Kone hidastelee, netti takkuilee ja prosessit vie muistia!

LoBer · Apr 11, 2008

Hei!
Nyt tällä viikolla on ruveennut netti takkuilemaan, ja kone hidastelemaan mutta epäilen että koneessa on virus. Tänään tein "talkoot", siivosin kaiken turhan koneesta, otin turhat ohjelmat poies, siivosin työpöydän ja ajoin EasyCleanerilla ja CCleanerilla. Ja olihan tuo pandakin eilen pyörimässä. Auttoi vähän mutta saattaisi tulla olla vielä jotain:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:38:37, on 11.4.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\pavsrv51.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\AVENGINE.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\TPSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PsCtrls.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PavFnSvr.exe
C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
c:\program files\panda software\panda antivirus + firewall 2007\firewall\PSHOST.EXE
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PsImSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\ApvxdWin.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\WebProxy.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Common Files\TerraTec\Remote\TTTvRc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\HP_Omistaja\Työpöytä\Tietoturva\HijackThis\scanner.exe.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FI_FI&c=Q404&bd=pavilion&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/ig
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FI_FI&c=Q404&bd=pavilion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\PROGRA~1\TerraTec\TERRAT~1\THCDES~1.DLL
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\APVXDWIN.EXE" /s
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod-palvelu (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Panda Software Controller - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PsCtrls.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software International - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\pavsrv51.exe
O23 - Service: Panda Host Service (PSHost) - Panda Software International - c:\program files\panda software\panda antivirus + firewall 2007\firewall\PSHOST.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PsImSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Panda TPSrv (TPSrv) - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\TPSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 6795 bytes

Ja sitten vielä kun ton CCleaneri kautta voi kahtoa mitkä ohjelmat ajavat itsensä käynnistyksessä, niin voinko ottaa jonkun näistä pois:

NcCplDaemon, RUNDLL32.EXE C:\Windows\System32 NvStartup
Recguard, C:\Windows\SMINST\Recguard.exe

muut onkin Pandan, ja niitä joita itse haluan.

Hujo · Apr 11, 2008

Lataa Deckard's System Scanner
Työpöydällesi.

Huomioi: Sinulla tulee olla Järjestelmänvalvojan oikeudet ajaaksesi ohjelman.

[*]Sulje kaikki avoimet ikkunat ja ohjelmat.
[*]Tupla Klikkaa Dss.exe tiedostoa ajaaksesi ohjelman, seuraa ohjeita.
[*]Kun Scannaus on valmis 2 textitiedostoa pitäisi avautua, Main.txt ja extra.txt
[*]Näppäile Kopioi ( CTRL+A -> CTRL + C ) ja liitä ( CTRL + V )
[*]kopioi ja liitä main.txt ja extra.txt sisältö seuraavaan vastaukseesi.

LoBer · Apr 11, 2008

En tiiä lagittaako aD vai miun kone, mut ei näköjään anna lähettää hirveen pitkää viestii. lähetän ton ekan erikseen.
Täs on se main.txt
Deckard's System Scanner v20071014.68
Run by HP_Omistaja on 2008-04-11 23:52:24
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.

-- Last 5 Restore Point(s) --
95: 2008-04-11 20:52:35 UTC - RP124 - Deckard's System Scanner Restore Point
94: 2008-04-11 19:17:00 UTC - RP123 - Asennettu TerraTec Home Cinema
93: 2008-04-11 13:58:37 UTC - RP122 - Järjestelmän tarkistuspiste
92: 2008-04-10 13:42:07 UTC - RP121 - Järjestelmän tarkistuspiste
91: 2008-04-09 12:13:45 UTC - RP120 - Software Distribution Service 3.0

-- First Restore Point --
1: 2008-01-13 18:24:52 UTC - RP30 - Asennettu TerraTec Home Cinema

Backed up registry hives.
Performed disk cleanup.

-- HijackThis (run as HP_Omistaja.exe) -----------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:53:53, on 11.4.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\pavsrv51.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\AVENGINE.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\TPSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PsCtrls.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PavFnSvr.exe
C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
c:\program files\panda software\panda antivirus + firewall 2007\firewall\PSHOST.EXE
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PsImSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\ApvxdWin.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\WebProxy.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Common Files\TerraTec\Remote\TTTvRc.exe
C:\Documents and Settings\HP_Omistaja\Työpöytä\dss.exe
C:\DOCUME~1\HP_OMI~1\TYPYT~1\TIETOT~1\HIJACK~1\HP_Omistaja.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FI_FI&c=Q404&bd=pavilion&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/ig
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FI_FI&c=Q404&bd=pavilion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\PROGRA~1\TerraTec\TERRAT~1\THCDES~1.DLL
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\APVXDWIN.EXE" /s
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod-palvelu (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Panda Software Controller - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PsCtrls.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software International - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\pavsrv51.exe
O23 - Service: Panda Host Service (PSHost) - Panda Software International - c:\program files\panda software\panda antivirus + firewall 2007\firewall\PSHOST.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PsImSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Panda TPSrv (TPSrv) - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\TPSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 6783 bytes

-- HijackThis Fixed Entries (C:\DOCUME~1\HP_OMI~1\TYPYT~1\TIETOT~1\HIJACK~1\backups\) --------------------------------------------------------------------------------

backup-20071107-214017-189 O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
backup-20071107-214017-282 O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
backup-20071107-214017-417 O20 - Winlogon Notify: byxywwt - byxywwt.dll (file missing)
backup-20071107-214017-460 O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
backup-20071107-214017-503 O20 - Winlogon Notify: jkkljkl - C:\WINDOWS\SYSTEM32\jkkljkl.dll
backup-20071107-214017-549 O4 - HKLM\..\Run: [CTDrive] rundll32.exe C:\WINDOWS\system32\drvcex.dll,startup
backup-20071107-214017-601 O20 - Winlogon Notify: winwim32 - C:\WINDOWS\SYSTEM32\winwim32.dll
backup-20071107-214017-646 O2 - BHO: (no name) - {BC0CEBB4-401B-44CF-B4D3-57008FD39B70} - C:\WINDOWS\system32\jkkljkl.dll
backup-20071107-214017-740 O2 - BHO: (no name) - {4AA49418-D47E-47EB-AAD9-3FA5155F3025} - (no file)
backup-20071107-214017-748 O4 - HKLM\..\Run: [wvidmzgn] rundll32.exe "C:\Program Files\wvidmzgn\kpkjmhar.dll",Init
backup-20071117-225839-321 O2 - BHO: (no name) - {BC0CEBB4-401B-44CF-B4D3-57008FD39B70} - C:\WINDOWS\system32\jkkljkl.dll
backup-20071117-225839-342 O2 - BHO: (no name) - {95B61513-7B6B-456D-92B6-5BA67761553C} - C:\WINDOWS\system32\pmkhh.dll (file missing)
backup-20071117-225839-632 O20 - Winlogon Notify: jkkljkl - C:\WINDOWS\SYSTEM32\jkkljkl.dll
backup-20071126-163552-283 O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
backup-20071126-175738-239 O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
backup-20071126-175738-414 O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
backup-20071126-175738-509 O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
backup-20071205-124227-123 O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Verkkopalve')
backup-20071205-124227-303 O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched.exe
backup-20071205-124227-625 O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
backup-20071205-124227-658 O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
backup-20071205-124227-835 O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
backup-20071205-124227-846 O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\System32\keyhook.exe
backup-20071205-124227-925 O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Paikallinen palve')
backup-20071205-124914-240 O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
backup-20071205-124914-388 O20 - Winlogon Notify: jkkljkl - C:\WINDOWS\SYSTEM32\jkkljkl.dll
backup-20071205-124914-419 O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
backup-20071205-124914-461 O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
backup-20071205-124914-636 O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
backup-20071205-124914-958 O23 - Service: Logitech QuickCam Manager - Unknown owner - C:\WINDOWS\System32\dllcache\mlqm.exe (file missing)
backup-20071218-142801-180 O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
backup-20071218-142801-400 O3 - Toolbar: HP-näkymä - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
backup-20071218-142801-524 O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
backup-20071218-142801-545 O2 - BHO: (no name) - {BC0CEBB4-401B-44CF-B4D3-57008FD39B70} - C:\WINDOWS\system32\jkkljkl.dll
backup-20071218-142801-575 O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
backup-20071218-142801-701 O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
backup-20071218-142801-791 O20 - Winlogon Notify: jkkljkl - C:\WINDOWS\SYSTEM32\jkkljkl.dll
backup-20071219-074528-785 O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
backup-20071219-074528-934 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
backup-20071219-074532-656 O20 - Winlogon Notify: jkkljkl - C:\WINDOWS\SYSTEM32\jkkljkl.dll
backup-20071219-074532-762 O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
backup-20071219-171100-328 O2 - BHO: (no name) - {BC0CEBB4-401B-44CF-B4D3-57008FD39B70} - C:\WINDOWS\system32\jkkljkl.dll
backup-20071219-171100-809 O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

-- File Associations -----------------------------------------------------------

.js - JSFile - shell\open\command - C:\PROGRA~1\PANDAS~1\PANDAA~1\PAVSCRIP.EXE "%1" %*
.vbs - VBSFile - shell\open\command - C:\PROGRA~1\PANDAS~1\PANDAA~1\PAVSCRIP.EXE "%1" %*

-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 SCDEmu - c:\windows\system32\drivers\scdemu.sys <Not Verified; PowerISO Computing, Inc.; scdemu>
R1 ShldDrv (Panda File Shield Driver) - c:\windows\system32\drivers\shldrv51.sys <Not Verified; Panda Software International; Panda shield>
R2 cpoint (Panda CPoint Driver) - c:\windows\system32\drivers\cpoint.sys <Not Verified; Panda Software; © Panda Software 2005>
R3 AvFlt (Antivirus Filter Driver) - c:\windows\system32\drivers\av5flt.sys (file missing)
R3 ComFiltr (Panda Anti-Dialer) - c:\windows\system32\drivers\comfiltr.sys (file missing)
R3 Iviaspi (IVI ASPI Shell) - c:\windows\system32\drivers\iviaspi.sys <Not Verified; InterVideo, Inc.; InterVideo ASPI Shell>
R3 PavSRK.sys - c:\windows\system32\pavsrk.sys (file missing)
R3 PavTPK.sys - c:\windows\system32\pavtpk.sys (file missing)
R3 Pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus(R) ASPI Shell>
R3 TTCinergyT2 (TerraTec Cinergy T² (BDA)) - c:\windows\system32\drivers\ttcinergyt2bda.sys <Not Verified; TerraTec Electronic GmbH; TerraTec Cinergy T²>

S3 catchme - c:\docume~1\hp_omi~1\locals~1\temp\catchme.sys (file missing)
S3 jswmidin - c:\docume~1\hp_omi~1\locals~1\temp\jswmidin.sys (file missing)

