kone mm. jumiutuu

Discussion in 'Virukset ja haittaohjelmat - HijackThis -logit' started by aippis, May 26, 2008.

  1. aippis

    aippis Member

    Joined:
    May 26, 2008
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    11
    Kone jumiutuu, tekee omiaan eikä muun muassa windowsin automaattiset päivitykset toimi.. Jonkun troijalaisen Norman löysi..
    Tässä hijackThis -logi

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 20:10:26, on 26.5.2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16640)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\Norman\Npm\bin\ELOGSVC.EXE
    C:\Norman\Npm\Bin\Zanda.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\bgsvcgen.exe
    C:\WINDOWS\system32\o2flash.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\wdfmgr.exe
    C:\Norman\Npm\bin\NJEEVES.EXE
    C:\Norman\Nvc\bin\nvcoas.exe
    C:\Norman\Nvc\BIN\NVCSCHED.EXE
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Norman\Npm\bin\ZLH.EXE
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Norman\Nvc\BIN\NIP.EXE
    C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
    C:\Norman\Nvc\bin\cclaw.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fi.msn.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fi.msn.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fi.msn.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer MSN:lle
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O4 - HKLM\..\Run: [Norman ZANDA] C:\Norman\Npm\bin\ZLH.EXE /LOAD /SPLASH
    O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
    O4 - HKLM\..\Run: [7c6448ec] rundll32.exe "C:\WINDOWS\system32\wgrkcjxt.dll",b
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Paikallinen palve')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Verkkopalve')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Avaa uuteen etuvälilehteen - res://C:\Program Files\Windows Live Toolbar\Components\fi-fi\msntabres.dll.mui/230?e17607691a7d4c87b0c410e903d24818
    O8 - Extra context menu item: Avaa uuteen taustavälilehteen - res://C:\Program Files\Windows Live Toolbar\Components\fi-fi\msntabres.dll.mui/229?e17607691a7d4c87b0c410e903d24818
    O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
    O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
    O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Microgaming\Poker\UnibetpokerMPP\MPPoker.exe
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: @c:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: @c:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
    O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
    O23 - Service: Norman eLogger service 6 (eLoggerSvc6) - Norman ASA - C:\Norman\Npm\bin\ELOGSVC.EXE
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Norman NJeeves - Unknown owner - C:\Norman\Npm\bin\NJEEVES.EXE
    O23 - Service: Norman ZANDA - Norman ASA - C:\Norman\Npm\Bin\Zanda.exe
    O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Norman\Nvc\bin\nvcoas.exe
    O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman ASA - C:\Norman\Nvc\BIN\NVCSCHED.EXE
    O23 - Service: O2Micro Flash Memory (O2Flash) - Unknown owner - C:\WINDOWS\system32\o2flash.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

    --
    End of file - 7023 bytes


    Kiitos avusta!
     
    aippis, May 26, 2008
    #1
  2. Hujo

    Hujo Guest

    Lataa TÄSTÄ VundoFix.exe työpöydällesi.

    Tupla-klikkaa VundoFix.exe ajaaksesi sen.
    Klikkaa Scan for Vundo valintaa.
    Kun skannaus on valmis, klikkaa Fix Vundo valintaa.
    Sinulta kysytään haluatko poistaa filut - klikkaa YES.
    Kun olet klikannut yes, työpöytäsi tyhjenee kun se alkaa poistamaan Vundoa.
    Kun se on valmis, fiksi ilmoittaa käynnistäväsi koneesi uudelleen, klikkaa OK.
    Postita C:\vundofix.txt lokin sekä tuoreen HijackThis lokin sisältö.

    Huomaa: Se on mahdollista että VundoFix löysi tiedoston jota se ei pystynyt poistamaan.
    Tässä tilanteessa, VundoFix ajaa itsensä rebootissa, seuraa vain yläpuolelle olevia ohjeita alkaen kohdasta "Klikkaa Scan for Vundo valintaa." kun VundoFix ilmaantuu uudelleenkäynnistyksen yhteydessä.

