Kone ruvennu kaatuilemaan hjt logi

Helppu · 17.02.2009

Tässä on:

ComboFix 09-02-15.01 - Eemeli 2009-02-17 14:23:46.4 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1035.18.2047.1547 [GMT 2:00]
Sijainti: c:\documents and settings\Eemeli\Työpöytä\ComboFix.exe
Käytetyt komentorivivalitsimet :: c:\documents and settings\Eemeli\Työpöytä\CFScript.txt
AV: AVG Anti-Virus Free *On-access scanning enabled* (Outdated)
* Uusi palautuspiste luotu

FILE ::
c:\windows\system32\b72TkovW.exe
c:\windows\Tasks\At51.job
.

(((((((((((((((((((((((((((((((((((((( Muut poistot ))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\Tasks\At51.job

.
((((( Tiedostot, jotka on luotu seuraavalla aikavälillä: 2009-01-17 to 2009-02-17 )))))))))))))))))
.

2009-02-12 16:43 . 2009-02-12 16:43 <KANSIO> d-------- C:\Kaspersky
2009-02-10 16:58 . 2005-11-09 00:26 38,400 --a------ c:\windows\system32\moveex.exe
2009-02-08 14:56 . 2009-02-08 14:56 <KANSIO> d-------- c:\documents and settings\Eemeli\Application Data\Apple Computer
2009-02-02 23:23 . 2009-01-15 08:19 206,793 --a------ c:\windows\system32\nvapps.nvb
2009-02-02 20:18 . 2009-02-02 20:18 <KANSIO> d-------- c:\documents and settings\All Users\Application Data\nView_Profiles
2009-02-02 20:17 . 2009-02-02 20:17 <KANSIO> d-------- c:\windows\A7E07C2B2220441587E3784D5814BC93.TMP
2009-02-02 20:16 . 2009-02-03 18:34 <KANSIO> d-------- c:\windows\nview
2009-02-02 20:16 . 2009-02-17 14:16 201,144 --a------ c:\windows\system32\nvapps.xml
2009-02-02 19:57 . 2009-02-02 20:15 <KANSIO> d-------- c:\windows\NV36041060.TMP
2009-02-02 19:36 . 2009-02-02 19:36 <KANSIO> d-------- c:\windows\system32\AGEIA
2009-02-02 19:36 . 2009-02-02 19:36 <KANSIO> d-------- c:\program files\AGEIA Technologies
2009-02-02 19:35 . 2009-02-02 19:37 <KANSIO> d-------- c:\windows\NV40724076.TMP
2009-02-02 19:34 . 2009-02-02 20:13 <KANSIO> d-------- C:\NVIDIA
2009-02-01 13:22 . 2009-02-01 13:22 <KANSIO> d-------- c:\program files\DVDVideoSoft
2009-02-01 13:22 . 2009-02-01 13:22 <KANSIO> d-------- c:\program files\Common Files\DVDVideoSoft
2009-01-18 17:42 . 2009-01-18 17:42 <KANSIO> d-------- c:\program files\Common Files\AVSMedia
2009-01-18 17:42 . 2009-01-18 17:42 <KANSIO> d-------- c:\program files\AVS4YOU
2009-01-18 17:42 . 2009-01-18 17:42 <KANSIO> d-------- c:\documents and settings\Eemeli\Application Data\AVS4YOU
2009-01-18 17:42 . 2009-01-18 17:42 <KANSIO> d-------- c:\documents and settings\All Users\Application Data\AVS4YOU
2009-01-18 17:42 . 2008-08-13 10:22 974,848 --a------ c:\windows\system32\mfc70.dll
2009-01-18 17:42 . 2008-08-13 10:22 487,424 --a------ c:\windows\system32\msvcp70.dll
2009-01-18 17:42 . 2008-08-13 10:22 24,576 --a------ c:\windows\system32\msxml3a.dll

