Netti yhteys ja kone tökkii.

rapu26 · Sep 24, 2008

Elikkä netti yhteys pätkii kokoajan, ja välillä joutuu uusiin ip osoitteen, sit taas toimii vähän aikaa. Sit .exe tiedostot ei aina toimi, ku yritin asentaa yhtä nettipeliä niin se ei tehny yhtään mitään, ja muutenki tää kone jumittaa kokoajan. Ä ja Ö kirjaimet ei toimi. Olisin tosi kiitollinen jos joku vois vilkasta noi logit.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:14:54, on 24.9.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\TightVNC\WinVNC.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.suomi24.fi/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: BS.Player ControlBar - {2C688203-7EB3-4327-9995-1CB417BA23F9} - C:\Program Files\BS.Player ControlBar\BSToolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [WinVNC] "C:\Program Files\TightVNC\WinVNC.exe" -servicehelper
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Paikallinen palve')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Verkkopalve')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Lisää tämä blogiin - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Lisää tämä blogiin tuotteessa Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1217713997265
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe

--
End of file - 6290 bytes

SDFix: Version 1.228
Run by J„rjestelm„nvalvoja on ke 24.09.2008 at 21:50

Microsoft Windows XP [versio 5.1.2600]
Running From: C:\Documents and Settings\J„rjestelm„nvalvoja\Ty”p”yt„\SDFix

Checking Services :

Restoring Default Security Values
Restoring Default Hosts File

Rebooting

Checking Files :

No Trojan Files Found

Removing Temp Files

ADS Check :

Final Check :

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-24 21:52:23
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0

Remaining Services :

Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabledxpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000"
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"="C:\\Program Files\\Real\\RealPlayer\\realplay.exe:*:Enabled:RealPlayer"
"C:\\Program Files\\Bozteck\\VNCScan Console .NET\\vncviewer.exe"="C:\\Program Files\\Bozteck\\VNCScan Console .NET\\vncviewer.exe:*:Enabled:VNCViewer"
"C:\\WINDOWS\\pchealth\\helpctr\\binaries\\helpctr.exe"="C:\\WINDOWS\\pchealth\\helpctr\\binaries\\helpctr.exe:*:Enabled:Et„tuki - Windows Messenger ja „„niyhteys"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabledxpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

Remaining Files :

Files with Hidden Attributes :

Mon 14 Apr 2008 1,695,232 ..SH. --- "C:\Program Files\Messenger\msmsgs.exe"
Mon 14 Apr 2008 60,416 A.SH. --- "C:\Program Files\Outlook Express\msimn.exe"

Finished!

ComboFix 08-09-22.06 - Omistaja 2008-09-24 20:02:12.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1035.18.257 [GMT 3:00]
Sijainti: E:\Firefox Lataus\ComboFix.exe
* Uusi palautuspiste luotu

VAROITUS - PALAUTUSKONSOLIA EI OLE ASENNETTU !!
.

((((( Tiedostot, jotka on luotu seuraavalla aikavälillä: 2008-08-24 to 2008-09-24 )))))))))))))))))
.

2008-09-24 18:09 . 2008-09-24 18:09 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\n7-89-o9-3r-4t-r9
2008-09-24 18:08 . 2008-09-24 18:08 <KANSIO> d-------- C:\Program Files\Google
2008-09-24 18:08 . 2008-09-24 18:31 <KANSIO> d-------- C:\Program Files\GameHouse
2008-09-24 18:08 . 2008-09-24 18:08 <KANSIO> d-------- C:\Documents and Settings\Omistaja\Application Data\GameHouse
2008-09-23 00:17 . 2008-09-23 00:17 <KANSIO> d-------- C:\Program Files\Grimm's Hatchery
2008-09-21 23:42 . 2008-09-21 23:42 <KANSIO> d-------- C:\Documents and Settings\Omistaja\Application Data\ITTNord
2008-09-21 11:40 . 2008-09-21 11:41 <KANSIO> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-09-21 11:40 . 2008-09-21 11:40 <KANSIO> d-------- C:\Documents and Settings\Omistaja\Application Data\Malwarebytes
2008-09-21 11:40 . 2008-09-21 11:40 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-09-21 11:40 . 2008-09-10 00:04 38,528 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-09-21 11:40 . 2008-09-10 00:03 17,200 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-09-21 11:20 . 2005-01-20 13:47 175,616 --a------ C:\WINDOWS\system32\strings.exe
2008-09-21 11:20 . 2006-03-02 23:42 73,728 --a------ C:\WINDOWS\system32\pv.exe
2008-09-21 11:20 . 2005-01-13 21:41 39,184 --a------ C:\WINDOWS\system32\Ntrights.exe
2008-09-21 11:20 . 2005-10-19 18:50 16,384 --a------ C:\WINDOWS\system32\restart.exe
2008-09-21 11:20 . 2005-01-13 21:41 11,254 --a------ C:\WINDOWS\system32\locate.com
2008-09-21 01:09 . 2008-09-21 22:07 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\Gogii
2008-09-21 00:34 . 2008-09-21 00:34 <KANSIO> d-------- C:\Documents and Settings\Omistaja\Application Data\Media Player Classic
2008-09-21 00:32 . 2008-09-21 00:32 <KANSIO> d-------- C:\Program Files\BS.Player ControlBar
2008-09-20 00:54 . 2008-09-20 00:54 <KANSIO> d-------- C:\Documents and Settings\Omistaja\Application Data\Wildfire
2008-09-19 10:14 . 2008-09-19 10:14 <KANSIO> d-------- C:\Documents and Settings\Omistaja\Application Data\BigFishv1005
2008-09-19 09:12 . 2008-09-19 19:12 <KANSIO> d-------- C:\Documents and Settings\Omistaja\Application Data\GetRightToGo
2008-09-18 01:32 . 2008-09-18 01:33 <KANSIO> d-------- C:\Documents and Settings\Omistaja\Application Data\BeachPartyCraze
2008-09-17 23:57 . 2008-09-17 23:57 <KANSIO> d-------- C:\Documents and Settings\Omistaja\Application Data\Oberon Games
2008-09-17 23:57 . 2008-09-17 23:57 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\Oberon Games
2008-09-17 23:56 . 2008-09-21 02:12 <KANSIO> d-------- C:\Program Files\TurboFiesta_at
2008-09-17 00:08 . 2008-09-24 18:30 <KANSIO> d-------- C:\Program Files\Alawar
2008-09-17 00:08 . 2008-09-23 00:16 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\AlawarWrapper
2008-09-15 21:31 . 2008-09-15 21:31 268 --ah----- C:\sqmdata07.sqm
2008-09-15 21:31 . 2008-09-15 21:31 244 --ah----- C:\sqmnoopt07.sqm
2008-09-15 17:35 . 2008-09-15 17:35 268 --ah----- C:\sqmdata06.sqm
2008-09-15 17:35 . 2008-09-15 17:35 244 --ah----- C:\sqmnoopt06.sqm
2008-09-15 15:22 . 2008-09-15 15:22 268 --ah----- C:\sqmdata05.sqm
2008-09-15 15:22 . 2008-09-15 15:22 244 --ah----- C:\sqmnoopt05.sqm
2008-09-15 13:27 . 2008-09-15 13:27 268 --ah----- C:\sqmdata04.sqm
2008-09-15 13:27 . 2008-09-15 13:27 244 --ah----- C:\sqmnoopt04.sqm
2008-09-15 10:56 . 2008-09-15 10:56 268 --ah----- C:\sqmdata03.sqm
2008-09-15 10:56 . 2008-09-15 10:56 244 --ah----- C:\sqmnoopt03.sqm
2008-09-15 06:34 . 2008-09-15 06:34 268 --ah----- C:\sqmdata02.sqm
2008-09-15 06:34 . 2008-09-15 06:34 244 --ah----- C:\sqmnoopt02.sqm
2008-09-15 00:22 . 2008-09-15 00:22 268 --ah----- C:\sqmdata01.sqm
2008-09-15 00:22 . 2008-09-15 00:22 244 --ah----- C:\sqmnoopt01.sqm
2008-09-14 13:41 . 2
2008-09-14 01:53 . 2008-09-14 01:53 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\MysteryChronicles
2008-09-14 00:49 . 2008-09-14 02:37 <KANSIO> d-------- C:\Program Files\iWin.com
2008-09-14 00:46 . 2008-09-14 00:46 <KANSIO> d-------- C:\Documents and Settings\Omistaja\Application Data\iWinArcade
2008-09-11 20:30 . 2008-09-11 20:30 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\TERMINAL Studio
2008-09-08 20:58 . 2008-09-08 20:58 <KANSIO> d-------- C:\Program Files\Java
2008-09-08 20:58 . 2008-09-08 20:58 <KANSIO> d-------- C:\Program Files\Common Files\Java
2008-09-08 20:58 . 2008-06-10 02:32 73,728 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-09-08 20:10 . 2001-08-18 06:36 8,704 --a------ C:\WINDOWS\system32\kbdjpn.dll
2008-09-08 00:53 . 2008-09-08 00:53 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\Awem
2008-09-07 18:01 . 2008-09-24 19:19 <KANSIO> d--h-c--- C:\Documents and Settings\All Users\Application Data\~0
2008-09-07 17:44 . 2008-09-07 17:47 <KANSIO> d-------- C:\Documents and Settings\Omistaja\.VirtualBox
2008-09-07 13:38 . 2008-09-03 21:13 92,816 --a------ C:\WINDOWS\system32\drivers\VBoxDrv.sys
2008-09-07 13:38 . 2008-09-03 21:13 41,744 --a------ C:\WINDOWS\system32\drivers\VBoxUSBMon.sys
2008-09-07 13:37 . 2008-09-07 13:37 <KANSIO> d-------- C:\Program Files\Sun
2008-09-07 10:27 . 2008-09-07 10:27 <KANSIO> d-------- C:\Documents and Settings\Omistaja\Application Data\PSpad
2008-09-05 16:28 . 2008-09-05 16:28 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\Playrix Entertainment
2008-09-05 10:41 . 2008-09-05 10:41 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\Absolutist
2008-09-05 00:41 . 2008-09-05 00:41 <KANSIO> d-------- C:\Documents and Settings\Omistaja\Application Data\Games
2008-09-01 21:20 . 2008-09-01 21:20 <KANSIO> dr------- C:\Program Files\TypingMaster
2008-09-01 21:20 . 2008-09-15 20:49 <KANSIO> d-------- C:\Documents and Settings\Omistaja\Application Data\TypingMaster7
2008-08-31 13:10 . 2008-08-31 13:10 <KANSIO> d-------- C:\Program Files\Microsoft Silverlight
2008-08-28 15:01 . 2008-08-28 15:33 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\FarmFrenzy2
2008-08-27 01:09 . 2008-08-27 01:09 <KANSIO> d-------- C:\Documents and Settings\Omistaja\Application Data\Meridian93
2008-08-27 00:07 . 2008-08-27 00:07 <KANSIO> d-------- C:\Documents and Settings\Omistaja\Application Data\Skunk Studios
2008-08-27 00:07 . 2008-08-27 00:07 4,096 --a------ C:\WINDOWS\d3dx.dat
2008-08-25 00:41 . 2008-08-25 00:41 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\Reflexive
2008-08-24 05:24 . 2008-08-24 05:24 <KANSIO> d-------- C:\Documents and Settings\Omistaja\Application Data\Righteous Kill
2008-08-24 04:21 . 2008-08-24 04:21 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\DivoGames
2008-08-24 04:20 . 2008-09-13 23:33 <KANSIO> d-------- C:\Program Files\Shockwave.com