    =============

    1.Lataa combofix.exe työpöydällesi yhdestä linkistä:
    combofix1
    combofix2

    2. Tuplaklikkaa combofix.exe tiedostoa ja seuraa ohjeistuksia.
    3. Kun työkalu on valmis, se tuottaa lokin. Lähetä tämä loki viesti ketjuusi.
    Huom! Älä klikkaile combofixin ikkunaa käytön aikana. Tämä saattaa aiheuttaa ohjelman jumiutumisen.
     
    Hujo, May 26, 2008
    #2
  3. aippis

    aippis Member

    Joined:
    May 26, 2008
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    11
    VundoFix V7.0.5

    Scan started at 14:33:16 27.5.2008

    Listing files found while scanning....

    C:\Program Files\PowerISO\PWRISOSH.DLL

    Beginning removal...

    Attempting to delete C:\Program Files\PowerISO\PWRISOSH.DLL
    C:\Program Files\PowerISO\PWRISOSH.DLL Has been deleted!

    Performing Repairs to the registry.
    Done!


    ---------------------------------------------

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 14:45:51, on 27.5.2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16640)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Norman\Npm\bin\ELOGSVC.EXE
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\Norman\Npm\Bin\Zanda.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\bgsvcgen.exe
    C:\WINDOWS\system32\o2flash.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\wdfmgr.exe
    C:\Norman\Npm\bin\NJEEVES.EXE
    C:\Norman\Nvc\bin\nvcoas.exe
    C:\Norman\Nvc\BIN\NVCSCHED.EXE
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\System32\alg.exe
    C:\Norman\Npm\bin\ZLH.EXE
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
    C:\Norman\Nvc\BIN\NIP.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\Norman\Nvc\bin\cclaw.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fi.msn.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fi.msn.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fi.msn.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer MSN:lle
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O4 - HKLM\..\Run: [Norman ZANDA] C:\Norman\Npm\bin\ZLH.EXE /LOAD /SPLASH
    O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
    O4 - HKLM\..\Run: [7c6448ec] rundll32.exe "C:\WINDOWS\system32\mjtqwrlr.dll",b
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Paikallinen palve')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Verkkopalve')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Avaa uuteen etuvälilehteen - res://C:\Program Files\Windows Live Toolbar\Components\fi-fi\msntabres.dll.mui/230?e17607691a7d4c87b0c410e903d24818
    O8 - Extra context menu item: Avaa uuteen taustavälilehteen - res://C:\Program Files\Windows Live Toolbar\Components\fi-fi\msntabres.dll.mui/229?e17607691a7d4c87b0c410e903d24818
    O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
    O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
    O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Microgaming\Poker\UnibetpokerMPP\MPPoker.exe
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: @c:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: @c:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
    O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
    O23 - Service: Norman eLogger service 6 (eLoggerSvc6) - Norman ASA - C:\Norman\Npm\bin\ELOGSVC.EXE
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Norman NJeeves - Unknown owner - C:\Norman\Npm\bin\NJEEVES.EXE
    O23 - Service: Norman ZANDA - Norman ASA - C:\Norman\Npm\Bin\Zanda.exe
    O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Norman\Nvc\bin\nvcoas.exe
    O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman ASA - C:\Norman\Nvc\BIN\NVCSCHED.EXE
    O23 - Service: O2Micro Flash Memory (O2Flash) - Unknown owner - C:\WINDOWS\system32\o2flash.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

    --
    End of file - 6936 bytes
    -------------------------------------------------

    ComboFix 08-05-26.2 - Aino 2008-05-27 14:51:25.1 - NTFSx86
    Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1035.18.367 [GMT 3:00]
    Running from: C:\Documents and Settings\Aino\Työpöytä\ComboFix.exe
    * Created a new restore point
    * Resident AV is active


    WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
    .

