTI_SZ scecli\0\0

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"CTFMON.EXE"="C:\\WINDOWS\\System32\\ctfmon.exe"
"SUPERAntiSpyware"="D:\\Stuff\\SuperAntiSpyware\\SUPERAntiSpyware.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"WinampAgent"="D:\\Stuff\\Winamp\\winampa.exe"
"PrevxOne"="\"C:\\Program Files\\Prevx1\\PXConsole.exe\""
"DAEMON Tools-1033"="\"C:\\Program Files\\D-Tools\\daemon.exe\" -lang 1033"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0

hklm\software\Microsoft\Windows NT\CurrentVersion\Svchost *netsvcs*
UxTuneUp

Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\1-Click Maintenance.job

********************************************************************

catchme 0.3.660 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-04-22 17:02:27
Windows 5.1.2600 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden services ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0

********************************************************************

Completion time: 07-04-22 17:02:28
C:\ComboFix-quarantined-files.txt ... 07-04-22 17:02

Auttaja · Apr 22, 2007

Jep, saattaa kone posahtaa, ei haittaohjelmia oo.. Koneessa sp1... sp2 ja muut päivitykset puuttuu

-> Tyhjennä järjestelmänpalautus Ohjeet
Tyhjennä järjestelmänpalautuskansio ja luo uusi palautuspiste. Tämä puhdistaa palautuskansion mahdollisista haittaohjelmajäännöksistä.

-> Käytä CCleaneria -> CCleaner
Lataa ja asenna CCleaner. Puhdista väliaikaistiedostot ja -kansiot ohjelmalla säännöllisesti.

-> Asenna SpywareBlaster -> SpywareBlaster
SpywareBlaster estää haittaohjelmia asentumasta koneellesi. Ei kuluta muistia!
Opas saatavilla suomeksi! Nimimerkki Ad-Awaren opas

-> Asenna MVPS Hosts tiedosto -> MVPS Hosts
Estää koneesi yhteyden haitallisiin sivustoihin.
Opas saatavilla suomeksi! Nimimerkki Axelin opas

-> Vaihda selaimesi Firefoxiin -> Firefox
Firefox on nopeampi, turvallisempi ja parempi selain kuin Internet Explorer.

-> Pidä järjestelmäsi ajantasalla. -> Windows Update
Vieraile Windows Updatessa säännöllisesti.

-> Pidä palomuuri ja virustorjunta ajantasalla
Päivitä ja skannaa koneesi säännöllisesti virustorjuntaohjelmallasi.
ja hyvä myös escan http://koti.mbnet.fi/pattaya1/escanmwav.htm

->Pidä ohjelmistosi ajantasalla. -> Secunia Software Inspector
Secunia Software Inspector tutkii sinun järjestälmäsi ja ohjelmistosi puuttuvien turvallisuuspäivityksien osalta. Tavallinen tutkinta kestää normaalisti 5-40 sekuntia, kun läpikotainen (thorough system inspection) voi kestää useita minuutteja.

->Seuraa säännöllisesti viestintäviraston tietoja uusista haavoittuvuuksista -> CERT-FI

Sebde · Apr 22, 2007

Elikkäs Sp2 kannattaa hakea vai? Spyware Blaster ja Firefox on jo olemassa ja käytössä, ollut jo pitkän aikaa. Mitä tarkoitit tolla saattaa kone posahtaa? onko niin huono malli?

Auttaja · Apr 22, 2007

joo hae ne päivitykset, jos kone boottailee niin ei ihan tervettä oo, putsaa pölyt tsekkaa lämmöt

Sebde · Apr 23, 2007

Jep prossun lämmöistä se sammuilu tais johtua. Irrotin tuulettimen ja sieltä löyty semmoset tatinat ettei uskokkaan. Imuroin kunnolla kaikki paikat ja lämmöt putos 15 astetta. käy kyllä vieläki suht kuumana noin 55 astetta. Mutta on nyt toiminut toistaiseksi, ehkä uus tuuletin..? Mutta kiitosta vain todella paljon avusta!

