Microsoft Pop Up Tell Me I Have a Virus

**hopthwoks** · #1 3 heinäkuu 2009, 00:31

Minulla oli microsoft pop up kerroit minulla oli virus Ran malwarebyts mitään. Ran super anti-virus osoitti 16 ongelma. Sitten muistaa, että minulla oli Drweb skannerista tietokoneeseen ja juoksi sen. Mutta olen huomannut, että sama ns troijalaisen pitää tulossa.

aolcinst.exe \ core.cab \ GTDOWNAO_106.ocx, C: \ Program Files \ Common Files \ aolback \ comps \ valmentaja \ aolcinst.exe; Adware.Gdow n;
aolcinst.exe, C: \ Program Files \ Common Files \ aolback \ comps \ valmentaja; Arkisto sisältää tartunnan esineet; Moved.;
TSSetup.exe \ data002, C: \ Program Files \ Common Files \ aolback \ comps \ tpspd \ TSSetup.exe; Todennäköisesti DLOADER.Trojan;
TSSetup.exe, C: \ Program Files \ Common Files \ aolback \ comps \ tpspd; Arkisto sisältää tartunnan esineet; Moved.;
ppctl.dll, C: \ Program Files \ Common Files \ Scanner; Todennäköisesti DLOADER.Trojan; Moved.;
AIM.exe \ data090, C: \ AOL Instant Messenger \ AIM.exe; Adware.Aws;
AIM.exe, C: \ AOL Instant Messenger; Arkisto sisältää tartunnan esineet; Moved.;
setup.exe, C: \ Documents and Settings \ All Users \ Application Data \ AOL \ UserProfiles \ All Users \ kalja \ CACHE \ 4381.3.4; Todennäköisesti BACKDOOR.Trojan; Moved.;
A0089111.ocx, C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP212; Adware.Gdown; Moved.;
A0089113.exe; C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP212; Todennäköisesti BACKDOOR.Trojan; Moved.;
A0101519.exe \ data090; C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP217 \ A0101519.exe; Adware.Aws;
A0101519.exe; C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP217; Arkisto sisältää tartunnan esineet; Moved.;
A0122098.bat, C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP257; Todennäköisesti BATCH.Virus; Moved.;
A0122542.bat, C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP265; Todennäköisesti BATCH.Virus; Moved.;
A0122632.bat, C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP265; Todennäköisesti BATCH.Virus; Moved.;
A0138379.exe \ core.cab \ GTDOWNAO_106.ocx, C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP292 \ A0138379.exe; Adware.Gdown;
A0138379.exe; C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP292; Arkisto sisältää tartunnan esineet; Moved.;
A0139338.exe \ data090; C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP293 \ A0139338.exe; Adware.Aws;
A0139338.exe; C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP293; Arkisto sisältää tartunnan esineet; Moved.;
A0139364.exe \ core.cab \ GTDOWNAO_106.ocx, C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP293 \ A0139364.exe; Adware.Gdown;
A0139364.exe; C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP293; Arkisto sisältää tartunnan esineet; Moved.;
A0139386.exe \ data002; C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP293 \ A0139386.exe; Todennäköisesti DLOADER.Trojan;
A0139386.exe; C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP293; Arkisto sisältää tartunnan esineet; Moved.;
A0139531.DLL, C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP296; Todennäköisesti DLOADER.Trojan; Moved.;
A0156077.exe \ data090; C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP315 \ A0156077.exe; Adware.Aws;
A0156077.exe; C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP315; Arkisto sisältää tartunnan esineet; Moved.;
A0156103.exe \ core.cab \ GTDOWNAO_106.ocx, C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP315 \ A0156103.exe; Adware.Gdown;
A0156103.exe; C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP315; Arkisto sisältää tartunnan esineet; Moved.;
A0156125.exe \ data002; C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP315 \ A0156125.exe; Todennäköisesti DLOADER.Trojan;
A0156125.exe; C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP315; Arkisto sisältää tartunnan esineet; Moved.;
A0156545.DLL, C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP317; Todennäköisesti DLOADER.Trojan; Moved.;
A0157937.exe \ core.cab \ GTDOWNAO_106.ocx, C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP327 \ A0157937.exe; Adware.Gdown;
A0157937.exe; C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP327; Arkisto sisältää tartunnan esineet; Moved.;
A0157938.exe \ data002; C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP327 \ A0157938.exe; Todennäköisesti DLOADER.Trojan;
A0157938.exe; C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP327; Arkisto sisältää tartunnan esineet; Moved.;
A0157939.exe \ data090; C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP327 \ A0157939.exe; Adware.Aws;
A0157939.exe; C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP327; Arkisto sisältää tartunnan esineet; Moved.;
Ja se ei korjaa ongelmaa vain siirrä sitä.
Mitä minun pitäisi käyttää saada että troijalaisen ulos tietokoneesta kerran ja kaikille?
Juuri nyt minulla ei ole anti-virus käynnissä tästä syystä kaikki olen tryed ole asia, jos maksettu tai vapaa pitää vetämällä Aol. (My ISP), kuten virukset.

**evilfantasy** · #2 3 heinäkuu 2009, 10:09

Update Malwarebytes ja suorittaa täysi tarkistus viedä lokin kiitos.

**hopthwoks** · #3 3 heinäkuu 2009, 13:29

päivitetty malwarebytes
Malwarebytes' Anti-Malware 1.38
Tietokannan versio: 2297
Windows 5.1.2600 Service Pack 2
7/2/2009 3:06:04 PM
mbam-log-2009-07-02 (15-06-04). txt
Scan type: Full Scan (C: \ |)
Objektit skannattavan: 168556
Kulunut aika: 17 minuutti (t), 16 toinen (t)
Memory Processes Infected: 0
Memory Modules Infected: 0
Rekisteriavaimista Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(Ei haittaohjelmia kohteet havaitaan)
Memory Modules Infected:
(Ei haittaohjelmia kohteet havaitaan)
Rekisteriavaimista Infected:
(Ei haittaohjelmia kohteet havaitaan)
Registry Values Infected:
(Ei haittaohjelmia kohteet havaitaan)
Registry Data Items Infected:
(Ei haittaohjelmia kohteet havaitaan)
Kansiot Infected:
(Ei haittaohjelmia kohteet havaitaan)
Files Infected:
(Ei haittaohjelmia kohteet havaitaan)

Mutta tämän jälkeen scan oli yli ikkunan poped jopa kertoa minulle tapahtui virhe ja ikkunat on suljettava.

**evilfantasy** · #4 3 heinäkuu 2009, 14:52

Lataa DDS alkaen | TÄSTÄ | tai | TÄSTÄ | tai | TÄSTÄ | ja tallenna se työpöydälle.

Vista-käyttäjille Napsauta hiiren kakkospainikkeella DDS ja valitse Suorita järjestelmänvalvojana (saat valvonnan kehote, ole hyvä ja anna sen)

* XP-käyttäjille Kaksoisnapsauta DDS suorittaa sen.
* Jos virustentorjuntaohjelmasi tai palomuurisi yrittää estää DDS sitten sallinette sen valua.
* Kun olet valmis DDS avaa kaksi (2) lokit.

1) DDS.txt
2) Attach.txt

* Tallenna molemmat lokit omalle työpöydälle.
* Kopioi ja liitä koko sisältö sekä kirjautuu seuraavan vastauksen.

Huom: DDS neuvoo voit lähettää Attach.txt log lähettäminen liitetiedostona.
Ole hyvä vain postitse se mitä tahansa kirjautua jonka kopioida ja liittää se osaksi vastausta.

----------

Ladata Rooter.exe omalle työpöydälle

* Tuplaklikkaa Rooter.exe Käynnistä työkalu .* A DOS-ikkuna tulee näkyviin ja näyttää scan kehitykseen.
* Kun valmiiksi notepad tiedosto sisältää kertomus avautuu.
* Kopioi ja liitä tulokset seuraavan vastauksen.
* Sulje notepad ja Rooter suljetaan.

Loogiseen myös tallentaa milloin % systemdrive% \ Rooter.txt (Jos% systemdrive% on yleensä C: tai asemaan, että Windows on asennettu).

**hopthwoks** · #5 3 heinäkuu 2009, 17:13

DDS (Ver_09-06-26.01) - FAT32x86
Suorita Windows User klo 19:43:32.90 pe 07.03.2009
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.1023.788 [GMT -4:00]

