kone temppuilee hjt log voisko joku auttaa

reksa · Mar 16, 2007

lkaa aukomaan käynnistä valikosta tiedostoja ja kohta hyytyy.netti menee välillä kiinni eikä aukea ennen kuin käynnistää koneen uudelleenLogfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 9:41:16, on 17.3.2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\reijo.REIJO-8P6L0G8AJ\Työpöytä\HiJackThis_v2.0.0.0.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Paikallinen palve')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Verkkopalve')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1174080083321
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Loogisen levyn hallinnan valvontapalvelu (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Tapahtumaloki (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: CD-levyjen kirjoittamisen IMAPI COM -palvelu (ImapiService) - Unknown owner - C:\WINDOWS\System32\imapi.exe
O23 - Service: NetMeeting etätyöpöydän jakaminen (mnmsrvc) - Unknown owner - C:\WINDOWS\System32\mnmsrvc.exe
O23 - Service: Verkon DDE (NetDDE) - Unknown owner - C:\WINDOWS\system32\netdde.exe
O23 - Service: Verkon DDE DSDM (NetDDEdsdm) - Unknown owner - C:\WINDOWS\system32\netdde.exe
O23 - Service: Plug and Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Etätyöpöydän ohjeen istunnonhallinta (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Älykortti-apuohjelma (SCardDrv) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Älykortti (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
O23 - Service: Resurssilokit ja -hälytykset (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Aseman tilannevedos (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: WMI resurssisovitin (WmiApSrv) - Unknown owner - C:\WINDOWS\System32\wbem\wmiapsrv.exe

--
End of file - 4081 bytes

tomato71 · Mar 17, 2007

Moi !

Siirrä HiJackThis_v2.0.0.0.exe omaan kansioon mallia: C:\HJT\HiJackThis_v2.0.0.0.exe

Ja uudelleen nimeä HiJackThis_v2.0.0.0.exe ---> vaikka reksa.exe ja lähetä uusi loki

reksa · Mar 20, 2007

Logfile of HijackThis v1.99.1
Scan saved at 17:35:49, on 20.3.2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\D-Tools\daemon.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\System32\WgaTray.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Documents and Settings\reijo.REIJO-8P6L0G8AJ\Työpöytä\HijackThis_v1.99.1(2).exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1174080083321
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1174166557421
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe

Auttaja · Mar 20, 2007

Platform: Windows XP SP1 (WinNT 5.01.2600)

Päivitä servicepack kakkoseen..

tomato71 · Mar 20, 2007

Siirrä HijackThis_v1.99.1(2).exe omaan kansioon C:\HJT\HijackThis_v1.99.1(2).exe

.
Tee uusi hjt-scannaus Do a System scan only
Sulje kaikki muut ikkunat ja selaimen.Merkkaa nämä rivit ja paina Fix checked

O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm

* Lataa Dr.Web CureIt työpöydälle:
ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe

Tuplaklikkaa drweb-cureit.exe ja anna sen tehdä express scan

Se skannaa käynnissä olevat ohjelmat ja jos jotain löytyy, klikkaa yes kun se kysyy haluatko poistaa sen. Tämä on vain lyhyt scan.

Kun scan on valmis, merkkaa asemat, jotka haluat scannata.

Valitse kaikki asemat. Punainen piste osoittaa, mitkä asemat on valittu.

Klikaa vihreää nuolta oikealla ja scan alkaa.

Klikkaa 'Yes to all', jos kysytään haluatko poistaa/siirtää tiedoston.

Kun scan on valmis, katso voitko klikata next-kuvaketta löytyneiden tiedostojen vieressä:

Jos asia on niin, klikkaa sitä ja sitten klikkaa next-kuvaketta oikealla alhaalla ja valitse Move incurable kuten alla olevalla kuvassa:

Tämä siirtää sen %userprofile%\DoctorWeb\quarantine-hakemistoon.

Tämän jälkeen klikkaa Dr.Web CureIt-valikossa file ja valitse save report list

Tallenna raportti työpöydälle. Raportin nimi on DrWeb.csv

Sulje Dr.Web Cureit.

Käynnistä kone uudelleen !! Tämä siksi, että käytössä olevat tiedostot poistetaan/siirretään käynnistyksen yhteydessä.

Käynnistyksen jälkeen liitä Dr.Web-lokin, jonka tallensit aiemmin, sisältö seuraavaan vastaukseesi.

Lataa ja tallenna Blacklight työpöydällesi;

Tupla-klikkaa blbeta.exe, hyväksy sopimus, klikkaa > Scan, sitten > Next

Näet listan kaikesta mitä löytyi. Työpöydällesi myös ilmestyy loki jonka nimi on fsbl.xxxxxxx.log (xxxxxxx;n tilalla on luultavimmin numeroita).

Kopioi ja liitä tämä loki seuraavaan vastaukseesi. Älä valitse "Rename" optiota vielä! Haluamme nähdä login ensin, koska hyviä tiedostoja saattaa olla mukana, kuten "wbemtest.exe".

