Pojan koneessa ainakin 14 virusta (Ewidolla)

On eli lataa

http://download.bleepingcomputer.com/sUBs/Kaspersky_parser.exe

Tallenna tuo esim. työpöydälle. Sitten avaa se oma kasperskyn raporttisi
Paina sitten ( CTRL+A -> CTRL + C ). Eli valitse kaikki ja kopioi. Sitten kaksoisnäpäytä tuota lataamasi ohjelmaa ja sen pitäisi tuottaa sinulle tiivistetty raportti. Ota sieltä vain kohta "Infected" ja lähetä
ne tänne.

 

Tässä: (lisäksi oli jonkun verran lukittuja tiedostoja...)
===== Infected Objects =====

C:\WINDOWS\system32\pskill.exe
C:\winnt\system32\dllcache\mirc32.exe
C:\winnt\system32\dllcache\PSKILL.EXE
C:\winnt\system32\dllcache\socksx.exe
C:\winnt\system32\dllcache\whore.tad
D:\Documents and Settings\aston\Local Settings\Temporary Internet Files\Content.IE5\2FAVSB8L\toto[1].0xe
D:\Documents and Settings\aston\Local Settings\Temporary Internet Files\Content.IE5\2JUHOTU1\scan2[1].0xe
D:\Documents and Settings\aston\Local Settings\Temporary Internet Files\Content.IE5\4D498FSD\Ecidma[1].0xe

 

Lataa Killbox Option^Explicitiltä.

Huomaa: Jos sinulla on jo Killbox, tämä on uusi versio joka sinun tulee asentaa. Poista aikaisempi.

[*]Tallenna työpöydällesi.
[*] Tupla-klikkaa Killbox.exe ajaaksesi ohjelman.
[*] Valitse: [*]Delete on Reboot[*] sitten klikkaa All Files valintaa.
[*]Kopioi ja liitä alapuolella olevat tiedostopolut leikepöydälle mustaamalla KAIKKI ne ja painamalla CTRL + C (tai, mustaamisen jälkeen, oikea klikki hiirellä ja valitse kopioi):

C:\winnt\system32\dllcache\socksx.exe
C:\winnt\system32\dllcache\whore.tad
D:\Documents and Settings\aston\Local Settings\Temporary Internet Files\Content.IE5\2FAVSB8L\toto[1].0xe
D:\Documents and Settings\aston\Local Settings\Temporary Internet Files\Content.IE5\2JUHOTU1\scan2[1].0xe
D:\Documents and Settings\aston\Local Settings\Temporary Internet Files\Content.IE5\4D498FSD\Ecidma[1].0xe


[*] Palaa Killboxiin, mene File valikkoon, ja valitse Paste from Clipboard.

[*]Klikkaa puna-valkoista Delete File valintaa. Klikkaa Yes "Delete on Reboot" pyyntöön. Klikkaa OK mihin vain PendingFileRenameOperations pyyntöön (ja anna fixaajan tietää jos jokin tälläinen tulee!).
Käynnistä koneesi itse jos se ei sitä automaattisesti tee

Jos saat tälläisen viestin: "Component 'MsComCtl.ocx' or one of its dependencies not correctly registered: a file is missing or invalid." Kun yrität ajaa KillBoxia, klikkaa tätä ladataksesi ja ajaaksesi Missingfilessetup.exe;n. Sitten koita KillBoxia uudestaan.

==========

Lataa WinPFind3 http://download.bleepingcomputer.com/oldtimer/winpfind3u.exe työpöydällesi ja tuplaklikkaa exeä purkaaksesi sen. Kansio nimeltä WinPFind3u luodaan työpöydällesi.


* Avaa WinPFind3u-kansio ja tuplaklikkaa WinPFind3U.exe käynnistääksesi ohjelman.

o Files Created Within-kohdassa klikkaa30 days
o Files Modified Within-kohdassa klikkaa30 days
o File String Search -kohdassa klikkaaNon-Microsoft

* Nyt klikkaa Run Scan-nappulaa työkalupalkissa.
* Kun skanni on valmis, raportti avautuu muistioon.
* Klikkaa Muotoile ja varmistu ettei automaattinen rivitys ole valittuna. Jos on, ota valinta pois.


Lähetä loki seuraavassa vastauksessasi. Voit tarvita siihen useita vastauksia, ettei se jää vaillinaiseksi.