    (((((((((((((((((((((((((((((((((((((( Muut poistot ))))))))))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\WINDOWS\cookies.ini
    C:\WINDOWS\system32\eeymifsn.ini
    C:\WINDOWS\system32\efcCvttQ.dll
    C:\WINDOWS\system32\exwtnmux.ini
    C:\WINDOWS\system32\idibfeaa.ini
    C:\WINDOWS\system32\mcrh.tmp
    C:\WINDOWS\system32\phghqlhy.ini
    C:\WINDOWS\system32\QttvCcfe.ini
    C:\WINDOWS\system32\QttvCcfe.ini2
    C:\WINDOWS\system32\txjckrgw.ini
    C:\WINDOWS\system32\urqOfCRJ.dll
    C:\WINDOWS\system32\wgrkcjxt.dll

    .
    ((((( Tiedostot, jotka on luotu seuraavalla aikav„lill„: 2008-04-27 to 2008-05-27 )))))))))))))))))
    .

    2008-05-27 14:43 . 2008-05-27 14:43 90,624 --a------ C:\WINDOWS\system32\mjtqwrlr.dll
    2008-05-27 14:43 . 2008-05-27 15:03 414 ---hs---- C:\WINDOWS\system32\rlrwqtjm.ini
    2008-05-27 14:33 . 2008-05-27 14:40 <KANSIO> d-------- C:\VundoFix Backups
    2008-05-26 21:03 . 2008-05-26 21:06 <KANSIO> d-------- C:\Downloads
    2008-05-26 21:03 . 2008-05-26 21:06 <KANSIO> d-------- C:\Bases
    2008-05-26 21:00 . 2008-05-26 21:06 <KANSIO> d-------- C:\Kaspersky
    2008-05-26 19:52 . 2001-10-05 16:30 386,560 --a------ C:\WINDOWS\system32\dllcache\sgiul50.dll
    2008-05-26 19:52 . 2001-10-05 16:08 161,728 --a------ C:\WINDOWS\system32\dllcache\sgsmusb.sys
    2008-05-26 19:52 . 2001-08-17 20:51 98,080 --a------ C:\WINDOWS\system32\dllcache\sgiulnt5.sys
    2008-05-26 19:52 . 2001-08-17 20:19 36,480 --a------ C:\WINDOWS\system32\dllcache\sfmanm.sys
    2008-05-26 19:52 . 2001-07-21 22:29 18,400 --a------ C:\WINDOWS\system32\dllcache\sgsmld.sys
    2008-05-26 19:52 . 2001-10-05 16:07 17,792 --a------ C:\WINDOWS\system32\dllcache\sermouse.sys
    2008-05-26 19:52 . 2001-08-17 21:53 6,912 --a------ C:\WINDOWS\system32\dllcache\seaddsmc.sys
    2008-05-26 19:52 . 2001-10-05 16:07 6,784 --a------ C:\WINDOWS\system32\dllcache\serscan.sys
    2008-05-26 19:50 . 2004-09-14 16:11 397,056 --a------ C:\WINDOWS\system32\dllcache\s3gnb.dll
    2008-05-26 19:49 . 2001-10-05 16:03 899,210 --a------ C:\WINDOWS\system32\dllcache\r2mdkxga.sys
    2008-05-26 19:48 . 2004-09-14 16:11 159,232 --a------ C:\WINDOWS\system32\dllcache\ptpusd.dll
    2008-05-26 19:47 . 2001-08-17 22:04 173,696 --a------ C:\WINDOWS\system32\dllcache\philcam2.sys
    2008-05-26 19:46 . 2004-09-14 16:11 259,328 --a------ C:\WINDOWS\system32\dllcache\perm3dd.dll
    2008-05-26 19:45 . 2001-08-17 22:05 351,616 --a------ C:\WINDOWS\system32\dllcache\ovcodek2.sys
    2008-05-26 19:44 . 2004-09-14 16:11 4,274,816 --a------ C:\WINDOWS\system32\dllcache\nv4_disp.dll
    2008-05-26 19:43 . 2004-09-14 16:08 132,695 --a------ C:\WINDOWS\system32\dllcache\netwlan5.sys
    2008-05-26 19:42 . 2004-09-14 16:11 1,737,856 --a------ C:\WINDOWS\system32\dllcache\mtxparhd.dll