============== Running Processes ===============
C: \ WINDOWS \ system32 \ Svchost-k DcomLaunch
Svchost.exe
C: \ WINDOWS \ System32 \ Svchost.exe-k netsvcs
Svchost.exe
Svchost.exe
C: \ WINDOWS \ system32 \ spoolsv.exe
Svchost.exe
C: \ Program Files \ Common Files \ AOL \ ACS \ AOLAcsd.exe
C: \ Program Files \ Java \ jre6 \ bin \ jqs.exe
C: \ WINDOWS \ System32 \ snmp.exe
C: \ WINDOWS \ system32 \ Svchost.exe-k imgsvc
C: \ WINDOWS \ Explorer.exe
C: \ Program Files \ Lexmark 5200 series \ lxbtbmgr.exe
C: \ Program Files \ Java \ jre6 \ bin \ jusched.exe
C: \ Program Files \ Lexmark 5200 series \ lxbtbmon.exe
C: \ Program Files \ Common Files \ AOL \ 1246084174 \ ee \ AOLSoftware.exe
C: \ Program Files \ Common Files \ AOL \ ACS \ AOLDial.exe
C: \ WINDOWS \ system32 \ Ctfmon.exe
C: \ Program Files \ Jet Screenshot \ jetScreenshot.exe
C: \ WINDOWS \ system32 \ wuauclt.exe
C: \ Program Files \ America Online 9.0 \ waol.exe
C: \ Program Files \ America Online 9.0 \ shellmon.exe
C: \ WINDOWS \ system32 \ rundll32.exe
C: \ DOCUME ~ 1 \ WINDOW ~ 1 \ MYDOCU ~ 1 \ dds.scr
============== Pseudo HJT Raportti ===============
uSearchMigratedDefaultURL = hxxp: / / www.google.com/search?q = (searchTerms) & sourceid = ie7 & rls = com.micros OFT: en-US & ie = utf8 & oe = utf8
uStart Page = hxxp: / / www.aol.com/
uWindow Otsikko = Internet Explorer tarjoaa epix ®
mWindow Otsikko = Internet Explorer tarjoaa epix ®
BHO: AskBar BHO: (201f27d4-3704-41d6-89c1-aa35e39143ed) - c: \ program files \ askbardis \ bar \ bin \ askBar.dll
BHO: Java (tm) Plug-In 2 SSV Helper: (dbc80044-a445-435b-bc74-9c25c1c588a9) - c: \ program files \ java \ jre6 \ bin \ jp2ssv.dll
BHO: JQSIEStartDetectorImpl Luokka: (e7e6f031-17ce-4c07-bc86-eabfe594f69c) - c: \ program files \ java \ jre6 \ lib \ asennus \ jqs \ IE \ jqs_plugin.dll
TB: AIM Haku: (40d41a8b-d79b-43d7-99a7-9ee0f344c385) --
TB: AOL Toolbar: (4982d40a-c53b-4615-b15b-b5b5e98d167c) - c: \ program files \ AOL Toolbar \ toolbar.dll
TB: Kysy Toolbar: (3041d03e-fd4b-44e0-b742-2d9b88305f98) - c: \ program files \ askbardis \ bar \ bin \ askBar.dll
EB: Real.com: (fe54fa40-d68c-11D2-98fa-00c0f0318afe) - c: \ windows \ system32 \ Shdocvw.dll
uRun: [Ctfmon.exe] c: \ windows \ system32 \ Ctfmon.exe
uRun: [AOL Fast Start] "c: \ program files \ America Online 9.0 \ AOL.EXE"-b
uRun: [Jet Screenshot] "C: \ Program Files \ jet kuvakaappaus \ jetScreenshot.exe"
mRun: [Lexmark 5200-sarja] "C: \ Program Files \ Lexmark 5200 series \ lxbtbmgr.exe"
mRun: [LXBTCATS] rundll32 C: \ Windows \ system32 \ spool \ drivers \ w32x86 \ 3 \ LXBTtim e.dll, _RunDLLEntry @ 16
mRun: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre6 \ bin \ jusched.exe"
mRun: [HostManager] c: \ Program Files \ Common Files \ AOL \ 1246084174 \ ee \ AOLSoftware.exe
mRun: [AOLDialer] c: \ Program Files \ Common Files \ AOL \ acs \ AOLDial.exe
mRun: [Pure Networks Port Magic] "c: \ progra ~ 1 \ purene ~ 1 \ portma ~ 1 \ PortAOL.exe"-Run
mRun: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime
IE: & Lisää animaatiota IncrediMail Style Box - c: \ program files \ IncrediMail \ bin \ resurssit \ WebMenuImg.htm
IE: & AIM Haku
IE: & AOL Toolbar haku - c: \ program files \ AOL Toolbar \ toolbar.dll / SEARCH.HTML
IE: (e2e2dd38-d088-4134-82b7-f2ba38496583) -% windir% \ Network Diagnostic \ xpnetdiag.exe
IE: (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
IE: (4982D40A-C53B-4615-B15B-B5B5E98D167C) - (4982D40A-C53B-4615-B15B-B5B5E98D167C) - c: \ program files \ AOL Toolbar \ toolbar.dll
IE: (CD67F990-D8E9-11D2-98FE-00C0F0318AFE) - (FE54FA40-D68C-11D2-98FA-00C0F0318AFE) - c: \ windows \ system32 \ Shdocvw.dll
LSP: FarLsp.dll
Trusted Zone: 88sears.com \ www
Trusted Zone: aol.com \ www
Trusted Zone: comodo.com \ www
Trusted Zone: tietokoneella juice.com \ www
Trusted Zone: giveawayoftheday.com \ www
Trusted Zone: newegg.com \ www
Trusted Zone: pchelpforum.com \ www
Trusted Zone: searscard.com \ www
Trusted Zone: statefarm.com \ www
Trusted Zone: winpatrol.com \ www
DPF: DirectAnimation Java Classes
DPF: Internet Explorer Classes Java
DPF: Microsoft XML Parser for Java
DPF: Win32 Classes
DPF: (05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8) - hxxp: / / download.microsoft.com/download/e/7/3/e7345c16-80aa-4488-ae10-9ac6be844f99/OGAControl.cab
DPF: (15589FA1-C456-11CE-BF01-00AA0055595A) - hxxp: / / w4s2.work4sure.com/c/ge/w4sgeen9.exe
DPF: (5D86DDB5-BDF9-441b-9E9E-D4730F4EE499) - hxxp: / / download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
DPF: (6414512B-B978-451D-A0D8-FCFDF33E833C) - hxxp: / / update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab? 1181748806125
DPF: (6E32070A-766D-4EE6-879C-DC1FA91D2FC3) - hxxp: / / update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab? 1223016488385
DPF: (8AD9C840-044E-11D1-B3E9-00805F499D93) - hxxp: / / java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: (A90A5822-F108-45AD-8482-9BC8B12DD539) - hxxp: / / www.crucial.com / hallinta / cpcScanner.cab
DPF: (B1E2B96C-12FE-45E2-BEF1-44A219113CDD) - hxxp: / / www.superadblocker.com / ActiveX / sabspx.cab
DPF: (CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA) - hxxp: / / java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: (CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA) - hxxp: / / java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: (D27CDB6E-AE6D-11CF-96B8-444553540000) - hxxp: / / download.macromedia.com / pub / Shockwave / cabs / flash / swflash.cab
DPF: (E8F628B5-259A-4734-97EE-BA914D7BE941) - hxxp: / / plugin.driveragent.com / tiedostot / driveragent.cab
AppInit_DLLs: c: \ windows \ system32 \ cssdll32.dll
LSA: Notification Packages = scecli
============= PALVELUT / KULJETTAJIEN ===============
R1 SASDIFSV; SASDIFSV, c: \ program files \ superantispyware \ sasdifsv.sys [2006-10-10 5632]
R1 SASKUTIL; SASKUTIL, c: \ program files \ superantispyware \ SASKUTIL.SYS [2007-2-27 32256]
R3 Winacusb; Winacusb, c: \ windows \ system32 \ drivers \ wina cusb.sys [2008-3-25 902860]
S2 ioloFileInfoList; iolo FileInfoList Service; c: \ program files \ iolo \ common \ lib \ ioloservicemanager.exe -> c: \ program files \ iolo \ common \ lib \ ioloServiceManager.exe [?]
S2 ioloSystemService; iolo System Service; c: \ program files \ iolo \ common \ lib \ ioloservicemanager.exe -> c: \ program files \ iolo \ common \ lib \ ioloServiceManager.exe [?]
S3 FarStoneFireWallDrive; FarStoneFireWallDrive, c: \ win dows \ system32 \ drivers \ FarDrive.sys [2003-4-2 140256]
S3 ousb2hub; OrangeWare USB 2.0 Hub tuki, c: \ windows \ system32 \ drivers \ ousb2hub.sys [2008-2-27 53248]
S3 PavSRK.sys; PavSRK.sys; \? \ C: \ windows \ system32 \ pavs rk.sys -> c: \ windows \ system32 \ PavSRK.sys [?]
S3 PavTPK.sys; PavTPK.sys; \? \ C: \ windows \ system32 \ pavt pk.sys -> c: \ windows \ system32 \ PavTPK.sys [?]
S3 SASENUM; SASENUM, c: \ program files \ superantispyware \ SASENUM.SYS [2006-2-16 4096]
S3 SIVDRIVER; SIV Kernel Driver c: \ windows \ system32 \ drivers \ SIVX32.sys [2008-4-9 48480]
============== File Associations ===============
JSEFile = Notepad.exe% 1
VBEFile = Notepad.exe% 1
VBSFile = Notepad.exe% 1
=============== Luotu Viimeisin 30 ================
2009-07-03 02:49 <DIR> - d ----- C: \ DOCUME ~ 1 \ ikkuna ~ 1 \ applic ~ 1 \ lisenssit
2009-07-03 02:49 <DIR> - d ----- C: \ DOCUME ~ 1 \ ikkuna ~ 1 \ applic ~ 1 \ PCMM2009
2009-07-03 02:48 <DIR> - d ----- C: \ Program Files \ PC MightyMax 2009
2009-07-01 09:43 <DIR> - d ----- C: \ DOCUME ~ 1 \ ikkuna ~ 1 \ applic ~ 1 \ ArcticLine
2009-07-01 09:43 <DIR> - d ----- c: \ program files \ Jet Screenshot
2009-06-27 02:36 <DIR> - d ----- c: \ windows \ system32 \ CatRoot_bak
2009-06-27 02:30 <DIR> - d ----- C: \ Asenna iTunes
2009-06-27 02:30 <DIR> - d ----- C: \ Install ICQ
2009-06-27 02:30 <DIR> - d ----- C: \ AOL Instant Messenger
2009-06-27 02:30 <DIR> - d ----- C: \ Mav
2009-06-27 02:29 <DIR> - d ----- C: \ Program Files \ Common Files \ aolshare
2009-06-27 02:29 <DIR> - d ----- C: \ Program Files \ America Online 9.0
2009-06-24 22:33 221.184 yksi ------- c: \ windows \ system32 \ wmpns.dll
2009-06-24 22:05 <DIR> - d ----- c: \ windows \ system32 \ scripting
2009-06-24 22:05 <DIR> - d ----- c: \ windows \ l2schemas
2009-06-24 22:05 <DIR> - d ----- c: \ windows \ system32 \ fi
2009-06-24 22:05 <DIR> - d ----- c: \ windows \ system32 \ bits
2009-06-24 21:56 67.584 yksi ------- c: \ windows \ system32 \ drivers \ sdbus.sys
2009-06-24 21:56 36.096 yksi ------- c: \ windows \ system32 \ drivers \ intelppm.sys
2009-06-24 21:56 15.488 yksi ------- c: \ windows \ system32 \ drivers \ mssmbios.sys
2009-06-24 21:56 12.416 yksi ------- c: \ windows \ system32 \ drivers \ tunmp.sys
2009-06-24 21:56 11.136 yksi ------- c: \ windows \ system32 \ drivers \ sffdisk.sys
2009-06-24 21:56 10.240 yksi ------- c: \ windows \ system32 \ drivers \ sffp_sd.sys
2009-06-24 21:56 262.784 yksi ------- c: \ windows \ system32 \ drivers \ Http.sys
2009-06-24 21:54 2.012.670 yksi ------- c: \ windows \ system32 \ dllcache \ nt5.cat
2009-06-24 21:53 114.688 yksi ------- c: \ windows \ system32 \ dllcache \ wscript.exe
2009-06-24 21:50 <DIR> - d ----- c: \ windows \ EHome
2009-06-24 02:10 <DIR> - d ----- c: \ program files \ SNSafe & Software
2009-06-24 02:10 <DIR> - d ----- C: \ DOCUME ~ 1 \ alluse ~ 1 \ applic ~ 1 \ SNSafe & Software
2009-06-20 20:46 246.272 -------- C: \ Windows \ system32 \ dllcache \ ieproxy.dll
2009-06-20 20:46 12.800 -------- C: \ Windows \ system32 \ dllcache \ xpshims.dll
2009-06-17 20:32 <DIR> - dsh --- C: \ FOUND.020
2009-06-17 10:03 <DIR> - dh --- c: \ windows \ ie8
2009-06-16 19:54 <DIR> - d ----- C: \ DOCUME ~ 1 \ ikkuna ~ 1 \ applic ~ 1 \ AVS4YOU
2009-06-16 19:54 <DIR> - d ----- C: \ DOCUME ~ 1 \ alluse ~ 1 \ applic ~ 1 \ AVS4YOU
2009-06-16 19:53 <DIR> - d ----- C: \ Program Files \ Common Files \ AVSMedia
2009-06-16 19:53 1.700.352 yksi ------- c: \ windows \ system32 \ Gdiplus.dll
2009-06-16 19:53 974.848 yksi ------- c: \ windows \ system32 \ mfc70.dll
2009-06-16 19:53 487.424 yksi ------- c: \ windows \ system32 \ msvcp70.dll
2009-06-16 19:53 344.064 yksi ------- c: \ windows \ system32 \ msvcr70.dll
2009-06-16 19:53 <DIR> - d ----- c: \ program files \ AVS4YOU
2009-06-12 21:45 3.120 yksi ------- C: \ Windows \ MF_C426.lfa
2009-06-11 16:27 <DIR> - d ----- c: \ program files \ Tuore RAM
2009-06-11 16:21 <DIR> - dsh --- C: \ FOUND.019
2009-06-11 11:55 5.465.088 yksi ------- C: \ Tuore RAM.msi
2009-06-09 02:29 <DIR> - d ----- C: \ DOCUME ~ 1 \ ikkuna ~ 1 \ applic ~ 1 \ Blitware
2009-06-09 02:29 <DIR> - d ----- c: \ program files \ Driver Robot
2009-06-08 22:24 <DIR> - d ----- C: \ DOCUME ~ 1 \ alluse ~ 1 \ applic ~ 1 \ PC Drivers päämajan
2009-06-07 23:00 <DIR> - d ----- C: \ DOCUME ~ 1 \ ikkuna ~ 1 \ applic ~ 1 \ GetRightToGo
2009-06-07 19:38 7.680 yksi ------- c: \ windows \ system32 \ spdwnwxp.exe
2009-06-07 19:38 19.569 yksi ------- C: \ Windows \ 002865_.tmp
2009-06-06 23:57 <DIR> - dsh --- C: \ Recycled
2009-06-06 10:46 <DIR> - d ----- c: \ program files \ filehippo.com
2009-06-04 23:59 <DIR> - d ----- c: \ program files \ DrWeb
