poistuiko virus?

AfterDawn.com

AfterDawn.com Mainosta sivuillamme


		Käyttäjä	Salasana

		Puuttuuko tunnus? Liity jäseneksi nyt!. Salasana hukassa? Klikkaa tästä.

Yksityisviestit

Luo uusi yksityisviesti

Kaikki uudet viestit

Ilman vastauksia olevat viestiketjut

perjantai 14.11.2025 / 19:27

Hae keskustelualueilta:

In English

Suomeksi

På svenska

afterdawn.com > keskustelu > yleistä keskustelua tietokoneista > virukset ja haittaohjelmat - hijackthis -logit > poistuiko virus?

Aiheet

Keskustelualueet

Keskustelualueet

Aloita uusi viestiketju

poistuiko virus?

Siirry:

Kirjoittaja

Viesti

Sivu:	1	2	>

Teemza

Junior Member

1. heinäkuuta 2008 @ 20:34

Linkki tähän viestiin

AVG poisti Brontok.KO nimisen viruksen ja nyt haluaisin tietää lähtikö se kokonaan joten loki:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:29:43, on 1.7.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\MSI\DualCoreCenter\DualCoreCenter.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Paikallinen palve')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Verkkopalve')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: DualCoreCenter.lnk = C:\Program Files\MSI\DualCoreCenter\StartUpDualCoreCenter.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone -pikakäynnistys.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsu...b?1211105897464
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsof...b?1211119754218
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Mes...nt.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/sh...ash/swflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 6890 bytes

samalla kun avg poisti viruksen niin myös msconfig poistui koneelta

AfterDawn Addict

1. heinäkuuta 2008 @ 20:52

Linkki tähän viestiin

Pöpö on AVG:n karanteenissa lähetä sen tiedot tänne.

Sammuta selain ja muut ohjelmat Fixin ajaksi. (ei virustorjuntaa)
Käynnistä HijackThis:ja Scan ja ruksaa seuraavat punaisella listatut tiedostot sekä poista ne.(fix Chekked)

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

-------------------------------------------------------------------

Lataa Malwarebytes' Anti-Malware työpöydällesi.

* Tuplaklikkaa mbam-setup.exe ja seuraa ohjeita asentaaksesi ohjelman.
* Lopuksi varmistu, että seuraavat on valittu: Update Malwarebytes' Anti-Malware ja Launch Malwarebytes' Anti-Malware ja sen jälkeen klikkaa Finish.
* Jos päivitys löytyy. ohjelma lataa ja asentaa uusimman version.
* Kun ohjelma on latautunut, valitse Perform full scan ja klikkaa Scan.
* Kun skanni on valmis, klikkaa OK ja sitten Show Results nähdäksesi tulokset.
* Varmistu, että kaikki on merkitty ja klikkaa Remove Selected.
* Tämän jälkeen loki avautuu muistioon. Tallenna se paikkaan, josta löydät sen helposti. Loki löytyy myös
täältä: C:\Documents and Settings\Käyttäjänimi\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-päiväys.txt

* Lähetä lokin sisältö seuraavassa viestissäsi + uusi hjt-loki.
.

(:)

Teemza

Junior Member

1. heinäkuuta 2008 @ 21:44

Linkki tähän viestiin

hmmm AVG löysin viruksen samalla kun malwarebytes teki skannaustaan.

en tiä miten tota AVG virus vaultista saa tehtyä loki nii laitan kuvan tähän

malwarebytes loki:

Malwarebytes' Anti-Malware 1.19
Tietokantaversio: 912
Windows 5.1.2600 Service Pack 3

21:35:35 1.7.2008
mbam-log-7-1-2008 (21-35-35).txt

Tarkistustyyppi: Täysi tarkistus (C:\|)
Tarkistetut kohteet: 78328
Kulunut aika: 23 minute(s), 11 second(s)

Saastuneita muistiprosesseja: 0
Saastuneita muistimoduuleja: 0
Saastuneita rekisteriavaimia: 0
Saastuneita rekisteriarvoja: 0
Saastuneita rekisterikohteita: 0
Saastuneita hakemistoja: 0
Saastuneita tiedostoja: 1

Saastuneita muistiprosesseja:
(Haitallisia kohteita ei löydetty)

Saastuneita muistimoduuleja:
(Haitallisia kohteita ei löydetty)

Saastuneita rekisteriavaimia:
(Haitallisia kohteita ei löydetty)

Saastuneita rekisteriarvoja:
(Haitallisia kohteita ei löydetty)

Saastuneita rekisterikohteita:
(Haitallisia kohteita ei löydetty)

Saastuneita hakemistoja:
(Haitallisia kohteita ei löydetty)

Saastuneita tiedostoja:
C:\QooBox\Quarantine\C\WINDOWS\winudspm.exe.vir (Backdoor.Bot) -> Quarantined and deleted successfully.

uusi HJT:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:43:23, on 1.7.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\MSI\DualCoreCenter\DualCoreCenter.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Paikallinen palve')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Verkkopalve')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: DualCoreCenter.lnk = C:\Program Files\MSI\DualCoreCenter\StartUpDualCoreCenter.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone -pikakäynnistys.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsu...b?1211105897464
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsof...b?1211119754218
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Mes...nt.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/sh...ash/swflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 6265 bytes

AfterDawn Addict

2. heinäkuuta 2008 @ 16:02

Linkki tähän viestiin

Tuo kuva oli hyvä keksintö !!!
Ei poistunut se mitä tarkoitit.

1. Lataa combofix.exe työpöydällesi jommastakummasta linkistä:
combofix.exe
combofix.exe

Avaa Muistio ja kopioi/liitä Lainaus: laatikon sisältö sinne:

Lainaus:
File::
C:\WINDOWS\pchealt\helpctr\binaries\msconfig.exe
C:\WINDOWS\ServicePackFiles\i386\msconfig.exe

Tallenna nimellä CFScript (itse asiassa combofix tunnistaa tuon vaikka tiedostopääte ei olisi
edes .txt).

Sitten raahaa ja pudota CFScript ComboFix.exeen kuten alla.(Älä klikkaa)

Huom! Älä klikkaile combofixin ikkunaa käytön aikana. Tämä saattaa aiheuttaa ohjelman jumiutumisen.
Käynnistä kone uudelleen, jos niin pyydetään ja lähetä combofix.txt-tiedoston sisältö tänne.

-------------------------------------------------

Hei !!! Optio 1
Lataa FindAWF by noahdfear ja tallenna se työpöydällesi.

Kaksoisklikkaa tiedostoa FindAWF.exe. Ohjelma käynnistyy, paina 1 ja enter aloittaaksesi etsinnän.
Kun etsintä on valmis, loki avautuu muistiossa.
Tallenna tämä loki työpöydällesi ja kopioi ja liitä sen sisältö viestiketjuusi.
:) :arrow:

*****************************************************

Buuttaa kone jos Combo ei sitä tehnyt:

Täällä on terve exe:
C:\WINDOWS\system32\dllcache\msconfig.exe

Kopioi Tänne hakemistoon:
C:\WINDOWS\pchealt\helpctr\binaries\

Lähetä => (C:\ComboFix.txt) ja FindAWF logi
.

(:)

Teemza

Junior Member

2. heinäkuuta 2008 @ 19:41

Linkki tähän viestiin

ComboFix 08-07-01.3 - Tekken 2008-07-02 19:04:36.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1035.18.611 [GMT 3:00]
Running from: C:\Documents and Settings\Tekken\Työpöytä\ComboFix.exe
Command switches used :: C:\Documents and Settings\Tekken\Työpöytä\CFScript.txt
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

FILE ::
C:\WINDOWS\pchealt\helpctr\binaries\msconfig.exe
C:\WINDOWS\ServicePackFiles\i386\msconfig.exe
.

(((((((((((((((((((((((((((((((((((((( Muut poistot ))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Tekken\Application Data\inst.exe

.
((((( Tiedostot, jotka on luotu seuraavalla aikavälillä: 2008-06-02 to 2008-07-02 )))))))))))))))))
.

