Nyt on alkanu kone ns. tökkimään.. Eli tapahtuu semmosia pieniä "lageja" jonka huomaa esim. sillain että hiirtä kun liikuttaa ni se tökkii tasasin väliajoin. Kyseisen ilmiön huomaa vielä selvemmin peleissä kun koko peli tökkii samanlailla kuin hiiri työpöydällä. Se on vähän niinkuin kaikki pysähtys 20millisekunnin ajaks. Ja tämä alkoi ihan yht'äkkiä ei mitään hajua minkä takia. Viruksia tässä epäilen pääasiassa mutta kaiken näkösiä ohjelmia olen koittanu eikä löydä mitään. Asemat eheytetty useaan otteeseen jopa. Olisko silti jostain viruksesta/madosta kyse? Tässä olis HJT logi jospa sieltä löytyisi jotain mielenkiintoista. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 4:53:55, on 22.5.2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16640) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\SOUNDMAN.EXE C:\program files\powerstrip\pstrip.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\COMODO\Firewall\cfp.exe C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\COMODO\Firewall\cmdagent.exe C:\Program Files\DAEMON Tools Lite\daemon.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Mozilla Firefox2\firefox.exe D:\HT\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [PowerStrip] c:\program files\powerstrip\pstrip.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Paikallinen palve') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Verkkopalve') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra button: Lisää tämä blogiin - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Lisää tämä blogiin tuotteessa Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\Firewall\cmdagent.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 6412 bytes
1.Lataa combofix.exe työpöydällesi yhdestä linkistä: combofix1 combofix2 2. Tuplaklikkaa combofix.exe tiedostoa ja seuraa ohjeistuksia. 3. Kun työkalu on valmis, se tuottaa lokin. Lähetä tämä loki viesti ketjuusi. Huom! Älä klikkaile combofixin ikkunaa käytön aikana. Tämä saattaa aiheuttaa ohjelman jumiutumisen.
Tässä olis logit. ComboFix 08-05-21.3 - Tauno Palo 2008-05-22 21:06:52.2 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1035.18.1017 [GMT 3:00] Running from: C:\Documents and Settings\Tauno Palo\Työpöytä\ComboFix.exe * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((( Tiedostot, jotka on luotu seuraavalla aikavälillä: 2008-04-22 to 2008-05-22 ))))))))))))))))) . 2008-05-22 02:06 . 2008-05-22 02:11 <KANSIO> d-------- C:\WINDOWS\BDOSCAN8 2008-05-22 00:58 . 2008-03-25 02:37 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl 2008-05-22 00:56 . 2008-05-22 00:58 <KANSIO> d-------- C:\Program Files\Java 2008-05-22 00:56 . 2008-05-22 00:56 <KANSIO> d-------- C:\Program Files\Common Files\Java 2008-05-21 22:58 . 2008-05-21 23:02 1,374 --a------ C:\WINDOWS\imsins.BAK 2008-05-21 22:25 . 2008-05-21 22:25 <KANSIO> d-------- C:\Documents and Settings\Tauno Palo\Application Data\Malwarebytes 2008-05-21 22:24 . 2008-05-21 22:24 <KANSIO> d-------- C:\Program Files\Malwarebytes' Anti-Malware 2008-05-21 22:24 . 2008-05-21 22:24 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2008-05-21 22:24 . 2008-05-05 20:46 27,048 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys 2008-05-21 22:24 . 2008-05-05 20:46 15,864 --a------ C:\WINDOWS\system32\drivers\mbam.sys 2008-05-21 22:01 . 2008-05-21 22:01 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\Logitech 2008-05-21 20:50 . 2008-05-21 20:50 <KANSIO> d-------- C:\Program Files\COMODO 2008-05-21 20:50 . 2008-05-21 20:50 <KANSIO> d-------- C:\Documents and Settings\Tauno Palo\Application Data\Comodo 2008-05-21 20:50 . 2008-05-21 21:19 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\comodo 2008-05-21 20:50 . 2008-05-21 21:13 139,008 --a------ C:\WINDOWS\system32\guard32.dll 2008-05-21 20:50 . 2008-05-21 21:13 87,312 --a------ C:\WINDOWS\system32\drivers\cmdguard.sys 2008-05-21 20:50 . 2008-05-21 21:13 23,824 --a------ C:\WINDOWS\system32\drivers\cmdhlp.sys 2008-05-21 05:43 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll 2008-05-21 01:26 . 2008-05-21 01:26 <KANSIO> d-------- C:\Program Files\CCleaner 2008-05-19 03:51 . 2008-05-19 03:51 <KANSIO> d-------- C:\Program Files\Common Files\NSV 2008-05-19 03:48 . 2008-05-19 03:49 <KANSIO> d-------- C:\Program Files\Winamp 2008-05-19 03:48 . 2008-05-21 23:44 <KANSIO> d-------- C:\Documents and Settings\Tauno Palo\Application Data\Winamp 2008-05-17 17:29 . 2008-05-17 17:29 <KANSIO> d-------- C:\Program Files\DIFX 2008-05-17 17:05 . 2008-05-17 17:05 <KANSIO> dr-h----- C:\Documents and Settings\Tauno Palo\Application Data\SecuROM 2008-05-16 20:23 . 2008-05-16 20:23 <KANSIO> d--h----- C:\WINDOWS\PIF 2008-05-14 04:29 . 2008-05-14 04:29 41,296 --a------ C:\WINDOWS\system32\xfcodec.dll 2008-05-05 23:11 . 2008-05-05 23:16 <KANSIO> d-------- C:\WINDOWS\system32\Adobe 2008-05-05 01:37 . 2008-05-05 01:37 <KANSIO> d-------- C:\WINDOWS\Applian FLV Player 2008-04-25 11:58 . 2008-05-22 00:44 <KANSIO> d-------- C:\Program Files\Common Files\Real 2008-04-22 06:01 . 2008-04-22 06:01 278,984 --a------ C:\WINDOWS\system32\drivers\atksgt.sys 2008-04-22 06:01 . 2008-04-22 06:01 25,416 --a------ C:\WINDOWS\system32\drivers\lirsgt.sys . (((((((((((((((((((((((((((((((((((( Find3M-raportti )))))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-05-22 18:06 --------- d-----w C:\Program Files\mIRC 2008-05-22 17:58 --------- d-----w C:\Program Files\Mozilla Firefox2 2008-05-21 21:48 --------- d-----w C:\Documents and Settings\All Users\Application Data\Skype 2008-05-21 21:46 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-05-21 19:01 --------- d-----w C:\Program Files\Logitech 2008-05-21 19:01 --------- d-----w C:\Program Files\Common Files\Logitech 2008-05-21 15:43 --------- d-----w C:\Documents and Settings\Tauno Palo\Application Data\foobar2000 2008-05-21 02:13 --------- d-----w C:\Program Files\Xfire 2008-05-21 01:50 --------- d-----w C:\Documents and Settings\Tauno Palo\Application Data\Xfire 2008-05-17 14:54 --------- d-----w C:\Program Files\SmartFTP Client 2008-05-17 14:28 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard 2008-05-17 14:28 --------- d-----w C:\Program Files\AGEIA Technologies 2008-05-17 14:05 107,888 ----a-w C:\WINDOWS\system32\CmdLineExt.dll 2008-05-16 15:10 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP 2008-04-25 08:58 499,712 ----a-w C:\WINDOWS\system32\msvcp71.dll 2008-04-25 08:58 348,160 ----a-w C:\WINDOWS\system32\msvcr71.dll 2008-04-20 09:20 --------- d-----w C:\Documents and Settings\Tauno Palo\Application Data\uTorrent 2008-04-16 15:56 --------- d-----w C:\Program Files\Common Files\INCA Shared 2008-04-15 13:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ubisoft 2008-04-13 16:50 20,978,614 ----a-w C:\WINDOWS\Internet Logs\vsmon_on_demand_2008_04_13_17_44_03_full.dmp.zip 2008-04-13 14:28 --------- d-----w C:\Program Files\ATI Technologies 2008-04-13 14:28 --------- d-----w C:\Documents and Settings\Tauno Palo\Application Data\ATI 2008-04-04 13:46 --------- d-----w C:\Program Files\VIA 2008-04-03 21:33 --------- d-----w C:\Program Files\Driver Cleaner Pro 2008-03-31 16:50 --------- d-----w C:\Program Files\NVIDIA Corporation 2008-03-29 09:37 --------- d-----w C:\Program Files\NVIDIA nTune Performance Application 2008-03-25 04:51 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll 2008-03-25 04:51 166,688 ----a-w C:\WINDOWS\system32\msjint40.dll 2008-03-20 08:09 1,845,504 ----a-w C:\WINDOWS\system32\win32k.sys 2008-03-01 13:01 826,368 ----a-w C:\WINDOWS\system32\wininet.dll 2007-11-16 17:37 32 -c--a-w C:\Documents and Settings\All Users\Application Data\ezsid.dat . ((((((((((((((((((((((((((((( snapshot@2008-05-21_22.50.54,50 ))))))))))))))))))))))))))))))))))))))))) . + 2008-05-21 23:08:48 45,056 ----a-w C:\WINDOWS\BDOSCAN8\avxdisk.dll + 2008-05-21 23:08:48 10,240 ----a-w C:\WINDOWS\BDOSCAN8\avxs.dll + 2008-05-21 23:08:49 27,136 ----a-w C:\WINDOWS\BDOSCAN8\avxt.dll + 2008-01-09 12:01:48 118,784 ----a-w