Moi! Mulla olis sellanen ongelma, et kone saattaa yhtäkkiä jumahtaa, siis se ei tee niin ku yhtään mitään, ja sekös ottaa päähän. Sit olen homannu, et ku kattoo nettisivuilta kuvia tai videoita niin ne on tosi huono laatusia ei ne ennemin oo ollu, voiko joku virus vaikuttaa kuvan laatuun? ja sit videot koko ajan pätkii. Olisin tosi kiitollinen jos joku vois autaa vähän, ku en mie tajuu noista logeita yhtään mitään. =) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:04:19, on 10.6.2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16640) Boot mode: Normal Running processes: D:\WINDOWS\System32\smss.exe D:\WINDOWS\system32\winlogon.exe D:\WINDOWS\system32\services.exe D:\WINDOWS\system32\lsass.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\System32\svchost.exe D:\WINDOWS\system32\ZoneLabs\vsmon.exe D:\Program Files\Lavasoft\Ad-Aware\aawservice.exe D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe D:\Program Files\Alwil Software\Avast4\ashServ.exe D:\WINDOWS\system32\spoolsv.exe D:\WINDOWS\system32\nvsvc32.exe D:\Program Files\TeamViewer3\TeamViewer_Host.exe D:\Program Files\TightVNC\WinVNC.exe D:\Program Files\TeamViewer3\TeamViewer.exe D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe D:\Program Files\Alwil Software\Avast4\ashWebSv.exe D:\WINDOWS\Explorer.EXE D:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe D:\WINDOWS\system32\RUNDLL32.EXE D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe D:\WINDOWS\system32\ctfmon.exe D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe D:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe D:\Program Files\Mozilla Firefox\firefox.exe D:\Program Files\Trend Micro\HijackThis\HijackThis.exe D:\WINDOWS\system32\msiexec.exe D:\Program Files\WinZip\WZQKPICK.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.rockway.fi/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: ZoneAlarm Spy Blocker BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - D:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - D:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [NVMixerTray] "D:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [WinVNC] "D:\Program Files\TightVNC\WinVNC.exe" -servicehelper O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [ZoneAlarm Client] "D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ccleaner] "D:\Program Files\CCleaner\CCleaner.exe" /AUTO O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Paikallinen palve') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Verkkopalve') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: WinZip Quick Pick.lnk = D:\Program Files\WinZip\WZQKPICK.EXE O8 - Extra context menu item: &Windows Live Search - res://D:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra button: Lisää tämä blogiin - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Lisää tämä blogiin tuotteessa Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - D:\Program Files\Yahoo!\Common\yinsthelper.dll O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - D:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe O23 - Service: TeamViewer 3 (TeamViewer) - TeamViewer GmbH - D:\Program Files\TeamViewer3\TeamViewer_Host.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - D:\WINDOWS\system32\ZoneLabs\vsmon.exe O23 - Service: VNC Server (winvnc) - TightVNC Group - D:\Program Files\TightVNC\WinVNC.exe -- End of file - 6707 bytes ComboFix 08-06-08.8 - yleinen 2008-06-10 21:37:03.2 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1035.18.134 [GMT 3:00] Running from: D:\Documents and Settings\yleinen\Työpöytä\ComboFix.exe * Resident AV is active WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((( Tiedostot, jotka on luotu seuraavalla aikavälillä: 2008-05-10 to 2008-06-10 ))))))))))))))))) . 