2008-07-01 21:10 . 2008-07-01 21:10 <KANSIO> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-07-01 21:10 . 2008-06-28 14:16 34,296 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-07-01 21:10 . 2008-06-28 14:16 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-07-01 20:01 . 2008-07-01 20:01 268 --ah----- C:\sqmdata11.sqm
2008-07-01 20:01 . 2008-07-01 20:01 244 --ah----- C:\sqmnoopt11.sqm
2008-07-01 13:29 . 2008-07-01 13:29 94,208 --a------ C:\WINDOWS\DIIUnin.exe
2008-07-01 13:29 . 2008-07-01 15:21 35,879 --a------ C:\WINDOWS\DIIUnin.dat
2008-07-01 13:29 . 2008-07-01 13:29 2,829 --a------ C:\WINDOWS\DIIUnin.pif
2008-07-01 13:13 . 2008-07-02 16:03 <KANSIO> d-------- C:\Program Files\Diablo II
2008-07-01 11:10 . 2008-07-01 11:10 <KANSIO> d-------- C:\Program Files\Lavalys
2008-06-30 14:11 . 2008-06-30 14:11 268 --ah----- C:\sqmdata10.sqm
2008-06-30 14:11 . 2008-06-30 14:11 244 --ah----- C:\sqmnoopt10.sqm
2008-06-30 11:45 . 2008-06-30 11:45 268 --ah----- C:\sqmdata09.sqm
2008-06-30 11:45 . 2008-06-30 11:45 244 --ah----- C:\sqmnoopt09.sqm
2008-06-30 11:23 . 2008-06-30 11:23 <KANSIO> d-------- C:\Documents and Settings\Sari\Application Data\Logitech
2008-06-29 19:42 . 2008-06-29 19:42 <KANSIO> d-------- C:\Program Files\Hamachi
2008-06-29 19:42 . 2008-07-01 17:08 <KANSIO> d-------- C:\Documents and Settings\Tekken\Application Data\Hamachi
2008-06-29 19:42 . 2008-06-29 19:42 25,280 --a------ C:\WINDOWS\system32\drivers\hamachi.sys
2008-06-29 13:02 . 2008-06-29 13:02 <KANSIO> d-------- C:\Program Files\Common Files\LogiShared
2008-06-29 13:02 . 2008-06-29 13:02 <KANSIO> d-------- C:\Documents and Settings\Tekken\Application Data\Logitech
2008-06-29 13:02 . 2008-06-29 13:02 <KANSIO> d-------- C:\Documents and Settings\Tekken\Application Data\Leadertech
2008-06-29 13:01 . 2008-06-29 13:01 0 --ah----- C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2008-06-29 13:01 . 2008-06-29 13:01 0 --ah----- C:\WINDOWS\system32\drivers\Msft_Kernel_LUsbFilt_01005.Wdf
2008-06-29 13:01 . 2008-06-29 13:01 0 --ah----- C:\WINDOWS\system32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
2008-06-29 12:59 . 2008-06-29 12:59 <KANSIO> d-------- C:\Program Files\Logitech
2008-06-29 12:59 . 2008-06-29 13:00 <KANSIO> d-------- C:\Program Files\Common Files\Logitech
2008-06-29 12:59 . 2008-06-29 12:59 <KANSIO> d-------- C:\Documents and Settings\Tekken\Application Data\InstallShield
2008-06-29 12:59 . 2008-06-29 12:59 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\Logitech
2008-06-29 12:59 . 2008-06-29 12:59 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\LogiShrd
2008-06-29 12:55 . 2008-06-29 12:55 268 --ah----- C:\sqmdata08.sqm
2008-06-29 12:55 . 2008-06-29 12:55 244 --ah----- C:\sqmnoopt08.sqm
2008-06-28 21:22 . 2008-07-01 15:15 21,840 --a----t- C:\WINDOWS\system32\SIntfNT.dll
2008-06-28 21:22 . 2008-07-01 15:15 17,212 --a----t- C:\WINDOWS\system32\SIntf32.dll
2008-06-28 21:22 . 2008-07-01 15:15 12,067 --a----t- C:\WINDOWS\system32\SIntf16.dll
2008-06-28 19:01 . 2008-06-28 19:01 268 --ah----- C:\sqmdata07.sqm
2008-06-28 19:01 . 2008-06-28 19:01 244 --ah----- C:\sqmnoopt07.sqm
2008-06-28 13:05 . 2008-06-29 00:11 <KANSIO> d-------- C:\Program Files\Octoshape Streaming Services
2008-06-28 12:34 . 2008-06-28 12:34 <KANSIO> d-------- C:\Documents and Settings\Tekken\Application Data\Template
2008-06-25 18:57 . 2008-06-26 16:09 <KANSIO> d-------- C:\Program Files\World of Warcraft Trial
2008-06-25 18:57 . 2008-06-25 18:57 <KANSIO> d-------- C:\Program Files\Common Files\Blizzard Entertainment
2008-06-25 14:33 . 2008-06-25 21:20 <KANSIO> d-------- C:\Documents and Settings\Tekken\Application Data\gtk-2.0
2008-06-25 14:33 . 2008-06-25 14:33 <KANSIO> d-------- C:\Documents and Settings\Tekken\.thumbnails
2008-06-25 14:31 . 2008-06-26 12:09 <KANSIO> d-------- C:\Documents and Settings\Tekken\.gimp-2.4
2008-06-25 14:30 . 2008-06-25 14:30 <KANSIO> d-------- C:\Program Files\GIMP-2.0
2008-06-25 11:06 . 2008-06-25 11:06 <KANSIO> d-------- C:\Program Files\MSXML 4.0
2008-06-24 13:22 . 2008-06-24 13:22 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\nView_Profiles
2008-06-23 21:18 . 2008-06-23 21:18 <KANSIO> d-------- C:\WINDOWS\.jagex_cache_32
2008-06-21 20:19 . 2008-06-21 20:19 268 --ah----- C:\sqmdata06.sqm
2008-06-21 20:19 . 2008-06-21 20:19 244 --ah----- C:\sqmnoopt06.sqm
2008-06-21 15:14 . 2008-06-21 15:14 268 --ah----- C:\sqmdata05.sqm
2008-06-21 15:14 . 2008-06-21 15:14 244 --ah----- C:\sqmnoopt05.sqm
2008-06-19 20:04 . 2008-06-19 20:09 <KANSIO> d-------- C:\Documents and Settings\Tekken\Application Data\SPORE Creature Creator
2008-06-19 20:03 . 2008-06-25 22:43 <KANSIO> d-------- C:\Program Files\Electronic Arts
2008-06-17 19:38 . 2008-06-17 19:38 268 --ah----- C:\sqmdata04.sqm
2008-06-17 19:38 . 2008-06-17 19:38 244 --ah----- C:\sqmnoopt04.sqm
2008-06-15 19:37 . 2008-06-15 19:37 268 --ah----- C:\sqmdata03.sqm
2008-06-15 19:37 . 2008-06-15 19:37 244 --ah----- C:\sqmnoopt03.sqm
2008-06-14 18:16 . 2008-06-14 18:16 268 --ah----- C:\sqmdata02.sqm
2008-06-14 18:16 . 2008-06-14 18:16 244 --ah----- C:\sqmnoopt02.sqm
2008-06-12 20:06 . 2008-06-12 20:06 268 --ah----- C:\sqmdata01.sqm
2008-06-12 20:06 . 2008-06-12 20:06 244 --ah----- C:\sqmnoopt01.sqm
2008-06-11 12:20 . 2008-06-11 12:20 <KANSIO> d-------- C:\Program Files\URUSoft
2008-06-11 12:14 . 2008-06-11 12:14 <KANSIO> d-------- C:\Program Files\VSO
2008-06-11 12:14 . 2008-06-11 13:51 <KANSIO> d-------- C:\Documents and Settings\Tekken\Application Data\Vso
2008-06-11 12:14 . 2004-05-04 12:53 1,645,320 --a------ C:\WINDOWS\gdiplus.dll
2008-06-11 12:14 . 2006-05-20 17:16 1,184,984 --a------ C:\WINDOWS\system32\wvc1dmod.dll
2008-06-11 12:14 . 2006-05-11 20:21 626,688 --a------ C:\WINDOWS\system32\vp7vfw.dll
2008-06-11 12:14 . 2006-09-29 13:24 217,127 --a------ C:\WINDOWS\system32\drv43260.dll
2008-06-11 12:14 . 2006-09-29 13:25 208,935 --a------ C:\WINDOWS\system32\drv33260.dll
2008-06-11 12:14 . 2006-09-29 13:26 176,165 --a------ C:\WINDOWS\system32\drv23260.dll
2008-06-11 12:14 . 2007-03-18 21:37 65,602 --a------ C:\WINDOWS\system32\cook3260.dll
2008-06-11 12:14 . 2008-06-11 12:14 47,360 --a------ C:\WINDOWS\system32\drivers\pcouffin.sys
2008-06-11 12:14 . 2008-06-11 12:14 47,360 --a------ C:\Documents and Settings\Tekken\Application Data\pcouffin.sys
2008-06-11 11:45 . 2008-06-14 20:34 272,128 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys
2008-06-11 11:45 . 2008-05-08 17:02 203,136 -----c--- C:\WINDOWS\system32\dllcache\rmcast.sys
2008-06-09 21:29 . 2008-06-09 21:29 268 --ah----- C:\sqmdata00.sqm
2008-06-09 21:29 . 2008-06-09 21:29 244 --ah----- C:\sqmnoopt00.sqm
2008-06-08 22:35 . 2008-06-08 22:35 <KANSIO> d-------- C:\Program Files\Webteh
2008-06-08 21:01 . 2008-06-10 15:16 <KANSIO> d-------- C:\elokuvat
2008-06-08 18:56 . 2008-06-29 13:32 <KANSIO> d-------- C:\Documents and Settings\Tekken\Application Data\uTorrent
2008-06-08 16:17 . 2008-06-08 16:17 <KANSIO> d-------- C:\Documents and Settings\Sari\Application Data\Template
2008-06-08 16:16 . 2008-06-08 16:16 <KANSIO> d-------- C:\Program Files\Microsoft Works
2008-06-08 16:08 . 2008-06-08 16:08 <KANSIO> d-------- C:\Documents and Settings\Sari\Contacts
2008-06-08 15:41 . 2008-06-08 15:41 <KANSIO> d-------- C:\Program Files\uTorrent
2008-06-08 15:41 . 2008-06-08 16:05 <KANSIO> d-------- C:\Documents and Settings\Sari\Application Data\uTorrent
2008-06-07 22:49 . 2008-06-07 22:57 <KANSIO> d-------- C:\Documents and Settings\Tekken\.onnet
2008-06-04 19:30 . 2008-06-19 20:04 107,888 --a------ C:\WINDOWS\system32\CmdLineExt.dll
2008-06-04 19:24 . 2008-06-04 19:24 <KANSIO> d-------- C:\Program Files\Sierra
2008-06-03 15:24 . 2008-04-23 07:16 6,066,176 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll
2008-06-03 15:24 . 2007-04-17 12:32 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat
2008-06-03 15:24 . 2007-03-08 08:10 1,011,712 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
2008-06-03 15:24 . 2008-04-23 07:16 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll
2008-06-03 15:24 . 2008-04-23 07:16 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2008-06-03 15:24 . 2008-04-23 07:16 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll
2008-06-03 15:24 . 2008-04-23 07:16 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll
2008-06-03 15:24 . 2008-04-23 07:16 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2008-06-03 15:24 . 2008-04-22 10:39 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-06-02 16:54 . 2008-06-02 16:54 <KANSIO> d-------- C:\Documents and Settings\Sari\AbiSuite
2008-06-02 15:37 . 2008-06-02 15:37 <KANSIO> d-------- C:\Program Files\Lavasoft
2008-06-02 15:37 . 2008-06-02 15:37 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-06-02 13:06 . 2008-06-02 13:06 <KANSIO> d-------- C:\Documents and Settings\Tekken\AbiSuite
2008-06-02 13:05 . 2008-06-08 22:37 <KANSIO> d-------- C:\Program Files\AbiSuite2