.
(((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-24 16:19 --------- d-----w C:\Program Files\Uniblue
2008-09-24 16:19 --------- d-----w C:\Documents and Settings\Omistaja\Application Data\Uniblue
2008-09-24 12:38 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-09-20 21:37 --------- d-----w C:\Program Files\Winamp
2008-09-20 21:37 --------- d-----w C:\Documents and Settings\Omistaja\Application Data\Winamp
2008-09-18 08:55 0 ----a-w C:\Program Files\uninstall.log
2008-09-13 22:44 --------- d-----w C:\Documents and Settings\Omistaja\Application Data\JewelMatch2
2008-09-08 18:48 --------- d-----w C:\Program Files\SpywareBlaster
2008-09-08 18:43 --------- d-----w C:\Documents and Settings\Omistaja\Application Data\Ashampoo
2008-09-01 04:15 --------- d-----w C:\Documents and Settings\Omistaja\Application Data\Big Fish Games
2008-08-23 19:13 --------- d-----w C:\Documents and Settings\Omistaja\Application Data\AshampooPack
2008-08-23 15:30 --------- d-----w C:\Program Files\HDD Health
2008-08-23 15:26 --------- d-----w C:\Program Files\Flash File Recovery
2008-08-23 13:37 --------- d-----w C:\Program Files\Trend Micro
2008-08-22 14:46 --------- d-----w C:\Program Files\Adobe Media Player
2008-08-21 17:43 --------- d-----w C:\Program Files\The Race
2008-08-20 22:37 --------- d-----w C:\Documents and Settings\All Users\Application Data\Intenium
2008-08-20 21:37 --------- d-----w C:\Documents and Settings\Omistaja\Application Data\TMInc
2008-08-20 20:42 --------- d-----w C:\Documents and Settings\Omistaja\Application Data\Ancient Quest of Saqqarah__bfg
2008-08-20 07:44 --------- d-----w C:\Documents and Settings\All Users\Application Data\TheRace_dev
2008-08-17 18:32 103,424 ----a-w C:\WINDOWS\system32\PowerUp3_nat.dll
2008-08-17 16:21 --------- d-----w C:\Documents and Settings\Omistaja\Application Data\TrueCrypt
2008-08-17 16:09 64 ----a-w C:\Program Files\TrueCrypt salaus Uusin
2008-08-17 14:33 2,359,350 ----a-w C:\Program Files\joku2.bmp
2008-08-17 12:11 --------- d-----w C:\Documents and Settings\All Users\Application Data\TrueCrypt
2008-08-17 12:06 64 ----a-w C:\Program Files\TrueCrypt salaus
2008-08-17 11:44 235,840 ----a-w C:\WINDOWS\system32\drivers\truecrypt.sys
2008-08-17 11:41 --------- d-----w C:\Program Files\TrueCrypt
2008-08-16 23:33 --------- d-----w C:\Documents and Settings\All Users\Application Data\SugarGames
2008-08-16 15:57 --------- d-----w C:\Program Files\PopCap Games
2008-08-15 19:40 --------- d-----w C:\Documents and Settings\All Users\Application Data\Trymedia
2008-08-15 19:39 --------- d-----w C:\Program Files\BFG
2008-08-09 21:30 --------- d-----w C:\Documents and Settings\All Users\Application Data\Slapdash Games
2008-08-08 20:40 --------- d-----w C:\Documents and Settings\Omistaja\Application Data\Apple Computer
2008-08-08 15:17 --------- d-----w C:\Documents and Settings\Omistaja\Application Data\DivX
2008-08-08 11:18 --------- d-----w C:\Program Files\Music Label 2009
2008-08-08 11:18 --------- d-----w C:\Documents and Settings\Omistaja\Application Data\Music Label
2008-08-06 17:10 --------- d-----w C:\Program Files\Unity
2008-08-05 14:53 --------- d-----w C:\Documents and Settings\Omistaja\Application Data\DeepVoyage
2008-08-05 13:50 0 ----a-w C:\Program Files\temp01
2008-08-03 05:15 --------- d-----w C:\Program Files\ReflexiveArcade
2008-08-02 22:05 --------- d-----w C:\Documents and Settings\Omistaja\Application Data\BozTeck
2008-08-02 21:56 --------- d-----w C:\Program Files\Windows Live
2008-08-02 21:47 --------- d-----w C:\Program Files\Reference Assemblies
2008-08-02 21:47 --------- d-----w C:\Program Files\MSBuild
2008-08-02 21:43 --------- d-----w C:\Program Files\Bozteck
2008-08-02 21:11
2008-08-02 19:06 --------- d-----w C:\Program Files\Common Files\Adobe AIR
2008-08-02 18:38 --------- d-----w C:\Program Files\Real
2008-08-02 18:38 --------- d-----w C:\Program Files\Common Files\xing shared
2008-08-02 18:38 --------- d-----w C:\Program Files\Common Files\Real
2008-08-02 18:34 --------- d-----w C:\Program Files\Windows Media Connect 2
2008-08-02 17:35 --------- d-----w C:\Program Files\Free WMA to MP3 Converter
2008-08-02 16:20 --------- d-----w C:\Program Files\Windows Live Toolbar
2008-08-02 16:20 --------- d-----w C:\Program Files\Microsoft SQL Server Compact Edition
2008-08-02 16:13 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
2008-08-02 16:07 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-08-02 13:44 --------- d-----w C:\Program Files\Lavasoft
2008-08-02 13:44 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-08-02 13:44 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-08-02 13:43 155,648 ----a-w C:\WINDOWS\system32\stuninstall.exe
2008-08-02 13:43 --------- d-----w C:\Program Files\Eraser
2008-08-02 13:39 --------- d-----w C:\Documents and Settings\All Users\Application Data\WinZip
2008-08-02 13:38 --------- d-----w C:\Program Files\IrfanView
2008-08-02 13:34 --------- d-----w C:\Documents and Settings\Omistaja\Application Data\BSplayer
2008-08-02 13:33 --------- d-----w C:\Program Files\Webteh
2008-08-02 13:33 --------- d-----w C:\Program Files\QuickTime
2008-08-02 13:33 --------- d-----w C:\Documents and Settings\Omistaja\Application Data\BSplayer Pro
2008-08-02 13:32 --------- d-----w C:\Program Files\Apple Software Update
2008-08-02 13:32 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-08-02 13:32 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple
2008-08-02 13:29 --------- d-----w C:\Program Files\DivX
2008-08-02 13:27 --------- d-----w C:\Program Files\K-Lite Codec Pack
2008-08-02 13:26 --------- d-----w C:\Program Files\ZD Soft
2008-08-02 13:25 --------- d-----w C:\Program Files\Common Files\Adobe
2008-08-02 13:21 --------- d-----w C:\Program Files\CCleaner
2008-08-02 13:14 --------- d-----w C:\Program Files\Sygate
2008-08-02 13:14 --------- d-----w C:\Program Files\Alwil Software
2008-08-02 13:10 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-08-02 13:07 --------- d-----w C:\Program Files\NVIDIA Corporation
2008-08-02 13:07 --------- d-----w C:\Program Files\Common Files\NVIDIA Shared
2008-08-02 13:07 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-08-02 12:44 --------- d-----w C:\Program Files\microsoft frontpage
2008-07-18 19:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
2008-07-18 19:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-07-18 19:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
2008-07-18 19:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
2008-07-18 19:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
2008-07-18 19:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-07-18 19:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
2008-07-18 19:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
2008-07-18 19:07 270,880 ----a-w C:\WINDOWS\system32\mucltui.dll
2008-07-18 19:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll
2008-07-18 18:39 586,752 ----a-w C:\WINDOWS\WLXPGSS.SCR
2008-07-07 20:28 253,952 ----a-w C:\WINDOWS\system32\es.dll
2008-06-24 16:44 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
2008-06-24 15:12 295,936 ------w C:\WINDOWS\system32\wmpeffects.dll
.