2008-06-10 21:02 . 2008-06-10 21:02 <KANSIO> d-------- D:\Program Files\Trend Micro 2008-06-10 20:36 . 2008-06-10 20:36 <KANSIO> d-------- D:\WINDOWS\ERUNT 2008-06-10 20:23 . 2008-06-10 20:23 <KANSIO> d-------- D:\Program Files\Malwarebytes' Anti-Malware 2008-06-10 20:23 . 2008-06-10 20:23 <KANSIO> d-------- D:\Documents and Settings\yleinen\Application Data\Malwarebytes 2008-06-10 20:23 . 2008-06-10 20:23 <KANSIO> d-------- D:\Documents and Settings\All Users\Application Data\Malwarebytes 2008-06-10 20:23 . 2008-06-09 20:13 34,296 --a------ D:\WINDOWS\system32\drivers\mbamcatchme.sys 2008-06-10 20:23 . 2008-06-09 20:13 15,864 --a------ D:\WINDOWS\system32\drivers\mbam.sys 2008-06-09 21:14 . 2008-06-09 21:14 <KANSIO> d-------- D:\Program Files\Innovative Solutions 2008-06-09 21:06 . 2008-06-09 21:06 <KANSIO> d-------- D:\WINDOWS\system32\config\systemprofile\Application Data\TeamViewer 2008-06-09 21:06 . 2008-06-09 21:06 <KANSIO> d-------- D:\Documents and Settings\yleinen\Application Data\TeamViewer 2008-06-09 21:05 . 2008-06-09 21:06 <KANSIO> d-------- D:\Program Files\TeamViewer3 2008-06-09 21:04 . 2008-06-09 21:04 <KANSIO> d-------- D:\Documents and Settings\yleinen\temp 2008-06-09 17:00 . 2008-06-09 17:00 <KANSIO> d-------- D:\Documents and Settings\All Users\Application Data\Genimo 2008-06-09 16:56 . 2008-06-09 16:56 <KANSIO> d-------- D:\Documents and Settings\yleinen\Application Data\Genimo 2008-06-09 03:31 . 2008-06-10 21:39 <KANSIO> d-------- D:\Documents and Settings\yleinen\Työpöytä 2008-06-09 01:28 . 2008-06-09 01:28 <KANSIO> d-------- D:\Documents and Settings\yleinen\Application Data\Boomzap 2008-06-09 01:27 . 2008-06-09 03:31 <KANSIO> d-------- D:\Program Files\PlayFirst 2008-06-09 01:27 . 2008-06-09 01:27 <KANSIO> d-------- D:\Documents and Settings\yleinen\Application Data\PlayFirst 2008-06-08 22:33 . 2008-06-08 22:33 <KANSIO> d-------- D:\Program Files\Windows Media Connect 2 2008-06-08 22:33 . 2008-06-08 22:33 <KANSIO> d-------- D:\Program Files\Microsoft Silverlight 2008-06-08 22:31 . 2008-06-08 22:36 <KANSIO> d-------- D:\WINDOWS\system32\LogFiles 2008-06-08 22:31 . 2008-06-08 22:31 <KANSIO> d-------- D:\WINDOWS\system32\drivers\UMDF 2008-06-08 22:29 . 2008-06-08 22:29 <KANSIO> d-------- D:\WINDOWS\system32\URTTEMP 2008-06-08 22:10 . 2008-06-08 22:10 <KANSIO> d-------- D:\WINDOWS\system32\fi 2008-06-08 22:10 . 2008-06-08 22:10 <KANSIO> d-------- D:\WINDOWS\system32\bits 2008-06-08 22:10 . 2008-06-08 22:10 <KANSIO> d-------- D:\WINDOWS\l2schemas 2008-06-08 22:07 . 2008-06-08 22:10 <KANSIO> d-------- D:\WINDOWS\ServicePackFiles 2008-06-08 22:02 . 2008-06-08 22:02 <KANSIO> d-------- D:\WINDOWS\EHome 2008-06-08 21:51 . 2004-08-03 22:41 1,041,536 --------- D:\WINDOWS\system32\drivers\hsfdpsp2.sys 2008-06-08 21:50 . 2004-09-14 16:06 701,440 --------- D:\WINDOWS\system32\drivers\ati2mtag.sys 2008-06-08 21:36 . 2008-06-08 21:36 13,690 --a------ D:\WINDOWS\system32\wpa.bak 2008-06-08 13:38 . 2008-06-03 22:27 <KANSIO> d--h----- D:\Documents and Settings\Järjestelmänvalvoja\Verkkoympäristö 2008-06-08 13:38 . 2008-06-03 22:27 <KANSIO> d--h----- D:\Documents and Settings\Järjestelmänvalvoja\Verkkoympäristö 2008-06-08 13:38 . 2008-06-10 21:39 <KANSIO> d-------- D:\Documents and Settings\Järjestelmänvalvoja\Työpöytä 2008-06-08 13:38 . 2008-06-10 21:39 <KANSIO> d-------- D:\Documents and Settings\Järjestelmänvalvoja\Työpöytä 2008-06-08 13:38 . 2008-06-03 22:27 <KANSIO> d--h----- D:\Documents and Settings\Järjestelmänvalvoja\Tulostinympäristö 2008-06-08 13:38 . 