.
(((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-02 16:07 14,669,856 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat
2008-07-02 13:25 172,316 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx
2008-06-29 16:31 3,058,688 ----a-w C:\WINDOWS\Internet Logs\xDB2.tmp
2008-06-29 16:31 1,790,464 ----a-w C:\WINDOWS\Internet Logs\xDB3.tmp
2008-06-29 09:59 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-06-25 18:01 1,694,126 ----a-w C:\WINDOWS\Internet Logs\tvDebug.zip
2008-06-16 16:43 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-06-16 16:41 --------- d-----w C:\Program Files\SpywareBlaster
2008-06-14 17:34 272,128 ------w C:\WINDOWS\system32\drivers\bthport.sys
2008-06-13 19:31 1,683,456 ----a-w C:\WINDOWS\Internet Logs\xDB1.tmp
2008-06-11 10:51 --------- d-----w C:\Documents and Settings\Tekken\Application Data\Vso
2008-06-11 09:14 --------- d-----w C:\Program Files\VSO
2008-06-06 13:13 --------- d-----w C:\Program Files\Guild Wars
2008-06-02 12:36 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-06-02 10:12 --------- d-----w C:\Program Files\OpenOffice.org 2.4
2008-06-02 09:58 --------- d-----w C:\Documents and Settings\Tekken\Application Data\OpenOffice.org2
2008-06-01 18:04 --------- d-----w C:\Documents and Settings\Sari\Application Data\OpenOffice.org2
2008-06-01 11:40 --------- d-----w C:\Program Files\SystemRequirementsLab
2008-06-01 11:40 --------- d-----w C:\Documents and Settings\Tekken\Application Data\SystemRequirementsLab
2008-06-01 08:20 --------- d-----w C:\Documents and Settings\Tekken\Application Data\CDBurnerXP_Soft
2008-06-01 08:17 --------- d-----w C:\Program Files\CDBurnerXP
2008-05-30 14:23 --------- d-----w C:\Documents and Settings\Tekken\Application Data\Ventrilo
2008-05-29 11:00 --------- d-----w C:\Documents and Settings\Tekken\Application Data\teamspeak2
2008-05-29 08:34 --------- d-----w C:\Program Files\Windows Live
2008-05-29 08:30 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-05-29 08:19 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-05-29 08:19 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-05-28 17:49 --------- d-----w C:\Documents and Settings\Tekken\Application Data\Malwarebytes
2008-05-28 17:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-05-28 10:14 --------- d-----w C:\Program Files\Trend Micro
2008-05-23 18:08 --------- d-----w C:\Program Files\VentriloMIX
2008-05-23 12:46 315,392 ----a-w C:\WINDOWS\HideWin.exe
2008-05-23 12:46 --------- d-----w C:\Program Files\Realtek
2008-05-22 15:10 --------- d-----w C:\Program Files\Java
2008-05-22 15:02 --------- d-----w C:\Program Files\Common Files\Java
2008-05-19 18:49 --------- d-----w C:\Program Files\Common Files\Adobe
2008-05-18 15:41 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
2008-05-18 15:34 --------- d-----w C:\Program Files\Windows Media Connect 2
2008-05-18 15:21 --------- d-----w C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-05-18 14:25 --------- d-----w C:\Program Files\Ventrilo
2008-05-18 13:57 --------- d-----w C:\Program Files\MSI
2008-05-18 12:35 --------- d-----w C:\Program Files\HP
2008-05-18 12:33 --------- d-----w C:\Program Files\Common Files\HP
2008-05-18 12:32 --------- d-----w C:\Program Files\Hewlett-Packard
2008-05-18 12:32 --------- d-----w C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
2008-05-18 12:30 --------- d-----w C:\Program Files\Common Files\Hewlett-Packard
2008-05-18 11:31 --------- d-----w C:\Documents and Settings\All Users\Application Data\MailFrontier
2008-05-18 11:30 --------- d-----w C:\Program Files\Zone Labs
2008-05-18 11:16 96,520 ----a-w C:\WINDOWS\system32\drivers\avgldx86.sys
2008-05-18 11:16 75,272 ----a-w C:\WINDOWS\system32\drivers\avgtdix.sys
2008-05-18 11:16 10,520 ----a-w C:\WINDOWS\system32\avgrsstx.dll
2008-05-18 11:16 --------- d-----w C:\Program Files\AVG
2008-05-18 11:16 --------- d-----w C:\Documents and Settings\All Users\Application Data\avg8
2008-05-18 11:02 --------- d-----w C:\Program Files\VIA
2008-05-18 11:02 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-05-18 10:07 --------- d-----w C:\Program Files\microsoft frontpage
2008-05-16 08:58 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe
2008-05-14 14:03 4,742,144 ----a-w C:\WINDOWS\system32\drivers\RtkHDAud.sys
2008-05-13 15:50 16,862,720 ----a-w C:\WINDOWS\RTHDCPL.exe
2008-05-08 14:02 203,136 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2008-05-07 05:12 1,288,704 ----a-w C:\WINDOWS\system32\quartz.dll
2008-04-23 04:16 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-04-14 16:27 1,804 ----a-w C:\WINDOWS\system32\dcache.bin
2008-04-14 16:15 331,264 ----a-w C:\WINDOWS\system32\netsetup.exe
2008-04-14 16:11 997,888 ----a-w C:\WINDOWS\system32\msgina.dll
2008-04-14 16:10 9,344 ----a-w C:\WINDOWS\system32\framebuf.dll
2008-04-14 16:09 3,072 ----a-w C:\WINDOWS\system32\dpnlobby.dll
2008-04-14 16:09 3,072 ----a-w C:\WINDOWS\system32\dpnaddr.dll
2008-04-14 16:09 285,696 ----a-w C:\WINDOWS\system32\atmfd.dll
2008-04-14 16:09 16,896 ----a-w C:\WINDOWS\system32\cfgmgr32.dll
2008-04-14 15:49 2,147,840 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
2008-04-14 15:49 2,026,496 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe
2008-04-14 15:48 4,096 ----a-w C:\WINDOWS\system32\dsprpres.dll
2008-04-14 15:46 79,872 ------w C:\WINDOWS\system32\msxml6r.dll
2008-04-14 15:45 80,384 ------w C:\WINDOWS\system32\msshavmsg.dll
2008-04-14 15:44 48,640 ----a-w C:\WINDOWS\system32\inetres.dll
2008-04-14 15:43 556,032 ----a-w C:\WINDOWS\system32\shdoclc.dll
2008-04-14 15:41 9,728 ----a-w C:\WINDOWS\system32\gpkrsrc.dll
2008-04-14 15:41 1,845,888 ----a-w C:\WINDOWS\system32\win32k.sys
2008-04-14 15:40 65,536 ----a-w C:\WINDOWS\system32\browselc.dll
2008-04-14 15:38 103,424 ----a-w C:\WINDOWS\system32\dpcdll.dll
2008-04-14 06:12 11,264 ----a-w C:\WINDOWS\system32\spnpinst.exe
2008-04-14 06:11 992,256 ----a-w C:\WINDOWS\system32\setupapi.dll
2008-04-14 06:11 423,936 ----a-w C:\WINDOWS\system32\licdll.dll
2008-04-13 18:44 17,664 ----a-w C:\WINDOWS\system32\watchdog.sys
2008-04-13 18:40 440,832 ----a-w C:\WINDOWS\system32\xpob2res.dll
2008-04-13 18:36 2,921,984 ----a-w C:\WINDOWS\system32\xpsp2res.dll
2008-04-13 18:35 24,064 ----a-w C:\WINDOWS\system32\pidgen.dll
2008-04-13 18:35 186,368 ----a-w C:\WINDOWS\system32\xpsp1res.dll
2008-04-13 18:31 7,424 ----a-w C:\WINDOWS\system32\kd1394.dll
2008-04-13 18:30 61,440 ----a-w C:\WINDOWS\system32\msvcrt40.dll
2008-04-13 17:37 208,384 ----a-w C:\WINDOWS\system32\rsaenh.dll
2008-04-13 17:37 138,752 ----a-w C:\WINDOWS\system32\dssenh.dll
2008-04-13 17:26 12,288 ----a-w C:\WINDOWS\system32\odbcp32r.dll
2008-04-13 17:26 12,288 ----a-w C:\WINDOWS\system32\mscpx32r.dll
2008-04-13 17:21 733,696 ----a-w C:\WINDOWS\system32\qedwipes.dll
2008-04-13 16:48 1,647,616 ----a-w C:\WINDOWS\system32\winbrand.dll
2008-04-13 16:45 216,064 ----a-w C:\WINDOWS\system32\moricons.dll
2008-04-13 16:23 48,128 ----a-w C:\WINDOWS\system32\msprivs.dll
2008-04-13 15:39 884,736 ----a-w C:\WINDOWS\system32\msimsg.dll
.