-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Nero BackItUp Scheduler 3 - c:\program files\nero\nero8\nero backitup\nbservice.exe

S3 ServiceLayer - "c:\program files\pc connectivity solution\servicelayer.exe" <Not Verified; Nokia.; PC Connectivity Solution>
S4 Logitech QuickCam Manager - "c:\windows\system32\dllcache\mlqm.exe" (file missing)

-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}
Description: Nokia Windows Portable Device Driver
Device ID: ROOT\WPD\0000
Manufacturer: Nokia
Name: Nokia 5300
PNP Device ID: ROOT\WPD\0000
Service: WUDFRd

Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}
Description: Nokia Windows Portable Device Driver
Device ID: ROOT\WPD\0001
Manufacturer: Nokia
Name: Nokia 5300
PNP Device ID: ROOT\WPD\0001
Service: WUDFRd

Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}
Description: Nokia 5300
Device ID: ROOT\WPD\0002
Manufacturer: Nokia
Name: Nokia 5300
PNP Device ID: ROOT\WPD\0002
Service: WUDFRd

-- Files created between 2008-03-11 and 2008-04-11 -----------------------------

2008-04-11 20:14:59 0 d-------- C:\Program Files\Microsoft Silverlight
2008-04-11 19:43:24 0 d-------- C:\Program Files\Guitar Pro 5
2008-04-11 19:38:49 0 dr-h----- C:\Documents and Settings\HP_Omistaja\Recent
2008-04-11 19:34:18 0 d-------- C:\WINDOWS\DF5A03CCD5AA43D8B948D9903F2AF94A.TMP
2008-03-27 18:22:21 0 d-------- C:\Program Files\Softnyx
2008-03-27 17:56:45 0 d-------- C:\Program Files\Ovine

-- Find3M Report ---------------------------------------------------------------

2008-04-11 22:17:44 0 d-------- C:\Program Files\Common Files\TerraTec
2008-04-11 20:27:09 0 d-------- C:\Program Files\Steam
2008-04-11 20:06:28 0 d-------- C:\Documents and Settings\HP_Omistaja\Application Data\uTorrent
2008-04-10 19:51:44 0 d-------- C:\Program Files\DC++
2008-04-04 19:30:07 73 --a------ C:\WINDOWS\system32\ssprs.dll
2008-04-04 19:30:07 205 --a------ C:\WINDOWS\system32\lsprst7.dll
2008-03-30 11:00:08 506574 --a------ C:\WINDOWS\system32\perfh00B.dat
2008-03-30 11:00:08 123292 --a------ C:\WINDOWS\system32\perfc00B.dat
2008-03-28 20:29:25 0 d-------- C:\Program Files\MSN Messenger
2008-03-28 20:29:25 0 d-------- C:\Program Files\Messenger Plus! Live
2008-03-10 22:54:30 0 d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-03-10 22:54:16 0 d-------- C:\Program Files\Windows Live
2008-03-09 21:59:09 0 d-------- C:\Program Files\Microsoft SQL Server Compact Edition
2008-03-09 21:52:56 1025 --a------ C:\WINDOWS\system32\sysprs7.dll
2008-03-09 21:52:56 1025 --a------ C:\WINDOWS\system32\clauth2.dll
2008-03-09 21:52:56 1025 --a------ C:\WINDOWS\system32\clauth1.dll
2008-03-09 21:52:31 0 d--hs--c- C:\Program Files\Common Files\WindowsLiveInstaller
2008-03-09 21:45:39 0 d-------- C:\Program Files\Common Files
2008-03-09 21:40:51 0 d-------- C:\Program Files\Common Files\KORG
2008-03-09 21:40:31 0 d-------- C:\Program Files\KORG
2008-03-08 19:44:50 60348 --a------ C:\WINDOWS\system32\ZoomUnin.exe
2008-03-06 14:53:40 0 d-------- C:\Program Files\ZOOM
2008-02-25 19:28:39 0 d-------- C:\Documents and Settings\HP_Omistaja\Application Data\Nokia
2008-02-23 19:20:23 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-02-18 14:53:35 0 d-------- C:\Program Files\Nokia
2008-02-18 14:52:51 0 d-------- C:\Program Files\Common Files\Nokia
2008-02-18 14:43:26 18194 --a------ C:\Documents and Settings\HP_Omistaja\Application Data\NMM-MetaData.db
2008-02-17 19:59:55 953 --a------ C:\WINDOWS\mozver.dat
2008-02-17 19:52:03 0 d-------- C:\Program Files\Virtual Earth 3D
2008-02-17 18:31:30 0 d-------- C:\Program Files\Hide Window Hotkey
2008-02-12 08:54:44 4468360 --a------ C:\cace2423dfb97c58fe7dd9f120557063KRN_DATA
2008-02-07 07:50:37 720896 --a------ C:\WINDOWS\iun6002.exe <Not Verified; Indigo Rose Corporation; Setup Factory 6.0 Runtime Module>
2008-02-01 12:17:36 586752 --a------ C:\WINDOWS\WLXPGSS.SCR <Not Verified; Microsoft Corporation; Windows Liven valokuvavalikoima>
2008-01-22 17:34:11 32832 --a------ C:\Documents and Settings\HP_Omistaja\Application Data\GDIPFONTCACHEV1.DAT
2008-01-16 19:56:27 1654784 --a------ C:\Steamacc.exe

-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [14.04.2004 21:43]
"NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [02.07.2004 00:12]
"APVXDWIN"="C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\APVXDWIN.exe" [30.03.2007 15:52]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr]
avldr.dll 15.02.2007 20:02 50736 C:\WINDOWS\system32\avldr.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A01200FD-FFE0-F397-DE1C-E0060A450904}]
C:\WINDOWS\system32\Win32.exe

-- End of Deckard's System Scanner: finished at 2008-04-11 23:55:05 ------------

LoBer · Apr 11, 2008

En tiiä lagittaako aD vai miun kone, mut ei näköjään anna lähettää hirveen pitkää viestii. lähetän ton ekan erikseen.
Täs on se main.txt
Deckard's System Scanner v20071014.68
Run by HP_Omistaja on 2008-04-11 23:52:24
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.

-- Last 5 Restore Point(s) --
95: 2008-04-11 20:52:35 UTC - RP124 - Deckard's System Scanner Restore Point
94: 2008-04-11 19:17:00 UTC - RP123 - Asennettu TerraTec Home Cinema
93: 2008-04-11 13:58:37 UTC - RP122 - Järjestelmän tarkistuspiste
92: 2008-04-10 13:42:07 UTC - RP121 - Järjestelmän tarkistuspiste
91: 2008-04-09 12:13:45 UTC - RP120 - Software Distribution Service 3.0

-- First Restore Point --
1: 2008-01-13 18:24:52 UTC - RP30 - Asennettu TerraTec Home Cinema

Backed up registry hives.
Performed disk cleanup.

-- HijackThis (run as HP_Omistaja.exe) -----------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:53:53, on 11.4.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\pavsrv51.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\AVENGINE.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\TPSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PsCtrls.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PavFnSvr.exe
C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
c:\program files\panda software\panda antivirus + firewall 2007\firewall\PSHOST.EXE
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PsImSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\ApvxdWin.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\WebProxy.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Common Files\TerraTec\Remote\TTTvRc.exe
C:\Documents and Settings\HP_Omistaja\Työpöytä\dss.exe
C:\DOCUME~1\HP_OMI~1\TYPYT~1\TIETOT~1\HIJACK~1\HP_Omistaja.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FI_FI&c=Q404&bd=pavilion&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/ig
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FI_FI&c=Q404&bd=pavilion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\PROGRA~1\TerraTec\TERRAT~1\THCDES~1.DLL
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\APVXDWIN.EXE" /s
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod-palvelu (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Panda Software Controller - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PsCtrls.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software International - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\pavsrv51.exe
O23 - Service: Panda Host Service (PSHost) - Panda Software International - c:\program files\panda software\panda antivirus + firewall 2007\firewall\PSHOST.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PsImSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Panda TPSrv (TPSrv) - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\TPSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 6783 bytes

-- HijackThis Fixed Entries (C:\DOCUME~1\HP_OMI~1\TYPYT~1\TIETOT~1\HIJACK~1\backups\) --------------------------------------------------------------------------------

backup-20071107-214017-189 O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
backup-20071107-214017-282 O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
backup-20071107-214017-417 O20 - Winlogon Notify: byxywwt - byxywwt.dll (file missing)
backup-20071107-214017-460 O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
backup-20071107-214017-503 O20 - Winlogon Notify: jkkljkl - C:\WINDOWS\SYSTEM32\jkkljkl.dll
backup-20071107-214017-549 O4 - HKLM\..\Run: [CTDrive] rundll32.exe C:\WINDOWS\system32\drvcex.dll,startup
backup-20071107-214017-601 O20 - Winlogon Notify: winwim32 - C:\WINDOWS\SYSTEM32\winwim32.dll
backup-20071107-214017-646 O2 - BHO: (no name) - {BC0CEBB4-401B-44CF-B4D3-57008FD39B70} - C:\WINDOWS\system32\jkkljkl.dll
backup-20071107-214017-740 O2 - BHO: (no name) - {4AA49418-D47E-47EB-AAD9-3FA5155F3025} - (no file)
backup-20071107-214017-748 O4 - HKLM\..\Run: [wvidmzgn] rundll32.exe "C:\Program Files\wvidmzgn\kpkjmhar.dll",Init
backup-20071117-225839-321 O2 - BHO: (no name) - {BC0CEBB4-401B-44CF-B4D3-57008FD39B70} - C:\WINDOWS\system32\jkkljkl.dll
backup-20071117-225839-342 O2 - BHO: (no name) - {95B61513-7B6B-456D-92B6-5BA67761553C} - C:\WINDOWS\system32\pmkhh.dll (file missing)
backup-20071117-225839-632 O20 - Winlogon Notify: jkkljkl - C:\WINDOWS\SYSTEM32\jkkljkl.dll
backup-20071126-163552-283 O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
backup-20071126-175738-239 O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
backup-20071126-175738-414 O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
backup-20071126-175738-509 O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
backup-20071205-124227-123 O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Verkkopalve')
backup-20071205-124227-303 O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched.exe
backup-20071205-124227-625 O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
backup-20071205-124227-658 O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
backup-20071205-124227-835 O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
backup-20071205-124227-846 O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\System32\keyhook.exe
backup-20071205-124227-925 O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Paikallinen palve')
backup-20071205-124914-240 O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
backup-20071205-124914-388 O20 - Winlogon Notify: jkkljkl - C:\WINDOWS\SYSTEM32\jkkljkl.dll
backup-20071205-124914-419 O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
backup-20071205-124914-461 O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
backup-20071205-124914-636 O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
backup-20071205-124914-958 O23 - Service: Logitech QuickCam Manager - Unknown owner - C:\WINDOWS\System32\dllcache\mlqm.exe (file missing)
backup-20071218-142801-180 O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
backup-20071218-142801-400 O3 - Toolbar: HP-näkymä - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
backup-20071218-142801-524 O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
backup-20071218-142801-545 O2 - BHO: (no name) - {BC0CEBB4-401B-44CF-B4D3-57008FD39B70} - C:\WINDOWS\system32\jkkljkl.dll
backup-20071218-142801-575 O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
backup-20071218-142801-701 O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
backup-20071218-142801-791 O20 - Winlogon Notify: jkkljkl - C:\WINDOWS\SYSTEM32\jkkljkl.dll
backup-20071219-074528-785 O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
backup-20071219-074528-934 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
backup-20071219-074532-656 O20 - Winlogon Notify: jkkljkl - C:\WINDOWS\SYSTEM32\jkkljkl.dll
backup-20071219-074532-762 O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
backup-20071219-171100-328 O2 - BHO: (no name) - {BC0CEBB4-401B-44CF-B4D3-57008FD39B70} - C:\WINDOWS\system32\jkkljkl.dll
backup-20071219-171100-809 O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