    2008-05-26 19:41 . 2004-08-03 23:10 51,328 --a------ C:\WINDOWS\system32\dllcache\msdv.sys
    2008-05-26 19:41 . 2001-08-17 22:02 35,200 --a------ C:\WINDOWS\system32\dllcache\msgame.sys
    2008-05-26 19:41 . 2004-08-03 23:00 22,016 --a------ C:\WINDOWS\system32\dllcache\msircomm.sys
    2008-05-26 19:41 . 2001-08-17 21:52 17,280 --a------ C:\WINDOWS\system32\dllcache\mraid35x.sys
    2008-05-26 19:41 . 2001-08-17 21:57 16,128 --a------ C:\WINDOWS\system32\dllcache\modemcsa.sys
    2008-05-26 19:41 . 2001-08-17 21:48 6,016 --a------ C:\WINDOWS\system32\dllcache\msfsio.sys
    2008-05-26 19:41 . 2001-08-17 22:00 2,944 --a------ C:\WINDOWS\system32\dllcache\msmpu401.sys
    2008-05-26 19:39 . 2001-08-17 21:28 802,683 --a------ C:\WINDOWS\system32\dllcache\ltsm.sys
    2008-05-26 19:38 . 2004-09-14 16:12 153,088 --a------ C:\WINDOWS\system32\dllcache\irftp.exe
    2008-05-26 19:38 . 2004-08-03 23:00 87,424 --a------ C:\WINDOWS\system32\dllcache\irda.sys
    2008-05-26 19:38 . 2001-08-17 20:12 45,632 --a------ C:\WINDOWS\system32\dllcache\ip5515.sys
    2008-05-26 19:38 . 2001-10-05 16:31 45,568 --a------ C:\WINDOWS\system32\dllcache\kdsui.dll
    2008-05-26 19:38 . 2001-08-17 21:49 26,624 --a------ C:\WINDOWS\system32\dllcache\irstusb.sys
    2008-05-26 19:38 . 2001-08-17 21:49 23,552 --a------ C:\WINDOWS\system32\dllcache\irmk7.sys
    2008-05-26 19:38 . 2001-08-17 21:51 18,688 --a------ C:\WINDOWS\system32\dllcache\irsir.sys
    2008-05-26 19:38 . 2004-09-14 16:07 14,848 --a------ C:\WINDOWS\system32\dllcache\kbdhid.sys
    2008-05-26 19:36 . 2004-08-03 22:41 1,041,536 --a------ C:\WINDOWS\system32\dllcache\hsfdpsp2.sys
    2008-05-26 19:35 . 2001-08-17 21:28 542,879 --a------ C:\WINDOWS\system32\dllcache\hsf_msft.sys
    2008-05-26 19:34 . 2001-10-05 16:30 1,733,120 --a------ C:\WINDOWS\system32\dllcache\g400d.dll
    2008-05-26 19:33 . 2001-08-17 20:15 455,680 --a------ C:\WINDOWS\system32\dllcache\fus2base.sys
    2008-05-26 19:32 . 2001-10-05 15:58 629,984 --a------ C:\WINDOWS\system32\dllcache\eqn.sys
    2008-05-26 19:31 . 2001-10-05 15:52 634,134 --a------ C:\WINDOWS\system32\dllcache\el656ct5.sys
    2008-05-26 19:30 . 2001-08-17 20:14 952,007 --a------ C:\WINDOWS\system32\dllcache\diwan.sys
    2008-05-26 19:29 . 2004-09-14 16:11 250,368 --a------ C:\WINDOWS\system32\dllcache\ctmasetp.dll
    2008-05-26 19:28 . 2001-10-05 15:56 980,034 --a------ C:\WINDOWS\system32\dllcache\cicap.sys
    2008-05-26 19:27 . 2001-08-17 21:28 871,388 --a------ C:\WINDOWS\system32\dllcache\bcmdm.sys
    2008-05-26 19:26 . 2004-09-14 16:11 870,784 --a------ C:\WINDOWS\system32\dllcache\ati3d1ag.dll
    2008-05-26 19:25 . 2001-08-17 21:28 762,780 --a------ C:\WINDOWS\system32\dllcache\3cwmcru.sys