2008-06-03 22:27 <KANSIO> d--h----- D:\Documents and Settings\Järjestelmänvalvoja\Tulostinympäristö 2008-06-08 13:38 . 2008-06-03 22:27 <KANSIO> d-------- D:\Documents and Settings\Järjestelmänvalvoja\Suosikit 2008-06-08 13:38 . 2008-06-03 22:27 <KANSIO> d-------- D:\Documents and Settings\Järjestelmänvalvoja\Suosikit 2008-06-08 13:38 . 2008-06-03 19:45 <KANSIO> d--h----- D:\Documents and Settings\Järjestelmänvalvoja\Mallit 2008-06-08 13:38 . 2008-06-03 19:45 <KANSIO> d--h----- D:\Documents and Settings\Järjestelmänvalvoja\Mallit 2008-06-08 13:38 . 2008-06-03 22:27 <KANSIO> dr------- D:\Documents and Settings\Järjestelmänvalvoja\Käynnistä-valikko 2008-06-08 13:38 . 2008-06-03 22:27 <KANSIO> dr------- D:\Documents and Settings\Järjestelmänvalvoja\Käynnistä-valikko 2008-06-08 13:38 . 2008-06-08 14:04 <KANSIO> d-------- D:\Documents and Settings\Järjestelmänvalvoja 2008-06-08 13:28 . 2008-06-08 13:28 121 --a------ D:\WINDOWS\bdagent.INI 2008-06-08 13:12 . 2008-06-08 14:17 <KANSIO> d-------- D:\Program Files\BitDefender 2008-06-08 13:11 . 2008-06-08 14:17 <KANSIO> d-------- D:\Program Files\Common Files\BitDefender 2008-06-08 12:54 . 2008-06-08 12:54 <KANSIO> d-------- D:\Documents and Settings\All Users\Application Data\Arovax 2008-06-08 12:25 . 2008-06-08 12:25 <KANSIO> d-------- D:\Documents and Settings\yleinen\Application Data\Media Player Classic 2008-06-07 15:41 . 2008-06-07 15:41 <KANSIO> d-------- D:\Program Files\DivX 2008-06-07 15:41 . 2008-06-07 15:46 <KANSIO> d-------- D:\Documents and Settings\yleinen\Application Data\DivX 2008-06-07 15:36 . 2008-06-07 15:36 <KANSIO> d-------- D:\Program Files\K-Lite Codec Pack 2008-06-07 15:36 . 2008-01-10 15:15 755,027 --a------ D:\WINDOWS\system32\xvidcore.dll 2008-06-07 12:16 . 2008-06-07 12:16 <KANSIO> d-------- D:\Documents and Settings\All Users\Application Data\Alawar Stargaze 2008-06-07 02:44 . 2008-06-08 03:47 <KANSIO> d-------- D:\Program Files\Alawar 2008-06-05 23:03 . 2008-06-05 23:03 <KANSIO> d-------- D:\WINDOWS\Sun 2008-06-05 22:40 . 2008-06-05 22:40 <KANSIO> d-------- D:\Program Files\OpenAL 2008-06-05 22:40 . 2007-10-12 15:14 3,734,536 --a------ D:\WINDOWS\system32\d3dx9_36.dll 2008-06-05 22:40 . 2008-06-05 22:40 413,696 --a------ D:\WINDOWS\system32\wrap_oal.dll 2008-06-05 22:40 . 2007-04-04 18:53 81,768 --a------ D:\WINDOWS\system32\xinput1_3.dll 2008-06-05 22:39 . 2008-06-05 22:50 <KANSIO> d-------- D:\Program Files\Trials 2 Second Edition 2008-06-05 11:18 . 2008-06-05 11:18 <KANSIO> d-------- D:\Program Files\ReflexiveArcade 2008-06-04 21:31 . 2008-06-04 21:31 <KANSIO> d-------- D:\Program Files\Guitar Pro 5 2008-06-04 17:21 . 2007-07-30 19:19 207,736 --a------ D:\WINDOWS\system32\muweb.dll 2008-06-04 17:20 . 2007-07-30 19:19 271,224 --a------ D:\WINDOWS\system32\mucltui.dll 2008-06-04 17:20 . 2007-07-30 19:18 30,072 --a------ D:\WINDOWS\system32\mucltui.dll.mui 2008-06-04 03:24 . 2008-06-04 03:24 268 --ah----- D:\sqmdata02.sqm 2008-06-04 03:24 . 2008-06-04 03:24 244 --ah----- D:\sqmnoopt02.sqm 2008-06-04 01:20 . 2008-06-04 01:20 <KANSIO> d-------- D:\Documents and Settings\yleinen\Saved Games 2008-06-04 00:44 . 2008-06-04 00:44 <KANSIO> d--hs---- D:\WINDOWS\ftpcache 2008-06-04 00:42 . 2008-06-10 09:56 <KANSIO> d-a------ D:\Documents and Settings\All Users\Application Data\TEMP 2008-06-03 23:57 . 2008-06-03 23:57 268 --ah----- D:\sqmdata01.sqm 2008-06-03 23:57 . 2008-06-03 23:57 244 --ah----- D:\sqmnoopt01.sqm 2008-06-03 23:50 . 2008-06-03 23:50 <KANSIO> d-------- D:\Program Files\Kymdata 2008-06-03 23:50 . 2008-06-03 23:50 <KANSIO> d-------- D:\Documents and Settings\yleinen\Application Data\InstallShield 2008-06-03 23:50 . 