 

KillBox ajon jälkeen ja koneen uudelleen käynnistyksen jälkeen tuli joku virheilmoitus, mut pääsin jatkamaan... osa1

WinPFind3 logfile created on: 13.8.2007 0:03:31
WinPFind3U by OldTimer - Version 1.0.39 Folder = D:\Documents and Settings\Koti\Työpöytä\WinPFind3u\
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600)
Internet Explorer (Version = 7.0.5730.11)

1023,36 Mb Total Physical Memory | 520,97 Mb Available Physical Memory | 50,91% Memory free
2,40 Gb Paging File | 1,97 Gb Available in Paging File | 81,97% Paging File free
Paging file location(s): C:\pagefile.sys 0 0;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 29,99 Gb Total Space | 1,47 Gb Free Space | 4,90% Space Free
Drive D: | 111,24 Gb Total Space | 1,50 Gb Free Space | 1,34% Space Free
E: Drive not present or media not loaded
Drive F: | 232,83 Gb Total Space | 48,49 Gb Free Space | 20,83% Space Free

Computer Name: 100518260306
Current User Name: Koti
Logged in as Administrator.
Current Boot Mode: Normal


[Processes - Non-Microsoft Only]
ashmaisv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashMaiSv.exe -> ALWIL Software [Ver = 4, 7, 936, 0 | Size = 255616 bytes | Modified Date = 15.1.2007 20:28:32 | Attr = ]
ashserv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashServ.exe -> [Ver = 4, 7, 936, 0 | Size = 132736 bytes | Modified Date = 15.1.2007 20:28:52 | Attr = ]
ashwebsv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashWebSv.exe -> ALWIL Software [Ver = 4, 7, 936, 0 | Size = 370304 bytes | Modified Date = 15.1.2007 20:27:52 | Attr = ]
aswupdsv.exe -> %ProgramFiles%\Alwil Software\Avast4\aswUpdSv.exe -> [Ver = | Size = 59008 bytes | Modified Date = 15.1.2007 20:18:24 | Attr = ]
ati2evxx.exe -> %System32%\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4118 | Size = 380928 bytes | Modified Date = 3.8.2005 23:02:58 | Attr = ]
ati2evxx.exe -> %System32%\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4118 | Size = 380928 bytes | Modified Date = 3.8.2005 23:02:58 | Attr = ]
atiptaxx.exe -> %SystemDrive%\ATI Technologies\ATI Control Panel\atiptaxx.exe -> ATI Technologies, Inc. [Ver = 6.14.10.5160 | Size = 344064 bytes | Modified Date = 5.8.2005 21:05:00 | Attr = ]
cameraassistant.exe -> %ProgramFiles%\Logitech\Video\CameraAssistant.exe -> Logitech Inc. [Ver = 9.5.0.1099 | Size = 489472 bytes | Modified Date = 7.12.2005 10:26:30 | Attr = ]
clcapsvc.exe -> %SystemDrive%\APPS\Powercinema\Kernel\TV\CLCapSvc.exe -> [Ver = 4.00.1710 | Size = 221266 bytes | Modified Date = 11.5.2005 13:50:14 | Attr = ]
clmlserver.exe -> %ProgramFiles%\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe -> Cyberlink [Ver = 1, 1, 0, 1619 | Size = 61440 bytes | Modified Date = 11.5.2005 13:52:00 | Attr = ]
clmlservice.exe -> %ProgramFiles%\CyberLink\Shared Files\CLML_NTService\CLMLService.exe -> Cyberlink [Ver = 1, 1, 0, 1619 | Size = 737381 bytes | Modified Date = 11.5.2005 13:52:04 | Attr = ]
clsched.exe -> %SystemDrive%\APPS\Powercinema\Kernel\TV\CLSched.exe -> [Ver = 4.00.1710 | Size = 110672 bytes | Modified Date = 11.5.2005 13:50:34 | Attr = ]
cmdagent.exe -> D:\Comodo\Firewall\cmdagent.exe -> COMODO [Ver = 2.4.0.20 | Size = 361040 bytes | Modified Date = 11.8.2007 17:26:24 | Attr = ]