Lähetä uusi hjt-loki + DeWeb-loki + Blacklight-loki

reksa · Mar 21, 2007

dr web ja blackligth ei löytänyt mitäänLogfile of HijackThis v1.99.1
Scan saved at 9:06:09, on 22.3.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\reijo.REIJO-8P6L0G8AJ\Työpöytä\HijackThis_v1.99.1.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1174080083321
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1174166557421
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe

tomato71 · Mar 21, 2007

jaahans,olisit voinut kuitenki laitta ne lokit
jatketaan....
Poista koneelta Trend Micro HijackThis v2.0.0 (BETA) ja
lataa vanhempi versio(tallenna se suoraan omaan kansioon mallia:C:\HJT\HijackThis.exe).Pieni epäilys että tuo hjt 2.0 beta ei ole ihan valmis vielä
Lataa vanhempi versio --> tästä

1. Lataa combofix.exe työpöydällesi jommastakummasta linkistä:
combofix.exe
combofix.exe

2. Tuplaklikkaa combofix.exe tiedostoa ja seuraa ohjeistuksia.
3. Kun työkalu on valmis, se tuottaa lokin. (C:\ComboFix.txt) Lähetä tämä loki viesti ketjuusi.
Huom! Älä klikkaile combofixin ikkunaa käytön aikana. Tämä saattaa aiheuttaa ohjelman jumiutumisen.

lähetä uusi hjt-loki ja combofix-loki

reksa · Mar 23, 2007

aln epäileen onko käyttäjässä vai laitteistossa vikaa"reijo" - 07-03-24 10:10:22 Service Pack 2
ComboFix 07-03-23 - Running from: "C:\Program Files\Mozilla Firefox"

((((((((((((((((((((((((((((((( Files Created from 2007-02-24 to 2007-03-24 ))))))))))))))))))))))))))))))))))

