kone tosi hidas, hijacj log file mukana

petepoika · 22.08.2008

olen koittanut kaikilla mieleeni tulleilla ohjelmilla putsata konetta eikä tullut enää muuta mieleen kun tämä. kone hidastelee ja jää jumiin välillä

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:22:54, on 22.8.2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Mobile Partner\Mobile Partner.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conime.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.elisa.net
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fi_fi&c=81&bd=Pavilion&pf=laptop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fi_fi&c=81&bd=Pavilion&pf=laptop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ICSDCLT] C:\Windows\rundll32.exe C:\Windows\system32\icsdclt.dll,ICSClient
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\RunServices: [SSDPSRV] C:\Windows\system32\ssdpsrv.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Mobile Partner] "C:\Program Files\Mobile Partner\Mobile Partner.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Verkkopalvelu')
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: V&ie Microsoft Exceliin - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll/206 (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/download/scanner/fi-fi/wlscctrl2.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{737BF9C6-6D98-4216-8B0E-C751BC48F7A8}: NameServer = 193.229.0.40 193.229.0.42
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TeamViewer 3 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer3\TeamViewer_Service.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 10102 bytes

AfterDawn

Hujo · 22.08.2008

scannaa hjt:llä merkkaa paina Fix checked

O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

=============

Lataa Malwarebytes' Anti-Malware työpöydällesi.

1. Tuplaklikkaa mbam-setup.exe ja seuraa ohjeita asentaaksesi ohjelman.
2. Lopuksi varmistu, että seuraavat on valittu: Update Malwarebytes', Anti-Malwareja
Launch Malwarebytes' Anti-Malware ja sen jälkeen klikkaaFinish.
3. Jos päivitys löytyy. ohjelma lataa ja asentaa uusimman version.
4. Kun ohjelma on latautunut, valitse Perform full scan ja klikkaa Scan.
5. Kun skanni on valmis, klikkaa OK ja sitten Show Results nähdäksesi tulokset.
6. Varmistu, että kaikki on merkitty ja klikkaa Remove Selected.
7. Tämän jälkeen loki avautuu muistioon. Tallenna se paikkaan, josta löydät sen helposti. Loki
löytyy myös täältä: C:\Documents and Settings\Käyttäjänimi\Application
Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-päiväys.txt
8. Lähetä lokin sisältö seuraavassa viestissäsi.

petepoika · 28.08.2008

Malwarebytes' Anti-Malware 1.25
Tietokantaversio: 1092
Windows 6.0.6001 Service Pack 1

21:53:34 28.8.2008
mbam-log-08-28-2008 (21-53-34).txt

Tarkistustyyppi: Täysi tarkistus (C:\|D:\|)
Tarkistetut kohteet: 169373
Kulunut aika: 1 hour(s), 31 minute(s), 14 second(s)

Saastuneita muistiprosesseja: 0
Saastuneita muistimoduuleja: 0
Saastuneita rekisteriavaimia: 0
Saastuneita rekisteriarvoja: 0
Saastuneita rekisterikohteita: 0
Saastuneita hakemistoja: 1
Saastuneita tiedostoja: 0

Saastuneita muistiprosesseja:
(Haitallisia kohteita ei löydetty)

Saastuneita muistimoduuleja:
(Haitallisia kohteita ei löydetty)

Saastuneita rekisteriavaimia:
(Haitallisia kohteita ei löydetty)

Saastuneita rekisteriarvoja:
(Haitallisia kohteita ei löydetty)

Saastuneita rekisterikohteita:
(Haitallisia kohteita ei löydetty)

Saastuneita hakemistoja:
C:\Program Files\Live_TV (Adware.Agent) -> Quarantined and deleted successfully.

Saastuneita tiedostoja:
(Haitallisia kohteita ei löydetty)

Hujo · 28.08.2008

1.Lataa combofix.exe työpöydällesi yhdestä linkistä:
combofix1
combofix2

2. Tuplaklikkaa combofix.exe tiedostoa ja seuraa ohjeistuksia.
3. Kun työkalu on valmis, se tuottaa lokin. Lähetä tämä loki viesti ketjuusi.
Huom! Älä klikkaile combofixin ikkunaa käytön aikana. Tämä saattaa aiheuttaa ohjelman jumiutumisen.

petepoika · 01.09.2008

nyt jää jumiin melkein joka toisella kerralla kun käynnistää, ei auta odottaminen eikä mikään muu kuuin buuttaus

ComboFix 08-08-31.01 - Käyttäjä 2008-09-01 19:51:47.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1035.18.1178 [GMT 3:00]
Running from: C:\Users\Käyttäjä\Downloads\ComboFix.exe
* Created a new restore point
* Resident AV is active

.

(((((((((((((((((((((((((((((((((((((( Muut poistot ))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\ProgramData\Microsoft\Network\Downloader\qmgr0.dat
C:\ProgramData\Microsoft\Network\Downloader\qmgr1.dat
C:\Windows\system32\KBL.LOG

----- BITS: Possible infected sites -----

http://ftp.hp.com
.
((((( Tiedostot, jotka on luotu seuraavalla aikavälillä: 2008-08-01 to 2008-09-01 )))))))))))))))))
.