.
(((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-17 12:16 --------- d-----w c:\documents and settings\Eemeli\Application Data\WTablet
2009-02-17 12:12 34 ----a-w c:\documents and settings\Eemeli\jagex_runescape_preferences.dat
2009-02-16 09:43 --------- d-----w c:\documents and settings\LocalService\Application Data\WTablet
2009-02-12 19:11 --------- d-----w c:\documents and settings\All Users\Application Data\TrackMania
2009-02-09 10:31 --------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-02-08 11:19 --------- d-----w c:\program files\StepMania
2009-02-04 15:14 --------- d-----w c:\program files\Peggle Nights Deluxe
2009-02-02 21:24 --------- d-----w c:\program files\Common Files\Wise Installation Wizard
2009-02-01 11:21 --------- d-----w c:\documents and settings\Eemeli\Application Data\LimeWire
2009-01-31 11:21 --------- d--h--w c:\program files\InstallShield Installation Information
2009-01-21 21:39 --------- d-----w c:\documents and settings\Eemeli\Application Data\Azureus
2009-01-14 14:11 38,496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-14 14:11 15,504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-01-13 16:12 --------- d-----w c:\program files\LimeWire
2009-01-07 09:28 453,152 ----a-w c:\windows\system32\NVUNINST.EXE
2009-01-03 12:09 --------- d-----w c:\program files\Cheat Engine
2008-12-24 10:05 410,984 ----a-w c:\windows\system32\deploytk.dll
2008-12-24 10:05 --------- d-----w c:\program files\Java
2008-12-22 19:05 --------- d-----w c:\documents and settings\Eemeli\Application Data\Skype
2008-12-22 19:04 --------- d-----w c:\documents and settings\Eemeli\Application Data\skypePM
2008-12-20 22:47 826,368 ----a-w c:\windows\system32\wininet.dll
2008-12-10 07:45 70,936 ----a-w c:\windows\system32\PhysXLoader.dll
2008-12-04 07:28 24,344 ----a-w c:\windows\system32\PhysXDevice.dll
2008-11-26 06:55 288,024 ----a-w c:\windows\system32\PhysXCplUI.exe
2008-11-25 06:38 288,024 ----a-w c:\windows\system32\PhysXCompatCplUI.exe
2008-08-23 12:35 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Sivuhistoria\History.IE5\MSHist012008082320080824\index.dat
.