((((((((((((((((((((((((((((( snapshot@2008-05-28_18.29.02,60 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-03-27 10:46:15 60,416 ----a-w C:\WINDOWS\$hf_mig$\KB942763\SP3QFE\tzchange.exe
+ 2007-11-30 11:19:02 17,272 ----a-w C:\WINDOWS\$hf_mig$\KB942763\spmsg.dll
+ 2007-11-30 11:19:02 232,824 ----a-w C:\WINDOWS\$hf_mig$\KB942763\spuninst.exe
+ 2007-11-30 11:19:02 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB942763\update\spcustom.dll
+ 2007-11-30 11:19:03 757,112 ----a-w C:\WINDOWS\$hf_mig$\KB942763\update\update.exe
+ 2007-11-30 11:19:03 392,056 ----a-w C:\WINDOWS\$hf_mig$\KB942763\update\updspapi.dll
+ 2007-11-30 11:19:02 232,824 -c----w C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe
+ 2007-11-30 11:19:03 392,056 -c----w C:\WINDOWS\$NtUninstallKB942763$\spuninst\updspapi.dll
+ 2008-04-14 16:12:31 60,416 -c----w C:\WINDOWS\$NtUninstallKB942763$\tzchange.exe
+ 2008-06-04 16:30:13 53,248 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2008-06-04 16:30:13 12,800 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
+ 2008-06-04 16:30:14 473,600 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2008-06-04 16:30:14 577,024 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-06-04 16:30:14 145,920 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
+ 2008-06-04 16:30:15 159,232 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
+ 2008-06-04 16:30:16 364,544 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
+ 2008-06-04 16:30:16 178,176 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
+ 2008-06-04 16:30:11 223,232 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
- 2008-05-28 12:37:16 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-07-02 15:54:42 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-03-24 16:33:02 1,527,056 ----a-w C:\WINDOWS\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe
+ 2007-02-22 20:41:12 304,544 ----a-w C:\WINDOWS\Downloaded Program Files\MessengerStatsPAClient.dll
+ 2007-02-28 11:21:04 131,472 ----a-w C:\WINDOWS\Downloaded Program Files\msgrchkr.dll
+ 2008-06-14 17:34:47 272,128 ------w C:\WINDOWS\Driver Cache\i386\bthport.sys
+ 2008-04-14 16:11:30 61,440 -c----w C:\WINDOWS\ie7\admparse.dll
+ 2008-04-14 16:11:31 100,864 -c----w C:\WINDOWS\ie7\advpack.dll
+ 2008-04-14 16:11:32 33,792 -c----w C:\WINDOWS\ie7\custsat.dll
+ 2008-04-14 16:11:34 357,888 -c----w C:\WINDOWS\ie7\dxtmsft.dll
+ 2008-04-14 16:11:34 205,312 -c----w C:\WINDOWS\ie7\dxtrans.dll
+ 2008-04-14 16:11:34 55,808 -c----w C:\WINDOWS\ie7\extmgr.dll
+ 2008-04-14 16:11:35 38,912 -c----w C:\WINDOWS\ie7\hmmapi.dll
+ 2008-04-14 16:12:14 34,304 -c----w C:\WINDOWS\ie7\ie4uinit.exe
+ 2008-04-14 16:11:36 143,360 -c----w C:\WINDOWS\ie7\ieakeng.dll
+ 2008-04-14 16:11:36 218,112 -c----w C:\WINDOWS\ie7\ieaksie.dll
+ 2004-09-15 12:00:00 225,280 -c----w C:\WINDOWS\ie7\ieakui.dll
+ 2008-04-14 16:11:36 323,584 -c----w C:\WINDOWS\ie7\iedkcs32.dll
+ 2008-04-14 16:12:15 18,432 -c----w C:\WINDOWS\ie7\iedw.exe
+ 2008-04-14 16:11:36 251,392 -c----w C:\WINDOWS\ie7\iepeers.dll
+ 2008-04-14 16:11:36 48,640 -c----w C:\WINDOWS\ie7\iernonce.dll
+ 2008-04-14 16:11:36 62,976 -c----w C:\WINDOWS\ie7\iesetup.dll
+ 2008-04-14 16:12:15 93,184 -c----w C:\WINDOWS\ie7\iexplore.exe
+ 2008-04-14 16:11:36 35,840 -c----w C:\WINDOWS\ie7\imgutil.dll
+ 2008-04-14 16:11:36 96,256 -c----w C:\WINDOWS\ie7\inseng.dll
+ 2008-04-14 16:11:37 15,872 -c----w C:\WINDOWS\ie7\jsproxy.dll
+ 2008-04-14 16:11:38 22,016 -c----w C:\WINDOWS\ie7\licmgr10.dll
+ 2008-04-14 16:12:19 29,184 -c----w C:\WINDOWS\ie7\mshta.exe
+ 2008-04-14 16:11:39 3,066,880 -c----w C:\WINDOWS\ie7\mshtml.dll
+ 2008-04-14 16:11:39 449,024 -c----w C:\WINDOWS\ie7\mshtmled.dll
+ 2008-04-14 15:39:01 57,344 -c----w C:\WINDOWS\ie7\mshtmler.dll
+ 2004-09-15 12:00:00 146,432 -c----w C:\WINDOWS\ie7\msls31.dll
+ 2008-04-14 16:11:42 146,432 -c----w C:\WINDOWS\ie7\msrating.dll
+ 2008-04-14 16:11:42 532,480 -c----w C:\WINDOWS\ie7\mstime.dll
+ 2008-04-14 16:11:45 96,768 -c----w C:\WINDOWS\ie7\occache.dll
+ 2008-04-14 16:11:45 39,424 -c----w C:\WINDOWS\ie7\pngfilt.dll
+ 2007-10-04 06:51:52 33,472 -c----w C:\WINDOWS\ie7\spuninst\iecustom.dll
+ 2007-10-04 06:49:32 66,048 -c--a-w C:\WINDOWS\ie7\spuninst\ieResetIcons.exe
+ 2006-09-06 14:43:26 214,752 -c----w C:\WINDOWS\ie7\spuninst\spuninst.exe
+ 2006-09-06 14:43:26 380,640 -c----w C:\WINDOWS\ie7\spuninst\updspapi.dll
+ 2008-04-14 16:11:55 37,888 -c----w C:\WINDOWS\ie7\url.dll
+ 2008-04-14 16:11:55 620,032 -c----w C:\WINDOWS\ie7\urlmon.dll
+ 2008-04-14 16:11:56 278,016 -c----w C:\WINDOWS\ie7\webcheck.dll
+ 2008-04-14 16:11:55 851,968 -c----w C:\WINDOWS\ie7\vgx.dll
+ 2008-04-14 16:11:57 666,112 -c----w C:\WINDOWS\ie7\wininet.dll
+ 2007-08-13 15:39:00 123,904 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\advpack.dll
+ 2007-08-13 15:39:00 123,904 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\advpack.dll.000
+ 2007-08-13 15:35:46 346,624 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\dxtmsft.dll
+ 2007-08-13 15:35:46 346,624 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\dxtmsft.dll.000
+ 2007-08-13 15:35:38 214,528 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\dxtrans.dll
+ 2007-08-13 15:35:38 214,528 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\dxtrans.dll.000
+ 2007-08-13 15:54:10 131,584 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\extmgr.dll
+ 2007-08-13 15:54:10 131,584 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\extmgr.dll.000
+ 2007-08-13 15:36:26 61,952 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\icardie.dll
+ 2007-08-13 15:39:06 54,784 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ie4uinit.exe
+ 2007-08-13 15:39:06 54,784 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ie4uinit.exe.000
+ 2007-08-13 15:39:26 152,064 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieakeng.dll
+ 2007-08-13 15:39:26 152,064 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieakeng.dll.000
+ 2007-08-13 15:39:54 229,376 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieaksie.dll
+ 2007-08-13 15:39:54 229,376 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieaksie.dll.000
+ 2007-08-13 14:56:54 161,792 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieakui.dll
+ 2007-02-12 13:10:12 2,451,312 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieapfltr.dat
+ 2007-07-11 09:27:48 383,488 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieapfltr.dll
+ 2007-08-13 15:39:50 382,976 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\iedkcs32.dll
+ 2007-08-13 15:39:50 382,976 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\iedkcs32.dll.000
+ 2007-08-13 15:54:10 6,049,280 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieframe.dll
+ 2007-08-13 15:39:10 43,008 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\iernonce.dll
+ 2007-08-13 15:39:10 43,008 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\iernonce.dll.000
+ 2007-08-13 15:34:04 266,752 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\iertutil.dll
+ 2007-08-13 15:39:10 13,312 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieudinit.exe
+ 2007-08-13 15:43:56 622,080 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\iexplore.exe
+ 2007-08-13 15:43:56 622,080 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\iexplore.exe.000
+ 2007-08-13 15:54:10 27,136 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\jsproxy.dll
+ 2007-08-13 15:54:10 27,136 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\jsproxy.dll.000
+ 2007-08-13 15:54:10 458,752 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\msfeeds.dll
+ 2007-08-13 15:54:10 50,688 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\msfeedsbs.dll
+ 2007-08-13 15:54:12 3,578,368 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\mshtml.dll
+ 2007-08-13 15:54:12 3,578,368 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\mshtml.dll.000
+ 2007-08-13 15:54:10 475,648 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\mshtmled.dll
+ 2007-08-13 15:54:10 475,648 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\mshtmled.dll.000
+ 2007-08-13 15:44:26 192,000 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\msrating.dll
+ 2007-08-13 15:44:26 192,000 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\msrating.dll.000
+ 2007-08-13 15:54:10 670,720 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\mstime.dll
+ 2007-08-13 15:54:10 670,720 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\mstime.dll.000
+ 2007-08-13 15:44:06 101,376 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\occache.dll
+ 2007-08-13 15:44:06 101,376 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\occache.dll.000
+ 2007-08-13 15:36:12 44,544 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\pngfilt.dll
+ 2007-08-13 15:36:12 44,544 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\pngfilt.dll.000
+ 2007-03-06 01:31:14 214,752 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:32:23 380,640 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\updspapi.dll
+ 2007-08-13 15:44:30 105,984 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\url.dll
+ 2007-08-13 15:44:30 105,984 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\url.dll.000
+ 2007-08-13 15:54:10 1,162,240 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\urlmon.dll
+ 2007-08-13 15:54:10 1,162,240 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\urlmon.dll.000
+ 2007-08-13 15:54:10 231,424 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\webcheck.dll
+ 2007-08-13 15:54:10 231,424 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\webcheck.dll.000
+ 2007-08-13 15:54:10 818,688 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\wininet.dll
+ 2007-08-13 15:54:10 818,688 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\wininet.dll.000
+ 2008-03-01 13:01:50 124,928 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\advpack.dll
+ 2008-03-01 13:01:50 347,136 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\dxtmsft.dll
+ 2008-03-01 13:01:50 214,528 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\dxtrans.dll
+ 2008-03-01 13:01:50 133,120 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\extmgr.dll
+ 2008-03-01 13:01:50 63,488 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\icardie.dll
+ 2008-02-29 08:55:56 70,656 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ie4uinit.exe
+ 2008-03-01 13:01:50 153,088 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieakeng.dll
+ 2008-03-01 13:01:50 230,400 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieaksie.dll
+ 2008-02-15 05:44:25 161,792 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieakui.dll
+ 2008-03-01 13:01:51 383,488 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieapfltr.dll
+ 2008-03-01 13:01:51 384,512 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iedkcs32.dll
+ 2008-03-01 13:01:51 6,066,176 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieframe.dll
+ 2008-03-01 13:01:51 44,544 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iernonce.dll
+ 2008-03-01 13:01:51 267,776 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iertutil.dll
+ 2008-02-22 10:00:51 13,824 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieudinit.exe
+ 2008-02-29 08:56:25 625,664 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iexplore.exe
+ 2008-03-01 13:01:51 27,648 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\jsproxy.dll
+ 2008-03-01 13:01:52 459,264 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\msfeeds.dll
+ 2008-03-01 13:01:52 52,224 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\msfeedsbs.dll
+ 2008-03-01 15:31:54 3,591,680 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\mshtml.dll
+ 2008-03-01 13:01:53 478,208 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\mshtmled.dll
+ 2008-03-01 13:01:53 193,024 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\msrating.dll
+ 2008-03-01 13:01:53 671,232 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\mstime.dll
+ 2008-03-01 13:01:53 102,912 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\occache.dll
+ 2008-03-01 13:01:53 44,544 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\pngfilt.dll
+ 2007-03-06 01:31:14 214,752 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:32:23 380,640 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\updspapi.dll
+ 2008-03-01 13:01:53 105,984 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\url.dll
+ 2008-03-01 13:01:53 1,159,680 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\urlmon.dll
+ 2008-03-01 13:01:53 233,472 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\webcheck.dll