-- File Associations -----------------------------------------------------------

.js - JSFile - shell\open\command - C:\PROGRA~1\PANDAS~1\PANDAA~1\PAVSCRIP.EXE "%1" %*
.vbs - VBSFile - shell\open\command - C:\PROGRA~1\PANDAS~1\PANDAA~1\PAVSCRIP.EXE "%1" %*

-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 SCDEmu - c:\windows\system32\drivers\scdemu.sys <Not Verified; PowerISO Computing, Inc.; scdemu>
R1 ShldDrv (Panda File Shield Driver) - c:\windows\system32\drivers\shldrv51.sys <Not Verified; Panda Software International; Panda shield>
R2 cpoint (Panda CPoint Driver) - c:\windows\system32\drivers\cpoint.sys <Not Verified; Panda Software; © Panda Software 2005>
R3 AvFlt (Antivirus Filter Driver) - c:\windows\system32\drivers\av5flt.sys (file missing)
R3 ComFiltr (Panda Anti-Dialer) - c:\windows\system32\drivers\comfiltr.sys (file missing)
R3 Iviaspi (IVI ASPI Shell) - c:\windows\system32\drivers\iviaspi.sys <Not Verified; InterVideo, Inc.; InterVideo ASPI Shell>
R3 PavSRK.sys - c:\windows\system32\pavsrk.sys (file missing)
R3 PavTPK.sys - c:\windows\system32\pavtpk.sys (file missing)
R3 Pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus(R) ASPI Shell>
R3 TTCinergyT2 (TerraTec Cinergy T² (BDA)) - c:\windows\system32\drivers\ttcinergyt2bda.sys <Not Verified; TerraTec Electronic GmbH; TerraTec Cinergy T²>

S3 catchme - c:\docume~1\hp_omi~1\locals~1\temp\catchme.sys (file missing)
S3 jswmidin - c:\docume~1\hp_omi~1\locals~1\temp\jswmidin.sys (file missing)

-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Nero BackItUp Scheduler 3 - c:\program files\nero\nero8\nero backitup\nbservice.exe

S3 ServiceLayer - "c:\program files\pc connectivity solution\servicelayer.exe" <Not Verified; Nokia.; PC Connectivity Solution>
S4 Logitech QuickCam Manager - "c:\windows\system32\dllcache\mlqm.exe" (file missing)

-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}
Description: Nokia Windows Portable Device Driver
Device ID: ROOT\WPD\0000
Manufacturer: Nokia
Name: Nokia 5300
PNP Device ID: ROOT\WPD\0000
Service: WUDFRd

Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}
Description: Nokia Windows Portable Device Driver
Device ID: ROOT\WPD\0001
Manufacturer: Nokia
Name: Nokia 5300
PNP Device ID: ROOT\WPD\0001
Service: WUDFRd

Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}
Description: Nokia 5300
Device ID: ROOT\WPD\0002
Manufacturer: Nokia
Name: Nokia 5300
PNP Device ID: ROOT\WPD\0002
Service: WUDFRd

-- Files created between 2008-03-11 and 2008-04-11 -----------------------------

2008-04-11 20:14:59 0 d-------- C:\Program Files\Microsoft Silverlight
2008-04-11 19:43:24 0 d-------- C:\Program Files\Guitar Pro 5
2008-04-11 19:38:49 0 dr-h----- C:\Documents and Settings\HP_Omistaja\Recent
2008-04-11 19:34:18 0 d-------- C:\WINDOWS\DF5A03CCD5AA43D8B948D9903F2AF94A.TMP
2008-03-27 18:22:21 0 d-------- C:\Program Files\Softnyx
2008-03-27 17:56:45 0 d-------- C:\Program Files\Ovine

-- Find3M Report ---------------------------------------------------------------

2008-04-11 22:17:44 0 d-------- C:\Program Files\Common Files\TerraTec
2008-04-11 20:27:09 0 d-------- C:\Program Files\Steam
2008-04-11 20:06:28 0 d-------- C:\Documents and Settings\HP_Omistaja\Application Data\uTorrent
2008-04-10 19:51:44 0 d-------- C:\Program Files\DC++
2008-04-04 19:30:07 73 --a------ C:\WINDOWS\system32\ssprs.dll
2008-04-04 19:30:07 205 --a------ C:\WINDOWS\system32\lsprst7.dll
2008-03-30 11:00:08 506574 --a------ C:\WINDOWS\system32\perfh00B.dat
2008-03-30 11:00:08 123292 --a------ C:\WINDOWS\system32\perfc00B.dat
2008-03-28 20:29:25 0 d-------- C:\Program Files\MSN Messenger
2008-03-28 20:29:25 0 d-------- C:\Program Files\Messenger Plus! Live
2008-03-10 22:54:30 0 d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-03-10 22:54:16 0 d-------- C:\Program Files\Windows Live
2008-03-09 21:59:09 0 d-------- C:\Program Files\Microsoft SQL Server Compact Edition
2008-03-09 21:52:56 1025 --a------ C:\WINDOWS\system32\sysprs7.dll
2008-03-09 21:52:56 1025 --a------ C:\WINDOWS\system32\clauth2.dll
2008-03-09 21:52:56 1025 --a------ C:\WINDOWS\system32\clauth1.dll
2008-03-09 21:52:31 0 d--hs--c- C:\Program Files\Common Files\WindowsLiveInstaller
2008-03-09 21:45:39 0 d-------- C:\Program Files\Common Files
2008-03-09 21:40:51 0 d-------- C:\Program Files\Common Files\KORG
2008-03-09 21:40:31 0 d-------- C:\Program Files\KORG
2008-03-08 19:44:50 60348 --a------ C:\WINDOWS\system32\ZoomUnin.exe
2008-03-06 14:53:40 0 d-------- C:\Program Files\ZOOM
2008-02-25 19:28:39 0 d-------- C:\Documents and Settings\HP_Omistaja\Application Data\Nokia
2008-02-23 19:20:23 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-02-18 14:53:35 0 d-------- C:\Program Files\Nokia
2008-02-18 14:52:51 0 d-------- C:\Program Files\Common Files\Nokia
2008-02-18 14:43:26 18194 --a------ C:\Documents and Settings\HP_Omistaja\Application Data\NMM-MetaData.db
2008-02-17 19:59:55 953 --a------ C:\WINDOWS\mozver.dat
2008-02-17 19:52:03 0 d-------- C:\Program Files\Virtual Earth 3D
2008-02-17 18:31:30 0 d-------- C:\Program Files\Hide Window Hotkey
2008-02-12 08:54:44 4468360 --a------ C:\cace2423dfb97c58fe7dd9f120557063KRN_DATA
2008-02-07 07:50:37 720896 --a------ C:\WINDOWS\iun6002.exe <Not Verified; Indigo Rose Corporation; Setup Factory 6.0 Runtime Module>
2008-02-01 12:17:36 586752 --a------ C:\WINDOWS\WLXPGSS.SCR <Not Verified; Microsoft Corporation; Windows Liven valokuvavalikoima>
2008-01-22 17:34:11 32832 --a------ C:\Documents and Settings\HP_Omistaja\Application Data\GDIPFONTCACHEV1.DAT
2008-01-16 19:56:27 1654784 --a------ C:\Steamacc.exe

-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [14.04.2004 21:43]
"NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [02.07.2004 00:12]
"APVXDWIN"="C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\APVXDWIN.exe" [30.03.2007 15:52]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr]
avldr.dll 15.02.2007 20:02 50736 C:\WINDOWS\system32\avldr.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A01200FD-FFE0-F397-DE1C-E0060A450904}]
C:\WINDOWS\system32\Win32.exe

-- End of Deckard's System Scanner: finished at 2008-04-11 23:55:05 ------------

LoBer · Apr 11, 2008

Ja tässä se extra, tosiian kone taittaa takkuilla, tuon edellisen viestin lähettämisessä meni 15 minuuttia ainakin:
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: Other (040B) - see http://preview.tinyurl.com/mhhp6

CPU 0: AMD Sempron(tm) 3000+
Percentage of Memory in Use: 31%
Physical Memory (total/avail): 1023.48 MiB / 697.77 MiB
Pagefile Memory (total/avail): 2465.18 MiB / 2077.7 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1902.66 MiB

C: is Fixed (NTFS) - 144.61 GiB total, 66.36 GiB free.
D: is Fixed (FAT32) - 4.42 GiB total, 1.18 GiB free.
E: is CDROM (No Media)
G: is CDROM (No Media)
H: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - ST3160021A - 149.05 GiB - 2 partitions
\PARTITION0 - Unknown - 4.43 GiB - D:
\PARTITION1 (bootable) - Asennettava tiedostojärjestelmä - 144.61 GiB - C:

-- Security Center -------------------------------------------------------------

AUOptions is set to notify before install.
Windows Internal Firewall is disabled.