2008-08-30 10:27 . 2008-08-30 10:27 <KANSIO> d-------- C:\Users\All Users\PopCap Games
2008-08-30 10:27 . 2008-08-30 10:27 <KANSIO> d-------- C:\ProgramData\PopCap Games
2008-08-30 10:27 . 2008-08-30 10:27 <KANSIO> d-------- C:\Program Files\PopCap Games
2008-08-28 20:13 . 2008-08-28 20:13 <KANSIO> d-------- C:\Users\Käyttäjä\AppData\Roaming\Malwarebytes
2008-08-28 20:13 . 2008-08-28 20:13 <KANSIO> d-------- C:\Users\Käyttäjä\AppData\Roaming\Malwarebytes
2008-08-28 20:13 . 2008-08-28 20:13 <KANSIO> d-------- C:\Users\All Users\Malwarebytes
2008-08-28 20:13 . 2008-08-28 20:13 <KANSIO> d-------- C:\ProgramData\Malwarebytes
2008-08-28 20:13 . 2008-08-28 20:13 <KANSIO> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-08-28 20:13 . 2008-08-17 15:01 38,472 --a------ C:\Windows\System32\drivers\mbamswissarmy.sys
2008-08-28 20:13 . 2008-08-17 15:01 17,144 --a------ C:\Windows\System32\drivers\mbam.sys
2008-08-28 20:12 . 2008-08-28 20:12 2,085,280 --a------ C:\Users\Käyttäjä\mbam-setup.exe
2008-08-28 20:12 . 2008-08-28 20:12 2,085,280 --a------ C:\Users\Käyttäjä\mbam-setup.exe
2008-08-28 19:51 . 2008-07-19 08:09 1,811,656 --a------ C:\Windows\System32\wuaueng.dll
2008-08-28 19:51 . 2008-07-19 06:44 1,524,736 --a------ C:\Windows\System32\wucltux.dll
2008-08-28 19:51 . 2008-07-19 08:10 53,448 --a------ C:\Windows\System32\wuauclt.exe
2008-08-28 19:51 . 2008-07-19 08:10 45,768 --a------ C:\Windows\System32\wups2.dll
2008-08-28 19:50 . 2008-07-19 08:09 563,912 --a------ C:\Windows\System32\wuapi.dll
2008-08-28 19:50 . 2008-07-18 22:08 163,904 --a------ C:\Windows\System32\wuwebv.dll
2008-08-28 19:50 . 2008-07-19 06:44 83,456 --a------ C:\Windows\System32\wudriver.dll
2008-08-28 19:50 . 2008-07-19 08:10 36,552 --a------ C:\Windows\System32\wups.dll
2008-08-28 19:50 . 2008-07-18 20:44 31,232 --a------ C:\Windows\System32\wuapp.exe
2008-08-25 11:15 . 2008-08-25 11:16 253,343,920 --a------ C:\Windows\MEMORY.DMP
2008-08-23 10:59 . 2008-08-23 10:59 <KANSIO> d-------- C:\Program Files\MagicISO
2008-08-22 13:19 . 2008-08-22 13:19 <KANSIO> d-------- C:\Program Files\Trend Micro
2008-08-22 13:17 . 2008-08-22 13:17 <KANSIO> d-------- C:\Program Files\CCleaner
2008-08-22 12:14 . 2008-08-22 12:14 <KANSIO> d-------- C:\NVIDIA
2008-08-22 11:43 . 2008-08-22 11:43 0 --ah----- C:\Windows\System32\drivers\Msft_Kernel_HpqKbFiltr_01005.Wdf
2008-08-22 11:41 . 2008-08-22 11:41 <KANSIO> d-------- C:\Users\Käyttäjä\AppData\Roaming\InstallShield
2008-08-22 11:41 . 2008-08-22 11:41 <KANSIO> d-------- C:\Users\Käyttäjä\AppData\Roaming\InstallShield
2008-08-21 18:06 . 2008-08-21 18:06 <KANSIO> d-------- C:\Program Files\EA GAMES
2008-08-18 19:55 . 2008-08-18 19:55 <KANSIO> d-------- C:\Program Files\RealVNC
2008-08-16 08:04 . 2008-09-01 19:51 <KANSIO> d--h----- C:\$AVG8.VAULT$
2008-08-16 00:27 . 2008-08-16 00:27 <KANSIO> d-------- C:\realtek
2008-08-16 00:07 . 2007-11-13 23:18 553 --a------ C:\Windows\USetup.iss
2008-08-16 00:06 . 2008-08-16 00:29 319,456 --a------ C:\Windows\DIFxAPI.dll
2008-08-16 00:05 . 2008-08-16 00:05 <KANSIO> d-------- C:\Program Files\Realtek
2008-08-16 00:05 . 2007-07-26 01:09 520,192 --a------ C:\Windows\RtlExUpd.dll
2008-08-16 00:05 . 2008-08-16 00:05 315,392 --a------ C:\Windows\HideWin.exe
2008-08-15 22:21 . 2008-08-18 18:48 <KANSIO> d-------- C:\Users\Käyttäjä\AppData\Roaming\TeamViewer
2008-08-15 22:21 . 2008-08-18 18:48 <KANSIO> d-------- C:\Users\Käyttäjä\AppData\Roaming\TeamViewer
2008-08-15 22:20 . 2008-08-15 22:20 <KANSIO> d-------- C:\Users\Käyttäjä\temp
2008-08-15 22:20 . 2008-08-15 22:20 <KANSIO> d-------- C:\Users\Käyttäjä\temp
2008-08-15 22:20 . 2008-08-15 22:21 <KANSIO> d-------- C:\Program Files\TeamViewer3
2008-08-15 22:05 . 2008-08-20 12:32 <KANSIO> d-------- C:\Program Files\ICQ6
2008-08-15 18:04 . 2008-08-20 12:16 <KANSIO> d-------- C:\Users\Käyttäjä\AppData\Roaming\skypePM
2008-08-15 18:04 . 2008-08-20 12:16 <KANSIO> d-------- C:\Users\Käyttäjä\AppData\Roaming\skypePM
2008-08-15 18:04 . 2008-08-15 18:04 56 --ah----- C:\Users\All Users\ezsidmv.dat
2008-08-15 18:04 . 2008-08-15 18:04 56 --ah----- C:\ProgramData\ezsidmv.dat
2008-08-15 18:00 . 2008-08-20 12:37 <KANSIO> d-------- C:\Users\All Users\Skype
2008-08-15 18:00 . 2008-08-20 12:37 <KANSIO> d-------- C:\ProgramData\Skype
2008-08-15 10:15 . 2008-08-20 12:38 <KANSIO> d-------- C:\Users\Käyttäjä\UltraStar Deluxe
2008-08-15 10:15 . 2008-08-20 12:38 <KANSIO> d-------- C:\Users\Käyttäjä\UltraStar Deluxe
2008-08-15 09:07 . 2008-08-15 09:07 <KANSIO> d-------- C:\Program Files\BitComet
2008-08-15 09:07 . 2008-08-23 21:28 <KANSIO> d-------- C:\Downloads
2008-08-14 21:01 . 2008-08-17 18:10 <KANSIO> d-------- C:\Users\Käyttäjä\Songs
2008-08-14 21:01 . 2008-08-17 18:10 <KANSIO> d-------- C:\Users\Käyttäjä\Songs
2008-08-14 16:48 . 2008-08-20 12:29 <KANSIO> d-------- C:\Users\Käyttäjä\AppData\Roaming\GigaStaraokeDemo
2008-08-14 16:48 . 2008-08-20 12:29 <KANSIO> d-------- C:\Users\Käyttäjä\AppData\Roaming\GigaStaraokeDemo
