kone ei sammu+hjt logi

siis koko viime yön sammutti konetta vaan ei sammunu.joutu buuttaa sit nappulasta.troijalaiset poistettu(??)..ja toinen homma on se että en saa tiettyjä kansioita poistettua,vaati koko ajan jotain "lupaa" prkl on se kumma kun ei omalta koneelta pääse poistamaan tiedostoja(kyseessä oli siis valokuva kansio)

-----------------------------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:07:12, on 16.9.2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Raxco\PerfectDisk2008\PD91AgentS1.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Raxco\PerfectDisk2008\PD91AgentS1.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Portrait Displays\HP My Display\dthtml.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\hp\kbd\kbd.exe
C:\Windows\system32\conime.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\distnoted.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredimail.com/english/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FI_FI&c=73&bd=Pavilion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\Windows\system32\Msdxm6.ocx
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [DT Task] C:\Program Files\Portrait Displays\HP My Display\DTHtml.exe -startup_folder
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [OutpostMonitor] C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe /tray
O4 - HKLM\..\Run: [OutpostFeedBack] "C:\Program Files\Agnitum\Outpost Firewall Pro\feedback.exe" /dumps_startup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe"
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe" /NoDialog
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Verkkopalvelu')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra button: Lisää tämä blogiin - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Lisää tämä blogiin tuotteessa Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O13 - Gopher Prefix:
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: c:\progra~1\agnitum\outpos~1\wl_hook.dll
O22 - SharedTaskScheduler: StardockDreamController - {EC654325-1273-C2A9-2B7C-45D29BCE68FF} - C:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\DreamControl.dll
O22 - SharedTaskScheduler: Deskscapes - {EC654325-1273-C2A9-2B7C-45D29BCE68FB} - C:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\deskscapes.dll
O22 - SharedTaskScheduler: Stardock Vista ControlPanel Extension - {EC654325-1273-C2A9-2B7C-45D29BCE68FD} - C:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\DesktopControlPanel.dll
O23 - Service: Agnitum Client Security Service (acssrv) - Agnitum Ltd. - C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour-palvelu (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Program Files\Portrait Displays\HP My Display\DTSRVC.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod-palvelu (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PCLEPCI - Pinnacle Systems GmbH - C:\Windows\system32\drivers\pclepci.sys
O23 - Service: PD91Agent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe
O23 - Service: PD91Engine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk2008\PD91Engine.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--
End of file - 10919 bytes
--------------------------------------------------------------------
--------------------------------------------------------------------

Malwarebytes' Anti-Malware 1.28
Tietokantaversio: 1159
Windows 6.0.6001 Service Pack 1

16.9.2008 11:05:29
mbam-log-2008-09-16 (11-05-29).txt

Tarkistustyyppi: Täysi tarkistus (C:\|D:\|)
Tarkistetut kohteet: 203937
Kulunut aika: 1 hour(s), 37 minute(s), 53 second(s)

Saastuneita muistiprosesseja: 0
Saastuneita muistimoduuleja: 0
Saastuneita rekisteriavaimia: 0
Saastuneita rekisteriarvoja: 0
Saastuneita rekisterikohteita: 0
Saastuneita hakemistoja: 0
Saastuneita tiedostoja: 2

Saastuneita muistiprosesseja:
(Haitallisia kohteita ei löydetty)

Saastuneita muistimoduuleja:
(Haitallisia kohteita ei löydetty)

Saastuneita rekisteriavaimia:
(Haitallisia kohteita ei löydetty)

Saastuneita rekisteriarvoja:
(Haitallisia kohteita ei löydetty)

Saastuneita rekisterikohteita:
(Haitallisia kohteita ei löydetty)

Saastuneita hakemistoja:
(Haitallisia kohteita ei löydetty)

Saastuneita tiedostoja:
C:\Users\paskapää\Documents\EI SAA POISTAA\pc doctor\BugdoctorSetup.exe (Rogue.BugDoctor) -> Quarantined and deleted successfully.
C:\Users\paskapää\Documents\EI SAA POISTAA\nörö\Nero 6.6.1.8 Kg.exe (Trojan.Agent) -> Quarantined and deleted successfully.

 

scannaa hjt:llä merkkaa paina Fix checked

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

================

Lataa Tästä Ccleaner
CCleaner v2.05.555- Standard Build, ÄLÄ aseenna Yahoo toolbaria!
Asennuksessa poista merkki/rasti kohdasta "asenna Yahoo! toolbar/työkalupalkki".
Asennuksen jälkeen aukaise CCleaner.
Valitse vasemmalta pystyrivistä Options.
Valitse viereisestä pystyrivistä Settings.
Language kohtaan valitse Suomi.

Puhdistaja
Valitse vasemmalta pystyrivistä Puhdistaja.
Paina alhaalta Tutki.
Nyt CCleaner tutkii, mitä voidaan poistaa (tempit, cookiessit jne.).
Kun tutkiminen on valmis, paina Aja CCleaner.
Nyt CCleaner poistaa löydetyt tempit, cookiessit jne.

Rekisterin virheiden korjaus
Valitse vasemmalta pystyrivistä Rekisteri.
Paina alhaalta Etsi rekisterin virheitä.
Kun etsintä on valmis ja olet varma, että haluat korjata ne rivit jotka ovat merkattuja, niin paina Korjaa valitut rekisterin virheet.
Sinulta kysytään "haluatko varmuuskopioida muutokset rekisteriin", paina Kyllä. Tallenna varmuuskopio vaikka "Omat tiedostot" -kansioon.
Klikkaa uudesta aukeavasta ikkunasta Korjaa kaikki valitut virheet.
Saat vielä varmistus kysymyksen, paina Ok.
Kun virheet on korjattu, paina Sulje.
Nyt voit sulkea CCleanerin painamalla oikealta ylhäältä punaista rastia.