FW: Panda Antivirus 2007 Personal Firewall v6.01.00 (Panda Software)
AV: Panda Antivirus + Firewall 2007 v6.01.00 (Panda Software)

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvr.exe"="C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvr.exe:*:Enabled:TerraTec Home Cinema"
"C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvrUpdate\\CinergyDvrUp_date.exe"="C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvrUpdate\\CinergyDvrUp_date.exe:*:Enabled:TerraTec Auto Update"
"C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:µTorrent"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvrHelper.exe"="C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvrHelper.exe:*:Enabled:TerraTec Home Cinema (Setup)"

-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\HP_Omistaja\Application Data
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=KOTIKONE
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\HP_Omistaja
LOGONSERVER=\\KOTIKONE
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\Program Files\PC Connectivity Solution\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;c:\Python22;C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\;C:\Program Files\Common Files\Adobe\AGL;C:\Program Files\Ulead Systems\Ulead DVD MovieFactory 3 TV;C:\Program Files\Common Files\Ulead Systems\MPEG;C:\Program Files\Common Files\Nero\Lib\;C:\Program Files\Common Files\Nero\Lib\;C:\Program Files\Common Files\Nero\Lib\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 10 Stepping 0, AuthenticAMD
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0a00
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\HP_OMI~1\LOCALS~1\Temp
TMP=C:\DOCUME~1\HP_OMI~1\LOCALS~1\Temp
USERDOMAIN=KOTIKONE
USERNAME=HP_Omistaja
USERPROFILE=C:\Documents and Settings\HP_Omistaja
windir=C:\WINDOWS

-- User Profiles ---------------------------------------------------------------

HP_Omistaja (admin)

-- Add/Remove Programs ---------------------------------------------------------

--> .
--> C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
--> c:\WINDOWS\System32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}
--> C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
--> C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
--> C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
--> C:\WINDOWS\UNNeroVision.exe /UNINSTALL
--> C:\WINDOWS\UNRecode.exe /UNINSTALL
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E06E4F4E-72D6-4497-BFFD-BCB43077C2F4}\setup.exe" -l0xb -uninst
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
7-Zip 4.43 beta --> "C:\Program Files\7-Zip\Uninstall.exe"
Acoustica CD/DVD Label Maker --> C:\Program Files\Acoustica CD Label Maker\uisurvey.exe
Adobe Bridge 1.0 --> MsiExec.exe /I{B74D4E10-6884-0000-0000-000000000103}
Adobe Common File Installer --> MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5B39}
Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Help Center 1.0 --> MsiExec.exe /I{E9787678-1033-0000-8E67-000000000001}
Adobe Photoshop CS2 --> msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D}
Adobe Reader 7.0 - Suomi --> MsiExec.exe /I{AC76BA86-7AD7-1035-7B44-A70000000000}
Adobe Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Adobe Stock Photos 1.0 --> MsiExec.exe /I{786C5747-1033-0000-B58E-000000000001}
AMX Mod X Installer 1.8.0 --> C:\Program Files\AMX Mod X\uninst.exe
AppAway 1.0 --> "C:\Program Files\AppAway\unins000.exe"
µTorrent --> "C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
BitComet 0.79 --> C:\Program Files\BitComet\uninst.exe
Canon MP500 --> "C:\WINDOWS\system32\CanonMP Uninstaller Information\{BA4DF4C3-196E-4128-969A-00996B5A46F8}\DelDrv.exe" /U:{BA4DF4C3-196E-4128-969A-00996B5A46F8} /L0x0009
Canon Utilities Easy-PhotoPrint --> C:\Program Files\Canon\Easy-PhotoPrint\uninst.exe uninst.ini
CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
Condition Zero --> "C:\PROGRA~1\Steam\steam.exe" steam://uninstall/80
Condition Zero Deleted Scenes --> "C:\PROGRA~1\Steam\steam.exe" steam://uninstall/100
Counter-Strike --> "C:\PROGRA~1\Steam\steam.exe" steam://uninstall/10
Counter-Strike(TM) --> MsiExec.exe /I{DF5A03CC-D5AA-43D8-B948-D9903F2AF94A}
Day of Defeat --> "C:\PROGRA~1\Steam\steam.exe" steam://uninstall/30
DC++ 0.699 --> "C:\Program Files\DC++\uninstall.exe"
Deathmatch Classic --> "C:\PROGRA~1\Steam\steam.exe" steam://uninstall/40
Dedicated Server --> "C:\Program Files\Steam\steam.exe" steam://uninstall/5
Easy CD and DVD Cover Creator 4.0 --> C:\Program Files\Easy CD & DVD Cover Creator\uninst.exe
FastStone Capture 5.3 --> C:\Program Files\FastStone Capture\uninst.exe
FireTune --> C:\WINDOWS\iun6002.exe "C:\Program Files\FireTune\irunin.ini"
G7.1ut Editor/Librarian --> "C:\Program Files\ZOOM\G7ED\epuninst.exe" /s
Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
Guitar Pro 5.2 --> "C:\Program Files\Guitar Pro 5\unins000.exe"
Help and Support Additions --> C:\PROGRA~1\HELPAN~1\UNWISE.EXE C:\PROGRA~1\HELPAN~1\INSTALL.LOG
Hide Window Hotkey --> C:\PROGRA~1\HIDEWI~1\UNWISE.EXE C:\PROGRA~1\HIDEWI~1\INSTALL.LOG
High Definition Audio Driver Package - KB835221 --> C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuninst.exe
HijackThis 2.0.2 --> "C:\Documents and Settings\HP_Omistaja\Työpöytä\Tietoturva\HijackThis\HijackThis.exe" /uninstall
Hotfix-päivitys Windows XP:lle (KB914440) --> "C:\WINDOWS\$NtUninstallKB914440$\spuninst\spuninst.exe"
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
HP Deskjet Preloaded Printer Drivers --> MsiExec.exe /X{F419D20A-7719-4639-8E30-C073A040D878}
HP Software Update --> MsiExec.exe /X{457791C5-D702-4143-A7B2-2744BE9573F2}
InterVideo WinDVD Creator 2 --> "C:\Program Files\InstallShield Installation Information\{2FCE4FC5-6930-40E7-A4F1-F862207424EF}\setup.exe" REMOVEALL
InterVideo WinDVD Player --> "C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL
iTunes --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{35AFD495-EC2E-4B2B-B9DB-30EEBC74049D}
Java(TM) 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Kaspersky Online Scanner --> C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe
Korg Legacy Collection v1.0.0.2 --> C:\PROGRA~1\KORG\KORGLE~1\UNWISE.EXE C:\PROGRA~1\KORG\KORGLE~1\INSTALL.LOG
KVIrc 3.2.0 "Realia" --> "C:\Program Files\KVIrc\unins000.exe"
LEGO Star Wars --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{E914A24F-2412-4374-B420-86D21D6D444A}
LEGO Star Wars II --> C:\Program Files\InstallShield Installation Information\{4E074808-1B86-4230-A9EB-0904942EC4AE}\setup.exe -runfromtemp -l0x0409
LinPlug RM F --> C:\Program Files\Steinberg\Vstplugins\UninstalRMF.exe
LIVE gaming on Windows Runtime Version 1.0.6027 --> MsiExec.exe /X{839916F4-D8B5-4407-BE6D-6D4EB9D96AF4}
Logitech Print Service --> C:\PROGRA~1\Logitech\PRINTS~1\UNWISE.EXE C:\PROGRA~1\Logitech\PRINTS~1\INSTALL.LOG
Logitech QuickCam --> MsiExec.exe /I{0496D9E9-224B-4AFA-8F37-23B98D52F1EB}
Logitech® Camera -ohjain --> "C:\Program Files\Common Files\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
LUXONIX LFX-1310 --> C:\Program Files\LUXONIX\LFX-1310\uninst LFX-1310.exe
Messenger Plus! Live --> "C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Data Access Components KB870669 --> C:\WINDOWS\muninst.exe C:\WINDOWS\INF\KB870669.inf
Microsoft Office Excel Viewer 2003 --> MsiExec.exe /I{9084040B-6000-11D3-8CFE-0150048383C9}
Microsoft Silverlight --> MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU] --> MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft User-Mode Driver Framework Feature Pack 1.5 --> "C:\WINDOWS\$NtUninstallWudf01005$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Word 2002 --> MsiExec.exe /I{911B040B-6000-11D3-8CFE-0050048383C9}
Mozilla Firefox (2.0.0.13) --> C:\PROGRA~1\Mozilla Firefox\uninstall\helper.exe
Need for Speed™ Most Wanted --> C:\Program Files\EA GAMES\Need for Speed Most Wanted\EAUninstall.exe
Nero 8 --> MsiExec.exe /X{0A2DEB31-F8E5-413B-8A86-0D7843C6C496}
Nero 8 --> MsiExec.exe /X{5E6EC4DD-7B1F-4E10-82B9-EA1B90791035}
neroxml --> MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
No-IP.com DUC (remove only) --> "C:\Program Files\No-IP\DUC20.exe" -uninstall
Nokia Connectivity Cable Driver --> MsiExec.exe /X{0A3D3C54-2EC0-4D67-B265-FF17926E6D67}
Nokia PC Suite --> C:\Documents and Settings\All Users\Application Data\Installations\{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}\Nokia_PC_Suite_6_84_10_3_fin_web.exe
Nokia PC Suite --> MsiExec.exe /I{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}
Nokia Software Updater --> MsiExec.exe /X{3741689E-584D-40C9-B011-373A0371846D}
NVIDIA Drivers --> C:\WINDOWS\System32\nvudisp.exe UninstallGUI
Panda Antivirus + Firewall 2007 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{98032D6F-3EE6-4646-B68C-40BF012AC89B}\SETUP.exe" -l0xb -removeonly
PC Connectivity Solution --> MsiExec.exe /I{99A40651-0BC2-4095-8F9A-A40FAB224FEF}
Päivitys Windows XP:lle (KB894391) --> "C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
Päivitys Windows XP:lle (KB898461) --> "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Päivitys Windows XP:lle (KB900485) --> "C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
Päivitys Windows XP:lle (KB904942) --> "C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe"
Päivitys Windows XP:lle (KB908531) --> "C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
Päivitys Windows XP:lle (KB910437) --> "C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
Päivitys Windows XP:lle (KB911280) --> "C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
Päivitys Windows XP:lle (KB916595) --> "C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
Päivitys Windows XP:lle (KB920872) --> "C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
Päivitys Windows XP:lle (KB922582) --> "C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
Päivitys Windows XP:lle (KB927891) --> "C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe"
Päivitys Windows XP:lle (KB930916) --> "C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe"
Päivitys Windows XP:lle (KB933360) --> "C:\WINDOWS\$NtUninstallKB933360$\spuninst\spuninst.exe"
Päivitys Windows XP:lle (KB938828) --> "C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe"
Päivitys Windows XP:lle (KB942763) --> "C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"
PowerISO --> "C:\Program Files\PowerISO\uninstall.exe"
PS2 --> C:\WINDOWS\system32\ps2.exe uninstall
Python 2.2 combined Win32 extensions --> C:\Python22\Lib\SITE-P~1\UNWISE~1.EXE C:\Python22\Lib\SITE-P~1\w32inst.log
Python 2.2.1 --> C:\Python22\UNWISE.EXE C:\Python22\INSTALL.LOG
QuickTime --> C:\WINDOWS\unvise32qt.exe C:\WINDOWS\System32\QuickTime\Uninstall.log
Rename --> "C:\Program Files\Rename\uninstall.exe"
Ricochet --> "C:\PROGRA~1\Steam\steam.exe" steam://uninstall/60
Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
SiS VGA Utilities --> Rundll32 SiSInst.dll,Uninstall VGA,R
Softnyx Launcher --> "C:\Program Files\Softnyx\Launcher\unins000.exe"
Sonic RecordNow! --> MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19}
Steam --> MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
Steinberg Cubase LE --> "C:\Program Files\Steinberg\Cubase LE\Uninstall.exe" "C:\Program Files\Steinberg\Cubase LE\Install.log"
Steinberg Cubase VST32 --> C:\PROGRA~1\STEINB~1\CUBASE~2\UNWISE.EXE C:\PROGRA~1\STEINB~1\CUBASE~2\INSTALL.LOG
Suojauspäivitys ohjelmistolle Windows XP (KB923689) --> "C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
Suojauspäivitys ohjelmistolle Windows XP (KB941569) --> "C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB890046) --> "C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB893756) --> "C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB896358) --> "C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB896423) --> "C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB896428) --> "C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB899587) --> "C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB899591) --> "C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB900725) --> "C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB901017) --> "C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB901214) --> "C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB902400) --> "C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB904706) --> "C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB905414) --> "C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB905749) --> "C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB908519) --> "C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB911562) --> "C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB911927) --> "C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB913580) --> "C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB914388) --> "C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB914389) --> "C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB917344) --> "C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB917953) --> "C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB918118) --> "C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB918439) --> "C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB919007) --> "C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB920213) --> "C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB920670) --> "C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB920683) --> "C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB920685) --> "C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB921503) --> "C:\WINDOWS\$NtUninstallKB921503$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB922819) --> "C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB923191) --> "C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB923414) --> "C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB923980) --> "C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB924270) --> "C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB924496) --> "C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB924667) --> "C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB925902) --> "C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB926255) --> "C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB926436) --> "C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB927779) --> "C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB927802) --> "C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB928255) --> "C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB928843) --> "C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB929123) --> "C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB930178) --> "C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB931261) --> "C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB931784) --> "C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB932168) --> "C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB933729) --> "C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB935839) --> "C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB935840) --> "C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB936021) --> "C:\WINDOWS\$NtUninstallKB936021$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB937143) --> "C:\WINDOWS\$NtUninstallKB937143$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB938127) --> "C:\WINDOWS\$NtUninstallKB938127$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB938829) --> "C:\WINDOWS\$NtUninstallKB938829$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB941202) --> "C:\WINDOWS\$NtUninstallKB941202$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB941568) --> "C:\WINDOWS\$NtUninstallKB941568$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB941644) --> "C:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB941693) --> "C:\WINDOWS\$NtUninstallKB941693$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB943055) --> "C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB943460) --> "C:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB943485) --> "C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB944653) --> "C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB945553) --> "C:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB946026) --> "C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB948590) --> "C:\WINDOWS\$NtUninstallKB948590$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB948881) --> "C:\WINDOWS\$NtUninstallKB948881$\spuninst\spuninst.exe"
TerraTec Home Cinema --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}\setup.exe" -l0xb
Total Eclipse --> C:\Program Files\Ovine\Total Eclipse\Uninstal.exe
TuneXP 1.5 --> C:\WINDOWS\iun6002.exe "C:\Program Files\TuneXP\irunin.ini"
Ulead DVD MovieFactory 3 TV --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C7D89BBE-D4B3-49E8-B185-7966B5345866}\setup.exe" -l0x9
Unlocker 1.8.5 --> C:\Program Files\Unlocker\uninst.exe
VCRedistSetup --> MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
Windows Imaging Component --> "C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Live installer --> MsiExec.exe /X{5C29C5F5-A9C9-4E89-A606-13E165E7C55F}
Windows Live Messenger --> MsiExec.exe /X{A9174A72-1B46-445B-B3CF-90ED2C63D83B}
Windows Liven kirjautumisavustaja --> MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
Windows Liven sähköposti --> MsiExec.exe /I{9F7ABBFD-53FB-4D36-891E-8A9E753CF65F}
Windows Liven valokuvavalikoima --> MsiExec.exe /X{A70186F8-F355-42A2-89B9-2C89B36E650E}
Windows Media Encoder 9 Series --> msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Windows Media Encoder 9 Series --> MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windowsin ohjainpaketti - Nokia (WUDFRd) WPD (06/01/2007 6.84.33.0) --> C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccswpddri_044C8712DB44F83D9DE6C376991EE9254E0A69E4\pccswpddriver.inf
Windowsin ohjainpaketti - Nokia Modem (02/15/2007 3.1) --> C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccs_bluet_8B37DC72918CCD58A6EC20373AF6242B037A293B\pccs_bluetooth.inf
Windowsin ohjainpaketti - Nokia Modem (02/15/2007 3.1) --> C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccs_bluet_F12A08B6F776984A95553486F64C541356F86E38\pccs_bluetooth.inf
Windowsin ohjainpaketti - Nokia Modem (05/24/2007 6.84.0.1) --> C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_5E1541AFF1E1EA3554CE566743CCAD323ED1C108\nokbtmdm.inf
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
Vista Transformation Pack 8.0 --> C:\WINDOWS\system32\viwc.exe
ZOOM ASIO Driver --> ZoomUnin.exe