2008-06-03 23:50 <KANSIO> d-------- D:\Documents and Settings\All Users\Application Data\Kymdata 2008-06-03 23:50 . 1997-06-23 12:15 955,392 --------- D:\WINDOWS\system32\GEAR32SD.DLL 2008-06-03 23:50 . 1997-06-12 14:22 118,272 --------- D:\WINDOWS\system32\NSLMS324.DLL 2008-06-03 23:50 . 2003-03-05 02:00 100,864 --------- D:\WINDOWS\system32\sx32w.dll 2008-06-03 23:50 . 1998-09-30 02:23 33,792 --------- D:\WINDOWS\system32\SP32W.DLL 2008-06-03 23:46 . 2008-06-10 21:01 1,113 --a------ D:\rollback.ini 2008-06-03 23:06 . 2008-06-09 09:06 <KANSIO> d-------- D:\Documents and Settings\yleinen\Contacts 2008-06-03 21:20 . 2008-04-14 19:11 221,184 --a------ D:\WINDOWS\system32\wmpns.dll 2008-06-03 20:56 . 2008-03-25 02:37 69,632 --a------ D:\WINDOWS\system32\javacpl.cpl 2008-06-03 20:55 . 2008-06-03 20:56 <KANSIO> d-------- D:\Program Files\Java 2008-06-03 20:54 . 2008-06-03 20:54 <KANSIO> d-------- D:\Program Files\Common Files\Java 2008-06-03 20:52 . 2008-06-03 20:52 <KANSIO> d-------- D:\WINDOWS\system32\Adobe 2008-06-03 20:48 . 2008-06-03 22:47 <KANSIO> d--h----- D:\WINDOWS\$hf_mig$ 2008-06-03 20:48 . 2007-08-10 08:17 26,488 --a------ D:\WINDOWS\system32\spupdsvc.exe 2008-06-03 20:33 . 2008-06-07 15:21 <KANSIO> d-------- D:\Program Files\Yahoo! 2008-06-03 20:33 . 2008-06-03 20:33 <KANSIO> d-------- D:\Program Files\CCleaner 2008-06-03 20:29 . 2008-06-03 20:29 <KANSIO> d-------- D:\Documents and Settings\yleinen\Application Data\MailFrontier 2008-06-03 20:29 . 2008-06-10 21:39 7,490,592 --ahs---- D:\WINDOWS\system32\drivers\fidbox.dat 2008-06-03 20:29 . 2008-06-10 20:30 105,020 --ahs---- D:\WINDOWS\system32\drivers\fidbox.idx 2008-06-03 20:27 . 2008-06-03 20:27 <KANSIO> d-------- D:\Program Files\ZoneAlarmSB 2008-06-03 20:27 . 2008-06-03 20:39 <KANSIO> d-------- D:\Documents and Settings\All Users\Application Data\MailFrontier 2008-06-03 20:27 . 2008-06-10 20:52 4,212 ---h----- D:\WINDOWS\system32\zllictbl.dat 2008-06-03 20:26 . 2008-06-03 20:26 <KANSIO> d-------- D:\Program Files\Zone Labs 2008-06-03 20:25 . 2008-06-03 20:25 <KANSIO> d-------- D:\Program Files\Alwil Software 2008-06-03 20:24 . 2008-06-03 20:24 <KANSIO> d-------- D:\Program Files\Lavasoft 2008-06-03 20:24 . 2008-06-03 20:24 <KANSIO> d-------- D:\Program Files\Common Files\Wise Installation Wizard 2008-06-03 20:24 . 2008-06-03 20:24 <KANSIO> d-------- D:\Documents and Settings\All Users\Application Data\Lavasoft 2008-06-03 20:23 . 2008-06-03 20:23 0 --a------ D:\WINDOWS\nsreg.dat 2008-06-03 20:21 . 2008-06-03 20:21 <KANSIO> d-------- D:\Program Files\WinZip E-Mail Companion 2008-06-03 20:21 . 2008-06-03 20:21 <KANSIO> d-------- D:\Documents and Settings\All Users\Application Data\WinZipEC 2008-06-03 20:21 . 2008-06-10 21:03 <KANSIO> d-------- D:\Documents and Settings\All Users\Application Data\WinZip 2008-06-03 20:17 . 2008-06-07 15:28 <KANSIO> d-------- D:\Program Files\ZD Soft 2008-06-03 20:16 . 2008-06-03 20:16 <KANSIO> d-------- D:\Program Files\Common Files\Adobe 2008-06-03 20:13 . 2008-06-03 20:13 102 --a------ D:\WINDOWS\VSWizard.ini 2008-06-03 20:11 . 2008-06-03 20:11 <KANSIO> d-------- D:\Program Files\TightVNC 2008-06-03 20:07 . 2008-06-03 20:07 <KANSIO> d-------- D:\Program Files\NVIDIA Corporation 2008-06-03 20:07 . 2008-06-03 23:50 <KANSIO> d--h----- D:\Program Files\InstallShield Installation Information 2008-06-03 20:07 . 2008-06-03 20:07 <KANSIO> d-------- D:\Program Files\Common Files\NVIDIA Shared 2008-06-03 20:06 . 2005-12-10 04:16 180,224 --a------ D:\WINDOWS\system32\nvuaudio.exe 2008-06-03 20:06 . 2008-04-13 22:19 146,048 --a------ D:\WINDOWS\system32\drivers\portcls.sys 2008-06-03 20:06 . 