AfterDawn.com Mainosta sivuillamme
User Käyttäjä Salasana  
  Puuttuuko tunnus? Liity jäseneksi nyt!.
Salasana hukassa? Klikkaa tästä. 		 
  Etusivu   Uutiset   Oppaat   Ohjelmat   Sanasto   Laitevertailu   Profiilit   Keskustelu  
 Yksityisviestit     Luo uusi yksityisviesti     Kaikki uudet viestit     Ilman vastauksia olevat viestiketjut     Hae viestejä
perjantai 14.11.2025 / 22:19
Hae keskustelualueilta:        In English   Suomeksi   På svenska
afterdawn.com > keskustelu > yleistä keskustelua tietokoneista > virukset ja haittaohjelmat - hijackthis -logit > mese viruksen jälkeen tökkivä kone
Näytä aiheet
 
Keskustelualueet
Keskustelualueet
Mese viruksen jälkeen tökkivä kone
  Siirry:
 
Kirjoittaja Viesti
Sivu:12>
teamsfv
Junior Member
_ 		26. elokuuta 2008 @ 23:21 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Moi!

Kaverini on onnistunut saamaan mese viruksen ja nyt koneen logi näyttää tältä.
Juuri vanhentunut Norton löysi kyllä Windows kansiosta paljon pöpöjä, mutta kun se poisti ne niin pikakuvakeet lopettivat toiminnan.
Saako tästä vielä koneen jollain konstin?
Ja tiedosi en ole mikään pro näissä :)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:08:01, on 26.8.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\COMODO\Firewall\cmdagent.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\hphmon05.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\K-Lite Codec Pack\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\COMODO\SafeSurf\cssurf.exe
C:\Program Files\COMODO\Firewall\cfp.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\KEM.exe
C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE
C:\Program Files\Hewlett-Packard\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\Program Files\Skype\Plugin Manager\SkypePM.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Nokia\Nokia PC Suite 6\OneTouchAccess.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer - toimittaja Elisa Internet
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {4C39AC82-8F1A-4425-8BBF-3D2B656EA7D8} - C:\WINDOWS\system32\byXRlMeE.dll
O2 - BHO: {02a3e5ee-0ea9-a87a-da94-1fb8c8888ef6} - {6fe8888c-8bf1-49ad-a78a-9ae0ee5e3a20} - C:\WINDOWS\system32\cqovdw.dll
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O2 - BHO: (no name) - {F0E738CA-4E59-446F-B34A-6BC26FB2C735} - (no file)
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\system32\hphmon05.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\K-Lite Codec Pack\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [20b9d60f] rundll32.exe "C:\WINDOWS\system32\uplygxal.dll",b
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [COMODO SafeSurf] "C:\Program Files\COMODO\SafeSurf\cssurf.exe" -s
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\RunServices: [psyspy-2.1.4 Client Server] C:\WINDOWS\system32\telecms.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Paikallinen palve')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Verkkopalve')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone -pikakäynnistys.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Avaa uuteen etuvälilehteen - res://C:\Program Files\Windows Live Toolbar\Components\fi-fi\msntabres.dll.mui/230?20c14230637e4cad9560876846ed7244
O8 - Extra context menu item: Avaa uuteen taustavälilehteen - res://C:\Program Files\Windows Live Toolbar\Components\fi-fi\msntabres.dll.mui/229?20c14230637e4cad9560876846ed7244
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Lisää tämä blogiin - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Lisää tämä blogiin tuotteessa Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Tuki - {1F2CA859-F258-49F4-82DC-F19AEE5D9788} - http://tuki.elisa.net/ (file missing) (HKCU)
O9 - Extra button: SMS-viesti - {E5F0EF26-9856-462C-A2F8-FC6EF7F7368E} - http://sms.kolumbus.fi/ (file missing) (HKCU)
O9 - Extra button: Palvelut - {FE38BD7A-B524-48A1-89B0-32E2D3E090A0} - http://service.kolumbus.fi/ (file missing) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://elisa.net/
O16 - DPF: {3B36B017-7E49-426B-95B0-B5CECD83C2E2} (IfolorUploader Control) - http://fika-web.ifolor.net/OrderingGener...loader_fika.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{F10A2C72-FEC8-4003-A393-5F4EA1596678}: NameServer = 217.78.192.22 217.78.192.78
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll C:\WINDOWS\system32\cssdll32.dll
O20 - Winlogon Notify: fccccCTL - fccccCTL.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe

--
End of file - 13229 bytes
[ + lainaa]
Hujo
Suspended permanently
_ 		27. elokuuta 2008 @ 00:27 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
1.Lataa combofix.exe työpöydällesi yhdestä linkistä:
combofix1
combofix2

2. Tuplaklikkaa combofix.exe tiedostoa ja seuraa ohjeistuksia.
3. Kun työkalu on valmis, se tuottaa lokin. Lähetä tämä loki viesti ketjuusi.
Huom! Älä klikkaile combofixin ikkunaa käytön aikana. Tämä saattaa aiheuttaa ohjelman jumiutumisen.

=============

Lataa Malwarebytes' Anti-Malware työpöydällesi.

1. Tuplaklikkaa mbam-setup.exe ja seuraa ohjeita asentaaksesi ohjelman.
2. Lopuksi varmistu, että seuraavat on valittu: Update Malwarebytes', Anti-Malwareja
Launch Malwarebytes' Anti-Malware ja sen jälkeen klikkaaFinish.
3. Jos päivitys löytyy. ohjelma lataa ja asentaa uusimman version.
4. Kun ohjelma on latautunut, valitse Perform full scan ja klikkaa Scan.
5. Kun skanni on valmis, klikkaa OK ja sitten Show Results nähdäksesi tulokset.
6. Varmistu, että kaikki on merkitty ja klikkaa Remove Selected.
7. Tämän jälkeen loki avautuu muistioon. Tallenna se paikkaan, josta löydät sen helposti. Loki
löytyy myös täältä: C:\Documents and Settings\Käyttäjänimi\Application
Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-päiväys.txt
8. Lähetä lokin sisältö seuraavassa viestissäsi.

===========

Lataa SDFix by AndyManchesta ja tallenna se työpöydällesi.

Käynnistä koneesi vikasietotilaan:

sammuta ja käynnistä
käynnistyksen yhteydessä hakkaa F8 nappia
valitse nuolinäppäimellä vikasietotila
paina enter ja enter
valitse käyttäjätilisi
paina kyllä

Jossakin koneissa hakataan F8:sin sijasta F5:tä

" Kun vikasietotilassa, pura tiedoston SDFix.zip sisältö (SDFix kansio) työpöydällesi. Työpöydälle pitäisi ilmestyä kansio nimeltä SDFix.
" Avaa SDFix-kansio ja tuplaklikkaa tiedostoa RunThis.bat käynnistääksesi ohjelman.
" Paina Y käynnistääksesi skriptin.
" Työkalu puhdistaa troijalaisen palvelut ja tekee myös joitakin korjauksia rekisteriin. Lopuksi se pyytää käynnistämään koneen uudelleen, "Press any key to Reboot".
" Paina mitä tahansa näppäintä ja kone käynnistyy uudelleen.
" Käynnistyminen kestää normaalia kauemmin sillä SDFix puhdistaa konetta.
" Kun kone on käynnistynyt ja työpöytä latautunut, SDFix kertoo että puhdistus on suoritettu, "Finished".
" Paina sitten mitä tahansa näppäintä sulkeaksesi skriptin ja ladataksesi pikakuvakkeet työpöydälle.
" Lopuksi avaa SDFix kansio (työpöydällä) ja kopioi & liitä tiedoston Report.txt sisältö viestiketjuusi uuden HijackThis:n lokin kera.


[ + lainaa]
Voiko tietsikka koskaan toimia?
teamsfv
Junior Member
_ 		27. elokuuta 2008 @ 02:07 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
ComboFixin uudelleen käynnistyksen yhteydessä herjas uutena RUNDLL: Virhe ladattaessa: C:\WINDOWS\system32\uplygxal.dll Määritettyä osaa ei löydy.

Kiitoksia etukäteen.

ComboFix 08-08-26.01 - Neiti Näpsä 2008-08-27 1:29:22.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1035.18.147 [GMT 3:00]
Running from: C:\Documents and Settings\Outi Röksä\Työpöytä\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

(((((((((((((((((((((((((((((((((((((( Muut poistot ))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\BM238ae593.txt
C:\WINDOWS\BM238ae593.xml
C:\WINDOWS\cookies.ini
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\abigdvoa.ini
C:\WINDOWS\system32\allqilwe.dll
C:\WINDOWS\system32\bhjflk.dll
C:\WINDOWS\system32\bqeolm.dll
C:\WINDOWS\system32\cdseqdcw.exe
C:\WINDOWS\system32\cfadsdfu.dll
C:\WINDOWS\system32\cqkxmq.dll
C:\WINDOWS\system32\cqovdw.dll
C:\WINDOWS\system32\ctgruhes.dll
C:\WINDOWS\system32\ebchfeje.dll
C:\WINDOWS\system32\EeMlRXyb.ini
C:\WINDOWS\system32\EeMlRXyb.ini2
C:\WINDOWS\system32\ejefhcbe.ini
C:\WINDOWS\system32\enuadegw.ini
C:\WINDOWS\system32\fpofrwae.exe
C:\WINDOWS\system32\fqtensjx.dll
C:\WINDOWS\system32\fwjtypye.dll
C:\WINDOWS\system32\gwxoivbp.dll
C:\WINDOWS\system32\hestyyll.ini
C:\WINDOWS\system32\hgtvhb.dll
C:\WINDOWS\system32\hoddnimb.ini
C:\WINDOWS\system32\iffjkoxv.ini
C:\WINDOWS\system32\jsevveba.ini
C:\WINDOWS\system32\kfqcowan.ini
C:\WINDOWS\system32\kjivusto.exe
C:\WINDOWS\system32\krmpjwlx.dll
C:\WINDOWS\system32\laxgylpu.ini
C:\WINDOWS\system32\llyytseh.dll
C:\WINDOWS\system32\luwyad.dll
C:\WINDOWS\system32\maxcdh.dll
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\mfoljchb.ini
C:\WINDOWS\system32\mggdetun.exe
C:\WINDOWS\system32\muuemqcy.dll
C:\WINDOWS\system32\oocapdmi.exe
C:\WINDOWS\system32\orumunfo.dll
C:\WINDOWS\system32\pbvioxwg.ini
C:\WINDOWS\system32\peomywow.ini
C:\WINDOWS\system32\pgarxegl.exe
C:\WINDOWS\system32\pmjgslnt.dll
C:\WINDOWS\system32\qqbwskrj.ini
C:\WINDOWS\system32\qvuuaite.dll
C:\WINDOWS\system32\rbdssdtf.dll
C:\WINDOWS\system32\rffdzf.dll
C:\WINDOWS\system32\rrpewemf.dll
C:\WINDOWS\system32\rwlpqxso.dll
C:\WINDOWS\system32\snpjponk.dll
C:\WINDOWS\system32\tnlsgjmp.ini
C:\WINDOWS\system32\twqisgmc.exe
C:\WINDOWS\system32\uplygxal.dll
C:\WINDOWS\system32\wgedaune.dll
C:\WINDOWS\system32\vrvsuyig.dll
C:\WINDOWS\system32\vxokjffi.dll

.
((((( Tiedostot, jotka on luotu seuraavalla aikav?lill?: 2008-07-26 to 2008-08-26 )))))))))))))))))
.

2008-08-27 01:04 . 2008-08-17 15:01 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-08-27 01:03 . 2008-08-27 01:05 <KANSIO> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-08-27 01:03 . 2008-08-27 01:03 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-08-27 01:03 . 2008-08-17 15:01 38,472 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-08-26 23:06 . 2008-08-26 23:06 <KANSIO> d-------- C:\Program Files\Trend Micro
2008-08-26 22:06 . 2008-08-26 22:09 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\PC Suite
2008-08-26 22:04 . 2008-08-26 22:04 <KANSIO> d-------- C:\Program Files\Common Files\PCSuite
2008-08-26 22:04 . 2008-08-26 22:04 <KANSIO> d-------- C:\Program Files\Common Files\Nokia
2008-08-26 22:03 . 2008-08-26 22:03 <KANSIO> d-------- C:\Program Files\DIFX
2008-08-26 22:01 . 2008-08-26 22:01 <KANSIO> d-------- C:\Program Files\PC Connectivity Solution
2008-08-26 22:00 . 2007-02-22 11:15 137,216 --a------ C:\WINDOWS\system32\drivers\nmwcd.sys
2008-08-26 22:00 . 2007-02-22 11:15 90,624 --a------ C:\WINDOWS\system32\nmwcdcls.dll
2008-08-26 22:00 . 2007-02-22 11:15 65,536 --a------ C:\WINDOWS\system32\nmwcdcocls.dll
2008-08-26 22:00 . 2007-02-22 11:15 12,288 --a------ C:\WINDOWS\system32\drivers\nmwcdcm.sys
2008-08-26 22:00 . 2007-02-22 11:15 12,288 --a------ C:\WINDOWS\system32\drivers\nmwcdcj.sys
2008-08-26 22:00 . 2007-02-22 11:15 8,320 --a------ C:\WINDOWS\system32\drivers\nmwcdc.sys
2008-08-26 21:59 . 2008-08-26 22:04 <KANSIO> d-------- C:\Program Files\Nokia
2008-08-26 21:55 . 2008-08-26 21:55 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\Installations
2008-08-26 20:45 . 2008-08-26 21:14 <KANSIO> d---s---- C:\Documents and Settings\J?rjestelm?nvalvoja
2008-08-24 19:06 . 2008-08-24 19:06 <KANSIO> d-------- C:\Program Files\AskSBar
2008-08-24 19:06 . 2008-08-24 19:06 249,592 --a------ C:\WINDOWS\system32\cssdll32.dll
2008-08-24 19:05 . 2008-08-26 21:03 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\comodo
2008-08-24 19:05 . 2008-08-24 19:04 143,104 --a------ C:\WINDOWS\system32\guard32.dll
2008-08-24 19:05 . 2008-08-24 19:04 87,056 --a------ C:\WINDOWS\system32\drivers\cmdguard.sys
2008-08-24 19:05 . 2008-08-24 19:04 24,208 --a------ C:\WINDOWS\system32\drivers\cmdhlp.sys
2008-08-24 19:04 . 2008-08-24 19:06 <KANSIO> d-------- C:\Program Files\COMODO
2008-08-24 18:45 . 2008-08-24 18:45 <KANSIO> d-------- C:\Program Files\Alwil Software
2008-08-19 23:01 . 2008-08-19 23:01 <KANSIO> d-------- C:\Documents and Settings\Vieras\Application Data\Sony Corporation
2008-08-19 21:25 . 2008-08-19 21:25 84,480 --------- C:\WINDOWS\system32\bminddoh.dll
2008-08-08 20:10 . 2008-08-08 20:10 <KANSIO> d-------- C:\Program Files\CCleaner
2008-08-08 20:08 . 2008-08-08 20:08 <KANSIO> d-------- C:\Program Files\inKline Global
2008-08-08 20:00 . 2007-05-30 15:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2008-08-08 19:59 . 2008-08-08 19:59 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft

.
(((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-24 16:18 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-08-24 16:17 --------- d-----w C:\Program Files\Norton 360
2008-08-24 16:16 --------- d-----w C:\Program Files\Symantec
2008-08-24 16:09 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2008-08-24 15:44 --------- d-----w C:\Program Files\WinAce
2008-08-08 17:22 --------- d-----w C:\Program Files\Hardwood Solitaire III
2008-08-08 17:08 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-05-29 19:09 106,496 ----a-w C:\f-sdbot.exe
.