((((((((((((((((((((((((((((( SnapShot_2009-02-11_20.17.24.28 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-02-11 16:02:44 315,392 ----a-w c:\windows\.jagex_cache_32\runescape\jogl.dll
+ 2009-02-17 12:11:53 315,392 ----a-w c:\windows\.jagex_cache_32\runescape\jogl.dll
- 2009-02-11 16:02:44 20,480 ----a-w c:\windows\.jagex_cache_32\runescape\jogl_awt.dll
+ 2009-02-17 12:11:53 20,480 ----a-w c:\windows\.jagex_cache_32\runescape\jogl_awt.dll
+ 2008-10-16 20:18:32 124,928 -c----w c:\windows\ie7updates\KB961260-IE7\advpack.dll
+ 2008-10-16 20:18:32 347,136 -c----w c:\windows\ie7updates\KB961260-IE7\dxtmsft.dll
+ 2008-10-16 20:18:32 214,528 -c----w c:\windows\ie7updates\KB961260-IE7\dxtrans.dll
+ 2008-10-16 20:18:32 133,120 -c----w c:\windows\ie7updates\KB961260-IE7\extmgr.dll
+ 2008-10-16 20:18:32 63,488 -c----w c:\windows\ie7updates\KB961260-IE7\icardie.dll
+ 2008-10-16 13:12:19 70,656 -c----w c:\windows\ie7updates\KB961260-IE7\ie4uinit.exe
+ 2008-10-16 20:18:33 153,088 -c----w c:\windows\ie7updates\KB961260-IE7\ieakeng.dll
+ 2008-10-16 20:18:33 230,400 -c----w c:\windows\ie7updates\KB961260-IE7\ieaksie.dll
+ 2008-10-15 07:04:53 161,792 -c----w c:\windows\ie7updates\KB961260-IE7\ieakui.dll
+ 2008-10-16 20:18:33 383,488 -c----w c:\windows\ie7updates\KB961260-IE7\ieapfltr.dll
+ 2008-10-16 20:18:33 384,512 -c----w c:\windows\ie7updates\KB961260-IE7\iedkcs32.dll
+ 2008-10-16 20:18:37 6,066,176 -c----w c:\windows\ie7updates\KB961260-IE7\ieframe.dll
+ 2008-10-16 20:18:37 44,544 -c----w c:\windows\ie7updates\KB961260-IE7\iernonce.dll
+ 2008-10-16 20:18:37 267,776 -c----w c:\windows\ie7updates\KB961260-IE7\iertutil.dll
+ 2008-10-16 13:11:09 13,824 -c----w c:\windows\ie7updates\KB961260-IE7\ieudinit.exe
+ 2008-10-15 07:06:26 633,632 -c----w c:\windows\ie7updates\KB961260-IE7\iexplore.exe
+ 2008-10-16 20:18:38 27,648 -c----w c:\windows\ie7updates\KB961260-IE7\jsproxy.dll
+ 2008-10-16 20:18:38 459,264 -c----w c:\windows\ie7updates\KB961260-IE7\msfeeds.dll
+ 2008-10-16 20:18:38 52,224 -c----w c:\windows\ie7updates\KB961260-IE7\msfeedsbs.dll
+ 2008-12-13 06:37:58 3,593,216 -c----w c:\windows\ie7updates\KB961260-IE7\mshtml.dll
+ 2008-10-16 20:18:41 477,696 -c----w c:\windows\ie7updates\KB961260-IE7\mshtmled.dll
+ 2008-10-16 20:18:41 193,024 -c----w c:\windows\ie7updates\KB961260-IE7\msrating.dll
+ 2008-10-16 20:18:42 671,232 -c----w c:\windows\ie7updates\KB961260-IE7\mstime.dll
+ 2008-10-16 20:18:42 102,912 -c----w c:\windows\ie7updates\KB961260-IE7\occache.dll
+ 2008-10-16 20:18:42 44,544 -c----w c:\windows\ie7updates\KB961260-IE7\pngfilt.dll
+ 2007-03-06 01:31:14 214,752 -c----w c:\windows\ie7updates\KB961260-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:32:23 380,640 -c----w c:\windows\ie7updates\KB961260-IE7\spuninst\updspapi.dll
+ 2008-10-16 20:18:42 105,984 -c----w c:\windows\ie7updates\KB961260-IE7\url.dll
+ 2008-10-16 20:18:43 1,160,192 -c----w c:\windows\ie7updates\KB961260-IE7\urlmon.dll
+ 2008-10-16 20:18:43 233,472 -c----w c:\windows\ie7updates\KB961260-IE7\webcheck.dll
+ 2008-10-16 20:18:43 826,368 -c----w c:\windows\ie7updates\KB961260-IE7\wininet.dll
- 2009-01-14 22:08:08 593,920 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2009-02-11 22:04:48 593,920 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\accicons.exe
- 2009-01-14 22:08:08 12,288 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2009-02-11 22:04:48 12,288 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2009-01-14 22:08:08 86,016 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\inficon.exe
+ 2009-02-11 22:04:48 86,016 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\inficon.exe
- 2009-01-14 22:08:08 135,168 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2009-02-11 22:04:48 135,168 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2009-01-14 22:08:08 11,264 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2009-02-11 22:04:49 11,264 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2009-01-14 22:08:08 27,136 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2009-02-11 22:04:49 27,136 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2009-01-14 22:08:08 4,096 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2009-02-11 22:04:49 4,096 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2009-01-14 22:08:08 794,624 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2009-02-11 22:04:49 794,624 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2009-01-14 22:08:08 249,856 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2009-02-11 22:04:48 249,856 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2009-01-14 22:08:08 61,440 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\pubs.exe
+ 2009-02-11 22:04:48 61,440 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\pubs.exe
- 2009-01-14 22:08:08 23,040 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2009-02-11 22:04:49 23,040 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2009-01-14 22:08:08 286,720 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2009-02-11 22:04:48 286,720 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2009-01-14 22:08:08 409,600 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2009-02-11 22:04:48 409,600 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\xlicons.exe