-- Application Event Log -------------------------------------------------------

Event Record #/Type7801 / Error
Event Submitted/Written: 04/11/2008 10:04:16 PM
Event ID/Source: 1002 / Application Hang
Event Description:
Lukkiutunut sovellus WINWORD.EXE, versio 10.0.6838.0, lukkiutumismoduuli hungapp, versio 0.0.0.0, lukkiutumisosoite 0x00000000.

Event Record #/Type7800 / Error
Event Submitted/Written: 04/11/2008 09:55:08 PM
Event ID/Source: 1 / nview_info
Event Description:
NVIEW : Explorer: Mutex Recovery Code - app released the mutex - back to normal operation.

Event Record #/Type7799 / Error
Event Submitted/Written: 04/11/2008 09:55:08 PM
Event ID/Source: 1 / nview_info
Event Description:
NVIEW : Explorer: Mutex Recovery Code - after 5 seconds, mutex still stuck. NView (and Mutexes) are now disabled.

Event Record #/Type7798 / Error
Event Submitted/Written: 04/11/2008 09:55:08 PM
Event ID/Source: 1 / nview_info
Event Description:
NVIEW : Explorer: WAIT_TIMEOUT, LAST SUCCESS: (thread 0xb3c) (cmdName:Explorer.EXE) WindowManager.cpp 3248

Event Record #/Type7797 / Error
Event Submitted/Written: 04/11/2008 09:55:08 PM
Event ID/Source: 1 / nview_info
Event Description:
NVIEW : Explorer: WAIT_TIMEOUT, LAST SUCCESS: (tid: 0xb3c) (pid: 0xd40)

-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.

-- System Event Log ------------------------------------------------------------

Event Record #/Type15298 / Warning
Event Submitted/Written: 04/11/2008 07:36:27 PM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP saavutti yhtäaikaisille TCP-yhteysyrityksille asetetun suojausrajoituksen.

Event Record #/Type15297 / Error
Event Submitted/Written: 04/11/2008 07:35:08 PM
Event ID/Source: 7023 / Service Control Manager
Event Description:
Palvelu Sovellusten hallinta lopetettiin virheen takia. Virhe:
%%126

Event Record #/Type15294 / Error
Event Submitted/Written: 04/11/2008 07:35:08 PM
Event ID/Source: 7023 / Service Control Manager
Event Description:
Palvelu Sovellusten hallinta lopetettiin virheen takia. Virhe:
%%126

Event Record #/Type15291 / Error
Event Submitted/Written: 04/11/2008 07:35:08 PM
Event ID/Source: 7023 / Service Control Manager
Event Description:
Palvelu Sovellusten hallinta lopetettiin virheen takia. Virhe:
%%126

Event Record #/Type15288 / Error
Event Submitted/Written: 04/11/2008 07:35:08 PM
Event ID/Source: 7023 / Service Control Manager
Event Description:
Palvelu Sovellusten hallinta lopetettiin virheen takia. Virhe:
%%126

-- End of Deckard's System Scanner: finished at 2008-04-11 23:55:05 ------------

^^tuossa se extra

Hujo · Apr 11, 2008

Kyllä se on tuo AD mikä tässä oikuilee.

vundootakin ollut koneella näämä.

pistetääs vähän kattiloita paukuttaen

Lataa TÄSTÄ VundoFix.exe työpöydällesi.

Tupla-klikkaa VundoFix.exe ajaaksesi sen.
Klikkaa Scan for Vundo valintaa.
Kun skannaus on valmis, klikkaa Remove Vundo valintaa.
Sinulta kysytään haluatko poistaa filut - klikkaa YES.
Kun olet klikannut yes, työpöytäsi tyhjenee kun se alkaa poistamaan Vundoa.
Kun se on valmis, fiksi ilmoittaa käynnistäväsi koneesi uudelleen, klikkaa OK.
Postita C:\vundofix.txt lokin sekä tuoreen HijackThis lokin sisältö.

Huomaa: Se on mahdollista että VundoFix löysi tiedoston jota se ei pystynyt poistamaan.
Tässä tilanteessa, VundoFix ajaa itsensä rebootissa, seuraa vain yläpuolelle olevia ohjeita alkaen kohdasta "Klikkaa Scan for Vundo valintaa." kun VundoFix ilmaantuu uudelleenkäynnistyksen yhteydessä.

==========

1.Lataa combofix.exe työpöydällesi yhdestä linkistä:
combofix1
combofix2

2. Tuplaklikkaa combofix.exe tiedostoa ja seuraa ohjeistuksia.
3. Kun työkalu on valmis, se tuottaa lokin. Lähetä tämä loki viesti ketjuusi.
Huom! Älä klikkaile combofixin ikkunaa käytön aikana. Tämä saattaa aiheuttaa ohjelman jumiutumisen.

============

Lataa Malwarebytes' Anti-Malware työpöydällesi.

1. Tuplaklikkaa mbam-setup.exe ja seuraa ohjeita asentaaksesi ohjelman.
2. Lopuksi varmistu, että seuraavat on valittu: Update Malwarebytes', Anti-Malwareja
Launch Malwarebytes' Anti-Malware ja sen jälkeen klikkaaFinish.
3. Jos päivitys löytyy. ohjelma lataa ja asentaa uusimman version.
4. Kun ohjelma on latautunut, valitse Perform full scan ja klikkaa Scan.
5. Kun skanni on valmis, klikkaa OK ja sitten Show Results nähdäksesi tulokset.
6. Varmistu, että kaikki on merkitty ja klikkaa Remove Selected.
7. Tämän jälkeen loki avautuu muistioon. Tallenna se paikkaan, josta löydät sen helposti. Loki
löytyy myös täältä: C:\Documents and Settings\Käyttäjänimi\Application
Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-päiväys.txt
8. Lähetä lokin sisältö seuraavassa viestissäsi.