C:\WINDOWS\BDOSCAN8\bdupd.dll + 2008-01-09 12:01:48 53,248 ----a-w C:\WINDOWS\BDOSCAN8\ipsupd.dll + 2008-05-21 23:09:17 142,848 ----a-w C:\WINDOWS\BDOSCAN8\libfn.dll + 2008-05-21 23:08:49 86,016 ----a-w C:\WINDOWS\BDOSCAN8\librtvr.dll + 2008-01-09 12:01:48 53,248 ----a-w C:\WINDOWS\bdoscandel.exe - 2008-05-21 18:57:53 2,048 --s-a-w C:\WINDOWS\bootstat.dat + 2008-05-22 01:28:01 2,048 --s-a-w C:\WINDOWS\bootstat.dat + 2008-01-09 12:01:48 118,784 ----a-w C:\WINDOWS\Downloaded Program Files\bdupd.dll + 2008-01-09 12:01:48 53,248 ----a-w C:\WINDOWS\Downloaded Program Files\ipsupd.dll + 2007-03-06 01:31:14 214,752 -c----w C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe + 2007-03-06 01:32:23 380,640 -c----w C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\updspapi.dll + 2007-08-13 16:54:10 765,952 -c----w C:\WINDOWS\ie7updates\KB938127-IE7\vgx.dll + 2007-10-10 23:52:54 124,928 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\advpack.dll + 2007-08-13 16:35:46 346,624 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\dxtmsft.dll + 2007-10-10 23:52:54 214,528 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\dxtrans.dll + 2007-10-10 23:52:54 132,608 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\extmgr.dll + 2007-10-10 23:52:54 63,488 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\icardie.dll + 2007-10-10 11:00:07 70,656 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ie4uinit.exe + 2007-10-10 23:52:54 153,088 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieakeng.dll + 2007-10-10 23:52:54 230,400 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieaksie.dll + 2007-10-10 05:46:55 161,792 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieakui.dll + 2007-10-10 23:52:54 383,488 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieapfltr.dll + 2007-10-10 23:52:54 384,512 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\iedkcs32.dll + 2007-10-10 23:52:56 6,065,664 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieframe.dll + 2007-10-10 23:52:56 44,544 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\iernonce.dll + 2007-10-10 23:52:56 267,776 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\iertutil.dll + 2007-10-10 10:59:40 13,824 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieudinit.exe + 2007-10-10 11:00:20 625,152 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\iexplore.exe + 2007-10-10 23:52:57 27,648 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\jsproxy.dll + 2007-10-10 23:52:57 459,264 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\msfeeds.dll + 2007-10-10 23:52:57 52,224 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\msfeedsbs.dll + 2007-10-31 02:56:02 3,590,656 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\mshtml.dll + 2007-10-10 23:52:58 478,208 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\mshtmled.dll + 2007-10-10 23:52:58 193,024 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\msrating.dll + 2007-10-10 23:52:58 671,232 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\mstime.dll + 2007-10-10 23:52:58 102,400 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\occache.dll + 2007-08-13 16:36:12 44,544 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\pngfilt.dll + 2007-03-06 01:31:14 214,752 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe + 2007-03-06 01:32:23 380,640 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\updspapi.dll + 2007-10-10 23:52:58 105,984 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\url.dll + 2007-10-10 23:52:58 1,159,680 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\urlmon.dll + 2007-10-10 23:52:58 232,960 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\webcheck.dll + 2007-10-10 23:52:58 824,832 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\wininet.dll - 2007-10-10 23:52:54 124,928 ----a-w C:\WINDOWS\system32\advpack.dll + 2008-03-01 13:01:50 124,928 ----a-w C:\WINDOWS\system32\advpack.dll - 2007-10-10 23:52:54 124,928 -c----w C:\WINDOWS\system32\dllcache\advpack.dll + 2008-03-01 13:01:50 124,928 -c----w C:\WINDOWS\system32\dllcache\advpack.dll + 2008-03-25 04:50:25 554,008 -c----w C:\WINDOWS\system32\dllcache\dao360.dll - 2006-06-26 17:45:26 148,480 -c----w C:\WINDOWS\system32\dllcache\dnsapi.dll + 2008-02-20 05:38:03 148,992 -c----w C:\WINDOWS\system32\dllcache\dnsapi.dll + 2008-02-20 05:38:03 45,568 -c----w C:\WINDOWS\system32\dllcache\dnsrslvr.dll - 2007-08-13 16:35:46 346,624 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll + 2008-03-01 13:01:50 347,136 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll - 2007-10-10 23:52:54 214,528 -c----w C:\WINDOWS\system32\dllcache\dxtrans.dll + 2008-03-01 13:01:50 214,528 -c----w C:\WINDOWS\system32\dllcache\dxtrans.dll - 2007-10-10 23:52:54 132,608 -c----w C:\WINDOWS\system32\dllcache\extmgr.dll + 2008-03-01 13:01:50 133,120 -c----w C:\WINDOWS\system32\dllcache\extmgr.dll - 2007-06-19 13:32:41 282,112 -c----w C:\WINDOWS\system32\dllcache\gdi32.dll + 2008-02-20 06:51:32 282,624 -c----w C:\WINDOWS\system32\dllcache\gdi32.dll - 2007-10-10 23:52:54 63,488 -c----w C:\WINDOWS\system32\dllcache\icardie.dll + 2008-03-01 13:01:50 63,488 -c----w C:\WINDOWS\system32\dllcache\icardie.dll - 2007-10-10 11:00:07 70,656 -c----w C:\WINDOWS\system32\dllcache\ie4uinit.exe + 2008-02-29 08:55:56 70,656 -c----w C:\WINDOWS\system32\dllcache\ie4uinit.exe - 2007-10-10 23:52:54 153,088 -c----w C:\WINDOWS\system32\dllcache\ieakeng.dll + 2008-03-01 13:01:50 153,088 -c----w C:\WINDOWS\system32\dllcache\ieakeng.dll - 2007-10-10 23:52:54 230,400 -c----w C:\WINDOWS\system32\dllcache\ieaksie.dll + 2008-03-01 13:01:50 230,400 -c----w C:\WINDOWS\system32\dllcache\ieaksie.dll - 2007-10-10 05:46:55 161,792 -c----w C:\WINDOWS\system32\dllcache\ieakui.dll + 2008-02-15 05:44:25 161,792 -c----w C:\WINDOWS\system32\dllcache\ieakui.dll - 2007-10-10 23:52:54 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll + 2008-03-01 13:01:51 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll - 2007-10-10 23:52:54 384,512 -c----w C:\WINDOWS\system32\dllcache\iedkcs32.dll + 2008-03-01 13:01:51 384,512 -c----w C:\WINDOWS\system32\dllcache\iedkcs32.dll - 2007-10-10 23:52:56 6,065,664 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll + 2008-03-01 13:01:51 6,066,176 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll - 2007-10-10 23:52:56 44,544 -c----w C:\WINDOWS\system32\dllcache\iernonce.dll + 2008-03-01 13:01:51 44,544 -c----w C:\WINDOWS\system32\dllcache\iernonce.dll - 2007-10-10 23:52:56 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll + 2008-03-01 13:01:51 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll - 2007-10-10 10:59:40 13,824 -c----w C:\WINDOWS\system32\dllcache\ieudinit.exe + 2008-02-22 10:00:51 13,824 -c----w C:\WINDOWS\system32\dllcache\ieudinit.exe - 2007-10-10 11:00:20 625,152 -c----w C:\WINDOWS\system32\dllcache\iexplore.exe + 2008-02-29 08:56:25 625,664 -c----w C:\WINDOWS\system32\dllcache\iexplore.exe - 2007-10-10 23:52:57 27,648 -c----w C:\WINDOWS\system32\dllcache\jsproxy.dll + 2008-03-01 13:01:51 27,648 -c----w C:\WINDOWS\system32\dllcache\jsproxy.dll + 2007-12-18 09:51:35 179,584 -c----w C:\WINDOWS\system32\dllcache\mrxdav.sys + 2008-03-25 04:50:28 518,944 -c----w C:\WINDOWS\system32\dllcache\msexch40.dll + 2008-03-25 04:50:30 326,432 -c----w C:\WINDOWS\system32\dllcache\msexcl40.dll - 2007-10-10 23:52:57 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll + 2008-03-01 13:01:52 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll - 2007-10-10 23:52:57 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll + 2008-03-01 13:01:52 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll - 2007-10-31 02:56:02 3,590,656 -c----w C:\WINDOWS\system32\dllcache\mshtml.dll + 2008-03-01 15:31:54 3,591,680 -c----w C:\WINDOWS\system32\dllcache\mshtml.dll - 2007-10-10 23:52:58 478,208 -c----w C:\WINDOWS\system32\dllcache\mshtmled.dll + 2008-03-01 13:01:53 478,208 -c----w