((((((((((((((((((((((((((((( snapshot@2008-09-21_14.30.06.98 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-04-14 16:11:30 61,440 -c----w C:\WINDOWS\ie7\admparse.dll
+ 2008-04-14 16:11:31 100,864 -c----w C:\WINDOWS\ie7\advpack.dll
+ 2008-04-14 16:11:32 33,792 -c----w C:\WINDOWS\ie7\custsat.dll
+ 2008-04-14 16:11:34 357,888 -c----w C:\WINDOWS\ie7\dxtmsft.dll
+ 2008-04-14 16:11:34 205,312 -c----w C:\WINDOWS\ie7\dxtrans.dll
+ 2008-04-14 16:11:34 55,808 -c----w C:\WINDOWS\ie7\extmgr.dll
+ 2008-04-14 16:11:35 38,912 -c----w C:\WINDOWS\ie7\hmmapi.dll
+ 2008-04-14 16:12:14 34,304 -c----w C:\WINDOWS\ie7\ie4uinit.exe
+ 2008-04-14 16:11:36 143,360 -c----w C:\WINDOWS\ie7\ieakeng.dll
+ 2008-04-14 16:11:36 218,112 -c----w C:\WINDOWS\ie7\ieaksie.dll
+ 2004-09-15 12:00:00 225,280 -c----w C:\WINDOWS\ie7\ieakui.dll
+ 2008-04-14 16:11:36 323,584 -c----w C:\WINDOWS\ie7\iedkcs32.dll
+ 2008-04-14 16:12:15 18,432 -c----w C:\WINDOWS\ie7\iedw.exe
+ 2008-04-14 16:11:36 251,392 -c----w C:\WINDOWS\ie7\iepeers.dll
+ 2008-04-14 16:11:36 48,640 -c----w C:\WINDOWS\ie7\iernonce.dll
+ 2008-04-14 16:11:36 62,976 -c----w C:\WINDOWS\ie7\iesetup.dll
+ 2008-04-14 16:12:15 93,184 -c----w C:\WINDOWS\ie7\iexplore.exe
+ 2008-04-14 16:11:36 35,840 -c----w C:\WINDOWS\ie7\imgutil.dll
+ 2008-04-14 16:11:36 96,256 -c----w C:\WINDOWS\ie7\inseng.dll
+ 2008-04-14 16:11:37 15,872 -c----w C:\WINDOWS\ie7\jsproxy.dll
+ 2008-04-14 16:11:38 22,016 -c----w C:\WINDOWS\ie7\licmgr10.dll
+ 2008-04-14 16:12:19 29,184 -c----w C:\WINDOWS\ie7\mshta.exe
+ 2008-04-14 16:11:39 3,066,880 -c----w C:\WINDOWS\ie7\mshtml.dll
+ 2008-04-14 16:11:39 449,024 -c----w C:\WINDOWS\ie7\mshtmled.dll
+ 2008-04-14 15:39:01 57,344 -c----w C:\WINDOWS\ie7\mshtmler.dll
+ 2004-09-15 12:00:00 146,432 -c----w C:\WINDOWS\ie7\msls31.dll
+ 2008-04-14 16:11:42 146,432 -c----w C:\WINDOWS\ie7\msrating.dll
+ 2008-04-14 16:11:42 532,480 -c----w C:\WINDOWS\ie7\mstime.dll
+ 2008-04-14 16:11:45 96,768 -c----w C:\WINDOWS\ie7\occache.dll
+ 2008-04-14 16:11:45 39,424 -c----w C:\WINDOWS\ie7\pngfilt.dll
+ 2007-10-04 06:51:52 33,472 -c----w C:\WINDOWS\ie7\spuninst\iecustom.dll
+ 2007-10-04 06:49:32 66,048 -c--a-w C:\WINDOWS\ie7\spuninst\ieResetIcons.exe
+ 2006-09-06 14:43:26 214,752 -c----w C:\WINDOWS\ie7\spuninst\spuninst.exe
+ 2006-09-06 14:43:26 380,640 -c----w C:\WINDOWS\ie7\spuninst\updspapi.dll
+ 2008-04-14 16:11:55 37,888 -c----w C:\WINDOWS\ie7\url.dll
+ 2008-04-14 16:11:55 620,032 -c----w C:\WINDOWS\ie7\urlmon.dll
+ 2008-04-14 16:11:56 278,016 -c----w C:\WINDOWS\ie7\webcheck.dll
+ 2008-04-14 16:11:55 851,968 -c----w C:\WINDOWS\ie7\vgx.dll
+ 2008-04-14 16:11:57 666,112 -c----w C:\WINDOWS\ie7\wininet.dll
+ 2007-03-06 01:31:07 22,752 -c----w C:\WINDOWS\ie7updates\KB938127-v2-IE7\spcustom.dll
+ 2007-03-06 01:31:09 14,048 -c----w C:\WINDOWS\ie7updates\KB938127-v2-IE7\spmsg.dll
+ 2007-03-06 01:31:14 214,752 -c----w C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst.exe
+ 2007-03-06 01:31:14 214,752 -c----w C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:32:23 380,640 -c----w C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\updspapi.dll
+ 2007-03-06 01:31:32 717,536 -c----w C:\WINDOWS\ie7updates\KB938127-v2-IE7\update.exe
+ 2007-03-06 01:32:23 380,640 -c----w C:\WINDOWS\ie7updates\KB938127-v2-IE7\updspapi.dll
+ 2007-08-13 15:54:10 765,952 -c----w C:\WINDOWS\ie7updates\KB938127-v2-IE7\vgx.dll
- 2008-09-21 09:09:46 29,926 ----a-r C:\WINDOWS\Installer\{A9174A72-1B46-445B-B3CF-90ED2C63D83B}\MsblIco.Exe
+ 2008-09-24 15:57:38 29,926 ----a-r C:\WINDOWS\Installer\{A9174A72-1B46-445B-B3CF-90ED2C63D83B}\MsblIco.Exe
- 2008-04-14 16:11:30 61,440 ----a-w C:\WINDOWS\system32\admparse.dll
+ 2007-08-13 15:39:20 71,680 ----a-w C:\WINDOWS\system32\admparse.dll
- 2008-04-14 16:11:31 100,864 ----a-w C:\WINDOWS\system32\advpack.dll
+ 2008-06-23 16:29:13 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
+ 2007-08-13 15:39:20 71,680 -c----w C:\WINDOWS\system32\dllcache\admparse.dll
+ 2008-06-23 16:29:13 124,928 -c----w C:\WINDOWS\system32\dllcache\advpack.dll
+ 2006-09-23 10:12:54 1,022,976 -c----w C:\WINDOWS\system32\dllcache\browseui.dll
+ 2007-08-13 15:42:54 17,408 -c----w C:\WINDOWS\system32\dllcache\corpol.dll
- 2008-04-14 16:11:32 33,792 -c--a-w C:\WINDOWS\system32\dllcache\custsat.dll
+ 2007-08-13 15:54:10 33,792 -c--a-w C:\WINDOWS\system32\dllcache\custsat.dll
+ 2008-06-23 16:29:13 347,136 -c----w C:\WINDOWS\system32\dllcache\dxtmsft.dll
+ 2008-06-23 16:29:13 214,528 -c----w C:\WINDOWS\system32\dllcache\dxtrans.dll
+ 2008-06-23 16:29:13 133,120 -c----w C:\WINDOWS\system32\dllcache\extmgr.dll
+ 2007-08-13 15:18:02 60,416 -c----w C:\WINDOWS\system32\dllcache\hmmapi.dll
+ 2008-06-23 09:21:15 70,656 -c----w C:\WINDOWS\system32\dllcache\ie4uinit.exe
+ 2008-06-23 16:29:13 153,088 -c----w C:\WINDOWS\system32\dllcache\ieakeng.dll
+ 2008-06-23 16:29:13 230,400 -c----w C:\WINDOWS\system32\dllcache\ieaksie.dll
- 2004-09-15 12:00:00 225,280 -c--a-w C:\WINDOWS\system32\dllcache\ieakui.dll
+ 2008-06-21 05:23:54 161,792 -c----w C:\WINDOWS\system32\dllcache\ieakui.dll
+ 2008-06-23 16:29:13 384,512 -c----w C:\WINDOWS\system32\dllcache\iedkcs32.dll
+ 2007-08-13 15:44:02 69,120 -c----w C:\WINDOWS\system32\dllcache\iedw.exe
+ 2007-08-13 15:45:18 78,336 -c----w C:\WINDOWS\system32\dllcache\ieencode.dll
+ 2007-08-13 15:54:10 191,488 -c----w C:\WINDOWS\system32\dllcache\iepeers.dll
+ 2008-06-23 16:29:14 44,544 -c----w C:\WINDOWS\system32\dllcache\iernonce.dll
+ 2007-08-13 15:39:12 55,296 -c----w C:\WINDOWS\system32\dllcache\iesetup.dll
+ 2008-06-23 09:21:31 625,664 -c----w C:\WINDOWS\system32\dllcache\iexplore.exe
+ 2007-08-13 15:36:06 36,352 -c----w C:\WINDOWS\system32\dllcache\imgutil.dll
+ 2007-08-13 15:39:02 92,672 -c----w C:\WINDOWS\system32\dllcache\inseng.dll
+ 2007-08-13 15:38:04 491,520 -c----w C:\WINDOWS\system32\dllcache\jscript.dll
+ 2008-06-23 16:29:15 27,648 -c----w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2007-08-13 15:44:18 40,960 -c----w C:\WINDOWS\system32\dllcache\licmgr10.dll
+ 2007-08-13 15:32:30 45,568 -c----w C:\WINDOWS\system32\dllcache\mshta.exe
+ 2008-06-24 07:29:16 3,592,192 -c----w C:\WINDOWS\system32\dllcache\mshtml.dll
+ 2008-06-23 16:29:15 477,696 -c----w C:\WINDOWS\system32\dllcache\mshtmled.dll
+ 2007-08-13 15:01:12 48,128 -c----w C:\WINDOWS\system32\dllcache\mshtmler.dll
- 2004-09-15 12:00:00 146,432 -c--a-w C:\WINDOWS\system32\dllcache\msls31.dll
+ 2007-08-13 15:54:10 156,160 -c--a-w C:\WINDOWS\system32\dllcache\msls31.dll
+ 2008-06-23 16:29:15 193,024 -c----w C:\WINDOWS\system32\dllcache\msrating.dll
+ 2008-06-23 16:29:15 671,232 -c----w C:\WINDOWS\system32\dllcache\mstime.dll
+ 2008-06-23 16:29:15 102,912 -c----w C:\WINDOWS\system32\dllcache\occache.dll
+ 2008-06-23 16:29:15 44,544 -c----w C:\WINDOWS\system32\dllcache\pngfilt.dll
+ 2006-09-23 10:12:54 1,496,576 -c----w C:\WINDOWS\system32\dllcache\shdocvw.dll
+ 2006-09-23 10:12:54 474,112 -c----w C:\WINDOWS\system32\dllcache\shlwapi.dll
+ 2008-06-23 16:29:16 105,984 -c----w C:\WINDOWS\system32\dllcache\url.dll
+ 2008-06-23 16:29:16 1,159,680 -c----w C:\WINDOWS\system32\dllcache\urlmon.dll
+ 2007-08-13 15:54:10 413,696 -c----w C:\WINDOWS\system32\dllcache\vbscript.dll
+ 2008-06-23 16:29:16 233,472 -c----w C:\WINDOWS\system32\dllcache\webcheck.dll
+ 2008-05-27 17:25:42 765,952 -c----w C:\WINDOWS\system32\dllcache\vgx.dll
+ 2008-06-23 16:29:16 826,368 -c----w C:\WINDOWS\system32\dllcache\wininet.dll
- 2008-04-14 16:11:34 357,888 ----a-w C:\WINDOWS\system32\dxtmsft.dll
+ 2008-06-23 16:29:13 347,136 ----a-w C:\WINDOWS\system32\dxtmsft.dll
- 2008-04-14 16:11:34 205,312 ----a-w C:\WINDOWS\system32\dxtrans.dll
+ 2008-06-23 16:29:13 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll
- 2008-04-14 16:11:34 55,808 ----a-w C:\WINDOWS\system32\extmgr.dll
+ 2008-06-23 16:29:13 133,120 ------w C:\WINDOWS\system32\extmgr.dll
+ 2008-06-23 16:29:13 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
- 2008-04-14 16:12:14 34,304 ----a-w C:\WINDOWS\system32\ie4uinit.exe
+ 2008-06-23 09:21:15 70,656 ------w C:\WINDOWS\system32\ie4uinit.exe
- 2008-04-14 16:11:36 143,360 ----a-w C:\WINDOWS\system32\ieakeng.dll
+ 2008-06-23 16:29:13 153,088 ------w C:\WINDOWS\system32\ieakeng.dll
- 2008-04-14 16:11:36 218,112 ----a-w C:\WINDOWS\system32\ieaksie.dll
+ 2008-06-23 16:29:13 230,400 ------w C:\WINDOWS\system32\ieaksie.dll
- 2004-09-15 12:00:00 225,280 ----a-w C:\WINDOWS\system32\ieakui.dll
+ 2008-06-21 05:23:54 161,792 ------w C:\WINDOWS\system32\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w C:\WINDOWS\system32\ieapfltr.dat
+ 2008-06-23 16:29:13 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
- 2008-04-14 16:11:36 323,584 ----a-w C:\WINDOWS\system32\iedkcs32.dll
+ 2008-06-23 16:29:13 384,512 ------w C:\WINDOWS\system32\iedkcs32.dll
+ 2008-06-23 16:29:14 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll
- 2008-04-14 16:11:36 251,392 ----a-w C:\WINDOWS\system32\iepeers.dll
+ 2007-08-13 15:54:10 191,488 ----a-w C:\WINDOWS\system32\iepeers.dll
- 2008-04-14 16:11:36 48,640 ----a-w C:\WINDOWS\system32\iernonce.dll
+ 2008-06-23 16:29:14 44,544 ------w C:\WINDOWS\system32\iernonce.dll
+ 2008-06-23 16:29:14 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
- 2008-04-14 16:11:36 62,976 ----a-w C:\WINDOWS\system32\iesetup.dll
+ 2007-08-13 15:39:12 55,296 ----a-w C:\WINDOWS\system32\iesetup.dll
+ 2007-08-13 15:54:10 180,736 ------w C:\WINDOWS\system32\ieui.dll
- 2008-04-14 16:11:36 35,840 ----a-w C:\WINDOWS\system32\imgutil.dll
+ 2007-08-13 15:36:06 36,352 ----a-w C:\WINDOWS\system32\imgutil.dll
- 2008-04-14 16:11:36 96,256 ----a-w C:\WINDOWS\system32\inseng.dll
+ 2007-08-13 15:39:02 92,672 ----a-w C:\WINDOWS\system32\inseng.dll
- 2008-04-14 16:11:37 15,872 ----a-w C:\WINDOWS\system32\jsproxy.dll
+ 2008-06-23 16:29:15 27,648 ----a-w C:\WINDOWS\system32\jsproxy.dll
- 2008-04-14 16:11:38 22,016 ----a-w C:\WINDOWS\system32\licmgr10.dll
+ 2007-08-13 15:44:18 40,960 ----a-w C:\WINDOWS\system32\licmgr10.dll
+ 2008-03-25 02:32:44 218,496 ----a-r C:\WINDOWS\system32\Macromed\Flash\FlashUtil9f.exe
+ 2008-09-21 14:22:50 74,137 ----a-w C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
+ 2008-06-23 16:29:15 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
+ 2008-06-23 16:29:15 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
+ 2007-08-13 15:36:40 12,288 ------w C:\WINDOWS\system32\msfeedssync.exe
- 2008-04-14 16:12:19 29,184 ----a-w C:\WINDOWS\system32\mshta.exe
+ 2007-08-13 15:32:30 45,568 ----a-w C:\WINDOWS\system32\mshta.exe
- 2008-04-14 16:11:39 3,066,880 ----a-w C:\WINDOWS\system32\mshtml.dll
+ 2008-06-24 07:29:16 3,592,192 ----a-w C:\WINDOWS\system32\mshtml.dll
- 2008-04-14 16:11:39 449,024 ----a-w C:\WINDOWS\system32\mshtmled.dll
+ 2008-06-23 16:29:15 477,696 ----a-w C:\WINDOWS\system32\mshtmled.dll
- 2008-04-14 15:39:01 57,344 ----a-w C:\WINDOWS\system32\mshtmler.dll
+ 2007-08-13 15:01:12 48,128 ----a-w C:\WINDOWS\system32\mshtmler.dll
- 2004-09-15 12:00:00 146,432 ----a-w C:\WINDOWS\system32\msls31.dll
+ 2007-08-13 15:54:10 156,160 ----a-w C:\WINDOWS\system32\msls31.dll
- 2008-04-14 16:11:42 146,432 ----a-w C:\WINDOWS\system32\msrating.dll
+ 2008-06-23 16:29:15 193,024 ------w C:\WINDOWS\system32\msrating.dll
- 2008-04-14 16:11:42 532,480 ----a-w C:\WINDOWS\system32\mstime.dll
+ 2008-06-23 16:29:15 671,232 ------w C:\WINDOWS\system32\mstime.dll
- 2008-04-14 16:11:45 96,768 ----a-w C:\WINDOWS\system32\occache.dll
+ 2008-06-23 16:29:15 102,912 ------w C:\WINDOWS\system32\occache.dll
- 2008-04-14 16:11:45 39,424 ----a-w C:\WINDOWS\system32\pngfilt.dll
+ 2008-06-23 16:29:15 44,544 ------w C:\WINDOWS\system32\pngfilt.dll
- 2008-04-14 16:11:55 37,888 ----a-w C:\WINDOWS\system32\url.dll
+ 2008-06-23 16:29:16 105,984 ----a-w C:\WINDOWS\system32\url.dll
- 2008-04-14 16:11:55 620,032 ----a-w C:\WINDOWS\system32\urlmon.dll
+ 2008-06-23 16:29:16 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
- 2008-04-14 16:11:56 278,016 ----a-w C:\WINDOWS\system32\webcheck.dll
+ 2008-06-23 16:29:16 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll
+ 2007-08-13 15:45:16 206,336 ------w C:\WINDOWS\system32\WinFXDocObj.exe
- 2008-04-14 16:11:57 666,112 ----a-w C:\WINDOWS\system32\wininet.dll
+ 2008-06-23 16:29:16 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
+ 2008-09-24 15:57:00 16,384 ------w C:\WINDOWS\Temp\Perflib_Perfdata_1e4.dat
+ 2008-09-24 15:56:35 16,384 ------w C:\WINDOWS\Temp\Perflib_Perfdata_710.dat
.
-- Snapshot nollattu tähän hetkeen --
.
(((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{2C688203-7EB3-4327-9995-1CB417BA23F9}"= "C:\Program Files\BS.Player ControlBar\BSToolbar.dll" [2008-08-13 757192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{2C688203-7EB3-4327-9995-1CB417BA23F9}"= "C:\Program Files\BS.Player ControlBar\BSToolbar.dll" [2008-08-13 757192]

