User Käyttäjä Salasana  
   
maanantai 7.7.2008 / 06:03
Haku:        In English   Suomeksi   På svenska
afterdawn.com > keskustelu > yleistä keskustelua tietokoneista > virukset ja haittaohjelmat - hijackthis -logit > kone sekoilee.... hjt logi
Näytä aiheet
 
Keskustelualueet
Keskustelualueet
Kone sekoilee.... Hjt logi
  Siirry:
 
Kirjoittaja Viesti
moomi79
Newbie
_
6. toukokuuta 2008 @ 13:22 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Logfile of HijackThis v1.99.1
Scan saved at 13:21:25, on 6.5.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\cisvc.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
c:\APPS\Powercinema\Kernel\CLML_NTService\CLMLServer.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\Apps\Softex\OmniPass\Omniserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\APPS\Powercinema\PCMService.exe
C:\apps\ABoard\ABoard.exe
C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\apps\ABoard\AOSD.exe
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\SYSTEM32\cidaemon.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.suomi24.fi/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [PCMService] "c:\APPS\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Avaa uuteen etuvälilehteen - res://C:\Program Files\Windows Live Toolbar\Components\fi-fi\msntabres.dll.mui/230?e2321f8bdd044289923d4bdb90419a63
O8 - Extra context menu item: Avaa uuteen taustavälilehteen - res://C:\Program Files\Windows Live Toolbar\Components\fi-fi\msntabres.dll.mui/229?e2321f8bdd044289923d4bdb90419a63
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Lisää tämä blogiin - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Lisää tämä blogiin tuotteessa Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\pc tools\lsp\pctlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\pc tools\lsp\pctlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\pc tools\lsp\pctlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\pc tools\lsp\pctlsp.dll
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://elisa.net/
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/2007...ex/qtplugin.cab
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/FacebookPhotoUploader5.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Mes...nt.cab31267.cab
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/Share...bin/AvSniff.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by111fd.bay111.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} - http://upload.facebook.com/controls/FacebookPhotoUploader3.cab
O16 - DPF: {5CE72DD0-4695-4D18-A4D3-3367ACD37578} (F-Secure Health Check 1.0) - http://support.f-secure.com/enu/home/onl.../fshc/fscax.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Share...n/bin/cabsa.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} - http://www.extrafilm.fi/ImageUploader4.cab
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX28.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Mes...nt.cab31267.cab
O16 - DPF: {A4069847-C342-48E2-9257-01A24E5C78EA} (F-Secure Online Scanner 3.2) - http://support.f-secure.com/ols3beta/fscax.cab
O16 - DPF: {A73BAEFA-EE65-494D-BEDB-DD3E5A34FA98} (Image Uploader) - http://www.extrafilm.fi/ImageUploader4.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://fi.photobox.com/clients/uploader_v2.2.0.6.cab
O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} (Facebook Photo Uploader 4) - http://upload.facebook.com/controls/FacebookPhotoUploader4_5.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-lo...288/mcfscan.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O20 - Winlogon Notify: OPXPGina - C:\WINDOWS\
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: CyberLink Media Library Service - Cyberlink - c:\APPS\Powercinema\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: Softex OmniPass Service (omniserv) - Softex Inc. - C:\Apps\Softex\OmniPass\Omniserv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
moomi79
Newbie
_
6. toukokuuta 2008 @ 21:05 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
kröhöm... Voisko joku vilkasta tota kyseesolevaa logia kun kerkiää.
Kiits valmiiks sille urhealle joka jaksaa :)
AfterDawn Addict
_
8. toukokuuta 2008 @ 23:53 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
1.Lataa combofix.exe työpöydällesi yhdestä linkistä:
combofix1
combofix2

2. Tuplaklikkaa combofix.exe tiedostoa ja seuraa ohjeistuksia.
3. Kun työkalu on valmis, se tuottaa lokin. Lähetä tämä loki viesti ketjuusi.
Huom! Älä klikkaile combofixin ikkunaa käytön aikana. Tämä saattaa aiheuttaa ohjelman jumiutumisen.

===========

Lataa SDFix by AndyManchesta ja tallenna se työpöydällesi.

Käynnistä koneesi vikasietotilaan:

sammuta ja käynnistä
käynnistyksen yhteydessä hakkaa F8 nappia
valitse nuolinäppäimellä vikasietotila
paina enter ja enter
valitse käyttäjätilisi
paina kyllä

Jossakin koneissa hakataan F8:sin sijasta F5:tä

" Kun vikasietotilassa, pura tiedoston SDFix.zip sisältö (SDFix kansio) työpöydällesi. Työpöydälle pitäisi ilmestyä kansio nimeltä SDFix.
" Avaa SDFix-kansio ja tuplaklikkaa tiedostoa RunThis.bat käynnistääksesi ohjelman.
" Paina Y käynnistääksesi skriptin.
" Työkalu puhdistaa troijalaisen palvelut ja tekee myös joitakin korjauksia rekisteriin. Lopuksi se pyytää käynnistämään koneen uudelleen, "Press any key to Reboot".
" Paina mitä tahansa näppäintä ja kone käynnistyy uudelleen.
" Käynnistyminen kestää normaalia kauemmin sillä SDFix puhdistaa konetta.
" Kun kone on käynnistynyt ja työpöytä latautunut, SDFix kertoo että puhdistus on suoritettu, "Finished".
" Paina sitten mitä tahansa näppäintä sulkeaksesi skriptin ja ladataksesi pikakuvakkeet työpöydälle.
" Lopuksi avaa SDFix kansio (työpöydällä) ja kopioi & liitä tiedoston Report.txt sisältö viestiketjuusi uuden HijackThis:n lokin kera.