2009-06-03 23:57 <DIR> a-dshr - C: \ cmdcons
2009-06-03 23:28 161.792 yksi ------- C: \ Windows \ SWREG.exe
2009-06-03 23:28 98.816 yksi ------- C: \ Windows \ sed.exe
==================== Find3M ====================
2009-06-27 02:16 76.487 yksi ------- C: \ Windows \ PCHealth \ HelpCtr \ offlinecache \ Index.dat
2009-06-17 11:27 38.160 yksi ------- c: \ windows \ system32 \ drivers \ mbamswissarmy.sys
2009-06-17 11:27 19.096 yksi ------- c: \ windows \ system32 \ drivers \ mbam.sys
2009-06-11 18:43 1.744 yksi ------- c: \ windows \ system32 \ d3d9caps.dat
2009-05-27 11:21 372 yksi ------- C: \ Program Files \ ujhonz.txt
2009-05-21 11:33 410.984 yksi ------- c: \ windows \ system32 \ deploytk.dll
2009-05-13 01:15 5.936.128 yksi ------- c: \ windows \ system32 \ dllcache \ mshtml.dll
2009-05-13 01:15 915.456 yksi ------- c: \ windows \ system32 \ Wininet.dll
2009-05-13 01:15 915.456 yksi ------- c: \ windows \ system32 \ dllcache \ Wininet.dll
2009-05-12 01:11 102.912 -------- C: \ Windows \ system32 \ dllcache \ iecompat.dll
2009-05-07 11:44 344.064 yksi ------- c: \ windows \ system32 \ Localspl.dll
2009-05-07 11:44 344.064 yksi ------- c: \ windows \ system32 \ dllcache \ Localspl.dll
2009-04-30 17:22 1.985.024 yksi ------- c: \ windows \ system32 \ dllcache \ iertutil.dll
2009-04-30 17:22 11.064.832 yksi ------- c: \ windows \ system32 \ dllcache \ ieframe.dll
2009-04-30 17:22 1.207.808 yksi ------- c: \ windows \ system32 \ dllcache \ urlmon.dll
2009-04-30 17:22 385.536 yksi ------- c: \ windows \ system32 \ dllcache \ iedkcs32.dll
2009-04-30 17:22 25.600 yksi ------- c: \ windows \ system32 \ dllcache \ jsproxy.dll
2009-04-30 07:21 173.056 yksi ------- c: \ windows \ system32 \ dllcache \ ie4uinit.exe
2009-04-22 00:07 253.688 yksi ------- c: \ windows \ system32 \ cssdll32.dll
2009-04-17 05:58 1.846.656 yksi ------- c: \ windows \ system32 \ Win32k.sys
2009-04-17 05:58 1.846.656 yksi ------- c: \ windows \ system32 \ dllcache \ Win32k.sys
2009-04-15 11:26 583.168 yksi ------- c: \ windows \ system32 \ rpcrt4.dll
2009-04-15 11:26 583.168 yksi ------- c: \ windows \ system32 \ dllcache \ rpcrt4.dll
2008-03-18 03:11 332 yksi ------- C: \ DOCUME ~ 1 \ ikkuna ~ 1 \ applic ~ 1 \ wklnhst.dat
2007-06-10 23:19 11.079 yksi ------- C: \ Program Files \ Folder.htt
2007-06-10 23:19 266 --- sh --- c: \ program files \ Desktop.ini
============= FINISH: 19:43:58.97 ===============
Ellei nimenomaisesti opastettu, ÄLÄ POST Tämä loki.
Pyydettäessä ZIP IT UP & liitä se
DDS (Ver_09-06-26.01)
Microsoft Windows XP Home Edition
Käynnistyslaitteen: \ Device \ HarddiskVolume1
Asenna Date: 6/13/2007 12:27:51 AM
System Päällä: 7/3/2009 6:50:56 PM (1 tuntia sitten)
Emolevy: ECS | | K7S5A
Prosessori: AMD Athlon (tm) XP 1900 + | Socket-A | 1593/66mhz
==== Disk Partitions =========================
A on Removable
C: on kiinteä (FAT32) - 112 GIB yhteensä 90.479 GIB ilmaiseksi.
D: is CDROM ()
==== Disabled Device Manager Items =============
==== System Restore Points ===================
RP205: 3/27/2009 3:00:16 AM - Software Distribution Service 3.0
RP206: 3/27/2009 3:38:07 AM - Software Distribution Service 3.0
RP207: 3/28/2009 3:52:35 AM - System Checkpoint
RP208: 3/29/2009 10:01:09 PM - Software Distribution Service 3.0
RP209: 6/6/2009 10:52:13 PM - Installed Mavis Beacon opettaa Tyypitys 15
RP210: 6/6/2009 10:52:30 PM - Poistetut Mavis Beacon opettaa Tyypitys 15
RP211: 6/6/2009 10:52:49 PM - Installed Panda Internet Security 2007
RP212: 6/6/2009 10:53:06 PM - Poistetut Panda Internet Security 2007
RP213: 5/16/2009 12:48:17 PM - Software Distribution Service 3.0
RP214: 5/17/2009 4:49:29 PM - Software Distribution Service 3.0
RP215: 5/17/2009 5:35:08 PM - Software Distribution Service 3.0
RP216: 5/18/2009 8:44:14 AM - Software Distribution Service 3.0
RP217: 5/18/2009 8:51:46 AM - Software Distribution Service 3.0
RP218: 5/19/2009 12:10:32 PM - Software Distribution Service 3.0
RP219: 5/19/2009 1:35:25 PM - Software Distribution Service 3.0
RP220: 5/20/2009 8:09:36 AM - Software Distribution Service 3.0
RP221: 5/20/2009 9:17:11 AM - Software Distribution Service 3.0
RP222: 5/21/2009 8:36:45 AM - Software Distribution Service 3.0
RP223: 5/21/2009 9:24:15 AM - Software Distribution Service 3.0
RP224: 5/21/2009 3:40:47 PM - Software Distribution Service 3.0
RP225: 5/21/2009 11:38:45 PM - Software Distribution Service 3.0
RP226: 5/22/2009 7:54:23 PM - Software Distribution Service 3.0
RP227: 5/22/2009 10:48:21 PM - Software Distribution Service 3.0
RP228: 5/23/2009 7:15:10 PM - Software Distribution Service 3.0
RP229: 5/24/2009 4:32:34 PM - Software Distribution Service 3.0
RP230: 5/24/2009 6:46:46 PM - Software Distribution Service 3.0
RP231: 5/24/2009 8:21:48 PM - Software Distribution Service 3.0
RP232: 5/24/2009 11:47:56 PM - Software Distribution Service 3.0
RP233: 5/25/2009 8:18:22 AM - Software Distribution Service 3.0
RP234: 5/25/2009 8:39:45 AM - Software Distribution Service 3.0
RP235: 5/25/2009 11:41:13 PM - Software Distribution Service 3.0
RP236: 5/26/2009 10:33:23 AM - Software Distribution Service 3.0
RP237: 5/27/2009 8:13:50 AM - Software Distribution Service 3.0
RP238: 5/27/2009 8:45:24 AM - Software Distribution Service 3.0
RP239: 5/27/2009 7:16:04 PM - Software Distribution Service 3.0
RP240: 5/28/2009 4:52:25 PM - Software Distribution Service 3.0
RP241: 5/28/2009 4:58:56 PM - Software Distribution Service 3.0
RP242: 5/28/2009 5:05:35 PM - asennettuna Windows Internet Explorer 8.
RP243: 5/28/2009 5:06:37 PM - Software Distribution Service 3.0
RP244: 5/29/2009 8:39:44 AM - Software Distribution Service 3.0
RP245: 5/29/2009 8:52:41 AM - Software Distribution Service 3.0
RP246: 5/30/2009 5:01:53 AM - Software Distribution Service 3.0
RP247: 5/31/2009 9:08:55 PM - Software Distribution Service 3.0
RP248: 6/1/2009 12:30:50 AM - asennettuna Windows Internet Explorer 8.
RP249: 6/1/2009 12:31:29 AM - Software Distribution Service 3.0
RP250: 6/1/2009 1:01:01 AM - Software Distribution Service 3.0
RP251: 6/1/2009 9:59:00 AM - Software Distribution Service 3.0
RP252: 6/2/2009 1:25:10 AM - Software Distribution Service 3.0
RP253: 6/2/2009 1:44:44 PM - Software Distribution Service 3.0
RP254: 6/2/2009 9:42:45 PM - Software Distribution Service 3.0
RP255: 6/3/2009 2:52:20 AM - Software Distribution Service 3.0
RP256: 6/3/2009 10:07:30 AM - Software Distribution Service 3.0
RP257: 6/3/2009 9:03:54 PM - Software Distribution Service 3.0
RP258: 6/4/2009 1:16:16 AM - asennettuna MSXML 4.0 SP2 (KB925672)
RP259: 6/4/2009 3:00:13 AM - Software Distribution Service 3.0
RP260: 6/4/2009 3:13:34 AM - Software Distribution Service 3.0
RP261: 6/4/2009 11:59:13 PM - Installed Dr.Web Anti-Virus for Windows 5.0.
RP262: 6/5/2009 12:36:30 AM - Poistetut Dr.Web Anti-Virus for Windows 5.0.
RP263: 6/5/2009 12:38:54 AM - Poistetut Dr.Web Anti-Virus for Windows 5.0.
RP264: 6/5/2009 2:22:38 AM - Software Distribution Service 3.0
RP265: 6/6/2009 3:00:14 AM - Software Distribution Service 3.0
RP266: 6/6/2009 10:51:09 AM - Software Distribution Service 3.0
RP267: 6/7/2009 12:10:12 AM - Software Distribution Service 3.0
RP268: 6/8/2009 12:20:37 AM - Software Distribution Service 3.0
RP269: 6/8/2009 10:03:39 AM - Software Distribution Service 3.0
RP270: 6/8/2009 10:23:28 PM - Installed Driver Detective
RP271: 6/8/2009 10:41:57 PM - Software Distribution Service 3.0
RP272: 6/9/2009 2:32:24 AM - Software Distribution Service 3.0
RP273: 6/9/2009 8:29:05 AM - Software Distribution Service 3.0
RP274: 6/9/2009 1:25:29 PM - Software Distribution Service 3.0
RP275: 6/9/2009 11:06:13 PM - Software Distribution Service 3.0
RP276: 6/10/2009 8:56:06 AM - Software Distribution Service 3.0
RP277: 6/10/2009 9:40:44 AM - Software Distribution Service 3.0
RP278: 6/11/2009 1:45:31 AM - Software Distribution Service 3.0
RP279: 6/11/2009 4:27:14 PM - Installed Tuore RAM
RP280: 6/11/2009 6:45:39 PM - Konfiguroidut Driver Detective
RP281: 6/12/2009 1:51:36 AM - Software Distribution Service 3.0
RP282: 6/12/2009 8:55:19 AM - Software Distribution Service 3.0
RP283: 6/13/2009 11:02:27 AM - Software Distribution Service 3.0
RP284: 6/13/2009 11:13:50 AM - Software Distribution Service 3.0
RP285: 6/14/2009 10:49:45 PM - Software Distribution Service 3.0
RP286: 6/15/2009 9:16:53 AM - Software Distribution Service 3.0
RP287: 6/15/2009 11:09:18 PM - Software Distribution Service 3.0
RP288: 6/16/2009 10:07:34 AM - Software Distribution Service 3.0
RP289: 6/17/2009 9:01:20 AM - Software Distribution Service 3.0
RP290: 6/17/2009 10:05:33 AM - asennettuna Windows Internet Explorer 8.
RP291: 6/18/2009 10:16:10 AM - Software Distribution Service 3.0
RP292: 6/18/2009 10:41:06 AM - asennettu Windows Media Format 9 Series Kesto Setup
RP293: 6/18/2009 1:11:48 PM - asennettu Windows Media Format 9 Series Kesto Setup
RP294: 6/18/2009 1:29:13 PM - Software Distribution Service 3.0
RP295: 6/19/2009 3:01:54 AM - Software Distribution Service 3.0
RP296: 6/19/2009 9:29:35 AM - Software Distribution Service 3.0
RP297: 6/19/2009 5:47:01 PM - Software Distribution Service 3.0
RP298: 6/20/2009 6:59:50 PM - Software Distribution Service 3.0
RP299: 6/20/2009 7:05:46 PM - Installed Java (TM) 6 Update 14
RP300: 6/21/2009 4:07:26 PM - Software Distribution Service 3.0
RP301: 6/21/2009 4:14:22 PM - Software Distribution Service 3.0
RP302: 6/22/2009 9:44:00 AM - Software Distribution Service 3.0
RP303: 6/22/2009 11:31:38 AM - Software Distribution Service 3.0
RP304: 6/23/2009 3:00:23 AM - Software Distribution Service 3.0
RP305: 6/24/2009 9:44:31 AM - Software Distribution Service 3.0
RP306: 6/24/2009 9:55:45 AM - Software Distribution Service 3.0
RP307: 6/24/2009 10:14:50 AM - Software Distribution Service 3.0
RP308: 6/24/2009 9:41:13 PM - Software Distribution Service 3.0
RP309: 6/25/2009 2:52:04 AM - Software Distribution Service 3.0
RP310: 6/25/2009 12:17:49 PM - Software Distribution Service 3.0
RP311: 6/26/2009 9:27:47 PM - Software Distribution Service 3.0
RP312: 6/27/2009 12:41:14 AM - palautustoiminto
RP313: 6/27/2009 1:35:40 AM - palautustoiminto
RP314: 6/27/2009 2:25:58 AM - Software Distribution Service 3.0
RP315: 6/27/2009 2:30:41 AM - asennettu Windows Media Format 9 Series Kesto Setup
RP316: 6/28/2009 8:31:27 AM - Software Distribution Service 3.0
RP317: 6/29/2009 10:03:24 AM - Software Distribution Service 3.0
RP318: 6/29/2009 6:35:12 PM - Software Distribution Service 3.0
RP319: 6/29/2009 9:00:14 PM - Software Distribution Service 3.0
RP320: 6/30/2009 3:32:09 AM - Software Distribution Service 3.0
RP321: 6/30/2009 11:45:20 AM - Software Distribution Service 3.0
RP322: 7/1/2009 9:15:52 AM - Software Distribution Service 3.0
RP323: 7/1/2009 11:21:44 AM - Software Distribution Service 3.0
RP324: 7/1/2009 10:38:39 PM - Software Distribution Service 3.0
RP325: 7/2/2009 3:16:53 AM - Software Distribution Service 3.0
RP326: 7/2/2009 12:22:35 PM - Software Distribution Service 3.0
RP327: 7/2/2009 7:09:25 PM - Software Distribution Service 3.0
RP328: 7/3/2009 4:04:54 AM - Software Distribution Service 3.0
==== Asennetut ohjelmat ======================