==================

1.Lataa combofix.exe työpöydällesi yhdestä linkistä:
combofix1
combofix2

2. Tuplaklikkaa combofix.exe tiedostoa ja seuraa ohjeistuksia.
3. Kun työkalu on valmis, se tuottaa lokin. Lähetä tämä loki viesti ketjuusi.
Huom! Älä klikkaile combofixin ikkunaa käytön aikana. Tämä saattaa aiheuttaa ohjelman jumiutumisen.

 

hmmmmm eipä tullut lokia..kone vaan sammu ja käynnisty vikatilassa."windows ei sammun oikein blaa blaa" elikkäs elikkäs missähän mättää..huoh

 

ookos koneessa valvojan oikeuksilla

vistan vinkit

 

ei mitn tietoa..jotkut ohjelmat ei suostu toimimaan ilman että suoritan ne järjestelmän valvojana..muuta en osaa tohon sanoa.puupää mikä puupää =)

näköjää tili on järjestelmän valvoja

 

koita tuo combofix ajaa
ajetaan ihan normaalissa tilassa

 

ComboFix 08-09-15.02 - paskapää 2008-09-16 23:04:32.2 - NTFSx86
Sijainti: C:\Users\paskapää\Desktop\ComboFix.exe
* Resident AV is active

.

((((( Tiedostot, jotka on luotu seuraavalla aikavälillä: 2008-08-16 to 2008-09-16 )))))))))))))))))
.

2008-09-16 21:09 . 2008-09-16 21:09 <KANSIO> d-------- C:\Program Files\City Interactive
2008-09-16 20:00 . 2008-09-16 20:01 351,506,774 --a------ C:\Windows\MEMORY.DMP
2008-09-16 14:45 . 2008-09-16 14:46 <KANSIO> d-------- C:\Users\paskapää\hellboy2
2008-09-16 14:45 . 2008-09-16 14:46 <KANSIO> d-------- C:\Users\paskapää\hellboy2
2008-09-16 14:44 . 2008-09-16 14:44 <KANSIO> d-------- C:\Users\paskapää\whlv
2008-09-16 14:44 . 2008-09-16 14:44 <KANSIO> d-------- C:\Users\paskapää\whlv
2008-09-16 09:41 . 2008-09-16 09:41 <KANSIO> d-------- C:\Program Files\Trend Micro
2008-09-16 09:19 . 2008-09-16 09:19 <KANSIO> d-------- C:\Users\paskapää\AppData\Roaming\Malwarebytes
2008-09-16 09:19 . 2008-09-16 09:19 <KANSIO> d-------- C:\Users\All Users\Malwarebytes
2008-09-16 09:19 . 2008-09-16 09:19 <KANSIO> d-------- C:\ProgramData\Malwarebytes
2008-09-16 09:19 . 2008-09-16 09:20 <KANSIO> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-09-16 09:19 . 2008-09-10 00:04 38,528 --a------ C:\Windows\System32\drivers\mbamswissarmy.sys
2008-09-16 09:19 . 2008-09-10 00:03 17,200 --a------ C:\Windows\System32\drivers\mbam.sys
2008-09-15 13:32 . 2008-09-15 13:41 <KANSIO> d-------- C:\Users\paskapää\valokuvat
2008-09-15 13:32 . 2008-09-15 13:41 <KANSIO> d-------- C:\Users\paskapää\valokuvat
2008-09-12 11:39 . 2008-09-12 11:39 <KANSIO> d-------- C:\Program Files\The Adventure Company
2008-09-11 21:45 . 2008-07-31 04:13 4,240,384 --a------ C:\Windows\System32\GameUXLegacyGDFs.dll
2008-09-11 21:45 . 2008-08-02 04:01 625,152 --a------ C:\Windows\System32\drivers\dxgkrnl.sys
2008-09-11 21:45 . 2008-06-26 06:29 565,248 --a------ C:\Windows\System32\emdmgmt.dll
2008-09-11 21:45 . 2008-06-26 06:29 303,616 --a------ C:\Windows\System32\wmpeffects.dll
2008-09-11 21:45 . 2008-05-08 22:21 211,968 --a------ C:\Windows\System32\drivers\mrxsmb10.sys
2008-09-11 21:45 . 2008-05-20 05:07 148,480 --a------ C:\Windows\System32\drivers\nwifi.sys
2008-09-11 21:45 . 2008-06-26 06:29 45,056 --a------ C:\Windows\System32\dataclen.dll
2008-09-11 21:45 . 2008-08-02 06:26 36,864 --a------ C:\Windows\System32\cdd.dll
2008-09-11 21:45 . 2008-07-31 06:32 28,160 --a------ C:\Windows\System32\Apphlpdm.dll
2008-09-06 14:04 . 2008-09-14 10:45 <KANSIO> d-------- C:\Users\paskapää\love guru
2008-09-06 14:04 . 2008-09-14 10:45 <KANSIO> d-------- C:\Users\paskapää\love guru
2008-09-06 11:49 . 2008-09-06 11:51 <KANSIO> d-------- C:\Users\paskapää\nökiä
2008-09-06 11:49 . 2008-09-06 11:51 <KANSIO> d-------- C:\Users\paskapää\nökiä
2008-09-06 11:46 . 2008-09-06 11:46 0 --ah----- C:\Windows\System32\drivers\Msft_User_PCCSWpdDriver_01_05_00.Wdf
2008-09-06 11:45 . 2008-09-06 11:45 0 --ah----- C:\Windows\System32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
2008-09-05 13:09 . 2008-09-05 13:09 <KANSIO> d-------- C:\Users\All Users\Broderbund Software
2008-09-05 13:09 . 2008-09-05 13:09 <KANSIO> d-------- C:\ProgramData\Broderbund Software
2008-09-05 13:07 . 2008-09-05 13:07 79,052 --a------ C:\Windows\System32\drivers\AFS.SYS
2008-09-05 13:06 . 2003-07-08 21:45 970,752 --a------ C:\Windows\System32\cdintf210.dll
2008-09-05 12:54 . 2008-09-05 12:54 <KANSIO> d-------- C:\Users\paskapää\printshop pro
2008-09-05 12:54 . 2008-09-05 12:54 <KANSIO> d-------- C:\Users\paskapää\printshop pro
2008-08-31 16:42 . 2008-08-31 16:43 <KANSIO> d-------- C:\Users\paskapää\the happening
2008-08-31 16:42 . 2008-08-31 16:43 <KANSIO> d-------- C:\Users\paskapää\the happening
2008-08-31 16:42 . 2008-08-31 16:42 <KANSIO> d-------- C:\Users\paskapää\hancock
2008-08-31 16:42 . 2008-08-31 16:42 <KANSIO> d-------- C:\Users\paskapää\hancock
2008-08-31 15:39 . 2008-09-16 18:41 <KANSIO> d-------- C:\Program Files\Lighthouse Interactive
2008-08-31 12:22 . 2008-08-31 12:22 <KANSIO> d-------- C:\Program Files\Apple Software Update
2008-08-27 00:47 . 2008-09-10 15:28 <KANSIO> d-------- C:\Users\paskapää\se7en
2008-08-27 00:47 . 2008-09-10 15:28 <KANSIO> d-------- C:\Users\paskapää\se7en
2008-08-26 18:22 . 2008-07-19 08:09 1,811,656 --a------ C:\Windows\System32\wuaueng.dll
2008-08-26 18:22 . 2008-07-19 06:44 1,524,736 --a------ C:\Windows\System32\wucltux.dll
2008-08-26 18:22 . 2008-07-19 08:09 563,912 --a------ C:\Windows\System32\wuapi.dll
2008-08-26 18:22 . 2008-07-18 22:08 163,904 --a------ C:\Windows\System32\wuwebv.dll
2008-08-26 18:22 . 2008-07-19 06:44 83,456 --a------ C:\Windows\System32\wudriver.dll
2008-08-26 18:22 . 2008-07-19 08:10 53,448 --a------ C:\Windows\System32\wuauclt.exe
2008-08-26 18:22 . 2008-07-19 08:10 45,768 --a------ C:\Windows\System32\wups2.dll
2008-08-26 18:22 . 2008-07-19 08:10 36,552 --a------ C:\Windows\System32\wups.dll
2008-08-26 18:22 . 2008-07-18 20:44 31,232 --a------ C:\Windows\System32\wuapp.exe
2008-08-25 13:53 . 2008-09-10 15:27 <KANSIO> d-------- C:\Users\paskapää\college road trip
2008-08-25 13:53 . 2008-09-10 15:27 <KANSIO> d-------- C:\Users\paskapää\college road trip
2008-08-23 00:33 . 2008-08-23 00:34 <KANSIO> d-------- C:\Users\paskapää\forgetting sarah marshal
2008-08-23 00:33 . 2008-08-23 00:34 <KANSIO> d-------- C:\Users\paskapää\forgetting sarah marshal
2008-08-22 15:58 . 2008-08-22 15:58 <KANSIO> d-------- C:\Program Files\Sun
2008-08-22 13:08 . 2008-08-22 13:08 <KANSIO> d-------- C:\Program Files\Common Files\PCSuite
2008-08-22 13:07 . 2007-09-17 15:53 21,632 --a------ C:\Windows\System32\drivers\pccsmcfd.sys
2008-08-22 13:06 . 2008-08-22 13:07 <KANSIO> d----c--- C:\Windows\System32\DRVSTORE
2008-08-22 13:06 . 2008-08-22 13:06 <KANSIO> d-------- C:\Program Files\PC Connectivity Solution
2008-08-22 12:50 . 2008-04-19 09:17 1,552,872 --a------ C:\Users\paskapää\NOD32_v3.0.642_32bit_FiX_1.2-TemDono.exe
2008-08-22 12:50 . 2008-04-19 09:17 1,552,872 --a------ C:\Users\paskapää\NOD32_v3.0.642_32bit_FiX_1.2-TemDono.exe