Eihä kone voi edes toimia?
moomi79
Newbie
_
9. toukokuuta 2008 @ 12:03 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
ComboFix 08-05-08.1 - JUHA 2008-05-09 11:47:34.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1035.18.187 [GMT 3:00]
Running from: D:\Documents and Settings\JUHA.Viljo2\Työpöytä\ComboFix.exe
* Created a new restore point
.

((((( Tiedostot, jotka on luotu seuraavalla aikavälillä: 2008-04-09 to 2008-05-09 )))))))))))))))))
.

2008-05-07 16:01 . 2008-05-07 16:01 <KANSIO> d-------- C:\WINDOWS\system32\fi
2008-05-07 16:01 . 2008-05-07 16:01 <KANSIO> d-------- C:\WINDOWS\system32\bits
2008-05-07 16:01 . 2008-05-07 16:01 <KANSIO> d-------- C:\WINDOWS\l2schemas
2008-05-07 15:58 . 2008-05-07 16:01 <KANSIO> d-------- C:\WINDOWS\ServicePackFiles
2008-05-07 15:45 . 2008-05-07 15:45 <KANSIO> d-------- C:\WINDOWS\EHome
2008-05-07 15:34 . 2004-08-03 22:41 1,041,536 --------- C:\WINDOWS\system32\drivers\hsfdpsp2.sys
2008-05-07 15:34 . 2004-08-03 22:41 685,056 --------- C:\WINDOWS\system32\drivers\hsfcxts2.sys
2008-05-07 15:34 . 2004-08-03 22:41 220,032 --------- C:\WINDOWS\system32\drivers\hsfbs2s2.sys
2008-05-07 15:34 . 2004-07-17 22:55 129,045 --------- C:\WINDOWS\system32\drivers\cxthsfs2.cty
2008-05-06 13:20 . 2008-05-06 13:20 218,112 --a------ C:\Program Files\HijackThis.exe
2008-05-06 11:11 . 2008-05-06 11:11 <KANSIO> d-------- C:\WINDOWS\McAfee.com
2008-05-06 11:04 . 2008-05-06 11:04 <KANSIO> d-------- C:\Program Files\Panda Security
2008-05-05 15:56 . 2008-05-05 15:56 <KANSIO> d-------- C:\Program Files\Microsoft SQL Server Compact Edition
2008-04-18 17:49 . 2007-05-16 16:45 1,124,720 --a------ C:\WINDOWS\system32\D3DCompiler_34.dll
2008-04-18 17:49 . 2007-05-16 16:45 443,752 --a------ C:\WINDOWS\system32\d3dx10_34.dll
2008-04-18 17:49 . 2007-06-20 20:46 266,088 --a------ C:\WINDOWS\system32\xactengine2_8.dll
2008-04-18 17:49 . 2007-06-20 20:45 18,280 --a------ C:\WINDOWS\system32\x3daudio1_2.dll
2008-04-18 17:48 . 2007-05-16 16:45 3,497,832 --a------ C:\WINDOWS\system32\d3dx9_34.dll
2008-04-18 17:46 . 2008-04-18 17:46 <KANSIO> d-------- D:\Documents and Settings\JUHA.Viljo2\Application Data\InstallShield
2008-04-14 19:11 . 2008-04-14 19:11 4,274,816 --------- C:\WINDOWS\system32\nv4_disp.dll
2008-04-14 19:10 . 2008-04-14 19:10 6,144 --------- C:\WINDOWS\system32\kbdpash.dll
2008-04-14 19:10 . 2008-04-14 19:10 6,144 --------- C:\WINDOWS\system32\kbdnepr.dll
2008-04-14 19:10 . 2008-04-14 19:10 6,144 --------- C:\WINDOWS\system32\kbdiultn.dll
2008-04-14 19:10 . 2008-04-14 19:10 6,144 --------- C:\WINDOWS\system32\kbdbhc.dll
2008-04-14 18:52 . 2008-04-14 18:52 2,524 --------- C:\WINDOWS\system32\pid.inf
2008-04-14 18:46 . 2008-04-14 18:46 79,872 --------- C:\WINDOWS\system32\msxml6r.dll
2008-04-14 18:46 . 2008-04-14 18:46 79,872 --------- C:\WINDOWS\system32\dllcache\msxml6r.dll
2008-04-14 18:45 . 2008-04-14 18:45 80,384 --------- C:\WINDOWS\system32\msshavmsg.dll
2008-04-14 18:42 . 2008-04-14 18:42 25,600 --------- C:\WINDOWS\system32\drivers\hidbth.sys
2008-04-14 18:40 . 2008-04-14 18:40 272,896 --------- C:\WINDOWS\system32\drivers\bthport.sys
2008-04-13 21:56 . 2008-04-13 21:56 30,592 --------- C:\WINDOWS\system32\drivers\rndismpx.sys
2008-04-13 21:56 . 2008-04-13 21:56 12,800 --------- C:\WINDOWS\system32\drivers\usb8023x.sys
2008-04-13 21:51 . 2008-04-13 21:51 101,120 --------- C:\WINDOWS\system32\drivers\bthpan.sys
2008-04-13 21:46 . 2008-04-13 21:46 121,984 --------- C:\WINDOWS\system32\drivers\usbvideo.sys
2008-04-13 21:46 . 2008-04-13 21:46 59,136 --------- C:\WINDOWS\system32\drivers\rfcomm.sys
2008-04-13 21:46 . 2008-04-13 21:46 37,888 --------- C:\WINDOWS\system32\drivers\bthmodem.sys
2008-04-13 21:46 . 2008-04-13 21:46 36,480 --------- C:\WINDOWS\system32\drivers\bthprint.sys
2008-04-13 21:46 . 2008-04-13 21:46 18,944 --------- C:\WINDOWS\system32\drivers\bthusb.sys
2008-04-13 21:46 . 2008-04-13 21:46 17,024 --------- C:\WINDOWS\system32\drivers\bthenum.sys
2008-04-13 21:45 . 2008-04-13 21:45 19,200 --------- C:\WINDOWS\system32\drivers\hidir.sys
2008-04-13 21:43 . 2008-04-13 21:43 14,208 --------- C:\WINDOWS\system32\drivers\wacompen.sys
2008-04-13 21:43 . 2008-04-13 21:43 12,672 --------- C:\WINDOWS\system32\drivers\mutohpen.sys
2008-04-13 21:40 . 2008-04-13 21:40 10,240 --------- C:\WINDOWS\system32\drivers\sffp_mmc.sys
2008-04-13 21:36 . 2008-04-13 21:36 46,464 --------- C:\WINDOWS\system32\drivers\gagp30kx.sys
2008-04-13 21:36 . 2008-04-13 21:36 44,672 --------- C:\WINDOWS\system32\drivers\uagp35.sys
2008-04-13 21:36 . 2008-04-13 21:36 5,888 --------- C:\WINDOWS\system32\drivers\smbali.sys
2008-04-13 19:36 . 2008-04-13 19:36 144,384 --------- C:\WINDOWS\system32\drivers\hdaudbus.sys