(((((((((((((((((((((((((((((( Rekisterin k?ynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Huom* Tyhji? arvoja ja laillisia oletusarvoja ei n?ytet?
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4C39AC82-8F1A-4425-8BBF-3D2B656EA7D8}]
2008-05-30 07:05 370176 --------- C:\WINDOWS\system32\byXRlMeE.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-09-15 11:00 15360]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 12:34 5724184]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-30 23:28 68856]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2007-02-09 17:00 25388584]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-04-02 18:51 67128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe" [2005-03-12 03:39 32881]
"UpdateManager"="C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-08-19 02:01 110592]
"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2004-05-26 20:15 98304]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2004-05-26 20:15 536576]
"HPHUPD05"="c:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe" [2003-05-22 21:03 49152]
"HPHmon05"="C:\WINDOWS\system32\hphmon05.exe" [2003-05-22 20:56 483328]
"Cpqset"="C:\Program Files\HPQ\Default Settings\cpqset.exe" [2004-04-30 11:32 208958]
"eabconfg.cpl"="C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe" [2004-07-30 09:33 286720]
"TkBellExe"="C:\Program Files\K-Lite Codec Pack\Real\Update_OB\realsched.exe" [2007-06-03 19:57 151597]
"Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 18:38 583048]
"MMTray"="C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe" [2006-01-17 13:03 135168]
"mmtask"="C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe" [2006-01-17 13:03 53248]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2003-10-30 11:46 155648]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2003-10-30 11:33 118784]
"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2004-03-25 02:04 122939]
"COMODO SafeSurf"="C:\Program Files\COMODO\SafeSurf\cssurf.exe" [2008-08-24 19:06 278264]
"COMODO Firewall Pro"="C:\Program Files\COMODO\Firewall\cfp.exe" [2008-08-24 19:04 1655552]
"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 15:10 271360]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2004-06-08 13:31 29696 C:\WINDOWS\KHALMNPR.Exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-09-15 11:00 15360]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 10:17 1241088]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.X264"= x264vfw.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 17:35]
R1 cmdGuard;COMODO Firewall Pro Sandbox Driver;C:\WINDOWS\system32\DRIVERS\cmdguard.sys [2008-08-24 19:04]
R1 cmdHlp;COMODO Firewall Pro Helper Driver;C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [2008-08-24 19:04]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 17:37]
S3 StickCap;Digital TV DVB-T USB Stick adapter service;C:\WINDOWS\system32\Drivers\stickcap.sys []
S3 stickload;Digital TV stick firmware loader service;C:\WINDOWS\system32\DRIVERS\stickload.sys []
.
'Ajoitetut teht?v?t'-kansion sis?lt?
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-20b9d60f - C:\WINDOWS\system32\uplygxal.dll
Notify-fccccCTL - fccccCTL.dll


.
------- Supplementary Scan -------
.
R0 -: HKCU-Main,SearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
R1 -: HKCU-Internet Settings,ProxyOverride = *.fi;;localhost;<local>
O8 -: &Windows Live Search - C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 -: Avaa uuteen etuvälilehteen - C:\Program Files\Windows Live Toolbar\Components\fi-fi\msntabres.dll.mui/230?20c14230637e4cad9560876846ed7244
O8 -: Avaa uuteen taustavälilehteen - C:\Program Files\Windows Live Toolbar\Components\fi-fi\msntabres.dll.mui/229?20c14230637e4cad9560876846ed7244
O8 -: Vie Microsoft E&xceliin - C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O18 -: Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O16 -: {3B36B017-7E49-426B-95B0-B5CECD83C2E2} - hxxp://fika-web.ifolor.net/OrderingGeneral/LowRes/app_support/ActiveX/IfolorUploader_fika.cab
C:\WINDOWS\Downloaded Program Files\IfolorUploader.inf
C:\WINDOWS\Downloaded Program Files\IfolorUploader.ocx
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-27 01:37:41
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cpqset = C:\Program Files\HPQ\Default Settings\cpqset.exe???????????????|?P???? ???B???????????????B? ??????

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
[ + lainaa]

Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 27. elokuuta 2008 @ 16:08
Hujo
Suspended permanently
_ 		27. elokuuta 2008 @ 10:34 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
jatka listaa alas päin
[ + lainaa]
Voiko tietsikka koskaan toimia?
teamsfv
Junior Member
_ 		27. elokuuta 2008 @ 12:20 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Tssäpäs Malmwaren tuotos, ja asennuksen jälkeen ilmoitti että näitä ei voi poistaa:
C:\WINDOWS\system32\byXRIMeE.dll
C:\Documents and Settings\NetworkService\Cookies\bumo.reg
C:\Documents and Settings\NetworkService\Cookies\jababug.inf
C:\Documents and Settings\NetworkService\Cookies\uwux.exe
C:\Documents and Settings\NetworkService\Cookies\jiceji._sy

Malwarebytes' Anti-Malware 1.25
Tietokantaversio: 1088
Windows 5.1.2600 Service Pack 2

11:52:34 27.8.2008
mbam-log-08-27-2008 (11-52-34).txt

Tarkistustyyppi: Täysi tarkistus (C:\|)
Tarkistetut kohteet: 109462
Kulunut aika: 1 hour(s), 35 minute(s), 52 second(s)

Saastuneita muistiprosesseja: 0
Saastuneita muistimoduuleja: 0
Saastuneita rekisteriavaimia: 4
Saastuneita rekisteriarvoja: 1
Saastuneita rekisterikohteita: 1
Saastuneita hakemistoja: 0
Saastuneita tiedostoja: 88

Saastuneita muistiprosesseja:
(Haitallisia kohteita ei löydetty)

Saastuneita muistimoduuleja:
(Haitallisia kohteita ei löydetty)

Saastuneita rekisteriavaimia:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4c39ac82-8f1a-4425-8bbf-3d2b656ea7d8} (Trojan.BHO.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4c39ac82-8f1a-4425-8bbf-3d2b656ea7d8} (Trojan.BHO.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.

Saastuneita rekisteriarvoja:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices\psyspy-2.1.4 Client Server (Worm.IRCBot) -> Quarantined and deleted successfully.

Saastuneita rekisterikohteita:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\StartMenuLogOff (Hijack.StartMenu) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Saastuneita hakemistoja:
(Haitallisia kohteita ei löydetty)

Saastuneita tiedostoja:
C:\WINDOWS\system32\byXRlMeE.dll (Trojan.BHO.H) -> Delete on reboot.
C:\System Volume Information\_restore{66C7102C-5271-40D3-A957-75060BB65573}\RP323\A0034201.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66C7102C-5271-40D3-A957-75060BB65573}\RP323\A0034184.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66C7102C-5271-40D3-A957-75060BB65573}\RP323\A0034185.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66C7102C-5271-40D3-A957-75060BB65573}\RP323\A0034186.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66C7102C-5271-40D3-A957-75060BB65573}\RP323\A0034187.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66C7102C-5271-40D3-A957-75060BB65573}\RP323\A0034190.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66C7102C-5271-40D3-A957-75060BB65573}\RP323\A0034192.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66C7102C-5271-40D3-A957-75060BB65573}\RP323\A0034193.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66C7102C-5271-40D3-A957-75060BB65573}\RP323\A0034195.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66C7102C-5271-40D3-A957-75060BB65573}\RP323\A0034196.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66C7102C-5271-40D3-A957-75060BB65573}\RP323\A0034197.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66C7102C-5271-40D3-A957-75060BB65573}\RP323\A0034198.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66C7102C-5271-40D3-A957-75060BB65573}\RP323\A0034199.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66C7102C-5271-40D3-A957-75060BB65573}\RP323\A0034200.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66C7102C-5271-40D3-A957-75060BB65573}\RP323\A0034202.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66C7102C-5271-40D3-A957-75060BB65573}\RP323\A0034203.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66C7102C-5271-40D3-A957-75060BB65573}\RP323\A0034204.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66C7102C-5271-40D3-A957-75060BB65573}\RP323\A0034205.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66C7102C-5271-40D3-A957-75060BB65573}\RP323\A0034206.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66C7102C-5271-40D3-A957-75060BB65573}\RP328\A0040543.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66C7102C-5271-40D3-A957-75060BB65573}\RP328\A0040544.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66C7102C-5271-40D3-A957-75060BB65573}\RP328\A0040545.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66C7102C-5271-40D3-A957-75060BB65573}\RP328\A0040546.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66C7102C-5271-40D3-A957-75060BB65573}\RP328\A0040549.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66C7102C-5271-40D3-A957-75060BB65573}\RP328\A0040550.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66C7102C-5271-40D3-A957-75060BB65573}\RP328\A0040552.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66C7102C-5271-40D3-A957-75060BB65573}\RP328\A0040553.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66C7102C-5271-40D3-A957-75060BB65573}\RP328\A0040555.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66C7102C-5271-40D3-A957-75060BB65573}\RP328\A0040558.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66C7102C-5271-40D3-A957-75060BB65573}\RP328\A0040559.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66C7102C-5271-40D3-A957-75060BB65573}\RP328\A0040560.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66C7102C-5271-40D3-A957-75060BB65573}\RP328\A0040561.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66C7102C-5271-40D3-A957-75060BB65573}\RP328\A0040562.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66C7102C-5271-40D3-A957-75060BB65573}\RP328\A0040563.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66C7102C-5271-40D3-A957-75060BB65573}\RP328\A0040564.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66C7102C-5271-40D3-A957-75060BB65573}\RP328\A0040565.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66C7102C-5271-40D3-A957-75060BB65573}\RP328\A0040566.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66C7102C-5271-40D3-A957-75060BB65573}\RP328\A0040567.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66C7102C-5271-40D3-A957-75060BB65573}\RP328\A0040568.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66C7102C-5271-40D3-A957-75060BB65573}\RP328\A0040569.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66C7102C-5271-40D3-A957-75060BB65573}\RP328\A0040570.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66C7102C-5271-40D3-A957-75060BB65573}\RP328\A0040571.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66C7102C-5271-40D3-A957-75060BB65573}\RP328\A0040572.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66C7102C-5271-40D3-A957-75060BB65573}\RP328\A0040575.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66C7102C-5271-40D3-A957-75060BB65573}\RP328\A0040576.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66C7102C-5271-40D3-A957-75060BB65573}\RP328\A0040577.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66C7102C-5271-40D3-A957-75060BB65573}\RP328\A0040578.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66C7102C-5271-40D3-A957-75060BB65573}\RP328\A0040556.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{66C7102C-5271-40D3-A957-75060BB65573}\RP328\A0040574.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bminddoh.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\allqilwe.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\bhjflk.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\bqeolm.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\cdseqdcw.exe.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\cqovdw.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\ctgruhes.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\fpofrwae.exe.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\fqtensjx.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\gwxoivbp.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\hgtvhb.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\mggdetun.exe.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\muuemqcy.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\oocapdmi.exe.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\orumunfo.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\pgarxegl.exe.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\pmjgslnt.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\qvuuaite.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\rbdssdtf.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\rffdzf.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\rrpewemf.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\rwlpqxso.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\snpjponk.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\twqisgmc.exe.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\uplygxal.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\vrvsuyig.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\vxokjffi.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\kjivusto.exe.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\llyytseh.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\luwyad.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\maxcdh.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\clkcnt.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Cookies\bumo.reg (Fake.Dropped.Malware) -> Delete on reboot.
C:\Documents and Settings\NetworkService\Cookies\jababug.inf (Fake.Dropped.Malware) -> Delete on reboot.
C:\Documents and Settings\NetworkService\Cookies\uwux.exe (Fake.Dropped.Malware) -> Delete on reboot.
C:\Documents and Settings\NetworkService\Cookies\jiceji._sy (Fake.Dropped.Malware) -> Delete on reboot.
C:\Documents and Settings\NetworkService\Cookies\esycire._dl (Fake.Dropped.Malware) -> Delete on reboot.
C:\Documents and Settings\NetworkService\Cookies\syssp.exe (Fake.Dropped.Malware) -> Delete on reboot.
[ + lainaa]
Hujo
Suspended permanently
_ 		27. elokuuta 2008 @ 12:46 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Käynnistä > oma tietokone hiiren oikenpuoleisella napilla > ominaisuudet > välilehti Järjestelmän palauttaminen > laita täppi kohtaan ¤ Poista järjestelmän palauttaminen käyttöstä kaikkissa asemissa.

sammuta ja käynnistä

ota täppi pois

================

scannaa hjt:llä merkkaa paina Fix checked

O4 - HKLM\..\Run: [COMODO SafeSurf] "C:\Program Files\COMODO\SafeSurf\cssurf.exe" -s


Poista vikasiedossa

C:\Program Files\COMODO\SafeSurf

===============

Javan päivitys ja välimuistin tyhjennys:

Lataa JavaRa ja pura se työpöydällesi.

***Sulje kaikki päällä olevat Internet Explorerin ikkunat ennen jatkamista!***

* Tuplaklikkaa JavaRa.exeä käynnistääksesi ohjelma.
* Valitse English pudotusvalikosta valitaksesi kieleksi englannin ja klikkaa Select.
* Klikkaa Remove Older Versions poistaaksesi vanhat Java-versiot koneeltasi.
* Klikkaa Yes kun pyydetään. Kun JavaRa on valmis, se ilmoittaa, että lokitiedosto on luotu. Klikkaa OK.
* Lokitiedosto avautuu. Lähetä sen sisältö seuraavassa viestissäsi.
4. Asenna uusin Java päivitys seuraavasta linkistä..

http://java.sun.com/javase/downloads/index.jsp

Rullaa alas kohteeseen Java Runtime Environment (JRE) 6 Update 7
Paina Download
Laita Platform -kohtaan Windows
Ruksaa I agree to the Java SE Runtime Environment 6 License Agreement ja paina Continue
Paina Windows Offline Installationin alapuolella jre-6u4-windows-i586-p.exe

Tallenna tiedosto vaikka työpöydälle ja asenna se.

5. Käynnistä kone uudelleen asennuksen jälkeen.
6. Käynnistyksen jälkeen, mene takaisin Ohjauspaneeliin ja avaa Java asetuksesi (Muita Ohjauspaneelin asetuksia -> Java kahvikuppi).
7. General-välilehdellä klikkaa Settings. Vedä liukusäädintä (Disk Space) pienemmälle.

(Jotkut javapohjaiset ohjelmat saattavat tarvita enemmän levytilaa.
Jos huomaat säädön pienentämisen jälkeen koneessa hitautta, siirrä liukusäädintä isommalle).

8. Klikkaa Delete Files -nappia. Varmista että kaikki kaksi valintaa ovat rastitettuja:
* Applications and Applets
* Trace and Log Files

Ja paina OK -nappia
Huomaa: Tämä poistaa kaikki ladatut sovellukset ja appletit VÄLIMUISTISTA.

9. Klikkaa OK "Temporary Files Settings" -ikkunassasi.
10. Välilehti Update: ota ruksi pois kohdasta Check for Updates automatically
Valitse Never check
11. Klikkaa Apply ja OK jättääksesi Java asetusikkunasi.

==================

Lataa Tästä Ccleaner
CCleaner v2.05.555- Standard Build, ÄLÄ aseenna Yahoo toolbaria!
Asennuksessa poista merkki/rasti kohdasta "asenna Yahoo! toolbar/työkalupalkki".
Asennuksen jälkeen aukaise CCleaner.
Valitse vasemmalta pystyrivistä Options.
Valitse viereisestä pystyrivistä Settings.
Language kohtaan valitse Suomi.

Puhdistaja
Valitse vasemmalta pystyrivistä Puhdistaja.
Paina alhaalta Tutki.
Nyt CCleaner tutkii, mitä voidaan poistaa (tempit, cookiessit jne.).
Kun tutkiminen on valmis, paina Aja CCleaner.
Nyt CCleaner poistaa löydetyt tempit, cookiessit jne.

Rekisterin virheiden korjaus
Valitse vasemmalta pystyrivistä Rekisteri.
Paina alhaalta Etsi rekisterin virheitä.
Kun etsintä on valmis ja olet varma, että haluat korjata ne rivit jotka ovat merkattuja, niin paina Korjaa valitut rekisterin virheet.
Sinulta kysytään "haluatko varmuuskopioida muutokset rekisteriin", paina Kyllä. Tallenna varmuuskopio vaikka "Omat tiedostot" -kansioon.
Klikkaa uudesta aukeavasta ikkunasta Korjaa kaikki valitut virheet.
Saat vielä varmistus kysymyksen, paina Ok.
Kun virheet on korjattu, paina Sulje.
Nyt voit sulkea CCleanerin painamalla oikealta ylhäältä punaista rastia.

[ + lainaa]
Voiko tietsikka koskaan toimia?

Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 27. elokuuta 2008 @ 12:55
teamsfv
Junior Member
_ 		27. elokuuta 2008 @ 13:02 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Miten toi vikasietotilassa tehtävä poisto teherään ?
[ + lainaa]

Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 27. elokuuta 2008 @ 13:05
Hujo
Suspended permanently
_ 		27. elokuuta 2008 @ 13:15 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
sammuta ja käynnistä
käynnistyksen yhteydessä hakkaa F8 nappia
valitse nuolinäppäimellä vikasietotila
paina enter ja enter
valitse käyttäjätilisi
paina kyllä

Jossakin koneissa hakataan F8:sin sijasta F5:tä

Löyttyykös tuolta lisää poista sovelutuksesta

C:\Program Files\COMODO\SafeSurf vai onko se noin COMODO SafeSurf
jos löytyy poista sieltä
ja sitten tuo pois vikasiedossa mikä on punasella merkitty
[ + lainaa]
Voiko tietsikka koskaan toimia?

Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 27. elokuuta 2008 @ 13:18
teamsfv
Junior Member
_ 		27. elokuuta 2008 @ 15:15 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
JavaRa 1.11 Removal Log.

Report follows after line.

------------------------------------

The JavaRa removal process was started on Wed Aug 27 15:09:20 2008

Found and removed: C:\Windows\System32\jpicpl32.cpl

Found and removed: C:\Windows\Installer\{7148F0A8-6813-11D6-A77B-00B0D0142030}

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.4

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7148F0A8-6813-11D6-A77B-00B0D0142030}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F841731866D117AB7000B0D410203

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F841731866D117AB7000B0D410203

Found and removed: SOFTWARE\Classes\JavaPlugin.142_03

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.4.2_03

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.4.2_03

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.4.2_03

Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01

------------------------------------

Finished reporting.
[ + lainaa]
Hujo
Suspended permanently
_ 		27. elokuuta 2008 @ 15:27 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Laita scannaten uusi hjt:n loki

===========

Mites kone toimii
[ + lainaa]
Voiko tietsikka koskaan toimia?
teamsfv
Junior Member
_ 		27. elokuuta 2008 @ 15:58 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Hyvin alkaa toimiin, Javan asetusia en vielä löytänyt.