[HKEY_CLASSES_ROOT\clsid\{2c688203-7eb3-4327-9995-1cb417ba23f9}]
[HKEY_CLASSES_ROOT\BSToolbar.ToolBandObj.1]
[HKEY_CLASSES_ROOT\TypeLib\{1FC79FB5-E4BD-48c8-B2E9-B8E74DB2C3A9}]
[HKEY_CLASSES_ROOT\BSToolbar.ToolBandObj]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360]
"ccleaner"="C:\Program Files\CCleaner\CCleaner.exe" [2008-08-22 1234160]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-12-10 7311360]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2005-12-10 86016]
"NVMixerTray"="C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" [2004-12-20 131072]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-07-19 78008]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-08-02 185896]
"nwiz"="nwiz.exe" [2005-12-10 C:\WINDOWS\system32\nwiz.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
"NoFileAssociate"= 0 (0x0)

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Käynnistä-valikko^Ohjelmat^Käynnistys^WinZip Quick Pick.lnk]
backup=C:\WINDOWS\pss\WinZip Quick Pick.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Omistaja^Käynnistä-valikko^Ohjelmat^Käynnistys^Adobe Media Player.lnk]
path=C:\Documents and Settings\Omistaja\Käynnistä-valikko\Ohjelmat\Käynnistys\Adobe Media Player.lnk
backup=C:\WINDOWS\pss\Adobe Media Player.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Omistaja^Käynnistä-valikko^Ohjelmat^Käynnistys^iWin Desktop Alerts.lnk]
path=C:\Documents and Settings\Omistaja\Käynnistä-valikko\Ohjelmat\Käynnistys\iWin Desktop Alerts.lnk
backup=C:\WINDOWS\pss\iWin Desktop Alerts.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2008-01-11 22:16 39792 C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HDDHealth]
--a------ 2008-06-15 12:14 1692672 C:\Program Files\HDD Health\hddhealth.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-05-27 10:50 413696 C:\Program Files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2008-06-10 04:27 144784 C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a------ 2008-08-02 21:38 185896 C:\Program Files\Common Files\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
--a------ 2008-08-04 02:02 36352 C:\Program Files\Winamp\winampa.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"C:\\WINDOWS\\pchealth\\helpctr\\binaries\\helpctr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 78416]
R1 VBoxDrv;VirtualBox Service;C:\WINDOWS\system32\DRIVERS\VBoxDrv.sys [2008-09-03 92816]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver;C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [2008-09-03 41744]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
R3 vidcap;vidcap;C:\WINDOWS\system32\DRIVERS\vidcap.sys [2006-12-27 9006]
.
'Ajoitetut tehtävät'-kansion sisältö
.
.
------- Täydentävä tarkistus -------
.
FireFox -: Profile - C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\bnz7vpfg.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://search.sweetim.com/search.asp?src=2&q=
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.suomi24.fi
FF -: plugin - C:\Program Files\DivX\DivX Content Uploader\npUpload.dll
FF -: plugin - C:\Program Files\Unity\WebPlayer\loader\npUnity3D32.dll
FF -: plugin - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-24 20:03:07
Windows 5.1.2600 Service Pack 3 NTFS

tarkistaa piilotettuja prosesseja ...