2008-04-14 19:12 129,536 --a------ D:\WINDOWS\system32\ksproxy.ax 2008-06-03 20:06 . 2008-04-13 22:15 60,800 --a------ D:\WINDOWS\system32\drivers\sysaudio.sys 2008-06-03 20:06 . 2008-04-13 21:45 60,160 --a------ D:\WINDOWS\system32\drivers\drmk.sys 2008-06-03 20:06 . 2008-04-13 21:39 7,552 --a------ D:\WINDOWS\system32\drivers\mskssrv.sys 2008-06-03 20:06 . 2008-04-13 21:39 5,376 --a------ D:\WINDOWS\system32\drivers\mspclock.sys 2008-06-03 20:06 . 2008-04-13 21:39 4,992 --a------ D:\WINDOWS\system32\drivers\mspqm.sys 2008-06-03 20:06 . 2005-02-11 04:14 4,624 --a------ D:\WINDOWS\system32\nvaudio.nvu 2008-06-03 20:06 . 2008-04-14 19:11 4,096 --a------ D:\WINDOWS\system32\ksuser.dll 2008-06-03 20:06 . 2008-04-13 21:45 2,944 --a------ D:\WINDOWS\system32\drivers\drmkaud.sys 2008-06-03 20:05 . 2008-06-03 20:07 <KANSIO> d-------- D:\Program Files\Common Files\InstallShield . (((((((((((((((((((((((((((((((((((( Find3M-raportti )))))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-06-09 11:08 438,272 ----a-w D:\WINDOWS\Internet Logs\xDB8.tmp 2008-06-08 10:49 1,683,456 ----a-w D:\WINDOWS\Internet Logs\xDB7.tmp 2008-06-08 10:46 1,683,456 ----a-w D:\WINDOWS\Internet Logs\xDB6.tmp 2008-06-08 10:44 1,683,456 ----a-w D:\WINDOWS\Internet Logs\xDB5.tmp 2008-06-08 10:37 1,683,456 ----a-w D:\WINDOWS\Internet Logs\xDB4.tmp 2008-06-08 10:35 1,683,456 ----a-w D:\WINDOWS\Internet Logs\xDB3.tmp 2008-06-08 10:33 1,683,456 ----a-w D:\WINDOWS\Internet Logs\xDB2.tmp 2008-06-08 10:29 1,713,664 ----a-w D:\WINDOWS\Internet Logs\xDB1.tmp 2008-06-05 19:40 110,592 ----a-w D:\WINDOWS\system32\OpenAL32.dll 2008-06-04 14:32 --------- d-----w D:\Program Files\Windows Live 2008-06-03 21:33 0 ----a-w D:\Program Files\temp01 2008-06-03 19:57 --------- d-----w D:\Program Files\Microsoft SQL Server Compact Edition 2008-06-03 19:56 --------- d-----w D:\Program Files\Windows Live Toolbar 2008-06-03 19:54 --------- dcsh--w D:\Program Files\Common Files\WindowsLiveInstaller 2008-06-03 19:52 --------- d-----w D:\Documents and Settings\All Users\Application Data\WLInstaller 2008-06-03 19:27 --------- d-----w D:\Program Files\Paint.NET 2008-06-03 19:18 --------- d-----w D:\Program Files\Reference Assemblies 2008-06-03 19:18 --------- d-----w D:\Program Files\MSBuild 2008-06-03 19:15 --------- d-----w D:\Program Files\MSXML 6.0 2008-06-03 16:49 --------- d-----w D:\Program Files\microsoft frontpage 2008-05-30 17:22 9,464 ------w D:\WINDOWS\system32\drivers\cdralw2k.sys 2008-05-30 17:22 9,336 ------w D:\WINDOWS\system32\drivers\cdr4_xp.sys 2008-05-30 17:22 43,528 ------w D:\WINDOWS\system32\drivers\PxHelp20.sys 2008-05-30 17:22 129,784 ------w D:\WINDOWS\system32\pxafs.dll 2008-05-30 17:22 120,056 ------w D:\WINDOWS\system32\pxcpyi64.exe 2008-05-30 17:22 118,520 ------w D:\WINDOWS\system32\pxinsi64.exe 2008-04-29 08:20 15,648 ----a-w D:\WINDOWS\system32\drivers\NSDriver.sys 2008-04-29 08:19 15,648 ----a-w D:\WINDOWS\system32\drivers\Awrtrd.sys 2008-04-29 08:19 12,960 ----a-w D:\WINDOWS\system32\drivers\Awrtpd.sys 2008-04-14 16:27 1,804 ----a-w D:\WINDOWS\system32\dcache.bin 2008-04-14 16:15 331,264 ----a-w D:\WINDOWS\system32\netsetup.exe 2008-04-14 16:11 997,888 ----a-w D:\WINDOWS\system32\msgina.dll 2008-04-14 16:10 9,344 ----a-w D:\WINDOWS\system32\framebuf.dll 2008-04-14 16:09 3,072 ----a-w D:\WINDOWS\system32\dpnlobby.dll 2008-04-14 16:09 3,072 ----a-w D:\WINDOWS\system32\dpnaddr.dll 2008-04-14 16:09 285,696 ----a-w D:\WINDOWS\system32\atmfd.dll 2008-04-14 16:09 16,896 ----a-w D:\WINDOWS\system32\cfgmgr32.dll 2008-04-14 15:51 80,256 ----a-w D:\WINDOWS\system32\drivers\parport.sys 2008-04-14 15:51 73,344 ----a-w