- 2008-10-16 20:18:32 124,928 ----a-w c:\windows\system32\advpack.dll
+ 2008-12-20 22:46:48 124,928 ----a-w c:\windows\system32\advpack.dll
- 2008-10-16 20:18:32 124,928 -c----w c:\windows\system32\dllcache\advpack.dll
+ 2008-12-20 22:46:48 124,928 -c----w c:\windows\system32\dllcache\advpack.dll
- 2008-10-16 20:18:32 347,136 -c----w c:\windows\system32\dllcache\dxtmsft.dll
+ 2008-12-20 22:46:48 347,136 -c----w c:\windows\system32\dllcache\dxtmsft.dll
- 2008-10-16 20:18:32 214,528 -c----w c:\windows\system32\dllcache\dxtrans.dll
+ 2008-12-20 22:46:49 214,528 -c----w c:\windows\system32\dllcache\dxtrans.dll
- 2008-10-16 20:18:32 133,120 -c----w c:\windows\system32\dllcache\extmgr.dll
+ 2008-12-20 22:46:49 133,120 -c----w c:\windows\system32\dllcache\extmgr.dll
- 2008-10-16 20:18:32 63,488 -c----w c:\windows\system32\dllcache\icardie.dll
+ 2008-12-20 22:46:49 63,488 -c----w c:\windows\system32\dllcache\icardie.dll
- 2008-10-16 13:12:19 70,656 -c----w c:\windows\system32\dllcache\ie4uinit.exe
+ 2008-12-19 09:11:12 70,656 -c----w c:\windows\system32\dllcache\ie4uinit.exe
- 2008-10-16 20:18:33 153,088 -c----w c:\windows\system32\dllcache\ieakeng.dll
+ 2008-12-20 22:46:49 153,088 -c----w c:\windows\system32\dllcache\ieakeng.dll
- 2008-10-16 20:18:33 230,400 -c----w c:\windows\system32\dllcache\ieaksie.dll
+ 2008-12-20 22:46:50 230,400 -c----w c:\windows\system32\dllcache\ieaksie.dll
- 2008-10-15 07:04:53 161,792 -c----w c:\windows\system32\dllcache\ieakui.dll
+ 2008-12-19 05:23:56 161,792 -c----w c:\windows\system32\dllcache\ieakui.dll
- 2008-10-16 20:18:33 383,488 -c----w c:\windows\system32\dllcache\ieapfltr.dll
+ 2008-12-20 22:46:50 383,488 -c----w c:\windows\system32\dllcache\ieapfltr.dll
- 2008-10-16 20:18:33 384,512 -c----w c:\windows\system32\dllcache\iedkcs32.dll
+ 2008-12-20 22:46:51 384,512 -c----w c:\windows\system32\dllcache\iedkcs32.dll
- 2008-10-16 20:18:37 6,066,176 -c----w c:\windows\system32\dllcache\ieframe.dll
+ 2008-12-20 22:46:55 6,066,688 -c----w c:\windows\system32\dllcache\ieframe.dll
- 2008-10-16 20:18:37 44,544 -c----w c:\windows\system32\dllcache\iernonce.dll
+ 2008-12-20 22:46:55 44,544 -c----w c:\windows\system32\dllcache\iernonce.dll
- 2008-10-16 20:18:37 267,776 -c----w c:\windows\system32\dllcache\iertutil.dll
+ 2008-12-20 22:46:55 267,776 -c----w c:\windows\system32\dllcache\iertutil.dll
- 2008-10-16 13:11:09 13,824 -c----w c:\windows\system32\dllcache\ieudinit.exe
+ 2008-12-19 09:10:15 13,824 -c----w c:\windows\system32\dllcache\ieudinit.exe
- 2008-10-15 07:06:26 633,632 -c----w c:\windows\system32\dllcache\iexplore.exe
+ 2008-12-19 05:25:25 634,024 -c----w c:\windows\system32\dllcache\iexplore.exe
- 2008-10-16 20:18:38 27,648 -c----w c:\windows\system32\dllcache\jsproxy.dll
+ 2008-12-20 22:46:56 27,648 -c----w c:\windows\system32\dllcache\jsproxy.dll
- 2008-10-16 20:18:38 459,264 -c----w c:\windows\system32\dllcache\msfeeds.dll
+ 2008-12-20 22:46:57 459,264 -c----w c:\windows\system32\dllcache\msfeeds.dll
- 2008-10-16 20:18:38 52,224 -c----w c:\windows\system32\dllcache\msfeedsbs.dll
+ 2008-12-20 22:46:57 52,224 -c----w c:\windows\system32\dllcache\msfeedsbs.dll
- 2008-12-13 06:37:58 3,593,216 -c----w c:\windows\system32\dllcache\mshtml.dll
+ 2009-01-16 19:16:14 3,594,752 -c----w c:\windows\system32\dllcache\mshtml.dll
- 2008-10-16 20:18:41 477,696 -c----w c:\windows\system32\dllcache\mshtmled.dll
+ 2008-12-20 22:47:02 477,696 -c----w c:\windows\system32\dllcache\mshtmled.dll
- 2008-10-16 20:18:41 193,024 -c----w c:\windows\system32\dllcache\msrating.dll
+ 2008-12-20 22:47:02 193,024 -c----w c:\windows\system32\dllcache\msrating.dll
- 2008-10-16 20:18:42 671,232 -c----w c:\windows\system32\dllcache\mstime.dll
+ 2008-12-20 22:47:03 671,232 -c----w c:\windows\system32\dllcache\mstime.dll
- 2008-10-16 20:18:42 102,912 -c----w c:\windows\system32\dllcache\occache.dll
+ 2008-12-20 22:47:03 102,912 -c----w c:\windows\system32\dllcache\occache.dll
- 2008-10-16 20:18:42 44,544 -c----w c:\windows\system32\dllcache\pngfilt.dll
+ 2008-12-20 22:47:03 44,544 -c----w c:\windows\system32\dllcache\pngfilt.dll
- 2008-10-16 20:18:42 105,984 -c----w c:\windows\system32\dllcache\url.dll
+ 2008-12-20 22:47:03 105,984 -c----w c:\windows\system32\dllcache\url.dll
- 2008-10-16 20:18:43 1,160,192 -c----w c:\windows\system32\dllcache\urlmon.dll
+ 2008-12-20 22:47:04 1,160,192 -c----w c:\windows\system32\dllcache\urlmon.dll
- 2008-10-16 20:18:43 233,472 -c----w c:\windows\system32\dllcache\webcheck.dll
+ 2008-12-20 22:47:05 233,472 -c----w c:\windows\system32\dllcache\webcheck.dll
- 2008-10-16 20:18:43 826,368 -c----w c:\windows\system32\dllcache\wininet.dll
+ 2008-12-20 22:47:05 826,368 -c----w c:\windows\system32\dllcache\wininet.dll
- 2008-10-16 20:18:32 347,136 ----a-w c:\windows\system32\dxtmsft.dll
+ 2008-12-20 22:46:48 347,136 ----a-w c:\windows\system32\dxtmsft.dll