.
(((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-16 20:10 4,718,592 --sha-w C:\Users\paskapää\ntuser.dat
2008-09-16 20:10 4,718,592 --sha-w C:\Users\paskapää\ntuser.dat
2008-09-16 20:05 --------- d-----w C:\Users\paskapää\AppData\Roaming\uTorrent
2008-09-16 17:04 --------- d-----w C:\Users\paskapää\AppData\Roaming\Skype
2008-09-16 06:19 --------- d-----w C:\Users\paskapää\AppData\Roaming\Malwarebytes
2008-09-11 18:47 --------- d-----w C:\Program Files\Microsoft Works
2008-09-09 20:39 --------- d-----w C:\Users\paskapää\AppData\Roaming\BSplayer PRO
2008-09-09 18:20 --------- d-----w C:\Users\paskapää\AppData\Roaming\Adobe
2008-09-09 08:49 --------- d-----w C:\Users\paskapää\AppData\Roaming\Canon
2008-09-06 09:17 --------- d-----w C:\ProgramData\Installations
2008-09-06 09:16 --------- d-----w C:\Program Files\Nokia
2008-09-06 09:15 --------- d-----w C:\Program Files\Common Files\Nokia
2008-09-06 08:51 --------- d-----w C:\Users\paskapää\AppData\Roaming\Nokia
2008-09-06 08:46 --------- d-----w C:\Users\paskapää\AppData\Roaming\PC Suite
2008-08-30 23:58 --------- d-----w C:\Program Files\DAEMON Tools Pro
2008-08-26 11:28 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-08-26 11:27 --------- d-----w C:\Program Files\Bejeweled 2 Deluxe
2008-08-22 12:58 --------- d-----w C:\Program Files\Java
2008-08-20 09:24 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-08-17 09:53 --------- d-----w C:\ProgramData\Media Center Programs
2008-08-13 07:37 --------- d-----w C:\Program Files\Windows Mail
2008-08-06 15:43 --------- d-----w C:\Users\paskapää\AppData\Roaming\Games
2008-08-06 15:42 --------- d-----w C:\ProgramData\InstallShield
2008-08-06 15:40 278,984 ----a-w C:\Windows\system32\drivers\atksgt.sys
2008-08-06 15:40 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-08-06 15:32 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-08-03 14:08 --------- d-----w C:\ProgramData\Apple Computer
2008-08-03 14:08 --------- d-----w C:\Program Files\iTunes
2008-08-03 14:08 --------- d-----w C:\Program Files\iPod
2008-08-01 21:13 --------- d-----w C:\ProgramData\Raxco
2008-08-01 21:13 --------- d-----w C:\Program Files\Raxco
2008-07-31 03:32 460,288 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-07-31 03:32 2,154,496 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-07-31 03:32 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-07-24 11:44 --------- d-----w C:\Program Files\Aurora The Secret Within
2008-07-24 11:41 691,481 ----a-w C:\Windows\unins000.exe
2008-07-24 11:17 --------- d-----w C:\Program Files\ANACONDA
2008-07-22 12:20 --------- d-----w C:\Users\paskapää\AppData\Roaming\proDAD
2008-07-22 12:20 --------- d-----w C:\Program Files\proDAD
2008-07-22 12:20 --------- d-----w C:\Program Files\LooksBuilderSE
2008-07-22 12:19 --------- d-----w C:\Program Files\Boris FX, Inc
2008-07-22 12:17 --------- d-----w C:\Program Files\Pinnacle
2008-07-22 12:15 --------- d-----w C:\Program Files\SureThing Express Labeler
2008-07-22 12:15 --------- d-----w C:\Program Files\Common Files\SureThing Shared
2008-07-22 12:13 --------- d-----w C:\ProgramData\Pinnacle
2008-07-22 12:10 --------- d-----w C:\ProgramData\Pinnacle Studio Ultimate
2008-07-22 12:10 --------- d-----w C:\Program Files\Common Files\Pinnacle
2008-07-22 12:01 --------- d-----w C:\ProgramData\Studio 12
2008-07-22 12:01 --------- d-----w C:\ProgramData\Pinnacle Studio Plus
2008-07-22 12:01 --------- d-----w C:\Program Files\Common Files\Yahoo!
2008-07-22 11:22 --------- d-----w C:\Users\paskapää\AppData\Roaming\Apple Computer
2008-07-18 18:39 586,752 ----a-w C:\Windows\WLXPGSS.SCR
2008-07-18 12:02 230,664 ----a-w C:\Windows\System32\PDBoot.exe
2008-07-17 08:06 --------- d-----w C:\Program Files\ProtectDisc Driver Installer
2008-07-16 16:08 --------- d-----w C:\Program Files\DAEMON Tools SearchBar
2008-07-16 14:25 --------- d-----w C:\Users\paskapää\AppData\Roaming\InstallShield
2008-07-16 01:32 2,048 ----a-w C:\Windows\System32\tzres.dll
2008-06-27 04:15 827,392 ----a-w C:\Windows\System32\wininet.dll
2008-06-26 03:29 801,280 ----a-w C:\Windows\System32\NaturalLanguage6.dll
2008-06-26 01:45 2,644,480 ----a-w C:\Windows\System32\NlsLexicons0009.dll
2008-06-26 01:45 12,240,896 ----a-w C:\Windows\System32\NlsLexicons0007.dll
2008-06-19 03:31 361,984 ----a-w C:\Windows\System32\IPSECSVC.DLL
2008-06-15 12:09 174 --sha-w C:\Program Files\desktop.ini
2008-05-07 16:04 110 ----a-w C:\Users\paskapää\AppData\Roaming\wklnhst.dat
2008-04-19 06:17 1,552,872 ----a-w C:\Users\paskapää\NOD32_v3.0.642_32bit_FiX_1.2-TemDono.exe
2008-04-19 06:17 1,552,872 ----a-w C:\Users\paskapää\NOD32_v3.0.642_32bit_FiX_1.2-TemDono.exe
2007-12-15 22:01 22,328 ----a-w C:\Users\paskapää\AppData\Roaming\PnkBstrK.sys
2006-08-24 09:08 8 --sha-r C:\Windows\neoqaz2.dll
2008-02-26 20:06 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
2008-02-26 20:06 32,768 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
2008-02-26 20:06 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
2007-11-01 12:05 22 --sha-w C:\Windows\SMINST\HPCD.sys
.