D:\WINDOWS\system32\drivers\sr.sys 2008-04-14 15:51 68,096 ----a-w D:\WINDOWS\system32\drivers\pci.sys 2008-04-14 15:51 46,720 ----a-w D:\WINDOWS\system32\drivers\p3.sys 2008-04-14 15:51 120,064 ----a-w D:\WINDOWS\system32\drivers\pcmcia.sys 2008-04-14 15:49 2,191,360 ----a-w D:\WINDOWS\system32\ntoskrnl.exe 2008-04-14 15:49 2,068,224 ----a-w D:\WINDOWS\system32\ntkrnlpa.exe 2008-04-14 15:48 4,096 ----a-w D:\WINDOWS\system32\dsprpres.dll 2008-04-14 15:47 800,000 ----a-w D:\WINDOWS\system32\drivers\dmboot.sys 2008-04-14 15:47 154,112 ----a-w D:\WINDOWS\system32\drivers\dmio.sys 2008-04-14 15:46 79,872 ----a-w D:\WINDOWS\system32\msxml6r.dll 2008-04-14 15:46 37,120 ----a-w D:\WINDOWS\system32\drivers\isapnp.sys 2008-04-14 15:46 24,576 ----a-w D:\WINDOWS\system32\drivers\kbdclass.sys 2008-04-14 15:45 80,384 ------w D:\WINDOWS\system32\msshavmsg.dll 2008-04-14 15:45 40,704 ----a-w D:\WINDOWS\system32\drivers\crusoe.sys 2008-04-14 15:45 40,320 ----a-w D:\WINDOWS\system32\drivers\intelppm.sys 2008-04-14 15:44 48,640 ----a-w D:\WINDOWS\system32\inetres.dll 2008-04-14 15:43 556,032 ----a-w D:\WINDOWS\system32\shdoclc.dll 2008-04-14 15:43 52,096 ----a-w D:\WINDOWS\system32\drivers\i8042prt.sys 2008-04-14 15:42 64,512 ----a-w D:\WINDOWS\system32\drivers\serial.sys 2008-04-14 15:42 25,600 ------w D:\WINDOWS\system32\drivers\hidbth.sys 2008-04-14 15:41 9,728 ----a-w D:\WINDOWS\system32\gpkrsrc.dll 2008-04-14 15:41 1,845,888 ----a-w D:\WINDOWS\system32\win32k.sys 2008-04-14 15:40 65,536 ----a-w D:\WINDOWS\system32\browselc.dll 2008-04-14 15:40 57,472 ----a-w D:\WINDOWS\system32\drivers\redbook.sys 2008-04-14 15:40 272,896 ------w D:\WINDOWS\system32\drivers\bthport.sys 2008-04-14 15:39 51,840 ----a-w D:\WINDOWS\system32\drivers\volsnap.sys 2008-04-14 15:39 44,544 ----a-w D:\WINDOWS\system32\drivers\fips.sys 2008-04-14 15:38 39,808 ----a-w D:\WINDOWS\system32\drivers\processr.sys 2008-04-14 15:38 103,424 ----a-w D:\WINDOWS\system32\dpcdll.dll 2008-04-14 15:37 41,728 ----a-w D:\WINDOWS\system32\drivers\amdk7.sys 2008-04-14 15:37 41,344 ----a-w D:\WINDOWS\system32\drivers\amdk6.sys 2008-04-14 15:36 30,080 ----a-w D:\WINDOWS\system32\drivers\modem.sys 2008-04-14 15:36 23,040 ----a-w D:\WINDOWS\system32\drivers\mouclass.sys 2008-04-14 15:36 187,904 ----a-w D:\WINDOWS\system32\drivers\acpi.sys 2008-04-14 06:12 11,264 ----a-w D:\WINDOWS\system32\spnpinst.exe 2008-04-14 06:11 992,256 ----a-w D:\WINDOWS\system32\setupapi.dll 2008-04-14 06:11 423,936 ----a-w D:\WINDOWS\system32\licdll.dll 2008-04-13 19:28 175,744 ----a-w D:\WINDOWS\system32\drivers\rdbss.sys 2008-04-13 19:21 162,816 ----a-w D:\WINDOWS\system32\drivers\netbt.sys 2008-04-13 19:20 91,520 ----a-w D:\WINDOWS\system32\drivers\ndiswan.sys 2008-04-13 19:20 361,344 ----a-w D:\WINDOWS\system32\drivers\tcpip.sys 2008-04-13 19:20 182,656 ----a-w D:\WINDOWS\system32\drivers\ndis.sys 2008-04-13 19:19 75,264 ----a-w D:\WINDOWS\system32\drivers\ipsec.sys 2008-04-13 19:19 51,328 ----a-w D:\WINDOWS\system32\drivers\rasl2tp.sys 2008-04-13 19:19 48,384 ----a-w D:\WINDOWS\system32\drivers\raspptp.sys 2008-04-13 19:19 138,112 ----a-w D:\WINDOWS\system32\drivers\afd.sys 2008-04-13 19:17 83,072 ----a-w D:\WINDOWS\system32\drivers\wdmaud.sys 2008-04-13 19:17 456,576 ----a-w D:\WINDOWS\system32\drivers\mrxsmb.sys 2008-04-13 19:17 105,344 ----a-w D:\WINDOWS\system32\drivers\mup.sys 2008-04-13 19:16 49,536 ----a-w D:\WINDOWS\system32\drivers\classpnp.sys 2008-04-13 19:16 141,056 ----a-w D:\WINDOWS\system32\drivers\ks.sys 2008-04-13 19:15 574,976 ----a-w D:\WINDOWS\system32\drivers\ntfs.sys 2008-04-13 19:15 334,848 ----a-w D:\WINDOWS\system32\drivers\srv.sys 2008-04-13 19:14 63,744 ----a-w D:\WINDOWS\system32\drivers\cdfs.sys 2008-04-13 19:14 143,744 ----a-w D:\WINDOWS\system32\drivers\fastfat.sys 2008-04-13 19:00 225,664 ----a-w D:\WINDOWS\system32\drivers\tcpip6.sys 2008-04-13 19:00 19,072 ----a-w D:\WINDOWS\system32\drivers\tdi.sys 2008-04-13 18:57 41,472 ----a-w D:\WINDOWS\system32\drivers\raspppoe.sys 2008-04-13 18:57 40,576 ----a-w D:\WINDOWS\system32\drivers\ndproxy.sys 2008-04-13 18:57 34,560 ----a-w D:\WINDOWS\system32\drivers\wanarp.sys 2008-04-13 18:57 20,864 ----a-w D:\WINDOWS\system32\drivers\ipinip.sys 2008-04-13 18:57 152,832 ----a-w D:\WINDOWS\system32\drivers\ipnat.sys . ((((((((((((((((((((((((((((( snapshot@2008-06-09_20.01.39,65 ))))))))))))))))))))))))))))))))))))))))) . - 2008-06-09 11:08:56 2,048 --s-a-w D:\WINDOWS\bootstat.dat + 2008-06-10 17:49:39 2,048 --s-a-w D:\WINDOWS\bootstat.dat + 2008-06-09 11:23:22 163,328 ----a-w D:\WINDOWS\ERUNT\SDFIX\ERDNT.EXE + 2008-06-10 17:45:07 761,856 ----a-w D:\WINDOWS\ERUNT\SDFIX\Users\00000001\NTUSER.DAT + 2008-06-10 17:45:07 8,192 ----a-w D:\WINDOWS\ERUNT\SDFIX\Users\00000002\UsrClass.dat + 2008-06-09 11:23:22 163,328 ----a-w D:\WINDOWS\ERUNT\SDFIX_First_Run\ERDNT.EXE + 2008-06-10 17:36:42 753,664 ----a-w D:\WINDOWS\ERUNT\SDFIX_First_Run\Users\00000001\NTUSER.DAT + 2008-06-10 17:36:42 8,192 ----a-w D:\WINDOWS\ERUNT\SDFIX_First_Run\Users\00000002\UsrClass.dat + 2008-06-10 18:03:45 632,320 ----a-r D:\WINDOWS\Installer\{CD95F661-A5C4-44F5-A6AA-ECDD91C240B6}\IconCD95F66110.exe + 2008-06-10 18:03:45 29,184 ----a-r D:\WINDOWS\Installer\{CD95F661-A5C4-44F5-A6AA-ECDD91C240B6}\IconCD95F6617.exe - 2008-06-08 19:15:03 16,384 ----a-w D:\WINDOWS\system32\config\systemprofile\Cookies\index.dat + 2008-06-10 17:49:56 16,384 ----a-w D:\WINDOWS\system32\config\systemprofile\Cookies\index.dat - 2008-06-08 19:15:03 32,768 ----a-w D:\WINDOWS\system32\config\systemprofile\Local Settings\Sivuhistoria\History.IE5\index.dat + 2008-06-10 17:49:56 32,768 ----a-w D:\WINDOWS\system32\config\systemprofile\Local Settings\Sivuhistoria\History.IE5\index.dat - 2008-06-08 19:15:03 32,768 ----a-w D:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat + 2008-06-10 17:49:56 32,768 ----a-w D:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat - 2008-06-09 14:52:22 445,744 ----a-w D:\WINDOWS\system32\ZoneLabs\avsys\bases\sfdb.dat + 2008-06-10 18:01:36 497,880 ----a-w D:\WINDOWS\system32\ZoneLabs\avsys\bases\sfdb.dat - 2008-06-09 08:46:17 9,374,888 ----a-w D:\WINDOWS\system32\ZoneLabs\spyware.dat + 2008-06-10 14:45:52 9,430,581 ----a-w D:\WINDOWS\system32\ZoneLabs\spyware.dat - 2008-06-09 16:59:01 1,798,144 ----a-w D:\WINDOWS\system32\ZoneLabs\zlqrtdb.dat + 2008-06-10 18:37:07 3,099,136 ----a-w D:\WINDOWS\system32\ZoneLabs\zlqrtdb.dat + 2008-06-10 17:49:53 16,384 ------w D:\WINDOWS\Temp\Perflib_Perfdata_69c.dat . (((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet ))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}"= "D:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL" [2008-06-03 20:27 262144] [HKEY_CLASSES_ROOT\clsid\{f0d4b239-da4b-4daf-81e4-dfee4931a4aa}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser] "{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}"= D:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL [2008-06-03 20:27 262144] [HKEY_CLASSES_ROOT\clsid\{f0d4b239-da4b-4daf-81e4-dfee4931a4aa}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="D:\WINDOWS\system32\ctfmon.exe" [2008-04-14 19:12 15360] "MsnMsgr"="D:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184] "ccleaner"="D:\Program Files\CCleaner\CCleaner.exe" [2008-05-28 17:40 1197296] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NVMixerTray"="D:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" [2004-12-20 17:12 131072] "NvCplDaemon"="D:\WINDOWS\system32\NvCpl.dll" [2005-12-10 03:06 7311360] "nwiz"="nwiz.exe" [2005-12-10 03:06 1519616 D:\WINDOWS\system32\nwiz.exe] "NvMediaCenter"="D:\WINDOWS\system32\NvMcTray.dll" [2005-12-10 03:06 86016] "WinVNC"="D:\Program Files\TightVNC\WinVNC.exe" [2007-05-07 19:28 589824] "avast!"