cpf.exe -> D:\Comodo\Firewall\cpf.exe -> COMODO [Ver = 2.4.0.58 | Size = 1115728 bytes | Modified Date = 11.8.2007 17:26:24 | Attr = ]
firefox.exe -> %ProgramFiles%\Mozilla Firefox\firefox.exe -> Mozilla Corporation [Ver = 1.8.1.6: 2007072518 | Size = 7644520 bytes | Modified Date = 26.7.2007 23:00:38 | Attr = ]
jusched.exe -> %ProgramFiles%\Java\jre1.6.0_02\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 132496 bytes | Modified Date = 12.7.2007 4:00:36 | Attr = ]
lexbces.exe -> %System32%\LEXBCES.EXE -> Lexmark International, Inc. [Ver = 8.29 | Size = 303104 bytes | Modified Date = 18.8.2003 11:37:10 | Attr = ]
lexpps.exe -> %System32%\LEXPPS.EXE -> Lexmark International, Inc. [Ver = 8.29 | Size = 174592 bytes | Modified Date = 18.8.2003 11:32:56 | Attr = ]
lvcomsx.exe -> %System32%\LVCOMSX.EXE -> Logitech Inc. [Ver = 9.5.0.1098 | Size = 225280 bytes | Modified Date = 9.12.2005 15:32:18 | Attr = ]
lvprcsrv.exe -> %CommonProgramFiles%\Logitech\LVMVFM\LVPrcSrv.exe -> Logitech Inc. [Ver = 9.5.0.1098 | Size = 81920 bytes | Modified Date = 9.12.2005 15:37:42 | Attr = ]
ma_cmidi_inst.exe -> %ProgramFiles%\M-Audio\M-Audio Series II MIDI\MA_CMIDI_Inst.exe -> [Ver = 1.0.0.15 | Size = 94208 bytes | Modified Date = 8.1.2007 16:08:10 | Attr = ]
mdnsresponder.exe -> %ProgramFiles%\Bonjour\mDNSResponder.exe -> Apple Computer, Inc. [Ver = 1,0,3,1 | Size = 229376 bytes | Modified Date = 28.2.2006 12:42:38 | Attr = ]
objectdock.exe -> D:\Windows skinit\PC Into Mac ohjelmat\ObjectDock Plus_1.5 build 528u+Crack\ObjectDock\ObjectDock.exe -> Stardock [Ver = v1.50.528u | Size = 2860792 bytes | Modified Date = 14.11.2006 20:19:08 | Attr = ]
realsched.exe -> %CommonProgramFiles%\Real\Update_OB\realsched.exe -> RealNetworks, Inc. [Ver = 0.1.0.3275 | Size = 180269 bytes | Modified Date = 21.10.2005 11:25:08 | Attr = ]
sdmcp.exe -> %CommonProgramFiles%\Stardock\sdmcp.exe -> Stardock [Ver = 0, 0, 5, 11 | Size = 241664 bytes | Modified Date = 10.5.2005 14:31:22 | Attr = ]
soundman.exe -> %SystemRoot%\soundman.exe -> Realtek Semiconductor Corp. [Ver = 5, 1, 0, 58 | Size = 577536 bytes | Modified Date = 17.11.2006 6:42:52 | Attr = ]
trayserver.exe -> %CommonProgramFiles%\Stardock\TrayServer.exe -> Stardock [Ver = v1.55 | Size = 81920 bytes | Modified Date = 14.2.2003 4:57:04 | Attr = ]
ultramon.exe -> D:\Windows skinit\PC Into Mac ohjelmat\Ultramon\UltraMon.exe -> Realtime Soft [Ver = 2.7.1.0 | Size = 304640 bytes | Modified Date = 12.10.2006 22:27:20 | Attr = ]
ultramontaskbar.exe -> D:\Windows skinit\PC Into Mac ohjelmat\Ultramon\UltraMonTaskbar.exe -> Realtime Soft [Ver = 2.7.1.0 | Size = 257536 bytes | Modified Date = 12.10.2006 22:27:40 | Attr = ]
winpfind3u.exe -> %UserDesktop%\WinPFind3u\WinPFind3U.exe -> OldTimer Tools [Ver = 1.0.38.0 | Size = 322048 bytes | Modified Date = 23.6.2007 15:15:54 | Attr = ]

 

KillBox ajon jälkeen ja koneen uudelleen käynnistyksen jälkeen tuli joku virheilmoitus, mut pääsin jatkamaan...

No eipä tuo teksti tahdo taas lähteä palstalle... Yritän huomenna uudestaan jotain lähettää...

 

KillBox ajon jälkeen ja koneen uudelleen käynnitstyksen jälkeen tuli joku virheilmoitus, mut pääsin jatkamaan...