- 2008-10-16 20:18:32 214,528 ----a-w c:\windows\system32\dxtrans.dll
+ 2008-12-20 22:46:49 214,528 ----a-w c:\windows\system32\dxtrans.dll
- 2008-10-16 20:18:32 133,120 ------w c:\windows\system32\extmgr.dll
+ 2008-12-20 22:46:49 133,120 ------w c:\windows\system32\extmgr.dll
- 2008-10-16 20:18:32 63,488 ----a-w c:\windows\system32\icardie.dll
+ 2008-12-20 22:46:49 63,488 ----a-w c:\windows\system32\icardie.dll
- 2008-10-16 13:12:19 70,656 ------w c:\windows\system32\ie4uinit.exe
+ 2008-12-19 09:11:12 70,656 ------w c:\windows\system32\ie4uinit.exe
- 2008-10-16 20:18:33 153,088 ------w c:\windows\system32\ieakeng.dll
+ 2008-12-20 22:46:49 153,088 ------w c:\windows\system32\ieakeng.dll
- 2008-10-16 20:18:33 230,400 ------w c:\windows\system32\ieaksie.dll
+ 2008-12-20 22:46:50 230,400 ------w c:\windows\system32\ieaksie.dll
- 2008-10-15 07:04:53 161,792 ------w c:\windows\system32\ieakui.dll
+ 2008-12-19 05:23:56 161,792 ------w c:\windows\system32\ieakui.dll
- 2008-10-16 20:18:33 383,488 ----a-w c:\windows\system32\ieapfltr.dll
+ 2008-12-20 22:46:50 383,488 ----a-w c:\windows\system32\ieapfltr.dll
- 2008-10-16 20:18:33 384,512 ------w c:\windows\system32\iedkcs32.dll
+ 2008-12-20 22:46:51 384,512 ------w c:\windows\system32\iedkcs32.dll
- 2008-10-16 20:18:37 6,066,176 ----a-w c:\windows\system32\ieframe.dll
+ 2008-12-20 22:46:55 6,066,688 ----a-w c:\windows\system32\ieframe.dll
- 2008-10-16 20:18:37 44,544 ------w c:\windows\system32\iernonce.dll
+ 2008-12-20 22:46:55 44,544 ------w c:\windows\system32\iernonce.dll
- 2008-10-16 20:18:37 267,776 ----a-w c:\windows\system32\iertutil.dll
+ 2008-12-20 22:46:55 267,776 ----a-w c:\windows\system32\iertutil.dll
- 2008-10-16 13:11:09 13,824 ----a-w c:\windows\system32\ieudinit.exe
+ 2008-12-19 09:10:15 13,824 ----a-w c:\windows\system32\ieudinit.exe
- 2008-10-16 20:18:38 27,648 ------w c:\windows\system32\jsproxy.dll
+ 2008-12-20 22:46:56 27,648 ------w c:\windows\system32\jsproxy.dll
- 2008-10-16 20:18:38 459,264 ----a-w c:\windows\system32\msfeeds.dll
+ 2008-12-20 22:46:57 459,264 ----a-w c:\windows\system32\msfeeds.dll
- 2008-10-16 20:18:38 52,224 ----a-w c:\windows\system32\msfeedsbs.dll
+ 2008-12-20 22:46:57 52,224 ----a-w c:\windows\system32\msfeedsbs.dll
- 2008-12-13 06:37:58 3,593,216 ----a-w c:\windows\system32\mshtml.dll
+ 2009-01-16 19:16:14 3,594,752 ----a-w c:\windows\system32\mshtml.dll
- 2008-10-16 20:18:41 477,696 ----a-w c:\windows\system32\mshtmled.dll
+ 2008-12-20 22:47:02 477,696 ----a-w c:\windows\system32\mshtmled.dll
- 2008-10-16 20:18:41 193,024 ------w c:\windows\system32\msrating.dll
+ 2008-12-20 22:47:02 193,024 ------w c:\windows\system32\msrating.dll
- 2008-10-16 20:18:42 671,232 ------w c:\windows\system32\mstime.dll
+ 2008-12-20 22:47:03 671,232 ------w c:\windows\system32\mstime.dll
- 2008-10-16 20:18:42 102,912 ------w c:\windows\system32\occache.dll
+ 2008-12-20 22:47:03 102,912 ------w c:\windows\system32\occache.dll
- 2008-11-12 19:18:40 67,696 ----a-w c:\windows\system32\perfc009.dat
+ 2009-02-17 10:38:23 67,696 ----a-w c:\windows\system32\perfc009.dat
- 2008-11-12 19:18:40 80,806 ----a-w c:\windows\system32\perfc00B.dat
+ 2009-02-17 10:38:23 80,806 ----a-w c:\windows\system32\perfc00B.dat
- 2008-11-12 19:18:40 432,992 ----a-w c:\windows\system32\perfh009.dat
+ 2009-02-17 10:38:23 432,992 ----a-w c:\windows\system32\perfh009.dat
- 2008-11-12 19:18:40 407,306 ----a-w c:\windows\system32\perfh00B.dat
+ 2009-02-17 10:38:24 407,306 ----a-w c:\windows\system32\perfh00B.dat
- 2008-10-16 20:18:42 44,544 ----a-w c:\windows\system32\pngfilt.dll
+ 2008-12-20 22:47:03 44,544 ----a-w c:\windows\system32\pngfilt.dll
- 2007-11-30 12:39:27 17,272 ------w c:\windows\system32\spmsg.dll
+ 2008-07-09 07:39:49 17,272 ------w c:\windows\system32\spmsg.dll
- 2008-10-16 20:18:42 105,984 ----a-w c:\windows\system32\url.dll
+ 2008-12-20 22:47:03 105,984 ----a-w c:\windows\system32\url.dll
- 2008-10-16 20:18:43 1,160,192 ----a-w c:\windows\system32\urlmon.dll
+ 2008-12-20 22:47:04 1,160,192 ----a-w c:\windows\system32\urlmon.dll
- 2008-10-16 20:18:43 233,472 ----a-w c:\windows\system32\webcheck.dll
+ 2008-12-20 22:47:05 233,472 ----a-w c:\windows\system32\webcheck.dll
+ 2009-02-17 12:16:34 16,384 ----atw c:\windows\TEMP\Perflib_Perfdata_5e0.dat
.
-- Snapshot nollattu tähän hetkeen --
.
(((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-09-15 15360]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"Steam"="c:\program files\valve\steam\steam.exe" [2008-10-08 1410296]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-04-01 486856]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-10-13 1694208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2008-01-16 37376]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2008-07-07 1232152]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-07-10 116040]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-01-15 13680640]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-09-15 c:\windows\system32\bthprops.cpl]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-09-15 15360]