((((((((((((((((((((((((((((( snapshot@2008-09-16_19.57.14.41 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-09-15 10:26:17 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2008-09-16 17:00:10 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2008-09-15 10:26:17 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2008-09-16 17:00:10 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2008-09-15 10:28:37 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2008-09-16 17:01:44 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2008-09-16 17:01:44 262,144 ---ha-w C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG1
- 2008-09-15 10:28:31 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2008-09-16 17:02:33 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2008-09-16 17:02:33 262,144 ---ha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1
- 2008-09-15 10:34:07 104,742 ----a-w C:\Windows\System32\perfc009.dat
+ 2008-09-16 17:07:37 104,742 ----a-w C:\Windows\System32\perfc009.dat
- 2008-09-15 10:34:07 85,240 ----a-w C:\Windows\System32\perfc00B.dat
+ 2008-09-16 17:07:37 85,240 ----a-w C:\Windows\System32\perfc00B.dat
- 2008-09-15 10:34:07 595,308 ----a-w C:\Windows\System32\perfh009.dat
+ 2008-09-16 17:07:37 595,308 ----a-w C:\Windows\System32\perfh009.dat
- 2008-09-15 10:34:07 443,892 ----a-w C:\Windows\System32\perfh00B.dat
+ 2008-09-16 17:07:37 443,892 ----a-w C:\Windows\System32\perfh00B.dat
- 2008-09-15 10:28:47 11,272 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1654255239-3480076955-1212706859-1000_UserData.bin
+ 2008-09-16 17:02:52 11,288 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1654255239-3480076955-1212706859-1000_UserData.bin
- 2008-09-15 10:28:46 84,918 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2008-09-16 17:02:51 85,264 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
.
(((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2008-01-19 125952]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2007-09-13 22880040]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-12-13 103720]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2007-09-18 171464]
"IncrediMail"="C:\Program Files\IncrediMail\bin\IncMail.exe" [2007-11-19 214456]
"DAEMON Tools Pro Agent"="C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" [2007-09-06 136136]
"PC Suite Tray"="C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2008-08-11 1124352]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe" [2008-06-17 1249280]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2006-09-28 65536]
"KBD"="C:\HP\KBD\KbdStub.EXE" [2006-12-08 65536]
"OsdMaestro"="C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2007-02-15 118784]
"DT Task"="C:\Program Files\Portrait Displays\HP My Display\DTHtml.exe" [2006-11-03 264704]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-12-03 2213160]
"OutpostMonitor"="C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe" [2007-10-24 935936]
"OutpostFeedBack"="C:\Program Files\Agnitum\Outpost Firewall Pro\feedback.exe" [2007-10-24 397312]
"egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" [2008-02-20 1443072]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-08-28 86016]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-08-28 8473120]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-08-28 81920]
"AppleSyncNotifier"="C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-07-10 116040]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-07-30 289064]
"RtHDVCpl"="RtHDVCpl.exe" [2007-03-01 C:\Windows\RtHDVCpl.exe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="C:\Windows\SMINST\launcher.exe" [2007-03-07 44168]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [BU]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\agnitum\outpos~1\wl_hook.dll
"LoadAppInit_DLLs"=1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.ac3filter"= ac3filter.acm
"VIDC.YV12"= yv12vfw.dll
"vidc.mjpg"= pvmjpg30.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{5BCEBE92-0792-4F9E-AA6B-55D46836E35C}"= Disabled:UDP:C:\Program Files\Skype\Phone\Skype.exe:Skype
"{5578CFC2-DB9E-4F23-9F03-407CE899B2C1}"= Disabled:TCP:C:\Program Files\Skype\Phone\Skype.exe:Skype
"TCP Query User{BE07A9FE-F822-460A-B262-855310A43217}C:\\program files\\skype\\phone\\skype.exe"= UDP:C:\program files\skype\phone\skype.exe:Skype. The whole world can talk for free.
"UDP Query User{BAEFA2C4-855F-4789-9D9E-31058546ADF7}C:\\program files\\skype\\phone\\skype.exe"= TCP:C:\program files\skype\phone\skype.exe:Skype. The whole world can talk for free.
"TCP Query User{95C85C52-D0EB-4BC9-873D-4DFFB7174E17}C:\\program files\\mozilla firefox\\firefox.exe"= UDP:C:\program files\mozilla firefox\firefox.exe:Firefox
"UDP Query User{D21C288C-2C34-45EB-AFF0-56052745331F}C:\\program files\\mozilla firefox\\firefox.exe"= TCP:C:\program files\mozilla firefox\firefox.exe:Firefox
"TCP Query User{4C592AF6-9492-465B-8A3E-9BEB25B7FFE9}C:\\program files\\utorrent\\utorrent.exe"= UDP:C:\program files\utorrent\utorrent.exe:uTorrent
"UDP Query User{BF62D7F6-3293-4B42-804B-15678D359047}C:\\program files\\utorrent\\utorrent.exe"= TCP:C:\program files\utorrent\utorrent.exe:uTorrent
"TCP Query User{4F94D2F5-2794-45E4-B986-DD62D6B6187B}C:\\program files\\common files\\nero\\nero web\\setupx.exe"= UDP:C:\program files\common files\nero\nero web\setupx.exe:Nero Installer
"UDP Query User{0424380C-AB10-4E9E-B869-46C30CD80343}C:\\program files\\common files\\nero\\nero web\\setupx.exe"= TCP:C:\program files\common files\nero\nero web\setupx.exe:Nero Installer
"{6D20198B-E7A4-4F72-AC7D-60358EB09407}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{49994086-8FF7-4A71-BA5C-C99190DAB050}"= UDP:65423:uTorrent
"{3CBFCCBB-E6E6-4BFB-8735-C3061FEF1BDA}"= UDP:65432:uTorrent
"{3B1033E3-CF2A-4BFE-A6BA-09703463C8A3}"= Disabled:UDP:C:\Users\paskapää\incredimail_install.exe:IncrediMail Installer