WinPFind3 logfile created on: 13.8.2007 0:03:31
WinPFind3U by OldTimer - Version 1.0.39 Folder = D:\Documents and Settings\Koti\Työpöytä\WinPFind3u\
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600)
Internet Explorer (Version = 7.0.5730.11)

1023,36 Mb Total Physical Memory | 520,97 Mb Available Physical Memory | 50,91% Memory free
2,40 Gb Paging File | 1,97 Gb Available in Paging File | 81,97% Paging File free
Paging file location(s): C:\pagefile.sys 0 0;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 29,99 Gb Total Space | 1,47 Gb Free Space | 4,90% Space Free
Drive D: | 111,24 Gb Total Space | 1,50 Gb Free Space | 1,34% Space Free
E: Drive not present or media not loaded
Drive F: | 232,83 Gb Total Space | 48,49 Gb Free Space | 20,83% Space Free

Computer Name: 100518260306
Current User Name: Koti
Logged in as Administrator.
Current Boot Mode: Normal


[Processes - Non-Microsoft Only]
ashmaisv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashMaiSv.exe -> ALWIL Software [Ver = 4, 7, 936, 0 | Size = 255616 bytes | Modified Date = 15.1.2007 20:28:32 | Attr = ]
ashserv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashServ.exe -> [Ver = 4, 7, 936, 0 | Size = 132736 bytes | Modified Date = 15.1.2007 20:28:52 | Attr = ]
ashwebsv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashWebSv.exe -> ALWIL Software [Ver = 4, 7, 936, 0 | Size = 370304 bytes | Modified Date = 15.1.2007 20:27:52 | Attr = ]
aswupdsv.exe -> %ProgramFiles%\Alwil Software\Avast4\aswUpdSv.exe -> [Ver = | Size = 59008 bytes | Modified Date = 15.1.2007 20:18:24 | Attr = ]
ati2evxx.exe -> %System32%\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4118 | Size = 380928 bytes | Modified Date = 3.8.2005 23:02:58 | Attr = ]
ati2evxx.exe -> %System32%\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4118 | Size = 380928 bytes | Modified Date = 3.8.2005 23:02:58 | Attr = ]
atiptaxx.exe -> %SystemDrive%\ATI Technologies\ATI Control Panel\atiptaxx.exe -> ATI Technologies, Inc. [Ver = 6.14.10.5160 | Size = 344064 bytes | Modified Date = 5.8.2005 21:05:00 | Attr = ]
cameraassistant.exe -> %ProgramFiles%\Logitech\Video\CameraAssistant.exe -> Logitech Inc. [Ver = 9.5.0.1099 | Size = 489472 bytes | Modified Date = 7.12.2005 10:26:30 | Attr = ]
clcapsvc.exe -> %SystemDrive%\APPS\Powercinema\Kernel\TV\CLCapSvc.exe -> [Ver = 4.00.1710 | Size = 221266 bytes | Modified Date = 11.5.2005 13:50:14 | Attr = ]
clmlserver.exe -> %ProgramFiles%\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe -> Cyberlink [Ver = 1, 1, 0, 1619 | Size = 61440 bytes | Modified Date = 11.5.2005 13:52:00 | Attr = ]
clmlservice.exe -> %ProgramFiles%\CyberLink\Shared Files\CLML_NTService\CLMLService.exe -> Cyberlink [Ver = 1, 1, 0, 1619 | Size = 737381 bytes | Modified Date = 11.5.2005 13:52:04 | Attr = ]
clsched.exe -> %SystemDrive%\APPS\Powercinema\Kernel\TV\CLSched.exe -> [Ver = 4.00.1710 | Size = 110672 bytes | Modified Date = 11.5.2005 13:50:34 | Attr = ]