c:\documents and settings\Eemeli\K„ynnist„-valikko\Ohjelmat\K„ynnistys\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 113664]

c:\documents and settings\All Users\K„ynnist„-valikko\Ohjelmat\K„ynnistys\
BlueSoleil.lnk - c:\program files\IVT Corporation\BlueSoleil\BlueSoleil.exe [2008-04-23 1044480]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--------- 2004-10-13 18:24 1694208 c:\program files\Messenger\msmsgs.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Valve\\Steam\\SteamApps\\raqoo\\team fortress 2\\hl2.exe"=
"c:\\Program Files\\TmNationsForever\\TmForever.exe"=
"c:\\Program Files\\Valve\\Steam\\SteamApps\\jupi73\\zombie panic! source\\hl2.exe"=

R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-06-15 96520]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2008-06-15 231192]
R2 TabletServiceWacom;TabletServiceWacom;c:\windows\system32\Wacom_Tablet.exe [2008-11-15 2749224]
R3 bbcap;bbcap;c:\windows\system32\drivers\bbcap.sys [2008-09-27 4096]
R3 c65013264;C-Media CM6501 Like Sound UDAX Interface;c:\windows\system32\drivers\c6501.sys [2008-03-14 1310720]
S3 V0090VID;Creative WebCam Vista Plus;c:\windows\system32\drivers\V0090Vid.sys [2008-07-27 138112]
S3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\drivers\wacmoumonitor.sys [2008-11-15 15656]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0ea10d8e-5f12-11dd-9516-001966572726}]
\Shell\AutoRun\command - H:\EasySuite.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0ea10d8f-5f12-11dd-9516-001966572726}]
\Shell\AutoRun\command - H:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b860725e-f1fa-11dc-a82f-806d6172696f}]
\Shell\AutoRun\command - e:\bin\assetup.exe
.
.
------- Täydentävä tarkistus -------
.
uStart Page = hxxp://www.google.fi/
mStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
IE: Vie Microsoft E&xceliin - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Eemeli\Application Data\Mozilla\Firefox\Profiles\j7jf3joj.default\
FF - prefs.js: browser.search.selectedEngine - Zybez Item Database
FF - prefs.js: browser.startup.homepage - hxxp://www.blackle.com/
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-17 14:24:58
Windows 5.1.2600 Service Pack 2 NTFS