Viimeisin logi näyttää tältä:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:53:37, on 27.8.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\COMODO\Firewall\cmdagent.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\hphmon05.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\K-Lite Codec Pack\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\COMODO\Firewall\cfp.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\SetPoint\KEM.exe
C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE
C:\Program Files\Hewlett-Packard\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\Skype\Plugin Manager\SkypePM.exe
C:\Program Files\Nokia\Nokia PC Suite 6\OneTouchAccess.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\system32\hphmon05.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\K-Lite Codec Pack\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Paikallinen palve')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Verkkopalve')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone -pikakäynnistys.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Avaa uuteen etuvälilehteen - res://C:\Program Files\Windows Live Toolbar\Components\fi-fi\msntabres.dll.mui/230?20c14230637e4cad9560876846ed7244
O8 - Extra context menu item: Avaa uuteen taustavälilehteen - res://C:\Program Files\Windows Live Toolbar\Components\fi-fi\msntabres.dll.mui/229?20c14230637e4cad9560876846ed7244
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Lisää tämä blogiin - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Lisää tämä blogiin tuotteessa Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Tuki - {1F2CA859-F258-49F4-82DC-F19AEE5D9788} - http://tuki.elisa.net/ (file missing) (HKCU)
O9 - Extra button: SMS-viesti - {E5F0EF26-9856-462C-A2F8-FC6EF7F7368E} - http://sms.kolumbus.fi/ (file missing) (HKCU)
O9 - Extra button: Palvelut - {FE38BD7A-B524-48A1-89B0-32E2D3E090A0} - http://service.kolumbus.fi/ (file missing) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://elisa.net/
O16 - DPF: {3B36B017-7E49-426B-95B0-B5CECD83C2E2} (IfolorUploader Control) - http://fika-web.ifolor.net/OrderingGener...loader_fika.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{854DAD00-A0D8-4F16-9481-DEC3D9A8379F}: NameServer = 217.78.192.22 217.78.192.78
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe

--
End of file - 11824 bytes
[ + lainaa]
Hujo
Suspended permanently
_ 		27. elokuuta 2008 @ 16:50 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
tuo avast ja norton koneella kumpi on käytössä
[ + lainaa]
Voiko tietsikka koskaan toimia?
teamsfv
Junior Member
_ 		27. elokuuta 2008 @ 17:00 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Avasti on käytössä, Nortonin lisensistä loppu vieteri.
[ + lainaa]
Hujo
Suspended permanently
_ 		27. elokuuta 2008 @ 17:13 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
täytyy sitten vetää vieteri poikki

Tästä poistotyökalu

=========

scannaa sitten uusi hjt:n loki

[ + lainaa]
Voiko tietsikka koskaan toimia?
teamsfv
Junior Member
_ 		27. elokuuta 2008 @ 17:50 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Jospa se vieteri ois ny pois :)

Kone käynnisty vielä hitasti, mutta muuten toimii nopeaa.

Logi näyttää tältä:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:45:41, on 27.8.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\COMODO\Firewall\cmdagent.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\hphmon05.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\K-Lite Codec Pack\Real\Update_OB\realsched.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\COMODO\Firewall\cfp.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\KEM.exe
C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE
C:\Program Files\Hewlett-Packard\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\Program Files\Skype\Plugin Manager\SkypePM.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\svchost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\system32\hphmon05.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\K-Lite Codec Pack\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Paikallinen palve')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Verkkopalve')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone -pikakäynnistys.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Avaa uuteen etuvälilehteen - res://C:\Program Files\Windows Live Toolbar\Components\fi-fi\msntabres.dll.mui/230?20c14230637e4cad9560876846ed7244
O8 - Extra context menu item: Avaa uuteen taustavälilehteen - res://C:\Program Files\Windows Live Toolbar\Components\fi-fi\msntabres.dll.mui/229?20c14230637e4cad9560876846ed7244
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Lisää tämä blogiin - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Lisää tämä blogiin tuotteessa Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Tuki - {1F2CA859-F258-49F4-82DC-F19AEE5D9788} - http://tuki.elisa.net/ (file missing) (HKCU)
O9 - Extra button: SMS-viesti - {E5F0EF26-9856-462C-A2F8-FC6EF7F7368E} - http://sms.kolumbus.fi/ (file missing) (HKCU)
O9 - Extra button: Palvelut - {FE38BD7A-B524-48A1-89B0-32E2D3E090A0} - http://service.kolumbus.fi/ (file missing) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://elisa.net/
O16 - DPF: {3B36B017-7E49-426B-95B0-B5CECD83C2E2} (IfolorUploader Control) - http://fika-web.ifolor.net/OrderingGener...loader_fika.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe

--
End of file - 10511 bytes
[ + lainaa]
Hujo
Suspended permanently
_ 		27. elokuuta 2008 @ 18:03 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Luo poistolista:
? Avaa HiJackThis
? Klikkaa "Configure" valintaa oikealla alhaalla
? Klikkaa "Misc Tools"
? Klikkaa boxia joka sanoo "Uninstall Manager"
? Klikkaa valintaa "Save list"
? Kopioi ja liitä kyseinen lista muistiosta ketjuusi

[ + lainaa]
Voiko tietsikka koskaan toimia?
teamsfv
Junior Member
_ 		27. elokuuta 2008 @ 18:12 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Adobe Acrobat 5.0
Adobe Download Manager 2.2 (Poista ainoastaan)
Adobe Photoshop Elements 2.0
Adobe Reader 6.0.1 - Suomi
Ask Toolbar
Automaattiset valikot (Windows Live Toolbar)
avast! Antivirus
AVG Anti-Spyware 7.5
Canon i450
Canon Utilities Easy-PhotoPrint
CCleaner (remove only)
COMODO Firewall Pro
Conexant AC-Link Audio
Easy-WebPrint
Google Toolbar for Internet Explorer
HijackThis 2.0.2
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB926239)
Hotfix-korjauspäivitys Windows Media Player 11:lle (KB939683)
Hotfix-päivitys Windows Internet Explorer 7:lle (KB947864)
Hotfix-päivitys Windows XP:lle (KB952287)
HP Deskjet Preloaded Printer Drivers
HP Digital Photo Advisor
HP Image Zone 5.0
HP Imaging Device Functions 5.0
HP Photosmart -kamerat 5.0
HP Software Update
HP Solution Center & Imaging Support Tools 5.0
Intel(R) Extreme Graphics 2 Driver
InterActual Player
InterVideo WinDVD
K-Lite Mega Codec Pack 1.59
Logitech Desktop Messenger
Logitech SetPoint
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Finnish Language Pack
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Professional Edition 2003
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft User-Mode Driver Framework Feature Pack 1.5
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
Musicmatch® Jukebox
Nokia Connectivity Cable Driver
Nokia PC Suite
Nokia PC Suite
OpenMG Limited Patch 4.0-04-08-02-01
OpenMG Secure Module 4.0.00
PC Booster
PC Connectivity Solution
Photographer's Power Toys 1.5
Photosmart 140,240,7200,7600,7700,7900 Series
Pixia
Päivitys Windows XP:lle (KB894391)
Päivitys Windows XP:lle (KB898461)
Päivitys Windows XP:lle (KB900485)
Päivitys Windows XP:lle (KB904942)
Päivitys Windows XP:lle (KB908531)
Päivitys Windows XP:lle (KB910437)
Päivitys Windows XP:lle (KB911280)
Päivitys Windows XP:lle (KB916595)
Päivitys Windows XP:lle (KB920872)
Päivitys Windows XP:lle (KB922582)
Päivitys Windows XP:lle (KB927891)
Päivitys Windows XP:lle (KB929338)
Päivitys Windows XP:lle (KB930916)
Päivitys Windows XP:lle (KB931836)
Päivitys Windows XP:lle (KB932823-v3)
Päivitys Windows XP:lle (KB933360)
Päivitys Windows XP:lle (KB936357)
Päivitys Windows XP:lle (KB938828)
Päivitys Windows XP:lle (KB942763)
Päivitys Windows XP:lle (KB942840)
Päivitys Windows XP:lle (KB946627)
Päivitys Windows XP:lle (KB951072-v2)
Quick Launch Buttons 5.00 B3
RealOne Player
RecordNow!
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Selaus välilehtiä käyttäen (Windows Live Toolbar)
Skype 3.0
Skype Plugin Manager
SoftV92 Data Fax Modem with SmartCP
Sonic DLA
Sonic Update Manager
SonicStage 2.1.00
Suojauspäivitys ohjelmistolle Windows XP (KB923689)
Suojauspäivitys ohjelmistolle Windows XP (KB941569)
Suojauspäivitys Windows Internet Explorer 7:lle (KB938127)
Suojauspäivitys Windows Internet Explorer 7:lle (KB953838)
Suojauspäivitys Windows Media Player 11:lle (KB936782)
Suojauspäivitys Windows Media Player 6.4:lle (KB925398)
Suojauspäivitys Windows Media Player 9:lle (KB917734)
Suojauspäivitys Windows Media Player 9:lle (KB936782)
Suojauspäivitys Windows Media Playerille (KB911564)
Suojauspäivitys Windows XP:lle (KB890046)
Suojauspäivitys Windows XP:lle (KB893756)
Suojauspäivitys Windows XP:lle (KB896358)
Suojauspäivitys Windows XP:lle (KB896423)
Suojauspäivitys Windows XP:lle (KB896424)
Suojauspäivitys Windows XP:lle (KB896428)
Suojauspäivitys Windows XP:lle (KB899587)
Suojauspäivitys Windows XP:lle (KB899591)
Suojauspäivitys Windows XP:lle (KB900725)
Suojauspäivitys Windows XP:lle (KB901017)
Suojauspäivitys Windows XP:lle (KB901214)
Suojauspäivitys Windows XP:lle (KB902400)
Suojauspäivitys Windows XP:lle (KB904706)
Suojauspäivitys Windows XP:lle (KB905414)
Suojauspäivitys Windows XP:lle (KB905749)
Suojauspäivitys Windows XP:lle (KB908519)
Suojauspäivitys Windows XP:lle (KB911562)
Suojauspäivitys Windows XP:lle (KB911567)
Suojauspäivitys Windows XP:lle (KB911927)
Suojauspäivitys Windows XP:lle (KB912919)
Suojauspäivitys Windows XP:lle (KB913580)
Suojauspäivitys Windows XP:lle (KB914388)
Suojauspäivitys Windows XP:lle (KB914389)
Suojauspäivitys Windows XP:lle (KB917159)
Suojauspäivitys Windows XP:lle (KB917344)
Suojauspäivitys Windows XP:lle (KB917422)
Suojauspäivitys Windows XP:lle (KB917953)
Suojauspäivitys Windows XP:lle (KB918118)
Suojauspäivitys Windows XP:lle (KB918439)
Suojauspäivitys Windows XP:lle (KB918899)
Suojauspäivitys Windows XP:lle (KB919007)
Suojauspäivitys Windows XP:lle (KB920213)
Suojauspäivitys Windows XP:lle (KB920214)
Suojauspäivitys Windows XP:lle (KB920670)
Suojauspäivitys Windows XP:lle (KB920683)
Suojauspäivitys Windows XP:lle (KB920685)
Suojauspäivitys Windows XP:lle (KB921398)
Suojauspäivitys Windows XP:lle (KB921503)
Suojauspäivitys Windows XP:lle (KB921883)
Suojauspäivitys Windows XP:lle (KB922616)
Suojauspäivitys Windows XP:lle (KB922760)
Suojauspäivitys Windows XP:lle (KB922819)
Suojauspäivitys Windows XP:lle (KB923191)
Suojauspäivitys Windows XP:lle (KB923414)
Suojauspäivitys Windows XP:lle (KB923694)
Suojauspäivitys Windows XP:lle (KB923980)
Suojauspäivitys Windows XP:lle (KB924191)
Suojauspäivitys Windows XP:lle (KB924270)
Suojauspäivitys Windows XP:lle (KB924496)
Suojauspäivitys Windows XP:lle (KB924667)
Suojauspäivitys Windows XP:lle (KB925454)
Suojauspäivitys Windows XP:lle (KB925486)
Suojauspäivitys Windows XP:lle (KB925902)
Suojauspäivitys Windows XP:lle (KB926255)
Suojauspäivitys Windows XP:lle (KB926436)
Suojauspäivitys Windows XP:lle (KB927779)
Suojauspäivitys Windows XP:lle (KB927802)
Suojauspäivitys Windows XP:lle (KB928090)
Suojauspäivitys Windows XP:lle (KB928255)
Suojauspäivitys Windows XP:lle (KB928843)
Suojauspäivitys Windows XP:lle (KB929123)
Suojauspäivitys Windows XP:lle (KB929969)
Suojauspäivitys Windows XP:lle (KB930178)
Suojauspäivitys Windows XP:lle (KB931261)
Suojauspäivitys Windows XP:lle (KB931768)
Suojauspäivitys Windows XP:lle (KB931784)
Suojauspäivitys Windows XP:lle (KB932168)
Suojauspäivitys Windows XP:lle (KB933566)
Suojauspäivitys Windows XP:lle (KB933729)
Suojauspäivitys Windows XP:lle (KB935839)
Suojauspäivitys Windows XP:lle (KB935840)
Suojauspäivitys Windows XP:lle (KB936021)
Suojauspäivitys Windows XP:lle (KB937143)
Suojauspäivitys Windows XP:lle (KB938127)
Suojauspäivitys Windows XP:lle (KB938829)
Suojauspäivitys Windows XP:lle (KB939653)
Suojauspäivitys Windows XP:lle (KB941202)
Suojauspäivitys Windows XP:lle (KB941568)
Suojauspäivitys Windows XP:lle (KB941644)
Suojauspäivitys Windows XP:lle (KB941693)
Suojauspäivitys Windows XP:lle (KB942615)
Suojauspäivitys Windows XP:lle (KB943055)
Suojauspäivitys Windows XP:lle (KB943460)
Suojauspäivitys Windows XP:lle (KB943485)
Suojauspäivitys Windows XP:lle (KB944338)
Suojauspäivitys Windows XP:lle (KB944533)
Suojauspäivitys Windows XP:lle (KB944653)
Suojauspäivitys Windows XP:lle (KB945553)
Suojauspäivitys Windows XP:lle (KB946026)
Suojauspäivitys Windows XP:lle (KB946648)
Suojauspäivitys Windows XP:lle (KB947864)
Suojauspäivitys Windows XP:lle (KB948590)
Suojauspäivitys Windows XP:lle (KB948881)
Suojauspäivitys Windows XP:lle (KB950749)
Suojauspäivitys Windows XP:lle (KB950762)
Suojauspäivitys Windows XP:lle (KB950974)
Suojauspäivitys Windows XP:lle (KB951066)
Suojauspäivitys Windows XP:lle (KB951376-v2)
Suojauspäivitys Windows XP:lle (KB951698)
Suojauspäivitys Windows XP:lle (KB951748)
Suojauspäivitys Windows XP:lle (KB952954)
Suojauspäivitys Windows XP:lle (KB953839)
Synaptics Pointing Device Driver
Syötteen tunnistus (Windows Live Toolbar)
USB Flash Disk
WinAce Archiver
Windows Imaging Component
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Live installer
Windows Live Messenger
Windows Live Toolbar
Windows Live Toolbar
Windows Live Toolbarin laajennus (Windows Live Toolbar)
Windows Live Writer
Windows Liven kirjautumisavustaja
Windows Liven sähköposti
Windows Liven valokuvavalikoima
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
Windowsin ohjainpaketti - Nokia (WUDFRd) WPD (06/01/2007 6.84.33.0)
Windowsin ohjainpaketti - Nokia Modem (02/15/2007 3.1)
Windowsin ohjainpaketti - Nokia Modem (02/15/2007 3.1)
Windowsin ohjainpaketti - Nokia Modem (05/24/2007 6.84.0.1)
[ + lainaa]
Hujo
Suspended permanently
_ 		27. elokuuta 2008 @ 18:32 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Poista lisää poista sovelutuksesta

AVG Anti-Spyware 7.5
Logitech Desktop Messenger
Ask Toolbar

===============

scannaa combofixsillä uudelleen
[ + lainaa]
Voiko tietsikka koskaan toimia?

Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 27. elokuuta 2008 @ 18:33
teamsfv
Junior Member
_ 		27. elokuuta 2008 @ 20:30 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Viimesin tuotos

ComboFix 08-08-26.01 - Outi Röksä 2008-08-27 20:14:10.2 - NTFSx86
Running from: C:\Documents and Settings\Outi Röksä\Työpöytä\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((( Tiedostot, jotka on luotu seuraavalla aikavälillä: 2008-07-27 to 2008-08-27 )))))))))))))))))
.