cmdagent.exe -> D:\Comodo\Firewall\cmdagent.exe -> COMODO [Ver = 2.4.0.20 | Size = 361040 bytes | Modified Date = 11.8.2007 17:26:24 | Attr = ]
cpf.exe -> D:\Comodo\Firewall\cpf.exe -> COMODO [Ver = 2.4.0.58 | Size = 1115728 bytes | Modified Date = 11.8.2007 17:26:24 | Attr = ]
firefox.exe -> %ProgramFiles%\Mozilla Firefox\firefox.exe -> Mozilla Corporation [Ver = 1.8.1.6: 2007072518 | Size = 7644520 bytes | Modified Date = 26.7.2007 23:00:38 | Attr = ]
jusched.exe -> %ProgramFiles%\Java\jre1.6.0_02\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 132496 bytes | Modified Date = 12.7.2007 4:00:36 | Attr = ]
lexbces.exe -> %System32%\LEXBCES.EXE -> Lexmark International, Inc. [Ver = 8.29 | Size = 303104 bytes | Modified Date = 18.8.2003 11:37:10 | Attr = ]
lexpps.exe -> %System32%\LEXPPS.EXE -> Lexmark International, Inc. [Ver = 8.29 | Size = 174592 bytes | Modified Date = 18.8.2003 11:32:56 | Attr = ]
lvcomsx.exe -> %System32%\LVCOMSX.EXE -> Logitech Inc. [Ver = 9.5.0.1098 | Size = 225280 bytes | Modified Date = 9.12.2005 15:32:18 | Attr = ]
lvprcsrv.exe -> %CommonProgramFiles%\Logitech\LVMVFM\LVPrcSrv.exe -> Logitech Inc. [Ver = 9.5.0.1098 | Size = 81920 bytes | Modified Date = 9.12.2005 15:37:42 | Attr = ]
ma_cmidi_inst.exe -> %ProgramFiles%\M-Audio\M-Audio Series II MIDI\MA_CMIDI_Inst.exe -> [Ver = 1.0.0.15 | Size = 94208 bytes | Modified Date = 8.1.2007 16:08:10 | Attr = ]
mdnsresponder.exe -> %ProgramFiles%\Bonjour\mDNSResponder.exe -> Apple Computer, Inc. [Ver = 1,0,3,1 | Size = 229376 bytes | Modified Date = 28.2.2006 12:42:38 | Attr = ]
objectdock.exe -> D:\Windows skinit\PC Into Mac ohjelmat\ObjectDock Plus_1.5 build 528u+Crack\ObjectDock\ObjectDock.exe -> Stardock [Ver = v1.50.528u | Size = 2860792 bytes | Modified Date = 14.11.2006 20:19:08 | Attr = ]
realsched.exe -> %CommonProgramFiles%\Real\Update_OB\realsched.exe -> RealNetworks, Inc. [Ver = 0.1.0.3275 | Size = 180269 bytes | Modified Date = 21.10.2005 11:25:08 | Attr = ]
sdmcp.exe -> %CommonProgramFiles%\Stardock\sdmcp.exe -> Stardock [Ver = 0, 0, 5, 11 | Size = 241664 bytes | Modified Date = 10.5.2005 14:31:22 | Attr = ]
soundman.exe -> %SystemRoot%\soundman.exe -> Realtek Semiconductor Corp. [Ver = 5, 1, 0, 58 | Size = 577536 bytes | Modified Date = 17.11.2006 6:42:52 | Attr = ]
trayserver.exe -> %CommonProgramFiles%\Stardock\TrayServer.exe -> Stardock [Ver = v1.55 | Size = 81920 bytes | Modified Date = 14.2.2003 4:57:04 | Attr = ]
ultramon.exe -> D:\Windows skinit\PC Into Mac ohjelmat\Ultramon\UltraMon.exe -> Realtime Soft [Ver = 2.7.1.0 | Size = 304640 bytes | Modified Date = 12.10.2006 22:27:20 | Attr = ]
ultramontaskbar.exe -> D:\Windows skinit\PC Into Mac ohjelmat\Ultramon\UltraMonTaskbar.exe -> Realtime Soft [Ver = 2.7.1.0 | Size = 257536 bytes | Modified Date = 12.10.2006 22:27:40 | Attr = ]
winpfind3u.exe -> %UserDesktop%\WinPFind3u\WinPFind3U.exe -> OldTimer Tools [Ver = 1.0.38.0 | Size = 322048 bytes | Modified Date = 23.6.2007 15:15:54 | Attr = ]