2007-03-21 19:06 24,816 --a------ C:\WINDOWS\system32\mdimon.dll
2007-03-21 17:58 <KANSIO> d-------- C:\DOCUME~1\LOCALS~1.NT-\K„ynnist„-valikko
2007-03-21 17:57 <KANSIO> d-------- C:\WINDOWS\Prefetch
2007-03-21 16:26 4,569 --------- C:\WINDOWS\system32\secupd.dat
2007-03-21 16:26 11,776 --------- C:\WINDOWS\system32\spnpinst.exe
2007-03-20 17:42 3,968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-03-20 17:26 <KANSIO> d-------- C:\hjt
2007-03-20 14:25 5,120 --a------ C:\WINDOWS\system32\ff_vfw.dll
2007-03-20 14:25 499,712 --a------ C:\WINDOWS\system32\msvcp71.dll
2007-03-20 14:25 348,160 --a------ C:\WINDOWS\system32\msvcr71.dll
2007-03-17 23:51 127,208 --a------ C:\WINDOWS\system32\mucltui.dll
2007-03-17 23:11 <KANSIO> d-------- C:\DOCUME~1\REIJO~1.REI\DoctorWeb
2007-03-17 22:56 262,144 --a------ C:\DOCUME~1\ALLUSE~1.WIN\ntuser.dat
2007-03-17 22:40 614,912 --a------ C:\WINDOWS\system32\h323msp.dll
2007-03-17 22:40 39,936 --a------ C:\WINDOWS\system32\mf3216.dll
2007-03-17 22:40 330,752 --a------ C:\WINDOWS\system32\ipnathlp.dll
2007-03-17 22:40 26,112 --a------ C:\WINDOWS\system32\xpsp1hfm.exe
2007-03-17 22:39 947,472 --a------ C:\WINDOWS\system32\msjava.dll
2007-03-17 22:39 63,248 --a------ C:\WINDOWS\system32\javaprxy.dll
2007-03-17 22:39 6,550 --a------ C:\WINDOWS\jautoexp.dat
2007-03-17 22:39 49,424 --a------ C:\WINDOWS\system32\clspack.exe
2007-03-17 22:39 46,352 --a------ C:\WINDOWS\setdebug.exe
2007-03-17 22:39 404,752 --a------ C:\WINDOWS\system32\javart.dll
2007-03-17 22:39 313,856 --a------ C:\WINDOWS\system32\dx3j.dll
2007-03-17 22:39 286,992 --a------ C:\WINDOWS\system32\vmhelper.dll
2007-03-17 22:39 21,264 --a------ C:\WINDOWS\system32\msjdbc10.dll
2007-03-17 22:39 187,152 --a------ C:\WINDOWS\system32\javacypt.dll
2007-03-17 22:39 172,304 --a------ C:\WINDOWS\system32\jview.exe
2007-03-17 22:39 171,792 --a------ C:\WINDOWS\system32\wjview.exe
2007-03-17 22:39 171,280 --a------ C:\WINDOWS\system32\jit.dll
2007-03-17 22:39 154,384 --a------ C:\WINDOWS\system32\msawt.dll
2007-03-17 22:39 15,120 --a------ C:\WINDOWS\system32\jdbgmgr.exe
2007-03-17 22:39 139,536 --a------ C:\WINDOWS\system32\javaee.dll
2007-03-17 22:39 113 --a------ C:\WINDOWS\system32\zonedon.reg
2007-03-17 22:39 113 --a------ C:\WINDOWS\system32\zonedoff.reg
2007-03-17 22:22 1,082,368 --a------ C:\WINDOWS\system32\esent.dll
2007-03-17 10:32 <KANSIO> d-------- C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Windows Genuine Advantage
2007-03-17 09:54 5,248 --a------ C:\WINDOWS\system32\drivers\d347prt.sys
2007-03-17 09:54 155,136 --a------ C:\WINDOWS\system32\drivers\d347bus.sys
2007-03-17 09:54 <KANSIO> d-------- C:\Program Files\D-Tools
2007-03-16 23:39 83,096 --a------ C:\WINDOWS\system32\SSSensor.dll
2007-03-16 23:39 60,496 --a------ C:\WINDOWS\system32\drivers\Teefer.sys
2007-03-16 23:39 21,075 --a------ C:\WINDOWS\system32\drivers\wpsdrvnt.sys
2007-03-16 23:39 14,568 --a------ C:\WINDOWS\system32\drivers\wg6n.sys
2007-03-16 23:39 14,568 --a------ C:\WINDOWS\system32\drivers\wg5n.sys
2007-03-16 23:39 14,568 --a------ C:\WINDOWS\system32\drivers\wg4n.sys
2007-03-16 23:39 14,568 --a------ C:\WINDOWS\system32\drivers\wg3n.sys
2007-03-16 23:31 0 --a------ C:\WINDOWS\nsreg.dat
2007-03-16 23:31 <KANSIO> d-------- C:\DOCUME~1\REIJO~1.REI\APPLIC~1\Talkback
2007-03-16 23:27 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe
2007-03-16 23:25 8,192 --------- C:\WINDOWS\system32\bitsprx2.dll
2007-03-16 23:25 7,168 --------- C:\WINDOWS\system32\bitsprx3.dll
2007-03-16 23:25 351,232 --a------ C:\WINDOWS\system32\winhttp.dll
2007-03-16 23:25 18,944 --a------ C:\WINDOWS\system32\qmgrprxy.dll
2007-03-16 23:22 465,176 --a------ C:\WINDOWS\system32\wuapi.dll
2007-03-16 23:22 41,240 --a------ C:\WINDOWS\system32\wups.dll
2007-03-16 23:22 194,840 --a------ C:\WINDOWS\system32\wuaueng1.dll
2007-03-16 23:22 18,200 --a------ C:\WINDOWS\system32\wups2.dll
2007-03-16 23:22 173,848 --a------ C:\WINDOWS\system32\wuauclt1.exe
2007-03-16 23:22 127,256 --a------ C:\WINDOWS\system32\wucltui.dll
2007-03-16 23:21 <KANSIO> d---s---- C:\DOCUME~1\REIJO~1.REI\UserData
2007-03-14 20:50 <KANSIO> d-------- C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\AntiVir PersonalEdition Classic
2007-03-14 20:46 306,688 --a------ C:\WINDOWS\IsUninst.exe
2007-03-14 20:46 <KANSIO> d-------- C:\DOCUME~1\REIJO~1.REI\WINDOWS
2007-03-14 20:39 <KANSIO> dr------- C:\DOCUME~1\REIJO~1.REI\Omat tiedostot
2007-03-14 20:38 1,310,720 --ah----- C:\DOCUME~1\REIJO~1.REI\NTUSER.DAT
2007-03-14 20:38 <KANSIO> dr------- C:\DOCUME~1\REIJO~1.REI\Suosikit
2007-03-14 20:38 <KANSIO> dr------- C:\DOCUME~1\REIJO~1.REI\K„ynnist„-valikko