tarkistaa piilotettuja käynnistysarvoja ...

tarkistaa piilotettuja tiedostoja ...

tarkistus on valmis
piilotetut tiedostot: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\vsdatant]
"ImagePath"=""
.
Valmistumisajankohta: 2008-09-24 20:03:46
ComboFix-quarantined-files.txt 2008-09-24 17:03:42
ComboFix2.txt 2008-09-21 11:30:26

Ennen ajoa: 32ÿ410ÿ476ÿ544 tavua vapaana
Ajon jälkeen: 32,398,901,248 tavua vapaana

450 --- E O F --- 2008-09-22 03:27:05

L2MFIX find log 051206
These are the registry keys present
**********************************************************************************
Winlogon/notify:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000000
"DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,33,00,32,00,2e,00,64,00,6c,00,\
6c,00,00,00
"Logoff"="ChainWlxLogoffEvent"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000000
"DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,6e,00,65,00,74,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Logoff"="CryptnetWlxLogoffEvent"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
"DLLName"="cscdll.dll"
"Logon"="WinlogonLogonEvent"
"Logoff"="WinlogonLogoffEvent"
"ScreenSaver"="WinlogonScreenSaverEvent"
"Startup"="WinlogonStartupEvent"
"Shutdown"="WinlogonShutdownEvent"
"StartShell"="WinlogonStartShellEvent"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy]
"Asynchronous"=dword:00000001
"DllName"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,64,\
00,69,00,6d,00,73,00,6e,00,74,00,66,00,79,00,2e,00,64,00,6c,00,6c,00,00,00
"Startup"="WlDimsStartup"
"Shutdown"="WlDimsShutdown"
"Logon"="WlDimsLogon"
"Logoff"="WlDimsLogoff"
"StartShell"="WlDimsStartShell"
"Lock"="WlDimsLock"
"Unlock"="WlDimsUnlock"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
"DLLName"="wlnotify.dll"
"Logon"="SCardStartCertProp"
"Logoff"="SCardStopCertProp"
"Lock"="SCardSuspendCertProp"
"Unlock"="SCardResumeCertProp"
"Enabled"=dword:00000001
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
"Asynchronous"=dword:00000000
"DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Impersonate"=dword:00000000
"StartShell"="SchedStartShell"
"Logoff"="SchedEventLogOff"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
"Logoff"="WLEventLogoff"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000001
"DllName"=hex(2):73,00,63,00,6c,00,67,00,6e,00,74,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
"DLLName"="WlNotify.dll"
"Lock"="SensLockEvent"
"Logon"="SensLogonEvent"
"Logoff"="SensLogoffEvent"
"Safe"=dword:00000001
"MaxWait"=dword:00000258
"StartScreenSaver"="SensStartScreenSaverEvent"
"StopScreenSaver"="SensStopScreenSaverEvent"
"Startup"="SensStartupEvent"
"Shutdown"="SensShutdownEvent"
"StartShell"="SensStartShellEvent"
"PostShell"="SensPostShellEvent"
"Disconnect"="SensDisconnectEvent"
"Reconnect"="SensReconnectEvent"
"Unlock"="SensUnlockEvent"
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
"Asynchronous"=dword:00000000
"DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Impersonate"=dword:00000000
"Logoff"="TSEventLogoff"
"Logon"="TSEventLogon"
"PostShell"="TSEventPostShell"
"Shutdown"="TSEventShutdown"
"StartShell"="TSEventStartShell"
"Startup"="TSEventStartup"
"MaxWait"=dword:00000258
"Reconnect"="TSEventReconnect"
"Disconnect"="TSEventDisconnect"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
"DLLName"="wlnotify.dll"
"Logon"="RegisterTicketExpiredNotificationEvent"
"Logoff"="UnregisterTicketExpiredNotificationEvent"
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001

**********************************************************************************
useragent:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]