tarkistaa piilotettuja prosesseja ...

tarkistaa piilotettuja käynnistysarvoja ...

tarkistaa piilotettuja tiedostoja ...

tarkistus on valmis
piilotetut tiedostot: 0

**************************************************************************
.
--------------------- LUKITUT REKISTERIAVAIMET ---------------------

[HKEY_USERS\S-1-5-21-682003330-746137067-839522115-1003\Software\Sony Creative Software\M*e*d*i*a* *M*a*n*a*g*e*r* *f*o*r* *P*S*P*"!\3.0]
"FRT"="V4PAPBqwS75qkh8rqofRAA5cBW+ntWAdVl7vD7obsfSu+HDZuhIo3w=="
"PLCK"="hpuAVHqKsGJ/5mNT7UgwU9JMMwVU+bb8"
"Percents"="0 0.0958 0.2056 0.4338 0.8155 0.8831 0.8873 "
"Increment"=".005988"
"PHSH"=""

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\�•€|ÿÿÿÿ"•€|þ»Ów*]
"b049C053C7D38EE4AB9A00CB3B5D2472"="C?\\Program Files\\Common Files\\Microsoft Shared\\Web Folders\\PUBPLACE.HTT"
.
Valmistumisajankohta: 2009-02-17 14:25:51
ComboFix-quarantined-files.txt 2009-02-17 12:25:49
ComboFix2.txt 2009-02-11 18:17:56
ComboFix3.txt 2009-02-10 20:36:54

Ennen ajoa: 27,775,967,232 tavua vapaana
Ajon jälkeen: 27,768,348,672 tavua vapaana

344 --- E O F --- 2009-02-11 22:04:50

AfterDawn

Hujo · 17.02.2009

scannaa uusi hjt:n loki

Mikäs on koneen toiminta

Helppu · 18.02.2009

Kone ei oo enää kaatuillu, tässä hjt log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:11:21, on 18.2.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Wacom_Tablet.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\program files\valve\steam\steam.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\WTablet\Wacom_TabletUser.exe
C:\WINDOWS\system32\Wacom_Tablet.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BlueSoleil.lnk = ?
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1205517942521
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Bonjour-palvelu (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TabletServiceWacom - Wacom Technology, Corp. - C:\WINDOWS\system32\Wacom_Tablet.exe

--
End of file - 6899 bytes

Hujo · 18.02.2009

Hjt:n loki ok

===========

Kirjoita suorita luukkuun

ComboFix /u

Klikkaa OK

==========

Lataa OTMoveIt
OTMoveIt ja tallenna se työpöydällesi.