    2008-05-26 19:24 . 2001-10-05 16:30 66,048 --a------ C:\WINDOWS\system32\dllcache\s3legacy.dll
    2008-05-26 18:03 . 2008-05-26 20:09 <KANSIO> d-------- C:\Program Files\Trend Micro
    2008-05-25 21:55 . 2008-05-25 21:55 <KANSIO> d-------- C:\Documents and Settings\Aino\Application Data\Creative
    2008-05-25 21:04 . 2000-05-22 11:58 647,872 --------- C:\WINDOWS\system32\Mscomct2.ocx
    2008-05-25 21:04 . 1999-10-11 04:00 41,984 --------- C:\WINDOWS\Ctregrun.exe
    2008-05-25 21:01 . 2001-08-23 16:25 1,706,800 --a------ C:\WINDOWS\system32\gdiplus.dll
    2008-05-25 21:01 . 1998-07-21 20:29 21 --a------ C:\WINDOWS\PI5_SETUP.ini
    2008-05-25 20:58 . 1998-10-29 16:45 306,688 --a------ C:\WINDOWS\IsUninst.exe
    2008-05-25 20:55 . 2008-05-25 21:04 <KANSIO> d-------- C:\Program Files\Creative
    2008-05-24 09:45 . 2008-05-24 09:45 <KANSIO> d-------- C:\Documents and Settings\Aino\Application Data\Atari
    2008-05-24 09:44 . 2008-05-24 09:44 <KANSIO> d-------- C:\Program Files\Common Files\PocketSoft
    2008-05-24 09:44 . 2008-05-24 09:44 <KANSIO> d-------- C:\Documents and Settings\Aino\Application Data\Leadertech
    2008-05-24 09:44 . 2002-02-27 17:50 197,120 --a------ C:\WINDOWS\patchw32.dll
    2008-05-24 09:37 . 2008-05-24 09:37 <KANSIO> d-------- C:\Program Files\Atari
    2008-05-23 22:14 . 2008-05-23 22:14 <KANSIO> d-------- C:\Program Files\Valve
    2008-05-22 12:39 . 2008-05-22 12:39 <KANSIO> d-------- C:\Program Files\EA SPORTS
    2008-05-21 17:33 . 2008-05-21 17:33 <KANSIO> d-------- C:\Documents and Settings\Aino\.dwa_store
    2008-05-21 10:31 . 2004-09-15 15:00 103,424 --a------ C:\WINDOWS\system32\dllcache\OLD39B.tmp
    2008-05-21 10:31 . 2004-09-15 15:00 57,856 --a------ C:\WINDOWS\system32\dllcache\OLD38E.tmp
    2008-05-21 10:31 . 2004-09-15 15:00 45,056 --a------ C:\WINDOWS\system32\dllcache\OLD395.tmp
    2008-05-21 10:31 . 2004-09-15 15:00 31,744 --a------ C:\WINDOWS\system32\dllcache\OLD389.tmp
    2008-05-21 10:31 . 2004-09-15 15:00 25,856 --a------ C:\WINDOWS\system32\dllcache\OLD398.tmp
    2008-05-21 10:30 . 2004-09-15 15:00 514,587 --a------ C:\WINDOWS\system32\dllcache\OLD32C.tmp
    2008-05-21 10:30 . 2001-08-17 20:10 19,996 --a------ C:\WINDOWS\system32\dllcache\OLD355.tmp
    2008-05-21 10:30 . 2001-08-17 20:10 19,996 --a------ C:\WINDOWS\system32\dllcache\OLD352.tmp
    2008-05-21 10:27 . 2004-09-15 15:00 54,528 --a------ C:\WINDOWS\system32\dllcache\OLD246.tmp
    2008-05-21 10:27 . 2004-09-15 15:00 19,456 --a------ C:\WINDOWS\system32\dllcache\OLD28D.tmp
    2008-05-21 10:27 . 2004-09-15 15:00 15,872 --a------ C:\WINDOWS\system32\dllcache\OLD26B.tmp
    2008-05-21 10:27 . 2004-09-15 15:00 14,336 --a------ C:\WINDOWS\system32\dllcache\OLD26E.tmp