ABBYY FineReader 5.0 Sprint Plus
Adobe Flash Player 10 ActiveX
AOL Valmentaja Version 2.0 (Build: 20041026.5 fi)
AOL Yhteydet Palvelut
AOL Deskbar
AOL Toolbar
AOL Uninstaller (Valitse tuotteet poista)
AOL You've Got Pictures Screensaver
C-Media Audio
C-Media WDM Audio Driver
Comodo SafeSurf
Compatibility Pack vuoden 2007 Office system
Cool PDF Reader 1.0
Driver Robot 1.0.6.0
filehippo.com Update Checker
Tuore RAM
HackerSmacker
HijackThis 2.0.2
Hotfix for Windows XP (KB896344)
Hotfix for Windows XP (KB914440)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB952287)
IncrediMail Xe
Java (TM) 6 Update 14
Jet Screenshot v 2.0
Lexmark 5200 Series
Macromedia Shockwave Player
Magentic
Malwarebytes' Anti-Malware
Microsoft. NET Framework 1.1
Microsoft. NET Framework 2.0
Microsoft kansainvälistyä Domain Names Lieventämis API
Microsoft National Language Support Downlevel API
Microsoft Office PowerPoint Viewer 2007 (Englanti)
Microsoft Visual C + + 2005 Redistributable
Microsoftin Web Publishing Wizard 1.52
Microsoft Works
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 6 Service Pack 2 (KB954459)
Pure Networks Port Magic
QuickTime
RealPlayer Basic
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows Media Player 9 (KB936782)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926247)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933566)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB938829)
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB941568)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB941644)
Security Update for Windows XP (KB941693)
Security Update for Windows XP (KB943055)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB943485)
Security Update for Windows XP (KB944653)
Security Update for Windows XP (KB945553)
Security Update for Windows XP (KB946026)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB948590)
Security Update for Windows XP (KB948881)
Security Update for Windows XP (KB950749)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB970238)
SiS 900 PCI Fast Ethernet Adapter Driver
Siw versio 2008-04-02
SUPERAntiSpyware Free Edition
Tulosta Shop 21
US Robotics 56K Faxmodem USB
Windows XP-päivitys (KB894391)
Windows XP-päivitys (KB898461)
Windows XP-päivitys (KB900485)
Windows XP-päivitys (KB904942)
Windows XP-päivitys (KB908531)
Windows XP-päivitys (KB910437)
Windows XP-päivitys (KB911280)
Windows XP-päivitys (KB916595)
Windows XP-päivitys (KB920342)
Windows XP-päivitys (KB920872)
Windows XP-päivitys (KB922582)
Windows XP-päivitys (KB927891)
Windows XP-päivitys (KB930916)
Windows XP-päivitys (KB931836)
Windows XP-päivitys (KB932823-v3)
Windows XP-päivitys (KB933360)
Windows XP-päivitys (KB938828)
Windows XP-päivitys (KB942763)
Windows XP-päivitys (KB955839)
Windows XP-päivitys (KB967715)
Näkökulmasta Media Player
WebFldrs XP
Windows Genuine Advantage Validation Tool (KB892130)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 8
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
Windows XP: n asennuksen poistaminen
WinPatrol 2009
Zoom V.92 PCI Voice Faxmodem
Zoom V92 PC Card Voice Faxmodem
==== Event Viewer viestit aiemmasta Viikko ========
7/3/2009 4:23:49 PM, virhe: System Error [1003] - Virhekoodi 00000077, parametri 1 c000000e, parametri2 c000000e, parametri3 00000000, parametri4 01.422.000.
7/3/2009 2:33:40 PM, virhe: System Error [1003] - Virhekoodi 000000f4, parametri1 00000003, parametri2 86cdb430, parametri3 86cdb5a4, parametri4 805fa1f0.
7/1/2009 10:39:09 PM, virhe: Service Control Manager [7034] - AOL TopSpeed Monitor-palvelu on päättynyt odottamatta. Se on tehnyt tämän 6 aika (s).
6/30/2009 5:05:18 PM, virhe: Tulosta [6161] - Asiakirjassa Lokipalvelin - Muistio omistama Windowsin User jättänyt tulostaa tulostimen Lexmark 5200 Series. Tietotyyppi: LEMF. Koosta spool tiedosto bytes: 1208022. Tavujen painettu: 1.208.022. Kokonaismäärä sivuja asiakirja: 3. Sivumäärä painettu: 0. Client machine: \ \ SUNPORCH. Win32 virhekoodi palautettava tulostuksen jalostaja: 126 (0x7e).
6/29/2009 11:36:01 PM, virhe: Service Control Manager [7000] - The SASDIFSV palvelu ei käynnistynyt, koska seuraava virhe: ei voi luoda tiedoston, kun kyseinen tiedosto on jo olemassa.
6/27/2009 2:24:45 AM, virhe: Service Control Manager [7000] - The Upload Manager-palvelu ei käynnistynyt, koska seuraava virhe: The tilille tämän palvelun eroaa tilille muita palveluja on samassa prosessissa.
6/27/2009 2:24:37 AM, virhe: BITS [16391] - BITS työpaikkojen luettelo ei ole tunnustettu muodossa. Se on voitu luoda eri versiota BITS. Työpaikkojen luettelo on tyhjennetty.
6/27/2009 2:08:32 AM, virhe: SnsCore [20] --
6/27/2009 2:08:24 AM, virhe: Service Control Manager [7000] - The iolo FileInfoList Service palvelu ei käynnistynyt, koska seuraava virhe: Järjestelmä ei löydä tiedosto.
6/27/2009 1:41:24 AM, virhe: Service Control Manager [7023] - The HID Input Service palvelu lopetettiin virheen takia: Järjestelmä ei löydä tiedosto.
6/27/2009 1:41:24 AM, virhe: Service Control Manager [7000] - The iolo System Service palvelu ei käynnistynyt, koska seuraava virhe: Järjestelmä ei löydä tiedosto.
6/27/2009 1:36:19 AM, virhe: Service Control Manager [7034] - AOL TopSpeed Monitor-palvelu on päättynyt odottamatta. Se on tehnyt tämän 5 aika (s).
6/27/2009 1:36:09 AM, virhe: Service Control Manager [7031] - AOL TopSpeed Monitor-palvelu on päättynyt odottamatta. Se on tehnyt tämän 4 aika (s). Seuraavat korjaavat toimenpiteet toteutetaan 1000 millisekunteina: Käynnistä palvelu.
6/27/2009 1:36:01 AM, virhe: Service Control Manager [7031] - AOL TopSpeed Monitor-palvelu on päättynyt odottamatta. Se on tehnyt tämän 3 aika (s). Seuraavat korjaavat toimenpiteet toteutetaan 1000 millisekunteina: Käynnistä palvelu.
6/27/2009 1:35:53 AM, virhe: Service Control Manager [7031] - AOL TopSpeed Monitor-palvelu on päättynyt odottamatta. Se on tehnyt näin 2 kertaa (s). Seuraavat korjaavat toimenpiteet toteutetaan 1000 millisekunteina: Käynnistä palvelu.
6/27/2009 1:35:35 AM, virhe: Service Control Manager [7031] - AOL TopSpeed Monitor-palvelu on päättynyt odottamatta. Se on tehnyt tämän 1 aika (s). Seuraavat korjaavat toimenpiteet toteutetaan 1000 millisekunteina: Käynnistä palvelu.
6/27/2009 1:32:44 AM, virhe: DCOM [10005] - DCOM sai virhe "% 1084" yrittäessään käynnistää palvelun EventSystem argumenteilla "" jotta ajaa palvelin: (1BE1F766-5536-11D1 - B726-00C04FB926AF)
6/27/2009 1:30:38 AM, virhe: Service Control Manager [7026] - seuraavat boot-start tai järjestelmä-start kuljettaja (t) ei kuormituksella: AFD AmdK7 FIPS IPSecin MrxSmb NetBIOS NetBT RasAcd Rdbss SASDIFSV SASKUTIL SnsCore Tcpip WS2IFSL
6/27/2009 1:30:38 AM, virhe: Service Control Manager [7001] - TCP / IP NetBIOS Helper palvelun riippuu AFD palvelu, jota ei voitu käynnistää, koska seuraava virhe: Laite on liitetty järjestelmä on ei toimi.
6/27/2009 1:30:38 AM, virhe: Service Control Manager [7001] - The IPSEC Services-palvelun riippuu IPSEC kuljettajan palvelua, joka ei käynnistynyt, koska seuraava virhe: Laite on liitetty järjestelmä ei toimi .
6/27/2009 1:30:38 AM, virhe: Service Control Manager [7001] - DNS asiakaspalvelun riippuu TCP / IP-ohjain, joka ei käynnistynyt, koska seuraava virhe: Laite liitetään järjestelmään ei toimi.
6/27/2009 1:30:38 AM, virhe: Service Control Manager [7001] - DHCP-asiakaspalvelu riippuu NetBIOS Tcpip palvelu, jota ei voitu käynnistää, koska seuraava virhe: Laite on liitetty järjestelmä ei ole toimintaan.
6/27/2009 1:29:52 AM, virhe: DCOM [10005] - DCOM sai virhe "% 1084" yrittäessään käynnistää palvelun NETMAN argumenteilla "" jotta ajaa palvelin: (BA126AE5-2166-11D1 - B1D0-00805FC1270E)
6/27/2009 1:19:01 AM, virhe: Service Control Manager [7009] - Timeout (30000 millisekuntia) odottaa, että IMAPI COM CD-Burning COM Service palvelu muodostaa yhteyden.
6/27/2009 1:19:01 AM, virhe: Service Control Manager [7000] - The IMAPI COM CD-Burning COM Service palvelu ei käynnistynyt, koska seuraava virhe: Palvelu ei vastannut alussa tai valvonnan pyynnöstä ajoissa.
6/27/2009 1:16:56 AM, virhe: Service Control Manager [7023] - The Terminal Services-palvelun lopetettiin virheen takia: Invalid pääsy muistipaikkaan.
6/27/2009 1:16:56 AM, virhe: Service Control Manager [7023] - Automaattiset päivitykset-palvelu lopetettiin virheen takia:%% 3228369023
6/27/2009 1:16:56 AM, virhe: Service Control Manager [7001] - Fast User Switching Compatibility palvelun riippuu Terminal Services-palvelun, joka ei käynnistynyt, koska seuraava virhe: Virheellinen pääsy muistipaikkaan.
6/27/2009 1:05:23 AM, virhe: DCOM [10005] - DCOM sai virhe "% 1084" yrittäessään käynnistää palvelun wuauserv argumenteilla "" jotta ajaa palvelin: (E60687F7-01A1-40AA - 86AC-DB1CBF673334)
6/26/2009 9:29:28 PM, virhe: Windows Update Agent [20] - Asennus Epäonnistuminen: Windowsin asennus epäonnistui seuraavaa päivitystä virhe 0x80070643: Microsoft. NET Framework 1.1 Service Pack 1.
==== End Of File ===========================
Rooter.exe (v1.0.2) on Eric_71
.
SeDebugPrivilege myönnetty onnistuneesti ...
.
Windows XP Home Edition (5.1.2600) Service Pack 2
[32_bits] - x86 Family 6 Model 6 Stepping 2, AuthenticAMD
.
[wscsvc] (Security Center) RUNNING (state: 4)
[SharedAccess] RUNNING (state: 4)
Windowsin palomuuri -> Enabled
.
Internet Explorer 8.0.6001.18702
.
A: \ [Removable]
C: \ [Määräaikainen FAT32] .. (Yhteensä: 112 Go - Free: 90 Go)
D: \ [CD_Rom]
.
Scan: 19:57.51
Path: C: \ Documents and Settings \ Windows User \ Local Settings \ Temporary Internet Files \ Content.IE5 \ EI7LBMQF \ Rooter [1]. Exe
Käyttäjä: Windows-käyttäjä (Administrator -> KYLLÄ)
.
---------------------- \ \ Prosessit
.
Lukittu [System Process] (0)
______ System (4)
______ \ SystemRoot \ System32 \ smss.exe (292)
______ \? \ C: \ WINDOWS \ system32 \ csrss.exe (348)
______ \? \ C: \ WINDOWS \ SYSTEM32 \ Winlogon.exe (372)
______ C: \ WINDOWS \ system32 \ Services.exe (416)
______ C: \ WINDOWS \ system32 \ Lsass.exe (428)
______ C: \ WINDOWS \ system32 \ Svchost.exe (576)
______ C: \ WINDOWS \ system32 \ Svchost.exe (620)
______ C: \ WINDOWS \ System32 \ Svchost.exe (664)
______ C: \ WINDOWS \ system32 \ Svchost.exe (708)
______ C: \ WINDOWS \ system32 \ Svchost.exe (804)
______ C: \ WINDOWS \ system32 \ spoolsv.exe (900)
______ C: \ WINDOWS \ system32 \ Svchost.exe (980)
______ C: \ Program Files \ Common Files \ AOL \ ACS \ AOLAcsd.exe (1012)
______ C: \ Program Files \ Java \ jre6 \ bin \ jqs.exe (1056)
______ C: \ WINDOWS \ System32 \ snmp.exe (1148)
______ C: \ WINDOWS \ system32 \ Svchost.exe (1180)
______ C: \ WINDOWS \ System32 \ alg.exe (1900)
______ C: \ WINDOWS \ Explorer.exe (1124)
______ C: \ Program Files \ Lexmark 5200 series \ lxbtbmgr.exe (528)
______ C: \ Program Files \ Java \ jre6 \ bin \ jusched.exe (1736)
______ C: \ Program Files \ Lexmark 5200 series \ lxbtbmon.exe (1468)
______ C: \ Program Files \ Common Files \ AOL \ 1246084174 \ ee \ AOLSoftware.exe (1316)
______ C: \ Program Files \ Common Files \ AOL \ ACS \ AOLDial.exe (1572)
______ C: \ WINDOWS \ system32 \ Ctfmon.exe (1648)
______ C: \ Program Files \ Jet Screenshot \ jetScreenshot.exe (1216)
______ C: \ WINDOWS \ system32 \ wbem \ wmiprvse.exe (2148)
______ C: \ WINDOWS \ system32 \ wuauclt.exe (2428)
______ C: \ Program Files \ America Online 9.0 \ waol.exe (596)
______ C: \ Program Files \ America Online 9.0 \ shellmon.exe (756)
______ C: \ Documents and Settings \ Windows User \ Local Settings \ Temporary Internet Files \ Content.IE5 \ EI7LBMQF \ Rooter [1]. Exe (3388)
.
---------------------- \ \ Device \ Kiintolevy0 \
.
\ Device \ Kiintolevy0 [Alat: 63 x 512 tavua]
.
\ Device \ Kiintolevy0 \ Osio1 - [MBR] - (Start_Offset: 32256 | Pituus: 120681275904)
.
---------------------- \ \ Ajoitetut tehtävät
.
C: \ WINDOWS \ Tasks \ SA.DAT
C: \ WINDOWS \ Tasks \ Desktop.ini
C: \ WINDOWS \ Tasks \ Driver Robot.job
.
---------------------- \ \ Registry
.
.
---------------------- \ \ Tiedostot ja kansiot
.
C: \ DOCUME ~ 1 \ WINDOW ~ 1 \ Sov ~ 1 \ PrivacyControl
==> Rikollisten <==
.
---------------------- \ \ Scan valmistui 19:57.56
.
C: \ Rooter $ \ Rooter_1.txt - (03/07/2009 | 19:57.56)