[Win32 Services - Non-Microsoft Only]
(Adobe LM Service) Adobe LM Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Adobe Systems Shared\Service\Adobelmsvc.exe -> Adobe Systems [Ver = 2.67.010 | Size = 72704 bytes | Modified Date = 4.2.2006 10:46:14 | Attr = ]
(aswUpdSv) avast! iAVS4 Control Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Alwil Software\Avast4\aswUpdSv.exe -> [Ver = | Size = 59008 bytes | Modified Date = 15.1.2007 20:18:24 | Attr = ]
(Ati HotKey Poller) Ati HotKey Poller [Win32_Own | Auto | Running] -> %System32%\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4118 | Size = 380928 bytes | Modified Date = 3.8.2005 23:02:58 | Attr = ]
(avast! Antivirus) avast! Antivirus [Win32_Own | Auto | Running] -> %ProgramFiles%\Alwil Software\Avast4\ashServ.exe -> [Ver = 4, 7, 936, 0 | Size = 132736 bytes | Modified Date = 15.1.2007 20:28:52 | Attr = ]
(avast! Mail Scanner) avast! Mail Scanner [Win32_Own | On_Demand | Running] -> %ProgramFiles%\Alwil Software\Avast4\ashMaiSv.exe -> ALWIL Software [Ver = 4, 7, 936, 0 | Size = 255616 bytes | Modified Date = 15.1.2007 20:28:32 | Attr = ]
(avast! Web Scanner) avast! Web Scanner [Win32_Own | On_Demand | Running] -> %ProgramFiles%\Alwil Software\Avast4\ashWebSv.exe -> ALWIL Software [Ver = 4, 7, 936, 0 | Size = 370304 bytes | Modified Date = 15.1.2007 20:27:52 | Attr = ]
(Bonjour Service) ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## [Win32_Own | Auto | Running] -> %ProgramFiles%\Bonjour\mDNSResponder.exe -> Apple Computer, Inc. [Ver = 1,0,3,1 | Size = 229376 bytes | Modified Date = 28.2.2006 12:42:38 | Attr = ]
(ccEvtMgr) Symantec Event Manager [Win32_Own | Disabled | Stopped] -> %CommonProgramFiles%\Symantec Shared\ccEvtMgr.exe -> File not found
(ccProxy) Symantec Network Proxy [Win32_Own | Disabled | Stopped] -> %CommonProgramFiles%\Symantec Shared\ccProxy.exe -> File not found
(ccPwdSvc) Symantec Password Validation [Win32_Own | Disabled | Stopped] -> %CommonProgramFiles%\Symantec Shared\ccPwdSvc.exe -> File not found
(ccSetMgr) Symantec Settings Manager [Win32_Own | Disabled | Stopped] -> %CommonProgramFiles%\Symantec Shared\ccSetMgr.exe -> File not found
(CLCapSvc) CyberLink Background Capture Service (CBCS) [Win32_Own | Auto | Running] -> %SystemDrive%\APPS\Powercinema\Kernel\TV\CLCapSvc.exe -> [Ver = 4.00.1710 | Size = 221266 bytes | Modified Date = 11.5.2005 13:50:14 | Attr = ]
(CLSched) CyberLink Task Scheduler (CTS) [Win32_Own | Auto | Running] -> %SystemDrive%\APPS\Powercinema\Kernel\TV\CLSched.exe -> [Ver = 4.00.1710 | Size = 110672 bytes | Modified Date = 11.5.2005 13:50:34 | Attr = ]
(CmdAgent) Comodo Application Agent [Win32_Own | Auto | Running] -> D:\Comodo\Firewall\cmdagent.exe -> COMODO [Ver = 2.4.0.20 | Size = 361040 bytes | Modified Date = 11.8.2007 17:26:24 | Attr = ]
(CyberLink Media Library Service) CyberLink Media Library Service [Win32_Own | Auto | Running] -> %ProgramFiles%\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe -> Cyberlink [Ver = 1, 1, 0, 1619 | Size = 61440 bytes | Modified Date = 11.5.2005 13:52:00 | Attr = ]