"{0B94975C-F1F1-4275-86CD-2BA98EAD754C}"= Disabled:TCP:C:\Users\paskapää\incredimail_install.exe:IncrediMail Installer
"{FE6C1D0E-8BAE-4C67-9DC9-F38076E72A7A}"= Disabled:UDP:C:\Program Files\IncrediMail\bin\ImpCnt.exe:IncrediMail
"{7099EF25-4A34-4528-8D53-83B9F4A48246}"= Disabled:TCP:C:\Program Files\IncrediMail\bin\ImpCnt.exe:IncrediMail
"{CF5FAED8-CEBB-47E5-A87F-4128F9393DA8}"= Disabled:UDP:C:\Program Files\IncrediMail\bin\ImApp.exe:IncrediMail
"{9F4F4A76-14F4-4F25-9194-FBDBE223BAAB}"= Disabled:TCP:C:\Program Files\IncrediMail\bin\ImApp.exe:IncrediMail
"{B70F1896-E8F0-4A72-9BCB-9ECFD0BFD6A8}"= Disabled:UDP:C:\Program Files\IncrediMail\bin\IncMail.exe:IncrediMail
"{72AC7F7A-EC66-4AA6-8E5E-957411206621}"= Disabled:TCP:C:\Program Files\IncrediMail\bin\IncMail.exe:IncrediMail
"{7C123467-7F95-4845-BC41-13EC7C71A268}"= UDP:C:\Windows\System32\PnkBstrA.exenkBstrA
"{9654ACDD-C180-4791-A423-50EDE598D8C7}"= TCP:C:\Windows\System32\PnkBstrA.exenkBstrA
"{7ABEE2D7-EFA5-4012-B12F-EBEF374FFBEA}"= UDP:C:\Windows\System32\PnkBstrB.exenkBstrB
"{A4B97767-1609-453E-ACD9-6D6FF53C8264}"= TCP:C:\Windows\System32\PnkBstrB.exenkBstrB
"{509D174B-AAAB-494A-B71C-517E3AA42AAD}"= UDP:C:\Program Files\Pinnacle\Studio 11\programs\RM.exe:Render Manager
"{CE11EDC1-84F8-4696-BB5C-8E5A672DC58B}"= TCP:C:\Program Files\Pinnacle\Studio 11\programs\RM.exe:Render Manager
"{C4067230-9C27-4B4D-938A-B6FDA3B201B4}"= UDP:C:\Program Files\Pinnacle\Studio 11\programs\Studio.exe:Studio
"{0BC5EC97-F4D3-43A3-9E0F-90DF1F345054}"= TCP:C:\Program Files\Pinnacle\Studio 11\programs\Studio.exe:Studio
"{19B2DD17-F6AF-4A9A-9624-5036E2098349}"= UDP:C:\Program Files\Pinnacle\Studio 11\programs\PMSRegisterFile.exeMSRegisterFile
"{6D2DE8BF-998C-4C7C-B240-14DF1A938A0C}"= TCP:C:\Program Files\Pinnacle\Studio 11\programs\PMSRegisterFile.exeMSRegisterFile
"{797DDD40-EBE1-41D7-BB5C-5F887132FBF4}"= UDP:C:\Program Files\Pinnacle\Studio 11\programs\umi.exe:umi
"{A1538301-2A43-4F09-BC72-A2D1044B346D}"= TCP:C:\Program Files\Pinnacle\Studio 11\programs\umi.exe:umi
"{69B4AD2C-9152-4E4A-8E97-04FAFA49A954}"= UDP:C:\Program Files\Eidos\Conflict Denied Ops\ConflictDeniedOps.exe:Conflict: Denied Ops
"{2CDF0973-8E23-4BF3-9233-F0E577D5F836}"= TCP:C:\Program Files\Eidos\Conflict Denied Ops\ConflictDeniedOps.exe:Conflict: Denied Ops
"{FABFE3AF-5E3C-4660-91F8-9DC9A28354F0}"= UDP:C:\Program Files\Ubisoft\Lost Via Domus\Yeti_Final_Win32.exe:Lost Via Domus Game
"{981708D2-9DA5-4E21-8E9B-192B5BB20777}"= TCP:C:\Program Files\Ubisoft\Lost Via Domus\Yeti_Final_Win32.exe:Lost Via Domus Game
"{ADA134CA-C522-4751-A3DB-1D625EC57478}"= UDP:C:\Program Files\Ubisoft\Lost Via Domus\gu.exe:Lost Via Domus Updater
"{CEDB09DF-1919-4F0C-92D4-DACC808AE3C2}"= TCP:C:\Program Files\Ubisoft\Lost Via Domus\gu.exe:Lost Via Domus Updater
"{5EB85A94-1C66-4B4E-A4C9-B416D6D3B6DA}"= UDP:C:\Program Files\Ubisoft\Lost Via Domus\detection\Launcher.exe:Lost Via Domus Requirements Tool
"{87BC8507-A8E0-4875-A62A-682738334517}"= TCP:C:\Program Files\Ubisoft\Lost Via Domus\detection\Launcher.exe:Lost Via Domus Requirements Tool
"TCP Query User{D0FFA889-5FA5-4B68-9ECE-2401542DD1B2}C:\\program files\\nokia\\nokia software updater\\nsu_ui_client.exe"= UDP:C:\program files\nokia\nokia software updater\nsu_ui_client.exe:Nokia Software Updater
"UDP Query User{38CFA28A-7C1C-402E-9F77-FA41BB8E1E35}C:\\program files\\nokia\\nokia software updater\\nsu_ui_client.exe"= TCP:C:\program files\nokia\nokia software updater\nsu_ui_client.exe:Nokia Software Updater
"TCP Query User{5E7ACEBC-6C47-42BA-9FEA-046BFBB9C614}C:\\program files\\common files\\nokia\\service layer\\a\\nsl_host_process.exe"= UDP:C:\program files\common files\nokia\service layer\a\nsl_host_process.exe:Nokia Service Layer Host Process
"UDP Query User{6356C2E8-AEBC-4A41-9603-2029F57566DB}C:\\program files\\common files\\nokia\\service layer\\a\\nsl_host_process.exe"= TCP:C:\program files\common files\nokia\service layer\a\nsl_host_process.exe:Nokia Service Layer Host Process
"{E9CFD0CC-4F7F-4B1B-9C0F-4473EE75A10E}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{6D64A024-CDE2-44C4-B53C-69E9189C30ED}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes
"TCP Query User{D3950CB9-A91E-4AC3-8E10-A06CDEE1C407}C:\\program files\\pinnacle\\studio 11\\programs\\studio.exe"= UDP:C:\program files\pinnacle\studio 11\programs\studio.exe:Studio program file
"UDP Query User{AB177C31-CC85-4B2C-851C-D3A24AD3FCC9}C:\\program files\\pinnacle\\studio 11\\programs\\studio.exe"= TCP:C:\program files\pinnacle\studio 11\programs\studio.exe:Studio program file
"{ECD75422-F9AD-4016-98FB-18B9DD205741}"= UDP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{F429AC2B-0CFC-4981-8EAE-6F3DAAB755CE}"= TCP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{78BC8C80-8713-438D-BA00-59D592B9F122}"= UDP:C:\Program Files\Pinnacle\Studio 12\Programs\RM.exe:Render Manager
"{C4B5B02E-9B99-4B7F-8A4D-F3C5C7127071}"= TCP:C:\Program Files\Pinnacle\Studio 12\Programs\RM.exe:Render Manager
"{0E5FBBE7-F030-4DE5-B84F-5E0F2FD21B0C}"= UDP:C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe:Studio
"{8567653A-97FF-497B-881D-FF680BDF34E2}"= TCP:C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe:Studio
"{CACD4B7A-1F5B-493C-AEB0-B6BA3482800F}"= UDP:C:\Program Files\Pinnacle\Studio 12\Programs\umi.exe:umi
"{4C3EC850-C623-49DF-9A9F-85732D910FF6}"= TCP:C:\Program Files\Pinnacle\Studio 12\Programs\umi.exe:umi
"{63A33E42-945C-4D01-B20F-1F2F4F7BF873}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{3DCCE08B-E3B8-45C9-9845-13C5888AE966}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{C689063B-2802-4206-B4C8-10E4BDB2C831}"= UDP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
"{7816C842-D80A-482C-97B7-45FBDCDBE952}"= TCP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent (UDP-In)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