C:\WINDOWS\system32\dllcache\mshtmled.dll + 2008-03-25 04:50:34 1,516,568 -c----w C:\WINDOWS\system32\dllcache\msjet40.dll + 2008-03-25 04:50:40 355,112 -c----w C:\WINDOWS\system32\dllcache\msjetol1.dll + 2008-03-25 04:51:05 166,688 -c----w C:\WINDOWS\system32\dllcache\msjint40.dll + 2008-03-25 04:50:42 60,192 -c----w C:\WINDOWS\system32\dllcache\msjter40.dll + 2008-03-25 04:50:42 248,608 -c----w C:\WINDOWS\system32\dllcache\msjtes40.dll + 2008-03-25 04:50:44 219,936 -c----w C:\WINDOWS\system32\dllcache\msltus40.dll + 2008-03-25 04:50:45 355,104 -c----w C:\WINDOWS\system32\dllcache\mspbde40.dll - 2007-10-10 23:52:58 193,024 -c----w C:\WINDOWS\system32\dllcache\msrating.dll + 2008-03-01 13:01:53 193,024 -c----w C:\WINDOWS\system32\dllcache\msrating.dll + 2008-03-25 04:50:47 432,928 -c----w C:\WINDOWS\system32\dllcache\msrd2x40.dll + 2008-03-25 04:50:49 322,336 -c----w C:\WINDOWS\system32\dllcache\msrd3x40.dll + 2008-03-25 04:50:52 559,904 -c----w C:\WINDOWS\system32\dllcache\msrepl40.dll + 2008-03-25 04:50:55 264,992 -c----w C:\WINDOWS\system32\dllcache\mstext40.dll - 2007-10-10 23:52:58 671,232 -c----w C:\WINDOWS\system32\dllcache\mstime.dll + 2008-03-01 13:01:53 671,232 -c----w C:\WINDOWS\system32\dllcache\mstime.dll + 2008-03-25 04:50:57 838,432 -c----w C:\WINDOWS\system32\dllcache\mswdat10.dll + 2008-03-25 04:51:06 621,344 -c----w C:\WINDOWS\system32\dllcache\mswstr10.dll + 2008-03-25 04:50:58 355,104 -c----w C:\WINDOWS\system32\dllcache\msxbde40.dll - 2007-10-10 23:52:58 102,400 -c----w C:\WINDOWS\system32\dllcache\occache.dll + 2008-03-01 13:01:53 102,912 -c----w C:\WINDOWS\system32\dllcache\occache.dll - 2007-05-17 11:30:00 549,376 -c----w C:\WINDOWS\system32\dllcache\oleaut32.dll + 2007-12-04 18:41:50 550,912 -c----w C:\WINDOWS\system32\dllcache\oleaut32.dll - 2007-08-13 16:36:12 44,544 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll + 2008-03-01 13:01:53 44,544 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll - 2007-10-10 23:52:58 105,984 -c----w C:\WINDOWS\system32\dllcache\url.dll + 2008-03-01 13:01:53 105,984 -c----w C:\WINDOWS\system32\dllcache\url.dll - 2007-10-10 23:52:58 1,159,680 -c----w C:\WINDOWS\system32\dllcache\urlmon.dll + 2008-03-01 13:01:53 1,159,680 -c----w C:\WINDOWS\system32\dllcache\urlmon.dll - 2007-10-10 23:52:58 232,960 -c----w C:\WINDOWS\system32\dllcache\webcheck.dll + 2008-03-01 13:01:53 233,472 -c----w C:\WINDOWS\system32\dllcache\webcheck.dll - 2007-08-13 16:54:10 765,952 -c--a-w C:\WINDOWS\system32\dllcache\VGX.dll + 2007-07-12 23:31:31 765,952 -c--a-w C:\WINDOWS\system32\dllcache\vgx.dll - 2007-03-08 15:34:26 1,843,840 -c----w C:\WINDOWS\system32\dllcache\win32k.sys + 2008-03-20 08:09:41 1,845,504 -c----w C:\WINDOWS\system32\dllcache\win32k.sys - 2007-10-10 23:52:58 824,832 -c----w C:\WINDOWS\system32\dllcache\wininet.dll + 2008-03-01 13:01:53 826,368 -c----w C:\WINDOWS\system32\dllcache\wininet.dll - 2006-06-26 17:45:26 148,480 ----a-w C:\WINDOWS\system32\dnsapi.dll + 2008-02-20 05:38:03 148,992 ----a-w C:\WINDOWS\system32\dnsapi.dll - 2004-09-14 23:11:45 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll + 2008-02-20 05:38:03 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll - 2004-08-04 06:00:56 181,248 ----a-w C:\WINDOWS\system32\drivers\mrxdav.sys + 2007-12-18 09:51:35 179,584 ----a-w C:\WINDOWS\system32\drivers\mrxdav.sys - 2007-08-13 16:35:46 346,624 ----a-w C:\WINDOWS\system32\dxtmsft.dll + 2008-03-01 13:01:50 347,136 ----a-w C:\WINDOWS\system32\dxtmsft.dll - 2007-10-10 23:52:54 214,528 ------w C:\WINDOWS\system32\dxtrans.dll + 2008-03-01 13:01:50 214,528 ------w C:\WINDOWS\system32\dxtrans.dll - 2007-10-10 23:52:54 132,608 ------w C:\WINDOWS\system32\extmgr.dll + 2008-03-01 13:01:50 133,120 ------w C:\WINDOWS\system32\extmgr.dll - 2007-12-18 16:26:34 109,400 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT + 2008-05-21 20:27:51 109,400 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT - 2007-06-19 13:32:41 282,112 ----a-w C:\WINDOWS\system32\gdi32.dll + 2008-02-20 06:51:32 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll - 2007-10-10 23:52:54 63,488 ----a-w C:\WINDOWS\system32\icardie.dll + 2008-03-01 13:01:50 63,488 ----a-w C:\WINDOWS\system32\icardie.dll - 2007-10-10 11:00:07 70,656 ------w C:\WINDOWS\system32\ie4uinit.exe + 2008-02-29 08:55:56 70,656 ------w C:\WINDOWS\system32\ie4uinit.exe - 2007-10-10 23:52:54 153,088 ------w C:\WINDOWS\system32\ieakeng.dll + 2008-03-01 13:01:50 153,088 ------w C:\WINDOWS\system32\ieakeng.dll - 2007-10-10 23:52:54 230,400 ------w C:\WINDOWS\system32\ieaksie.dll + 2008-03-01 13:01:50 230,400 ------w C:\WINDOWS\system32\ieaksie.dll - 2007-10-10 05:46:55 161,792 ------w C:\WINDOWS\system32\ieakui.dll + 2008-02-15 05:44:25 161,792 ------w C:\WINDOWS\system32\ieakui.dll - 2007-10-10 23:52:54 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll + 2008-03-01 13:01:51 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll - 2007-10-10 23:52:54 384,512 ------w C:\WINDOWS\system32\iedkcs32.dll + 2008-03-01 13:01:51 384,512 ------w C:\WINDOWS\system32\iedkcs32.dll - 2007-10-10 23:52:56 6,065,664 ----a-w C:\WINDOWS\system32\ieframe.dll + 2008-03-01 13:01:51 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll - 2007-10-10 23:52:56 44,544 ------w C:\WINDOWS\system32\iernonce.dll + 2008-03-01 13:01:51 44,544 ------w C:\WINDOWS\system32\iernonce.dll - 2007-10-10 23:52:56 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll + 2008-03-01 13:01:51 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll - 2007-10-10 10:59:40 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe + 2008-02-22 10:00:51 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe - 2008-02-21 23:23:35 135,168 ----a-w C:\WINDOWS\system32\java.exe + 2008-03-24 22:28:39 135,168 ----a-w C:\WINDOWS\system32\java.exe - 2008-02-21 23:23:39 135,168 ----a-w C:\WINDOWS\system32\javaw.exe + 2008-03-24 22:28:43 135,168 ----a-w C:\WINDOWS\system32\javaw.exe - 2008-02-22 00:33:32 139,264 ----a-w C:\WINDOWS\system32\javaws.exe + 2008-03-24 23:37:01 139,264 ----a-w C:\WINDOWS\system32\javaws.exe - 2007-10-10 23:52:57 27,648 ------w C:\WINDOWS\system32\jsproxy.dll + 2008-03-01 13:01:51 27,648 ------w C:\WINDOWS\system32\jsproxy.dll - 2008-01-02 08:21:38 17,642,616 ----a-w C:\WINDOWS\system32\MRT.exe + 2008-05-09 11:35:06 16,863,864 ----a-w C:\WINDOWS\system32\MRT.exe - 2004-09-14 23:11:51 512,029 ----a-w C:\WINDOWS\system32\msexch40.dll + 2008-03-25 04:50:28 518,944 ----a-w C:\WINDOWS\system32\msexch40.dll - 2004-09-14 23:11:51 319,517 ----a-w C:\WINDOWS\system32\msexcl40.dll + 2008-03-25 04:50:30 326,432 ----a-w C:\WINDOWS\system32\msexcl40.dll - 2007-10-10 23:52:57 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll + 2008-03-01 13:01:52 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll - 2007-10-10 23:52:57 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll + 2008-03-01 13:01:52 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll - 2007-10-31 02:56:02 3,590,656 ----a-w C:\WINDOWS\system32\mshtml.dll + 2008-03-01 15:31:54 3,591,680 ----a-w C:\WINDOWS\system32\mshtml.dll - 2007-10-10 23:52:58 478,208 ------w C:\WINDOWS\system32\mshtmled.dll + 2008-03-01 13:01:53 478,208 ------w C:\WINDOWS\system32\mshtmled.dll - 2004-09-14 23:11:52 1,507,356 ----a-w C:\WINDOWS\system32\msjet40.dll + 2008-03-25 04:50:34 1,516,568 ----a-w C:\WINDOWS\system32\msjet40.dll - 2004-07-17 18:34:46 358,976 ----a-w C:\WINDOWS\system32\msjetoledb40.dll + 2008-03-25 04:50:40 355,112 ----a-w C:\WINDOWS\system32\msjetoledb40.dll - 2004-09-14 23:11:52 53,279 ----a-w C:\WINDOWS\system32\msjter40.dll + 2008-03-25 04:50:42 60,192 ----a-w C:\WINDOWS\system32\msjter40.dll - 2004-09-14 23:11:52 241,693 ----a-w C:\WINDOWS\system32\msjtes40.dll + 2008-03-25 04:50:42 248,608 ----a-w C:\WINDOWS\system32\msjtes40.dll - 2004-09-14 23:11:52 213,023 ----a-w C:\WINDOWS\system32\msltus40.dll + 2008-03-25 04:50:44 219,936 ----a-w C:\WINDOWS\system32\msltus40.dll - 2004-09-14 