**evilfantasy** · #6 3 heinäkuu 2009, 19:01

Poista nämä tiedostot / kansiot, seuraavasti:

1. Siirry Alku > Juosta > Tyyppi Notepad.exe ja napsauta OK Avaa Muistio.
Se täytyä on Muistiossa ei Wordpad.
2. Kopioi teksti jäljempänä koodi ruutuun korostamalla kaiken tekstin ja painamalla Ctrl + C

Code:

Killall: DDS: BHO: AskBar BHO: (201f27d4-3704-41d6-89c1-aa35e39143ed) - c: \ program files \ askbardis \ bar \ bin \ askBar.dll TB: Kysy Toolbar: (3041d03e-fd4b-44e0 - b742-2d9b88305f98) - c: \ program files \ askbardis \ bar \ bin \ askBar.dll IE: (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe Folder:: C: \ DOCUME ~ 1 \ ikkuna ~ 1 \ applic ~ 1 \ lisenssit C: \ DOCUME ~ 1 \ ikkuna ~ 1 \ applic ~ 1 \ PCMM2009 c: \ program files \ PC MightyMax 2009 c: \ program files \ askbardis c: \ program files \ Messenger

3. Go to Notepadia ikkunasta ja napsauta Muokkaa > Liitä
4. Valitse sitten Tiedosto > Tallentaa
5. Nimeä tiedosto CFScript.txt - Tallenna tiedosto Desktop
6. Vedä CFScript (Pidä vasenta hiiren painiketta, kun vetämällä tiedosto) ja pudottaa sen (vapauta hiiren vasen painike) osaksi ComboFix.exe kuten näette kuvakaappaus alla. Tärkeää: Tehdään tämä ohje huolellisesti!

ComboFix alkaa toteuttaa, seuraa ohjeita.
After reboot (jos se kysyy käynnistää), se tuottaa lokin sinulle.
Post että log (Combofix.txt) näkyy seuraavassa vastausta.

Huom: Älä mouseclick ComboFix ikkunassa, kun se on käynnissä. Tämä voi aiheuttaa järjestelmän jäätyä

**hopthwoks** · #7 5 heinäkuu 2009, 14:04

Tarvitsee vain reload ComboFix. Vaikuttaa siltä, että tiedosto Wes delrtrd minulla on vain teksti-tiedostoja combofix.