**********************************************************************************
Shell Extension key:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
"{00022613-0000-0000-C000-000000000046}"="Multimediatiedoston ominaisuusikkuna"
"{176d6597-26d3-11d1-b350-080036a75b03}"="ICM-kuvanlukijan hallinta"
"{1F2E5C40-9550-11CE-99D2-00AA006E086C}"="NTFS-suojaussivu"
"{3EA48300-8CF6-101B-84FB-666CCB9BCD32}"="OLE-asiakirjatiedoston ominaisuussivu"
"{40dd6e20-7c17-11ce-a804-00aa003ca9f6}"="Liittym„laajennus jakamista varten"
"{41E300E0-78B6-11ce-849B-444553540000}"="PlusPack CPL Extension"
"{42071712-76d4-11d1-8b24-00a0c9068ff3}"="N„ytt”sovittimen CPL-laajennus"
"{42071713-76d4-11d1-8b24-00a0c9068ff3}"="N„yt”n CPL -laajennus"
"{42071714-76d4-11d1-8b24-00a0c9068ff3}"="Display Panning CPL -laajennus"
"{4E40F770-369C-11d0-8922-00A024AB2DBB}"="Hakemistopalvelun suojaussivu"
"{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}"="Yhteensopivuussivusto"
"{56117100-C0CD-101B-81E2-00AA004AE837}"="K„ytt”liittym„n leikkeidenk„sittelytoiminto"
"{59099400-57FF-11CE-BD94-0020AF85B590}"="Levykkeen kopiointilaajennus"
"{59be4990-f85c-11ce-aff7-00aa003ca9f6}"="Microsoft Windows -verkon objektien liittym„laajennukset"
"{5DB2625A-54DF-11D0-B6C4-0800091AA605}"="ICM-n„yt”n hallinta"
"{675F097E-4C4D-11D0-B6C1-0800091AA605}"="ICM-tulostimen hallinta"
"{764BF0E1-F219-11ce-972D-00AA00A14F56}"="Tiedostonpakkauksen liittym„laajennukset"
"{77597368-7b15-11d0-a0c2-080036af3f03}"="Web-tulostimen liittym„laajennus"
"{7988B573-EC89-11cf-9C00-00AA00A14F56}"="Disk Quota UI"
"{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA}"="Salauksen pikavalikko"
"{85BBD920-42A0-1069-A2E4-08002B30309D}"="Salkku"
"{88895560-9AA2-1069-930E-00AA0030EBC8}"="HyperTerminal-kuvakkeen tunniste"
"{BD84B380-8CA2-1069-AB1D-08000948F534}"="Fonts"
"{DBCE2480-C732-101B-BE72-BA78E9AD5B27}"="ICC-profiili"
"{F37C5810-4D3F-11d0-B4BF-00AA00BBB723}"="Tulostimen suojaussivu"
"{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}"="Liittym„laajennus jakamista varten"
"{f92e8c40-3d33-11d2-b1aa-080036a75b03}"="Display TroubleShoot CPL Extension"
"{7444C717-39BF-11D1-8CD9-00C04FC29D45}"="Crypto PKO -laajennus"
"{7444C719-39BF-11D1-8CD9-00C04FC29D45}"="Crypto Sign -laajennus"
"{7007ACC7-3202-11D1-AAD2-00805FC1270E}"="Verkkoyhteydet"
"{992CFFA0-F557-101A-88EC-00DD010CCC48}"="Verkkoyhteydet"
"{E211B736-43FD-11D1-9EFB-0000F8757FCD}"="Skannerit ja kamerat"
"{FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD}"="Skannerit ja kamerat"
"{905667aa-acd6-11d2-8080-00805f6596d2}"="Skannerit ja kamerat"
"{3F953603-1008-4f6e-A73A-04AAC7A992F1}"="Skannerit ja kamerat"
"{83bbcbf3-b28a-4919-a5aa-73027445d672}"="Skannerit ja kamerat"
"{F0152790-D56E-4445-850E-4F3117DB740C}"="Remote Sessions CPL Extension"
"{60254CA5-953B-11CF-8C96-00AA00B8708C}"="Windows Script Hostin liittym„laajennukset"
"{2206CDB2-19C1-11D1-89E0-00C04FD7A829}"="Microsoft-tietolinkki"
"{DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Icon Handler"
"{797F1E90-9EDD-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Shell Extension"
"{D6277990-4C6A-11CF-8D87-00AA0060F5BF}"="Ajoitetut teht„v„t"
"{2559a1f7-21d7-11d4-bdaf-00c04f60b9f0}"="Set Program Access and Defaults"
"{5F327514-6C5E-4d60-8F16-D07FA08A78ED}"="Auto Update Property Sheet Extension"
"{0DF44EAA-FF21-4412-828E-260A8728E7F1}"="Teht„v„palkki ja K„ynnist„-valikko"
"{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}"="Etsi"
"{2559a1f1-21d7-11d4-bdaf-00c04f60b9f0}"="Ohje ja tuki"
"{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}"="Ohje ja tuki"
"{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}"="Suorita..."
"{2559a1f4-21d7-11d4-bdaf-00c04f60b9f0}"="Internet"
"{2559a1f5-21d7-11d4-bdaf-00c04f60b9f0}"="S„hk”posti"
"{D20EA4E1-3957-11d2-A40B-0C5020524152}"="Fontit"
"{D20EA4E1-3957-11d2-A40B-0C5020524153}"="Valvontaty”kalut"
"{596AB062-B4D2-4215-9F74-E9109B0A8153}"="Previous Versions Property Page"
"{9DB7A13C-F208-4981-8353-73CC61AE2783}"="Previous Versions"
"{875CB1A1-0F29-45de-A1AE-CFB4950D0B78}"="Audio Media Properties Handler"
"{40C3D757-D6E4-4b49-BB41-0E5BBEA28817}"="Video Media Properties Handler"
"{E4B29F9D-D390-480b-92FD-7DDB47101D71}"="Wav Properties Handler"
"{87D62D94-71B3-4b9a-9489-5FE6850DC73E}"="Avi Properties Handler"
"{A6FD9E45-6E44-43f9-8644-08598F5A74D9}"="Midi Properties Handler"
"{c5a40261-cd64-4ccf-84cb-c394da41d590}"="Video Thumbnail Extractor"
"{5E6AB780-7743-11CF-A12B-00AA004AE837}"="Microsoft Internet-ty”kalurivi"
"{22BF0C20-6DA7-11D0-B373-00A0C9034938}"="Lataamisen tila"
"{91EA3F8B-C99B-11d0-9815-00C04FD91972}"="Augmented Shell Folder"
"{6413BA2C-B461-11d1-A18A-080036B11A03}"="Augmented Shell Folder 2"
"{F61FFEC1-754F-11d0-80CA-00AA005B4383}"="BandProxy"
"{7BA4C742-9E81-11CF-99D3-00AA004AE837}"="Microsoft BrowserBand"
"{30D02401-6A81-11d0-8274-00C04FD5AE38}"="IE Search Band"
"{169A0691-8DF9-11d1-A1C4-00C04FD75D13}"="In-pane search"
"{07798131-AF23-11d1-9111-00A0C98BA67D}"="Web Search"
"{AF4F6510-F982-11d0-8595-00AA004CD6D8}"="Registry Tree Options Utility"
"{01E04581-4EEE-11d0-BFE9-00AA005B4383}"="&L„hiosoite"
"{A08C11D2-A228-11d0-825B-00AA005B4383}"="Address EditBox"
"{00BB2763-6A77-11D0-A535-00C04FD7D062}"="Microsoft AutoComplete"
"{7376D660-C583-11d0-A3A5-00C04FD706EC}"="TridentImageExtractor"
"{6756A641-DE71-11d0-831B-00AA005B4383}"="MRU AutoComplete List"
"{6935DB93-21E8-4ccc-BEB9-9FE3C77A297A}"="Custom MRU AutoCompleted List"
"{7e653215-fa25-46bd-a339-34a2790f3cb7}"="Accessible"
"{acf35015-526e-4230-9596-becbe19f0ac9}"="Track Popup Bar"
"{00BB2764-6A77-11D0-A535-00C04FD7D062}"="Microsoft History AutoComplete List"
"{03C036F1-A186-11D0-824A-00AA005B4383}"="Microsoft Shell Folder AutoComplete List"
"{00BB2765-6A77-11D0-A535-00C04FD7D062}"="Microsoft Multiple AutoComplete List Container"
"{ECD4FC4E-521C-11D0-B792-00A0C90312E1}"="Shell Band Site Menu"
"{3CCF8A41-5C85-11d0-9796-00AA00B90ADF}"="Shell DeskBarApp"
"{ECD4FC4C-521C-11D0-B792-00A0C90312E1}"="Shell DeskBar"
"{ECD4FC4D-521C-11D0-B792-00A0C90312E1}"="Shell Rebar BandSite"
"{DD313E04-FEFF-11d1-8ECD-0000F87A470C}"="User Assist"
"{EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}"="Global Folder Settings"
"{EFA24E61-B078-11d0-89E4-00C04FC9E26E}"="Favorites Band"
"{0A89A860-D7B1-11CE-8350-444553540000}"="Shell Automation Inproc Service"
"{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}"="Shell DocObject Viewer"
"{A5E46E3A-8849-11D1-9D8C-00C04FC99D61}"="Microsoft Browser Architecture"
"{FBF23B40-E3F0-101B-8488-00AA003E56F8}"="InternetShortcut"
"{3C374A40-BAE4-11CF-BF7D-00AA006946EE}"="Microsoft Url History Service"
"{FF393560-C2A7-11CF-BFF4-444553540000}"="History"
"{7BD29E00-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files"
"{7BD29E01-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files"
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"="Microsoft Url Search Hook"
"{A2B0DD40-CC59-11d0-A3A5-00C04FD706EC}"="IE4 Suite Splash Screen"
"{67EA19A0-CCEF-11d0-8024-00C04FD75D13}"="CDF Extension Copy Hook"
"{131A6951-7F78-11D0-A979-00C04FD705A2}"="ISFBand OC"
"{9461b922-3c5a-11d2-bf8b-00c04fb93661}"="Search Assistant OC"
"{3DC7A020-0ACD-11CF-A9BB-00AA004AE837}"="The Internet"
"{871C5380-42A0-1069-A2EA-08002B30309D}"="Internet Name Space"
"{EFA24E64-B078-11d0-89E4-00C04FC9E26E}"="Explorer Band"
"{9E56BE60-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service"
"{9E56BE61-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service"
"{88C6C381-2E85-11D0-94DE-444553540000}"="ActiveX Cache Folder"
"{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"="WebCheck"
"{ABBE31D0-6DAE-11D0-BECA-00C04FD940BE}"="Subscription Mgr"
"{F5175861-2688-11d0-9C5E-00AA00A45957}"="Subscription Folder"
"{08165EA0-E946-11CF-9C87-00AA005127ED}"="WebCheckWebCrawler"
"{E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB}"="WebCheckChannelAgent"
"{E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7}"="TrayAgent"
"{7D559C10-9FE9-11d0-93F7-00AA0059CE02}"="Code Download Agent"
"{E6CC6978-6B6E-11D0-BECA-00C04FD940BE}"="ConnectionAgent"
"{D8BD2030-6FC9-11D0-864F-00AA006809D9}"="PostAgent"
"{7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB}"="WebCheck SyncMgr Handler"
"{352EC2B7-8B9A-11D1-B8AE-006008059382}"="K„ytt”liittym„n sovelluksenhallintaohjelma"
"{0B124F8F-91F0-11D1-B8B5-006008059382}"="Sovellusluettelo asennettiin"
"{CFCCC7A0-A282-11D1-9082-006008059382}"="Darwin App Publisher"
"{e84fda7c-1d6a-45f6-b725-cb260c236066}"="Shell Image Verbs"
"{66e4e4fb-f385-4dd0-8d74-a2efd1bc6178}"="Shell Image Data Factory"
"{00E7B358-F65B-4dcf-83DF-CD026B94BFD4}"="Autoplay for SlideShow"
"{3F30C968-480A-4C6C-862D-EFC0897BB84B}"="GDI+ -tiedoston pikkukuvan purkaja"
"{9DBD2C50-62AD-11d0-B806-00C04FD706EC}"="Yhteenvetotiedot pikkukuvien k„sittelyst„ (DOCFILES)"
"{EAB841A0-9550-11cf-8C16-00805F1408F3}"="HTML-pikkukuvien purkuohjelma"
"{eb9b1153-3b57-4e68-959a-a3266bc3d7fe}"="Shell Image Property Handler"
"{CC6EEFFB-43F6-46c5-9619-51D571967F7D}"="Ohjattu Web-julkaisutoiminto"
"{add36aa8-751a-4579-a266-d66f5202ccbb}"="Valokuvien paperikopioiden tilaaminen Internetist„"
"{6b33163c-76a5-4b6c-bf21-45de9cd503a1}"="Shell Publishing Wizard Object"
"{58f1f272-9240-4f51-b6d4-fd63d1618591}"="Ohjattu Passport toiminto"
"{7A9D77BD-5403-11d2-8785-2E0420524153}"="K„ytt„j„tilit"
"{BD472F60-27FA-11cf-B8B4-444553540000}"="Compressed (zipped) Folder Right Drag Handler"
"{888DCA60-FC0A-11CF-8F0F-00C04FD7D062}"="Compressed (zipped) Folder SendTo Target"
"{692F0339-CBAA-47e6-B5B5-3B84DB604E87}"="Extensions Manager Folder"
"{63da6ec0-2e98-11cf-8d82-444553540000}"="FTP Folders Webview"
"{883373C3-BF89-11D1-BE35-080036B11A03}"="Microsoft DocProp Shell Ext"
"{A9CF0EAE-901A-4739-A481-E35B73E47F6D}"="Microsoft DocProp Inplace Edit Box Control"
"{8EE97210-FD1F-4B19-91DA-67914005F020}"="Microsoft DocProp Inplace ML Edit Box Control"
"{0EEA25CC-4362-4A12-850B-86EE61B0D3EB}"="Microsoft DocProp Inplace Droplist Combo Control"
"{6A205B57-2567-4A2C-B881-F787FAB579A3}"="Microsoft DocProp Inplace Calendar Control"
"{28F8A4AC-BBB3-4D9B-B177-82BFC914FA33}"="Microsoft DocProp Inplace Time Control"
"{8A23E65E-31C2-11d0-891C-00A024AB2DBB}"="Directory Query UI"
"{9E51E0D0-6E0F-11d2-9601-00C04FA31A86}"="Shell properties for a DS object"
"{163FDC20-2ABC-11d0-88F0-00A024AB2DBB}"="Directory Object Find"
"{F020E586-5264-11d1-A532-0000F8757D7E}"="Directory Start/Search Find"
"{0D45D530-764B-11d0-A1CA-00AA00C16E65}"="Directory Property UI"
"{62AE1F9A-126A-11D0-A14B-0800361B1103}"="Directory Context Menu Verbs"
"{ECF03A33-103D-11d2-854D-006008059367}"="MyDocs Copy Hook"
"{ECF03A32-103D-11d2-854D-006008059367}"="MyDocs Drop Target"
"{4a7ded0a-ad25-11d0-98a8-0800361b1103}"="MyDocs Properties"
"{750fdf0e-2a26-11d1-a3ea-080036587f03}"="Offline Files Menu"
"{10CFC467-4392-11d2-8DB4-00C04FA31A66}"="Offline Files Folder Options"
"{AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E}"="Offline-tiedostot-kansio"
"{143A62C8-C33B-11D1-84FE-00C04FA34A14}"="Microsoft Agent Character Property Sheet Handler"
"{ECCDF543-45CC-11CE-B9BF-0080C87CDBA6}"="DfsShell"
"{60fd46de-f830-4894-a628-6fa81bc0190d}"="%DESC_PublishDropTarget%"
"{7A80E4A8-8005-11D2-BCF8-00C04F72C717}"="MMC Icon Handler"
"{0CD7A5C0-9F37-11CE-AE65-08002B2E1262}"=".CAB file viewer"
"{32714800-2E5F-11d0-8B85-00AA0044F941}"="&Henkil”it„..."
"{8DD448E6-C188-4aed-AF92-44956194EB1F}"="Windows Media Player Burn Audio CD Context Menu Handler"
"{CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C}"="Windows Media Player Play as Playlist Context Menu Handler"
"{F1B9284F-E9DC-4e68-9D7E-42362A59F0FD}"="Windows Media Player Add to Playlist Context Menu Handler"
"{A70C977A-BF00-412C-90B7-034C51DA2439}"="NvCpl DesktopContext Class"
"{FFB699E0-306A-11d3-8BD1-00104B6F7516}"="Play on my TV helper"
"{1CDB2949-8F65-4355-8456-263E7C208A5D}"="Desktop Explorer"
"{1E9B04FB-F9E5-4718-997B-B8DA88302A47}"="Desktop Explorer Menu"
"{1E9B04FB-F9E5-4718-997B-B8DA88302A48}"="nView Desktop Context Menu"
"{472083B0-C522-11CF-8763-00608CC02F24}"="avast"
"{E0D79304-84BE-11CE-9641-444553540000}"="WinZip"
"{E0D79305-84BE-11CE-9641-444553540000}"="WinZip"
"{E0D79306-84BE-11CE-9641-444553540000}"="WinZip"
"{E0D79307-84BE-11CE-9641-444553540000}"="WinZip"
"{8BE13461-936F-11D1-A87D-444553540000}"="Eraser Shell Extension"
"{21569614-B795-46b1-85F4-E737A8DC09AD}"="Shell Search Band"
"{FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D}"="Messenger Sharing Folders"
"{e82a2d71-5b2f-43a0-97b8-81be15854de8}"="ShellLink for Application References"
"{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75}"="Shell Icon Handler for Application References"
"{0563DB41-F538-4B37-A92D-4659049B7766}"="WLMD Message Handler"
"{640167b4-59b0-47a6-b335-a6b3c0695aea}"="Portable Media Devices"
"{35786D3C-B075-49b9-88DD-029876E11C01}"="Portable Devices"
"{D6791A63-E7E2-4fee-BF52-5DED8E86E9B8}"="Portable Devices Menu"
"{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}"="Shell Extensions for RealOne Player"
"{45670FA8-ED97-4F44-BC93-305082590BFB}"="Microsoft.XPS.Shell.Metadata.1"
"{44121072-A222-48f2-A58A-6D9AD51EBBE9}"="Microsoft.XPS.Shell.Thumbnail.1"
"{06A2568A-CED6-4187-BB20-400B8C02BE5A}"=""
"{00F33137-EE26-412F-8D71-F84E4C2C6625}"=""
"{2BE99FD4-A181-4996-BFA9-58C5FFD11F6C}"="Windows Live Photo Gallery Autoplay Drop Target"
"{00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C}"="Windows Live Photo Gallery Viewer Drop Target"
"{00F374B7-B390-4884-B372-2FC349F2172B}"="Windows Live Photo Gallery Editor Drop Target"
"{00F346CB-35A4-465B-8B8F-65A29DBAB1F6}"="Windows Live Photo Gallery Viewer Drop Target Shim"
"{00F3712A-CA79-45B4-9E4D-D7891E7F8B9D}"="Windows Live Photo Gallery Editor Drop Target Shim"
"{00F30F90-3E96-453B-AFCD-D71989ECC2C7}"="Windows Live Photo Gallery Autoplay Drop Target Shim"
"{B41DB860-8EE4-11D2-9906-E49FADC173CA}"="WinRAR shell extension"
"{8903F6C9-25E3-40AC-A98F-E6D35CD0469C}"="PSPad"
"{07C45BB1-4A8C-4642-A1F5-237E7215FF66}"="IE Microsoft BrowserBand"
"{1C1EDB47-CE22-4bbb-B608-77B48F83C823}"="IE Fade Task"
"{205D7A97-F16D-4691-86EF-F3075DCCA57D}"="IE Menu Desk Bar"
"{3028902F-6374-48b2-8DC6-9725E775B926}"="IE AutoComplete"
"{43886CD5-6529-41c4-A707-7B3C92C05E68}"="IE Navigation Bar"
"{44C76ECD-F7FA-411c-9929-1B77BA77F524}"="IE Menu Site"
"{4B78D326-D922-44f9-AF2A-07805C2A3560}"="IE Menu Band"
"{6038EF75-ABFC-4e59-AB6F-12D397F6568D}"="IE Microsoft History AutoComplete List"
"{6B4ECC4F-16D1-4474-94AB-5A763F2A54AE}"="IE Tracking Shell Menu"
"{6CF48EF8-44CD-45d2-8832-A16EA016311B}"="IE IShellFolderBand"
"{73CFD649-CD48-4fd8-A272-2070EA56526B}"="IE BandProxy"
"{98FF6D4B-6387-4b0a-8FBD-C5C4BB17B4F8}"="IE MRU AutoComplete List"
"{9A096BB5-9DC3-4D1C-8526-C3CBF991EA4E}"="IE RSS Feeder Folder"
"{9D958C62-3954-4b44-8FAB-C4670C1DB4C2}"="IE Microsoft Shell Folder AutoComplete List"
"{B31C5FAE-961F-415b-BAF0-E697A5178B94}"="IE Microsoft Multiple AutoComplete List Container"
"{BC476F4C-D9D7-4100-8D4E-E043F6DEC409}"="Microsoft Browser Architecture"
"{BFAD62EE-9D54-4b2a-BF3B-76F90697BD2A}"="IE Shell Rebar BandSite"
"{E6EE9AAC-F76B-4947-8260-A9F136138E11}"="IE Shell Band Site Menu"
"{F2CF5485-4E02-4f68-819C-B92DE9277049}"="&Links"
"{F83DAC1C-9BB9-4f2b-B619-09819DA81B0E}"="IE Registry Tree Options Utility"
"{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75}"="IE User Assist"
"{FDE7673D-2E19-4145-8376-BBD58C4BC7BA}"="IE Custom MRU AutoCompleted List"