23:11:52 348,189 ----a-w C:\WINDOWS\system32\mspbde40.dll + 2008-03-25 04:50:45 355,104 ----a-w C:\WINDOWS\system32\mspbde40.dll - 2007-10-10 23:52:58 193,024 ------w C:\WINDOWS\system32\msrating.dll + 2008-03-01 13:01:53 193,024 ------w C:\WINDOWS\system32\msrating.dll - 2004-09-14 23:11:52 421,919 ----a-w C:\WINDOWS\system32\msrd2x40.dll + 2008-03-25 04:50:47 432,928 ----a-w C:\WINDOWS\system32\msrd2x40.dll - 2004-09-14 23:11:52 315,423 ----a-w C:\WINDOWS\system32\msrd3x40.dll + 2008-03-25 04:50:49 322,336 ----a-w C:\WINDOWS\system32\msrd3x40.dll - 2004-09-14 23:11:53 552,989 ----a-w C:\WINDOWS\system32\msrepl40.dll + 2008-03-25 04:50:52 559,904 ----a-w C:\WINDOWS\system32\msrepl40.dll - 2004-09-14 23:11:53 258,077 ----a-w C:\WINDOWS\system32\mstext40.dll + 2008-03-25 04:50:55 264,992 ----a-w C:\WINDOWS\system32\mstext40.dll - 2007-10-10 23:52:58 671,232 ------w C:\WINDOWS\system32\mstime.dll + 2008-03-01 13:01:53 671,232 ------w C:\WINDOWS\system32\mstime.dll - 2004-09-14 23:11:53 831,519 ----a-w C:\WINDOWS\system32\mswdat10.dll + 2008-03-25 04:50:57 838,432 ----a-w C:\WINDOWS\system32\mswdat10.dll - 2004-09-14 23:11:53 348,189 ----a-w C:\WINDOWS\system32\msxbde40.dll + 2008-03-25 04:50:58 355,104 ----a-w C:\WINDOWS\system32\msxbde40.dll - 2007-10-10 23:52:58 102,400 ------w C:\WINDOWS\system32\occache.dll + 2008-03-01 13:01:53 102,912 ------w C:\WINDOWS\system32\occache.dll - 2007-05-17 11:30:00 549,376 ----a-w C:\WINDOWS\system32\oleaut32.dll + 2007-12-04 18:41:50 550,912 ----a-w C:\WINDOWS\system32\oleaut32.dll - 2007-08-13 16:36:12 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll + 2008-03-01 13:01:53 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll - 2007-10-10 23:52:58 105,984 ----a-w C:\WINDOWS\system32\url.dll + 2008-03-01 13:01:53 105,984 ----a-w C:\WINDOWS\system32\url.dll - 2007-10-10 23:52:58 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll + 2008-03-01 13:01:53 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll - 2007-10-10 23:52:58 232,960 ----a-w C:\WINDOWS\system32\webcheck.dll + 2008-03-01 13:01:53 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll . -- Snapshot reset to current date -- . (((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet ))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-09-15 02:12 15360] "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 12:34 5724184] "DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2008-02-14 02:09 486856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMan"="SOUNDMAN.EXE" [2003-06-10 21:12 55296 C:\WINDOWS\SOUNDMAN.EXE] "PowerStrip"="c:\program files\powerstrip\pstrip.exe" [2007-07-14 12:35 730360] "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-04-20 11:57 262401] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 04:06 40048] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-09-17 01:07 8491008] "COMODO Firewall Pro"="C:\Program Files\COMODO\Firewall\cfp.exe" [2008-05-21 21:13 1572608] "MSConfig"="C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe" [2004-09-15 02:12 159232] "Launch LGDCore"="C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe" [2006-07-23 04:22 1126400] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" [2008-03-25 04:28 144784] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-09-15 02:12 15360] C:\Documents and Settings\All Users\K„ynnist„-valikko\Ohjelmat\K„ynnistys\ Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2007-12-17 18:34:22 113664] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"= C:\WINDOWS\system32\guard32.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "vidc.ffds"= C:\PROGRA~1\COMBIN~1\Filters\FFDShow\ff_vfw.dll "VIDC.XFR1"= xfcodec.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "Diskeeper"=2 (0x2) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\WINDOWS\\PCHealth\\HelpCtr\\Binaries\\helpctr.exe"= "C:\\Documents and Settings\\All Users\\Application Data\\NexonUS\\NGM\\NGM.exe"= "C:\\Program Files\\SmartFTP Client\\SmartFTP.exe"= "D:\\FEAR\\FEAR.exe"= "D:\\FEAR\\FEARMP.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "D:\\Steam\\steamapps\\eki86\\counter-strike\\hl.exe"= R0 videX32;videX32;C:\WINDOWS\system32\DRIVERS\videX32.sys [2006-10-17 20:22] R1 cmdGuard;COMODO Firewall Pro Sandbox Driver;C:\WINDOWS\system32\DRIVERS\cmdguard.sys [2008-05-21 21:13] R1 cmdHlp;COMODO Firewall Pro Helper Driver;C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [2008-05-21 21:13] R2 PStrip;PStrip;C:\WINDOWS\system32\drivers\pstrip.sys [2007-07-15 04:37] S3 vzzydy;vzzydy;C:\Documents and Settings\Tauno Palo\Työpöytä\pikkuveli\vzzydy.sys [] . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-05-22 21:10:20 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- PROCESS: C:\WINDOWS\system32\winlogon.exe -> C:\WINDOWS\system32\guard32.dll PROCESS: C:\WINDOWS\system32\lsass.exe -> C:\WINDOWS\system32\guard32.dll . Completion time: 2008-05-22 21:12:29 ComboFix-quarantined-files.txt 2008-05-22 18:12:20 ComboFix2.txt 2008-05-21 19:51:29 Pre-Run: 2,265,174,016 tavua vapaana Post-Run: 2,284,777,472 tavua vapaana 385 --- E O F --- 2008-05-21 20:02:53
Lataa Malwarebytes' Anti-Malware työpöydällesi. 1. Tuplaklikkaa mbam-setup.exe ja seuraa ohjeita asentaaksesi ohjelman. 2. Lopuksi varmistu, että seuraavat on valittu: Update Malwarebytes', Anti-Malwareja Launch Malwarebytes' Anti-Malware ja sen jälkeen klikkaaFinish. 3. Jos päivitys löytyy. ohjelma lataa ja asentaa uusimman version. 4. Kun ohjelma on latautunut, valitse Perform full scan ja klikkaa Scan. 5. Kun skanni on valmis, klikkaa OK ja sitten Show Results nähdäksesi tulokset. 6. Varmistu, että kaikki on merkitty ja klikkaa Remove Selected. 7. Tämän jälkeen loki avautuu muistioon. Tallenna se paikkaan, josta löydät sen helposti. Loki löytyy myös täältä: C:\Documents and Settings\Käyttäjänimi\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-päiväys.txt 8. Lähetä lokin sisältö seuraavassa viestissäsi.
Malwarebytes' Anti-Malware 1.12 Tietokantaversio: 775 Tarkistustyyppi: Täysi tarkistus (C:\|) Tarkistetut kohteet: 33583 Kulunut aika: 29 minute(s), 15 second(s) Saastuneita muistiprosesseja: 0 Saastuneita muistimoduuleja: 0 Saastuneita rekisteriavaimia: 0 Saastuneita rekisteriarvoja: 0 Saastuneita rekisterikohteita: 0 Saastuneita hakemistoja: 0 Saastuneita tiedostoja: 0 Saastuneita muistiprosesseja: (Haitallisia kohteita ei löydetty) Saastuneita muistimoduuleja: (Haitallisia kohteita ei löydetty) Saastuneita rekisteriavaimia: (Haitallisia kohteita ei löydetty) Saastuneita rekisteriarvoja: (Haitallisia kohteita ei löydetty) Saastuneita rekisterikohteita: (Haitallisia kohteita ei löydetty) Saastuneita hakemistoja: (Haitallisia kohteita ei löydetty) Saastuneita tiedostoja: (Haitallisia kohteita ei löydetty)
Lataa SDFix by AndyManchesta ja tallenna se työpöydällesi. Käynnistä koneesi vikasietotilaan: sammuta ja käynnistä käynnistyksen yhteydessä hakkaa F8 nappia valitse nuolinäppäimellä vikasietotila paina enter ja enter valitse käyttäjätilisi paina kyllä Jossakin koneissa hakataan F8:sin sijasta F5:tä " Kun vikasietotilassa, pura tiedoston SDFix.zip sisältö (SDFix kansio) työpöydällesi. Työpöydälle pitäisi ilmestyä kansio nimeltä SDFix. " Avaa SDFix-kansio ja tuplaklikkaa tiedostoa RunThis.bat käynnistääksesi ohjelman. " Paina Y käynnistääksesi skriptin. " Työkalu puhdistaa troijalaisen palvelut ja tekee myös joitakin korjauksia rekisteriin. Lopuksi se pyytää käynnistämään koneen uudelleen, "Press any key to Reboot". " Paina mitä tahansa näppäintä ja kone käynnistyy uudelleen. " Käynnistyminen kestää normaalia kauemmin sillä SDFix puhdistaa konetta. " Kun kone on käynnistynyt ja työpöytä latautunut, SDFix kertoo että puhdistus on suoritettu, "Finished". " Paina sitten mitä tahansa näppäintä sulkeaksesi skriptin ja ladataksesi pikakuvakkeet työpöydälle. " Lopuksi avaa SDFix kansio (työpöydällä) ja kopioi & liitä tiedoston Report.txt sisältö viestiketjuusi uuden HijackThis:n lokin kera.