Auttaja · May 1, 2007

Kaspersky online-skanneri

Skannaa koneesi Kaspersky Online Skannerilla

Sinulta kysytään sallitko ActiveX -komponentin asentamisen Kasperskyltä, klikkaa Kyllä.
[*] Ohjelma käynnistyy ja aloittaa viimeisimpien tunnistetiedostojen lataamisen.
[*] Kun skanneri on asennettu ja tunnistetiedot ladattu, klikkaa Next.
[*] Klikkaa nyt asetuksia, Scan Settings
[*] Tarkista asetuksista, että seuraavat ovat valittuina:

o Scan using the following Anti-Virus database:

+ Extended (Jos valittavissa, muuten valitse Standard)

o Scan Options:

+ Scan Archives
+ Scan Mail Bases

[*] Klikkaa OK
[*] Nyt valitse "select a target to scan" otsikon alta Oma Tietokone, My Computer
[*] Skannaus vie aikaa, joten ole kärsivällinen. Kun skannaus on valmis saat ilmoituksen, jos koneesi on saastunut.
[*] Klikkaa nyt Save as Text-painiketta.
[*] Tallenna tiedosto työpöydällesi.
[*] Kopioi ja Liitä tiedoston sisältö seuraavaan vastaukseesi.

Sebde · May 2, 2007

Täs on tää kaspersky tsysteemi...

Wednesday, May 02, 2007 4:49:37 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.93.0
Kaspersky Anti-Virus database last update: 2/05/2007
Kaspersky Anti-Virus database records: 308012
Scan Settings
Scan using the following antivirus database extended
Scan Archives true
Scan Mail Bases true
Scan Target My Computer
A:\
C:\
D:\
E:\
F:\
G:\
Scan Statistics
Total number of scanned objects 56280
Number of viruses found 0
Number of infected objects 0
Number of suspicious objects 0
Duration of the scan process 00:36:19

Infected Object Name Virus Name Last Action
C:\Documents and Settings\All Users\Application Data\AOL\AVP6\Report\041d_File_Monitoring_eventlog.rpt Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\AVP6\Report\detected.idx Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\AVP6\Report\detected.rpt Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\AVP6\Report\eventlog.rpt Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\AVP6\Report\report.rpt Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Prevx\Local.dat Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Sivuhistoria\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temp\Sivuhistoria\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\PeK\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\PeK\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\PeK\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\PeK\Local Settings\Sivuhistoria\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\PeK\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\PeK\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\PeK\ntuser.dat.LOG Object is locked skipped
C:\Program Files\Prevx1\lclbrk.cache Object is locked skipped
C:\Program Files\Prevx1\log\px-log.txt Object is locked skipped
C:\Program Files\Prevx1\paws.cache Object is locked skipped
C:\Program Files\Prevx1\prevx.cache Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{D55AE573-B902-4FB1-BA7F-C290E8160397}\RP123\change.log Object is locked skipped
C:\WINDOWS\comsetup.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\FaxSetup.log Object is locked skipped
C:\WINDOWS\iis6.log Object is locked skipped
C:\WINDOWS\Internet Logs\fwdbglog.txt Object is locked skipped
C:\WINDOWS\Internet Logs\fwpktlog.txt Object is locked skipped
C:\WINDOWS\Internet Logs\IAMDB.RDB Object is locked skipped
C:\WINDOWS\Internet Logs\SEPARI.ldb Object is locked skipped
C:\WINDOWS\Internet Logs\tvDebug.log Object is locked skipped
C:\WINDOWS\ntdtcsetup.log Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\setupact.log Object is locked skipped
C:\WINDOWS\setuperr.log Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\spupdsvc.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edbtmp.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\drivers\fidbox.dat Object is locked skipped
C:\WINDOWS\system32\drivers\fidbox.idx Object is locked skipped
C:\WINDOWS\system32\drivers\fidbox2.dat Object is locked skipped
C:\WINDOWS\system32\drivers\fidbox2.idx Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\Temp\ZLT005c3.TMP Object is locked skipped
C:\WINDOWS\Temp\ZLT0120e.TMP Object is locked skipped
C:\WINDOWS\Temp\~DFF73E.tmp Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
D:\System Volume Information\_restore{D55AE573-B902-4FB1-BA7F-C290E8160397}\RP123\change.log Object is locked skipped
F:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
Scan process completed.

Auttaja · May 2, 2007

juup, kone puhas.

Log in or Sign up

Jos joku viisas voisi vilkaista...

Sebde Member

Auttaja Guest

Sebde Member

Auttaja Guest

Sebde Member

Auttaja Guest

Sebde Member

Auttaja Guest

Sebde Member

Auttaja Guest

Share This Page

Log in or Sign up

Jos joku viisas voisi vilkaista...

Sebde Member

Auttaja Guest

Sebde Member

Auttaja Guest

Sebde Member

Auttaja Guest

Sebde Member

Auttaja Guest

Sebde Member

Auttaja Guest

Share This Page

Useful Searches