**********************************************************************************
HKEY ROOT CLASSIDS:
Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{06A2568A-CED6-4187-BB20-400B8C02BE5A}]
"AppId"="{06A2568A-CED6-4187-BB20-400B8C02BE5A}"

[HKEY_CLASSES_ROOT\CLSID\{06A2568A-CED6-4187-BB20-400B8C02BE5A}\LocalServer32]
@="C:\\Program Files\\Windows Live\\Photo Gallery\\WLXPhotoAcquireWizard.exe"
"ServerExecutable"="C:\\Program Files\\Windows Live\\Photo Gallery\\WLXPhotoAcquireWizard.exe"

**********************************************************************************
Files Found are not all bad files:

C:\WINDOWS\SYSTEM32\
cdm.dll Fri 18 Jul 2008 22.10.48 A.... 94 920 92,70 K
es.dll Mon 7 Jul 2008 23.28.50 A.... 253 952 248,00 K
mucltui.dll Fri 18 Jul 2008 22.07.34 A.... 270 880 264,53 K
muweb.dll Fri 18 Jul 2008 22.07.32 A.... 210 976 206,03 K
pncrt.dll Sat 2 Aug 2008 21.38.12 A.... 278 528 272,00 K
pndx5016.dll Sat 2 Aug 2008 21.38.14 A.... 6 656 6,50 K
pndx5032.dll Sat 2 Aug 2008 21.38.14 A.... 5 632 5,50 K
poweru~1.dll Sun 17 Aug 2008 21.32.04 A.... 103 424 101,00 K
wuapi.dll Fri 18 Jul 2008 22.09.44 A.... 563 912 550,70 K
wuaueng.dll Fri 18 Jul 2008 22.09.42 A.... 1 811 656 1,73 M
wucltui.dll Fri 18 Jul 2008 22.09.46 A.... 325 832 318,20 K
wups.dll Fri 18 Jul 2008 22.10.20 A.... 36 552 35,70 K
wups2.dll Fri 18 Jul 2008 22.10.40 A.... 45 768 44,70 K
wuweb.dll Fri 18 Jul 2008 22.09.44 A.... 205 000 200,20 K

14 items found: 14 files, 0 directories.
Total of file sizes: 4 213 688 bytes 4,02 M
Locate .tmp files:

No matches found.
**********************************************************************************
Directory Listing of system files:
Aseman C nimi on Windows XP
Aseman sarjanumero on 8867-EB2F

Kansio C:\WINDOWS\System32

22.09.2008 06:27 <KANSIO> dllcache
02.08.2008 15:48 <KANSIO> Microsoft
0 tiedosto(a) 0 tavua
2 kansio(ta) 32ÿ413ÿ499ÿ392 tavua vapaana

Malwarebytes' Anti-Malware 1.28
Tietokantaversio: 1203
Windows 5.1.2600 Service Pack 3

24.9.2008 22:13:27
mbam-log-2008-09-24 (22-13-27).txt

Tarkistustyyppi: Täysi tarkistus (C:\|)
Tarkistetut kohteet: 81046
Kulunut aika: 11 minute(s), 30 second(s)

Saastuneita muistiprosesseja: 0
Saastuneita muistimoduuleja: 0
Saastuneita rekisteriavaimia: 0
Saastuneita rekisteriarvoja: 0
Saastuneita rekisterikohteita: 0
Saastuneita hakemistoja: 0
Saastuneita tiedostoja: 0

Saastuneita muistiprosesseja:
(Haitallisia kohteita ei löydetty)

Saastuneita muistimoduuleja:
(Haitallisia kohteita ei löydetty)

Saastuneita rekisteriavaimia:
(Haitallisia kohteita ei löydetty)

Saastuneita rekisteriarvoja:
(Haitallisia kohteita ei löydetty)

Saastuneita rekisterikohteita:
(Haitallisia kohteita ei löydetty)

Saastuneita hakemistoja:
(Haitallisia kohteita ei löydetty)

Saastuneita tiedostoja:
(Haitallisia kohteita ei löydetty)