SDFix: Version 1.185 Run by Tauno Palo on pe 23.05.2008 at 13:17 Microsoft Windows XP [versio 5.1.2600] Running From: C:\DOCUME~1\TAUNOP~1\TYPYT~1\SDFix\SDFix Checking Services : Restoring Windows Registry Values Restoring Windows Default Hosts File Rebooting Checking Files : No Trojan Files Found Removing Temp Files ADS Check : Final Check : catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-05-23 13:23:35 Windows 5.1.2600 Service Pack 2 NTFS detected NTDLL code modification: ZwClose scanning hidden processes ... scanning hidden services & system hive ... [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "p0"="C:\Program Files\DAEMON Tools\" "h0"=dword:00000000 "khjeh"=hex:c9,a3,8d,b4,e9,2f,58,31,a6,59,c6,a8,8d,18,4b,54,28,20,ab,32,62,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001] "a0"=hex:20,01,00,00,e7,9a,c1,3e,fc,48,75,f5,fb,71,64,1e,39,35,d9,91,f9,.. "khjeh"=hex:15,97,03,b4,ff,84,a8,64,37,9d,de,bd,5c,c9,89,52,73,60,d3,c6,31,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40] "khjeh"=hex:e8,f6,33,49,ff,de,70,da,34,9d,80,98,53,1d,ff,98,6d,d3,b7,be,da,.. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg] "s1"=dword:2df9c43f "s2"=dword:110480d0 "h0"=dword:00000001 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000000 "khjeh"=hex:61,1c,f9,13,c7,8e,65,ed,94,8f,fa,7d,2d,b9,35,90,47,7b,8a,60,a8,.. "p0"="C:\Program Files\DAEMON Tools Lite\" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001] "a0"=hex:20,01,00,00,d4,95,d6,0e,95,7f,83,64,34,9f,72,fe,a8,2e,1b,f4,ba,.. "khjeh"=hex:2a,7d,cc,07,3e,b3,6b,9c,a0,a4,d5,51,6d,0e,27,67,4d,60,6b,ee,08,.. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40] "khjeh"=hex:d1,fe,b8,76,3d,8f,cb,6e,e7,24,87,7f,e9,00,8d,a0,f7,d5,a2,58,83,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000000 "khjeh"=hex:61,1c,f9,13,c7,8e,65,ed,94,8f,fa,7d,2d,b9,35,90,47,7b,8a,60,a8,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000000 "khjeh"=hex:61,1c,f9,13,c7,8e,65,ed,94,8f,fa,7d,2d,b9,35,90,47,7b,8a,60,a8,.. "p0"="C:\Program Files\DAEMON Tools Lite\" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001] "a0"=hex:20,01,00,00,d4,95,d6,0e,95,7f,83,64,34,9f,72,fe,a8,2e,1b,f4,ba,.. "khjeh"=hex:2a,7d,cc,07,3e,b3,6b,9c,a0,a4,d5,51,6d,0e,27,67,4d,60,6b,ee,08,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40] "khjeh"=hex:d1,fe,b8,76,3d,8f,cb,6e,e7,24,87,7f,e9,00,8d,a0,f7,d5,a2,58,83,.. scanning hidden registry entries ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 Remaining Services : Authorized Application Key Export: [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabledxpsp2res.dll,-22019" "C:\\WINDOWS\\PCHealth\\HelpCtr\\Binaries\\helpctr.exe"="C:\\WINDOWS\\PCHealth\\HelpCtr\\Binaries\\helpctr.exe:*:Enabled:Et„tuki - Windows Messenger ja „„niyhteys" "C:\\Documents and Settings\\All Users\\Application Data\\NexonUS\\NGM\\NGM.exe"="C:\\Documents and Settings\\All Users\\Application Data\\NexonUS\\NGM\\NGM.exe:*:Enabled:Nexon Game Manager" "C:\\Program Files\\SmartFTP Client\\SmartFTP.exe"="C:\\Program Files\\SmartFTP Client\\SmartFTP.exe:*:Enabled:SmartFTP Client 2.5" "D:\\FEAR\\FEAR.exe"="D:\\FEAR\\FEAR.exe:*:Enabled:FEAR" "D:\\FEAR\\FEARMP.exe"="D:\\FEAR\\FEARMP.exe:*:Enabled:FEARMP" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "D:\\Steam\\steamapps\\eki86\\counter-strike\\hl.exe"="D:\\Steam\\steamapps\\eki86\\counter-strike\\hl.exe:*:Enabled:Half-Life Launcher" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabledxpsp2res.dll,-22019" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" Remaining Files : File Backups: - C:\DOCUME~1\TAUNOP~1\TYPYT~1\SDFix\SDFix\backups\backups.zip Files with Hidden Attributes : Mon 28 Jan 2008 1,404,240 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SDUpdate.exe" Mon 28 Jan 2008 5,146,448 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" Mon 28 Jan 2008 2,097,488 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" Mon 4 Feb 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\4844df1d57a292079101da42a26d7d72\BIT2.tmp" Mon 4 Feb 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\bc066f3f60df1b38218903dd0d40ce98\BIT3.tmp" Mon 19 May 2008 444 ...HR --- "C:\Documents and Settings\Tauno Palo\Application Data\SecuROM\UserData\securom_v7_01.bak" Finished! Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:31:24, on 23.5.2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16640) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\COMODO\Firewall\cmdagent.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\SOUNDMAN.EXE C:\program files\powerstrip\pstrip.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe C:\Program Files\COMODO\Firewall\cfp.exe C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\DAEMON Tools Lite\daemon.exe C:\Program Files\Mozilla Firefox2\firefox.exe D:\HT\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [PowerStrip] c:\program files\powerstrip\pstrip.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Paikallinen palve') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Verkkopalve') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra button: Lisää tämä blogiin - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Lisää tämä blogiin tuotteessa Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\Firewall\cmdagent.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 6383 bytes
Lataa Deckard's System Scanner Työpöydällesi. Huomioi: Sinulla tulee olla Järjestelmänvalvojan oikeudet ajaaksesi ohjelman. [*]Sulje kaikki avoimet ikkunat ja ohjelmat. [*]Tupla Klikkaa Dss.exe tiedostoa ajaaksesi ohjelman, seuraa ohjeita. [*]Kun Scannaus on valmis 2 textitiedostoa pitäisi avautua, Main.txt ja extra.txt [*]Näppäile Kopioi ( CTRL+A -> CTRL + C ) ja liitä ( CTRL + V ) [*]kopioi ja liitä main.txt ja extra.txt sisältö seuraavaan vastaukseesi.