+ 2008-03-01 13:01:53 826,368 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\wininet.dll
+ 2008-06-08 13:16:40 167,936 ----a-r C:\WINDOWS\Installer\{764D06D8-D8DE-411E-A1C8-D9E9380F8A84}\_85BA426DBE00_44A3_969E_C7BDF2F6C986.exe
+ 2008-06-08 13:16:40 65,536 ----a-r C:\WINDOWS\Installer\{764D06D8-D8DE-411E-A1C8-D9E9380F8A84}\_A003BF363149_4FEF_8E7E_E9C39A5B9A96.exe
+ 2008-06-08 13:16:40 65,536 ----a-r C:\WINDOWS\Installer\{764D06D8-D8DE-411E-A1C8-D9E9380F8A84}\_D545A9F0ED09_444B_A962_2628559DCDE6.exe
+ 2008-06-08 13:16:40 17,534 ----a-r C:\WINDOWS\Installer\{764D06D8-D8DE-411E-A1C8-D9E9380F8A84}\gtngstrtd.exe
+ 2008-06-08 13:16:40 4,710 ----a-r C:\WINDOWS\Installer\{764D06D8-D8DE-411E-A1C8-D9E9380F8A84}\Win2Kico.exe
+ 2008-06-08 13:16:40 4,710 ----a-r C:\WINDOWS\Installer\{764D06D8-D8DE-411E-A1C8-D9E9380F8A84}\WSBico.exe
- 2008-05-18 15:41:38 29,926 ----a-r C:\WINDOWS\Installer\{A9174A72-1B46-445B-B3CF-90ED2C63D83B}\MsblIco.Exe
+ 2008-05-29 08:34:04 29,926 ----a-r C:\WINDOWS\Installer\{A9174A72-1B46-445B-B3CF-90ED2C63D83B}\MsblIco.Exe
+ 2008-06-25 08:06:54 32,768 ----a-r C:\WINDOWS\Installer\{C04E32E0-0416-434D-AFB9-6969D703A9EF}\icon.exe
+ 2007-04-11 12:32:22 56,080 ----a-w C:\WINDOWS\KHALMNPR.Exe
+ 2005-03-18 14:23:10 53,248 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2005-03-18 14:23:10 12,800 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Diagnostics.dll
+ 2005-03-18 14:23:14 473,600 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Direct3D.dll
+ 2005-03-18 14:23:10 145,920 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectDraw.dll
+ 2005-03-18 14:23:10 159,232 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectInput.dll
+ 2005-03-18 14:23:14 364,544 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectPlay.dll
+ 2005-03-18 14:23:12 178,176 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectSound.dll
+ 2005-03-18 14:23:14 223,232 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.dll
+ 2005-07-22 14:21:34 577,024 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2907.0\Microsoft.DirectX.Direct3DX.dll
- 2000-08-31 05:00:00 28,160 ----a-w C:\WINDOWS\Nircmd.exe
+ 2000-08-31 05:00:00 28,672 ----a-w C:\WINDOWS\Nircmd.exe
- 2008-04-14 16:11:30 61,440 ----a-w C:\WINDOWS\system32\admparse.dll
+ 2007-08-13 15:39:20 71,680 ----a-w C:\WINDOWS\system32\admparse.dll
- 2008-03-19 16:23:20 114,688 ----a-w C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
+ 2008-06-17 13:12:42 114,688 ----a-w C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
- 2008-03-19 16:36:22 202,168 ----a-w C:\WINDOWS\system32\Adobe\Director\SwDir.dll
+ 2008-06-17 13:23:02 202,168 ----a-w C:\WINDOWS\system32\Adobe\Director\SwDir.dll
- 2008-03-19 16:24:02 487,424 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\Control.dll
+ 2008-06-17 13:13:22 487,424 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\Control.dll
- 2008-03-19 15:46:26 1,798,144 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\dirapi.dll
+ 2008-06-17 12:36:00 1,798,144 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\dirapi.dll
- 2008-03-19 16:24:04 9,216 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\DynaPlayer.dll
+ 2008-06-17 13:13:26 9,216 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\DynaPlayer.dll
+ 2008-06-17 12:25:58 697,344 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\gi.dll
+ 2008-06-17 12:26:00 1,145,896 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\gt.exe
+ 2008-06-17 12:25:58 52,288 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\gtapi.dll
- 2008-03-19 15:42:42 892,928 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\iml32.dll
+ 2008-06-17 12:32:18 892,928 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\iml32.dll
- 2008-03-19 16:22:34 249,856 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\Plugin.dll
+ 2008-06-17 13:11:56 253,952 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\Plugin.dll
- 2008-03-19 16:25:36 442,368 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\Proj.dll
+ 2008-06-17 13:15:00 446,464 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\Proj.dll
+ 2008-06-17 13:22:46 439,736 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\SwHelper_1100458.exe
- 2008-03-19 16:26:20 110,592 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\SwInit.exe
+ 2008-06-17 13:15:44 114,688 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\SwInit.exe
- 2008-03-19 16:22:22 94,208 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\SwMenu.dll
+ 2008-06-17 13:11:44 94,208 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\SwMenu.dll
+ 2008-06-17 12:25:58 50,808 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\SYMCCHECKER.DLL
- 2008-04-14 16:11:31 100,864 ----a-w C:\WINDOWS\system32\advpack.dll
+ 2008-04-23 04:16:41 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
+ 2005-07-22 16:59:04 2,319,568 ----a-w C:\WINDOWS\system32\d3dx9_27.dll
+ 2007-08-13 15:39:20 71,680 -c----w C:\WINDOWS\system32\dllcache\admparse.dll
+ 2008-04-23 04:16:41 124,928 -c----w C:\WINDOWS\system32\dllcache\advpack.dll
+ 2006-09-23 10:12:54 1,022,976 -c----w C:\WINDOWS\system32\dllcache\browseui.dll
+ 2007-08-13 15:42:54 17,408 -c----w C:\WINDOWS\system32\dllcache\corpol.dll
- 2008-04-14 16:11:32 33,792 -c--a-w C:\WINDOWS\system32\dllcache\custsat.dll
+ 2007-08-13 15:54:10 33,792 -c--a-w C:\WINDOWS\system32\dllcache\custsat.dll
+ 2008-04-23 04:16:42 347,136 -c----w C:\WINDOWS\system32\dllcache\dxtmsft.dll
+ 2008-04-23 04:16:42 214,528 -c----w C:\WINDOWS\system32\dllcache\dxtrans.dll
+ 2008-04-23 04:16:42 133,120 -c----w C:\WINDOWS\system32\dllcache\extmgr.dll
+ 2008-04-13 18:45:26 36,864 -c--a-w C:\WINDOWS\system32\dllcache\hidclass.sys
+ 2008-04-13 18:45:22 24,960 -c--a-w C:\WINDOWS\system32\dllcache\hidparse.sys
+ 2008-04-13 18:45:28 10,368 -c--a-w C:\WINDOWS\system32\dllcache\hidusb.sys
+ 2007-08-13 15:18:02 60,416 -c----w C:\WINDOWS\system32\dllcache\hmmapi.dll
+ 2008-04-14 15:43:00 52,096 -c--a-w C:\WINDOWS\system32\dllcache\i8042prt.sys
+ 2008-04-22 07:41:08 70,656 -c----w C:\WINDOWS\system32\dllcache\ie4uinit.exe
+ 2008-04-23 04:16:42 153,088 -c----w C:\WINDOWS\system32\dllcache\ieakeng.dll
+ 2008-04-23 04:16:42 230,400 -c----w C:\WINDOWS\system32\dllcache\ieaksie.dll
- 2004-09-15 12:00:00 225,280 -c--a-w C:\WINDOWS\system32\dllcache\ieakui.dll
+ 2008-04-20 05:07:51 161,792 -c----w C:\WINDOWS\system32\dllcache\ieakui.dll
+ 2008-04-23 04:16:42 384,512 -c----w C:\WINDOWS\system32\dllcache\iedkcs32.dll
+ 2007-08-13 15:44:02 69,120 -c----w C:\WINDOWS\system32\dllcache\iedw.exe
+ 2007-08-13 15:45:18 78,336 -c----w C:\WINDOWS\system32\dllcache\ieencode.dll
+ 2007-08-13 15:54:10 191,488 -c----w C:\WINDOWS\system32\dllcache\iepeers.dll
+ 2008-04-23 04:16:42 44,544 -c----w C:\WINDOWS\system32\dllcache\iernonce.dll
+ 2007-08-13 15:39:12 55,296 -c----w C:\WINDOWS\system32\dllcache\iesetup.dll
+ 2008-04-22 07:41:30 625,664 -c----w C:\WINDOWS\system32\dllcache\iexplore.exe
+ 2007-08-13 15:36:06 36,352 -c----w C:\WINDOWS\system32\dllcache\imgutil.dll
+ 2007-08-13 15:39:02 92,672 -c----w C:\WINDOWS\system32\dllcache\inseng.dll
+ 2007-08-13 15:38:04 491,520 -c----w C:\WINDOWS\system32\dllcache\jscript.dll
+ 2008-04-23 04:16:42 27,648 -c----w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2008-04-14 15:46:40 24,576 -c--a-w C:\WINDOWS\system32\dllcache\kbdclass.sys
+ 2007-08-13 15:44:18 40,960 -c----w C:\WINDOWS\system32\dllcache\licmgr10.dll
+ 2008-04-14 15:36:32 23,040 -c--a-w C:\WINDOWS\system32\dllcache\mouclass.sys
+ 2001-10-05 12:59:32 12,160 -c--a-w C:\WINDOWS\system32\dllcache\mouhid.sys
+ 2007-08-13 15:32:30 45,568 -c----w C:\WINDOWS\system32\dllcache\mshta.exe
+ 2008-04-23 19:16:44 3,591,680 -c----w C:\WINDOWS\system32\dllcache\mshtml.dll
+ 2008-04-23 04:16:42 478,208 -c----w C:\WINDOWS\system32\dllcache\mshtmled.dll
+ 2007-08-13 15:01:12 48,128 -c----w C:\WINDOWS\system32\dllcache\mshtmler.dll
- 2004-09-15 12:00:00 146,432 -c--a-w C:\WINDOWS\system32\dllcache\msls31.dll
+ 2007-08-13 15:54:10 156,160 -c--a-w C:\WINDOWS\system32\dllcache\msls31.dll
+ 2008-04-23 04:16:42 193,024 -c----w C:\WINDOWS\system32\dllcache\msrating.dll
+ 2008-04-23 04:16:42 671,232 -c----w C:\WINDOWS\system32\dllcache\mstime.dll
+ 2008-04-23 04:16:42 102,912 -c----w C:\WINDOWS\system32\dllcache\occache.dll
+ 2008-04-23 04:16:42 44,544 -c----w C:\WINDOWS\system32\dllcache\pngfilt.dll
+ 2008-05-07 05:12:01 1,288,704 -c----w C:\WINDOWS\system32\dllcache\quartz.dll
+ 2006-09-23 10:12:54 1,496,576 -c----w C:\WINDOWS\system32\dllcache\shdocvw.dll
+ 2006-09-23 10:12:54 474,112 -c----w C:\WINDOWS\system32\dllcache\shlwapi.dll
+ 2008-04-23 04:16:42 105,984 -c----w C:\WINDOWS\system32\dllcache\url.dll
+ 2008-04-23 04:16:43 1,159,680 -c----w C:\WINDOWS\system32\dllcache\urlmon.dll
+ 2007-08-13 15:54:10 413,696 -c----w C:\WINDOWS\system32\dllcache\vbscript.dll
+ 2008-04-23 04:16:43 233,472 -c----w C:\WINDOWS\system32\dllcache\webcheck.dll
+ 2007-08-13 15:54:10 765,952 -c----w C:\WINDOWS\system32\dllcache\VGX.dll
+ 2008-04-23 04:16:43 826,368 -c----w C:\WINDOWS\system32\dllcache\wininet.dll
+ 2008-04-29 08:19:50 12,960 ----a-w C:\WINDOWS\system32\drivers\Awrtpd.sys
+ 2008-04-29 08:19:54 15,648 ----a-w C:\WINDOWS\system32\drivers\Awrtrd.sys
- 2008-04-13 18:45:27 10,368 ----a-w C:\WINDOWS\system32\drivers\hidusb.sys
+ 2008-04-13 18:45:28 10,368 ----a-w C:\WINDOWS\system32\drivers\hidusb.sys
+ 2007-04-11 12:32:30 20,496 ----a-w C:\WINDOWS\system32\drivers\L8042Kbd.sys
+ 2007-04-11 12:32:38 63,248 ----a-w C:\WINDOWS\system32\drivers\L8042mou.Sys
+ 2007-04-11 12:32:52 34,832 ----a-w C:\WINDOWS\system32\drivers\LHidFilt.Sys
+ 2007-04-11 12:32:58 36,112 ----a-w C:\WINDOWS\system32\drivers\LMouFilt.Sys
+ 2007-04-11 12:33:06 79,376 ----a-w C:\WINDOWS\system32\drivers\LMouKE.Sys
+ 2007-04-11 12:33:14 28,688 ----a-w C:\WINDOWS\system32\drivers\LUsbFilt.sys
- 2004-09-15 12:00:00 12,160 ----a-w C:\WINDOWS\system32\drivers\mouhid.sys
+ 2001-10-05 12:59:32 12,160 ----a-w C:\WINDOWS\system32\drivers\mouhid.sys
+ 2008-04-29 08:20:00 15,648 ----a-w C:\WINDOWS\system32\drivers\NSDriver.sys
+ 2006-11-02 04:22:54 492,000 ------w C:\WINDOWS\system32\drivers\wdf01000.sys
+ 2006-11-02 04:22:52 32,224 ------w C:\WINDOWS\system32\drivers\wdfldr.sys
+ 2007-04-11 12:32:52 34,832 -c--a-w C:\WINDOWS\system32\DRVSTORE\lfhidhid_AE49CF7A8ECC1A99B793E188BDD77103BF9A4571\LHidFilt.sys
+ 2007-04-11 12:33:20 1,419,024 -c--a-w C:\WINDOWS\system32\DRVSTORE\lfhidhid_AE49CF7A8ECC1A99B793E188BDD77103BF9A4571\WdfCoInstaller01005.dll
+ 2007-04-11 12:33:14 28,688 -c--a-w C:\WINDOWS\system32\DRVSTORE\lfhidusb_34C0B169C0F0216ABB2FADCF857761C40513C0EC\LUsbFilt.sys
+ 2007-04-11 12:33:20 1,419,024 -c--a-w C:\WINDOWS\system32\DRVSTORE\lfhidusb_34C0B169C0F0216ABB2FADCF857761C40513C0EC\WdfCoInstaller01005.dll
+ 2007-04-11 12:32:52 34,832 -c--a-w C:\WINDOWS\system32\DRVSTORE\lfkbdhid_3787EF478DB0DC00ADEE4DCD2D3B66B57B8CE09C\LHidFilt.sys
+ 2007-04-11 12:33:20 1,419,024 -c--a-w C:\WINDOWS\system32\DRVSTORE\lfkbdhid_3787EF478DB0DC00ADEE4DCD2D3B66B57B8CE09C\WdfCoInstaller01005.dll
+ 2007-04-11 12:32:22 56,080 -c--a-w C:\WINDOWS\system32\DRVSTORE\lfmouhid_10C7F3421939DA6E2806F5500B0342437634A347\KHALMNPR.exe
+ 2007-04-11 12:32:52 34,832 -c--a-w C:\WINDOWS\system32\DRVSTORE\lfmouhid_10C7F3421939DA6E2806F5500B0342437634A347\LHidFilt.sys
+ 2007-04-11 12:32:58 36,112 -c--a-w C:\WINDOWS\system32\DRVSTORE\lfmouhid_10C7F3421939DA6E2806F5500B0342437634A347\LMouFilt.sys
+ 2007-04-11 12:33:20 1,419,024 -c--a-w C:\WINDOWS\system32\DRVSTORE\lfmouhid_10C7F3421939DA6E2806F5500B0342437634A347\WdfCoInstaller01005.dll
+ 2007-04-11 12:32:30 20,496 -c--a-w C:\WINDOWS\system32\DRVSTORE\lkbdps2k_9596CEA748EB5F658C6E5BB53EACD081280A4C4D\L8042Kbd.sys
+ 2007-04-11 12:32:22 56,080 -c--a-w C:\WINDOWS\system32\DRVSTORE\lmoups2k_6C72A33CEA374B8F0F934E4770A12C1E8A8096CD\KHALMNPR.Exe
+ 2007-04-11 12:32:38 63,248 -c--a-w C:\WINDOWS\system32\DRVSTORE\lmoups2k_6C72A33CEA374B8F0F934E4770A12C1E8A8096CD\L8042mou.Sys
+ 2007-04-11 12:33:06 79,376 -c--a-w C:\WINDOWS\system32\DRVSTORE\lmoups2k_6C72A33CEA374B8F0F934E4770A12C1E8A8096CD\LMouKE.Sys
- 2008-04-14 16:11:34 357,888 ----a-w C:\WINDOWS\system32\dxtmsft.dll
+ 2008-04-23 04:16:42 347,136 ----a-w C:\WINDOWS\system32\dxtmsft.dll
- 2008-04-14 16:11:34 205,312 ----a-w C:\WINDOWS\system32\dxtrans.dll
+ 2008-04-23 04:16:42 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll
- 2008-04-14 16:11:34 55,808 ----a-w C:\WINDOWS\system32\extmgr.dll
+ 2008-04-23 04:16:42 133,120 ------w C:\WINDOWS\system32\extmgr.dll
- 2008-05-18 10:52:01 94,272 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