**evilfantasy** · #8 5 heinäkuu 2009, 14:28

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

**hopthwoks** · #9 5 heinäkuu 2009, 21:33

Valitettavasti se kesti niin kauan. Got purema on hämähäkkien ja käytti suurimman osan aikaa hakemiseen nähdä, jos saisin selville, mitä puri minua.
Tässä on skannata.
ComboFix 09-07-05.01 - Windows User 07/06/2009 0:04.4 - FAT32x86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.1023.742 [GMT -4:00]
Running from: C: \ Documents and settings \ Windows User \ Desktop \ ComboFix.exe
Command valitsimia käytetään:: C: \ Documents and Settings \ Windows User \ Desktop \ CFScript.txt
.
((((((((((((((((((((((((((((((((((((((( Muut Poistetut ))))))))) ))))))))))))))))))))))))))))))))))))))))
.
C: \ DOCUME ~ 1 \ ikkuna ~ 1 \ applic ~ 1 \ lisenssit
C: \ DOCUME ~ 1 \ ikkuna ~ 1 \ applic ~ 1 \ lisenssit \ PCMightyMax c27fe264-0186-4910-8a97-50c383296a11
C: \ DOCUME ~ 1 \ ikkuna ~ 1 \ applic ~ 1 \ PCMM2009
C: \ DOCUME ~ 1 \ ikkuna ~ 1 \ applic ~ 1 \ PCMM2009 \ diagnostic \ viime-scan
C: \ DOCUME ~ 1 \ ikkuna ~ 1 \ applic ~ 1 \ PCMM2009 \ pcmm2009-configuration
c: \ program files \ askbardis
c: \ program files \ askbardis \ bar \ bin \ askBar.dll
c: \ program files \ askbardis \ bar \ bin \ askPopStp.dll
c: \ program files \ askbardis \ bar \ bin \ psvince.dll
c: \ program files \ askbardis \ bar \ Cache \ files.ini
c: \ program files \ askbardis \ bar \ History \ haku
c: \ program files \ askbardis \ bar \ Settings \ config.dat
c: \ program files \ askbardis \ bar \ Settings \ config.dat.bak
c: \ program files \ askbardis \ unins000.dat
c: \ program files \ askbardis \ unins000.exe
c: \ program files \ Messenger
C: \ Program Files \ Messenger \ custsat.dll
C: \ Program Files \ Messenger \ logowin.gif
C: \ Program Files \ Messenger \ lvback.gif
C: \ Program Files \ Messenger \ msgsc.dll
C: \ Program Files \ Messenger \ msgslang.dll
C: \ Program Files \ Messenger \ msmsgs.exe
C: \ Program Files \ Messenger \ newalert.wav
C: \ Program Files \ Messenger \ newemail.wav
C: \ Program Files \ Messenger \ online.wav
C: \ Program Files \ Messenger \ type.wav
C: \ Program Files \ Messenger \ xpmsgr.chm
C: \ Program Files \ PC MightyMax 2009
C: \ Program Files \ PC MightyMax 2009 \ pcmm2009.error.log
.
((((((((((((((((((((((((( Files luotu 2009-06-06 ja 2009-07-06 ))))))))))) ))))))))))))))))))))
.
2009-07-06 02:18. 2008-12-03 16:09 59184 ------ w-c: \ Documents and Settings \ All Users \ Application Data \ AOL \ UserProfiles \ All Users \ kalja \ CACHE \ 4381.3.4 \ toolbarsud.exe
2009-07-06 02:18. 2006-04-06 15:33 81000 ------ w-c: \ Documents and Settings \ All Users \ Application Data \ AOL \ UserProfiles \ All Users \ kalja \ CACHE \ 4381.3.4 \ ProgUpd.dll
2009-07-06 02:18. 2006-04-06 15:33 33896 ------ w-c: \ Documents and Settings \ All Users \ Application Data \ AOL \ UserProfiles \ All Users \ kalja \ CACHE \ 4381.3.4 \ postproc.exe
2009-07-06 02:18. 2006-04-06 15:33 156264 ------ w-c: \ Documents and Settings \ All Users \ Application Data \ AOL \ UserProfiles \ All Users \ kalja \ CACHE \ 4381.3.4 \ setup.exe
2009-07-06 02:18. 2008-12-02 18:34 2316392 ------ w-c: \ Documents and Settings \ All Users \ Application Data \ AOL \ UserProfiles \ All Users \ kalja \ CACHE \ 4381.3.4 \ ocpinst.exe
2009-07-06 02:18. 2008-11-12 21:12 1370528 ------ w-c: \ Documents and Settings \ All Users \ Application Data \ AOL \ UserProfiles \ All Users \ kalja \ CACHE \ 4381.3.4 \ msvc9rt.exe
2009-07-06 02:18. 2008-11-06 14:42 2100984 ------ w-c: \ Documents and Settings \ All Users \ Application Data \ AOL \ UserProfiles \ All Users \ kalja \ CACHE \ 4381.3.4 \ aol_toolbar_dual.exe
2009-07-06 02:18. 2008-07-23 18:35 62248 ------ w-c: \ Documents and Settings \ All Users \ Application Data \ AOL \ UserProfiles \ All Users \ kalja \ CACHE \ 4381.3.4 \ ocpgc.exe
2009-07-06 02:18. 2008-07-23 18:35 15144 ------ w-c: \ Documents and Settings \ All Users \ Application Data \ AOL \ UserProfiles \ All Users \ kalja \ CACHE \ 4381.3.4 \ ocpchk.dll
2009-07-06 02:18. 2008-07-23 18:35 74536 ------ w-c: \ Documents and Settings \ All Users \ Application Data \ AOL \ UserProfiles \ All Users \ kalja \ CACHE \ 4381.3.4 \ instSup.dll
2009-07-06 02:18. 2006-07-31 18:41 474184 ------ w-c: \ Documents and Settings \ All Users \ Application Data \ AOL \ UserProfiles \ All Users \ kalja \ CACHE \ 4381.3.4 \ gui.dll
2009-07-06 02:18. 2006-04-06 15:33 25088 ------ w-c: \ Documents and Settings \ All Users \ Application Data \ AOL \ UserProfiles \ All Users \ kalja \ CACHE \ 4381.3.4 \ EEStart.exe
2009-07-03 23:57. 2009-07-03 23:57 -------- d ----- w C: \ Rooter $
2009-07-01 13:43. 2009-07-01 13:43 -------- d ----- w-c: \ Documents and Settings \ Windows User \ Application Data \ ArcticLine
2009-07-01 13:43. 2009-07-01 13:43 -------- d ----- w-c: \ program files \ Jet Screenshot
2009-06-30 03:17. 2006-10-12 16:29 83504 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL \ UserProfiles \ All Users \ kalja \ TEMP \ ProgUpd.dll
2009-06-30 03:11. 2009-06-30 03:11 -------- d ----- w-c: \ Documents and Settings \ All Users \ Application Data \ AOL OCP
2009-06-30 03:11. 2009-06-30 03:11 -------- d ----- w-c: \ Documents and Settings \ Windows User \ Local Settings \ Application Data \ AOL OCP
2009-06-30 03:05. 2009-06-30 03:07 370496 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ Kopio UInst.exe
2009-06-30 03:05. 2009-06-30 03:05 94256 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ vuonna stph.dll
2009-06-30 02:57. 2009-06-30 03:05 2439824 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ oc pinsti.exe
2009-06-30 02:56. 2009-06-30 02:57 260040 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ ec uinst.exe
2009-06-30 02:55. 2009-06-30 02:56 237616 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ gu i.dll
2009-06-30 02:55. 2009-06-30 02:55 127224 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ af ixlang.exe
2009-06-30 02:55. 2009-06-30 02:55 83504 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ Pr ogUpd.dll
2009-06-30 02:54. 2009-06-30 02:55 223152 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ oli finst.exe
2009-06-30 02:53. 2009-06-30 02:54 355592 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ af ixinst.exe
2009-06-30 02:52. 2009-06-30 02:52 11056 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ Kopio NdInst.dll
2009-06-30 02:52. 2009-06-30 02:52 11312 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ ec uchk.dll
2009-06-30 02:52. 2009-06-30 02:52 11568 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ tb inst.dll
2009-06-30 02:52. 2009-06-30 02:52 170544 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ se tup.exe
2009-06-30 02:51. 2009-06-30 02:52 98992 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ sm instlp.exe
2009-06-30 02:51. 2009-06-30 02:51 11568 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ oc fcheck.dll
2009-06-30 02:51. 2009-06-30 02:51 15920 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ oc pchk.dll
2009-06-30 02:49. 2009-06-30 02:51 580136 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ mu inst.exe
2009-06-30 02:48. 2009-06-30 02:49 282056 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ cc ulang.exe
2009-06-30 02:48. 2009-06-30 02:48 36912 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ po stproc.exe
2009-06-30 02:47. 2009-06-30 02:48 359184 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ tb setup.exe
2009-06-30 02:36. 2009-06-30 02:47 3147256 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ oc pinsts.exe
2009-06-30 02:36. 2009-06-30 02:36 10800 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ oli fixchk.dll
2009-06-30 02:35. 2009-06-30 02:36 174752 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ kpl mninst.exe
2009-06-30 02:35. 2009-06-30 02:35 142040 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ al setup.exe
2009-06-30 02:34. 2009-06-30 02:34 67120 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ vuonna stSup.dll
2009-06-27 06:36. 2009-06-27 06:36 -------- d ----- w-c: \ windows \ system32 \ CatRoot_bak
2009-06-27 06:31. 2009-06-27 06:31 167999 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL \ C_America Online 9.0 \ aolEULanPack \ cswitch.exe
2009-06-27 06:31. 2009-06-27 06:31 3298040 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL \ C_America Online 9.0 \ aolEULanPack \ langpack.exe
2009-06-27 06:30. 2009-06-27 06:30 -------- d ----- w C: \ Asenna iTunes
2009-06-27 06:30. 2009-06-27 06:30 -------- d ----- w-C: \ Install ICQ
2009-06-27 06:30. 2009-06-27 06:30 -------- d ----- w C: \ AOL Instant Messenger
2009-06-27 06:30. 2009-06-27 06:30 -------- d ----- w C: \ Mav
2009-06-27 06:29. 2009-06-27 06:29 -------- d ----- w-c: \ Program Files \ Common Files \ aolshare
2009-06-27 06:29. 2009-06-27 06:29 -------- d ----- w-c: \ program files \ America Online 9.0
2009-06-27 05:04. 2009-06-27 05:04 -------- d-sh - w-c: \ Documents and Settings \ Administrator \ IETldCache
2009-06-27 05:03. 2007-12-04 03:49 487323 ---- aw-c: \ Documents and Settings \ Administrator \ Application Data \ IE7Pro \ prosetup.exe
2009-06-27 05:03. 2007-12-04 03:43 -------- d --- aw-c: \ Documents and Settings \ Administrator \ Application Data \ IE7Pro
2009-06-27 05:03. 2009-06-27 05:03 -------- d ----- w-c: \ Documents and Settings \ Administrator
2009-06-27 05:03. 2007-12-04 03:43 -------- d ----- w-c: \ Documents and Settings \ Administrator \ Local Settings \ Application Data \ SITEguard
2009-06-27 05:03. 2007-06-13 04:19 -------- d ----- w-c: \ Documents and Settings \ Administrator \ Local Settings \ Application Data \ Microsoft
2009-06-25 02:33. 2008-04-14 00:12 221184 ---- aw-c: \ windows \ system32 \ wmpns.dll
2009-06-25 02:05. 2009-06-25 02:05 -------- d ----- w-c: \ windows \ system32 \ scripting
2009-06-25 02:05. 2009-06-25 02:05 -------- d ----- w-c: \ windows \ l2schemas
2009-06-25 02:05. 2009-06-25 02:05 -------- d ----- w-c: \ windows \ system32 \ fi
2009-06-25 02:05. 2009-06-25 02:05 -------- d ----- w-c: \ windows \ system32 \ bits
2009-06-25 01:56. 2006-02-28 16:00 67584 ---- aw-c: \ windows \ system32 \ drivers \ sdbus.sys
2009-06-25 01:56. 2006-02-28 16:00 36096 ---- aw-c: \ windows \ system32 \ drivers \ intelppm.sys
2009-06-25 01:56. 2006-02-28 16:00 15488 ---- aw-c: \ windows \ system32 \ drivers \ mssmbios.sys
2009-06-25 01:56. 2006-02-28 16:00 12416 ---- aw-c: \ windows \ system32 \ drivers \ tunmp.sys
2009-06-25 01:56. 2006-02-28 16:00 11136 ---- aw-c: \ windows \ system32 \ drivers \ sffdisk.sys
2009-06-25 01:56. 2006-02-28 16:00 10240 ---- aw-c: \ windows \ system32 \ drivers \ sffp_sd.sys
2009-06-25 01:56. 2006-03-17 00:33 262784 ---- aw-c: \ windows \ system32 \ drivers \ Http.sys
2009-06-25 01:54. 2006-02-28 16:00 15360 ---- aw-c: \ windows \ system32 \ dllcache \ nppagent.exe
2009-06-25 01:53. 2006-02-28 16:00 82944 ---- aw-c: \ windows \ system32 \ dllcache \ ws2_32.dll
2009-06-25 01:50. 2009-06-25 01:51 -------- d ----- w-c: \ windows \ EHome
2009-06-24 06:11. 2009-06-24 06:11 -------- d-sh - w-c: \ Documents and Settings \ LocalService \ IETldCache
2009-06-24 06:10. 2009-06-24 06:10 -------- d ----- w-c: \ program files \ SNSafe & Software
2009-06-24 06:10. 2009-06-24 06:10 -------- d ----- w-c: \ Documents and Settings \ All Users \ Application Data \ SNSafe & Software