2007-03-14 20:38 <KANSIO> d--h----- C:\DOCUME~1\REIJO~1.REI\Verkkoymp„rist”
2007-03-14 20:38 <KANSIO> d--h----- C:\DOCUME~1\REIJO~1.REI\Tulostinymp„rist”
2007-03-14 20:38 <KANSIO> d--h----- C:\DOCUME~1\REIJO~1.REI\Mallit
2007-03-14 20:38 <KANSIO> d-------- C:\DOCUME~1\REIJO~1.REI\Ty”p”yt„
2007-03-14 20:37 229,376 --ah----- C:\DOCUME~1\NETWOR~1.NT-\NTUSER.DAT
2007-03-14 20:37 229,376 --ah----- C:\DOCUME~1\LOCALS~1.NT-\NTUSER.DAT
2007-03-14 20:32 229,376 ---h----- C:\DOCUME~1\DEFAUL~1.WIN\NTUSER.DAT
2007-03-14 20:32 112,128 --a------ C:\WINDOWS\system32\mapi32.dll
2007-03-14 20:31 <KANSIO> d--hs---- C:\DOCUME~1\ALLUSE~1.WIN\DRM
2007-03-14 20:30 45,568 --a------ C:\WINDOWS\system32\safrslv.dll
2007-03-14 20:30 43,520 --a------ C:\WINDOWS\system32\safrcdlg.dll
2007-03-14 20:30 43,520 --a------ C:\WINDOWS\system32\racpldlg.dll
2007-03-14 20:30 29,696 --a------ C:\WINDOWS\system32\safrdm.dll
2007-03-14 20:30 11,264 --a------ C:\WINDOWS\system32\atrace.dll
2007-03-14 20:29 86,016 --a------ C:\WINDOWS\system32\isign32.dll
2007-03-14 20:29 81,920 --a------ C:\WINDOWS\system32\ils.dll
2007-03-14 20:29 73,728 --a------ C:\WINDOWS\system32\icwdial.dll
2007-03-14 20:29 73,472 --a------ C:\WINDOWS\system32\drivers\sr.sys
2007-03-14 20:29 69,632 --a------ C:\WINDOWS\system32\msconf.dll
2007-03-14 20:29 679,424 --a------ C:\WINDOWS\system32\inetcomm.dll
2007-03-14 20:29 67,584 --a------ C:\WINDOWS\system32\srclient.dll
2007-03-14 20:29 65,536 --a------ C:\WINDOWS\system32\icwphbk.dll
2007-03-14 20:29 64,512 --a------ C:\WINDOWS\system32\acctres.dll
2007-03-14 20:29 48,640 --a------ C:\WINDOWS\system32\inetres.dll
2007-03-14 20:29 382,464 --a------ C:\WINDOWS\system32\qmgr.dll
2007-03-14 20:29 34,560 --a------ C:\WINDOWS\system32\mnmdd.dll
2007-03-14 20:29 32,768 --a------ C:\WINDOWS\system32\mnmsrvc.exe
2007-03-14 20:29 32,768 --a------ C:\WINDOWS\system32\isrdbg32.dll
2007-03-14 20:29 28,672 --a------ C:\WINDOWS\system32\nmmkcert.dll
2007-03-14 20:29 278,528 --a------ C:\WINDOWS\system32\inetcfg.dll
2007-03-14 20:29 276,480 --a------ C:\WINDOWS\system32\mstask.dll
2007-03-14 20:29 252,928 --a------ C:\WINDOWS\system32\msoeacct.dll
2007-03-14 20:29 240,640 --a------ C:\WINDOWS\system32\srrstr.dll
2007-03-14 20:29 190,976 --a------ C:\WINDOWS\system32\schedsvc.dll
2007-03-14 20:29 170,496 --a------ C:\WINDOWS\system32\srsvc.dll
2007-03-14 20:29 16,384 --a------ C:\WINDOWS\system32\icfgnt5.dll
2007-03-14 20:29 12,288 --a------ C:\WINDOWS\system32\nmevtmsg.dll
2007-03-14 20:29 12,288 --a------ C:\WINDOWS\system32\mstinit.exe
2007-03-14 20:29 105,984 --a------ C:\WINDOWS\system32\msoert2.dll
2007-03-14 20:28 97,792 --a------ C:\WINDOWS\system32\comrepl.dll
2007-03-14 20:28 956,416 --a------ C:\WINDOWS\system32\msdtctm.dll
2007-03-14 20:28 93,696 --a------ C:\WINDOWS\system32\tscfgwmi.dll
2007-03-14 20:28 9,728 --a------ C:\WINDOWS\system32\reset.exe
2007-03-14 20:28 87,176 --a------ C:\WINDOWS\system32\rdpwsx.dll
2007-03-14 20:28 85,504 --a------ C:\WINDOWS\system32\catsrvps.dll
2007-03-14 20:28 80,896 --a------ C:\WINDOWS\system32\charmap.exe
2007-03-14 20:28 73,216 --a------ C:\WINDOWS\system32\avwav.dll
2007-03-14 20:28 67,072 --a------ C:\WINDOWS\system32\rdshost.exe
2007-03-14 20:28 655,360 --a------ C:\WINDOWS\system32\mstscax.dll
2007-03-14 20:28 62,464 --a------ C:\WINDOWS\system32\rdpclip.exe
2007-03-14 20:28 605,696 --a------ C:\WINDOWS\system32\getuname.dll
2007-03-14 20:28 60,416 --a------ C:\WINDOWS\system32\remotepg.dll
2007-03-14 20:28 6,656 --a------ C:\WINDOWS\system32\wuauserv.dll
2007-03-14 20:28 6,144 --a------ C:\WINDOWS\system32\msdtc.exe
2007-03-14 20:28 58,880 --a------ C:\WINDOWS\system32\msdtclog.dll
2007-03-14 20:28 58,880 --a------ C:\WINDOWS\system32\licwmi.dll
2007-03-14 20:28 56,832 --a------ C:\WINDOWS\system32\sol.exe
2007-03-14 20:28 56,320 --a------ C:\WINDOWS\system32\servdeps.dll
2007-03-14 20:28 55,296 --a------ C:\WINDOWS\system32\freecell.exe
2007-03-14 20:28 540,160 --a------ C:\WINDOWS\system32\comuid.dll
2007-03-14 20:28 54,272 --a------ C:\WINDOWS\system32\stclient.dll
2007-03-14 20:28 538,624 --a------ C:\WINDOWS\system32\spider.exe
2007-03-14 20:28 5,632 --a------ C:\WINDOWS\system32\write.exe
2007-03-14 20:28 5,120 --a------ C:\WINDOWS\system32\dcomcnfg.exe
2007-03-14 20:28 44,544 --a------ C:\WINDOWS\system32\tscupgrd.exe
2007-03-14 20:28 44,544 --a------ C:\WINDOWS\system32\hticons.dll
2007-03-14 20:28 426,496 --a------ C:\WINDOWS\system32\msdtcprx.dll
2007-03-14 20:28 404,992 --a------ C:\WINDOWS\system32\mstsc.exe
2007-03-14 20:28 4,096 --a------ C:\WINDOWS\system32\rdpcfgex.dll
2007-03-14 20:28 4,096 --a------ C:\WINDOWS\system32\mtxex.dll