R0 AFS;AFS;C:\Windows\system32\drivers\AFS.sys [2008-09-05 79052]
R1 epfwtdir;epfwtdir;C:\Windows\system32\DRIVERS\epfwtdir.sys [2008-02-20 33800]
R1 SandBox;SandBox;C:\Windows\system32\DRIVERS\SandBox.sys [2007-10-17 434336]
R2 acedrv11;acedrv11;C:\Windows\system32\drivers\acedrv11.sys [2008-01-23 501560]
R2 acssrv;Agnitum Client Security Service;C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe [2007-10-24 1179648]
R2 PD91Agent;PD91Agent;C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe [2008-07-18 693512]
R3 3xHybrid;ASUSTek SAA713x PCI Card;C:\Windows\system32\DRIVERS\3xHybrid.sys [2007-01-26 2831232]
S2 NOD32FiXTemDono;Eset Nod32 Boot;C:\Windows\system32\regedt32.exe [2006-11-02 9216]
S3 ASWFilt;ASWFilt;C:\Windows\system32\Filt\ASWFilt.dll [2007-10-17 32896]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;C:\Windows\system32\drivers\nmwcdnsu.sys [2008-02-01 138112]
S3 nmwcdnsuc;Nokia USB Flashing Generic;C:\Windows\system32\drivers\nmwcdnsuc.sys [2008-02-01 8320]
S3 PD91Engine;PD91Engine;C:\Program Files\Raxco\PerfectDisk2008\PD91Engine.exe [2008-07-18 910600]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\K]
\shell\AutoRun\command - K:\Info.exe folder.htt 480 480