2008-08-27 20:01 . 2008-08-24 19:06 262,144 --a------ C:\Program Files\Uninstall Ask Toolbar.dll
2008-08-27 13:58 . 2008-06-14 20:59 272,128 --------- C:\WINDOWS\system32\drivers\bthport.sys
2008-08-27 13:58 . 2008-06-14 20:59 272,128 --------- C:\WINDOWS\system32\dllcache\bthport.sys
2008-08-27 13:50 . 2008-05-01 17:32 331,776 --------- C:\WINDOWS\system32\dllcache\msadce.dll
2008-08-27 12:30 . 2008-08-27 12:30 <KANSIO> d-------- C:\WINDOWS\ERUNT
2008-08-27 11:57 . 2008-08-27 11:57 61,440 --a------ C:\WINDOWS\system32\drivers\jmfyfhb.sys
2008-08-27 01:51 . 2008-08-27 01:51 <KANSIO> d-------- C:\Documents and Settings\Outi R÷ksõ
2008-08-27 01:51 . 2008-08-27 01:51 <KANSIO> d-------- C:\Documents and Settings\Jõrjestelmõnvalvoja
2008-08-27 01:06 . 2008-08-27 01:06 <KANSIO> d-------- C:\Documents and Settings\Outi Röksä\Application Data\Malwarebytes
2008-08-27 01:04 . 2008-08-17 15:01 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-08-27 01:03 . 2008-08-27 01:05 <KANSIO> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-08-27 01:03 . 2008-08-27 01:03 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-08-27 01:03 . 2008-08-17 15:01 38,472 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-08-26 23:06 . 2008-08-26 23:06 <KANSIO> d-------- C:\Program Files\Trend Micro
2008-08-26 22:06 . 2008-08-26 22:09 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\PC Suite
2008-08-26 22:05 . 2008-08-26 22:09 <KANSIO> d-------- C:\Documents and Settings\Outi Röksä\Application Data\Nokia
2008-08-26 22:04 . 2008-08-26 22:04 <KANSIO> d-------- C:\Program Files\Common Files\PCSuite
2008-08-26 22:04 . 2008-08-26 22:04 <KANSIO> d-------- C:\Program Files\Common Files\Nokia
2008-08-26 22:03 . 2008-08-26 22:03 <KANSIO> d-------- C:\Program Files\DIFX
2008-08-26 22:01 . 2008-08-26 22:01 <KANSIO> d-------- C:\Program Files\PC Connectivity Solution
2008-08-26 22:01 . 2008-08-26 22:06 <KANSIO> d-------- C:\Documents and Settings\Outi Röksä\Application Data\PC Suite
2008-08-26 22:00 . 2007-02-22 11:15 137,216 --a------ C:\WINDOWS\system32\drivers\nmwcd.sys
2008-08-26 22:00 . 2007-02-22 11:15 90,624 --a------ C:\WINDOWS\system32\nmwcdcls.dll
2008-08-26 22:00 . 2007-02-22 11:15 65,536 --a------ C:\WINDOWS\system32\nmwcdcocls.dll
2008-08-26 22:00 . 2007-02-22 11:15 12,288 --a------ C:\WINDOWS\system32\drivers\nmwcdcm.sys
2008-08-26 22:00 . 2007-02-22 11:15 12,288 --a------ C:\WINDOWS\system32\drivers\nmwcdcj.sys
2008-08-26 22:00 . 2007-02-22 11:15 8,320 --a------ C:\WINDOWS\system32\drivers\nmwcdc.sys
2008-08-26 21:59 . 2008-08-26 22:04 <KANSIO> d-------- C:\Program Files\Nokia
2008-08-26 21:55 . 2008-08-26 21:55 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\Installations
2008-08-26 20:45 . 2008-08-26 21:14 <KANSIO> d-------- C:\Documents and Settings\Järjestelmänvalvoja\Suosikit
2008-08-26 20:45 . 2008-08-26 21:14 <KANSIO> d-------- C:\Documents and Settings\Järjestelmänvalvoja\Mallit
2008-08-26 20:45 . 2008-08-26 21:14 <KANSIO> d---s---- C:\Documents and Settings\Järjestelmänvalvoja
2008-08-24 19:06 . 2008-08-24 19:06 249,592 --a------ C:\WINDOWS\system32\cssdll32.dll
2008-08-24 19:05 . 2008-08-24 19:05 <KANSIO> d-------- C:\Documents and Settings\Outi Röksä\Application Data\Comodo
2008-08-24 19:05 . 2008-08-26 21:03 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\comodo
2008-08-24 19:05 . 2008-08-24 19:04 143,104 --a------ C:\WINDOWS\system32\guard32.dll
2008-08-24 19:05 . 2008-08-24 19:04 87,056 --a------ C:\WINDOWS\system32\drivers\cmdguard.sys
2008-08-24 19:05 . 2008-08-24 19:04 24,208 --a------ C:\WINDOWS\system32\drivers\cmdhlp.sys
2008-08-24 19:04 . 2008-08-27 14:41 <KANSIO> d-------- C:\Program Files\COMODO
2008-08-24 18:45 . 2008-08-24 18:45 <KANSIO> d-------- C:\Program Files\Alwil Software
2008-08-19 23:01 . 2008-08-19 23:01 <KANSIO> d-------- C:\Documents and Settings\Vieras\Application Data\Sony Corporation
2008-08-08 20:10 . 2008-08-08 20:10 <KANSIO> d-------- C:\Program Files\CCleaner
2008-08-08 20:08 . 2008-08-08 20:08 <KANSIO> d-------- C:\Program Files\inKline Global
2008-08-08 19:59 . 2008-08-08 19:59 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft

.
(((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-27 17:12 --------- d-----w C:\Documents and Settings\Outi Röksä\Application Data\Skype
2008-08-27 14:32 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-08-27 14:32 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2008-08-24 16:17 --------- d-----w C:\Program Files\Norton 360
2008-08-24 15:44 --------- d-----w C:\Program Files\WinAce
2008-08-08 17:22 --------- d-----w C:\Program Files\Hardwood Solitaire III
2008-08-08 17:08 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-07-18 19:10 94,920 ----a-w C:\WINDOWS\system32\dllcache\cdm.dll
2008-07-18 19:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
2008-07-18 19:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-07-18 19:10 53,448 ----a-w C:\WINDOWS\system32\dllcache\wuauclt.exe
2008-07-18 19:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
2008-07-18 19:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
2008-07-18 19:10 36,552 ----a-w C:\WINDOWS\system32\dllcache\wups.dll
2008-07-18 19:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
2008-07-18 19:09 563,912 ----a-w C:\WINDOWS\system32\dllcache\wuapi.dll
2008-07-18 19:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-07-18 19:09 325,832 ----a-w C:\WINDOWS\system32\dllcache\wucltui.dll
2008-07-18 19:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
2008-07-18 19:09 205,000 ----a-w C:\WINDOWS\system32\dllcache\wuweb.dll
2008-07-18 19:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
2008-07-18 19:09 1,811,656 ----a-w C:\WINDOWS\system32\dllcache\wuaueng.dll
2008-07-18 19:07 270,880 ----a-w C:\WINDOWS\system32\mucltui.dll
2008-07-18 19:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll
2008-07-18 18:39 586,752 ----a-w C:\WINDOWS\WLXPGSS.SCR
2008-07-07 20:31 253,952 ----a-w C:\WINDOWS\system32\es.dll
2008-07-07 20:31 253,952 ------w C:\WINDOWS\system32\dllcache\es.dll
2008-06-24 16:23 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
2008-06-24 16:23 74,240 ------w C:\WINDOWS\system32\dllcache\mscms.dll
2008-06-24 07:29 3,592,192 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
2008-06-23 09:21 70,656 ------w C:\WINDOWS\system32\dllcache\ie4uinit.exe
2008-06-23 09:21 625,664 ------w C:\WINDOWS\system32\dllcache\iexplore.exe
2008-06-23 09:20 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-06-21 05:23 161,792 ------w C:\WINDOWS\system32\dllcache\ieakui.dll
2008-06-20 17:41 246,784 ----a-w C:\WINDOWS\system32\mswsock.dll
2008-06-20 17:41 246,784 ------w C:\WINDOWS\system32\dllcache\mswsock.dll
2008-06-20 17:41 148,992 ----a-w C:\WINDOWS\system32\dllcache\dnsapi.dll
2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\dllcache\tcpip.sys
2008-06-20 10:44 138,368 ------w C:\WINDOWS\system32\dllcache\afd.sys
2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\dllcache\tcpip6.sys
2008-05-30 04:05 370,176 ------w C:\WINDOWS\system32\byXRlMeE.dll
2008-05-29 19:09 106,496 ----a-w C:\f-sdbot.exe
.