==========

Lataa SDFix by AndyManchesta ja tallenna se työpöydällesi.

Käynnistä koneesi vikasietotilaan:

sammuta ja käynnistä
käynnistyksen yhteydessä hakkaa F8 nappia
valitse nuolinäppäimellä vikasietotila
paina enter ja enter
valitse käyttäjätilisi
paina kyllä

Jossakin koneissa hakataan F8:sin sijasta F5:tä

" Kun vikasietotilassa, pura tiedoston SDFix.zip sisältö (SDFix kansio) työpöydällesi. Työpöydälle pitäisi ilmestyä kansio nimeltä SDFix.
" Avaa SDFix-kansio ja tuplaklikkaa tiedostoa RunThis.bat käynnistääksesi ohjelman.
" Paina Y käynnistääksesi skriptin.
" Työkalu puhdistaa troijalaisen palvelut ja tekee myös joitakin korjauksia rekisteriin. Lopuksi se pyytää käynnistämään koneen uudelleen, "Press any key to Reboot".
" Paina mitä tahansa näppäintä ja kone käynnistyy uudelleen.
" Käynnistyminen kestää normaalia kauemmin sillä SDFix puhdistaa konetta.
" Kun kone on käynnistynyt ja työpöytä latautunut, SDFix kertoo että puhdistus on suoritettu, "Finished".
" Paina sitten mitä tahansa näppäintä sulkeaksesi skriptin ja ladataksesi pikakuvakkeet työpöydälle.
" Lopuksi avaa SDFix kansio (työpöydällä) ja kopioi & liitä tiedoston Report.txt sisältö viestiketjuusi uuden HijackThis:n lokin kera.

LoBer · Apr 12, 2008

En tiiä kone oikkuilee, ei pääse mitenkään vikasietotilaan, enterin painalluksen jälkeen tulee musta ruutu ja vasemmassa yläkulmassa vilkkuu osoitin valkoisena. Ei tule mitenkään. Ja toisekseen ComboFix ei aukene. Ei milllään. Poistin sen ja backupitkin, latasin kolmesta eri paikastakin ei ei ei. No Vundon sain ajettua löytyihän sieltä PowerIso ohjelman syövereistä joku. Poistin sen jälkeen myös tuon ohjelman. Myös tämän jälkeen JOPA panda on ilmoittanu varmaan yli 20 eri viruksesta, viimeisin taisi olla joku pskills.. Comboa ei ole mitenkään estetty eikä valita silloin mitään. SCFixiä siis en oi ajaa. Malwarebytesistä ei mitään löytynyt, mutta tässä vundo, ja malware juttujen logit. Lähetän seuraavassa viestissä hj login, koska ad takkuilee jälleen.

VundoFix V6.5.0

Checking Java version...

Java version is 1.4.2.3
Old versions of java are exploitable and should be removed.

Scan started at 22:27:28 20.9.2007

Listing files found while scanning....

No infected files were found.

VundoFix V6.5.0

Checking Java version...

Java version is 1.4.2.3
Old versions of java are exploitable and should be removed.

Scan started at 7:00:59 21.9.2007

Listing files found while scanning....

No infected files were found.

Beginning removal...

VundoFix V6.5.11

Checking Java version...

Java version is 1.4.2.3
Old versions of java are exploitable and should be removed.

Scan started at 21:43:10 7.11.2007

Listing files found while scanning....

C:\windows\system32\hhkmp.bak1
C:\windows\system32\hhkmp.bak2
C:\windows\system32\hhkmp.ini
C:\windows\system32\hhkmp.ini2
C:\windows\system32\pmkhh.dll

Beginning removal...

Attempting to delete C:\windows\system32\hhkmp.bak1
C:\windows\system32\hhkmp.bak1 Has been deleted!

Attempting to delete C:\windows\system32\hhkmp.bak2
C:\windows\system32\hhkmp.bak2 Has been deleted!

Attempting to delete C:\windows\system32\hhkmp.ini
C:\windows\system32\hhkmp.ini Has been deleted!

Attempting to delete C:\windows\system32\hhkmp.ini2
C:\windows\system32\hhkmp.ini2 Has been deleted!

Attempting to delete C:\windows\system32\pmkhh.dll
C:\windows\system32\pmkhh.dll Has been deleted!

Performing Repairs to the registry.
Done!

VundoFix V6.5.11

Checking Java version...

Java version is 1.4.2.3
Old versions of java are exploitable and should be removed.

Scan started at 22:04:53 4.12.2007

Listing files found while scanning....

No infected files were found.

VundoFix V6.5.11

Checking Java version...

Java version is 1.4.2.3
Old versions of java are exploitable and should be removed.

Scan started at 16:40:26 19.12.2007

Listing files found while scanning....

No infected files were found.

Beginning removal...

Attempting to delete C:\WINDOWS\SYSTEM32\jkkljkl.dll
C:\WINDOWS\SYSTEM32\jkkljkl.dll Could not be deleted.

Attempting to delete C:\WINDOWS\SYSTEM32\jkkljkl.dll
C:\WINDOWS\SYSTEM32\jkkljkl.dll Could not be deleted.

Performing Repairs to the registry.
Done!

VundoFix V6.5.11

Checking Java version...

Java version is 1.4.2.3
Old versions of java are exploitable and should be removed.

Scan started at 16:46:25 19.12.2007

Listing files found while scanning....

No infected files were found.

VundoFix V7.0.3

Scan started at 9:09:49 12.4.2008

Listing files found while scanning....

C:\Program Files\PowerISO\PWRISOSH.DLL

Beginning removal...

Attempting to delete C:\Program Files\PowerISO\PWRISOSH.DLL
C:\Program Files\PowerISO\PWRISOSH.DLL Has been deleted!

Performing Repairs to the registry.
Done!

Malwarebytes' Anti-Malware 1.11
Tietokantaversio: 615

Tarkistustyyppi: Täysi tarkistus (C:\|D:\|)
Tarkistetut kohteet: 161845
Kulunut aika: 46 minute(s), 22 second(s)

Saastuneita muistiprosesseja: 0
Saastuneita muistimoduuleja: 0
Saastuneita rekisteriavaimia: 0
Saastuneita rekisteriarvoja: 0
Saastuneita rekisterikohteita: 0
Saastuneita hakemistoja: 0
Saastuneita tiedostoja: 2

Saastuneita muistiprosesseja:
(Haitallisia kohteita ei löydetty)

Saastuneita muistimoduuleja:
(Haitallisia kohteita ei löydetty)

Saastuneita rekisteriavaimia:
(Haitallisia kohteita ei löydetty)

Saastuneita rekisteriarvoja:
(Haitallisia kohteita ei löydetty)

Saastuneita rekisterikohteita:
(Haitallisia kohteita ei löydetty)

Saastuneita hakemistoja:
(Haitallisia kohteita ei löydetty)

Saastuneita tiedostoja:
C:\WINDOWS\system32\lsprst7.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ssprs.dll (Trojan.Agent) -> Quarantined and deleted successfully.

Lissää apuja kiitos! Vikasietotilaan olisi kiva päästä. Buuttailtu on ja ilman virustentorjunta ohjelmaaki on yritetty kaikkea! Ei enää tkauile niin paljoa mutta on tämä paljon nopeampi ollut! Levyn eheytyksen voisin tehdä vielä tässä.

Hujo · Apr 12, 2008

Escan
Ohjeet tuolla sivulla.
http://koti.mbnet.fi/pattaya1/escanmwav.htm
lataa tuosta
http://www.spywareinfo.dk/download/mwav.exe
päivitä tuosta
http://koti.mbnet.fi/pattaya1/lataus/Mwav.bat
laita täpit merkkauksien mukaan
http://koti.mbnet.fi/pattaya1/eScan6.jpg

scannaa

jos ala luukkuun tulee jotain niin kopioi se näin:
Käytä komentoa Ctrl+A.
Kopioi rivit komennolla Ctrl+C.
Liitä rivit komennolla Ctrl+V.

Laita virus log tänne.

LoBer · Apr 13, 2008

Löytihän tuo taas paljon roskaa:

File C:\!KillBox\jkkljkl.dll infected by "Packed.Win32.Monder.gen" Virus. Action Taken: File Renamed.
File C:\Documents and Settings\HP_Omistaja\Työpöytä\Tietoturva\HijackThis\backups\backup-20071107-214017-646.dll infected by "Packed.Win32.Monder.gen" Virus. Action Taken: File Renamed.
File C:\Documents and Settings\HP_Omistaja\Työpöytä\Tietoturva\HijackThis\backups\backup-20071107-214017-968.dll tagged as not-a-virus:AdWare.Win32.Virtumonde.vr. No Action Taken.
File C:\Documents and Settings\HP_Omistaja\Työpöytä\Tietoturva\HijackThis\backups\backup-20071117-225839-321.dll infected by "Packed.Win32.Monder.gen" Virus. Action Taken: File Renamed.
File C:\Documents and Settings\HP_Omistaja\Työpöytä\Tietoturva\HijackThis\backups\backup-20071218-142801-545.dll infected by "Packed.Win32.Monder.gen" Virus. Action Taken: File Renamed.
File C:\Documents and Settings\HP_Omistaja\Työpöytä\Tietoturva\HijackThis\backups\backup-20071219-171100-328.dll infected by "Packed.Win32.Monder.gen" Virus. Action Taken: File Renamed.
File C:\Documents and Settings\HP_Omistaja\Työpöytä\Valmiit\counter strike keygen.zip infected by "Trojan-Downloader.Win32.Small.fox" Virus. Action Taken: File Deleted.
File C:\Program Files\DC++\Downloads\nokia 5300 Share Accelerator.zip tagged as not-a-virus:AdWare.Win32.Shopper.r. No Action Taken.
File C:\RECYCLER\S-1-5-21-2514184539-2036797540-4085420433-1007\Dc66.zip infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.
File C:\RECYCLER\S-1-5-21-2514184539-2036797540-4085420433-1007\Dc68.bat infected by "BkCln.Unknown" Virus. Action Taken: File Deleted.
File C:\Steamacc.exe infected by "Trojan-PSW.Win32.Steam.t" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP130\A0055626.dll infected by "Packed.Win32.Monder.gen" Virus. Action Taken: File Renamed.
File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP130\A0055627.dll infected by "Packed.Win32.Monder.gen" Virus. Action Taken: File Renamed.
File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP130\A0055628.dll infected by "Packed.Win32.Monder.gen" Virus. Action Taken: File Renamed.
File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP130\A0055629.dll infected by "Packed.Win32.Monder.gen" Virus. Action Taken: File Renamed.
File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP130\A0055630.dll infected by "Packed.Win32.Monder.gen" Virus. Action Taken: File Renamed.
File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP130\A0055822.exe infected by "Trojan-PSW.Win32.Steam.t" Virus. Action Taken: File Deleted.
File C:\VundoFix Backups\jkkljkl.dll .bad infected by "Packed.Win32.Monder.gen" Virus. Action Taken: File Renamed.