2008-08-14 14:04 . 2008-08-14 14:19 <KANSIO> d-------- C:\Users\All Users\Lavasoft
2008-08-14 14:04 . 2008-08-14 14:19 <KANSIO> d-------- C:\ProgramData\Lavasoft
2008-08-14 14:04 . 2008-08-14 14:04 <KANSIO> d-------- C:\Program Files\Lavasoft
2008-08-13 18:31 . 2008-08-13 18:52 69,128 --a------ C:\Windows\System32\drivers\avgwfpx.sys
2008-08-13 18:31 . 2008-08-13 18:52 12,936 --a------ C:\Windows\System32\drivers\avgrkx86.sys
2008-08-13 17:27 . 2008-08-20 13:59 <KANSIO> d-------- C:\Program Files\Conduit
2008-08-13 17:25 . 2008-07-16 04:32 2,048 --a------ C:\Windows\System32\tzres.dll
2008-08-13 14:34 . 2008-06-27 04:55 1,383,424 --a------ C:\Windows\System32\mshtml.tlb
2008-08-13 14:34 . 2008-06-27 07:15 827,392 --a------ C:\Windows\System32\wininet.dll
2008-08-13 14:34 . 2008-04-10 08:12 738,304 --a------ C:\Windows\System32\inetcomm.dll
2008-08-13 14:34 . 2008-06-19 06:31 361,984 --a------ C:\Windows\System32\IPSECSVC.DLL
2008-08-13 14:34 . 2008-04-18 08:48 269,312 --a------ C:\Windows\System32\es.dll
2008-08-12 23:06 . 2008-08-22 12:44 <KANSIO> d-------- C:\Program Files\Spybot - Search & Destroy
2008-08-12 20:38 . 2008-08-12 20:38 <KANSIO> d-------- C:\Users\All Users\Apple
2008-08-12 20:38 . 2008-08-12 20:38 <KANSIO> d-------- C:\ProgramData\Apple
2008-08-12 20:38 . 2008-08-12 20:38 <KANSIO> d-------- C:\Program Files\Apple Software Update
2008-08-10 21:37 . 2008-08-10 21:37 <KANSIO> d-------- C:\Program Files\Webteh
2008-08-10 21:15 . 2008-08-10 21:22 <KANSIO> d-------- C:\Users\Käyttäjä\AppData\Roaming\DivX
2008-08-10 21:15 . 2008-08-10 21:22 <KANSIO> d-------- C:\Users\Käyttäjä\AppData\Roaming\DivX
2008-08-10 21:14 . 2008-08-10 21:14 <KANSIO> d-------- C:\Program Files\DivX
2008-08-10 21:14 . 2008-08-10 21:14 <KANSIO> d-------- C:\Program Files\Common Files\PX Storage Engine
2008-08-09 21:20 . 2008-08-09 21:20 <KANSIO> d-------- C:\Users\Käyttäjä\AppData\Roaming\Uniblue
2008-08-09 21:20 . 2008-08-09 21:20 <KANSIO> d-------- C:\Users\Käyttäjä\AppData\Roaming\Uniblue
2008-08-09 21:19 . 2008-08-10 21:00 <KANSIO> d-------- C:\Users\All Users\WinZip
2008-08-09 21:19 . 2008-08-10 21:00 <KANSIO> d-------- C:\ProgramData\WinZip
2008-08-09 14:39 . 2008-08-14 11:03 <KANSIO> d-------- C:\Program Files\PokerStars
2008-08-08 13:42 . 2008-08-08 13:42 <KANSIO> d-------- C:\Users\All Users\Apple Computer
2008-08-08 13:42 . 2008-08-08 13:42 <KANSIO> d-------- C:\ProgramData\Apple Computer
2008-08-08 13:42 . 2008-08-08 13:43 <KANSIO> d-------- C:\Program Files\QuickTime
2008-08-07 16:47 . 2008-09-01 19:46 <KANSIO> d-------- C:\Windows\System32\drivers\Avg
2008-08-07 16:47 . 2008-08-13 18:29 <KANSIO> d-------- C:\Users\All Users\avg8
2008-08-07 16:47 . 2008-08-13 18:29 <KANSIO> d-------- C:\ProgramData\avg8
2008-08-07 16:47 . 2008-08-07 16:47 <KANSIO> d-------- C:\Program Files\AVG
2008-08-07 16:47 . 2008-08-13 18:52 97,928 --a------ C:\Windows\System32\drivers\avgldx86.sys
2008-08-07 16:47 . 2008-08-13 18:52 10,520 --a------ C:\Windows\System32\avgrsstx.dll
2008-08-06 12:41 . 2008-08-06 12:42 <KANSIO> d-------- C:\Program Files\McDonaldsDragons
2008-08-05 20:21 . 2008-08-05 20:21 126,976 --a------ C:\Windows\W3DemoUnin.exe
2008-08-05 20:21 . 2008-08-05 20:22 12,947 --a------ C:\Windows\W3DemoUnin.dat
2008-08-05 20:21 . 2008-08-05 20:21 2,829 --a------ C:\Windows\W3DemoUnin.pif
2008-08-05 20:20 . 2008-08-05 20:21 <KANSIO> d-------- C:\Program Files\Warcraft III Demo
2008-08-05 19:19 . 2008-08-05 19:19 <KANSIO> d-------- C:\Program Files\Axis Communications
2008-08-04 21:38 . 2008-08-04 21:39 <KANSIO> d-------- C:\Windows\System32\Adobe
2008-08-04 06:28 . 2008-08-04 06:28 <KANSIO> d-------- C:\Program Files\Sun
2008-08-03 20:21 . 2008-08-03 20:21 <KANSIO> d-------- C:\.jagex_cache_32
2008-08-03 14:47 . 2005-05-26 15:34 2,297,552 --a------ C:\Windows\System32\d3dx9_26.dll
2008-08-03 11:27 . 2008-08-03 11:30 <KANSIO> d-------- C:\Windows\System32\panda_ss1 dir
2008-08-03 11:27 . 2008-08-03 11:27 201,728 --a------ C:\Windows\System32\panda_ss1.scr
2008-08-03 09:37 . 2008-08-03 09:37 <KANSIO> d-------- C:\Program Files\PIXresizer
2008-08-03 09:37 . 2002-08-29 19:00 1,703,936 --a------ C:\Windows\System32\gdiplus.dll
2008-08-03 09:37 . 2007-04-15 00:05 991,232 --a------ C:\Windows\System32\imageviewer2.ocx
2008-08-03 09:37 . 2004-03-08 23:00 224,016 --a------ C:\Windows\System32\tabctl32.ocx
2008-08-03 09:37 . 1996-01-12 00:00 200,704 --a------ C:\Windows\System32\threed32.ocx
2008-08-03 09:37 . 1998-06-24 00:00 164,144 --a------ C:\Windows\System32\comct232.ocx
2008-08-03 09:37 . 1999-09-16 09:04 151,552 --a------ C:\Windows\System32\ccrpfd6.ocx
2008-08-03 09:37 . 2000-05-01 23:02 110,592 --a------ C:\Windows\System32\ccrpbds6.dll
2008-08-03 09:37 . 2000-07-09 18:15 106,496 --a------ C:\Windows\System32\mbprgbar.ocx
2008-08-02 22:19 . 2008-08-02 22:19 <KANSIO> d-------- C:\Users\Käyttäjä\AppData\Roaming\Mozilla
2008-08-02 22:19 . 2008-08-02 22:19 <KANSIO> d-------- C:\Users\Käyttäjä\AppData\Roaming\Mozilla