2007-03-14 20:28 39,424 --a------ C:\WINDOWS\system32\cfgbkend.dll
2007-03-14 20:28 35,328 --a------ C:\WINDOWS\system32\winchat.exe
2007-03-14 20:28 344,064 --a------ C:\WINDOWS\system32\mspaint.exe
2007-03-14 20:28 33,792 --a------ C:\WINDOWS\system32\regini.exe
2007-03-14 20:28 295,424 --a------ C:\WINDOWS\system32\termsrv.dll
2007-03-14 20:28 25,600 --a------ C:\WINDOWS\system32\comaddin.dll
2007-03-14 20:28 25,088 --a------ C:\WINDOWS\system32\mtxlegih.dll
2007-03-14 20:28 227,840 --a------ C:\WINDOWS\system32\avtapi.dll
2007-03-14 20:28 22,016 --a------ C:\WINDOWS\system32\qwinsta.exe
2007-03-14 20:28 21,896 --a------ C:\WINDOWS\system32\drivers\tdtcp.sys
2007-03-14 20:28 21,672 --a------ C:\WINDOWS\system32\emptyregdb.dat
2007-03-14 20:28 21,504 --a------ C:\WINDOWS\system32\msg.exe
2007-03-14 20:28 20,480 --a------ C:\WINDOWS\system32\qprocess.exe
2007-03-14 20:28 20,480 --a------ C:\WINDOWS\system32\mtxdm.dll
2007-03-14 20:28 19,968 --a------ C:\WINDOWS\system32\rdpsnd.dll
2007-03-14 20:28 186,368 --a------ C:\WINDOWS\system32\accwiz.exe
2007-03-14 20:28 185,344 --a------ C:\WINDOWS\system32\cmprops.dll
2007-03-14 20:28 17,408 --a------ C:\WINDOWS\system32\tsshutdn.exe
2007-03-14 20:28 17,408 --a------ C:\WINDOWS\system32\mmfutil.dll
2007-03-14 20:28 161,280 --a------ C:\WINDOWS\system32\msdtcuiu.dll
2007-03-14 20:28 16,896 --a------ C:\WINDOWS\system32\qappsrv.exe
2007-03-14 20:28 16,384 --a------ C:\WINDOWS\system32\tskill.exe
2007-03-14 20:28 16,384 --a------ C:\WINDOWS\system32\avmeter.dll
2007-03-14 20:28 15,872 --a------ C:\WINDOWS\system32\rwinsta.exe
2007-03-14 20:28 15,872 --a------ C:\WINDOWS\system32\cdmodem.dll
2007-03-14 20:28 15,360 --a------ C:\WINDOWS\system32\tscon.exe
2007-03-14 20:28 15,360 --a------ C:\WINDOWS\system32\logoff.exe
2007-03-14 20:28 147,968 --a------ C:\WINDOWS\system32\rdchost.dll
2007-03-14 20:28 147,456 --a------ C:\WINDOWS\system32\comsnap.dll
2007-03-14 20:28 140,800 --a------ C:\WINDOWS\system32\sessmgr.exe
2007-03-14 20:28 14,848 --a------ C:\WINDOWS\system32\tsdiscon.exe
2007-03-14 20:28 14,848 --a------ C:\WINDOWS\system32\shadow.exe
2007-03-14 20:28 139,528 --a------ C:\WINDOWS\system32\drivers\rdpwd.sys
2007-03-14 20:28 138,752 --a------ C:\WINDOWS\system32\sndvol32.exe
2007-03-14 20:28 131,584 --a------ C:\WINDOWS\system32\sndrec32.exe
2007-03-14 20:28 13,824 --a------ C:\WINDOWS\system32\rdsaddin.exe
2007-03-14 20:28 126,976 --a------ C:\WINDOWS\system32\mshearts.exe
2007-03-14 20:28 124,696 --a------ C:\WINDOWS\system32\wuauclt.exe
2007-03-14 20:28 123,392 --a------ C:\WINDOWS\system32\mplay32.exe
2007-03-14 20:28 12,040 --a------ C:\WINDOWS\system32\drivers\tdpipe.sys
2007-03-14 20:28 119,808 --a------ C:\WINDOWS\system32\winmine.exe
2007-03-14 20:28 114,688 --a------ C:\WINDOWS\system32\calc.exe
2007-03-14 20:28 110,080 --a------ C:\WINDOWS\system32\clbcatex.dll
2007-03-14 20:28 11,776 --a------ C:\WINDOWS\system32\xolehlp.dll
2007-03-14 20:28 11,264 --a------ C:\WINDOWS\system32\icaapi.dll
2007-03-14 20:28 102,400 --a------ C:\WINDOWS\system32\clipbrd.exe
2007-03-14 20:28 1,343,768 --a------ C:\WINDOWS\system32\wuaueng.dll
2007-03-14 20:28 1,161 --a------ C:\WINDOWS\system32\usrlogon.cmd
2007-03-14 20:27 40,840 --a------ C:\WINDOWS\system32\drivers\termdd.sys
2007-03-14 20:27 196,864 --a------ C:\WINDOWS\system32\drivers\rdpdr.sys
2007-03-14 20:24 82,944 --a------ C:\WINDOWS\system32\drivers\wdmaud.sys
2007-03-14 20:24 7,552 --a------ C:\WINDOWS\system32\drivers\mskssrv.sys
2007-03-14 20:24 60,800 --a------ C:\WINDOWS\system32\drivers\sysaudio.sys
2007-03-14 20:24 6,400 --a------ C:\WINDOWS\system32\drivers\splitter.sys
2007-03-14 20:24 54,272 --a------ C:\WINDOWS\system32\drivers\swmidi.sys
2007-03-14 20:24 52,864 --a------ C:\WINDOWS\system32\drivers\dmusic.sys
2007-03-14 20:24 5,376 --a------ C:\WINDOWS\system32\drivers\mspclock.sys
2007-03-14 20:24 4,992 --a------ C:\WINDOWS\system32\drivers\mspqm.sys
2007-03-14 20:24 2,944 --a------ C:\WINDOWS\system32\drivers\drmkaud.sys
2007-03-14 20:24 172,416 --a------ C:\WINDOWS\system32\drivers\kmixer.sys
2007-03-14 20:24 142,464 --a------ C:\WINDOWS\system32\drivers\aec.sys
2007-03-14 20:23 60,288 --a------ C:\WINDOWS\system32\drivers\drmk.sys
2007-03-14 20:23 6,400 --a------ C:\WINDOWS\system32\drivers\enum1394.sys
2007-03-14 20:23 57,216 --a------ C:\WINDOWS\system32\drivers\redbook.sys
2007-03-14 20:23 4,274,816 --a------ C:\WINDOWS\system32\nv4_disp.dll
2007-03-14 20:23 4,096 --a------ C:\WINDOWS\system32\ksuser.dll
2007-03-14 20:23 3,072 --a------ C:\WINDOWS\system32\drivers\audstub.sys
2007-03-14 20:23 20,992 --a------ C:\WINDOWS\system32\drivers\rtl8139.sys