((((((((((((((((((((((((((((( snapshot@2008-08-27_ 1.49.19.18 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-06-14 17:59:49 272,128 ------w C:\WINDOWS\Driver Cache\i386\bthport.sys
+ 2008-08-07 13:27:04 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX\ERDNT.EXE
+ 2008-08-27 09:30:35 4,911,104 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\00000001\ntuser.dat
+ 2008-08-27 09:30:35 36,864 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\00000002\UsrClass.dat
+ 2008-08-07 13:27:04 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\ERDNT.EXE
+ 2008-08-27 09:30:22 4,911,104 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\00000001\ntuser.dat
+ 2008-08-27 09:30:22 36,864 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\00000002\UsrClass.dat
+ 2008-03-01 13:01:50 124,928 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\advpack.dll
+ 2008-03-01 13:01:50 347,136 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\dxtmsft.dll
+ 2008-03-01 13:01:50 214,528 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\dxtrans.dll
+ 2008-03-01 13:01:50 133,120 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\extmgr.dll
+ 2008-03-01 13:01:50 63,488 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\icardie.dll
+ 2008-02-29 08:55:56 70,656 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ie4uinit.exe
+ 2008-03-01 13:01:50 153,088 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieakeng.dll
+ 2008-03-01 13:01:50 230,400 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieaksie.dll
+ 2008-02-15 05:44:25 161,792 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieakui.dll
+ 2008-03-01 13:01:51 383,488 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieapfltr.dll
+ 2008-03-01 13:01:51 384,512 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\iedkcs32.dll
+ 2008-03-01 13:01:51 6,066,176 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieframe.dll
+ 2008-03-01 13:01:51 44,544 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\iernonce.dll
+ 2008-03-01 13:01:51 267,776 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\iertutil.dll
+ 2008-02-22 10:00:51 13,824 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieudinit.exe
+ 2008-02-29 08:56:25 625,664 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\iexplore.exe
+ 2008-03-01 13:01:51 27,648 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\jsproxy.dll
+ 2008-03-01 13:01:52 459,264 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\msfeeds.dll
+ 2008-03-01 13:01:52 52,224 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\msfeedsbs.dll
+ 2008-03-01 15:31:54 3,591,680 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\mshtml.dll
+ 2008-03-01 13:01:53 478,208 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\mshtmled.dll
+ 2008-03-01 13:01:53 193,024 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\msrating.dll
+ 2008-03-01 13:01:53 671,232 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\mstime.dll
+ 2008-03-01 13:01:53 102,912 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\occache.dll
+ 2008-03-01 13:01:53 44,544 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\pngfilt.dll
+ 2007-03-06 01:31:14 214,752 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:32:23 380,640 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\updspapi.dll
+ 2008-03-01 13:01:53 105,984 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\url.dll
+ 2008-03-01 13:01:53 1,159,680 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\urlmon.dll
+ 2008-03-01 13:01:53 233,472 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\webcheck.dll
+ 2008-03-01 13:01:53 826,368 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\wininet.dll
+ 2008-02-04 07:10:10 208,928 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8F68107A553F2A24989BC2983BE656E0\12.0.1329\ImagingDevice.dll
+ 2008-02-04 07:06:54 417,312 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8F68107A553F2A24989BC2983BE656E0\12.0.1329\ImagingServices.dll
+ 2008-02-04 07:08:42 83,488 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8F68107A553F2A24989BC2983BE656E0\12.0.1329\LiveAlbumXCtrl.dll
+ 2008-02-04 07:07:46 1,779,744 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8F68107A553F2A24989BC2983BE656E0\12.0.1329\MicrosoftEffects.dll
+ 2008-02-04 07:05:04 46,112 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8F68107A553F2A24989BC2983BE656E0\12.0.1329\PhotoViewerShim.dll
+ 2008-02-04 07:11:44 371,744 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8F68107A553F2A24989BC2983BE656E0\12.0.1329\WLXAlbumDownloadWizard.exe
+ 2008-02-01 08:22:14 279,680 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8F68107A553F2A24989BC2983BE656E0\12.0.1329\wlxclip.dll
+ 2008-02-01 08:13:40 191,104 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8F68107A553F2A24989BC2983BE656E0\12.0.1329\WLXDSPA.dll
+ 2008-02-04 07:10:02 130,592 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8F68107A553F2A24989BC2983BE656E0\12.0.1329\WLXGrinderScheduler.dll
+ 2008-02-04 07:06:00 59,424 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8F68107A553F2A24989BC2983BE656E0\12.0.1329\WLXImageTranscode.dll
+ 2008-02-04 07:08:16 711,712 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8F68107A553F2A24989BC2983BE656E0\12.0.1329\WLXMediaPublishSubscribe.dll
+ 2008-02-01 08:17:36 586,752 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8F68107A553F2A24989BC2983BE656E0\12.0.1329\WLXPGSS.SCR
+ 2008-02-04 07:06:44 1,563,680 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8F68107A553F2A24989BC2983BE656E0\12.0.1329\WLXPhotoAcq.dll
+ 2008-02-01 08:13:40 227,456 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8F68107A553F2A24989BC2983BE656E0\12.0.1329\WLXPhotoAcquireWizard.exe
+ 2008-02-04 07:08:38 86,560 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8F68107A553F2A24989BC2983BE656E0\12.0.1329\WLXPhotoCinematic.dll
+ 2008-02-04 07:08:32 83,488 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8F68107A553F2A24989BC2983BE656E0\12.0.1329\WLXPhotoClassic.dll
+ 2008-02-04 07:09:06 125,472 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8F68107A553F2A24989BC2983BE656E0\12.0.1329\WLXPhotoGallery.exe
+ 2008-02-01 08:13:42 16,000 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8F68107A553F2A24989BC2983BE656E0\12.0.1329\WLXPhotoGalleryRepair.exe
+ 2008-02-04 07:06:54 394,272 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8F68107A553F2A24989BC2983BE656E0\12.0.1329\WLXPhotoLibraryDatabase.dll
+ 2008-02-04 07:06:20 1,515,040 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8F68107A553F2A24989BC2983BE656E0\12.0.1329\WLXPhotoViewer.dll
+ 2008-02-04 07:06:20 1,250,336 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8F68107A553F2A24989BC2983BE656E0\12.0.1329\WLXPhotoVoyager.dll
+ 2008-02-04 07:06:18 752,672 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8F68107A553F2A24989BC2983BE656E0\12.0.1329\WLXPipeline.dll
+ 2008-02-04 07:06:14 734,752 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8F68107A553F2A24989BC2983BE656E0\12.0.1329\WLXPipetran.dll
+ 2008-02-01 08:13:42 101,504 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8F68107A553F2A24989BC2983BE656E0\12.0.1329\WLXQuickTimeControlHost.exe
+ 2008-02-04 07:05:00 20,512 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8F68107A553F2A24989BC2983BE656E0\12.0.1329\WLXQuickTimeControlHostPS.dll
+ 2008-02-04 07:05:04 53,792 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8F68107A553F2A24989BC2983BE656E0\12.0.1329\WLXQuickTimeShellExt.dll
+ 2008-02-04 07:08:42 85,024 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8F68107A553F2A24989BC2983BE656E0\12.0.1329\WLXThumbCache.dll
+ 2008-02-04 07:10:04 144,416 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8F68107A553F2A24989BC2983BE656E0\12.0.1329\WLXVAFilt.dll
+ 2008-02-04 07:07:10 670,752 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8F68107A553F2A24989BC2983BE656E0\12.0.1329\WLXVideoAcquireWizard.exe
+ 2008-02-04 07:07:10 69,152 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8F68107A553F2A24989BC2983BE656E0\12.0.1329\WLXVideoCameraAutoPlayManager.exe
+ 2008-02-04 07:10:10 165,408 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8F68107A553F2A24989BC2983BE656E0\12.0.1329\WLXVideoTrim.dll
+ 2003-07-08 16:48:00 115,288 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\B0403E1900063D11C8EF10054038389C\11.0.5614\OUTLFLTR.DLL
- 2008-06-10 09:58:00 593,920 ----a-r C:\WINDOWS\Installer\{91E3040B-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2008-08-27 11:16:18 593,920 ----a-r C:\WINDOWS\Installer\{91E3040B-6000-11D3-8CFE-0150048383C9}\accicons.exe
- 2008-06-10 09:58:00 12,288 ----a-r C:\WINDOWS\Installer\{91E3040B-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2008-08-27 11:16:18 12,288 ----a-r C:\WINDOWS\Installer\{91E3040B-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2008-06-10 09:58:00 86,016 ----a-r C:\WINDOWS\Installer\{91E3040B-6000-11D3-8CFE-0150048383C9}\inficon.exe
+ 2008-08-27 11:16:18 86,016 ----a-r C:\WINDOWS\Installer\{91E3040B-6000-11D3-8CFE-0150048383C9}\inficon.exe
- 2008-06-10 09:58:00 135,168 ----a-r C:\WINDOWS\Installer\{91E3040B-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2008-08-27 11:16:18 135,168 ----a-r C:\WINDOWS\Installer\{91E3040B-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2008-06-10 09:58:00 11,264 ----a-r C:\WINDOWS\Installer\{91E3040B-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2008-08-27 11:16:18 11,264 ----a-r C:\WINDOWS\Installer\{91E3040B-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2008-06-10 09:58:00 27,136 ----a-r C:\WINDOWS\Installer\{91E3040B-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2008-08-27 11:16:18 27,136 ----a-r C:\WINDOWS\Installer\{91E3040B-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2008-06-10 09:58:01 4,096 ----a-r C:\WINDOWS\Installer\{91E3040B-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2008-08-27 11:16:18 4,096 ----a-r C:\WINDOWS\Installer\{91E3040B-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2008-06-10 09:58:01 794,624 ----a-r C:\WINDOWS\Installer\{91E3040B-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2008-08-27 11:16:18 794,624 ----a-r C:\WINDOWS\Installer\{91E3040B-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2008-06-10 09:58:00 249,856 ----a-r C:\WINDOWS\Installer\{91E3040B-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2008-08-27 11:16:18 249,856 ----a-r C:\WINDOWS\Installer\{91E3040B-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2008-06-10 09:58:00 61,440 ----a-r C:\WINDOWS\Installer\{91E3040B-6000-11D3-8CFE-0150048383C9}\pubs.exe
+ 2008-08-27 11:16:18 61,440 ----a-r C:\WINDOWS\Installer\{91E3040B-6000-11D3-8CFE-0150048383C9}\pubs.exe
- 2008-06-10 09:58:01 23,040 ----a-r C:\WINDOWS\Installer\{91E3040B-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2008-08-27 11:16:18 23,040 ----a-r C:\WINDOWS\Installer\{91E3040B-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2008-06-10 09:58:00 286,720 ----a-r C:\WINDOWS\Installer\{91E3040B-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2008-08-27 11:16:18 286,720 ----a-r C:\WINDOWS\Installer\{91E3040B-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2008-06-10 09:57:59 409,600 ----a-r C:\WINDOWS\Installer\{91E3040B-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2008-08-27 11:16:18 409,600 ----a-r C:\WINDOWS\Installer\{91E3040B-6000-11D3-8CFE-0150048383C9}\xlicons.exe
- 2008-04-27 12:33:10 123,008 ----a-r C:\WINDOWS\Installer\{A70186F8-F355-42A2-89B9-2C89B36E650E}\WLXPhotoGalleryIcon.exe
+ 2008-08-27 11:17:05 123,008 ----a-r C:\WINDOWS\Installer\{A70186F8-F355-42A2-89B9-2C89B36E650E}\WLXPhotoGalleryIcon.exe
- 2008-03-01 13:01:50 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
+ 2008-06-23 16:29:13 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
- 2008-03-01 13:01:50 124,928 ------w C:\WINDOWS\system32\dllcache\advpack.dll
+ 2008-06-23 16:29:13 124,928 ------w C:\WINDOWS\system32\dllcache\advpack.dll
- 2008-03-01 13:01:50 347,136 ----a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
+ 2008-06-23 16:29:13 347,136 ----a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
- 2008-03-01 13:01:50 214,528 ----a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
+ 2008-06-23 16:29:13 214,528 ----a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
- 2008-03-01 13:01:50 133,120 ----a-w C:\WINDOWS\system32\dllcache\extmgr.dll
+ 2008-06-23 16:29:13 133,120 ----a-w C:\WINDOWS\system32\dllcache\extmgr.dll
- 2008-03-01 13:01:50 63,488 ------w C:\WINDOWS\system32\dllcache\icardie.dll
+ 2008-06-23 16:29:13 63,488 ------w C:\WINDOWS\system32\dllcache\icardie.dll
- 2008-03-01 13:01:50 153,088 ------w C:\WINDOWS\system32\dllcache\ieakeng.dll
+ 2008-06-23 16:29:13 153,088 ------w C:\WINDOWS\system32\dllcache\ieakeng.dll
- 2008-03-01 13:01:50 230,400 ------w C:\WINDOWS\system32\dllcache\ieaksie.dll
+ 2008-06-23 16:29:13 230,400 ------w C:\WINDOWS\system32\dllcache\ieaksie.dll
- 2008-03-01 13:01:51 383,488 ------w C:\WINDOWS\system32\dllcache\ieapfltr.dll
+ 2008-06-23 16:29:13 383,488 ------w C:\WINDOWS\system32\dllcache\ieapfltr.dll
- 2008-03-01 13:01:51 384,512 ------w C:\WINDOWS\system32\dllcache\iedkcs32.dll
+ 2008-06-23 16:29:13 384,512 ------w C:\WINDOWS\system32\dllcache\iedkcs32.dll
- 2008-03-01 13:01:51 6,066,176 ------w C:\WINDOWS\system32\dllcache\ieframe.dll
+ 2008-06-23 16:29:14 6,066,176 ------w C:\WINDOWS\system32\dllcache\ieframe.dll
- 2008-03-01 13:01:51 44,544 ------w C:\WINDOWS\system32\dllcache\iernonce.dll
+ 2008-06-23 16:29:14 44,544 ------w C:\WINDOWS\system32\dllcache\iernonce.dll
- 2008-03-01 13:01:51 267,776 ------w C:\WINDOWS\system32\dllcache\iertutil.dll
+ 2008-06-23 16:29:14 267,776 ------w C:\WINDOWS\system32\dllcache\iertutil.dll
- 2007-08-21 06:17:25 683,520 ----a-w C:\WINDOWS\system32\dllcache\inetcomm.dll
+ 2008-04-11 18:51:34 683,520 ----a-w C:\WINDOWS\system32\dllcache\inetcomm.dll
- 2008-03-01 13:01:51 27,648 ----a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2008-06-23 16:29:15 27,648 ----a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
- 2008-03-01 13:01:52 459,264 ------w C:\WINDOWS\system32\dllcache\msfeeds.dll
+ 2008-06-23 16:29:15 459,264 ------w C:\WINDOWS\system32\dllcache\msfeeds.dll
- 2008-03-01 13:01:52 52,224 ------w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
+ 2008-06-23 16:29:15 52,224 ------w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
- 2008-03-01 13:01:53 478,208 ----a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
+ 2008-06-23 16:29:15 477,696 ----a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
- 2008-03-01 13:01:53 193,024 ----a-w C:\WINDOWS\system32\dllcache\msrating.dll
+ 2008-06-23 16:29:15 193,024 ----a-w C:\WINDOWS\system32\dllcache\msrating.dll
- 2008-03-01 13:01:53 671,232 ----a-w C:\WINDOWS\system32\dllcache\mstime.dll
+ 2008-06-23 16:29:15 671,232 ----a-w C:\WINDOWS\system32\dllcache\mstime.dll
- 2008-03-01 13:01:53 102,912 ------w C:\WINDOWS\system32\dllcache\occache.dll
+ 2008-06-23 16:29:15 102,912 ------w C:\WINDOWS\system32\dllcache\occache.dll
- 2008-03-01 13:01:53 44,544 ----a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
+ 2008-06-23 16:29:15 44,544 ----a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
- 2007-10-29 22:43:51 1,288,192 ------w C:\WINDOWS\system32\dllcache\quartz.dll
+ 2008-05-07 05:15:43 1,288,192 ------w C:\WINDOWS\system32\dllcache\quartz.dll
- 2006-07-13 08:48:58 202,240 ----a-w C:\WINDOWS\system32\dllcache\rmcast.sys
+ 2008-05-08 12:28:49 202,752 ----a-w C:\WINDOWS\system32\dllcache\rmcast.sys
- 2008-03-01 13:01:53 105,984 ------w C:\WINDOWS\system32\dllcache\url.dll
+ 2008-06-23 16:29:16 105,984 ------w C:\WINDOWS\system32\dllcache\url.dll
- 2008-03-01 13:01:53 1,159,680 ----a-w C:\WINDOWS\system32\dllcache\urlmon.dll
+ 2008-06-23 16:29:16 1,159,680 ----a-w C:\WINDOWS\system32\dllcache\urlmon.dll
- 2008-03-01 13:01:53 233,472 ------w C:\WINDOWS\system32\dllcache\webcheck.dll
+ 2008-06-23 16:29:16 233,472 ------w C:\WINDOWS\system32\dllcache\webcheck.dll
- 2008-03-01 13:01:53 826,368 ----a-w C:\WINDOWS\system32\dllcache\wininet.dll
+ 2008-06-23 16:29:16 826,368 ----a-w C:\WINDOWS\system32\dllcache\wininet.dll
- 2008-02-20 05:38:03 148,992 ----a-w C:\WINDOWS\system32\dnsapi.dll
+ 2008-06-20 17:41:09 148,992 ----a-w C:\WINDOWS\system32\dnsapi.dll
- 2004-09-15 08:00:00 138,496 ----a-w C:\WINDOWS\system32\drivers\afd.sys
+ 2008-06-20 10:44:38 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys
- 2006-07-13 08:48:58 202,240 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
+ 2008-05-08 12:28:49 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
- 2007-10-30 17:20:55 360,064 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
+ 2008-06-20 10:45:13 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
- 2006-08-16 09:37:30 225,664 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
+ 2008-06-20 09:52:06 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
- 2008-03-01 13:01:50 347,136 ----a-w C:\WINDOWS\system32\dxtmsft.dll
+ 2008-06-23 16:29:13 347,136 ----a-w C:\WINDOWS\system32\dxtmsft.dll
- 2008-03-01 13:01:50 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll
+ 2008-06-23 16:29:13 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll
- 2008-03-01 13:01:50 133,120 ----a-w C:\WINDOWS\system32\extmgr.dll
+ 2008-06-23 16:29:13 133,120 ----a-w C:\WINDOWS\system32\extmgr.dll
- 2008-03-01 13:01:50 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
+ 2008-06-23 16:29:13 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
- 2008-02-29 08:55:56 70,656 ----a-w C:\WINDOWS\system32\ie4uinit.exe
+ 2008-06-23 09:21:15 70,656 ----a-w C:\WINDOWS\system32\ie4uinit.exe
- 2008-03-01 13:01:50 153,088 ----a-w C:\WINDOWS\system32\ieakeng.dll
+ 2008-06-23 16:29:13 153,088 ----a-w C:\WINDOWS\system32\ieakeng.dll
- 2008-03-01 13:01:50 230,400 ----a-w C:\WINDOWS\system32\ieaksie.dll
+ 2008-06-23 16:29:13 230,400 ----a-w C:\WINDOWS\system32\ieaksie.dll
- 2008-02-15 05:44:25 161,792 ----a-w C:\WINDOWS\system32\ieakui.dll
+ 2008-06-21 05:23:54 161,792 ----a-w C:\WINDOWS\system32\ieakui.dll
- 2008-03-01 13:01:51 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
+ 2008-06-23 16:29:13 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
- 2008-03-01 13:01:51 384,512 ----a-w C:\WINDOWS\system32\iedkcs32.dll
+ 2008-06-23 16:29:13 384,512 ----a-w C:\WINDOWS\system32\iedkcs32.dll
- 2008-03-01 13:01:51 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll
+ 2008-06-23 16:29:14 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll
- 2008-03-01 13:01:51 44,544 ----a-w C:\WINDOWS\system32\iernonce.dll
+ 2008-06-23 16:29:14 44,544 ----a-w C:\WINDOWS\system32\iernonce.dll
- 2008-03-01 13:01:51 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
+ 2008-06-23 16:29:14 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
- 2008-02-22 10:00:51 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
+ 2008-06-23 09:20:26 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
- 2007-08-21 06:17:25 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
+ 2008-04-11 18:51:34 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
- 2008-03-01 13:01:51 27,648 ----a-w C:\WINDOWS\system32\jsproxy.dll
+ 2008-06-23 16:29:15 27,648 ----a-w C:\WINDOWS\system32\jsproxy.dll
- 2008-03-01 13:01:52 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
+ 2008-06-23 16:29:15 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
- 2008-03-01 13:01:52 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
+ 2008-06-23 16:29:15 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
- 2008-03-01 15:31:54 3,591,680 ----a-w C:\WINDOWS\system32\mshtml.dll
+ 2008-06-24 07:29:16 3,592,192 ----a-w C:\WINDOWS\system32\mshtml.dll
- 2008-03-01 13:01:53 478,208 ----a-w C:\WINDOWS\system32\mshtmled.dll
+ 2008-06-23 16:29:15 477,696 ----a-w C:\WINDOWS\system32\mshtmled.dll
- 2008-03-01 13:01:53 193,024 ----a-w C:\WINDOWS\system32\msrating.dll
+ 2008-06-23 16:29:15 193,024 ----a-w C:\WINDOWS\system32\msrating.dll
- 2008-03-01 13:01:53 671,232 ----a-w C:\WINDOWS\system32\mstime.dll
+ 2008-06-23 16:29:15 671,232 ----a-w C:\WINDOWS\system32\mstime.dll
- 2008-03-01 13:01:53 102,912 ----a-w C:\WINDOWS\system32\occache.dll
+ 2008-06-23 16:29:15 102,912 ----a-w C:\WINDOWS\system32\occache.dll
- 2008-03-01 13:01:53 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll
+ 2008-06-23 16:29:15 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll
- 2007-10-29 22:43:51 1,288,192 ----a-w C:\WINDOWS\system32\quartz.dll
+ 2008-05-07 05:15:43 1,288,192 ----a-w C:\WINDOWS\system32\quartz.dll
+ 2008-07-18 19:10:20 36,552 ----a-w C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.2.6001.784\wups.dll
+ 2008-07-18 19:10:40 45,768 ----a-w C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.2.6001.784\wups2.dll
- 2006-09-16 00:02:34 14,640 ------w C:\WINDOWS\system32\spmsg.dll
+ 2007-11-30 11:19:02 17,272 ------w C:\WINDOWS\system32\spmsg.dll
- 2007-11-13 11:31:11 60,416 ----a-w C:\WINDOWS\system32\tzchange.exe
+ 2008-07-14 11:09:18 62,976 ----a-w C:\WINDOWS\system32\tzchange.exe
- 2008-03-01 13:01:53 105,984 ----a-w C:\WINDOWS\system32\url.dll
+ 2008-06-23 16:29:16 105,984 ----a-w C:\WINDOWS\system32\url.dll
- 2008-03-01 13:01:53 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
+ 2008-06-23 16:29:16 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
- 2008-03-01 13:01:53 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll
+ 2008-06-23 16:29:16 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll
- 2008-03-01 13:01:53 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
+ 2008-06-23 16:29:16 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
+ 2008-08-27 17:08:05 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_640.dat
.
-- Snapshot reset to current date --
.
(((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-09-15 11:00 15360]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 12:34 5724184]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-30 23:28 68856]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2007-02-09 17:00 25388584]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe" [2005-03-12 03:39 32881]
"UpdateManager"="C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-08-19 02:01 110592]
"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2004-05-26 20:15 98304]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2004-05-26 20:15 536576]
"HPHUPD05"="c:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe" [2003-05-22 21:03 49152]
"HPHmon05"="C:\WINDOWS\system32\hphmon05.exe" [2003-05-22 20:56 483328]
"Cpqset"="C:\Program Files\HPQ\Default Settings\cpqset.exe" [2004-04-30 11:32 208958]
"eabconfg.cpl"="C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe" [2004-07-30 09:33 286720]
"TkBellExe"="C:\Program Files\K-Lite Codec Pack\Real\Update_OB\realsched.exe" [2007-06-03 19:57 151597]
"MMTray"="C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe" [2006-01-17 13:03 135168]
"mmtask"="C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe" [2006-01-17 13:03 53248]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2003-10-30 11:46 155648]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2003-10-30 11:33 118784]
"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2004-03-25 02:04 122939]
"COMODO Firewall Pro"="C:\Program Files\COMODO\Firewall\cfp.exe" [2008-08-24 19:04 1655552]
"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 15:10 271360]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2004-06-08 13:31 29696 C:\WINDOWS\KHALMNPR.Exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-09-15 11:00 15360]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 10:17 1241088]

C:\Documents and Settings\All Users\K?ynnist?-valikko\Ohjelmat\K?ynnistys\
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2007-03-18 15:12:31 113664]
HP Digital Imaging Monitor.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe [2005-03-29 23:29:10 282624]
HP Image Zone -pikak?ynnistys.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqthb08.exe [2005-03-30 01:18:30 73728]
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\KEM.exe [2005-03-12 04:55:01 581632]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.X264"= x264vfw.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dllschannel.dlldigest.dllmsnsspc.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 17:35]
R1 cmdGuard;COMODO Firewall Pro Sandbox Driver;C:\WINDOWS\system32\DRIVERS\cmdguard.sys [2008-08-24 19:04]
R1 cmdHlp;COMODO Firewall Pro Helper Driver;C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [2008-08-24 19:04]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 17:37]
S3 StickCap;Digital TV DVB-T USB Stick adapter service;C:\WINDOWS\system32\Drivers\stickcap.sys []
S3 stickload;Digital TV stick firmware loader service;C:\WINDOWS\system32\DRIVERS\stickload.sys []
.
'Ajoitetut tehtävät'-kansion sisältö

2008-08-27 C:\WINDOWS\Tasks\Tarkistetaan Windows Live -työkalurivin päivitykset.job
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 12:20]
.
.
------- Supplementary Scan -------
.
R0 -: HKCU-Main,SearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
R1 -: HKCU-Internet Settings,ProxyOverride = *.fi;;localhost;<local>
O8 -: &Windows Live Search - C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 -: Avaa uuteen etuvälilehteen - C:\Program Files\Windows Live Toolbar\Components\fi-fi\msntabres.dll.mui/230?20c14230637e4cad9560876846ed7244
O8 -: Avaa uuteen taustavälilehteen - C:\Program Files\Windows Live Toolbar\Components\fi-fi\msntabres.dll.mui/229?20c14230637e4cad9560876846ed7244
O8 -: Vie Microsoft E&xceliin - C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O16 -: {3B36B017-7E49-426B-95B0-B5CECD83C2E2} - hxxp://fika-web.ifolor.net/OrderingGeneral/LowRes/app_support/ActiveX/IfolorUploader_fika.cab
C:\WINDOWS\Downloaded Program Files\IfolorUploader.inf
C:\WINDOWS\Downloaded Program Files\IfolorUploader.ocx
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-27 20:18:34
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cpqset = C:\Program Files\HPQ\Default Settings\cpqset.exe????????9?0?1?1??????? ???B???????????????B? ??????