.
(((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-01 16:55 7,077,888 --sha-w C:\Users\Käyttäjä\ntuser.dat
2008-09-01 16:55 7,077,888 --sha-w C:\Users\Käyttäjä\ntuser.dat
2008-08-30 07:39 41,764 ----a-w C:\Users\Käyttäjä\AppData\Roaming\nvModes.dat
2008-08-30 07:39 41,764 ----a-w C:\Users\Käyttäjä\AppData\Roaming\nvModes.dat
2008-08-28 17:13 --------- d-----w C:\Users\Käyttäjä\AppData\Roaming\Malwarebytes
2008-08-28 17:13 --------- d-----w C:\Users\Käyttäjä\AppData\Roaming\Malwarebytes
2008-08-28 17:12 2,085,280 ----a-w C:\Users\Käyttäjä\mbam-setup.exe
2008-08-28 17:12 2,085,280 ----a-w C:\Users\Käyttäjä\mbam-setup.exe
2008-08-22 11:56 --------- d-----w C:\ProgramData\Spybot - Search & Destroy
2008-08-22 10:51 --------- d-----w C:\ProgramData\NVIDIA
2008-08-22 08:43 --------- d-----w C:\Program Files\CONEXANT
2008-08-22 08:41 --------- d-----w C:\Users\Käyttäjä\AppData\Roaming\InstallShield
2008-08-22 08:41 --------- d-----w C:\Users\Käyttäjä\AppData\Roaming\InstallShield
2008-08-20 09:32 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-08-20 09:29 --------- d-----w C:\Users\Käyttäjä\AppData\Roaming\GigaStaraokeDemo
2008-08-20 09:29 --------- d-----w C:\Users\Käyttäjä\AppData\Roaming\GigaStaraokeDemo
2008-08-20 09:16 --------- d-----w C:\Users\Käyttäjä\AppData\Roaming\skypePM
2008-08-20 09:16 --------- d-----w C:\Users\Käyttäjä\AppData\Roaming\skypePM
2008-08-19 15:34 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-08-18 15:48 --------- d-----w C:\Users\Käyttäjä\AppData\Roaming\TeamViewer
2008-08-18 15:48 --------- d-----w C:\Users\Käyttäjä\AppData\Roaming\TeamViewer
2008-08-17 14:27 --------- d-----w C:\Program Files\Windows Live Safety Center
2008-08-14 11:03 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-08-13 15:23 --------- d-s---w C:\Users\Käyttäjä\AppData\Roaming\Microsoft
2008-08-13 15:23 --------- d-s---w C:\Users\Käyttäjä\AppData\Roaming\Microsoft
2008-08-13 14:42 --------- d-----w C:\Users\Käyttäjä\AppData\Roaming\Google
2008-08-13 14:42 --------- d-----w C:\Users\Käyttäjä\AppData\Roaming\Google
2008-08-13 14:31 --------- d-----w C:\Program Files\Google
2008-08-13 14:29 --------- d-----w C:\Program Files\Windows Mail
2008-08-13 14:26 --------- d-----w C:\ProgramData\Microsoft Help
2008-08-10 18:22 --------- d-----w C:\Users\Käyttäjä\AppData\Roaming\DivX
2008-08-10 18:22 --------- d-----w C:\Users\Käyttäjä\AppData\Roaming\DivX
2008-08-09 18:20 --------- d-----w C:\Users\Käyttäjä\AppData\Roaming\Uniblue
2008-08-09 18:20 --------- d-----w C:\Users\Käyttäjä\AppData\Roaming\Uniblue
2008-08-06 15:36 --------- d-----w C:\ProgramData\CyberLink
2008-08-04 03:28 --------- d-----w C:\Program Files\Java
2008-08-02 19:19 --------- d-----w C:\Users\Käyttäjä\AppData\Roaming\Mozilla
2008-08-02 19:19 --------- d-----w C:\Users\Käyttäjä\AppData\Roaming\Mozilla
2008-07-25 08:36 524,288 ----a-w C:\Windows\System32\DivXsm.exe
2008-07-23 16:50 3,596,288 ----a-w C:\Windows\System32\qt-dx331.dll
2008-07-23 16:48 200,704 ----a-w C:\Windows\System32\ssldivx.dll
2008-07-23 16:48 1,044,480 ----a-w C:\Windows\System32\libdivx.dll
2008-07-23 16:46 12,288 ----a-w C:\Windows\System32\DivXWMPExtType.dll
2008-07-22 07:32 --------- d-----w C:\Program Files\Mobile Partner
2008-07-18 07:29 --------- d-----w C:\Program Files\RevConnect
2008-07-17 10:51 --------- d-----w C:\Users\Käyttäjä\AppData\Roaming\PeerNetworking
2008-07-17 10:51 --------- d-----w C:\Users\Käyttäjä\AppData\Roaming\PeerNetworking
2008-07-14 14:38 --------- d-----w C:\Program Files\McDonaldsFairies
2008-07-11 17:32 --------- d-----w C:\Program Files\IKEA HomePlanner
2008-07-11 11:43 --------- d-----w C:\Users\Käyttäjä\AppData\Roaming\Nokia
2008-07-11 11:43 --------- d-----w C:\Users\Käyttäjä\AppData\Roaming\Nokia
2008-07-11 11:42 0 ---ha-w C:\Windows\system32\drivers\Msft_User_PCCSWpdDriver_01_05_00.Wdf
2008-07-11 11:42 --------- d-----w C:\Users\Käyttäjä\AppData\Roaming\PC Suite
2008-07-11 11:42 --------- d-----w C:\Users\Käyttäjä\AppData\Roaming\PC Suite
2008-07-11 11:41 0 ---ha-w C:\Windows\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
2008-07-11 11:41 --------- d-----w C:\ProgramData\PC Suite
2008-07-11 11:25 --------- d-----w C:\Program Files\Nokia
2008-07-11 11:25 --------- d-----w C:\Program Files\DIFX
2008-07-11 11:25 --------- d-----w C:\Program Files\Common Files\PCSuite
2008-07-11 11:25 --------- d-----w C:\Program Files\Common Files\Nokia
2008-07-11 11:24 --------- d-----w C:\Program Files\PC Connectivity Solution
2008-07-11 11:21 --------- d-----w C:\ProgramData\Installations
2008-07-11 06:46 --------- d-----w C:\ProgramData\Downloaded Installations
2008-07-08 18:37 --------- d-----w C:\Users\Käyttäjä\AppData\Roaming\Media Player Classic
2008-07-08 18:37 --------- d-----w C:\Users\Käyttäjä\AppData\Roaming\Media Player Classic
2008-07-08 18:37 --------- d-----w C:\Program Files\VistaCodecPack
2008-07-08 18:35 --------- d-----w C:\ProgramData\VistaCodecs
2008-06-26 03:29 801,280 ----a-w C:\Windows\System32\NaturalLanguage6.dll
2008-06-26 01:45 2,644,480 ----a-w C:\Windows\System32\NlsLexicons0009.dll
2008-06-26 01:45 12,240,896 ----a-w C:\Windows\System32\NlsLexicons0007.dll
2008-06-12 17:36 7,680 ----a-w C:\Windows\System32\ff_vfw.dll
2008-06-12 16:25 966,656 ----a-w C:\Windows\System32\VSFilter.dll
2008-05-06 12:52 174 --sha-w C:\Program Files\desktop.ini
.