="D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-05-16 02:19 79224] "ZoneAlarm Client"="D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-04-02 21:07 919016] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="D:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 19:12 15360] D:\Documents and Settings\All Users\K„ynnist„-valikko\Ohjelmat\K„ynnistys\ WinZip Quick Pick.lnk - D:\Program Files\WinZip\WZQKPICK.EXE [2008-04-28 11:20:00 415072] [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "D:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"= "D:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "D:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= R1 aswSP;avast! Self Protection;D:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 02:20] R2 aswFsBlk;aswFsBlk;D:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 02:16] R2 TeamViewer;TeamViewer 3;"D:\Program Files\TeamViewer3\TeamViewer_Host.exe" -service [] R3 vidcap;vidcap;D:\WINDOWS\system32\DRIVERS\vidcap.sys [2006-12-27 17:47] . 'Ajoitetut tehtävät'-kansion sisältö "2008-06-10 17:58:01 D:\WINDOWS\Tasks\Tarkistetaan Windows Live -työkalurivin päivitykset.job" - D:\Program Files\Windows Live Toolbar\MSNTBUP.EXE . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-06-10 21:39:10 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2008-06-10 21:40:12 ComboFix-quarantined-files.txt 2008-06-10 18:40:05 ComboFix2.txt 2008-06-09 17:02:03 Pre-Run: 33,380,298,752 tavua vapaana Post-Run: 33,359,925,248 tavua vapaana 325 --- E O F --- 2008-06-04 14:33:13 SDFix: Version 1.190 Run by J„rjestelm„nvalvoja on ti 10.06.2008 at 20:46 Microsoft Windows XP [versio 5.1.2600] Running From: D:\Documents and Settings\J„rjestelm„nvalvoja\Ty”p”yt„\SDFix Checking Services : Restoring Windows Registry Values Restoring Windows Default Hosts File Rebooting Checking Files : No Trojan Files Found Removing Temp Files ADS Check : Final Check : catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-06-10 20:52:21 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden services & system hive ... scanning hidden registry entries ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 Remaining Services : Authorized Application Key Export: [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabledxpsp2res.dll,-22019" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000" "D:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"="D:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe:*:Enabled:Et„tuki - Windows Messenger ja „„niyhteys" "D:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="D:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "D:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="D:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabledxpsp2res.dll,-22019" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000" "D:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="D:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "D:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="D:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" Remaining Files : Files with Hidden Attributes : Finished!
Poista lisää poista sovelutuksesta ZoneAlarm Spy Blocker poista kansio vikasiedossa D:\Program Files\ZoneAlarmSB