(dmadmin) Loogisen levyn hallinnan valvontapalvelu [Win32_Shared | On_Demand | Stopped] -> %System32%\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 15.9.2004 14:00:00 | Attr = ]
(FLEXnet Licensing Service) FLEXnet Licensing Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -> Macrovision Europe Ltd. [Ver = 11.03.005 | Size = 654848 bytes | Modified Date = 27.5.2007 19:19:38 | Attr = ]
(IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\11\Intel 32\IDriverT.exe -> Macrovision Corporation [Ver = 11.00.28844 | Size = 69632 bytes | Modified Date = 4.4.2005 1:41:10 | Attr = ]
(ISSVC) ISSVC [Win32_Own | Disabled | Stopped] -> %ProgramFiles%\Norton Internet Security\ISSVC.exe -> File not found
(LexBceS) LexBce Server [Win32_Own | Auto | Running] -> %System32%\LEXBCES.EXE -> Lexmark International, Inc. [Ver = 8.29 | Size = 303104 bytes | Modified Date = 18.8.2003 11:37:10 | Attr = ]
(LVPrcSrv) Logitech Process Monitor [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Logitech\LVMVFM\LVPrcSrv.exe -> Logitech Inc. [Ver = 9.5.0.1098 | Size = 81920 bytes | Modified Date = 9.12.2005 15:37:42 | Attr = ]
(Macromedia Licensing Service) Macromedia Licensing Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Macromedia Shared\Service\Macromedia Licensing.exe -> [Ver = 2.42.000 | Size = 68096 bytes | Modified Date = 3.10.2006 1:06:54 | Attr = ]
(MA_CMIDI_InstallerService) M-Audio Series II MIDI Installer [Win32_Own | Auto | Running] -> %ProgramFiles%\M-Audio\M-Audio Series II MIDI\MA_CMIDI_Inst.exe -> [Ver = 1.0.0.15 | Size = 94208 bytes | Modified Date = 8.1.2007 16:08:10 | Attr = ]
(MSSQL$SONY_MEDIAMGR) MSSQL$SONY_MEDIAMGR [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe -> File not found
(navapsvc) Norton AntiVirus Auto-Protect -palvelu [Win32_Own | Disabled | Stopped] -> %ProgramFiles%\Norton Internet Security\Norton AntiVirus\navapsvc.exe -> File not found
(rpcapd) Remote Packet Capture Protocol v.0 (experimental) [Win32_Own | Disabled | Stopped] -> %ProgramFiles%\WinPcap\rpcapd.exe -> NetGroup - Politecnico di Torino [Ver = 3, 1, 0, 23 | Size = 86016 bytes | Modified Date = 14.5.2004 13:02:46 | Attr = ]
(SAVScan) SAVScan [Win32_Own | Disabled | Stopped] -> %ProgramFiles%\Norton Internet Security\Norton AntiVirus\SAVScan.exe -> File not found
(SNDSrvc) Symantec Network Drivers Service [Win32_Own | Disabled | Stopped] -> %CommonProgramFiles%\Symantec Shared\SNDSrvc.exe -> File not found
(SPBBCSvc) Symantec SPBBCSvc [Win32_Own | Disabled | Stopped] -> %CommonProgramFiles%\Symantec Shared\SPBBC\SPBBCSvc.exe -> File not found
(SQLAgent$SONY_MEDIAMGR) SQLAgent$SONY_MEDIAMGR [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE -> File not found
(UleadBurningHelper) Ulead Burning Helper [Win32_Own | Disabled | Stopped] -> %CommonProgramFiles%\Ulead Systems\DVD\ULCDRSvr.exe -> Ulead Systems, Inc. [Ver = 1, 0, 0, 3 | Size = 49152 bytes | Modified Date = 26.2.2004 9:52:00 | Attr = ]