(((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2008-01-18 23:33 125952]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 12:55 5674352]
"Mobile Partner"="C:\Program Files\Mobile Partner\Mobile Partner.exe" [2007-09-04 18:54 86016]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-08-18 18:41 1832272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPStart"="C:\Program Files\Synaptics\SynTP\SynTPStart.exe" [2007-09-15 11:29 102400]
"QPService"="C:\Program Files\HP\QuickPlay\QPService.exe" [2007-10-01 05:34 181544]
"OnScreenDisplay"="C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe" [2007-09-04 23:54 554320]
"UCam_Menu"="C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2007-08-17 09:13 218408]
"hpWirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-09-13 19:47 480560]
"WAWifiMessage"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-09 02:53 311296]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 04:27 144784]
"HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-16 23:11 49152]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-08-13 18:52 1235736]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-05-27 10:50 413696]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2008-03-28 02:05 1045800]
"QlbCtrl.exe"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-05-12 15:10 202032]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-09-19 23:05 86016]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-09-19 23:05 8497696]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-09-19 23:05 81920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
"SSDPSRV"="C:\Windows\system32\ssdpsrv.exe" [2001-07-21 14:30 55568]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.l3codecp"= l3codecp.acm
"msacm.divxa32"= divxa32.acm

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{6D5471FF-DE17-4FA1-AA9D-12F8EFB527DB}"= C:\Program Files\Cyberlink\PowerDirector\PDR.EXE:CyberLink PowerDirector
"{6AECABCF-3DF9-489A-A3FA-92910C26F492}"= C:\Program Files\HP\QuickPlay\QP.exe:Quick Play
"{5D820E75-33F2-423E-A7FB-B7678D180C1F}"= C:\Program Files\HP\QuickPlay\QPService.exe:Quick Play Resident Program
"{58C289DF-2996-4463-961E-A567E08A9DEA}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
"{2BADA865-892D-4439-BD71-5E78CD398D77}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{F2B56E34-5386-44C6-98E9-B6A701BABC47}"= Disabled:UDP:C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:McAfee Network Agent
"TCP Query User{DE1A8B34-38BA-4631-8F4A-9B018A264D33}C:\\program files\\revconnect\\dcplusplus.exe"= UDP:C:\program files\revconnect\dcplusplus.exeC++
"UDP Query User{1EE491AD-1BA6-4CA2-839A-96F58F21A53B}C:\\program files\\revconnect\\dcplusplus.exe"= TCP:C:\program files\revconnect\dcplusplus.exeC++
"{F3637FB5-EC38-4711-BA7C-9E64C6F9CB93}"= UDP:1001:dc++
"{2C561B0B-7739-4C14-B230-DF3C02CE3717}"= TCP:1002:dc++
"TCP Query User{B115649C-847F-4823-AAE5-E1A44D2A889B}C:\\program files\\revconnect\\dcplusplus.exe"= UDP:C:\program files\revconnect\dcplusplus.exeC++
"UDP Query User{57929C5C-46CE-4841-B430-77741AB93A82}C:\\program files\\revconnect\\dcplusplus.exe"= TCP:C:\program files\revconnect\dcplusplus.exeC++
"{67B8139A-7038-4CD0-92F6-2AE6B5D611CC}"= UDP:1412:revconnect
"{A61EE018-3881-4FF1-969E-186D412A7041}"= TCP:1412:revconnect
"{361E80F9-D23F-4A28-8EA7-7EC634C8E3F3}"= C:\Program Files\AVG\AVG8\avgupd.exe:avgupd.exe
"{7C6F3A32-3E9B-4BC5-B99D-39DB1077D6D5}"= C:\Program Files\AVG\AVG8\avgnsx.exe:avgnsx.exe
"TCP Query User{97D48C4D-A966-4111-A1BD-38340F691C4F}C:\\program files\\internet explorer\\iexplore.exe"= UDP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{7AE67717-5617-4C09-8F5C-8A63B22B650A}C:\\program files\\internet explorer\\iexplore.exe"= TCP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"TCP Query User{8A7B220A-6216-4BB7-9202-559DFE7293FA}C:\\program files\\bitcomet\\bitcomet.exe"= UDP:C:\program files\bitcomet\bitcomet.exe:BitCometBeta - a BitTorrent Client
"UDP Query User{675751C9-2EE3-4F8D-BAEA-C06B7241581F}C:\\program files\\bitcomet\\bitcomet.exe"= TCP:C:\program files\bitcomet\bitcomet.exe:BitCometBeta - a BitTorrent Client
"TCP Query User{7DB81EEB-DA40-4389-8BF6-C10C74636DE0}C:\\program files\\icq6\\icq.exe"= UDP:C:\program files\icq6\icq.exe:ICQ Library
"UDP Query User{72A36E4D-65C6-47DE-920F-A572D3DA1FED}C:\\program files\\icq6\\icq.exe"= TCP:C:\program files\icq6\icq.exe:ICQ Library
"TCP Query User{AFFA6CC8-D89E-4731-97FE-A16DD2AE46EE}C:\\program files\\ea games\\need for speed underground 2\\speed2.exe"= UDP:C:\program files\ea games\need for speed underground 2\speed2.exe:speed2
"UDP Query User{0F549A75-CCA7-4599-8CB5-1F570BDB53FA}C:\\program files\\ea games\\need for speed underground 2\\speed2.exe"= TCP:C:\program files\ea games\need for speed underground 2\speed2.exe:speed2