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
--------------------- DLLs Loaded Under Running Processes -----------


----------

PROCESS: C:\WINDOWS\explorer.exe
-> C:\Program Files\Logitech\SetPoint\lgscroll.dll
.
Completion time: 2008-08-27 20:22:02
ComboFix-quarantined-files.txt 2008-08-27 17:21:44
ComboFix2.txt 2008-08-26 22:50:27

Pre-Run: 9,067,577,344 tavua vapaana
Post-Run: 9,086,169,088 tavua vapaana

430 --- E O F --- 2008-08-27 11:17:43
[ + lainaa]
teamsfv
Junior Member
_ 		27. elokuuta 2008 @ 20:48 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Nyt kone käynistyy jo kohtuu ajassa, työpöydän pikakuvakeet katoavat aina välillä hetkeksi.
[ + lainaa]
Hujo
Suspended permanently
_ 		27. elokuuta 2008 @ 22:00 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Avaa Muistio ja kopioi/liitä quoteboxin sisältö sinne:

Lainaus:
Folder::
C:\Program Files\Uninstall Ask Toolbar.dll
C:\Program Files\Norton 360
C:\Program Files\Java

Tallenna se nimellä CFScript.txt

Sitten raahaa CFScript ComboFix.exeen kuten alla.




Käynnistä tietokone uudelleen pyydettäessä ja lähetä combofix.txt-tiedoston sisältö tänne.

[ + lainaa]
Voiko tietsikka koskaan toimia?
teamsfv
Junior Member
_ 		27. elokuuta 2008 @ 23:32 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
ComboFix 08-08-26.01 - Outi Röksä 2008-08-27 22:14:07.3 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1035.18.168 [GMT 3:00]
Running from: C:\Documents and Settings\Outi Röksä\Työpöytä\ComboFix.exe
Command switches used :: C:\Documents and Settings\Outi Röksä\Työpöytä\CFScript.txt
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

(((((((((((((((((((((((((((((((((((((( Muut poistot ))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\Java
C:\Program Files\Java\j2re1.4.2_03\bin\awt.dll
C:\Program Files\Java\j2re1.4.2_03\bin\axbridge.dll
C:\Program Files\Java\j2re1.4.2_03\bin\client\jvm.dll
C:\Program Files\Java\j2re1.4.2_03\bin\client\Xusage.txt
C:\Program Files\Java\j2re1.4.2_03\bin\cmm.dll
C:\Program Files\Java\j2re1.4.2_03\bin\dcpr.dll
C:\Program Files\Java\j2re1.4.2_03\bin\dt_shmem.dll
C:\Program Files\Java\j2re1.4.2_03\bin\dt_socket.dll
C:\Program Files\Java\j2re1.4.2_03\bin\eula.dll
C:\Program Files\Java\j2re1.4.2_03\bin\fontmanager.dll
C:\Program Files\Java\j2re1.4.2_03\bin\hpi.dll
C:\Program Files\Java\j2re1.4.2_03\bin\hprof.dll
C:\Program Files\Java\j2re1.4.2_03\bin\ioser12.dll
C:\Program Files\Java\j2re1.4.2_03\bin\jaas_nt.dll
C:\Program Files\Java\j2re1.4.2_03\bin\java.dll
C:\Program Files\Java\j2re1.4.2_03\bin\java.exe
C:\Program Files\Java\j2re1.4.2_03\bin\javaw.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jawt.dll
C:\Program Files\Java\j2re1.4.2_03\bin\jcov.dll
C:\Program Files\Java\j2re1.4.2_03\bin\JdbcOdbc.dll
C:\Program Files\Java\j2re1.4.2_03\bin\jdwp.dll
C:\Program Files\Java\j2re1.4.2_03\bin\jpeg.dll
C:\Program Files\Java\j2re1.4.2_03\bin\jpicom32.dll
C:\Program Files\Java\j2re1.4.2_03\bin\jpicpl32.cpl
C:\Program Files\Java\j2re1.4.2_03\bin\jpicpl32.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jpiexp32.dll
C:\Program Files\Java\j2re1.4.2_03\bin\jpins4.dll
C:\Program Files\Java\j2re1.4.2_03\bin\jpins6.dll
C:\Program Files\Java\j2re1.4.2_03\bin\jpins7.dll
C:\Program Files\Java\j2re1.4.2_03\bin\jpinsp.dll
C:\Program Files\Java\j2re1.4.2_03\bin\jpishare.dll
C:\Program Files\Java\j2re1.4.2_03\bin\jsound.dll
C:\Program Files\Java\j2re1.4.2_03\bin\jucheck.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\Program Files\Java\j2re1.4.2_03\bin\keytool.exe
C:\Program Files\Java\j2re1.4.2_03\bin\kinit.exe
C:\Program Files\Java\j2re1.4.2_03\bin\klist.exe
C:\Program Files\Java\j2re1.4.2_03\bin\ktab.exe
C:\Program Files\Java\j2re1.4.2_03\bin\msvcrt.dll
C:\Program Files\Java\j2re1.4.2_03\bin\net.dll
C:\Program Files\Java\j2re1.4.2_03\bin\nio.dll
C:\Program Files\Java\j2re1.4.2_03\bin\NPJava11.dll
C:\Program Files\Java\j2re1.4.2_03\bin\NPJava12.dll
C:\Program Files\Java\j2re1.4.2_03\bin\NPJava13.dll
C:\Program Files\Java\j2re1.4.2_03\bin\NPJava14.dll
C:\Program Files\Java\j2re1.4.2_03\bin\NPJava32.dll
C:\Program Files\Java\j2re1.4.2_03\bin\NPJPI142_03.dll
C:\Program Files\Java\j2re1.4.2_03\bin\NPOJI610.dll
C:\Program Files\Java\j2re1.4.2_03\bin\orbd.exe
C:\Program Files\Java\j2re1.4.2_03\bin\policytool.exe
C:\Program Files\Java\j2re1.4.2_03\bin\RegUtils.dll
C:\Program Files\Java\j2re1.4.2_03\bin\rmi.dll
C:\Program Files\Java\j2re1.4.2_03\bin\rmid.exe
C:\Program Files\Java\j2re1.4.2_03\bin\rmiregistry.exe
C:\Program Files\Java\j2re1.4.2_03\bin\servertool.exe
C:\Program Files\Java\j2re1.4.2_03\bin\tnameserv.exe
C:\Program Files\Java\j2re1.4.2_03\bin\w2k_lsa_auth.dll
C:\Program Files\Java\j2re1.4.2_03\bin\verify.dll
C:\Program Files\Java\j2re1.4.2_03\bin\zip.dll
C:\Program Files\Java\j2re1.4.2_03\CHANGES
C:\Program Files\Java\j2re1.4.2_03\COPYRIGHT
C:\Program Files\Java\j2re1.4.2_03\javaws\cacerts
C:\Program Files\Java\j2re1.4.2_03\javaws\JavaCup.ico
C:\Program Files\Java\j2re1.4.2_03\javaws\javalogo52x88.gif
C:\Program Files\Java\j2re1.4.2_03\javaws\JavaWebStart.dll
C:\Program Files\Java\j2re1.4.2_03\javaws\javaws-l10n.jar
C:\Program Files\Java\j2re1.4.2_03\javaws\javaws-license.txt
C:\Program Files\Java\j2re1.4.2_03\javaws\javaws.exe
C:\Program Files\Java\j2re1.4.2_03\javaws\javaws.jar
C:\Program Files\Java\j2re1.4.2_03\javaws\javaws.policy
C:\Program Files\Java\j2re1.4.2_03\javaws\javawspl.dll
C:\Program Files\Java\j2re1.4.2_03\javaws\Readme_de.html
C:\Program Files\Java\j2re1.4.2_03\javaws\Readme_es.html
C:\Program Files\Java\j2re1.4.2_03\javaws\Readme_fr.html
C:\Program Files\Java\j2re1.4.2_03\javaws\Readme_it.html
C:\Program Files\Java\j2re1.4.2_03\javaws\Readme_ja.html
C:\Program Files\Java\j2re1.4.2_03\javaws\Readme_ko.html
C:\Program Files\Java\j2re1.4.2_03\javaws\Readme_sv.html
C:\Program Files\Java\j2re1.4.2_03\javaws\Readme_zh_CN.html
C:\Program Files\Java\j2re1.4.2_03\javaws\Readme_zh_TW.html
C:\Program Files\Java\j2re1.4.2_03\javaws\resources\copyright.jpg
C:\Program Files\Java\j2re1.4.2_03\javaws\resources\messages.properties
C:\Program Files\Java\j2re1.4.2_03\javaws\resources\messages_de.properties
C:\Program Files\Java\j2re1.4.2_03\javaws\resources\messages_es.properties
C:\Program Files\Java\j2re1.4.2_03\javaws\resources\messages_fr.properties
C:\Program Files\Java\j2re1.4.2_03\javaws\resources\messages_it.properties
C:\Program Files\Java\j2re1.4.2_03\javaws\resources\messages_ja.properties
C:\Program Files\Java\j2re1.4.2_03\javaws\resources\messages_ko.properties
C:\Program Files\Java\j2re1.4.2_03\javaws\resources\messages_sv.properties
C:\Program Files\Java\j2re1.4.2_03\javaws\resources\messages_zh_CN.properties
C:\Program Files\Java\j2re1.4.2_03\javaws\resources\messages_zh_TW.properties
C:\Program Files\Java\j2re1.4.2_03\javaws\resources\miniSplash.jpg
C:\Program Files\Java\j2re1.4.2_03\javaws\resources\splash.jpg
C:\Program Files\Java\j2re1.4.2_03\javaws\sunlogo64x30.gif
C:\Program Files\Java\j2re1.4.2_03\lib\audio\soundbank.gm
C:\Program Files\Java\j2re1.4.2_03\lib\charsets.jar
C:\Program Files\Java\j2re1.4.2_03\lib\cmm\CIEXYZ.pf
C:\Program Files\Java\j2re1.4.2_03\lib\cmm\GRAY.pf
C:\Program Files\Java\j2re1.4.2_03\lib\cmm\LINEAR_RGB.pf
C:\Program Files\Java\j2re1.4.2_03\lib\cmm\PYCC.pf
C:\Program Files\Java\j2re1.4.2_03\lib\cmm\sRGB.pf
C:\Program Files\Java\j2re1.4.2_03\lib\content-types.properties
C:\Program Files\Java\j2re1.4.2_03\lib\ext\dnsns.jar
C:\Program Files\Java\j2re1.4.2_03\lib\ext\ldapsec.jar
C:\Program Files\Java\j2re1.4.2_03\lib\ext\localedata.jar
C:\Program Files\Java\j2re1.4.2_03\lib\ext\sunjce_provider.jar
C:\Program Files\Java\j2re1.4.2_03\lib\flavormap.properties
C:\Program Files\Java\j2re1.4.2_03\lib\font.properties
C:\Program Files\Java\j2re1.4.2_03\lib\font.properties.CP1250
C:\Program Files\Java\j2re1.4.2_03\lib\font.properties.CP1251
C:\Program Files\Java\j2re1.4.2_03\lib\font.properties.CP1253
C:\Program Files\Java\j2re1.4.2_03\lib\font.properties.CP1254
C:\Program Files\Java\j2re1.4.2_03\lib\font.properties.CP1256
C:\Program Files\Java\j2re1.4.2_03\lib\font.properties.CP1257
C:\Program Files\Java\j2re1.4.2_03\lib\font.properties.hi
C:\Program Files\Java\j2re1.4.2_03\lib\font.properties.iw
C:\Program Files\Java\j2re1.4.2_03\lib\font.properties.ja
C:\Program Files\Java\j2re1.4.2_03\lib\font.properties.ko
C:\Program Files\Java\j2re1.4.2_03\lib\font.properties.MS950_HKSCS
C:\Program Files\Java\j2re1.4.2_03\lib\font.properties.ru
C:\Program Files\Java\j2re1.4.2_03\lib\font.properties.th
C:\Program Files\Java\j2re1.4.2_03\lib\font.properties.zh
C:\Program Files\Java\j2re1.4.2_03\lib\font.properties.zh.98
C:\Program Files\Java\j2re1.4.2_03\lib\font.properties.zh_CN_GB18030
C:\Program Files\Java\j2re1.4.2_03\lib\font.properties.zh_TW
C:\Program Files\Java\j2re1.4.2_03\lib\font.properties.zh_TW.95
C:\Program Files\Java\j2re1.4.2_03\lib\font.properties.zh_TW_MS950_HKSCS
C:\Program Files\Java\j2re1.4.2_03\lib\fonts\LucidaBrightDemiBold.ttf
C:\Program Files\Java\j2re1.4.2_03\lib\fonts\LucidaBrightDemiItalic.ttf
C:\Program Files\Java\j2re1.4.2_03\lib\fonts\LucidaBrightItalic.ttf
C:\Program Files\Java\j2re1.4.2_03\lib\fonts\LucidaBrightRegular.ttf
C:\Program Files\Java\j2re1.4.2_03\lib\fonts\LucidaSansDemiBold.ttf
C:\Program Files\Java\j2re1.4.2_03\lib\fonts\LucidaSansRegular.ttf
C:\Program Files\Java\j2re1.4.2_03\lib\fonts\LucidaTypewriterBold.ttf
C:\Program Files\Java\j2re1.4.2_03\lib\fonts\LucidaTypewriterRegular.ttf
C:\Program Files\Java\j2re1.4.2_03\lib\i386\jvm.cfg
C:\Program Files\Java\j2re1.4.2_03\lib\im\indicim.jar
C:\Program Files\Java\j2re1.4.2_03\lib\im\thaiim.jar
C:\Program Files\Java\j2re1.4.2_03\lib\images\cursors\cursors.properties
C:\Program Files\Java\j2re1.4.2_03\lib\images\cursors\invalid32x32.gif
C:\Program Files\Java\j2re1.4.2_03\lib\images\cursors\win32_CopyDrop32x32.gif
C:\Program Files\Java\j2re1.4.2_03\lib\images\cursors\win32_CopyNoDrop32x32.gif
C:\Program Files\Java\j2re1.4.2_03\lib\images\cursors\win32_LinkDrop32x32.gif
C:\Program Files\Java\j2re1.4.2_03\lib\images\cursors\win32_LinkNoDrop32x32.gif
C:\Program Files\Java\j2re1.4.2_03\lib\images\cursors\win32_MoveDrop32x32.gif
C:\Program Files\Java\j2re1.4.2_03\lib\images\cursors\win32_MoveNoDrop32x32.gif
C:\Program Files\Java\j2re1.4.2_03\lib\jce.jar
C:\Program Files\Java\j2re1.4.2_03\lib\jsse.jar
C:\Program Files\Java\j2re1.4.2_03\lib\jvm.hprof.txt
C:\Program Files\Java\j2re1.4.2_03\lib\jvm.jcov.txt
C:\Program Files\Java\j2re1.4.2_03\lib\logging.properties
C:\Program Files\Java\j2re1.4.2_03\lib\plugin.jar
C:\Program Files\Java\j2re1.4.2_03\lib\psfont.properties.ja
C:\Program Files\Java\j2re1.4.2_03\lib\psfontj2d.properties
C:\Program Files\Java\j2re1.4.2_03\lib\rt.jar
C:\Program Files\Java\j2re1.4.2_03\lib\security\cacerts
C:\Program Files\Java\j2re1.4.2_03\lib\security\java.policy
C:\Program Files\Java\j2re1.4.2_03\lib\security\java.security
C:\Program Files\Java\j2re1.4.2_03\lib\security\local_policy.jar
C:\Program Files\Java\j2re1.4.2_03\lib\security\US_export_policy.jar
C:\Program Files\Java\j2re1.4.2_03\lib\sunrsasign.jar
C:\Program Files\Java\j2re1.4.2_03\lib\tzmappings
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Africa\Abidjan
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Africa\Accra
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Africa\Addis_Ababa
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Africa\Algiers
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Africa\Asmera
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Africa\Bamako
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Africa\Bangui
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Africa\Banjul
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Africa\Bissau
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Africa\Blantyre
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Africa\Brazzaville
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Africa\Bujumbura
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Africa\Cairo
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Africa\Casablanca
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Africa\Ceuta
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Africa\Conakry
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Africa\Dakar
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Africa\Dar_es_Salaam
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Africa\Djibouti
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Africa\Douala
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Africa\El_Aaiun
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Africa\Freetown
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Africa\Gaborone
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Africa\Harare
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Africa\Johannesburg
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Africa\Kampala
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Africa\Khartoum
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Africa\Kigali
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Africa\Kinshasa
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Africa\Lagos
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Africa\Libreville
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Africa\Lome
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Africa\Luanda
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Africa\Lubumbashi
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Africa\Lusaka
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Africa\Malabo
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Africa\Maputo
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Africa\Maseru
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Africa\Mbabane
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Africa\Mogadishu
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Africa\Monrovia
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Africa\Nairobi
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Africa\Ndjamena
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Africa\Niamey
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Africa\Nouakchott
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Africa\Ouagadougou
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Africa\Porto-Novo
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Africa\Sao_Tome
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Africa\Timbuktu
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Africa\Tripoli
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Africa\Tunis
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Africa\Windhoek
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Adak
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Anchorage
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Anguilla
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Antigua
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Araguaina
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Aruba
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Asuncion
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Barbados
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Belem
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Belize
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Boa_Vista
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Bogota
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Boise
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Buenos_Aires
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Cambridge_Bay
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Cancun
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Caracas
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Catamarca
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Cayenne
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Cayman
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Chicago
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Chihuahua
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Cordoba
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Costa_Rica
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Cuiaba
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Curacao
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Danmarkshavn
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Dawson
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Dawson_Creek
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Denver
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Detroit
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Dominica
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Edmonton
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Eirunepe
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\El_Salvador
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Fortaleza
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Glace_Bay
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Godthab
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Goose_Bay
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Grand_Turk
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Grenada
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Guadeloupe
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Guatemala
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Guayaquil
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Guyana
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Halifax
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Havana
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Hermosillo
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Indiana\Knox
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Indiana\Marengo
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Indiana\Vevay
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Indianapolis
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Inuvik
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Iqaluit
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Jamaica
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Jujuy
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Juneau
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Kentucky\Monticello
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\La_Paz
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Lima
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Los_Angeles
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Louisville
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Maceio
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Managua
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Manaus
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Martinique
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Mazatlan
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Mendoza
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Menominee
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Merida
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Mexico_City
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Miquelon
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Monterrey
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Montevideo
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Montreal
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Montserrat
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Nassau
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\New_York
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Nipigon
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Nome
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Noronha
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\North_Dakota\Center
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Panama
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Pangnirtung
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Paramaribo
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Phoenix
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Port-au-Prince
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Port_of_Spain
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Porto_Velho
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Puerto_Rico
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Rainy_River
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Rankin_Inlet
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Recife
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Regina
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Rio_Branco
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Santiago
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Santo_Domingo
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Sao_Paulo
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Scoresbysund
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\St_Johns
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\St_Kitts
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\St_Lucia
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\St_Thomas
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\St_Vincent
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Swift_Current
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Tegucigalpa
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Thule
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Thunder_Bay
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Tijuana
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Tortola
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Vancouver
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Whitehorse
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Winnipeg
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Yakutat
C:\Program Files\Java\j2re1.4.2_03\lib\zi\America\Yellowknife
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Antarctica\Casey
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Antarctica\Davis
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Antarctica\DumontDUrville
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Antarctica\Mawson
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Antarctica\McMurdo
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Antarctica\Palmer
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Antarctica\Rothera
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Antarctica\Syowa
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Antarctica\Vostok
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Aden
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Almaty
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Amman
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Anadyr
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Aqtau
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Aqtobe
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Ashgabat
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Baghdad
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Bahrain
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Baku
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Bangkok
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Beirut
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Bishkek
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Brunei
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Calcutta
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Choibalsan
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Chongqing
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Colombo
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Damascus
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Dhaka
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Dili
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Dubai
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Dushanbe
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Gaza
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Harbin
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Hong_Kong
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Hovd
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Irkutsk
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Jakarta
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Jayapura
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Jerusalem
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Kabul
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Kamchatka
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Karachi
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Kashgar
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Katmandu
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Krasnoyarsk
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Kuala_Lumpur
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Kuching
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Kuwait
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Macau
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Magadan
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Makassar
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Manila
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Muscat
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Nicosia
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Novosibirsk
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Omsk
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Oral
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Phnom_Penh
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Pontianak
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Pyongyang
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Qatar
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Qyzylorda
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Rangoon
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Riyadh
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Riyadh87
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Riyadh88
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Riyadh89
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Saigon
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Sakhalin
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Samarkand
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Seoul
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Shanghai
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Singapore
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Taipei
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Tashkent
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Tbilisi
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Tehran
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Thimphu
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Tokyo
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Ulaanbaatar
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Urumqi
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Vientiane
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Vladivostok
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Yakutsk
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Yekaterinburg
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Asia\Yerevan
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Atlantic\Azores
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Atlantic\Bermuda
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Atlantic\Canary
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Atlantic\Cape_Verde
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Atlantic\Faeroe
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Atlantic\Madeira
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Atlantic\Reykjavik
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Atlantic\South_Georgia
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Atlantic\St_Helena
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Atlantic\Stanley
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Australia\Adelaide
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Australia\Brisbane
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Australia\Broken_Hill
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Australia\Darwin
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Australia\Hobart
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Australia\Lindeman
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Australia\Lord_Howe
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Australia\Melbourne
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Australia\Perth
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Australia\Sydney
C:\Program Files\Java\j2re1.4.2_03\lib\zi\CET
C:\Program Files\Java\j2re1.4.2_03\lib\zi\EET
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Etc\GMT-1
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Etc\GMT-10
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Etc\GMT-11
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Etc\GMT-12
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Etc\GMT-13
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Etc\GMT-14
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Etc\GMT-2
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Etc\GMT-3
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Etc\GMT-4
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Etc\GMT-5
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Etc\GMT-6
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Etc\GMT-7
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Etc\GMT-8
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Etc\GMT-9
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Etc\GMT
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Etc\UCT
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Etc\UTC
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Europe\Amsterdam
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Europe\Andorra
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Europe\Athens
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Europe\Belfast
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Europe\Belgrade
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Europe\Berlin
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Europe\Brussels
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Europe\Bucharest
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Europe\Budapest
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Europe\Chisinau
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Europe\Copenhagen
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Europe\Dublin
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Europe\Gibraltar
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Europe\Helsinki
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Europe\Istanbul
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Europe\Kaliningrad
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Europe\Kiev
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Europe\Lisbon
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Europe\London
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Europe\Luxembourg
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Europe\Madrid
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Europe\Malta
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Europe\Minsk
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Europe\Monaco
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Europe\Moscow
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Europe\Oslo
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Europe\Paris
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Europe\Prague
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Europe\Riga
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Europe\Rome
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Europe\Samara
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Europe\Simferopol
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Europe\Sofia
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Europe\Stockholm
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Europe\Tallinn
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Europe\Tirane
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Europe\Uzhgorod
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Europe\Vaduz
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Europe\Warsaw
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Europe\Vienna
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Europe\Vilnius
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Europe\Zaporozhye
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Europe\Zurich
C:\Program Files\Java\j2re1.4.2_03\lib\zi\GMT
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Indian\Antananarivo
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Indian\Chagos
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Indian\Christmas
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Indian\Cocos
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Indian\Comoro
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Indian\Kerguelen
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Indian\Mahe
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Indian\Maldives
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Indian\Mauritius
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Indian\Mayotte
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Indian\Reunion
C:\Program Files\Java\j2re1.4.2_03\lib\zi\MET
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Pacific\Apia
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Pacific\Auckland
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Pacific\Chatham
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Pacific\Easter
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Pacific\Efate
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Pacific\Enderbury
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Pacific\Fakaofo
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Pacific\Fiji
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Pacific\Funafuti
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Pacific\Galapagos
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Pacific\Gambier
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Pacific\Guadalcanal
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Pacific\Guam
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Pacific\Honolulu
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Pacific\Johnston
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Pacific\Kiritimati
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Pacific\Kosrae
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Pacific\Kwajalein
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Pacific\Majuro
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Pacific\Marquesas
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Pacific\Midway
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Pacific\Nauru
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Pacific\Niue
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Pacific\Norfolk
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Pacific\Noumea
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Pacific\Pago_Pago
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Pacific\Palau
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Pacific\Pitcairn
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Pacific\Ponape
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Pacific\Port_Moresby
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Pacific\Rarotonga
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Pacific\Saipan
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Pacific\Tahiti
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Pacific\Tarawa
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Pacific\Tongatapu
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Pacific\Truk
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Pacific\Wake
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Pacific\Wallis
C:\Program Files\Java\j2re1.4.2_03\lib\zi\Pacific\Yap
C:\Program Files\Java\j2re1.4.2_03\lib\zi\WET
C:\Program Files\Java\j2re1.4.2_03\lib\zi\ZoneInfoMappings
C:\Program Files\Java\j2re1.4.2_03\LICENSE
C:\Program Files\Java\j2re1.4.2_03\LICENSE.rtf
C:\Program Files\Java\j2re1.4.2_03\LICENSE_de.rtf
C:\Program Files\Java\j2re1.4.2_03\LICENSE_es.rtf
C:\Program Files\Java\j2re1.4.2_03\LICENSE_fr.rtf
C:\Program Files\Java\j2re1.4.2_03\LICENSE_it.rtf
C:\Program Files\Java\j2re1.4.2_03\LICENSE_ja.rtf
C:\Program Files\Java\j2re1.4.2_03\LICENSE_ko.rtf
C:\Program Files\Java\j2re1.4.2_03\LICENSE_sv.rtf
C:\Program Files\Java\j2re1.4.2_03\LICENSE_zh_CN.rtf
C:\Program Files\Java\j2re1.4.2_03\LICENSE_zh_TW.rtf
C:\Program Files\Java\j2re1.4.2_03\README.txt
C:\Program Files\Java\j2re1.4.2_03\THIRDPARTYLICENSEREADME.txt
C:\Program Files\Java\j2re1.4.2_03\Welcome.html
C:\Program Files\Norton 360
C:\Program Files\Norton 360\url.txt
C:\Program Files\Norton 360\urlhistory.txt
C:\Program Files\Uninstall Ask Toolbar.dll\