2009-06-21 00:46. 2009-04-30 21:22 12800 ------ w-c: \ windows \ system32 \ dllcache \ xpshims.dll
2009-06-21 00:46. 2009-04-30 21:22 246272 ------ w-c: \ windows \ system32 \ dllcache \ ieproxy.dll
2009-06-20 23:05. 2009-06-20 23:05 152576 ---- aw-c: \ Documents and Settings \ Windows User \ Application Data \ Sun \ Java \ jre1.6.0_14 \ lzma.dll
2009-06-18 00:32. 2009-06-18 00:32 -------- d-sh - w C: \ FOUND.020
2009-06-17 14:03. 2009-06-17 14:03 -------- d - h - w-c: \ windows \ ie8
2009-06-16 23:54. 2009-06-16 23:54 -------- d ----- w-c: \ Documents and Settings \ Windows User \ Application Data \ AVS4YOU
2009-06-16 23:54. 2009-06-16 23:54 -------- d ----- w-c: \ Documents and Settings \ All Users \ Application Data \ AVS4YOU
2009-06-16 23:53. 2009-06-16 23:53 -------- d ----- w-c: \ Program Files \ Common Files \ AVSMedia
2009-06-16 23:53. 2007-02-27 22:36 974848 ---- aw-c: \ windows \ system32 \ mfc70.dll
2009-06-16 23:53. 2007-02-27 22:36 487424 ---- aw-c: \ windows \ system32 \ msvcp70.dll
2009-06-16 23:53. 2007-02-27 22:36 344064 ---- aw-c: \ windows \ system32 \ msvcr70.dll
2009-06-16 23:53. 2007-02-27 22:36 1700352 ---- aw-c: \ windows \ system32 \ Gdiplus.dll
2009-06-16 23:53. 2009-06-16 23:53 -------- d ----- w-c: \ program files \ AVS4YOU
2009-06-12 05:15. 2009-06-12 05:15 -------- d ----- w-c: \ program files \ ALWIL Software
2009-06-11 20:27. 2009-06-11 20:27 18942 ---- ar-c: \ Documents and Settings \ Windows User \ Application Data \ Microsoft \ Installer \ (334A33C2-B9A5-4322-AB83-EBF42BFCC470) \ _2ce7ed6.exe
2009-06-11 20:27. 2009-06-11 20:27 18942 ---- ar-c: \ Documents and Settings \ Windows User \ Application Data \ Microsoft \ Installer \ (334A33C2-B9A5-4322-AB83-EBF42BFCC470) \ _2447235c.exe
2009-06-11 20:27. 2009-06-11 20:27 -------- d ----- w-c: \ program files \ Tuore RAM
2009-06-11 20:21. 2009-06-11 20:21 -------- d-sh - w C: \ FOUND.019
2009-06-11 15:55. 2009-06-10 17:39 5465088 ---- aw-C: \ Tuore RAM.msi
2009-06-09 06:29. 2009-06-09 06:29 -------- d ----- w-c: \ Documents and Settings \ Windows User \ Application Data \ Blitware
2009-06-09 06:29. 2009-06-09 06:29 -------- d ----- w-c: \ program files \ Driver Robot
2009-06-09 02:24. 2009-06-09 02:24 -------- d ----- w-c: \ Documents and Settings \ All Users \ Application Data \ PC Drivers päämajan
2009-06-09 02:23. 2009-06-09 02:23 -------- d ----- w-c: \ Documents and Settings \ Windows User \ Local Settings \ Application Data \ Downloaded Installations
2009-06-08 03:00. 2009-06-08 03:00 -------- d ----- w-c: \ Documents and Settings \ Windows User \ Application Data \ GetRightToGo
2009-06-07 23:38. 2008-04-14 00:12 7680 ---- aw-c: \ windows \ system32 \ spdwnwxp.exe
2009-06-06 14:46. 2009-06-06 14:46 -------- d ----- w-c: \ program files \ filehippo.com
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))) ))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-03 06:49. 2007-06-16 18:55 302080 ---- aw-c: \ Documents and Settings \ Windows User \ Local Settings \ Application Data \ GDIPFONTCACHEV1.DAT
2009-06-30 03:32. 2009-05-21 02:29 3561743 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ Malwarebytes \ Malwarebytes' Anti-Malware \ mbam-setup.exe
2009-06-27 06:16. 2007-06-13 04:18 76487 ---- aw-c: \ windows \ PCHealth \ HelpCtr \ OfflineCache \ Index.dat
2009-06-17 15:27. 2009-05-21 02:17 38160 ---- aw-c: \ windows \ system32 \ drivers \ mbamswissarmy.sys
2009-06-17 15:27. 2009-05-21 02:17 19096 ---- aw-c: \ windows \ system32 \ drivers \ mbam.sys
2009-06-11 22:43. 2007-06-21 02:45 1744 ---- aw-c: \ windows \ system32 \ d3d9caps.dat
2009-06-05 03:59. 2009-06-05 03:59 -------- d ----- w-c: \ program files \ DrWeb
2009-05-28 23:14. 2009-05-28 23:14 -------- d ----- w-c: \ program files \ Java
2009-05-28 23:14. 2009-05-28 23:14 152576 ---- aw-c: \ Documents and Settings \ Windows User \ Application Data \ Sun \ Java \ jre1.6.0_13 \ lzma.dll
2009-05-27 15:21. 2009-05-27 15:21 372 ---- aw-c: \ program files \ ujhonz.txt
2009-05-21 15:33. 2009-05-28 23:15 410984 ---- aw-c: \ windows \ system32 \ deploytk.dll
2009-05-21 02:17. 2009-05-21 02:17 -------- d ----- w-c: \ program files \ Malwarebytes' Anti-Malware
2009-05-17 00:04. 2009-05-17 00:04 -------- d ----- w-c: \ Documents and Settings \ Windows User \ Application Data \ WinPatrol
2009-05-17 00:03. 2009-05-17 00:03 -------- d ----- w-c: \ program files \ BillP Studios
2009-05-13 05:15. 2007-06-13 03:56 915456 ---- aw-c: \ windows \ system32 \ Wininet.dll
2009-05-07 15:44. 2009-06-25 01:53 344064 ---- aw-c: \ windows \ system32 \ Localspl.dll
2009-04-22 04:07. 2009-04-22 04:07 253688 ---- aw-c: \ windows \ system32 \ cssdll32.dll
2009-04-17 09:58. 2009-06-25 01:53 1846656 ---- aw-c: \ windows \ system32 \ Win32k.sys
2009-04-15 15:26. 2007-06-13 03:55 583168 ---- aw-c: \ windows \ system32 \ rpcrt4.dll
2007-06-11 03:19. 2007-06-07 04:37 11079 ---- aw-c: \ program files \ Folder.htt
.
((((((((((((((((((((((((((((( SnapShot_2009-07-06_03.59.12 )))))))))))))) )))))))))))))))))))))))))))
.
+ 2009-07-06 04:08. 2009-07-06 04:08 16384 c: \ windows \ temp \ Perflib_Perfdata_468.dat
+ 2009-07-06 04:08. 2009-07-06 04:08 16384 c: \ windows \ temp \ Perflib_Perfdata_430.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))) ))))))))))))))))))))))))))))))))))))))))
.
.
* Note * empty entries & legit default merkinnät eivät näy
REGEDIT4
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ curr entversion \ Explorer \ shelliconoverlayidentifiers \ Sl owFile Icon peittokuva]
@ = "(7D688A77-C613-11D0-999B-00C04FD655E1)"
[HKEY_CLASSES_ROOT \ CLSID \ (7D688A77-C613-11D0-999B-00C04FD655E1)]
2008-07-03 13:03 8460800 ---- aw-c: \ windows \ SYSTEM32 \ shell32.dll
[HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ Run]
"Ctfmon.exe" = "c: \ windows \ system32 \ Ctfmon.exe" [2006-02-28 15360]
AOL Fast Start "=" C: \ Program Files \ America Online 9.0 \ AOL.EXE "[2005-07-12 50776]
"Jet Screenshot" = "c: \ program files \ Jet Screenshot \ jetScreenshot.exe" [2009-05-10 3804160]
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ curr entVersion \ Run]
"Lexmark 5200-sarja" = "C: \ Program Files \ Lexmark 5200 series \ lxbtbmgr.exe" [2004-06-04 57344]
"LXBTCATS" = "C: \ Windows \ System32 \ spool \ DRIVERS \ W32X 86 \ 3 \ LXBTtime.dll" [2004-03-17 65536]
"SunJavaUpdateSched" = "C: \ Program Files \ Java \ jre6 \ bin \ jusched.exe" [2009-05-21 148888]
"HostManager" = "C: \ Program Files \ Common Files \ AOL \ 1246084174 \ ee \ AOLSoftware.exe" [2007-04-12 42032]
"AOLDialer" = "C: \ Program Files \ Common Files \ AOL \ ACS \ AOLDial.exe" [2004-10-20 34904]
"Pure Networks Port Magic" = "c: \ progra ~ 1 \ PURENE ~ 1 \ PORTMA ~ 1 \ PortAOL.exe" [2004-04-05 99480]
"QuickTime Task" = "C: \ Program Files \ QuickTime \ qttask.exe" [2008-02-20 98304]
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Windows]
"AppInit_DLLs" = C: \ WINDOWS \ SYSTEM32 \ cssdll32.dl l
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ contro l \ Session Manager]
BootExecute REG_MULTI_SZ AutoCheck Autochk * \ 0autocheck smrgdf c: \ Documents and Settings \ Windows User \ Application Data \ iolo \
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ curr entversion \ setup \ disabledrunkeys]
"Cmaudio" = rundll32 cmicnfg.cpl, CMICtrlWnd
"NvCplDaemon" = rundll32.exe NvQTwk, NvCplDaemon initialize
"nwiz" = nwiz.exe / install
"RegistrySmart" = "c: \ program files \ RegistrySmart \ RegistrySmart.exe"-boot
"<NO Nimi>" =
"LoadPowerProfile" = rundll32.exe powrprof.dll, LoadCurrentPwrScheme
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Security Center]
"AntiVirusOverride" = dword: 00000001
[HKLM \ ~ \ Services \ sharedaccess \ Parameters \ firewallpo licy \ standardprofile \ AuthorizedApplications \ List]
"c: \ \ WINDOWS \ \ system32 \ \ sessmgr.exe" =
"c: \ \ Program Files \ \ IncrediMail \ \ bin \ \ ImApp.exe" =
"c: \ \ Program Files \ \ IncrediMail \ \ bin \ \ IncMail.exe" =
"c: \ \ Program Files \ \ IncrediMail \ \ bin \ \ ImpCnt.exe" =
"c: \ \ Program Files \ \ Magentic \ \ bin \ \ MgImp.exe" =
"c: \ \ Program Files \ \ Magentic \ \ bin \ \ Magentic.exe" =
"c: \ \ Program Files \ \ Magentic \ \ bin \ \ MgApp.exe" =
"c: \ \ Program Files \ \ Common Files \ \ AOL \ \ Loader \ \ aolload.exe" =
"c: \ \ Program Files \ \ Common Files \ \ AOL \ \ ACS \ \ AOLDial.exe" =
"c: \ \ Program Files \ \ Common Files \ \ AOL \ \ ACS \ \ AOLacsd.exe" =
"c: \ \ Program Files \ \ America Online 9.0 \ \ waol.exe" =
"c: \ \ Program Files \ \ Common Files \ \ AOL \ \ TopSpeed \ \ 2.0 \ \ aoltsmon.exe" =
"c: \ \ Program Files \ \ Common Files \ \ AOL \ \ TopSpeed \ \ 2.0 \ \ aoltpspd.exe" =
"c: \ \ Program Files \ \ Common Files \ \ AOL \ \ System Information \ \ sinf.exe" =
"c: \ \ Program Files \ \ Common Files \ \ AolCoach \ \ en_en \ \ Player \ \ AOLNySEV.exe" =
"c: \ \ Program Files \ \ Malwarebytes' Anti-Malware \ \ mbam.exe" =
"c: \ \ Program Files \ \ BillP Studios \ \ WinPatrol \ \ WinPatrol.exe" =
"c: \ \ WINDOWS \ \ Network Diagnostic \ \ xpnetdiag.exe" =
"% windir% \ \ system32 \ \ sessmgr.exe" =
"c: \ \ Program Files \ \ Common Files \ \ AOL \ \ 1246084174 \ \ EE \ \ AOLServiceHost.exe" =
R1 SASDIFSV; SASDIFSV, c: \ program files \ SUPERAntiSpyware \ sasdifsv.sys [10/10/2006 1:53 PM 5632]
R1 SASKUTIL; SASKUTIL, c: \ program files \ SUPERAntiSpyware \ SASKUTIL.SYS [2/27/2007 12:39 PM 32256]
R3 Winacusb; Winacusb, c: \ windows \ system32 \ DRIVERS \ wina cusb.sys [3/25/2008 6:57 AM 902860]
S2 ioloFileInfoList; iolo FileInfoList Service; c: \ program files \ iolo \ common \ lib \ ioloServiceManager.exe -> c: \ program files \ iolo \ common \ lib \ ioloServiceManager.exe [?]
S2 ioloSystemService; iolo System Service; c: \ program files \ iolo \ common \ lib \ ioloServiceManager.exe -> c: \ program files \ iolo \ common \ lib \ ioloServiceManager.exe [?]
S3 FarStoneFireWallDrive; FarStoneFireWallDrive, c: \ win dows \ SYSTEM32 \ DRIVERS \ FarDrive.sys [4/2/2003 2:36 PM 140256]
S3 ousb2hub; OrangeWare USB 2.0 Hub tuki, c: \ windows \ system32 \ DRIVERS \ ousb2hub.sys [2/27/2008 7:17 AM 53248]
S3 PavSRK.sys; PavSRK.sys; \? \ C: \ windows \ system32 \ PavS RK.sys -> c: \ windows \ system32 \ PavSRK.sys [?]
S3 PavTPK.sys; PavTPK.sys; \? \ C: \ windows \ system32 \ PavT PK.sys -> c: \ windows \ system32 \ PavTPK.sys [?]
S3 SASENUM; SASENUM, c: \ program files \ SUPERAntiSpyware \ SASENUM.SYS [2/16/2006 5:51 PM 4096]
S3 SIVDRIVER; SIV Kernel Driver c: \ windows \ system32 \ DRIVERS \ SIVX32.sys [4/9/2008 9:47 AM 48480]
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Active Setup \ Installed Components \> (60B49E34-C7CC-11D0-8953-00A0C90347FF)]
"c: \ windows \ system32 \ rundll32.exe" "c: \ windows \ system32 \ iedkcs32.dll", BrandIEActiveSe tup Signup
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Active Setup \ Installed Components \ (9EF0045A-CDD9-438e-95E6-02B9AFEC8E11)]
c: \ windows \ SYSTEM32 \ updcrl.exe-e-uc: \ windows \ SYSTEM \ verisignpub1.crl
.
Contents of the 'Scheduled Tasks-kansioon
2009-06-09 C: \ Windows \ Tasks \ Driver Robot.job
- C: \ program files \ Driver Robot \ 1.0.6.0 \ DriverRobot.exe [2009-06-09 13:02]
.
- - - - Orvolla poistettu - - - --
BHO-(201f27d4-3704-41d6-89c1-aa35e39143ed) - (no file)