2007-03-14 20:23 2,944 --a------ C:\WINDOWS\system32\drivers\msmpu401.sys
2007-03-14 20:23 145,792 --a------ C:\WINDOWS\system32\drivers\portcls.sys
2007-03-14 20:23 10,624 --a------ C:\WINDOWS\system32\drivers\gameenum.sys
2007-03-14 20:23 1,897,408 --a------ C:\WINDOWS\system32\drivers\nv4_mini.sys
2007-03-14 20:22 74,240 --a------ C:\WINDOWS\system32\usbui.dll
2007-03-14 20:20 9,936 --a------ C:\WINDOWS\system\LZEXPAND.DLL
2007-03-14 20:20 9,008 --a------ C:\WINDOWS\system\VER.DLL
2007-03-14 20:20 85,020 --a------ C:\WINDOWS\system32\dgsetup.dll
2007-03-14 20:20 82,944 --a------ C:\WINDOWS\system\OLECLI.DLL
2007-03-14 20:20 8,704 --a------ C:\WINDOWS\system32\batt.dll
2007-03-14 20:20 8,192 -ra------ C:\WINDOWS\system32\kbdhept.dll
2007-03-14 20:20 74,240 --a------ C:\WINDOWS\system32\storprop.dll
2007-03-14 20:20 7,168 -ra------ C:\WINDOWS\system32\kbdcz.dll
2007-03-14 20:20 69,856 --a------ C:\WINDOWS\system\AVICAP.DLL
2007-03-14 20:20 69,632 --a------ C:\WINDOWS\notepad.exe
2007-03-14 20:20 68,768 --a------ C:\WINDOWS\system\mmsystem.dll
2007-03-14 20:20 6,656 -ra------ C:\WINDOWS\system32\kbdycl.dll
2007-03-14 20:20 6,656 -ra------ C:\WINDOWS\system32\kbdsl1.dll
2007-03-14 20:20 6,656 -ra------ C:\WINDOWS\system32\kbdsl.dll
2007-03-14 20:20 6,656 -ra------ C:\WINDOWS\system32\kbdpl.dll
2007-03-14 20:20 6,656 -ra------ C:\WINDOWS\system32\kbdhu.dll
2007-03-14 20:20 6,656 -ra------ C:\WINDOWS\system32\kbdhela3.dll
2007-03-14 20:20 6,656 -ra------ C:\WINDOWS\system32\kbdcz2.dll
2007-03-14 20:20 6,656 -ra------ C:\WINDOWS\system32\kbdcz1.dll
2007-03-14 20:20 6,656 -ra------ C:\WINDOWS\system32\kbdcr.dll
2007-03-14 20:20 6,656 -ra------ C:\WINDOWS\system32\KBDAL.DLL
2007-03-14 20:20 6,144 -ra------ C:\WINDOWS\system32\kbdtuq.dll
2007-03-14 20:20 6,144 -ra------ C:\WINDOWS\system32\kbdtuf.dll
2007-03-14 20:20 6,144 -ra------ C:\WINDOWS\system32\kbdlv1.dll
2007-03-14 20:20 6,144 -ra------ C:\WINDOWS\system32\kbdlv.dll
2007-03-14 20:20 6,144 -ra------ C:\WINDOWS\system32\kbdhela2.dll
2007-03-14 20:20 6,144 -ra------ C:\WINDOWS\system32\kbdgkl.dll
2007-03-14 20:20 6,144 -ra------ C:\WINDOWS\system32\kbdest.dll
2007-03-14 20:20 5,632 -ra------ C:\WINDOWS\system32\kbdro.dll
2007-03-14 20:20 5,632 -ra------ C:\WINDOWS\system32\kbdpl1.dll
2007-03-14 20:20 5,632 -ra------ C:\WINDOWS\system32\kbdmon.dll
2007-03-14 20:20 5,632 -ra------ C:\WINDOWS\system32\kbdlt1.dll
2007-03-14 20:20 5,632 -ra------ C:\WINDOWS\system32\kbdlt.dll
2007-03-14 20:20 5,632 -ra------ C:\WINDOWS\system32\kbdkyr.dll
2007-03-14 20:20 5,632 -ra------ C:\WINDOWS\system32\kbdhu1.dll
2007-03-14 20:20 5,632 -ra------ C:\WINDOWS\system32\kbdhe319.dll
2007-03-14 20:20 5,632 -ra------ C:\WINDOWS\system32\kbdhe220.dll
2007-03-14 20:20 5,632 -ra------ C:\WINDOWS\system32\kbdhe.dll
2007-03-14 20:20 5,632 -ra------ C:\WINDOWS\system32\kbdazel.dll
2007-03-14 20:20 5,120 --a------ C:\WINDOWS\system\SHELL.DLL
2007-03-14 20:20 33,120 --a------ C:\WINDOWS\system\COMMDLG.DLL
2007-03-14 20:20 24,661 --a------ C:\WINDOWS\system32\spxcoins.dll
2007-03-14 20:20 24,064 --a------ C:\WINDOWS\system\OLESVR.DLL
2007-03-14 20:20 19,200 --a------ C:\WINDOWS\system\TAPI.DLL
2007-03-14 20:20 176,157 --a------ C:\WINDOWS\system32\dgrpsetu.dll
2007-03-14 20:20 15,360 --a------ C:\WINDOWS\TASKMAN.EXE
2007-03-14 20:20 13,312 --a------ C:\WINDOWS\system32\irclass.dll
2007-03-14 20:20 126,912 --a------ C:\WINDOWS\system\MSVIDEO.DLL
2007-03-14 20:20 11,264 --a------ C:\WINDOWS\system32\drivers\irenum.sys
2007-03-14 20:20 109,504 --a------ C:\WINDOWS\system\AVIFILE.DLL
2007-03-14 20:20 103,424 --a------ C:\WINDOWS\system32\EqnClass.Dll
2007-03-14 20:20 <KANSIO> dr------- C:\DOCUME~1\DEFAUL~1.WIN\K„ynnist„-valikko
2007-03-14 20:20 <KANSIO> dr------- C:\DOCUME~1\ALLUSE~1.WIN\Tiedostot
2007-03-14 20:20 <KANSIO> dr------- C:\DOCUME~1\ALLUSE~1.WIN\K„ynnist„-valikko
2007-03-14 20:20 <KANSIO> d--h----- C:\DOCUME~1\DEFAUL~1.WIN\Verkkoymp„rist”
2007-03-14 20:20 <KANSIO> d--h----- C:\DOCUME~1\DEFAUL~1.WIN\Tulostinymp„rist”
2007-03-14 20:20 <KANSIO> d--h----- C:\DOCUME~1\DEFAUL~1.WIN\Mallit
2007-03-14 20:20 <KANSIO> d--h----- C:\DOCUME~1\ALLUSE~1.WIN\Mallit
2007-03-14 20:20 <KANSIO> d-------- C:\DOCUME~1\DEFAUL~1.WIN\Ty”p”yt„
2007-03-14 20:20 <KANSIO> d-------- C:\DOCUME~1\DEFAUL~1.WIN\Suosikit
2007-03-14 20:20 <KANSIO> d-------- C:\DOCUME~1\ALLUSE~1.WIN\Ty”p”yt„
2007-03-14 20:20 <KANSIO> d-------- C:\DOCUME~1\ALLUSE~1.WIN\Suosikit
2007-03-10 23:09 <KANSIO> d-------- C:\Program Files\AMDAGP
2007-03-09 23:48 <KANSIO> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Drivers Headquarters
2007-02-24 16:36 <KANSIO> d-------- C:\Poker