R0 AvgRkx86;avgrkx86.sys;C:\Windows\system32\Drivers\avgrkx86.sys [2008-08-13 18:52]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;C:\Windows\system32\Drivers\avgldx86.sys [2008-08-13 18:52]
R2 avg8wd;AVG Free8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-08-13 18:52]
R2 avgfws8;AVG8 Firewall;C:\PROGRA~1\AVG\AVG8\avgfws8.exe [2008-08-13 18:52]
R2 QPCapSvc;QuickPlay Background Capture Service (QBCS);C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe [2007-10-01 05:34]
R2 QPSched;QuickPlay Task Scheduler (QTS);C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe [2007-10-01 05:34]
R2 TeamViewer;TeamViewer 3;C:\Program Files\TeamViewer3\TeamViewer_Service.exe [2008-08-06 09:42]
R3 AvgWfpX;AVG8 Firewall Driver x86;C:\Windows\system32\Drivers\avgwfpx.sys [2008-08-13 18:52]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service;C:\Windows\system32\drivers\CHDRT32.sys [2008-03-04 02:32]
R3 Com4QLBEx;Com4QLBEx;C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 11:33]
R3 HpqRemHid;HP Remote Control HID Device;C:\Windows\system32\DRIVERS\HpqRemHid.sys [2007-07-11 20:30]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
\shell\AutoRun\command - F:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{36546954-436e-11dd-a61c-001e68736fe9}]
\shell\AutoRun\command - F:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{433c5b06-436d-11dd-bd28-806e6f6e6963}]
\shell\AutoRun\command - E:\RunGame.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6e719d53-5adb-11dd-ae0e-001e68736fe9}]
\shell\AutoRun\command - F:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b43c7153-444f-11dd-a6c2-001e68736fe9}]
\shell\AutoRun\command - setupSNK.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b43c71d3-444f-11dd-a6c2-001e68736fe9}]
\shell\AutoRun\command - F:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f7bb3c38-57b9-11dd-9eb4-8d1eebe2a376}]
\shell\AutoRun\command - F:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f7bb3c4b-57b9-11dd-9eb4-8d1eebe2a376}]
\shell\AutoRun\command - F:\AutoRun.exe