Tuplaklikkaa OTMoveIt.exe.
Klikkaa CleanUp!.
Valitse Yes kun kysytään "Begin cleanup Process?".
Jos pyydetään, että saako koneen käynnistää uudeelleen, valitse Yes.OTMoveIt poistaa itsensä kun se on valmis, jos näin ei käy poista se itse.

HUOM: Jos palomuurisi tai joku muu tietoturvaohjelma varoittaa, että OTMoveIt yrittää päästä nettin, niin anna sen päästä sinne.

Helppu · 18.02.2009

Ok, näin toimin, olikos se tässä?

Hujo · 18.02.2009

No ei rassata enenpää tällä kertaa

Helppu · 18.02.2009

Okei, kiitos tosi paljo avusta, jatkoja sulle.

Helppu · 19.02.2009

Apua, kone kaatui taas kerran, mutta, näitten tarkistusten ja säätöjen ajan en ole pelannut RuneScapea (sellaista selainpohjaista peliä joka käyttää Javaa) ja nämä sekoilut ovat tulleet vain kun olen pelannut RuneScapea, laitan tähän nyt uuden hjt login, jos siinä ei ole vikaa niin varmaankin sitten jossakin muussa.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 0:19:51, on 19.2.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\program files\valve\steam\steam.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Wacom_Tablet.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\WTablet\Wacom_TabletUser.exe
C:\WINDOWS\system32\Wacom_Tablet.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BlueSoleil.lnk = ?
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1205517942521
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Bonjour-palvelu (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TabletServiceWacom - Wacom Technology, Corp. - C:\WINDOWS\system32\Wacom_Tablet.exe

--
End of file - 6828 bytes

Hujo · 19.02.2009

Paljos koneessa on keskusmuistia
mitkäs on koneen lämmöt
mikä lainen prossu koneessa on

Helppu · 19.02.2009

Muistia on 2GB työnnetty sisään, mulla ei oo minkäänlaista lämmönmittaus ohjelmaa koneessa, mut täysin viileetä ilmaa puhaltaa tuolta takaa, jos se merkitsee mitään, prosessori on AMD Athlon 64 X2 6400+ 3.2Ghz.

Hujo · 19.02.2009

Mikäs on koneen toiminta

EVEREST Home Edition 2.20

Katos tolla ne lämmöt

Helppu · 19.02.2009

Koneen toiminta täysin normaali paitsi jos pelaan RuneScapea, Oblivionit, team fortressit, kaikki pelaa ilman cräshejä ja nettiä voi selata mutta jos pelaa RuneScapea jossain vaiheessa kone cräshhää. Kone ei myöskään ole ollut yhtään sen hitaampi kuin yleensä.

Hujo · 19.02.2009

laitoin tuohon ylös sen lämpöjen sekkaus kalun.

Helppu · 19.02.2009

Ai kappas, en huomannukkaa, tässä:

Lämpötilat:
Emolevy 39 °C (102 °F)
Suoritin 46 °C (115 °F)
Aux 45 °C (113 °F)
Näytönohjain 54 °C (129 °F)
Näytönohjaimen olosuhteet 44 °C (111 °F)
Seagate ST3500320AS 33 °C (91 °F)

Hujo · 19.02.2009

eipä oo pahoja

Helppu · 19.02.2009

Onko sulla ideoita miksi kaatuilee vai hankinko apua jostain muualta?

Hujo · 19.02.2009

käys tuolla pc rauta puolella

taitaa olla se rauta vika

Helppu · 19.02.2009

Okkei, kiitos opastuksesta ja ajastasi.

Kirjaudu tai liity jäseneksi

Kone ruvennu kaatuilemaan hjt logi

Helppu Member

Hujo Guest

Helppu Member

Hujo Guest

Helppu Member

Hujo Guest

Helppu Member

Helppu Member

Hujo Guest

Helppu Member

Hujo Guest

Helppu Member

Hujo Guest

Helppu Member

Hujo Guest

Helppu Member

Hujo Guest

Helppu Member

Jaa tämä sivu

Kirjaudu tai liity jäseneksi

Kone ruvennu kaatuilemaan hjt logi

Helppu Member

Hujo Guest

Helppu Member

Hujo Guest

Helppu Member

Hujo Guest

Helppu Member

Helppu Member

Hujo Guest

Helppu Member

Hujo Guest

Helppu Member

Hujo Guest

Helppu Member

Hujo Guest

Helppu Member

Hujo Guest

Helppu Member

Jaa tämä sivu

Hyödyllisiä hakuja