.
((((( Tiedostot, jotka on luotu seuraavalla aikav?lill?: 2008-07-27 to 2008-08-27 )))))))))))))))))
.

2008-08-27 13:58 . 2008-06-14 20:59 272,128 --------- C:\WINDOWS\system32\drivers\bthport.sys
2008-08-27 13:58 . 2008-06-14 20:59 272,128 --------- C:\WINDOWS\system32\dllcache\bthport.sys
2008-08-27 13:50 . 2008-05-01 17:32 331,776 --------- C:\WINDOWS\system32\dllcache\msadce.dll
2008-08-27 12:30 . 2008-08-27 12:30 <KANSIO> d-------- C:\WINDOWS\ERUNT
2008-08-27 11:57 . 2008-08-27 11:57 61,440 --a------ C:\WINDOWS\system32\drivers\jmfyfhb.sys
2008-08-27 01:51 . 2008-08-27 01:51 <KANSIO> d-------- C:\Documents and Settings\Outi Röksä
2008-08-27 01:51 . <KANSIO> C:\Documents and Settings\Outi R÷ksõ\Local Settings
2008-08-27 01:51 . <KANSIO> C:\Documents and Settings\Outi R÷ksõ\Local Settings
2008-08-27 01:51 . 2008-08-27 01:51 <KANSIO> d-------- C:\Documents and Settings\Järjestelmänvalvoja
2008-08-27 01:51 . <KANSIO> C:\Documents and Settings\Jõrjestelmõnvalvoja\Local Settings
2008-08-27 01:04 . 2008-08-17 15:01 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-08-27 01:03 . 2008-08-27 01:05 <KANSIO> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-08-27 01:03 . 2008-08-27 01:03 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-08-27 01:03 . 2008-08-17 15:01 38,472 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-08-26 23:06 . 2008-08-26 23:06 <KANSIO> d-------- C:\Program Files\Trend Micro
2008-08-26 22:06 . 2008-08-26 22:09 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\PC Suite
2008-08-26 22:04 . 2008-08-26 22:04 <KANSIO> d-------- C:\Program Files\Common Files\PCSuite
2008-08-26 22:04 . 2008-08-26 22:04 <KANSIO> d-------- C:\Program Files\Common Files\Nokia
2008-08-26 22:03 . 2008-08-26 22:03 <KANSIO> d-------- C:\Program Files\DIFX
2008-08-26 22:01 . 2008-08-26 22:01 <KANSIO> d-------- C:\Program Files\PC Connectivity Solution
2008-08-26 22:00 . 2007-02-22 11:15 137,216 --a------ C:\WINDOWS\system32\drivers\nmwcd.sys
2008-08-26 22:00 . 2007-02-22 11:15 90,624 --a------ C:\WINDOWS\system32\nmwcdcls.dll
2008-08-26 22:00 . 2007-02-22 11:15 65,536 --a------ C:\WINDOWS\system32\nmwcdcocls.dll
2008-08-26 22:00 . 2007-02-22 11:15 12,288 --a------ C:\WINDOWS\system32\drivers\nmwcdcm.sys
2008-08-26 22:00 . 2007-02-22 11:15 12,288 --a------ C:\WINDOWS\system32\drivers\nmwcdcj.sys
2008-08-26 22:00 . 2007-02-22 11:15 8,320 --a------ C:\WINDOWS\system32\drivers\nmwcdc.sys
2008-08-26 21:59 . 2008-08-26 22:04 <KANSIO> d-------- C:\Program Files\Nokia
2008-08-26 21:55 . 2008-08-26 21:55 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\Installations
2008-08-26 20:45 . 2008-08-26 21:14 <KANSIO> d---s---- C:\Documents and Settings\J?rjestelm?nvalvoja
2008-08-24 19:06 . 2008-08-24 19:06 249,592 --a------ C:\WINDOWS\system32\cssdll32.dll
2008-08-24 19:05 . 2008-08-26 21:03 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\comodo
2008-08-24 19:05 . 2008-08-24 19:04 143,104 --a------ C:\WINDOWS\system32\guard32.dll
2008-08-24 19:05 . 2008-08-24 19:04 87,056 --a------ C:\WINDOWS\system32\drivers\cmdguard.sys
2008-08-24 19:05 . 2008-08-24 19:04 24,208 --a------ C:\WINDOWS\system32\drivers\cmdhlp.sys
2008-08-24 19:04 . 2008-08-27 14:41 <KANSIO> d-------- C:\Program Files\COMODO
2008-08-24 18:45 . 2008-08-24 18:45 <KANSIO> d-------- C:\Program Files\Alwil Software
2008-08-19 23:01 . 2008-08-19 23:01 <KANSIO> d-------- C:\Documents and Settings\Vieras\Application Data\Sony Corporation
2008-08-08 20:10 . 2008-08-08 20:10 <KANSIO> d-------- C:\Program Files\CCleaner
2008-08-08 20:08 . 2008-08-08 20:08 <KANSIO> d-------- C:\Program Files\inKline Global
2008-08-08 19:59 . 2008-08-08 19:59 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft

.
(((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-27 14:32 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-08-27 14:32 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2008-08-24 15:44 --------- d-----w C:\Program Files\WinAce
2008-08-08 17:22 --------- d-----w C:\Program Files\Hardwood Solitaire III
2008-08-08 17:08 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-07-18 19:10 94,920 ----a-w C:\WINDOWS\system32\dllcache\cdm.dll
2008-07-18 19:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
2008-07-18 19:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-07-18 19:10 53,448 ----a-w C:\WINDOWS\system32\dllcache\wuauclt.exe
2008-07-18 19:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
2008-07-18 19:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
2008-07-18 19:10 36,552 ----a-w C:\WINDOWS\system32\dllcache\wups.dll
2008-07-18 19:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
2008-07-18 19:09 563,912 ----a-w C:\WINDOWS\system32\dllcache\wuapi.dll
2008-07-18 19:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-07-18 19:09 325,832 ----a-w C:\WINDOWS\system32\dllcache\wucltui.dll
2008-07-18 19:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
2008-07-18 19:09 205,000 ----a-w C:\WINDOWS\system32\dllcache\wuweb.dll
2008-07-18 19:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
2008-07-18 19:09 1,811,656 ----a-w C:\WINDOWS\system32\dllcache\wuaueng.dll
2008-07-18 19:07 270,880 ----a-w C:\WINDOWS\system32\mucltui.dll
2008-07-18 19:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll
2008-07-18 18:39 586,752 ----a-w C:\WINDOWS\WLXPGSS.SCR
2008-07-07 20:31 253,952 ----a-w C:\WINDOWS\system32\es.dll
2008-07-07 20:31 253,952 ------w C:\WINDOWS\system32\dllcache\es.dll
2008-06-24 16:23 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
2008-06-24 16:23 74,240 ------w C:\WINDOWS\system32\dllcache\mscms.dll
2008-06-24 07:29 3,592,192 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
2008-06-23 09:21 70,656 ------w C:\WINDOWS\system32\dllcache\ie4uinit.exe
2008-06-23 09:21 625,664 ------w C:\WINDOWS\system32\dllcache\iexplore.exe
2008-06-23 09:20 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-06-21 05:23 161,792 ------w C:\WINDOWS\system32\dllcache\ieakui.dll
2008-06-20 17:41 246,784 ----a-w C:\WINDOWS\system32\mswsock.dll
2008-06-20 17:41 246,784 ------w C:\WINDOWS\system32\dllcache\mswsock.dll
2008-06-20 17:41 148,992 ----a-w C:\WINDOWS\system32\dllcache\dnsapi.dll
2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\dllcache\tcpip.sys
2008-06-20 10:44 138,368 ------w C:\WINDOWS\system32\dllcache\afd.sys
2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\dllcache\tcpip6.sys
2008-05-30 04:05 370,176 ------w C:\WINDOWS\system32\byXRlMeE.dll
2008-05-29 19:09 106,496 ----a-w C:\f-sdbot.exe
.