Deckard's System Scanner v20071014.68 Run by Tauno Palo on 2008-05-23 14:09:19 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- System Restore -------------------------------------------------------------- Successfully created a Deckard's System Scanner Restore Point. -- Last 5 Restore Point(s) -- 14: 2008-05-23 11:09:36 UTC - RP124 - Deckard's System Scanner Restore Point 13: 2008-05-22 18:05:59 UTC - RP123 - ComboFix created restore point 12: 2008-05-21 21:56:39 UTC - RP122 - Installed Java(TM) 6 Update 6 11: 2008-05-21 21:48:31 UTC - RP121 - Skype™ 3.6 poistettu 10: 2008-05-21 21:45:51 UTC - RP120 - Removed RYL2 - Incomplete Union v1.6.7.3 -- First Restore Point -- 1: 2008-05-21 14:19:35 UTC - RP111 - Järjestelmän tarkistuspiste Backed up registry hives. Performed disk cleanup. -- HijackThis (run as Tauno Palo.exe) ------------------------------------------ Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:10:20, on 23.5.2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16640) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\COMODO\Firewall\cmdagent.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\SOUNDMAN.EXE C:\program files\powerstrip\pstrip.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\DAEMON Tools Lite\daemon.exe C:\Documents and Settings\Tauno Palo\Työpöytä\dss.exe D:\HT\Tauno Palo.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [PowerStrip] c:\program files\powerstrip\pstrip.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Paikallinen palve') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Verkkopalve') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra button: Lisää tämä blogiin - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Lisää tämä blogiin tuotteessa Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\Firewall\cmdagent.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 6293 bytes -- HijackThis Fixed Entries (D:\HT\backups\) ----------------------------------- backup-20080521-013951-423 O9 - Extra button: Lisää tämä blogiin - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll backup-20080521-013951-598 O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 backup-20080521-013951-609 O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot backup-20080521-013951-866 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC backup-20080521-013951-927 O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName backup-20080521-013952-412 O16 - DPF: {45A0A292-ECC6-4D8F-9EA9-A4BD411D24C1} (king.com) - http://king.topkani.fi/ctl/kingcomie.cab backup-20080521-013952-978 O9 - Extra 'Tools' menuitem: &Lisää tämä blogiin tuotteessa Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll backup-20080521-013953-123 O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/wuweb_site.cab?1194289680765 backup-20080521-013954-698 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1194289666468 backup-20080521-223220-227 O4 - HKLM\..\Run: [nwiz] nwiz.exe /install backup-20080521-223220-551 O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit -- File Associations ----------------------------------------------------------- All associations okay. -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- R0 sfdrv01 (StarForce Protection Environment Driver (version 1.x)) - c:\windows\system32\drivers\sfdrv01.sys <Not Verified; Protection Technology; StarForce Protection System> R0 sfhlp02 (StarForce Protection Helper Driver (version 2.x)) - c:\windows\system32\drivers\sfhlp02.sys <Not Verified; Protection Technology; StarForce Protection System> R3 catchme - c:\docume~1\taunop~1\locals~1\temp\catchme.sys (file missing) S3 ENTECH - c:\windows\system32\drivers\entech.sys <Not Verified; EnTech Taiwan; PowerStrip> S3 vzzydy - c:\documents and settings\tauno palo\työpöytä\pikkuveli\vzzydy.sys (file missing) -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- R2 AntiVirScheduler (AntiVir PersonalEdition Classic Scheduler) - "c:\program files\avira\antivir personaledition classic\sched.exe" <Not Verified; Avira GmbH; AntiVir Workstation> -- Device Manager: Disabled ---------------------------------------------------- No disabled devices found. -- Files created between 2008-04-23 and 2008-05-23 ----------------------------- 2008-05-23 13:13:48 0 d-------- C:\WINDOWS\ERUNT 2008-05-22 02:06:46 0 d-------- C:\WINDOWS\BDOSCAN8 2008-05-22 00:56:51 0 d-------- C:\Program Files\Java 2008-05-22 00:56:43 0 d-------- C:\Program Files\Common Files\Java 2008-05-21 22:43:28 68096 --a------ C:\WINDOWS\zip.exe 2008-05-21 22:43:28 49152 --a------ C:\WINDOWS\VFind.exe 2008-05-21 22:43:28 212480 --a------ C:\WINDOWS\swxcacls.exe <Not Verified; SteelWerX; SteelWerX Extended Configurator ACLists> 2008-05-21 22:43:28 136704 --a------ C:\WINDOWS\swsc.exe <Not Verified; SteelWerX; SteelWerX Service Controller> 2008-05-21 22:43:28 161792 --a------ C:\WINDOWS\swreg.exe <Not Verified; SteelWerX; SteelWerX Registry Editor> 2008-05-21 22:43:28 98816 --a------ C:\WINDOWS\sed.exe 2008-05-21 22:43:28 80412 --a------ C:\WINDOWS\grep.exe 2008-05-21 22:43:28 89504 --a------ C:\WINDOWS\fdsv.exe <Not Verified; Smallfrogs Studio; > 2008-05-21 22:25:00 0 d-------- C:\Documents and Settings\Tauno Palo\Application Data\Malwarebytes 2008-05-21 22:24:46 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2008-05-21 22:24:44 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware 2008-05-21 22:01:20 0 d-------- C:\Documents and Settings\All Users\Application Data\Logitech 2008-05-21 20:50:27 0 d-------- C:\Documents and Settings\Tauno Palo\Application Data\Comodo 2008-05-21 20:50:26 0 d-------- C:\Documents and Settings\All Users\Application Data\comodo 2008-05-21 20:50:17 0 d-------- C:\Program Files\COMODO 2008-05-21 19:14:17 0 dr-h----- C:\Documents and Settings\Tauno Palo\Recent 2008-05-21 01:26:13 0 d-------- C:\Program Files\CCleaner 2008-05-19 03:51:16 0 d-------- C:\Program Files\Common Files\NSV 2008-05-19 03:48:59 0 d-------- C:\Program Files\Winamp 2008-05-19 03:48:59 0 d-------- C:\Documents and Settings\Tauno Palo\Application Data\Winamp 2008-05-17 17:29:33 0 d-------- C:\Program Files\DIFX 2008-05-17 17:05:48 0 dr-h----- C:\Documents and Settings\Tauno Palo\Application Data\SecuROM 2008-05-16 20:23:07 0 d--h----- C:\WINDOWS\PIF 2008-05-05 23:11:28 0 d-------- C:\WINDOWS\system32\Adobe 2008-05-05 01:37:17 0 d-------- C:\WINDOWS\Applian FLV Player 2008-04-25 11:58:10 0 d-------- C:\Program Files\Common Files\Real 2008-04-25 11:58:08 0 d-------- C:\Documents and Settings\Tauno Palo\Application Data\Real -- Find3M Report --------------------------------------------------------------- 2008-05-23 14:08:31 0 d-------- C:\Program Files\Mozilla Firefox2 2008-05-22 21:31:55 0 d-------- C:\Program Files\SystemRequirementsLab 2008-05-22 21:31:55 0 d-------- C:\Documents and Settings\Tauno Palo\Application Data\SystemRequirementsLab 2008-05-22 21:06:12 0 d-------- C:\Program Files\mIRC 2008-05-22 00:56:43 0 d-------- C:\Program Files\Common Files 2008-05-22 00:46:43 0 d--h----- C:\Program Files\InstallShield Installation Information 2008-05-21 22:01:18 0 d-------- C:\Program Files\Common Files\Logitech 2008-05-21 22:01:10 0 d-------- C:\Program Files\Logitech 2008-05-21 18:43:11 0 d-------- C:\Documents and Settings\Tauno Palo\Application Data\foobar2000 2008-05-21 05:13:52 0 d-------- C:\Program Files\Xfire 2008-05-21 04:50:37 0 d-------- C:\Documents and Settings\Tauno Palo\Application Data\Xfire 2008-05-17 17:54:42 0 d-------- C:\Program Files\SmartFTP Client 2008-05-17 17:28:46 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard 2008-05-17 17:28:02 0 d-------- C:\Program Files\AGEIA Technologies 2008-05-16 21:38:00 417048 --a------ C:\WINDOWS\system32\perfh00B.dat 2008-05-16 21:38:00 85752 --a------ C:\WINDOWS\system32\perfc00B.dat 2008-05-05 23:12:54 0 d-------- C:\Documents and Settings\Tauno Palo\Application Data\Adobe 2008-04-20 12:20:28 0 d-------- C:\Documents and Settings\Tauno Palo\Application Data\uTorrent 2008-04-16 18:56:40 0 d-------- C:\Program Files\Common Files\INCA Shared 2008-04-13 17:28:01 0 d-------- C:\Program Files\ATI Technologies 2008-04-13 17:28:00 0 d-------- C:\Documents and Settings\Tauno Palo\Application Data\ATI 2008-04-04 16:46:42 0 d-------- C:\Program Files\VIA 2008-04-04 00:33:03 0 d-------- C:\Program Files\Driver Cleaner Pro 2008-03-31 19:50:11 0 d-------- C:\Program Files\NVIDIA Corporation 2008-03-31 17:14:00 0 d-------- C:\Documents and Settings\Tauno Palo\Application Data\Mozilla 2008-03-29 12:37:38 0 d-------- C:\Program Files\NVIDIA nTune Performance Application -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMan"="SOUNDMAN.EXE" [10.06.2003 21:12 C:\WINDOWS\SOUNDMAN.EXE] "PowerStrip"="c:\program files\powerstrip\pstrip.exe" [14.07.2007 12:35] "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [20.04.2008 11:57] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [11.05.2007 04:06] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [17.09.2007 01:07] "COMODO Firewall Pro"="C:\Program Files\COMODO\Firewall\cfp.exe" [21.05.2008 21:13] "Launch LGDCore"="C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe" [23.07.2006 04:22] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" [25.03.2008 04:28] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [15.09.2004 02:12] "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [18.10.2007 12:34] "DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [14.02.2008 02:09] C:\Documents and Settings\All Users\K„ynnist„-valikko\Ohjelmat\K„ynnistys\ Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [17.12.2007 18:34:22] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "HideLegacyLogonScripts"=0 (0x0) "HideLogoffScripts"=0 (0x0) "RunLogonScriptSync"=1 (0x1) "RunStartupScriptSync"=0 (0x0) "HideStartupScripts"=0 (0x0) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "HideLegacyLogonScripts"=0 (0x0) "HideLogoffScripts"=0 (0x0) "RunLogonScriptSync"=1 (0x1) "RunStartupScriptSync"=0 (0x0) "HideStartupScripts"=0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "appinit_dlls"= C:\WINDOWS\system32\guard32.