*Newly Created Service* - CATCHME
*Newly Created Service* - PROCEXP90

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-HP Health Check Scheduler - [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Users\Käyttäjä\AppData\Roaming\Mozilla\Firefox\Profiles\b8v4r7dy.default\
FF -: plugin - C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll
FF -: plugin - C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-01 19:55:23
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

**************************************************************************
.
Completion time: 2008-09-01 19:57:31
ComboFix-quarantined-files.txt 2008-09-01 16:56:27

Pre-Run: 76,952,678,400 tavua vapaana
Post-Run: 76,940,910,592 tavua vapaana

332 --- E O F --- 2008-08-29 13:40:17

Hujo · 01.09.2008

Tarkista Kaspersky Online Skannerilla

1. Lue läpi vaatimukset ja yksityisyyssäännökset ja klikkaa Accept.
2. Skannerin ja virustietokannan lataus alkaa. Sinulta kysytään sallitko Kasperskyltä tulevan ohjelman asentamisen. Klikkaa Aja/Run.
3. Kun lataus on valmis, klikkaa Settings.
4. Varmistu, että seuraavat kohdat on valittu. Jos ne eivät ole, valitse ne ja klikkaa Save:
Spyware, Adware, Dialers, and other potentially dangerous programs
Archives
Mail databases
5. Klikkaa Oma Tietokone, My Computer Scan-kohdan alapuolelta.
6. Kun tarkistus on valmis, tulokset näytetään. Klikkaa View Scan Report.
7. Näet listan saastuneista kohteista. Klikkaa Save Report As....
8. Tallenna tiedosto työpöydällesi. Muuta Tiedostotyyppi/Files of type muotoon Tekstitiedosto/Text file(.txt) ennen kuin klikkaat Save.
9. Kopioi ja liitä tiedoston sisältö seuraavaan vastaukseesi uuden HijackThis-lokin kera

petepoika · 04.09.2008

KASPERSKY ONLINE SCANNER 7 REPORT
Thursday, September 4, 2008
Operating System: Microsoft Windows Vista Home Premium Edition, 32-bit Service Pack 1 (build 6001)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Thursday, September 04, 2008 13:02:16
Records in database: 1191242