    2008-05-21 10:27 . 2004-09-15 15:00 13,824 --a------ C:\WINDOWS\system32\dllcache\OLD268.tmp
    2008-05-21 10:27 . 2004-09-15 15:00 9,728 --a------ C:\WINDOWS\system32\dllcache\OLD263.tmp
    2008-05-21 10:24 . 2004-09-15 15:00 331,264 --a------ C:\WINDOWS\system32\dllcache\OLDDC.tmp
    2008-05-21 10:24 . 2001-10-05 16:31 45,056 --a------ C:\WINDOWS\system32\dllcache\OLDD9.tmp
    2008-05-21 10:24 . 2004-09-15 15:00 19,456 --a------ C:\WINDOWS\system32\dllcache\OLDBD.tmp
    2008-05-21 10:24 . 2004-09-15 15:00 19,456 --a------ C:\WINDOWS\system32\dllcache\OLDBA.tmp
    2008-05-21 10:24 . 2001-10-05 16:31 5,632 --a------ C:\WINDOWS\system32\dllcache\OLDA3.tmp
    2008-05-21 10:23 . 2007-02-28 19:08 2,184,448 --a------ C:\WINDOWS\system32\dllcache\OLD5E.tmp
    2008-05-21 10:23 . 2003-03-24 15:52 32,827 --a------ C:\WINDOWS\system32\dllcache\OLD6C.tmp
    2008-05-21 10:23 . 2003-03-24 15:52 20,536 --a------ C:\WINDOWS\system32\dllcache\OLD64.tmp
    2008-05-21 10:23 . 2003-03-24 15:52 16,437 --a------ C:\WINDOWS\system32\dllcache\OLD68.tmp
    2008-05-21 10:23 . 2003-04-14 21:02 16,384 --a------ C:\WINDOWS\system32\dllcache\OLD70.tmp
    2008-05-17 12:45 . 2008-05-17 12:45 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\Adsl Software Limited
    2008-05-17 10:03 . 2008-05-17 10:03 <KANSIO> d-------- C:\Documents and Settings\Aino\Application Data\Datalayer
    2008-05-17 00:20 . 2008-05-17 10:03 <KANSIO> d-------- C:\Documents and Settings\Aino\Phone Browser
    2008-05-17 00:07 . 2008-05-17 00:07 <KANSIO> d-------- C:\Documents and Settings\Aino\Application Data\Nokia
    2008-05-17 00:06 . 2008-05-17 00:06 <KANSIO> d-------- C:\Program Files\DIFX
    2008-05-17 00:05 . 2008-05-17 00:05 <KANSIO> d-------- C:\Program Files\Common Files\PCSuite
    2008-05-17 00:05 . 2008-05-17 00:05 <KANSIO> d-------- C:\Program Files\Common Files\Nokia
    2008-05-17 00:05 . 2008-05-17 00:06 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\PC Suite
    2008-05-17 00:05 . 2008-05-17 00:06 <KANSIO> d-------- C:\Documents and Settings\Aino\Application Data\PC Suite
    2008-05-17 00:05 . 2006-05-29 08:26 13,312 --a------ C:\WINDOWS\system32\drivers\nmwcdcj.sys
    2008-05-17 00:04 . 2008-05-17 00:06 <KANSIO> d-------- C:\Program Files\Nokia
    2008-05-17 00:04 . 2008-05-17 00:04 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
    2008-05-17 00:04 . 2006-05-29 08:26 13,312 --a------ C:\WINDOWS\system32\drivers\nmwcdcm.sys
    2008-05-09 13:28 . 2008-05-09 13:28 <KANSIO> d-------- C:\Program Files\Lavalys
    2008-04-28 20:33 . 2008-04-28 20:33 <KANSIO> d-------- C:\Program Files\Microsoft.NET
    2008-04-28 20:28 . 2008-04-28 20:28 <KANSIO> dr-h----- C:\MSOCache
    2008-04-28 20:07 . 2008-05-27 14:40 <KANSIO> d-------- C:\Program Files\PowerISO