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5db7af47-b530-11dc-8953-001d6031705c}]
\shell\AutoRun\command - P:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9b63e6ac-7e05-11dc-af64-806e6f6e6963}]
\shell\AutoRun\command - K:\Info.exe folder.htt 480 480

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e403bcaa-8bd0-11dc-b766-001d6031705c}]
\shell\AutoRun\command - J:\Setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e403c02e-8bd0-11dc-b766-001d6031705c}]
\shell\AutoRun\command - L:\setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e403c030-8bd0-11dc-b766-001d6031705c}]
\shell\AutoRun\command - M:\setup.exe
.
- - - - POISTETUT JÄMÄRIVIT - - - -

HKLM-Run-<NO NAME> - (no file)


.
------- Täydentävä tarkistus -------
.
FireFox -: Profile - C:\Users\paskapää\AppData\Roaming\Mozilla\Firefox\Profiles\4782e309.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.google.fi/
FF -: plugin - C:\Program Files\DivX\DivX Content Uploader\npUpload.dll
FF -: plugin - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-16 23:09:53
Windows 6.0.6001 Service Pack 1 NTFS

tarkistaa piilotettuja prosesseja ...

tarkistaa piilotettuja käynnistysarvoja ...

tarkistaa piilotettuja tiedostoja ...

tarkistus on valmis
piilotetut tiedostot: 0

**************************************************************************
.
Valmistumisajankohta: 2008-09-16 23:12:05
ComboFix-quarantined-files.txt 2008-09-16 20:11:56

Pre-Run: 137,624,453,120 tavua vapaana
Post-Run: 137,592,430,592 tavua vapaana

339 --- E O F --- 2008-09-12 08:12:28

 

mites kone toimii

 

ei sammuta vieläkään normaalisti.jää junnaamaa "sammutetaan" ikkunaan.kyllä vista on sitten ihana.taitaa olla wintoosa jumissa

 