Scan settings
Scan using the following database extended
Scan archives yes
Scan mail databases yes

Scan area My Computer
C:\
D:\
E:\
F:\
G:\

Scan statistics
Files scanned 152945
Threat name 2
Infected objects 7
Suspicious objects 0
Duration of the scan 02:28:44

File name Threat name Threats count
C:\Program Files\RealVNC\VNC4\vncconfig.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 1

C:\Program Files\RealVNC\VNC4\vncviewer.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 1

C:\Program Files\RealVNC\VNC4\winvnc4.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 1

C:\Program Files\RealVNC\VNC4\wm_hooks.dll Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 1

C:\Users\Käyttäjä\dc\ohjelmat\installer-44914-864fi-VNC-Personal-Edition.exe Infected: not-a-virus:AdWare.Win32.FakeInstaller.a 1

C:\Users\Käyttäjä\dc\ohjelmat\installer-48851-864fi-PIXresizer.exe Infected: not-a-virus:AdWare.Win32.FakeInstaller.a 1

C:\Users\Käyttäjä\Downloads\installer-44914-864fi-VNC-Personal-Edition.exe Infected: not-a-virus:AdWare.Win32.FakeInstaller.a 1

The selected area was scanned.

ja tässä sitten se hijack logi

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:25:14, on 4.9.2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\mobsync.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Mobile Partner\Mobile Partner.exe
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\conime.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fi_fi&c=81&bd=Pavilion&pf=laptop
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0"
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\RunServices: [SSDPSRV] C:\Windows\system32\ssdpsrv.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Mobile Partner] "C:\Program Files\Mobile Partner\Mobile Partner.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Verkkopalvelu')
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: V&ie Microsoft Exceliin - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll/206 (file missing)
O13 - Gopher Prefix:
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/download/scanner/fi-fi/wlscctrl2.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{737BF9C6-6D98-4216-8B0E-C751BC48F7A8}: NameServer = 193.229.0.40 193.229.0.42
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TeamViewer 3 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer3\TeamViewer_Service.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 9156 bytes

Hujo · 04.09.2008

scannaa hjt:llä merkkaa paina Fix checked

O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\RunServices: [SSDPSRV] C:\Windows\system32\ssdpsrv.exe

petepoika · 05.09.2008

nyt taitaa kyllä johtua jostain muusta tämä koneen käynnistys hitaus ja sekoilu..

Hujo · 05.09.2008

tee omet työkalut windows

järjestä uudelleen
ja levyn eheytys

petepoika · 05.09.2008

tehty, ei vaikutusta

Hujo · 05.09.2008

paljos koneessa on keskusmuistia

petepoika · 06.09.2008

2 megaa muistia

Hujo · 07.09.2008

Lataa Atribunen ATF Cleaner

Ohjeet;

Tupla-klikkaa ATF-Cleaner.exe käynnistääksesi ohjelman.Main:n alla valitse: Select All
Klikkaa Empty Selected valintaa.
Jos käytät FireFoxia selaimenasi Klikkaa Firefox yläpuolelta ja valitse: Select All
Klikkaa Empty Selected valintaa.
HUOMIO: Jos haluaisit pitää tallennetut salasanasi, klikkaa No kun se sitä kysyy.
Jos käytät Operaa selaimenasiKlikkaa Opera yläpuolelta ja valitse: Select All
Klikkaa Empty Selected valintaa taas.
HUOMIO: Jos haluaisit pitää tallennetut salasanasi, klikkaa No kun se sitä kysyy.
Klikkaa Exit päävalikosta sulkeaksesi ohjelman.
Teknistä tukea tulee jos tupla-klikkaat sähköpostiosoitetta joka sijaitsee jokaisen menun alapuolella kyseisessä työkalussa. (Huomatkaa että se tuki on sitten englanniksi)

Kirjaudu tai liity jäseneksi

kone tosi hidas, hijacj log file mukana

petepoika Member

Hujo Guest

petepoika Member

Hujo Guest

petepoika Member

Hujo Guest

petepoika Member

Hujo Guest

petepoika Member

Hujo Guest

petepoika Member

Hujo Guest

petepoika Member

Hujo Guest

Jaa tämä sivu

Kirjaudu tai liity jäseneksi

kone tosi hidas, hijacj log file mukana

petepoika Member

Hujo Guest

petepoika Member

Hujo Guest

petepoika Member

Hujo Guest

petepoika Member

Hujo Guest

petepoika Member

Hujo Guest

petepoika Member

Hujo Guest

petepoika Member

Hujo Guest

Jaa tämä sivu

Hyödyllisiä hakuja