((((((((((((((((((((((((((((( snapshot_2008-08-27_20.21.05.49 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-08-27 19:21:14 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_614.dat
.
(((((((((((((((((((((((((((((( Rekisterin k?ynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Huom* Tyhji? arvoja ja laillisia oletusarvoja ei n?ytet?
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-09-15 11:00 15360]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 12:34 5724184]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-30 23:28 68856]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2007-02-09 17:00 25388584]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UpdateManager"="C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-08-19 02:01 110592]
"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2004-05-26 20:15 98304]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2004-05-26 20:15 536576]
"HPHUPD05"="c:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe" [2003-05-22 21:03 49152]
"HPHmon05"="C:\WINDOWS\system32\hphmon05.exe" [2003-05-22 20:56 483328]
"Cpqset"="C:\Program Files\HPQ\Default Settings\cpqset.exe" [2004-04-30 11:32 208958]
"eabconfg.cpl"="C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe" [2004-07-30 09:33 286720]
"TkBellExe"="C:\Program Files\K-Lite Codec Pack\Real\Update_OB\realsched.exe" [2007-06-03 19:57 151597]
"MMTray"="C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe" [2006-01-17 13:03 135168]
"mmtask"="C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe" [2006-01-17 13:03 53248]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2003-10-30 11:46 155648]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2003-10-30 11:33 118784]
"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2004-03-25 02:04 122939]
"COMODO Firewall Pro"="C:\Program Files\COMODO\Firewall\cfp.exe" [2008-08-24 19:04 1655552]
"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 15:10 271360]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2004-06-08 13:31 29696 C:\WINDOWS\KHALMNPR.Exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-09-15 11:00 15360]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 10:17 1241088]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.X264"= x264vfw.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dllschannel.dlldigest.dllmsnsspc.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 17:35]
R1 cmdGuard;COMODO Firewall Pro Sandbox Driver;C:\WINDOWS\system32\DRIVERS\cmdguard.sys [2008-08-24 19:04]
R1 cmdHlp;COMODO Firewall Pro Helper Driver;C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [2008-08-24 19:04]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 17:37]
S3 StickCap;Digital TV DVB-T USB Stick adapter service;C:\WINDOWS\system32\Drivers\stickcap.sys []
S3 stickload;Digital TV stick firmware loader service;C:\WINDOWS\system32\DRIVERS\stickload.sys []
.
'Ajoitetut teht?v?t'-kansion sis?lt?
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-SunJavaUpdateSched - C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe



**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-27 22:23:15
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cpqset = C:\Program Files\HPQ\Default Settings\cpqset.exe????????9?0?1?1??`???? ???B???????????????B? ??????

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\WINDOWS\explorer.exe
-> C:\Program Files\Logitech\SetPoint\lgscroll.dll
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\COMODO\Firewall\cmdagent.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\SetPoint\KEM.exe
C:\Program Files\Logitech\SetPoint\KHALMNPR.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\system32\imapi.exe
.
**************************************************************************
.
Completion time: 2008-08-27 22:37:25 - machine was rebooted
ComboFix-quarantined-files.txt 2008-08-27 19:36:51
ComboFix2.txt 2008-08-27 17:22:02
ComboFix3.txt 2008-08-26 22:50:27

Pre-Run: 9,016,242,176 tavua vapaana
Post-Run: 9,043,886,080 tavua vapaana

772 --- E O F --- 2008-08-27 11:17:43
[ + lainaa]
Hujo
Suspended permanently
_ 		27. elokuuta 2008 @ 23:46 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Avaa Muistio ja kopioi/liitä quoteboxin sisältö sinne:

Lainaus:
Folder::
C:\Program Files\Common Files\Symantec Shared
C:\Documents and Settings\All Users\Application Data\Symantec
C:\f-sdbot.exe

Tallenna se nimellä CFScript.txt

Sitten raahaa CFScript ComboFix.exeen kuten alla.




Käynnistä tietokone uudelleen pyydettäessä ja lähetä combofix.txt-tiedoston sisältö tänne.

[ + lainaa]
Voiko tietsikka koskaan toimia?
teamsfv
Junior Member
_ 		28. elokuuta 2008 @ 00:21 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Ja lisää pukkaa :)

ComboFix 08-08-26.01 - Outi Röksä 2008-08-27 23:58:04.4 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1035.18.121 [GMT 3:00]
Running from: C:\Documents and Settings\Outi Röksä\Työpöytä\ComboFix.exe
Command switches used :: C:\Documents and Settings\Outi Röksä\Työpöytä\CFScript.txt
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

(((((((((((((((((((((((((((((((((((((( Muut poistot ))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\All Users\Application Data\Symantec
C:\f-sdbot.exe\
C:\Program Files\Common Files\Symantec Shared
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcrst.dll
C:\Program Files\Common Files\Symantec Shared\Security Center\SymSCUI.ex^

.
((((( Tiedostot, jotka on luotu seuraavalla aikav?lill?: 2008-07-27 to 2008-08-27 )))))))))))))))))
.

2008-08-27 13:58 . 2008-06-14 20:59 272,128 --------- C:\WINDOWS\system32\drivers\bthport.sys
2008-08-27 13:58 . 2008-06-14 20:59 272,128 --------- C:\WINDOWS\system32\dllcache\bthport.sys
2008-08-27 13:50 . 2008-05-01 17:32 331,776 --------- C:\WINDOWS\system32\dllcache\msadce.dll
2008-08-27 12:30 . 2008-08-27 12:30 <KANSIO> d-------- C:\WINDOWS\ERUNT
2008-08-27 11:57 . 2008-08-27 11:57 61,440 --a------ C:\WINDOWS\system32\drivers\jmfyfhb.sys
2008-08-27 01:51 . 2008-08-27 01:51 <KANSIO> d-------- C:\Documents and Settings\Outi Röksä
2008-08-27 01:51 . <KANSIO> C:\Documents and Settings\Outi R÷ksõ\Local Settings
2008-08-27 01:51 . <KANSIO> C:\Documents and Settings\Outi R÷ksõ\Local Settings
2008-08-27 01:51 . 2008-08-27 01:51 <KANSIO> d-------- C:\Documents and Settings\Järjestelmänvalvoja
2008-08-27 01:51 . <KANSIO> C:\Documents and Settings\Jõrjestelmõnvalvoja\Local Settings
2008-08-27 01:04 . 2008-08-17 15:01 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-08-27 01:03 . 2008-08-27 01:05 <KANSIO> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-08-27 01:03 . 2008-08-27 01:03 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-08-27 01:03 . 2008-08-17 15:01 38,472 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-08-26 23:06 . 2008-08-26 23:06 <KANSIO> d-------- C:\Program Files\Trend Micro
2008-08-26 22:06 . 2008-08-26 22:09 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\PC Suite
2008-08-26 22:04 . 2008-08-26 22:04 <KANSIO> d-------- C:\Program Files\Common Files\PCSuite
2008-08-26 22:04 . 2008-08-26 22:04 <KANSIO> d-------- C:\Program Files\Common Files\Nokia
2008-08-26 22:03 . 2008-08-26 22:03 <KANSIO> d-------- C:\Program Files\DIFX
2008-08-26 22:01 . 2008-08-26 22:01 <KANSIO> d-------- C:\Program Files\PC Connectivity Solution
2008-08-26 22:00 . 2007-02-22 11:15 137,216 --a------ C:\WINDOWS\system32\drivers\nmwcd.sys
2008-08-26 22:00 . 2007-02-22 11:15 90,624 --a------ C:\WINDOWS\system32\nmwcdcls.dll
2008-08-26 22:00 . 2007-02-22 11:15 65,536 --a------ C:\WINDOWS\system32\nmwcdcocls.dll
2008-08-26 22:00 . 2007-02-22 11:15 12,288 --a------ C:\WINDOWS\system32\drivers\nmwcdcm.sys
2008-08-26 22:00 . 2007-02-22 11:15 12,288 --a------ C:\WINDOWS\system32\drivers\nmwcdcj.sys
2008-08-26 22:00 . 2007-02-22 11:15 8,320 --a------ C:\WINDOWS\system32\drivers\nmwcdc.sys
2008-08-26 21:59 . 2008-08-26 22:04 <KANSIO> d-------- C:\Program Files\Nokia
2008-08-26 21:55 . 2008-08-26 21:55 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\Installations
2008-08-26 20:45 . 2008-08-26 21:14 <KANSIO> d---s---- C:\Documents and Settings\J?rjestelm?nvalvoja
2008-08-24 19:06 . 2008-08-24 19:06 249,592 --a------ C:\WINDOWS\system32\cssdll32.dll
2008-08-24 19:05 . 2008-08-26 21:03 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\comodo
2008-08-24 19:05 . 2008-08-24 19:04 143,104 --a------ C:\WINDOWS\system32\guard32.dll
2008-08-24 19:05 . 2008-08-24 19:04 87,056 --a------ C:\WINDOWS\system32\drivers\cmdguard.sys
2008-08-24 19:05 . 2008-08-24 19:04 24,208 --a------ C:\WINDOWS\system32\drivers\cmdhlp.sys
2008-08-24 19:04 . 2008-08-27 14:41 <KANSIO> d-------- C:\Program Files\COMODO
2008-08-24 18:45 . 2008-08-24 18:45 <KANSIO> d-------- C:\Program Files\Alwil Software
2008-08-19 23:01 . 2008-08-19 23:01 <KANSIO> d-------- C:\Documents and Settings\Vieras\Application Data\Sony Corporation
2008-08-08 20:10 . 2008-08-08 20:10 <KANSIO> d-------- C:\Program Files\CCleaner
2008-08-08 20:08 . 2008-08-08 20:08 <KANSIO> d-------- C:\Program Files\inKline Global
2008-08-08 19:59 . 2008-08-08 19:59 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft

.
(((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-24 15:44 --------- d-----w C:\Program Files\WinAce
2008-08-08 17:22 --------- d-----w C:\Program Files\Hardwood Solitaire III
2008-08-08 17:08 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-07-18 18:39 586,752 ----a-w C:\WINDOWS\WLXPGSS.SCR
2008-05-29 19:09 106,496 ----a-w C:\f-sdbot.exe
.

((((((((((((((((((((((((((((( snapshot_2008-08-27_20.21.05.49 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-08-27 21:03:21 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_650.dat
.
(((((((((((((((((((((((((((((( Rekisterin k?ynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Huom* Tyhji? arvoja ja laillisia oletusarvoja ei n?ytet?
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-09-15 11:00 15360]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 12:34 5724184]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-30 23:28 68856]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2007-02-09 17:00 25388584]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UpdateManager"="C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-08-19 02:01 110592]
"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2004-05-26 20:15 98304]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2004-05-26 20:15 536576]
"HPHUPD05"="c:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe" [2003-05-22 21:03 49152]
"HPHmon05"="C:\WINDOWS\system32\hphmon05.exe" [2003-05-22 20:56 483328]
"Cpqset"="C:\Program Files\HPQ\Default Settings\cpqset.exe" [2004-04-30 11:32 208958]
"eabconfg.cpl"="C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe" [2004-07-30 09:33 286720]
"TkBellExe"="C:\Program Files\K-Lite Codec Pack\Real\Update_OB\realsched.exe" [2007-06-03 19:57 151597]
"MMTray"="C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe" [2006-01-17 13:03 135168]
"mmtask"="C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe" [2006-01-17 13:03 53248]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2003-10-30 11:46 155648]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2003-10-30 11:33 118784]
"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2004-03-25 02:04 122939]
"COMODO Firewall Pro"="C:\Program Files\COMODO\Firewall\cfp.exe" [2008-08-24 19:04 1655552]
"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 15:10 271360]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2004-06-08 13:31 29696 C:\WINDOWS\KHALMNPR.Exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-09-15 11:00 15360]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 10:17 1241088]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.X264"= x264vfw.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dllschannel.dlldigest.dllmsnsspc.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 17:35]
R1 cmdGuard;COMODO Firewall Pro Sandbox Driver;C:\WINDOWS\system32\DRIVERS\cmdguard.sys [2008-08-24 19:04]
R1 cmdHlp;COMODO Firewall Pro Helper Driver;C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [2008-08-24 19:04]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 17:37]
S3 StickCap;Digital TV DVB-T USB Stick adapter service;C:\WINDOWS\system32\Drivers\stickcap.sys []
S3 stickload;Digital TV stick firmware loader service;C:\WINDOWS\system32\DRIVERS\stickload.sys []
.
'Ajoitetut teht?v?t'-kansion sis?lt?
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-28 00:06:51
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cpqset = C:\Program Files\HPQ\Default Settings\cpqset.exe????????9?0?1?1??????? ???B???????????????B? ??????

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\WINDOWS\explorer.exe
-> C:\Program Files\Logitech\SetPoint\lgscroll.dll
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\COMODO\Firewall\cmdagent.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\SetPoint\KEM.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Logitech\SetPoint\KHALMNPR.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\WINDOWS\system32\WudfHost.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqimzone.exe
.
**************************************************************************
.
Completion time: 2008-08-28 0:17:39 - machine was rebooted
ComboFix-quarantined-files.txt 2008-08-27 21:17:08
ComboFix2.txt 2008-08-27 19:37:26
ComboFix3.txt 2008-08-27 17:22:02
ComboFix4.txt 2008-08-26 22:50:27

Pre-Run: 9,023,365,120 tavua vapaana
Post-Run: 9,043,505,152 tavua vapaana

170 --- E O F --- 2008-08-27 11:17:43
[ + lainaa]
Mainos
_ 		__
 
_
Hujo
Suspended permanently
_ 		28. elokuuta 2008 @ 00:39 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
no niin mites kone yskii

==============

Lataa OTMoveIt
OTMoveIt ja tallenna se työpöydällesi.

Tuplaklikkaa OTMoveIt.exe.
Klikkaa CleanUp!.
Valitse Yes kun kysytään "Begin cleanup Process?".
Jos pyydetään, että saako koneen käynnistää uudeelleen, valitse Yes.OTMoveIt poistaa itsensä kun se on valmis, jos näin ei käy poista se itse.

HUOM: Jos palomuurisi tai joku muu tietoturvaohjelma varoittaa, että OTMoveIt yrittää päästä nettin, niin anna sen päästä sinne.

[ + lainaa]
Voiko tietsikka koskaan toimia?

Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 28. elokuuta 2008 @ 00:42
 
Sivu:12>
afterdawn.com > keskustelu > yleistä keskustelua tietokoneista > virukset ja haittaohjelmat - hijackthis -logit > mese viruksen jälkeen tökkivä kone
 

Apua ongelmiin: AfterDawnin keskustelualueet | AfterDawnin Vastaukset
Uutiset: IT-alan uutiset | Uutisia puhelimista
Musiikkia: MP3Lizard.com
Tuotearviot: Laitevertailu | Vertaa puhelimia | Vertaa kännykkäliittymiä
Pelit: Pelitiedostot, pelidemot ja trailerit
Ohjelmat: download.fi | AfterDawnin ohjelma-alueet
International: AfterDawn in English | Software downloads | Free, legal MP3s | AfterDawn på svenska
RSS -syötteet: AfterDawnin uutiset | Uusimmat ohjelmapäivitykset | Keskustelualueiden viestit
Tietoja: Tietoa AfterDawn Oy:stä | Mainosta sivuillamme | Sivuston käyttöehdot ja tietoja yksityisyydensuojasta
Ota yhteyttä: Lähetä palautetta | Ota yhteyttä mainosmyyntiimme
 
  © 1999-2025 AfterDawn Oy