.
(((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-06 15:02 --------- d-----w C:\Program Files\Windows Live
2008-05-06 13:54 --------- d-----w D:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-05-06 10:21 11,975 ----a-w C:\Program Files\hijackthis.log
2008-05-05 12:54 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
2008-05-05 12:52 --------- d-----w D:\Documents and Settings\All Users\Application Data\WLInstaller
2008-04-24 09:36 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-04-14 16:27 1,804 ----a-w C:\WINDOWS\system32\dcache.bin
2008-04-14 16:15 331,264 ----a-w C:\WINDOWS\system32\netsetup.exe
2008-04-14 16:11 997,888 ----a-w C:\WINDOWS\system32\msgina.dll
2008-04-14 16:10 9,344 ----a-w C:\WINDOWS\system32\framebuf.dll
2008-04-14 16:09 7,168 ----a-w C:\WINDOWS\system32\f3ahvoas.dll
2008-04-14 16:09 3,072 ----a-w C:\WINDOWS\system32\dpnlobby.dll
2008-04-14 16:09 3,072 ----a-w C:\WINDOWS\system32\dpnaddr.dll
2008-04-14 16:09 285,696 ----a-w C:\WINDOWS\system32\atmfd.dll
2008-04-14 16:09 16,896 ----a-w C:\WINDOWS\system32\cfgmgr32.dll
2008-04-14 15:51 80,256 ----a-w C:\WINDOWS\system32\drivers\parport.sys
2008-04-14 15:51 73,344 ----a-w C:\WINDOWS\system32\drivers\sr.sys
2008-04-14 15:51 68,096 ----a-w C:\WINDOWS\system32\drivers\pci.sys
2008-04-14 15:51 46,720 ----a-w C:\WINDOWS\system32\drivers\p3.sys
2008-04-14 15:51 120,064 ----a-w C:\WINDOWS\system32\drivers\pcmcia.sys
2008-04-14 15:49 2,191,360 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
2008-04-14 15:49 2,068,224 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe
2008-04-14 15:48 4,096 ----a-w C:\WINDOWS\system32\dsprpres.dll
2008-04-14 15:47 800,000 ----a-w C:\WINDOWS\system32\drivers\dmboot.sys
2008-04-14 15:47 154,112 ----a-w C:\WINDOWS\system32\drivers\dmio.sys
2008-04-14 15:46 37,120 ----a-w C:\WINDOWS\system32\drivers\isapnp.sys
2008-04-14 15:46 24,576 ----a-w C:\WINDOWS\system32\drivers\kbdclass.sys
2008-04-14 15:46 14,720 ----a-w C:\WINDOWS\system32\drivers\kbdhid.sys
2008-04-14 15:45 5,504 ----a-w C:\WINDOWS\system32\drivers\intelide.sys
2008-04-14 15:45 40,704 ----a-w C:\WINDOWS\system32\drivers\crusoe.sys
2008-04-14 15:45 40,320 ----a-w C:\WINDOWS\system32\drivers\intelppm.sys
2008-04-14 15:44 48,640 ----a-w C:\WINDOWS\system32\inetres.dll
2008-04-14 15:43 556,032 ----a-w C:\WINDOWS\system32\shdoclc.dll
2008-04-14 15:43 52,096 ----a-w C:\WINDOWS\system32\drivers\i8042prt.sys
2008-04-14 15:42 64,512 ----a-w C:\WINDOWS\system32\drivers\serial.sys
2008-04-14 15:41 9,728 ----a-w C:\WINDOWS\system32\gpkrsrc.dll
2008-04-14 15:41 1,845,888 ----a-w C:\WINDOWS\system32\win32k.sys
2008-04-14 15:40 65,536 ----a-w C:\WINDOWS\system32\browselc.dll
2008-04-14 15:40 57,472 ----a-w C:\WINDOWS\system32\drivers\redbook.sys
2008-04-14 15:39 51,840 ----a-w C:\WINDOWS\system32\drivers\volsnap.sys
2008-04-14 15:39 44,544 ----a-w C:\WINDOWS\system32\drivers\fips.sys
2008-04-14 15:38 39,808 ----a-w C:\WINDOWS\system32\drivers\processr.sys
2008-04-14 15:38 103,424 ----a-w C:\WINDOWS\system32\dpcdll.dll
2008-04-14 15:37 41,728 ----a-w C:\WINDOWS\system32\drivers\amdk7.sys
2008-04-14 15:37 41,344 ----a-w C:\WINDOWS\system32\drivers\amdk6.sys
2008-04-14 15:36 30,080 ----a-w C:\WINDOWS\system32\drivers\modem.sys
2008-04-14 15:36 23,040 ----a-w C:\WINDOWS\system32\drivers\mouclass.sys
2008-04-14 15:36 187,904 ----a-w C:\WINDOWS\system32\drivers\acpi.sys
2008-04-14 06:12 11,264 ----a-w C:\WINDOWS\system32\spnpinst.exe
2008-04-14 06:11 992,256 ----a-w C:\WINDOWS\system32\setupapi.dll