Oikeen mukava tuntuu olevan

=================

Tarkista Kaspersky Online Skannerilla

1. Lue läpi vaatimukset ja yksityisyyssäännökset ja klikkaa Accept.
2. Skannerin ja virustietokannan lataus alkaa. Sinulta kysytään sallitko Kasperskyltä tulevan ohjelman asentamisen. Klikkaa Aja/Run.
3. Kun lataus on valmis, klikkaa Settings.
4. Varmistu, että seuraavat kohdat on valittu. Jos ne eivät ole, valitse ne ja klikkaa Save:
Spyware, Adware, Dialers, and other potentially dangerous programs
Archives
Mail databases
5. Klikkaa Oma Tietokone, My Computer Scan-kohdan alapuolelta.
6. Kun tarkistus on valmis, tulokset näytetään. Klikkaa View Scan Report.
7. Näet listan saastuneista kohteista. Klikkaa Save Report As....
8. Tallenna tiedosto työpöydällesi. Muuta Tiedostotyyppi/Files of type muotoon Tekstitiedosto/Text file(.txt) ennen kuin klikkaat Save.
9. Kopioi ja liitä tiedoston sisältö seuraavaan vastaukseesi uuden HijackThis-lokin kera

 

vähän kesti tämän laitto kiitos SONERAN ja mun huonojen hermojen

--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Monday, September 22, 2008
Operating System: Microsoft Windows Vista Home Premium Edition, 32-bit Service Pack 1 (build 6001)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Sunday, September 21, 2008 07:57:45
Records in database: 1246898
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - My Computer:
C:\
D:\
E:\
F:\
G:\
H:\
I:\
J:\
K:\
L:\
M:\
N:\

Scan statistics:
Files scanned: 183029
Threat name: 1
Infected objects: 2
Suspicious objects: 0
Duration of the scan: 18:52:44


File name / Threat name / Threats count
C:\Program Files\IncrediMail\bin\IncrediMail_Install.exe Infected: not-a-virusownloader.Win32.ImLoader.e 1
C:\Users\paskapää\Downloads\incredimail_install.exe Infected: not-a-virusownloader.Win32.ImLoader.e 1

The selected area was scanned.
----------------------------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:14:02, on 22.9.2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Portrait Displays\HP My Display\dthtml.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\hp\kbd\kbd.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Raxco\PerfectDisk2008\PD91AgentS1.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredimail.com/english/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\Windows\system32\Msdxm6.ocx
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [DT Task] C:\Program Files\Portrait Displays\HP My Display\DTHtml.exe -startup_folder
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [OutpostMonitor] C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe /tray
O4 - HKLM\..\Run: [OutpostFeedBack] "C:\Program Files\Agnitum\Outpost Firewall Pro\feedback.exe" /dumps_startup
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe"
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe" /NoDialog
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Verkkopalvelu')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra button: Lisää tämä blogiin - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Lisää tämä blogiin tuotteessa Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O13 - Gopher Prefix:
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: c:\progra~1\agnitum\outpos~1\wl_hook.dll
O22 - SharedTaskScheduler: StardockDreamController - {EC654325-1273-C2A9-2B7C-45D29BCE68FF} - C:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\DreamControl.dll
O22 - SharedTaskScheduler: Deskscapes - {EC654325-1273-C2A9-2B7C-45D29BCE68FB} - C:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\deskscapes.dll
O22 - SharedTaskScheduler: Stardock Vista ControlPanel Extension - {EC654325-1273-C2A9-2B7C-45D29BCE68FD} - C:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\DesktopControlPanel.dll
O23 - Service: Agnitum Client Security Service (acssrv) - Agnitum Ltd. - C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour-palvelu (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Program Files\Portrait Displays\HP My Display\DTSRVC.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod-palvelu (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PCLEPCI - Pinnacle Systems GmbH - C:\Windows\system32\drivers\pclepci.sys
O23 - Service: PD91Agent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe
O23 - Service: PD91Engine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk2008\PD91Engine.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--
End of file - 9958 bytes

 

Päivitä tuo Malwarebytes' Anti-Malware aja täysi scannaus

 

kaikki näyttää OK mutta ei vaan kone sammu.siis missä nyt on vika.vai ajanko vistan uudestaan..?
-----------------------------------------------------------------------
Malwarebytes' Anti-Malware 1.28
Tietokantaversio: 1194
Windows 6.0.6001 Service Pack 1

23.9.2008 0:50:46
mbam-log-2008-09-23 (00-50-46).txt

Tarkistustyyppi: Täysi tarkistus (C:\|D:\|)
Tarkistetut kohteet: 206156
Kulunut aika: 2 hour(s), 6 minute(s), 31 second(s)

Saastuneita muistiprosesseja: 0
Saastuneita muistimoduuleja: 0
Saastuneita rekisteriavaimia: 0
Saastuneita rekisteriarvoja: 0
Saastuneita rekisterikohteita: 0
Saastuneita hakemistoja: 0
Saastuneita tiedostoja: 0

Saastuneita muistiprosesseja:
(Haitallisia kohteita ei löydetty)

Saastuneita muistimoduuleja:
(Haitallisia kohteita ei löydetty)

Saastuneita rekisteriavaimia:
(Haitallisia kohteita ei löydetty)

Saastuneita rekisteriarvoja:
(Haitallisia kohteita ei löydetty)

Saastuneita rekisterikohteita:
(Haitallisia kohteita ei löydetty)

Saastuneita hakemistoja:
(Haitallisia kohteita ei löydetty)

Saastuneita tiedostoja:
(Haitallisia kohteita ei löydetty)

 

Niin... Nyt pitäis niitä omia muisteja kaivella, että milloin tämä alkoi ja mitä tuli koneelle ladattua ohjelmia.Joka aiheuttaisi tämän ongelman.

Onhan sekin mahollista, että ei se muuten korjaannu sillä vistan käyttöjärjestelmä on voinut vioitua. Silloin olis vistan uudelleen ajo paikallaan. Pulmakin ratkeisi helpolla kun tekisi puhtaan asennuksen.