Pittääkö jo Smitraudfixi ottaa käyttöön? Vikasietotilaan en vieläkään pääse, ja järjestelmänpalutukset ei toimi. Ärsyttää : (.

LoBer · Apr 13, 2008

Heijjaa, sain Combofixin toimimaan muutaman buutin jälkeen! Tässä logi:

ComboFix 08-04-12.5 - HP_Omistaja 2008-04-13 9:38:33.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1035.18.544 [GMT 3:00]
Running from: C:\Documents and Settings\HP_Omistaja\Työpöytä\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLEINSTALLED !!
.

(((((((((((((((((((((((((((((((((((((( Muut poistot ))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\Downloaded Program Files\setup.inf
C:\WINDOWS\system32\mcrh.tmp

.
((((( Tiedostot, jotka on luotu seuraavalla aikavälillä: 2008-03-13 to 2008-04-13 )))))))))))))))))
.

2008-04-13 00:15 . 2008-04-13 00:15 0 --a------ C:\23990098.$$$
2008-04-12 13:16 . 2008-04-12 13:16 <KANSIO> d-------- C:\Program Files\Acoustica CD Label Maker
2008-04-12 09:36 . 2008-04-12 09:36 <KANSIO> d-------- C:\Documents and Settings\HP_Omistaja\Application Data\Malwarebytes
2008-04-12 09:36 . 2008-04-12 09:36 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-04-11 20:14 . 2008-04-11 20:14 <KANSIO> d-------- C:\Program Files\Microsoft Silverlight
2008-04-11 19:43 . 2008-04-11 19:43 <KANSIO> d-------- C:\Program Files\Guitar Pro 5
2008-03-27 18:22 . 2008-03-27 18:22 <KANSIO> d-------- C:\Program Files\Softnyx
2008-03-27 17:56 . 2008-04-12 10:48 <KANSIO> d-------- C:\Program Files\Ovine
2008-03-23 18:37 . 2008-03-23 18:38 3,773,368 --a------ C:\CAPTURE.avi

.
(((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-12 18:08 392,252 ----a-w C:\WINDOWS\system32\drivers\APPFCONT.DAT.bck
2008-04-12 18:08 392,252 ----a-w C:\WINDOWS\system32\drivers\APPFCONT.DAT
2008-04-12 17:22 1,284 ----a-w C:\WINDOWS\system32\drivers\APPFLTR.CFG.bck
2008-04-12 17:22 1,284 ----a-w C:\WINDOWS\system32\drivers\APPFLTR.CFG
2008-04-12 17:07 --------- d-----w C:\Program Files\Google
2008-04-12 15:50 --------- d-----w C:\Program Files\Steam
2008-04-12 07:48 --------- d-----w C:\Program Files\Steinberg
2008-04-12 07:39 --------- d-----w C:\Program Files\Hide Window Hotkey
2008-04-12 07:34 --------- d-----w C:\Program Files\BitComet
2008-04-11 19:17 --------- d-----w C:\Program Files\Common Files\TerraTec
2008-04-11 17:06 --------- d-----w C:\Documents and Settings\HP_Omistaja\Application Data\uTorrent
2008-04-10 16:51 --------- d-----w C:\Program Files\DC++
2008-03-28 17:29 --------- d-----w C:\Program Files\MSN Messenger
2008-03-28 17:29 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-03-20 08:09 1,845,504 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-10 19:54 --------- d-----w C:\Program Files\Windows Live
2008-03-10 19:54 --------- d-----w C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-03-09 18:59 --------- d-----w C:\Program Files\Microsoft SQL Server Compact Edition
2008-03-09 18:52 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
2008-03-09 18:45 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-03-08 16:44 60,348 ----a-w C:\WINDOWS\system32\ZoomUnin.exe
2008-03-06 11:53 --------- d-----w C:\Program Files\ZOOM
2008-03-01 13:01 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-02-25 16:28 --------- d-----w C:\Documents and Settings\HP_Omistaja\Application Data\Nokia
2008-02-23 16:20 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
2008-02-20 05:38 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
2008-02-18 11:54 --------- d-----w C:\Documents and Settings\All Users\Application Data\Nokia
2008-02-18 11:53 --------- d-----w C:\Program Files\Nokia
2008-02-18 11:52 --------- d-----w C:\Program Files\Common Files\Nokia
2008-02-18 11:52 --------- d-----w C:\Documents and Settings\All Users\Application Data\Installations
2008-02-17 16:52 --------- d-----w C:\Program Files\Virtual Earth 3D
2008-02-07 04:50 720,896 ----a-w C:\WINDOWS\iun6002.exe
2008-02-01 09:17 586,752 ----a-w C:\WINDOWS\WLXPGSS.SCR
2008-01-22 14:34 32,832 ----a-w C:\Documents and Settings\HP_Omistaja\Application Data\GDIPFONTCACHEV1.DAT
2008-01-13 09:30 4,608 ----a-w C:\WINDOWS\~DF9AC7.tmp
.

------- Sigcheck -------

2005-03-02 21:13 2059264 01f49730c2d76aad87c4d2b2dd4e12e2 C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe
2007-02-28 19:08 2061696 8bacc2a67078823acab7c8306f394918 C:\WINDOWS\$hf_mig$\KB931784\SP2QFE\ntkrnlpa.exe
2003-04-25 03:18 1951744 182902e56348bdfec5e5f6fcb9eca1ce C:\WINDOWS\$NtServicePackUninstall$\ntkrnlpa.exe
2004-09-14 16:08 2059136 e6cbe47b5ea01ce981e4663900f04a15 C:\WINDOWS\$NtUninstallKB890859$\ntkrnlpa.exe
2005-03-02 21:08 2059136 1c09a92e5a1c21ca1ad367f13f9b5a9d C:\WINDOWS\$NtUninstallKB931784$\ntkrnlpa.exe
2007-02-28 19:02 2059904 9f7bc4398e9a43f533ed4d8e690b1cd6 C:\WINDOWS\Driver Cache\i386\ntkrnlpa.exe
2004-09-14 16:08 2059136 e6cbe47b5ea01ce981e4663900f04a15 C:\WINDOWS\ServicePackFiles\i386\ntkrnlpa.exe
2007-02-28 19:02 2070272 cc7dd434d738f8ecdcefa962296d13bf C:\WINDOWS\system32\ntkrnlpa.exe
2007-02-28 19:02 2059904 9f7bc4398e9a43f533ed4d8e690b1cd6 C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
2007-02-28 19:02 2059904 9f7bc4398e9a43f533ed4d8e690b1cd6 C:\WINDOWS\system32\VITrans\ntkrnlpa.exe

2005-03-02 21:13 2181888 6e55b15ee58a0eaaaf20db1f4da39add C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe
2007-02-28 19:08 2184448 7ff07a634379ee2fd2b097fd76c49bfc C:\WINDOWS\$hf_mig$\KB931784\SP2QFE\ntoskrnl.exe
2003-04-25 03:18 1928064 a9e430d3660a5ada1acf33705b5706e8 C:\WINDOWS\$NtServicePackUninstall$\ntoskrnl.exe
2004-09-14 16:08 2183296 2a8e38e78177bf83c73897511a4eecd0 C:\WINDOWS\$NtUninstallKB890859$\ntoskrnl.exe
2005-03-02 21:08 2181632 ae8d156d1028fba3939609f4c39eb1f1 C:\WINDOWS\$NtUninstallKB931784$\ntoskrnl.exe
2007-02-28 19:02 2182656 6a51f190523074b729702923fac865f4 C:\WINDOWS\Driver Cache\i386\ntoskrnl.exe
2004-09-14 16:08 2183296 2a8e38e78177bf83c73897511a4eecd0 C:\WINDOWS\ServicePackFiles\i386\ntoskrnl.exe
2007-02-28 19:02 2193024 384056a003d4b564a38bc81f6b64a850 C:\WINDOWS\system32\ntoskrnl.exe
2007-02-28 19:02 2182656 6a51f190523074b729702923fac865f4 C:\WINDOWS\system32\dllcache\ntoskrnl.exe
2007-02-28 19:02 2182656 6a51f190523074b729702923fac865f4 C:\WINDOWS\system32\VITrans\ntoskrnl.exe

2007-06-13 16:22 1424384 6cb031502907d2c13b4ad3322adb6434 C:\WINDOWS\explorer.exe
2007-06-13 16:10 1033728 fb53c3b1e17f62e8fcb07caaf4c4272e C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
2004-02-12 19:47 1004544 d6c6bfea41800fd67d3c08f73478065e C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
2004-09-14 16:12 1032704 43c0b3d357f319875a51bc111f393147 C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
2004-09-14 16:12 1032704 43c0b3d357f319875a51bc111f393147 C:\WINDOWS\ServicePackFiles\i386\explorer.exe
2007-06-13 16:22 1033728 0f88a5b1ca666754c4c62ad3db4730ef C:\WINDOWS\system32\dllcache\explorer.exe
2007-06-13 16:22 1033728 0f88a5b1ca666754c4c62ad3db4730ef C:\WINDOWS\system32\VITrans\explorer.exe
.
(((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{AD6E6555-FB2C-47D4-8339-3E2965509877}"= "C:\PROGRA~1\TerraTec\TERRAT~1\THCDES~1.DLL" [2008-03-06 13:52 536576]

[HKEY_CLASSES_ROOT\clsid\{ad6e6555-fb2c-47d4-8339-3e2965509877}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2004-04-14 21:43 233472]
"NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [2004-07-02 00:12 4112384]
"APVXDWIN"="C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\APVXDWIN.exe" [2007-03-30 15:52 329264]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr]
avldr.dll 2007-02-15 20:02 50736 C:\WINDOWS\system32\avldr.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\PandaAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\PandaFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvr.exe"=
"C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvrUpdate\\CinergyDvrUp_date.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvrHelper.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"19731:TCP"= 19731:TCP:BitComet 19731 TCP
"19731:UDP"= 19731:UDP:BitComet 19731 UDP
"26341:TCP"= 26341:TCP:BitComet 26341 TCP
"26341:UDP"= 26341:UDP:BitComet 26341 UDP