2008-04-14 06:11 423,936 ----a-w C:\WINDOWS\system32\licdll.dll
2008-04-13 19:28 175,744 ----a-w C:\WINDOWS\system32\drivers\rdbss.sys
2008-04-13 19:21 162,816 ----a-w C:\WINDOWS\system32\drivers\netbt.sys
2008-04-13 19:20 91,520 ----a-w C:\WINDOWS\system32\drivers\ndiswan.sys
2008-04-13 19:20 361,344 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-04-13 19:20 182,656 ----a-w C:\WINDOWS\system32\drivers\ndis.sys
2008-04-13 19:19 75,264 ----a-w C:\WINDOWS\system32\drivers\ipsec.sys
2008-04-13 19:19 51,328 ----a-w C:\WINDOWS\system32\drivers\rasl2tp.sys
2008-04-13 19:19 48,384 ----a-w C:\WINDOWS\system32\drivers\raspptp.sys
2008-04-13 19:19 146,048 ----a-w C:\WINDOWS\system32\drivers\portcls.sys
2008-04-13 19:19 138,112 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-04-13 19:17 83,072 ----a-w C:\WINDOWS\system32\drivers\wdmaud.sys
2008-04-13 19:17 456,576 ----a-w C:\WINDOWS\system32\drivers\mrxsmb.sys
2008-04-13 19:17 105,344 ----a-w C:\WINDOWS\system32\drivers\mup.sys
2008-04-13 19:16 49,536 ----a-w C:\WINDOWS\system32\drivers\classpnp.sys
2008-04-13 19:16 141,056 ----a-w C:\WINDOWS\system32\drivers\ks.sys
2008-04-13 19:15 60,800 ----a-w C:\WINDOWS\system32\drivers\sysaudio.sys
2008-04-13 19:15 574,976 ----a-w C:\WINDOWS\system32\drivers\ntfs.sys
2008-04-13 19:15 334,848 ----a-w C:\WINDOWS\system32\drivers\srv.sys
2008-04-13 19:14 63,744 ----a-w C:\WINDOWS\system32\drivers\cdfs.sys
2008-04-13 19:14 143,744 ----a-w C:\WINDOWS\system32\drivers\fastfat.sys
2008-04-13 19:00 225,664 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-04-13 19:00 19,072 ----a-w C:\WINDOWS\system32\drivers\tdi.sys
2008-04-13 18:57 41,472 ----a-w C:\WINDOWS\system32\drivers\raspppoe.sys
2008-04-13 18:57 40,576 ----a-w C:\WINDOWS\system32\drivers\ndproxy.sys
2008-04-13 18:57 34,560 ----a-w C:\WINDOWS\system32\drivers\wanarp.sys
2008-04-13 18:57 20,864 ----a-w C:\WINDOWS\system32\drivers\ipinip.sys
2008-04-13 18:57 152,832 ----a-w C:\WINDOWS\system32\drivers\ipnat.sys
2008-04-13 18:57 14,336 ----a-w C:\WINDOWS\system32\drivers\asyncmac.sys
2008-04-13 18:57 10,112 ----a-w C:\WINDOWS\system32\drivers\ndistapi.sys
2008-04-13 18:56 88,320 ----a-w C:\WINDOWS\system32\drivers\nwlnkipx.sys
2008-04-13 18:56 69,120 ----a-w C:\WINDOWS\system32\drivers\psched.sys
2008-04-13 18:56 35,072 ----a-w C:\WINDOWS\system32\drivers\msgpc.sys
2008-04-13 18:56 34,688 ----a-w C:\WINDOWS\system32\drivers\netbios.sys
2008-04-13 18:56 30,592 ----a-w C:\WINDOWS\system32\drivers\rndismp.sys
2008-04-13 18:56 12,800 ----a-w C:\WINDOWS\system32\drivers\usb8023.sys
2008-04-13 18:56 12,288 ----a-w C:\WINDOWS\system32\drivers\tunmp.sys
2008-04-13 18:55 202,624 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2008-04-13 18:55 14,592 ----a-w C:\WINDOWS\system32\drivers\ndisuio.sys
2008-04-13 18:54 11,264 ----a-w C:\WINDOWS\system32\drivers\irenum.sys
2008-04-13 18:53 71,552 ----a-w C:\WINDOWS\system32\drivers\bridge.sys
2008-04-13 18:53 40,320 ----a-w C:\WINDOWS\system32\drivers\nmnt.sys
2008-04-13 18:53 36,608 ----a-w C:\WINDOWS\system32\drivers\ip6fw.sys
2008-04-13 18:53 264,832 ----a-w C:\WINDOWS\system32\drivers\http.sys
2008-04-13 18:51 61,824 ----a-w C:\WINDOWS\system32\drivers\nic1394.sys
2008-04-13 18:51 60,800 ----a-w C:\WINDOWS\system32\drivers\arp1394.sys
2008-04-13 18:51 59,904 ----a-w C:\WINDOWS\system32\drivers\atmarpc.sys
2008-04-13 18:51 55,808 ----a-w C:\WINDOWS\system32\drivers\atmlane.sys
2008-04-13 18:47 25,856 ----a-w C:\WINDOWS\system32\drivers\usbprint.sys
2008-04-13 18:46 25,344 ----a-w C:\WINDOWS\system32\drivers\sonydcam.sys
.