(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-03-24 10:03 -------- d-------- C:\Program Files\dc++
2007-03-21 21:23 49574 --a------ C:\WINDOWS\system32\perfc00b.dat
2007-03-21 21:23 286308 --a------ C:\WINDOWS\system32\perfh00b.dat
2007-03-21 17:37 -------- d-------- C:\Program Files\movie maker
2007-03-21 17:36 -------- d-------- C:\Program Files\windows nt
2007-03-20 14:25 -------- d-------- C:\Program Files\ffdshow
2007-03-14 20:20 62 --ahs---- C:\DOCUME~1\REIJO~1.REI\APPLIC~1\desktop.ini
2007-03-12 08:52 -------- d--h----- C:\Program Files\installshield installation information
2007-03-11 21:18 -------- d-------- C:\Program Files\ladbrokesmpp
2007-03-09 00:31 -------- d-------- C:\Program Files\royalvegasmpp
2007-02-24 22:34 -------- d-------- C:\Program Files\unibetpokermpp
2007-02-24 16:37 -------- d-------- C:\Program Files\expekt
2007-02-18 20:02 -------- d-------- C:\Program Files\google
2007-02-04 21:16 -------- d-------- C:\Program Files\poker.com

(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"avgnt"="\"C:\\Program Files\\AntiVir PersonalEdition Classic\\avgnt.exe\" /min"
"SmcService"="C:\\PROGRA~1\\Sygate\\SPF\\smc.exe -startgui"
"DAEMON Tools-1033"="\"C:\\Program Files\\D-Tools\\daemon.exe\" -lang 1033"
"!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0