R1 APPFLT;App Filter Plugin;C:\WINDOWS\system32\Drivers\APPFLT.SYS [2007-04-02 19:43]
R1 DSAFLT;DSA Filter Plugin;C:\WINDOWS\system32\Drivers\DSAFLT.SYS [2007-04-02 19:43]
R1 FNETMON;NetMon Filter Plugin;C:\WINDOWS\system32\Drivers\fnetmon.SYS [2007-03-12 17:45]
R1 IDSFLT;Ids Filter Plugin;C:\WINDOWS\system32\Drivers\IDSFLT.SYS [2007-04-02 19:43]
R1 NETFLTDI;Panda Net Driver [TDI Layer];C:\WINDOWS\system32\Drivers\NETFLTDI.SYS [2007-03-22 18:12]
R1 ShldDrv;Panda File Shield Driver;C:\WINDOWS\system32\DRIVERS\ShlDrv51.sys [2007-03-12 18:27]
R1 SMSFLT;SMS Filter Plugin;C:\WINDOWS\system32\Drivers\SMSFLT.SYS [2007-04-02 19:43]
R1 WNMFLT;Wifi Monitor Filter Plugin;C:\WINDOWS\system32\Drivers\WNMFLT.SYS [2007-04-02 19:43]
R2 cpoint;Panda CPoint Driver;C:\WINDOWS\system32\Drivers\cpoint.sys [2006-10-27 13:27]
R2 PavProc;Panda Process Protection Driver;C:\WINDOWS\system32\DRIVERS\PavProc.sys [2007-02-19 15:21]
R3 AvFlt;Antivirus Filter Driver;C:\WINDOWS\system32\drivers\av5flt.sys []
R3 ComFiltr;Panda Anti-Dialer;C:\WINDOWS\system32\DRIVERS\COMFiltr.sys []
R3 NETIMFLT;PANDA NDIS IM Filter Miniport;C:\WINDOWS\system32\DRIVERS\netimflt.sys [2007-04-02 19:43]
R3 PavSRK.sys;PavSRK.sys;C:\WINDOWS\system32\PavSRK.sys []
R3 PavTPK.sys;PavTPK.sys;C:\WINDOWS\system32\PavTPK.sys []
R3 TTCinergyT2;TerraTec Cinergy T² (BDA);C:\WINDOWS\system32\DRIVERS\TTCinergyT2BDA.sys [2006-05-19 12:31]
S3 jswmidin;jswmidin;C:\DOCUME~1\HP_OMI~1\LOCALS~1\Temp\jswmidin.sys []
S4 Logitech QuickCam Manager;Logitech QuickCam Manager;"C:\WINDOWS\System32\dllcache\mlqm.exe" []

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A01200FD-FFE0-F397-DE1C-E0060A450904}]
C:\WINDOWS\system32\Win32.exe
.
**************************************************************************

catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-13 09:41:26
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-04-13 9:42:18
ComboFix-quarantined-files.txt 2008-04-13 06:42:01
ComboFix2.txt 2007-11-11 20:24:16
Pre-Run: 101,035,159,552 tavua vapaana
Post-Run: 101,021,970,432 tavua vapaana
.
2008-04-09 12:16:59 --- E O F ---

Yritän nyt vielä vikasietotilaan jos vaikka pääsisi SDFixiä tekemään... Eikös ollut jokin toinenkin keino miten pääsee vikasietotilaan, jostain asetuksista vain raksi ruutuun?

EDIT: Vikasietotilaan pääsee, pitää odottaa kumminkin aina 5 minuuttia, enkä saanut SDFixiä toimimaan, valittaa vaan määritetyä polkua ei löydy yms.

Olisiko apua Pandan listasta mitä on tänään ja eilen löytynyt viruksia, kun niitä rupeaa löytymään scannien aikana...

Hujo · Apr 13, 2008

Toi kotiteatteri haittaa sulla ilmeisesti vikasietotilaan pääsyä..

niin mitäs se sdfix tekee

järjestelmän palautusta ei kannata käyttää se pitää tyhjätä

1. Klikkaa käynnistä > Oma tietokone oikean puoleisella hiiren napilla
2. Valitse ominaisuudet
3. Valitse järjestelmän palauttaminen välilehti
4. Ruksi eteen ¤ poista järjestelmän palauttaminen kaikissa asemissa
5. Paina Käytä
6. Paina ok
7. Sammuta ja käynnistä
8. Ota ruksi pois ¤ poista järjestelmän palauttaminen kaikissa asemissa
9. Käytä ja OK

LoBer · Apr 13, 2008

Juu niin siis on ennen näillä kajareilla kyllä päästänyt vikasietotilaan heti. Nyt menee jotain 15 mnuuttia eka sanoo jotai Loadind sitten tulee vaa mustaa ja sit joskus siitä menee vikaisetotilaan.. Nii sitä vaan tuosta järjestelmän palautuksesta, että samana päivänä ku rupesi kone hidastelemaan hävisi muunmoassa midi äänet koneesta, ja yriin sitten järjestelmänpalautusta, kaikki palautuspisteet olivat rikkonaisia :-O. Niin se SDFix avaa sen mustan ikkunan, sitten jankuttaa monella rivillä samaa jutskaa Määriettyä polkua ei löydy, tuota toistaa oin 20 riviä sikanopeasti, sen jälkeen sulkeutuu. Ton tekee siis kun painaa Y ja sitten enter. A-kirjaimesta se vain menee kiinni ja tekee jotai tekstitiedostoja helevetisti missä ei luea mitään, ja semmosia backups_old1, 2 ,3 jne... Missään niissä ei ole mitään eikä missää lue mitään. N-kirjaimesta se sulkee vain sen.. Oliko tossa ComboFixin logissa mitään? tai Escannin? Pitäisikö niitä poistella?

Hujo · Apr 13, 2008

tehdääs näin
poista koneelta

VundoFix <-- kaikki versiot
tyhjennä hjt:n backup
Deckard's System Scanner dss
c:\bases
c:\kapensky

Pistä tuo alla oleva suorita luukkuun ja paina Ok

Combofix /u

=============

Lataa OTMoveIt
OTMoveIt ja tallenna se työpöydällesi.

Tuplaklikkaa OTMoveIt.exe.
Klikkaa CleanUp!.
Valitse Yes kun kysytään "Begin cleanup Process?".
Jos pyydetään, että saako koneen käynnistää uudeelleen, valitse Yes.OTMoveIt poistaa itsensä kun se on valmis, jos näin ei käy poista se itse.

HUOM: Jos palomuurisi tai joku muu tietoturvaohjelma varoittaa, että OTMoveIt yrittää päästä nettin, niin anna sen päästä sinne.

LoBer · Apr 13, 2008

Tein nuo, ja tuossa uorita combofix /u jutussa se imoitti että ei löydy tai jtn. Tässäpä vielä HiJackThis-logi. Epäilen kumminkin että moskaa piisaa tällä koneella lissää : /

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:52:21, on 13.4.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\pavsrv51.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\AVENGINE.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\TPSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PsCtrls.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PavFnSvr.exe
C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
c:\program files\panda software\panda antivirus + firewall 2007\firewall\PSHOST.EXE
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PsImSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\APVXDWIN.EXE
C:\Program Files\Microsoft IntelliPoint\IPoint.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\WebProxy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\SoftwareDistribution\Download\Install\NetFx20SP1_x86.exe
c:\782f6e79c0ae0c7437\setup.exe
C:\WINDOWS\system32\msiexec.exe
c:\WINDOWS\system32\MsiExec.exe
c:\WINDOWS\system32\MsiExec.exe
C:\Documents and Settings\HP_Omistaja\Työpöytä\Tietoturva\HijackThis\scanner.exe.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FI_FI&c=Q404&bd=pavilion&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/ig
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FI_FI&c=Q404&bd=pavilion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: &TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\PROGRA~1\TerraTec\TERRAT~1\THCDES~1.DLL
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\APVXDWIN.EXE" /s
O4 - Startup: Microsoft Keyboard.lnk = C:\Program Files\Microsoft IntelliType Pro\DPLaunch.exe
O4 - Startup: Microsoft Mouse.lnk = C:\Program Files\Microsoft IntelliPoint\dplaunch.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod-palvelu (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Panda Software Controller - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PsCtrls.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software International - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\pavsrv51.exe
O23 - Service: Panda Host Service (PSHost) - Panda Software International - c:\program files\panda software\panda antivirus + firewall 2007\firewall\PSHOST.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PsImSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Panda TPSrv (TPSrv) - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\TPSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 6847 bytes

Oli samalla nuo Windowsin päiitykset asentumassa...

Hujo · Apr 13, 2008

tee koneen omalla ohjelmalla

järjestä uudeleen täpit niihin missä kamaa on
levyn eheytys

Laita siihen koneeseen 2g keskusmuistia

LoBer · Apr 13, 2008

Viruksia ei enää ole? Niin voisihan sitä laittaa, mutta uusi kone saattaa tulla kohtapuoleen niin pärjänee tällä... Mutta hitaampi tämä vielä on.

Hujo · Apr 13, 2008

sitten jos tuo panda on raskas niin
vaiha se avg, antivir tai avast
ja vaatii erillisen palomuurin

niin 1g siinähän koneessa on tuota muistia.

LoBer · Apr 13, 2008

Ei tuo panda raskas ole, juu niin 1 giga täs on muistia... Mutta se vaa huolestuttaa kun sillo midit katos ja muutenki hidastu, nuo scannit auttoi mut vieläkin hitusen hitaampi kun ennen... pitää varmaan varmuskopiot ottaa ja järjestelmä uusiks asentaa niin pääsee virheistä eroon. Eihän tästä ole kuin 5kk kun viimeksi näin tein. Susi koko kone :'D

Hujo · Apr 13, 2008

näyttää siellä olevan myös tota kamaa
kun tyhjää 66.36g

LoBer · Apr 14, 2008

Putosin vähän kärryiltä mut mitä on tyhjää 66.36 g?

Log in or Sign up

Kone hidastelee, netti takkuilee ja prosessit vie muistia!

LoBer Regular member

Hujo Guest

LoBer Regular member

LoBer Regular member

LoBer Regular member

Hujo Guest

LoBer Regular member

Hujo Guest

LoBer Regular member

LoBer Regular member

Hujo Guest

LoBer Regular member

Hujo Guest

LoBer Regular member

Hujo Guest

LoBer Regular member

Hujo Guest

LoBer Regular member

Hujo Guest

LoBer Regular member

Share This Page

Log in or Sign up

Kone hidastelee, netti takkuilee ja prosessit vie muistia!

LoBer Regular member

Hujo Guest

LoBer Regular member

LoBer Regular member

LoBer Regular member

Hujo Guest

LoBer Regular member

Hujo Guest

LoBer Regular member

LoBer Regular member

Hujo Guest

LoBer Regular member

Hujo Guest

LoBer Regular member

Hujo Guest

LoBer Regular member

Hujo Guest

LoBer Regular member

Hujo Guest

LoBer Regular member

Share This Page

Useful Searches