    .
    (((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-05-26 08:23 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-05-25 20:59 --------- d-----w C:\Documents and Settings\Aino\Application Data\Microgaming
    2008-05-25 19:16 --------- d-----w C:\Documents and Settings\Aino\Application Data\ArcSoft
    2008-05-25 18:01 --------- d-----w C:\Program Files\ArcSoft
    2008-05-22 08:22 --------- d-----w C:\Documents and Settings\Aino\Application Data\Azureus
    2008-05-21 07:35 --------- d-----w C:\Documents and Settings\Aino\Application Data\U3
    2008-05-17 09:55 --------- d-----w C:\Documents and Settings\Aino\Application Data\Skype
    2008-05-17 06:01 --------- d-----w C:\Documents and Settings\Aino\Application Data\LimeWire
    2008-05-17 05:50 --------- d-----w C:\Documents and Settings\Aino\Application Data\skypePM
    2008-05-13 09:01 --------- d-----w C:\Program Files\Windows Live Safety Center
    2008-05-11 20:15 --------- d-----w C:\Program Files\Azureus
    2008-05-06 17:12 7,402,674 ----a-w C:\WINDOWS\Internet Logs\tvDebug.zip
    2008-05-06 14:18 --------- d-----w C:\Program Files\eclipse
    2008-04-15 10:14 4,942 ----a-w C:\Documents and Settings\Aino\Application Data\wklnhst.dat
    2008-04-04 19:02 --------- d-----w C:\Program Files\Firaxis Games
    2008-04-04 07:45 --------- d-s---w C:\Program Files\Xfire
    2008-04-04 07:45 --------- d-----w C:\Documents and Settings\Aino\Application Data\Xfire
    2008-04-04 07:44 --------- d-----w C:\Documents and Settings\Aino\Application Data\My Games
    2008-04-01 07:07 --------- d-----w C:\Program Files\MSXML 4.0
    2008-03-31 14:29 --------- d-----w C:\Documents and Settings\Aino\Application Data\Autodesk
    2008-03-31 14:28 --------- d-----w C:\Documents and Settings\All Users\Application Data\Autodesk
    2008-03-31 14:27 --------- d-----w C:\Program Files\Common Files\Autodesk Shared
    2008-03-31 14:26 --------- d-----w C:\Program Files\AutoCAD 2006
    2008-03-31 14:25 --------- d-----w C:\Program Files\AnswerWorks 4.0
    2008-03-31 14:11 --------- d-----w C:\Program Files\Autodesk
    2008-03-29 08:26 --------- d-----w C:\Program Files\MGS FF Helper
    2008-03-29 07:14 --------- d-----w C:\Program Files\EA GAMES
    2008-03-25 04:51 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll
    2008-03-25 04:51 621,344 ----a-w C:\WINDOWS\system32\dllcache\mswstr10.dll
    2008-03-25 04:51 166,688 ----a-w C:\WINDOWS\system32\msjint40.dll
    2008-03-25 04:51 166,688 ----a-w C:\WINDOWS\system32\dllcache\msjint40.dll
    2008-03-20 08:09 1,845,504 ----a-w C:\WINDOWS\system32\win32k.sys
    2008-03-20 08:09 1,845,504 ----a-w C:\WINDOWS\system32\dllcache\win32k.sys
    2008-03-01 15:31 3,591,680 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
    2008-02-29 08:56 625,664 ----a-w C:\WINDOWS\system32\dllcache\iexplore.exe
    2008-02-29 08:55 70,656 ----a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
    2008-01-09 09:07 32 ----a-w C:\Documents and Settings\All Users\Application Data\ezsid.dat
    2007-10-28 19:42 32,408 ----a-w C:\Documents and Settings\Aino\Application Data\GDIPFONTCACHEV1.DAT
    .