(((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 19:12 15360]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 12:34 5724184]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 12:43 2097488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-09-15 14:00 208952]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-09-15 14:00 455168]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-09-15 14:00 455168]
"SoundMan"="SOUNDMAN.EXE" [2005-10-24 14:45 90112 C:\WINDOWS\soundman.exe]
"VTTimer"="VTTimer.exe" [2005-03-08 04:33 53248 C:\WINDOWS\system32\VTTimer.exe]
"VTTrayp"="VTtrayp.exe" [2005-11-01 05:15 163840 C:\WINDOWS\system32\VTTrayp.exe]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25 144784]
"PCMService"="c:\APPS\Powercinema\PCMService.exe" [2006-02-23 12:08 147456]
"ACTIVBOARD"="c:\apps\ABoard\ABoard.exe" [2003-05-02 11:31 24576]
"Vade Retro Outlook Express"="C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe" [2004-10-04 13:03 310272]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 03:41 49152]
"DataLayer"="C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe" [2005-06-07 11:31 819712]
"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2005-06-29 15:29 176128]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-09-17 16:20 286720]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 20:51 39792]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-03-29 20:37 79224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"GrpConv"="grpconv -o" []

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 19:12 15360]

D:\Documents and Settings\All Users\K„ynnist„-valikko\Ohjelmat\K„ynnistys\
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 05:21:22 288472]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.dvacm"= C:\PROGRA~1\COMMON~1\ULEADS~1\Vio\Dvacm.acm
"msacm.ulmp3acm"= C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG\ulmp3acm.acm
"msacm.mpegacm"= C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG\mpegacm.acm
"vidc.ffds"= ffdshow.ax

[HKLM\~\startupfolder\D:^Documents and Settings^JUHA^Käynnistä-valikko^Ohjelmat^Käynnistys^Xfire.lnk]

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Warlords\\Civ4Warlords.exe"=
"C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Warlords\\Civ4Warlords_PitBoss.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Beyond the Sword\\Civ4BeyondSword.exe"=
"C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Beyond the Sword\\Civ4BeyondSword_PitBoss.exe"=
"C:\\APPS\\skype\\phone\\Skype.exe"=
"C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Civilization4.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-03-29 20:31]
R1 pctfw2;pctfw2;C:\WINDOWS\system32\drivers\pctfw2.sys [2007-12-10 15:53]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-03-29 20:35]
S3 kbeepm;kbeepm;D:\DOCUME~1\JUHA\LOCALS~1\Temp\kbeepm.sys []

*Newly Created Service* - CATCHME
.
'Ajoitetut tehtävät'-kansion sisältö
"2008-05-09 08:02:06 C:\WINDOWS\Tasks\Tarkistetaan Windows Live -työkalurivin päivitykset.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-09 11:51:21
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
"ImagePath"="\"c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe\"\00\00\00\00\02\00\00\0
[%\00«Ô‘|\00\00\00\00ð&G\03\00\00\00\00¨\18F\03\00\00@\03pè\13\00pè\13\00À\01"

.
Completion time: 2008-05-09 11:55:48
ComboFix-quarantined-files.txt 2008-05-09 08:55:39

Pre-Run: 8,915,726,336 tavua vapaana
Post-Run: 8,902,897,664 tavua vapaana

255 --- E O F --- 2008-05-07 10:01:22
moomi79
Newbie
_
9. toukokuuta 2008 @ 15:39 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
a-squared Command Line Scanner - Version 3.5
Last update: N/A

Scan settings:

Objects: Memory, Traces, Cookies, C:
Scan archives: On
Heuristics: Off
ADS Scan: On

Scan start: 9.5.2008 12:16:00

Key: HKEY_CURRENT_USER\software\kazaa detected: Trace.Registry.KaZaA
D:\Documents and Settings\JUHA.Viljo2\Cookies\juha@2o7[1].txt detected: Trace.TrackingCookie
D:\Documents and Settings\JUHA.Viljo2\Cookies\juha@advertising[1].txt detected: Trace.TrackingCookie
D:\Documents and Settings\JUHA.Viljo2\Cookies\juha@atdmt[1].txt detected: Trace.TrackingCookie
D:\Documents and Settings\JUHA.Viljo2\Cookies\juha@bs.serving-sys[2].txt detected: Trace.TrackingCookie
D:\Documents and Settings\JUHA.Viljo2\Cookies\juha@doubleclick[1].txt detected: Trace.TrackingCookie
D:\Documents and Settings\JUHA.Viljo2\Cookies\juha@doubleclick[2].txt detected: Trace.TrackingCookie
D:\Documents and Settings\JUHA.Viljo2\Cookies\juha@serving-sys[2].txt detected: Trace.TrackingCookie
D:\Documents and Settings\JUHA.Viljo2\Cookies\juha@tradedoubler[2].txt detected: Trace.TrackingCookie
D:\Documents and Settings\JUHA.Viljo2\Cookies\juha@tradedoubler[3].txt detected: Trace.TrackingCookie