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] @="Volume shadow copy" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "Diskeeper"=2 (0x2) -- End of Deckard's System Scanner: finished at 2008-05-23 14:15:42 ------------ Deckard's System Scanner v20071014.68 Extra logfile - please post this as an attachment with your post. -------------------------------------------------------------------------------- -- System Information ---------------------------------------------------------- Microsoft Windows XP Home Edition (build 2600) SP 2.0 Architecture: X86; Language: Other (040B) - see http://preview.tinyurl.com/mhhp6 CPU 0: AMD Athlon(tm) XP 2600+ Percentage of Memory in Use: 26% Physical Memory (total/avail): 1535.48 MiB / 1126.86 MiB Pagefile Memory (total/avail): 2540.55 MiB / 2244.57 MiB Virtual Memory (total/avail): 2047.88 MiB / 1933.66 MiB C: is Fixed (NTFS) - 9.77 GiB total, 1.98 GiB free. D: is Fixed (NTFS) - 38.32 GiB total, 5.82 GiB free. E: is Fixed (NTFS) - 28.24 GiB total, 2.15 GiB free. F: is CDROM (No Media) G: is CDROM (No Media) H: is CDROM (No Media) \\.\PHYSICALDRIVE0 - Maxtor 6Y080L0 - 76.33 GiB - 3 partitions \PARTITION0 (bootable) - Asennettava tiedostojärjestelmä - 9.77 GiB - C: \PARTITION1 - Asennettava tiedostojärjestelmä - 28.24 GiB - E: \PARTITION2 - Laajennettu ja laajennettu Int 13 - 38.32 GiB - D: -- Security Center ------------------------------------------------------------- AUOptions is set to notify before download. Windows Internal Firewall is disabled. FW: COMODO Firewall Pro v3.0 (COMODO) AV: Avira AntiVir PersonalEdition v8.0.1.15 (Avira GmbH) [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabledxpsp2res.dll,-22019" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabledxpsp2res.dll,-22019" "C:\\WINDOWS\\PCHealth\\HelpCtr\\Binaries\\helpctr.exe"="C:\\WINDOWS\\PCHealth\\HelpCtr\\Binaries\\helpctr.exe:*:Enabled:Etätuki - Windows Messenger ja ääniyhteys" "C:\\Documents and Settings\\All Users\\Application Data\\NexonUS\\NGM\\NGM.exe"="C:\\Documents and Settings\\All Users\\Application Data\\NexonUS\\NGM\\NGM.exe:*:Enabled:Nexon Game Manager" "C:\\Program Files\\SmartFTP Client\\SmartFTP.exe"="C:\\Program Files\\SmartFTP Client\\SmartFTP.exe:*:Enabled:SmartFTP Client 2.5" "D:\\FEAR\\FEAR.exe"="D:\\FEAR\\FEAR.exe:*:Enabled:FEAR" "D:\\FEAR\\FEARMP.exe"="D:\\FEAR\\FEARMP.exe:*:Enabled:FEARMP" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "D:\\Steam\\steamapps\\egig\\counter-strike\\hl.exe"="D:\\Steam\\steamapps\\egig\\counter-strike\\hl.exe:*:Enabled:Half-Life Launcher" -- Environment Variables ------------------------------------------------------- ALLUSERSPROFILE=C:\Documents and Settings\All Users APPDATA=C:\Documents and Settings\Tauno Palo\Application Data CLIENTNAME=Console CommonProgramFiles=C:\Program Files\Common Files COMPUTERNAME=EGIG-GKCVR6F3NI ComSpec=C:\WINDOWS\system32\cmd.exe FP_NO_HOST_CHECK=NO HOMEDRIVE=C: HOMEPATH=\Documents and Settings\Tauno Palo LOGONSERVER=\\EGIG-GKCVR6F3NI NewEnvironment1=C:\Program Files\ATI Technologies\ATI.ACE\ NUMBER_OF_PROCESSORS=1 OS=Windows_NT Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;E:\DISKEE~1 PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH PROCESSOR_ARCHITECTURE=x86 PROCESSOR_IDENTIFIER=x86 Family 6 Model 8 Stepping 1, AuthenticAMD PROCESSOR_LEVEL=6 PROCESSOR_REVISION=0801 ProgramFiles=C:\Program Files PROMPT=$P$G SESSIONNAME=Console SystemDrive=C: SystemRoot=C:\WINDOWS TEMP=C:\DOCUME~1\TAUNOP~1\LOCALS~1\Temp TMP=C:\DOCUME~1\TAUNOP~1\LOCALS~1\Temp USERDOMAIN=EGIG-GKCVR6F3NI USERNAME=Tauno Palo USERPROFILE=C:\Documents and Settings\Tauno Palo windir=C:\WINDOWS -- User Profiles --------------------------------------------------------------- Tauno Palo (admin) Järjestelmänvalvoja (new local, admin) -- Add/Remove Programs --------------------------------------------------------- --> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER --> MsiExec /X{45235788-142C-44BE-8A4D-DDE9A84492E5} --> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf 3DMark03 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FF35F637-72B9-43BE-A281-06EB2854393A}\Setup.exe" -l0x9 Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Adobe Photoshop 7.0 --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Adobe\Photoshop 7.0\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop 7.0\Uninst.dll" Adobe Reader 8.1.0 - Suomi --> MsiExec.exe /I{AC76BA86-7AD7-1035-7B44-A81000000003} Adobe Shockwave Player --> C:\WINDOWS\system32\Adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log AGEIA PhysX v7.09.13 --> MsiExec.exe /X{45235788-142C-44BE-8A4D-DDE9A84492E5} AMIP for foobar2000 (remove only) --> "C:\Program Files\foobar2000\components\amip_uninstall.exe" Avira AntiVir Personal – Free Antivirus --> C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE BitLord 1.1 --> C:\Program Files\BitLord\uninst.exe CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe" Combined Community Codec Pack 2007-07-22 --> "C:\Program Files\Combined Community Codec Pack\unins000.exe" COMODO Firewall Pro --> C:\Program Files\COMODO\Firewall\cfpconfg.exe -u Conquer 2.0 --> C:\Program Files\InstallShield Installation Information\{B6060381-5C28-4F86-A31A-B5ADA7A1BD8D}\setup.exe -runfromtemp -l0x0009 -removeonly Counter-Strike --> "D:\Steam\steam.exe" steam://uninstall/10 Dark Messiah --> C:\Program Files\InstallShield Installation Information\{A8E2EF8F-73EF-4DD8-BB38-31FCCAF50103}\setup.exe -runfromtemp -l0x0009 -removeonly DH Driver Cleaner Professional Edition --> C:\Program Files\Driver Cleaner Pro\Uninstall.exe DivX Codec --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC DivX Content Uploader --> C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER DivX Converter --> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER DivX Player --> C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN EVEREST Home Edition v2.20 --> "C:\Program Files\Lavalys\EVEREST Home Edition\unins000.exe" Fable - The Lost Chapters --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD} FEAR --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2B653229-9854-4989-B780-D978F5F13EAB}\setup.exe" -l0x9 /zU -removeonly foobar2000 v0.9.4.5 --> "C:\Program Files\foobar2000\uninstall.exe" Fraps (remove only) --> "D:\Fraps\uninstall.exe" HijackThis 2.0.2 --> "D:\HT\HijackThis.exe" /uninstall Hotfix-päivitys Windows XP:lle (KB914440) --> "C:\WINDOWS\$NtUninstallKB914440$\spuninst\spuninst.exe" Java(TM) 6 Update 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060} Logitech G11 Keyboard Software 1.03 --> MsiExec.exe /X{77A1C7DD-E4F6-4057-92FC-710219215987} Logitech Gaming Software --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B9242864-2841-4ADE-86E0-8F90F91B04DD}\setup.exe" -l0xb Malwarebytes' Anti-Malware --> "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} mIRC --> "C:\Program Files\mIRC\mirc.exe" -uninstall Mozilla Firefox (2.0.0.14) --> C:\Program Files\Mozilla Firefox2\uninstall\helper.exe MSXML 6.0 Parser (KB933579) --> MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E} NVIDIA Drivers --> C:\WINDOWS\system32\nvudisp.exe UninstallGUI Päivitys Windows XP:lle (KB898461) --> "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe" Päivitys Windows XP:lle (KB900485) --> "C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe" Päivitys Windows XP:lle (KB904942) --> "C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe" Päivitys Windows XP:lle (KB908531) --> "C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe" Päivitys Windows XP:lle (KB910437) --> "C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe" Päivitys Windows XP:lle (KB911280) --> "C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe" Päivitys Windows XP:lle (KB916595) --> "C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe" Päivitys Windows XP:lle (KB920872) --> "C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe" Päivitys Windows XP:lle (KB922582) --> "C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe" Päivitys Windows XP:lle (KB925720) --> "C:\WINDOWS\$NtUninstallKB925720$\spuninst\spuninst.exe" Päivitys Windows XP:lle (KB927891) --> "C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe" Päivitys Windows XP:lle (KB930916) --> "C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe" Päivitys Windows XP:lle (KB933360) --> "C:\WINDOWS\$NtUninstallKB933360$\spuninst\spuninst.exe" Päivitys Windows XP:lle (KB938828) --> "C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe" Päivitys Windows XP:lle (KB942763) --> "C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe" Päivitys Windows XP:lle (KB942840) --> "C:\WINDOWS\$NtUninstallKB942840$\spuninst\spuninst.exe" PowerStrip 3 (remove only) --> C:\Program Files\PowerStrip\uninstal.exe Quake 4(TM) --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{152B782A-05F3-48EC-9AAC-4D3EB68D9E20} /l2057 SmartFTP Client --> MsiExec.exe /I{C169D3BB-9A27-43F5-9979-09A0D65FE95C} SoftK56 Data Fax --> C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2F00&SUBSYS_8D88122D\HXFSETUP.EXE -U -IVEN_14F1&DEV_2F00&SUBSYS_8D88122D Spybot - Search & Destroy --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe" Spybot - Search & Destroy 1.5.2.20 --> "C:\WINDOWS\unins000.exe" Star Wars Jedi Knight Jedi Academy --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1EECBA68-8BE4-4076-94DF-E9ED206B1D21}\Setup.exe" -l0x9 Suojauspäivitys ohjelmistolle Windows XP (KB923689) --> "C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe" Suojauspäivitys ohjelmistolle Windows XP (KB941569) --> "C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB890046) --> "C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB893756) --> "C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB896358) --> "C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB896423) --> "C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB896424) --> "C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB896428) --> "C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB899587) --> "C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB899591) --> "C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB900725) --> "C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB901017) --> "C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB901190) --> "C:\WINDOWS\$NtUninstallKB901190$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB901214) --> "C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB902400) --> "C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB904706) --> "C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB905414) --> "C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB905749) --> "C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB908519) --> "C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB911562) --> "C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB911927) --> "C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB912919) --> "C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB913580) --> "C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB914388) --> "C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB914389) --> "C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB917344) --> "C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB917422) --> "C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB917953) --> "C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB918118) --> "C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB919007) --> "C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB920213) --> "C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB920670) --> "C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB920683) --> "C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB920685) --> "C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB921398) --> "C:\WINDOWS\$NtUninstallKB921398$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB921503) --> "C:\WINDOWS\$NtUninstallKB921503$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB921883) --> "C:\WINDOWS\$NtUninstallKB921883$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB922616) --> "C:\WINDOWS\$NtUninstallKB922616$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB922819) --> "C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB923191) --> "C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB923414) --> "C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB923789) --> C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf Suojauspäivitys Windows XP:lle (KB923980) --> "C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB924191) --> "C:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB924270) --> "C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB924496) --> "C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB924667) --> "C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB925902) --> "C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB926255) --> "C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB926436) --> "C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB927779) --> "C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB927802) --> "C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB928255) --> "C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB928843) --> "C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB929123) --> "C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB930178) --> "C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB931261) --> "C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB931784) --> "C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB932168) --> "C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB933729) --> "C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB935839) --> "C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB935840) --> "C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB936021) --> "C:\WINDOWS\$NtUninstallKB936021$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB938127) --> "C:\WINDOWS\$NtUninstallKB938127$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB938829) --> "C:\WINDOWS\$NtUninstallKB938829$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB939653) --> "C:\WINDOWS\$NtUninstallKB939653$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB941202) --> "C:\WINDOWS\$NtUninstallKB941202$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB941568) --> "C:\WINDOWS\$NtUninstallKB941568$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB941644) --> "C:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB941693) --> "C:\WINDOWS\$NtUninstallKB941693$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB942615) --> "C:\WINDOWS\$NtUninstallKB942615$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB943055) --> "C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB943460) --> "C:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB943485) --> "C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB944653) --> "C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB945553) --> "C:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB946026) --> "C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB948590) --> "C:\WINDOWS\$NtUninstallKB948590$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB948881) --> "C:\WINDOWS\$NtUninstallKB948881$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB950749) --> "C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe" System Requirements Lab --> C:\Program Files\SystemRequirementsLab\Uninstall.exe TeamViewer 3 --> C:\Program Files\TeamViewer3\uninstall.exe TimeShift --> C:\Program Files\InstallShield Installation Information\{1367FA2F-2B3D-430F-872F-588B93420BFC}\setup.exe -runfromtemp -l0x0009 -removeonly Tortun 0.74 --> "D:\Tortun\unins000.exe" Ventrilo Client --> MsiExec.exe /I{789289CA-F73A-4A16-A331-54D498CE069F} VentriloMIX --> C:\Program Files\VentriloMIX\Uninstal.exe VIA Ohjelmistoalustan laitehallinta --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169} VideoLAN VLC media player 0.8.6d --> C:\Program Files\VideoLAN\VLC\uninstall.exe Winamp --> "C:\Program Files\Winamp\UninstWA.exe" Windows Communication Foundation --> MsiExec.exe /X{491DD792-AD81-429C-9EB4-86DD3D22E333} Windows Imaging Component --> "C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe" Windows Live installer --> MsiExec.exe /X{5C29C5F5-A9C9-4E89-A606-13E165E7C55F} Windows Live Messenger --> MsiExec.exe /X{A9174A72-1B46-445B-B3CF-90ED2C63D83B} Windows Live Writer --> MsiExec.exe /X{126DA380-B8CF-4536-936A-6AF6386C99BA} Windows Liven kirjautumisavustaja --> MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986} Windows Liven sähköposti --> MsiExec.exe /I{9F7ABBFD-53FB-4D36-891E-8A9E753CF65F} Windows Presentation Foundation --> MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840} Windows Workflow Foundation --> MsiExec.exe /I{7D1B85BD-AA07-48B8-808D-67A4067FC6BD} Windowsin ohjainpaketti - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0) --> C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /d /u C:\WINDOWS\system32\DRVSTORE\amdk8_E783E764342BBAD7FC3DCA2F865A310E6364DB83\amdk8.inf WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe Xfire (remove only) --> "C:\Program Files\Xfire\uninst.exe" XML Paper Specification Shared Components Pack 1.0 --> -- Application Event Log ------------------------------------------------------- Event Record #/Type4543 / Error Event Submitted/Written: 05/23/2008 02:15:07 PM Event ID/Source: 8 / crypt32 Event Description: Kolmannen osapuolen pääluettelojärjestyksen noutamista kohteesta <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> ei voi päivittää automaattisesti. Virhe: The operation timed out Event Record #/Type4542 / Error Event Submitted/Written: 05/23/2008 02:12:47 PM Event ID/Source: 8 / crypt32 Event Description: Kolmannen osapuolen pääluettelojärjestyksen noutamista kohteesta <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> ei voi päivittää automaattisesti. Virhe: Verkkoyhteyttä ei ole. Event Record #/Type4541 / Error Event Submitted/Written: 05/23/2008 02:12:31 PM Event ID/Source: 8 / crypt32 Event Description: Kolmannen osapuolen pääluettelojärjestyksen noutamista kohteesta <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> ei voi päivittää automaattisesti. Virhe: The operation timed out Event Record #/Type4540 / Error Event Submitted/Written: 05/23/2008 02:12:00 PM Event ID/Source: 8 / crypt32 Event Description: Kolmannen osapuolen pääluettelojärjestyksen noutamista kohteesta <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> ei voi päivittää automaattisesti. Virhe: Verkkoyhteyttä ei ole. Event Record #/Type4539 / Error Event Submitted/Written: 05/23/2008 02:12:00 PM Event ID/Source: 8 / crypt32 Event Description: Kolmannen osapuolen pääluettelojärjestyksen noutamista kohteesta <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> ei voi päivittää automaattisesti. Virhe: Toiminto palautui aikakatkaisun johdosta. -- Security Event Log ---------------------------------------------------------- No Errors/Warnings found. -- System Event Log ------------------------------------------------------------ Event Record #/Type45446 / Error Event Submitted/Written: 05/23/2008 01:31:02 PM Event ID/Source: 8032 / BROWSER Event Description: Selauspalvelu epäonnistui liian monta kertaa varmuuskopioluettelon noutamisessa kuljetustasolla \Device\NetBT_Tcpip_{2D44F7FB-B234-4C9B-B39B-99565E2295C4}. Varmistusselaaja pysäytetään. Event Record #/Type45440 / Warning Event Submitted/Written: 05/23/2008 01:27:35 PM Event ID/Source: 8021 / BROWSER Event Description: Selaaja ei voinut noutaa palvelinluetteloa pääselaajalta \\KOTI verkossa \Device\NetBT_Tcpip_{2D44F7FB-B234-4C9B-B39B-99565E2295C4}. Virhekoodi on data. Event Record #/Type45432 / Error Event Submitted/Written: 05/23/2008 01:22:54 PM Event ID/Source: 7 / Disk Event Description: Virheellinen lohko laitteessa \Device\Harddisk0\D. Event Record #/Type45431 / Warning Event Submitted/Written: 05/23/2008 01:22:54 PM Event ID/Source: 26 / atapi Event Description: Ohjain havaitsi laitteen \Device\Ide\IdePort0, johon asennettu ohjelmisto on vanhentunut. Tämä saattaa aiheuttaa suorituskyvyn heikkenemistä. Event Record #/Type45430 / Error Event Submitted/Written: 05/23/2008 01:22:48 PM Event ID/Source: 7 / Disk Event Description: Virheellinen lohko laitteessa \Device\Harddisk0\D. -- End of Deckard's System Scanner: finished at 2008-05-23 14:15:42 ------------
Ei tosta eheytyksestä kauheesti oo ollu apua, vetäny ton winukan oman eheytys hommelin läpi useeseen otteeseen ja siihen vielä päälle JkDefragnki pari kertaa. Ja samanlailla noi asemat on ollu täynnä sillonki ku tätä tökkimistä ei ollu. Mutta lisää infoa onglemasta sen verran, huomasin että netissä pelatessa ms nousee normaalista 20ms aina johonkin 200ms ja sitten laskaa takasin 20ms aina kun tökkäsee. Koitin että tökkiikä jos otan nettipiuhan irti, mutta eipä tuntunu vaikuttavan. Ihme hommeli kyl.
Lataa OTMoveIt OTMoveIt ja tallenna se työpöydällesi. Tuplaklikkaa OTMoveIt.exe. Klikkaa CleanUp!. Valitse Yes kun kysytään "Begin cleanup Process?". Jos pyydetään, että saako koneen käynnistää uudeelleen, valitse Yes.OTMoveIt poistaa itsensä kun se on valmis, jos näin ei käy poista se itse. HUOM: Jos palomuurisi tai joku muu tietoturvaohjelma varoittaa, että OTMoveIt yrittää päästä nettin, niin anna sen päästä sinne.