.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL = hxxp: / / www.google.com/search?q = (searchTerms) & sourceid = ie7 & rls = com.micros OFT: en-US & ie = utf8 & oe = utf8
uStart Page = hxxp: / / www.aol.com/
mWindow Otsikko = Internet Explorer tarjoaa epix
IE: & Lisää animaatiota IncrediMail Style Box - c: \ program files \ IncrediMail \ bin \ resurssit \ WebMenuImg.htm
IE: & AIM Haku
IE: & AOL Toolbar haku - c: \ program files \ AOL Toolbar \ toolbar.dll / SEARCH.HTML
LSP: FarLsp.dll
Trusted Zone: 88sears.com \ www
Trusted Zone: aol.com \ www
Trusted Zone: comodo.com \ www
Trusted Zone: tietokoneella juice.com \ www
Trusted Zone: giveawayoftheday.com \ www
Trusted Zone: newegg.com \ www
Trusted Zone: pchelpforum.com \ www
Trusted Zone: searscard.com \ www
Trusted Zone: statefarm.com \ www
Trusted Zone: winpatrol.com \ www
TCP: (68589BEF-2503-4090-B404-9FB7D2105BB4) = 205.188.146.145
DPF: DirectAnimation Java Classes
DPF: Internet Explorer Classes Java
DPF: Microsoft XML Parser for Java
DPF: Win32 Classes
.
************************************************** ************************
catchme 0.3.1398 W2K/XP/Vista - rootkit / varkain haittaohjelmien detektori on Gmer, http://www.gmer.net
Rootkit scan 2009-07-06 00:08
Windows 5.1.2600 Service Pack 2 FAT NTAPI
skannaus piilotettu prosessien ...
skannaus piilotettu Autostart merkinnät ...
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Run
LXBTCATS = rundll32 C: \ Windows \ System32 \ spool \ DRIVERS \ W32X86 \ 3 \ LXBTtim e.dll, _RunDLLEntry @ 16 ???????????????????????? ????? ?????????????????????????????????????????????????? ?????????????????????????????????????????????????? ??????????????????????????????????????????????????
skannaus piilotetut tiedostot ...
scan loppuun onnistuneesti
piilotetut tiedostot: 0
************************************************** ************************
.
--------------------- LOCKED rekisteriavaimista ---------------------
[HKEY_USERS \ $ $ $ \ Software \ Microsoft \ SystemCertificat es \ Osoitekirja *]
@ Sallittuja: (Lue) (RestrictedCode)
@ Sallittuja: (Lue) (RestrictedCode)
.
--------------------- DLL Loaded Under Running Processes ---------------------
- - - - - - -> "Lsass.exe" (428)
c: \ windows \ system32 \ FarLsp.dll
- - - - - - -> "Explorer.exe" (2420)
c: \ windows \ system32 \ Wininet.dll
C: \ Program Files \ Common Files \ AOL \ ACS \ WLHook.dll
c: \ program files \ AOL Deskbar \ deskbar.dll
C: \ Program Files \ Common Files \ AOL \ AOL Toolbar \ AOLHelper.dll
c: \ windows \ system32 \ ieframe.dll
c: \ windows \ system32 \ Webcheck.dll
.
------------------------ Other Running Processes ----------------------- --
.
C: \ Program Files \ Common Files \ AOL \ ACS \ AOLACSD.EXE
c: \ program files \ JAVA \ JRE6 \ bin \ JQS.EXE
c: \ windows \ SYSTEM32 \ SNMP.EXE
c: \ program files \ LEXMARK 5200 SERIES \ LXBTBMON.EXE
c: \ program files \ America Online 9.0 \ WAOL.EXE
c: \ program files \ America Online 9.0 \ SHELLMON.EXE
.
************************************************** ************************
.
Täydennys-aika: 2009-07-06 0:10 - kone käynnistettiin uudelleen
ComboFix-karanteenissa-files.txt 2009-07-06 04:10
ComboFix2.txt 2009-07-06 04:01
ComboFix3.txt 2009-06-06 14:20
ComboFix4.txt 2009-06-04 04:03
Pre-Run: 97549156352 tavua vapaata
Post-Run: 97532772352 tavua vapaata
320 --- EOF --- 2009-07-05 21:28

**evilfantasy** · #10 6 heinäkuu 2009, 09:43

Scan Suspicious File (s)

Siirry VirusTotal.com
(Jos useampi kuin yksi tiedosto tarvitsee skannata ne on tehtävä erikseen ja lokit lähetetty kunkin yksi)

1. Kopioi tiedosto polku jäljempänä koodi ruutuun:

Code:

c: \ Documents and Settings \ Windows User \ Application Data \ Microsoft \ Installer \ (334A33C2-B9A5-4322-AB83-EBF42BFCC470) \ _2ce7ed6.exe

2. Kun lataa osoittamalla kerran sisällä ikkunan vieressä Selaa.
3. Paina Ctrl + V -näppäintä (molemmat samanaikaisesti) liittää tiedoston polku ikkuna.
4. Seuraava napsauta Lähetä tiedosto
Tiedostosi mahdollisesti tulleet jonoon joka kestää yleensä alle minuutissa selvä.
Tämä tulee tehdä tarkistuksen useiden eri virustarkistusta moottoreita.
Tärkeää: Odota kaikki hakunopeutta moottoreiden valmis.
5. Kopioi ja liitä linkki tulokset seuraavan vastauksen

Samanlaisia Threads
Kierre	Thread Starter	Forum	Vastaukset	Last Post
Siirtyminen Microsoft Office 2007 Outlook PC 2 Microsoft Office X Entoutage Mac	jjuli	Office Suites & Applications	0	11th Jun 2009 15:52
Virus Kysymys - Voiko joku kertoa minulle, jos minulla on virus	billozz	Virusten, vakoiluohjelmien & Security	1	2. Apr 2009 13:58
$ 250.000 (£ 172.000) on tarjottu Microsoft Etsi Kuka on takana Downadup / Conficker Virus	Hybr! D	Virusten, vakoiluohjelmien & Security	1	17th Feb 2009 11:03
Ystäväni MAC on virus ... Umm ... joo ... A-virus ...	cheesepuff	Virusten, vakoiluohjelmien & Security	3	29th Oct 2008 12:58
Microsoft luopuu on Vista	philthomas	Windows-käyttöjärjestelmät	2	8. Apr 2008 16:09

Thread Tools
Näytä Tulostettava versio Lähetä tämä sivu