+ 2008-06-08 15:31:46 149,992 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
+ 2002-06-20 01:22:42 31,744 ----a-r C:\WINDOWS\system32\hlp95en.dll
+ 2008-04-23 04:16:42 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
+ 2006-06-29 05:05:44 26,112 ------w C:\WINDOWS\system32\idndl.dll
- 2008-04-14 16:12:14 34,304 ----a-w C:\WINDOWS\system32\ie4uinit.exe
+ 2008-04-22 07:41:08 70,656 ------w C:\WINDOWS\system32\ie4uinit.exe
- 2008-04-14 16:11:36 143,360 ----a-w C:\WINDOWS\system32\ieakeng.dll
+ 2008-04-23 04:16:42 153,088 ------w C:\WINDOWS\system32\ieakeng.dll
- 2008-04-14 16:11:36 218,112 ----a-w C:\WINDOWS\system32\ieaksie.dll
+ 2008-04-23 04:16:42 230,400 ------w C:\WINDOWS\system32\ieaksie.dll
- 2004-09-15 12:00:00 225,280 ----a-w C:\WINDOWS\system32\ieakui.dll
+ 2008-04-20 05:07:51 161,792 ------w C:\WINDOWS\system32\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w C:\WINDOWS\system32\ieapfltr.dat
+ 2008-04-23 04:16:42 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
- 2008-04-14 16:11:36 323,584 ----a-w C:\WINDOWS\system32\iedkcs32.dll
+ 2008-04-23 04:16:42 384,512 ------w C:\WINDOWS\system32\iedkcs32.dll
+ 2008-04-23 04:16:42 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll
- 2008-04-14 16:11:36 251,392 ----a-w C:\WINDOWS\system32\iepeers.dll
+ 2007-08-13 15:54:10 191,488 ----a-w C:\WINDOWS\system32\iepeers.dll
- 2008-04-14 16:11:36 48,640 ----a-w C:\WINDOWS\system32\iernonce.dll
+ 2008-04-23 04:16:42 44,544 ------w C:\WINDOWS\system32\iernonce.dll
+ 2008-04-23 04:16:42 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
- 2008-04-14 16:11:36 62,976 ----a-w C:\WINDOWS\system32\iesetup.dll
+ 2007-08-13 15:39:12 55,296 ----a-w C:\WINDOWS\system32\iesetup.dll
+ 2008-04-22 07:39:58 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
+ 2007-08-13 15:54:10 180,736 ------w C:\WINDOWS\system32\ieui.dll
- 2008-04-14 16:11:36 35,840 ----a-w C:\WINDOWS\system32\imgutil.dll
+ 2007-08-13 15:36:06 36,352 ----a-w C:\WINDOWS\system32\imgutil.dll
- 2008-04-14 16:11:36 96,256 ----a-w C:\WINDOWS\system32\inseng.dll
+ 2007-08-13 15:39:02 92,672 ----a-w C:\WINDOWS\system32\inseng.dll
- 2008-04-14 16:11:37 15,872 ----a-w C:\WINDOWS\system32\jsproxy.dll
+ 2008-04-23 04:16:42 27,648 ------w C:\WINDOWS\system32\jsproxy.dll
+ 2007-04-23 01:00:00 163,840 ----a-w C:\WINDOWS\system32\kemutb.dll
+ 2007-04-23 01:00:00 135,168 ----a-w C:\WINDOWS\system32\KemUtil.dll
+ 2007-04-23 01:00:00 110,592 ----a-w C:\WINDOWS\system32\KemWnd.dll
+ 2007-04-23 01:00:00 69,632 ----a-w C:\WINDOWS\system32\KemXML.dll
+ 2002-06-07 01:02:00 36,864 ----a-r C:\WINDOWS\system32\lfbmp11n.dll
+ 2002-06-07 01:02:00 285,184 ----a-r C:\WINDOWS\system32\LFCMP11n.DLL
+ 2002-06-07 01:02:00 31,232 ----a-r C:\WINDOWS\system32\lfeps11n.dll
+ 2002-06-07 01:02:00 81,408 ----a-r C:\WINDOWS\system32\lffax11n.dll
+ 2002-06-07 01:02:00 41,472 ----a-r C:\WINDOWS\system32\lfgif11n.dll
+ 2002-06-07 01:02:00 26,112 ----a-r C:\WINDOWS\system32\lfpcd11n.dll
+ 2002-06-07 01:02:00 33,280 ----a-r C:\WINDOWS\system32\lfpcx11n.dll
+ 2002-06-07 01:02:00 172,032 ----a-r C:\WINDOWS\system32\Lfpng11n.dll
+ 2002-06-07 01:02:00 56,320 ----a-r C:\WINDOWS\system32\lfpsd11n.dll
+ 2002-06-07 01:02:00 27,648 ----a-r C:\WINDOWS\system32\lftga11n.dll
+ 2002-06-07 01:02:00 152,064 ----a-r C:\WINDOWS\system32\lftif11n.dll
+ 2002-06-07 01:02:00 59,392 ----a-r C:\WINDOWS\system32\lfwmf11n.dll
- 2008-04-14 16:11:38 22,016 ----a-w C:\WINDOWS\system32\licmgr10.dll
+ 2007-08-13 15:44:18 40,960 ----a-w C:\WINDOWS\system32\licmgr10.dll
+ 2002-06-07 01:02:00 262,656 ----a-r C:\WINDOWS\system32\LTDIS11n.dll
+ 2002-06-07 01:02:00 118,784 ----a-r C:\WINDOWS\system32\ltfil11n.DLL
+ 2002-06-07 01:02:02 127,488 ----a-r C:\WINDOWS\system32\ltimg11n.dll
+ 2002-06-07 01:02:02 392,192 ----a-r C:\WINDOWS\system32\ltkrn11n.dll
+ 2002-06-07 01:02:02 716,288 ----a-r C:\WINDOWS\system32\Ltwvc11n.dll
+ 2008-03-25 02:32:44 218,496 ----a-r C:\WINDOWS\system32\Macromed\Flash\FlashUtil9f.exe
+ 2008-06-27 10:16:58 74,649 ----a-w C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
+ 2002-06-20 01:22:42 133,904 ----a-r C:\WINDOWS\system32\mfcans32.dll
+ 2002-06-20 01:22:42 5,632 ----a-r C:\WINDOWS\system32\mfcuia32.dll
- 2008-05-09 11:35:06 16,863,864 ----a-w C:\WINDOWS\system32\MRT.exe
+ 2008-05-29 23:35:11 17,486,968 ----a-w C:\WINDOWS\system32\MRT.exe
+ 2008-04-23 04:16:42 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
+ 2008-04-23 04:16:42 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
+ 2007-08-13 15:36:40 12,288 ------w C:\WINDOWS\system32\msfeedssync.exe
- 2008-04-14 16:12:19 29,184 ----a-w C:\WINDOWS\system32\mshta.exe
+ 2007-08-13 15:32:30 45,568 ----a-w C:\WINDOWS\system32\mshta.exe
- 2008-04-14 16:11:39 3,066,880 ----a-w C:\WINDOWS\system32\mshtml.dll
+ 2008-04-23 19:16:44 3,591,680 ----a-w C:\WINDOWS\system32\mshtml.dll
- 2008-04-14 16:11:39 449,024 ----a-w C:\WINDOWS\system32\mshtmled.dll
+ 2008-04-23 04:16:42 478,208 ----a-w C:\WINDOWS\system32\mshtmled.dll
- 2008-04-14 15:39:01 57,344 ----a-w C:\WINDOWS\system32\mshtmler.dll
+ 2007-08-13 15:01:12 48,128 ----a-w C:\WINDOWS\system32\mshtmler.dll
+ 2002-06-20 01:19:12 91,136 ----a-r C:\WINDOWS\system32\msls2.dll
- 2004-09-15 12:00:00 146,432 ----a-w C:\WINDOWS\system32\msls31.dll
+ 2007-08-13 15:54:10 156,160 ----a-w C:\WINDOWS\system32\msls31.dll
- 2008-04-14 16:11:42 146,432 ----a-w C:\WINDOWS\system32\msrating.dll
+ 2008-04-23 04:16:42 193,024 ------w C:\WINDOWS\system32\msrating.dll
+ 2005-08-25 15:18:16 118,784 ----a-w C:\WINDOWS\system32\MSSTDFMT.DLL
- 2008-04-14 16:11:42 532,480 ----a-w C:\WINDOWS\system32\mstime.dll
+ 2008-04-23 04:16:42 671,232 ------w C:\WINDOWS\system32\mstime.dll
+ 2001-12-17 02:13:52 54,784 ----a-r C:\WINDOWS\system32\msvci70.dll
- 2004-05-11 07:53:54 1,230,336 ----a-r C:\WINDOWS\system32\MSXML4.dll
+ 2007-05-08 12:03:04 1,275,392 ----a-w C:\WINDOWS\system32\msxml4.dll
+ 2006-06-28 14:59:26 24,576 ------w C:\WINDOWS\system32\nlsdl.dll
+ 2006-06-29 05:05:44 23,552 ------w C:\WINDOWS\system32\normaliz.dll
- 2008-04-14 16:11:45 96,768 ----a-w C:\WINDOWS\system32\occache.dll
+ 2008-04-23 04:16:42 102,912 ------w C:\WINDOWS\system32\occache.dll
+ 2002-06-20 01:19:18 37,888 ----a-r C:\WINDOWS\system32\ochlp30e.dll
+ 2002-06-07 01:02:02 212,480 ----a-r C:\WINDOWS\system32\PCDLIB32.DLL
+ 1998-03-08 18:28:54 273,408 ----a-w C:\WINDOWS\system32\Pncrt.dll
- 2008-04-14 16:11:45 39,424 ----a-w C:\WINDOWS\system32\pngfilt.dll
+ 2008-04-23 04:16:42 44,544 ------w C:\WINDOWS\system32\pngfilt.dll
+ 2002-06-20 01:25:16 76,288 ----a-r C:\WINDOWS\system32\Pubole32.dll
+ 2008-04-14 16:11:35 20,992 ----a-w C:\WINDOWS\system32\ReinstallBackups\0019\DriverFiles\i386\hid.dll
+ 2008-04-13 18:45:26 36,864 ----a-w C:\WINDOWS\system32\ReinstallBackups\0019\DriverFiles\i386\hidclass.sys
+ 2008-04-13 18:45:22 24,960 ----a-w C:\WINDOWS\system32\ReinstallBackups\0019\DriverFiles\i386\hidparse.sys
+ 2008-04-13 18:45:27 10,368 ----a-w C:\WINDOWS\system32\ReinstallBackups\0019\DriverFiles\i386\hidusb.sys
+ 2008-04-14 15:36:32 23,040 ----a-w C:\WINDOWS\system32\ReinstallBackups\0020\DriverFiles\i386\mouclass.sys
+ 2004-09-15 12:00:00 12,160 ----a-w C:\WINDOWS\system32\ReinstallBackups\0020\DriverFiles\i386\mouhid.sys
+ 2008-04-14 15:43:00 52,096 ----a-w C:\WINDOWS\system32\ReinstallBackups\0021\DriverFiles\i386\i8042prt.sys
+ 2008-04-14 15:46:40 24,576 ----a-w C:\WINDOWS\system32\ReinstallBackups\0021\DriverFiles\i386\kbdclass.sys
- 2006-09-25 14:58:48 14,640 ------w C:\WINDOWS\system32\spmsg.dll
+ 2007-11-30 11:19:02 17,272 ------w C:\WINDOWS\system32\spmsg.dll
- 2008-04-14 16:12:31 60,416 ------w C:\WINDOWS\system32\tzchange.exe
+ 2008-03-27 10:40:24 60,416 ------w C:\WINDOWS\system32\tzchange.exe
- 2008-04-14 16:11:55 37,888 ----a-w C:\WINDOWS\system32\url.dll
+ 2008-04-23 04:16:42 105,984 ----a-w C:\WINDOWS\system32\url.dll
- 2008-04-14 16:11:55 620,032 ----a-w C:\WINDOWS\system32\urlmon.dll
+ 2008-04-23 04:16:43 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
+ 2007-04-11 12:33:20 1,419,024 ----a-w C:\WINDOWS\system32\WdfCoInstaller01005.dll
- 2008-04-14 16:11:56 278,016 ----a-w C:\WINDOWS\system32\webcheck.dll
+ 2008-04-23 04:16:43 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll
+ 2007-08-13 15:45:16 206,336 ------w C:\WINDOWS\system32\WinFXDocObj.exe
+ 2006-05-11 17:21:00 626,688 ----a-w C:\WINDOWS\system32\vp7vfw.dll
+ 2006-05-20 14:16:00 1,184,984 ----a-w C:\WINDOWS\system32\wvc1dmod.dll
+ 2007-05-08 12:06:44 1,275,392 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9848.0_x-ww_1b897e9a\msxml4.dll
+ 2006-09-12 21:43:06 96,256 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.363_x-ww_c9ba3671\ATL80.dll
+ 2005-09-22 20:49:12 95,744 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_6e805841\ATL80.dll
+ 2006-09-12 21:41:36 479,232 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.363_x-ww_691a48fd\msvcm80.dll
+ 2006-09-12 21:41:36 548,864 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.363_x-ww_691a48fd\msvcp80.dll
+ 2006-09-12 21:41:36 626,688 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.363_x-ww_691a48fd\msvcr80.dll
+ 2006-09-12 23:12:34 1,101,824 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.363_x-ww_3a00bc02\mfc80.dll
+ 2006-09-12 23:12:40 1,092,608 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.363_x-ww_3a00bc02\mfc80u.dll
+ 2006-09-12 23:12:44 69,632 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.363_x-ww_3a00bc02\mfcm80.dll
+ 2006-09-12 23:12:46 57,856 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.363_x-ww_3a00bc02\mfcm80u.dll
+ 2005-09-22 22:16:02 1,093,632 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfc80.dll
+ 2005-09-22 22:16:06 1,079,808 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfc80u.dll
+ 2005-09-22 22:16:08 69,632 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfcm80.dll
+ 2005-09-22 22:16:10 57,344 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfcm80u.dll
+ 2006-09-12 22:54:30 40,960 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.363_x-ww_8f4fd500\mfc80CHS.dll
+ 2006-09-12 22:54:30 45,056 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.363_x-ww_8f4fd500\mfc80CHT.dll
+ 2006-09-12 22:54:28 65,536 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.363_x-ww_8f4fd500\mfc80DEU.dll
+ 2006-09-12 22:54:30 57,344 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.363_x-ww_8f4fd500\mfc80ENU.dll
+ 2006-09-12 22:54:30 61,440 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.363_x-ww_8f4fd500\mfc80ESP.dll
+ 2006-09-12 22:54:28 61,440 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.363_x-ww_8f4fd500\mfc80FRA.dll
+ 2006-09-12 22:54:30 61,440 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.363_x-ww_8f4fd500\mfc80ITA.dll
+ 2006-09-12 22:54:30 49,152 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.363_x-ww_8f4fd500\mfc80JPN.dll
+ 2006-09-12 22:54:30 49,152 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.363_x-ww_8f4fd500\mfc80KOR.dll
+ 2005-09-22 21:58:06 40,960 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80CHS.dll
+ 2005-09-22 21:58:06 45,056 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80CHT.dll
+ 2005-09-22 21:58:06 65,536 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80DEU.dll
+ 2005-09-22 21:58:06 57,344 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80ENU.dll
+ 2005-09-22 21:58:06 61,440 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80ESP.dll
+ 2005-09-22 21:58:06 61,440 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80FRA.dll
+ 2005-09-22 21:58:06 61,440 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80ITA.dll
+ 2005-09-22 21:58:06 49,152 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80JPN.dll
+ 2005-09-22 21:58:06 49,152 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80KOR.dll
+ 2005-09-22 22:35:10 65,536 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0ee63867\vcomp.dll
.
-- Snapshot reset to current date --
.
(((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 19:12 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-12-05 01:41 8523776]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-05-18 14:16 1177368]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-04-02 21:07 919016]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2004-02-12 13:38 49152]
"HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 15:18 241664]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-04-11 15:32 56080 C:\WINDOWS\KHALMNPR.Exe]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-04-11 15:32 56080 C:\WINDOWS\KHALMNPR.Exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 19:12 15360]