Scanned

Files: 179689
Traces: 179368
Cookies: 61
Processes: 46

Found

Files: 0
Traces: 1
Cookies: 9
Processes: 0

Quarantined

Files: 0
Traces: 1
Cookies: 9
Processes: 0

Scan end: 9.5.2008 13:18:57
Scan time: 1:02:57
moomi79
Newbie
_
9. toukokuuta 2008 @ 15:43 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Logfile of HijackThis v1.99.1
Scan saved at 15:40:54, on 9.5.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\APPS\Powercinema\PCMService.exe
C:\apps\ABoard\ABoard.exe
C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
C:\apps\ABoard\AOSD.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\QuickTime\qttask.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
c:\APPS\Powercinema\Kernel\CLML_NTService\CLMLServer.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Apps\Softex\OmniPass\Omniserv.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.suomi24.fi/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [PCMService] "c:\APPS\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Avaa uuteen etuvälilehteen - res://C:\Program Files\Windows Live Toolbar\Components\fi-fi\msntabres.dll.mui/230?e2321f8bdd044289923d4bdb90419a63
O8 - Extra context menu item: Avaa uuteen taustavälilehteen - res://C:\Program Files\Windows Live Toolbar\Components\fi-fi\msntabres.dll.mui/229?e2321f8bdd044289923d4bdb90419a63
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Lisää tämä blogiin - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Lisää tämä blogiin tuotteessa Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\common files\pc tools\lsp\pctlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\pc tools\lsp\pctlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\pc tools\lsp\pctlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\pc tools\lsp\pctlsp.dll
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://elisa.net/
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/2007...ex/qtplugin.cab
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/FacebookPhotoUploader5.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Mes...nt.cab31267.cab
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/Share...bin/AvSniff.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by111fd.bay111.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} - http://upload.facebook.com/controls/FacebookPhotoUploader3.cab
O16 - DPF: {5CE72DD0-4695-4D18-A4D3-3367ACD37578} (F-Secure Health Check 1.0) - http://support.f-secure.com/enu/home/onl.../fshc/fscax.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Share...n/bin/cabsa.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} - http://www.extrafilm.fi/ImageUploader4.cab
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX28.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Mes...nt.cab31267.cab
O16 - DPF: {A4069847-C342-48E2-9257-01A24E5C78EA} (F-Secure Online Scanner 3.2) - http://support.f-secure.com/ols3beta/fscax.cab
O16 - DPF: {A73BAEFA-EE65-494D-BEDB-DD3E5A34FA98} (Image Uploader) - http://www.extrafilm.fi/ImageUploader4.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://fi.photobox.com/clients/uploader_v2.2.0.6.cab
O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} (Facebook Photo Uploader 4) - http://upload.facebook.com/controls/FacebookPhotoUploader4_5.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-lo...288/mcfscan.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O20 - Winlogon Notify: OPXPGina - C:\WINDOWS\
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: CyberLink Media Library Service - Cyberlink - c:\APPS\Powercinema\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: Softex OmniPass Service (omniserv) - Softex Inc. - C:\Apps\Softex\OmniPass\Omniserv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

Nonnii tässä olis näitä logeja toivottavasti ne mitä pitiki. mitäs seuraavaksi tehää>? Kiits valmiiks...
AfterDawn Addict
_
10. toukokuuta 2008 @ 00:25 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
scannaa hjt:llä merkkaa paina Fix checked

O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O20 - Winlogon Notify: OPXPGina - C:\WINDOWS\

================

aja tuosta
Nortonin poisto kalu

===============

Poista lisää poista sovelutuksesta

Spybot - Search & Destroy

Poista kansio vikasiedossa

C:\Program Files\Spybot - Search & Destroy

==============

SDFix by AndyManchesta
tuota ei ole vissiin ajettu





Eihä kone voi edes toimia?
moomi79
Newbie
_
12. toukokuuta 2008 @ 21:35 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
onnistuikohan tällä kertaa?

Removing Temp Files

ADS Check :



Final Check :

catchme 0.3.1359.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-12 20:28:13
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

scanning hidden registry entries ...