Käyttämätön tiedostotyyppi .eta - Google Earth.etafile HKCR\.eta
Käyttämätön tiedostotyyppi .kml - Google Earth.kmlfile HKCR\.kml
Käyttämätön tiedostotyyppi .kmz - Google Earth.kmzfile HKCR\.kmz
Käyttämätön tiedostotyyppi .bfg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bfg
Käyttämätön tiedostotyyppi .srt HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srt
Käyttämätön tiedostotyyppi .sub HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sub
ActiveX/COM virhe gds_deskband.Deskband - {38F4C281-2396-424B-8B62-F236B44ADB02} HKCR\gds_deskband.Deskband
ActiveX/COM virhe gds_deskband.Deskband.1 - {38F4C281-2396-424B-8B62-F236B44ADB02} HKCR\gds_deskband.Deskband.1
ActiveX/COM virhe gds_deskband.DeskbandController - {CCE15A15-75F9-4F05-AFF0-194FB588D26B} HKCR\gds_deskband.DeskbandController
ActiveX/COM virhe gds_deskband.DeskbandController.1 - {CCE15A15-75F9-4F05-AFF0-194FB588D26B} HKCR\gds_deskband.DeskbandController.1
Virheellinen oletuskuvake "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe",0 HKCR\GoogleGadget\DefaultIcon
'Avaa sovelluksessa'-virhe "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /display /load "%1" HKCR\GoogleGadget\shell\open
Virheellinen oletuskuvake "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe",0 HKCR\GoogleGadgetContainer\DefaultIcon
'Avaa sovelluksessa'-virhe "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /display /load "%1" HKCR\GoogleGadgetContainer\shell\open
Virheellinen oletuskuvake "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe",0 HKCR\GoogleGadgetManifest\DefaultIcon
'Avaa sovelluksessa'-virhe "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /display /load "%1" HKCR\GoogleGadgetManifest\shell\open
ActiveX/COM virhe Office.Desktop.Google.com - {FC4482E9-08FC-493a-BA7D-7ED5A6DD0938} HKCR\Office.Desktop.Google.com
'Avaa sovelluksessa'-virhe "C:\Program Files\bfgclient\bfgprocess.exe" "%1" HKCR\Applications\bfgprocess.exe\shell\open
Asennusohjelmien viitevirheet C:\Documents and Settings\Omistaja\Application Data\Uniblue\DriverScanner HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Sovelluksen poisto-ohjelmien viitevirheet {09966C32-C34D-4FF4-8C7E-94A9630DDEF8} HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{09966C32-C34D-4FF4-8C7E-94A9630DDEF8}
Sovelluksen poisto-ohjelmien viitevirheet {09DB9CA5-BF79-44DF-9628-BF1AE85BE38D} HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{09DB9CA5-BF79-44DF-9628-BF1AE85BE38D}
Sovelluksen poisto-ohjelmien viitevirheet {0AC7E4F7-2E59-45A7-B8CB-904160EB88B3} HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{0AC7E4F7-2E59-45A7-B8CB-904160EB88B3}
Sovelluksen poisto-ohjelmien viitevirheet {125F0ACC-D3FC-402B-8D96-27F6E46D00D5} HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{125F0ACC-D3FC-402B-8D96-27F6E46D00D5}
Sovelluksen poisto-ohjelmien viitevirheet {14D00B5A-64AE-4D82-8751-EC1F486D9292} HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{14D00B5A-64AE-4D82-8751-EC1F486D9292}
Sovelluksen poisto-ohjelmien viitevirheet {19DBC608-AD2B-4F4C-AEE2-C19DAC252408} HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{19DBC608-AD2B-4F4C-AEE2-C19DAC252408}
Sovelluksen poisto-ohjelmien viitevirheet {21BD6E1E-F358-4A5A-82B8-525379F2BADF} HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{21BD6E1E-F358-4A5A-82B8-525379F2BADF}
Sovelluksen poisto-ohjelmien viitevirheet {2318C2B1-4965-11d4-9B18-009027A5CD4F} HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{2318C2B1-4965-11d4-9B18-009027A5CD4F}
Sovelluksen poisto-ohjelmien viitevirheet {2F1F95D4-C1D4-4B76-9E04-9DAF45413C9B} HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{2F1F95D4-C1D4-4B76-9E04-9DAF45413C9B}
Sovelluksen poisto-ohjelmien viitevirheet {3F17F488-C976-4DE5-86F1-66CDB7D89DAA} HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{3F17F488-C976-4DE5-86F1-66CDB7D89DAA}
Sovelluksen poisto-ohjelmien viitevirheet {45D68F08-56A0-4412-BB0F-8492BE978AC7} HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{45D68F08-56A0-4412-BB0F-8492BE978AC7}
Sovelluksen poisto-ohjelmien viitevirheet {558CD0A7-0548-4220-88FE-01CC1477DF61} HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{558CD0A7-0548-4220-88FE-01CC1477DF61}
Sovelluksen poisto-ohjelmien viitevirheet {5AC9F44E-06C7-41E3-A464-37177AB9105D} HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{5AC9F44E-06C7-41E3-A464-37177AB9105D}
Sovelluksen poisto-ohjelmien viitevirheet {5EBEED69-5839-4416-AAB0-528BDB7C1131} HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{5EBEED69-5839-4416-AAB0-528BDB7C1131}
Sovelluksen poisto-ohjelmien viitevirheet {63525AF9-F73D-4807-BECC-47C17C8B9A0B} HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{63525AF9-F73D-4807-BECC-47C17C8B9A0B}
Sovelluksen poisto-ohjelmien viitevirheet {6B266F0B-9E3D-4CCA-B6FD-DCE97D0BA6DB} HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{6B266F0B-9E3D-4CCA-B6FD-DCE97D0BA6DB}
Sovelluksen poisto-ohjelmien viitevirheet {71BCFD6C-3A9D-428E-95D6-BEA667633247} HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{71BCFD6C-3A9D-428E-95D6-BEA667633247}
Sovelluksen poisto-ohjelmien viitevirheet {72B9885B-429A-4331-B718-2E3359699C59} HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{72B9885B-429A-4331-B718-2E3359699C59}
Sovelluksen poisto-ohjelmien viitevirheet {7C3E3706-8FBD-4169-9726-0A47FBF9D32A} HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{7C3E3706-8FBD-4169-9726-0A47FBF9D32A}
Sovelluksen poisto-ohjelmien viitevirheet {901C63FD-6673-47A6-9B5F-B13E3EBFA470} HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{901C63FD-6673-47A6-9B5F-B13E3EBFA470}
Sovelluksen poisto-ohjelmien viitevirheet {A1760B3B-1A03-420D-955E-495B532E726A} HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{A1760B3B-1A03-420D-955E-495B532E726A}
Sovelluksen poisto-ohjelmien viitevirheet {B6A7EA2F-AB54-4642-B648-9D1EF3901A08} HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{B6A7EA2F-AB54-4642-B648-9D1EF3901A08}
Sovelluksen poisto-ohjelmien viitevirheet {BC45FAD8-37F5-4502-9760-0AB3635ECBCD} HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{BC45FAD8-37F5-4502-9760-0AB3635ECBCD}
Sovelluksen poisto-ohjelmien viitevirheet {C3CE4CED-46B0-407E-A703-7A83AAE02A36} HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{C3CE4CED-46B0-407E-A703-7A83AAE02A36}
Sovelluksen poisto-ohjelmien viitevirheet {CAED31B1-F1EF-4CD3-AE92-58FA3963DA3D} HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CAED31B1-F1EF-4CD3-AE92-58FA3963DA3D}
Sovelluksen poisto-ohjelmien viitevirheet {D264B937-F97B-4C4F-AA6A-7C31FC09AC4B} HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{D264B937-F97B-4C4F-AA6A-7C31FC09AC4B}
Sovelluksen poisto-ohjelmien viitevirheet {D935CC5E-D49D-4E8A-B8D7-1585B39B67C1} HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{D935CC5E-D49D-4E8A-B8D7-1585B39B67C1}
Sovelluksen poisto-ohjelmien viitevirheet {DBE84DB2-1794-4244-9859-9B720CA89B4D} HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{DBE84DB2-1794-4244-9859-9B720CA89B4D}
Sovelluksen poisto-ohjelmien viitevirheet {DE51516F-F905-4126-9165-56A323641297} HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{DE51516F-F905-4126-9165-56A323641297}
Sovelluksen poisto-ohjelmien viitevirheet {E4AA17E3-D058-48B3-8D3B-E96FC2C95376} HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{E4AA17E3-D058-48B3-8D3B-E96FC2C95376}
Sovelluksen poisto-ohjelmien viitevirheet {F10DA4F3-D5E3-46F8-B403-EFBD44936922} HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{F10DA4F3-D5E3-46F8-B403-EFBD44936922}
Sovelluksen poisto-ohjelmien viitevirheet {F25DB693-5AF2-4739-B20A-EB8E05E0F72D} HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{F25DB693-5AF2-4739-B20A-EB8E05E0F72D}
Sovelluksen poisto-ohjelmien viitevirheet {F68E3631-68ED-4970-8D77-B81FE83AA6A1} HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{F68E3631-68ED-4970-8D77-B81FE83AA6A1}
Sovelluksen poisto-ohjelmien viitevirheet {FBA6882A-8289-4DAF-A8D1-AD591FD9DF3A} HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{FBA6882A-8289-4DAF-A8D1-AD591FD9DF3A}
Sovelluksen poisto-ohjelmien viitevirheet {FE44A47C-35CB-4FF6-A89A-528B028F7ABF} HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{FE44A47C-35CB-4FF6-A89A-528B028F7ABF}
Vanhentunut käynnistysvalikon viite Fashion Apprentice HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Fashion Apprentice
Vanhentunut käynnistysvalikon viite Mystery Chronicles - Murder Among Friends HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Mystery Chronicles - Murder Among Friends
Vanhentunut käynnistysvalikon viite Scrapbook Paige HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Scrapbook Paige
Vanhentunut käynnistysvalikon viite The Hidden Object Show HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\The Hidden Object Show
Vanhentunut käynnistysvalikon viite Uniblue HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Uniblue
Vanhentunut käynnistysvalikon viite DriverScanner 2009 HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Uniblue\DriverScanner 2009
Puuttuva MUI-sovelluslokiviittaus C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe HKCU\Software\Microsoft\Windows\ShellNoRoam\MUICache
Puuttuva MUI-sovelluslokiviittaus C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe HKCU\Software\Microsoft\Windows\ShellNoRoam\MUICache
Puuttuva MUI-sovelluslokiviittaus C:\32788R22FWJFW\nircmd.com HKCU\Software\Microsoft\Windows\ShellNoRoam\MUICache
Puuttuva MUI-sovelluslokiviittaus C:\32788R22FWJFW\hidec.exe HKCU\Software\Microsoft\Windows\ShellNoRoam\MUICache
Puuttuva MUI-sovelluslokiviittaus C:\WINDOWS\system32\CF678.exe HKCU\Software\Microsoft\Windows\ShellNoRoam\MUICache
Puuttuva MUI-sovelluslokiviittaus C:\ComboFix\nircmd.com HKCU\Software\Microsoft\Windows\ShellNoRoam\MUICache
Puuttuva MUI-sovelluslokiviittaus C:\ComboFix\NirCmd.cfexe HKCU\Software\Microsoft\Windows\ShellNoRoam\MUICache
Puuttuva MUI-sovelluslokiviittaus C:\WINDOWS\system32\CF825.exe HKCU\Software\Microsoft\Windows\ShellNoRoam\MUICache
Puuttuva MUI-sovelluslokiviittaus C:\ComboFix\ERUNT.cfexe HKCU\Software\Microsoft\Windows\ShellNoRoam\MUICache

Log in or Sign up

Netti yhteys ja kone tökkii.

rapu26 Guest

Share This Page

Log in or Sign up

Netti yhteys ja kone tökkii.

rapu26 Guest

Share This Page

Useful Searches