C:\Documents and Settings\All Users\K?ynnist?-valikko\Ohjelmat\K?ynnistys\
DualCoreCenter.lnk - C:\Program Files\MSI\DualCoreCenter\StartUpDualCoreCenter.exe [2008-05-18 16:57:21 192512]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2004-05-28 22:31:38 241664]
HP Image Zone -pikak?ynnistys.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [2004-05-28 23:06:36 53248]
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2008-06-29 13:00:02 692224]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"C:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\Sierra\\FEAR\\FEAR.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"C:\\WINDOWS\\pchealth\\helpctr\\binaries\\helpctr.exe"=

R0 videX32;videX32;C:\WINDOWS\system32\DRIVERS\videX32.sys [2006-02-23 06:38]
R0 xfilt;VIA SATA IDE Hot-plug Driver;C:\WINDOWS\system32\DRIVERS\xfilt.sys [2006-02-23 06:39]
R1 AvgLdx86;AVG AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [2008-05-18 14:16]
R2 avg8emc;AVG8 E-mail Scanner;C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-05-18 14:16]
R2 avg8wd;AVG8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-05-18 14:16]
R2 AvgTdiX;AVG8 Network Redirector;C:\WINDOWS\system32\Drivers\avgtdix.sys [2008-05-18 14:16]
R2 NMSAccessU;NMSAccessU;C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-03-09 11:20]
R3 DualCoreCenter;DualCoreCenter;C:\Program Files\MSI\DualCoreCenter\NTGLM7X.sys [2008-02-27 08:08]
R3 PCnetHL;AMD PCnet-Home Adapter Driver;C:\WINDOWS\system32\DRIVERS\pcntn5hl.sys [2001-08-17 23:11]
R3 RushTopDevice2;RushTopDevice2;C:\Program Files\MSI\DualCoreCenter\RushTop.sys [2008-03-24 10:14]