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{3695EB93-6443-448D-8E2E-1F6F4FC79BC1}]
"FriendlyName"="Windows Media AsfError Exception Pack"
"ComponentGUID"="{3695EB93-6443-448D-8E2E-1F6F4FC79BC1}"
"Version"=dword:00090000
"Sub-Version"=dword:00000ba4
"ExceptionInfName"=str(2):"C:\WINDOWS\RegisteredPackages\{3695EB93-6443-448D-8E2E-1F6F4FC79BC1}\asferr.inf"
"ExceptionCatalogName"=str(2):"C:\WINDOWS\RegisteredPackages\{3695EB93-6443-448D-8E2E-1F6F4FC79BC1}\asferr.cat"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{89820200-ECBD-11CF-8B85-00AA005B4383}]
"FriendlyName"="Internet Explorer 6"
"ComponentGUID"="{89820200-ECBD-11CF-8B85-00AA005B4383}"
"Version"=dword:00060000
"Sub-Version"=dword:50007ffd
"ExceptionInfName"=str(2):"C:\WINDOWS\RegisteredPackages\{89820200-ECBD-11cf-8B85-00AA005B4383}\ieex.inf"
"ExceptionCatalogName"=str(2):"C:\WINDOWS\RegisteredPackages\{89820200-ECBD-11cf-8B85-00AA005B4383}\ieex.cat"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{89FDAB62-6F46-4C7E-A559-E00B9A0BACB6}]
"FriendlyName"="Windows Media Services 9 Series SDK"
"ComponentGUID"="{89FDAB62-6F46-4C7E-A559-E00B9A0BACB6}"
"Version"=dword:00090000
"Sub-Version"=dword:00000cca
"ExceptionInfName"=str(2):"C:\WINDOWS\RegisteredPackages\{89FDAB62-6F46-4C7E-A559-E00B9A0BACB6}\wmstypelib.inf"
"ExceptionCatalogName"=str(2):"C:\WINDOWS\RegisteredPackages\{89FDAB62-6F46-4C7E-A559-E00B9A0BACB6}\wmstypelib.cat"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\OptionalComponents\SwDir]
"Installed"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB873339]
"Installed"=dword:00000001
"Comments"="Windows XP Hotfix - KB873339"
"Backup Dir"=""
"Fix Description"="Windows XP Hotfix - KB873339"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB873339\File 1]
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB885250]
"Installed"=dword:00000001
"Comments"="Windows XP Hotfix - KB885250"
"Backup Dir"=""
"Fix Description"="Windows XP Hotfix - KB885250"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB885250\File 1]
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB885835]
"Installed"=dword:00000001
"Comments"="Windows XP Hotfix - KB885835"
"Backup Dir"=""
"Fix Description"="Windows XP Hotfix - KB885835"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB885835\File 1]
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB885836]
"Installed"=dword:00000001
"Comments"="Windows XP Hotfix - KB885836"
"Backup Dir"=""
"Fix Description"="Windows XP Hotfix - KB885836"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB885836\File 1]
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB886185]
"Installed"=dword:00000001
"Comments"="Windows XP Hotfix - KB886185"
"Backup Dir"=""
"Fix Description"="Windows XP Hotfix - KB886185"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB886185\File 1]
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB887472]
"Installed"=dword:00000001
"Comments"="Windows XP Hotfix - KB887472"
"Backup Dir"=""
"Fix Description"="Windows XP Hotfix - KB887472"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB887472\File 1]
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB887742]
"Installed"=dword:00000001
"Comments"="Windows XP Hotfix - KB887742"
"Backup Dir"=""
"Fix Description"="Windows XP Hotfix - KB887742"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB887742\File 1]
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB888113]
"Installed"=dword:00000001
"Comments"="Windows XP Hotfix - KB888113"
"Backup Dir"=""
"Fix Description"="Windows XP Hotfix - KB888113"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB888113\File 1]
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB888302]
"Installed"=dword:00000001
"Comments"="Windows XP Hotfix - KB888302"
"Backup Dir"=""
"Fix Description"="Windows XP Hotfix - KB888302"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB888302\File 1]
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB890046]
"Installed"=dword:00000001
"Comments"="Suojauspäivitys Windows XP:lle (KB890046)"
"Backup Dir"=""
"Fix Description"="Suojauspäivitys Windows XP:lle (KB890046)"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB890046\File 1]
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB890859]
"Installed"=dword:00000001
"Comments"="Windows XP Hotfix - KB890859"
"Backup Dir"=""
"Fix Description"="Windows XP Hotfix - KB890859"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB890859\File 1]
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB891781]
"Installed"=dword:00000001
"Comments"="Windows XP Hotfix - KB891781"
"Backup Dir"=""
"Fix Description"="Windows XP Hotfix - KB891781"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB891781\File 1]
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB893756]
"Installed"=dword:00000001
"Comments"="Suojauspäivitys Windows XP:lle (KB893756)"
"Backup Dir"=""
"Fix Description"="Suojauspäivitys Windows XP:lle (KB893756)"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB893756\File 1]
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB893803v2]
"Installed"=dword:00000001
"Comments"="Windows Installer 3.1"
"Backup Dir"=""
"Fix Description"="Windows Installer 3.1"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB893803v2\File 1]
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB894391]
"Installed"=dword:00000001
"Comments"="Päivitys Windows XP:lle (KB894391)"
"Backup Dir"=""
"Fix Description"="Päivitys Windows XP:lle (KB894391)"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB894391\File 1]
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB896256]
"Installed"=dword:00000001
"Comments"="Hotfix-päivitys Windows XP:lle (KB896256)"
"Backup Dir"=""
"Fix Description"="Hotfix-päivitys Windows XP:lle (KB896256)"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB896256\File 1]
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB896358]
"Installed"=dword:00000001
"Comments"="Suojauspäivitys Windows XP:lle (KB896358)"
"Backup Dir"=""
"Fix Description"="Suojauspäivitys Windows XP:lle (KB896358)"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB896358\File 1]
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB896422]
"Installed"=dword:00000001
"Comments"="Suojauspäivitys Windows XP:lle (KB896422)"
"Backup Dir"=""
"Fix Description"="Suojauspäivitys Windows XP:lle (KB896422)"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB896422\File 1]
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB896423]