    (((((((((((((((((((((((((((((( Rekisterin k„ynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Huom* Tyhji„ arvoja ja laillisia oletusarvoja ei n„ytet„

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-09-15 15:00 15360]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Norman ZANDA"="C:\Norman\Npm\bin\ZLH.exe" [2007-08-09 14:40 183352]
    "Zone Labs Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2006-08-24 00:38 968696]
    "ANIWZCS2Service"="C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [2005-10-19 18:19 49152]
    "7c6448ec"="C:\WINDOWS\system32\mjtqwrlr.dll" [2008-05-27 14:43 90624]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-09-15 15:00 15360]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "msacm.avis"= ff_acm.acm

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "C:\\Program Files\\Messenger\\Msmsgs.exe"=
    "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\MSN Messenger\\livecall.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Civilization4.exe"=
    "C:\\Program Files\\LimeWire\\LimeWire.exe"=
    "C:\\Program Files\\Skype\\Phone\\Skype.exe"=

    R0 O2MDRDR;O2MDRDR;C:\WINDOWS\system32\DRIVERS\o2media.sys [2006-02-27 17:00]
    R0 O2SDRDR;O2SDRDR;C:\WINDOWS\system32\DRIVERS\o2sd.sys [2006-02-20 18:01]
    R2 Ndiskio;Ndiskio;C:\Norman\Nse\bin\NDISKIO.SYS [2007-01-02 10:55]
    R3 NvcMFlt;NvcMFlt;C:\WINDOWS\system32\DRIVERS\nvcw32mf.sys [2008-02-11 15:56]
    R3 nvcoas;Norman Virus Control on-access component;C:\Norman\Nvc\bin\nvcoas.exe [2007-12-12 12:45]
    R3 NVCScheduler;Norman Virus Control Scheduler;C:\Norman\Nvc\BIN\NVCSCHED.EXE [2007-05-23 13:23]
    S3 GenerBDA;Generic BDA Device;C:\WINDOWS\system32\drivers\GenerBDA.sys [2006-09-19 22:53]
    S3 nvcfsr;nvcfsr;C:\Norman\Nvc\bin\nvcfsr.sys [2007-01-09 15:25]
    S3 nvcoafl51;nvcoafl51;C:\Norman\Nvc\bin\nvcoafl51.sys [2007-01-09 15:25]
    S3 nvcoaft51;nvcoaft51;C:\Norman\Nvc\bin\nvcoaft51.sys [2007-01-09 15:25]
    S3 nvcoarc51;nvcoarc51;C:\Norman\Nvc\bin\nvcoarc51.sys [2007-01-09 15:25]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b2e6c9a4-9382-11db-a340-00c0a8c423b2}]
    \Shell\AutoRun\command - E:\LaunchU3.exe -a

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c2ff3e48-328f-11db-b4d2-00030d3e51ff}]
    \Shell\AutoRun\command - D:\setupSNK.exe

    .
    'Ajoitetut teht„v„t'-kansion sis„lt”
    "2008-05-20 17:24:05 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
    "2008-05-27 11:10:00 C:\WINDOWS\Tasks\Tarkistetaan Windows Live -työkalurivin päivitykset.job"
     
    aippis, May 27, 2008
    #3
  4. Hujo

    Hujo Guest

    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    Uudelleen nimeäminen

    1. Klikkaa hiiren oikealla painikkeella HijackThis ikonia.

    [​IMG]
    2. Valitse Uudelleennineä/ Rename.
    [​IMG]
    3. Kirjoita scanner.exe
    [​IMG]
     
    Hujo, May 27, 2008
    #4

Share This Page