.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-02 19:07:23
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-07-02 19:09:04
ComboFix-quarantined-files.txt 2008-07-02 16:09:00
ComboFix2.txt 2008-05-28 15:29:25

Pre-Run: 133,267,312,640 tavua vapaana
Post-Run: 133,531,287,552 tavua vapaana

730 --- E O F --- 2008-06-25 08:06:55

toisen ohjelman loki:

Find AWF report by noahdfear ©2006
Version 1.40

bak folders found
~~~~~~~~~~~

Duplicate files of bak directory contents
~~~~~~~~~~~~~~~~~~~~~~~

end of report

AfterDawn Addict

2. heinäkuuta 2008 @ 22:12

Linkki tähän viestiin

Hyvältä nyttää !!!
******************************************
Kirjoita windowsin käynnistävalikon suorita-kenttään ComboFix.exe /u paina OK
*************************************************************
******************************************
Käynnistä Malwarebytes Karanteeni välileti ja tyhjennä roskat.
**********************************************************
--------------------------------------------------

Vieläkö avg herjaa ???

(:)

Teemza

Junior Member

2. heinäkuuta 2008 @ 22:32

Linkki tähän viestiin

AVG ei oo sanonu mitää.

en löytänyt tätä dllcache kansioo

täällä on terve exe:
C:\WINDOWS\system32\dllcache\msconfig.exe

Kopioi Tänne hakemistoon:
C:\WINDOWS\pchealt\helpctr\binaries\

AfterDawn Addict

2. heinäkuuta 2008 @ 23:57

Linkki tähän viestiin

SRI se on piilotiedosto.
Laita piilotiedostot näkyviin =>

.

(:)

Teemza

Junior Member

3. heinäkuuta 2008 @ 11:21

Linkki tähän viestiin

ei löydy

AfterDawn Addict

3. heinäkuuta 2008 @ 11:56

Linkki tähän viestiin

Asia selvä.
Testataan toimiiko se ohjelma.

* Kirjoita windowsin käynnistä-valikon suorita-kenttään msconfig paina OK
Käynnistyikö hallinta valikko ???

(:)

Teemza

Junior Member

3. heinäkuuta 2008 @ 13:16

Linkki tähän viestiin

ei toimi :/

AfterDawn Addict

3. heinäkuuta 2008 @ 14:58

Linkki tähän viestiin

Varmista että olet Järjestelmän Valvojan tunnuksilla koneella.
Etsi winukan etsi toiminnolla => msconfig.exe
Kerro mistä paikoista se löytyy ???

(:)

Teemza

Junior Member

3. heinäkuuta 2008 @ 15:28

Linkki tähän viestiin

ei mistään :(

Hujo

Suspended permanently

3. heinäkuuta 2008 @ 15:42

Linkki tähän viestiin

linkki

päivitys

Voiko tietsikka koskaan toimia?

Teemza

Junior Member

3. heinäkuuta 2008 @ 16:21

Linkki tähän viestiin

ku koitin asentaa tota ni tuli tämmöne viesti:

"Asennus havaitsi, että järjestelmään asennettu Service Packin versio on uudempi kuin käyttämäsi päivititys.

Tätä päivitystä ei tarvitse asentaa."

Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 3. heinäkuuta 2008 @ 16:22

Hujo

Suspended permanently

3. heinäkuuta 2008 @ 17:08

Linkki tähän viestiin

Mees käynnistä > ohjauspaneli > valvontatyökalut > palvelut

mitä tulee näkyviin

Voiko tietsikka koskaan toimia?

Teemza

Junior Member

3. heinäkuuta 2008 @ 17:28

Linkki tähän viestiin

tämmösii

http://img399.imageshack.us/my.php?image=osa1qd5.jpg

Hujo

Suspended permanently

3. heinäkuuta 2008 @ 17:37

Linkki tähän viestiin

elikäs tuo yllä olevaa ei siis löydy

kun teet näin

käynnistä > Ohjauspaneli > ikkunan yläreunasta Työkalut > kansio asetukset > välilehti näytä

==============

sitten tämä toinen tehään näin

Käynnistä > suorita > siihen kirjoitetaan msconfig
Pitäis aueta uusi ikkuna

Voiko tietsikka koskaan toimia?

Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 3. heinäkuuta 2008 @ 17:43

Teemza

Junior Member

3. heinäkuuta 2008 @ 17:41

Linkki tähän viestiin

Hujo

Suspended permanently

3. heinäkuuta 2008 @ 17:44

Linkki tähän viestiin

Nythän se löytyi

C:\WINDOWS\pchealt\helpctr\binaries\msconfig.exe pitäis löytyä tuolta
C:\WINDOWS\Prefetch\msconfig.exe ja tuolta löytyy PF tiedosto

Voiko tietsikka koskaan toimia?

Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 3. heinäkuuta 2008 @ 18:23

Teemza

Junior Member

3. heinäkuuta 2008 @ 18:12

Linkki tähän viestiin

ei löydy

Hujo

Suspended permanently

3. heinäkuuta 2008 @ 18:24

Linkki tähän viestiin

mitä ei löydy
löytyykö noi mitä laitoin

=========

Mitä tulee kun teet näin

Käynnistä > suorita > siihen kirjoitetaan msconfig ja painetaan OK
Pitäis aueta uusi ikkuna

Voiko tietsikka koskaan toimia?

Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 3. heinäkuuta 2008 @ 18:27

Teemza

Junior Member

3. heinäkuuta 2008 @ 21:23

Linkki tähän viestiin

aukee uusi ikkuna missä lukee, että msconfig ei löydy! :P

Hujo

Suspended permanently

3. heinäkuuta 2008 @ 21:33

Linkki tähän viestiin

sitten taitaa paras tehä niin että viskaaa pois sp3 ja pistää tuosta ylhäältä linkistä lataukseen minkä laitoin

Voiko tietsikka koskaan toimia?

Mainos

Teemza

Junior Member

3. heinäkuuta 2008 @ 21:57

Linkki tähän viestiin

hmmm se ei varmaa mitenkää kovin helposti onnistu vai?

Sivu:	1	2	>

Aloita uusi viestiketju

afterdawn.com > keskustelu > yleistä keskustelua tietokoneista > virukset ja haittaohjelmat - hijackthis -logit > poistuiko virus?

Apua ongelmiin: AfterDawnin keskustelualueet | AfterDawnin Vastaukset
Uutiset: IT-alan uutiset | Uutisia puhelimista
Musiikkia: MP3Lizard.com
Tuotearviot: Laitevertailu | Vertaa puhelimia | Vertaa kännykkäliittymiä
Pelit: Pelitiedostot, pelidemot ja trailerit
Ohjelmat: download.fi | AfterDawnin ohjelma-alueet
International: AfterDawn in English | Software downloads | Free, legal MP3s | AfterDawn på svenska
RSS -syötteet: AfterDawnin uutiset | Uusimmat ohjelmapäivitykset | Keskustelualueiden viestit
Tietoja: Tietoa AfterDawn Oy:stä | Mainosta sivuillamme | Sivuston käyttöehdot ja tietoja yksityisyydensuojasta
Ota yhteyttä: Lähetä palautetta | Ota yhteyttä mainosmyyntiimme

© 1999-2025 AfterDawn Oy