"Installed"=dword:00000001
"Comments"="Suojauspäivitys Windows XP:lle (KB896423)"
"Backup Dir"=""
"Fix Description"="Suojauspäivitys Windows XP:lle (KB896423)"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB896423\File 1]
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB896424]
"Installed"=dword:00000001
"Comments"="Suojauspäivitys Windows XP:lle (KB896424)"
"Backup Dir"=""
"Fix Description"="Suojauspäivitys Windows XP:lle (KB896424)"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB896424\File 1]
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB896428]
"Installed"=dword:00000001
"Comments"="Suojauspäivitys Windows XP:lle (KB896428)"
"Backup Dir"=""
"Fix Description"="Suojauspäivitys Windows XP:lle (KB896428)"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB896428\File 1]
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB898461]
"Installed"=dword:00000001
"Comments"="Päivitys Windows XP:lle (KB898461)"
"Backup Dir"=""
"Fix Description"="Päivitys Windows XP:lle (KB898461)"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB898461\File 1]
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB899587]
"Installed"=dword:00000001
"Comments"="Suojauspäivitys Windows XP:lle (KB899587)"
"Backup Dir"=""
"Fix Description"="Suojauspäivitys Windows XP:lle (KB899587)"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB899587\File 1]
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB899589]
"Installed"=dword:00000001
"Comments"="Suojauspäivitys Windows XP:lle (KB899589)"
"Backup Dir"=""
"Fix Description"="Suojauspäivitys Windows XP:lle (KB899589)"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB899589\File 1]
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB899591]
"Installed"=dword:00000001
"Comments"="Suojauspäivitys Windows XP:lle (KB899591)"
"Backup Dir"=""
"Fix Description"="Suojauspäivitys Windows XP:lle (KB899591)"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB899591\File 1]
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB900485]
"Installed"=dword:00000001
"Comments"="Päivitys Windows XP:lle (KB900485)"
"Backup Dir"=""
"Fix Description"="Päivitys Windows XP:lle (KB900485)"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB900485\File 1]
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB900725]
"Installed"=dword:00000001
"Comments"="Suojauspäivitys Windows XP:lle (KB900725)"
"Backup Dir"=""
"Fix Description"="Suojauspäivitys Windows XP:lle (KB900725)"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB900725\File 1]
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB901017]
"Installed"=dword:00000001
"Comments"="Suojauspäivitys Windows XP:lle (KB901017)"
"Backup Dir"=""
"Fix Description"="Suojauspäivitys Windows XP:lle (KB901017)"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB901017\File 1]
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB901190]
"Installed"=dword:00000001
"Comments"="Suojauspäivitys Windows XP:lle (KB901190)"
"Backup Dir"=""
"Fix Description"="Suojauspäivitys Windows XP:lle (KB901190)"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB901190\File 1]
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB901214]
"Installed"=dword:00000001
"Comments"="Suojauspäivitys Windows XP:lle (KB901214)"
"Backup Dir"=""
"Fix Description"="Suojauspäivitys Windows XP:lle (KB901214)"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB901214\File 1]
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB902400]
"Installed"=dword:00000001
"Comments"="Suojauspäivitys Windows XP:lle (KB902400)"
"Backup Dir"=""
"Fix Description"="Suojauspäivitys Windows XP:lle (KB902400)"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB902400\File 1]
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB904706]
"Installed"=dword:00000001
"Comments"="Suojauspäivitys Windows XP:lle (KB904706)"
"Backup Dir"=""
"Fix Description"="Suojauspäivitys Windows XP:lle (KB904706)"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB904706\File 1]
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB905414]
"Installed"=dword:00000001
"Comments"="Suojauspäivitys Windows XP:lle (KB905414)"
"Backup Dir"=""
"Fix Description"="Suojauspäivitys Windows XP:lle (KB905414)"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB905414\File 1]
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB905749]
"Installed"=dword:00000001
"Comments"="Suojauspäivitys Windows XP:lle (KB905749)"
"Backup Dir"=""
"Fix Description"="Suojauspäivitys Windows XP:lle (KB905749)"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB905749\File 1]
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB908519]
"Installed"=dword:00000001
"Comments"="Suojauspäivitys Windows XP:lle (KB908519)"
"Backup Dir"=""
"Fix Description"="Suojauspäivitys Windows XP:lle (KB908519)"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB908519\File 1]
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB908531]
"Installed"=dword:00000001
"Comments"="Päivitys Windows XP:lle (KB908531)"
"Backup Dir"=""
"Fix Description"="Päivitys Windows XP:lle (KB908531)"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB908531\File 1]
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB910437]
"Installed"=dword:00000001
"Comments"="Päivitys Windows XP:lle (KB910437)"
"Backup Dir"=""
"Fix Description"="Päivitys Windows XP:lle (KB910437)"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB910437\File 1]
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB911562]
"Installed"=dword:00000001
"Comments"="Suojauspäivitys Windows XP:lle (KB911562)"
"Backup Dir"=""
"Fix Description"="Suojauspäivitys Windows XP:lle (KB911562)"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB911562\File 1]
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB911564]
"Installed"=dword:00000001
"Comments"="Suojauspäivitys Windows Media Playerille (KB911564)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB911567]
"Installed"=dword:00000001
"Comments"="Suojauspäivitys Windows XP:lle (KB911567)"
"Backup Dir"=""
"Fix Description"="Suojauspäivitys Windows XP:lle (KB911567)"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB911567\File 1]
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB911927]
"Installed"=dword:00000001
"Comments"="Suojauspäivitys Windows XP:lle (KB911927)"
"Backup Dir"=""
"Fix Description"="Suojauspäivitys Windows XP:lle (KB911927)"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB911927\File 1]
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""