********************************************************************

catchme 0.2 W2K/XP/Vista - userland rootkit detector by Gmer, 17 October 2006
http://www.gmer.net

scanning hidden processes ...

scanning hidden services ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0

********************************************************************

Completion time: 07-03-24 10:13:04
Logfile of HijackThis v1.99.1
Scan saved at 10:20:09, on 24.3.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\reijo.REIJO-8P6L0G8AJ\Työpöytä\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1174080083321
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1174166557421
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe

tomato71 · Mar 24, 2007

Moi!
Lokit on OK
Vieläkö ongelmia ilmenee ??

reksa · Mar 25, 2007

vielä hiiri jumittaa koneen oisko laite vika.kiitos avusta

tomato71 · Mar 25, 2007

Moi!
Lokeissa ei ole mitään,ilmeisesti laitevika
Kokeile toisella hiirellä jos mahdollista

Log in or Sign up

kone temppuilee hjt log voisko joku auttaa

reksa Guest

tomato71 Regular member

reksa Guest

Auttaja Guest

tomato71 Regular member

reksa Guest

tomato71 Regular member

reksa Guest

tomato71 Regular member

reksa Guest

tomato71 Regular member

Share This Page

Log in or Sign up

kone temppuilee hjt log voisko joku auttaa

reksa Guest

tomato71 Regular member

reksa Guest

Auttaja Guest

tomato71 Regular member

reksa Guest

tomato71 Regular member

reksa Guest

tomato71 Regular member

reksa Guest

tomato71 Regular member

Share This Page

Useful Searches