[Registry - Non-Microsoft Only]
< Run [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
1A:Stardock TrayMonitor -> %CommonProgramFiles%\Stardock\TrayServer.exe -> Stardock [Ver = v1.55 | Size = 81920 bytes | Modified Date = 14.2.2003 4:57:04 | Attr = ]
ATIPTA -> %SystemDrive%\ATI Technologies\ATI Control Panel\atiptaxx.exe -> ATI Technologies, Inc. [Ver = 6.14.10.5160 | Size = 344064 bytes | Modified Date = 5.8.2005 21:05:00 | Attr = ]
COMODO Firewall Pro -> D:\Comodo\Firewall\cpf.exe -> COMODO [Ver = 2.4.0.58 | Size = 1115728 bytes | Modified Date = 11.8.2007 17:26:24 | Attr = ]
Disc Detector -> %ProgramFiles%\Creative\ShareDLL\ctnotify.exe -> File not found
H2O -> %ProgramFiles%\SyncroSoft\POS\H2O\cledx.exe -> Team H2O [Ver = v0.3.1412 | Size = 307200 bytes | Modified Date = 11.12.2007 4:59:40 | Attr = ]
LogitechCameraAssistant -> %ProgramFiles%\Logitech\Video\CameraAssistant.exe -> Logitech Inc. [Ver = 9.5.0.1099 | Size = 489472 bytes | Modified Date = 7.12.2005 10:26:30 | Attr = ]
SoundMan -> %SystemRoot%\soundman.exe -> Realtek Semiconductor Corp. [Ver = 5, 1, 0, 58 | Size = 577536 bytes | Modified Date = 17.11.2006 6:42:52 | Attr = ]
SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.6.0_02\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 132496 bytes | Modified Date = 12.7.2007 4:00:36 | Attr = ]
TkBellExe -> %CommonProgramFiles%\Real\Update_OB\realsched.exe -> RealNetworks, Inc. [Ver = 0.1.0.3275 | Size = 180269 bytes | Modified Date = 21.10.2005 11:25:08 | Attr = ]
UltraMon -> D:\Windows skinit\PC Into Mac ohjelmat\Ultramon\UltraMon.exe -> Realtime Soft [Ver = 2.7.1.0 | Size = 304640 bytes | Modified Date = 12.10.2006 22:27:20 | Attr = ]
< OptionalComponents [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\ ->
IMAIL -> Installed = 1 ->
MAPI -> Installed = 1 ->
MSFS -> Installed = 1 ->
< Run [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
Aureon 5.1 Fun Mixer -> %System32%\Aureon 5.1 F -> File not found
LClock -> %ProgramFiles%\LClock\LClock.exe -> File not found
RocketDock -> %SystemRoot%\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe -> File not found
< User Startup > -> D:\Documents and Settings\Koti\Käynnistä-valikko\Ohjelmat\Käynnistys ->
%UserStartup%\Adobe Gamma.lnk -> %CommonProgramFiles%\Adobe\Calibration\Adobe Gamma Loader.exe -> Adobe Systems, Inc. [Ver = 1, 0, 0, 1 | Size = 113664 bytes | Modified Date = 16.3.2005 21:16:50 | Attr = ]
-> %UserStartup%\cnxUnins.bat -> [Ver = | Size = 247 bytes | Modified Date = 13.5.2007 17:08:38 | Attr = ]
%UserStartup%\Stardock ObjectDock.lnk -> D:\Windows skinit\PC Into Mac ohjelmat\ObjectDock Plus_1.5 build 528u+Crack\ObjectDock\ObjectDock.exe -> Stardock [Ver = v1.50.528u | Size = 2860792 bytes | Modified Date = 14.11.2006 20:19:08 | Attr = ]
< AppInit_DLLs [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs ->
*AppInit_DLLs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls ->
wbsys.dll -> %System32%\wbsys.dll -> Stardock.Net, Inc [Ver = 4, 0, 0, 0 | Size = 36864 bytes | Modified Date = 26.2.2003 21:27:44 | Attr = ]
< SSODL [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad ->
{F5DF91F9-15E9-416B-A7C3-7519B11ECBFC} [HKLM] -> %CommonProgramFiles%\Stardock\MCPCore.dll [0aMCPClient] -> Stardock [Ver = 0, 0, 5, 4 | Size = 86016 bytes | Modified Date = 10.5.2005 14:31:20 | Attr = ]
< SecurityProviders [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders ->
< Winlogon settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon\Notify settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->
AtiExtEvent -> %System32%\ati2evxx.dll -> ATI Technologies Inc. [Ver = 6.14.10.4118 | Size = 46080 bytes | Modified Date = 3.8.2005 23:04:18 | Attr = ]
MCPClient -> %CommonProgramFiles%\Stardock\MCPStub.dll -> Stardock [Ver = 0, 0, 5, 2 | Size = 49152 bytes | Modified Date = 31.1.2005 16:13:38 | Attr = ]
WBSrv -> D:\WindowBlinds\WbSrv.dll -> Stardock [Ver = 5, 0, 0, 1 | Size = 176128 bytes | Modified Date = 6.12.2005 22:16:30 | Attr = ]
< CurrentVersion Policy Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\\NoCDBurning -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 ->
< CurrentVersion Policy Settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Associations\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 36 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveAutoRun -> ÿÿÿÿ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> ->
< HOSTS File > (27 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts ->
127.0.0.1 localhost -> ->
< Internet Explorer Settings > -> ->
HKLM: Default_Page_URL -> http://go.microsoft.com/fwlink/?LinkId=69157 ->
HKLM: Main\\Default_Search_URL -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKLM: Local Page -> %SystemRoot%\system32\blank.htm ->
HKLM: Search Page -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKLM: Start Page -> http://go.microsoft.com/fwlink/?LinkId=69157 ->
HKLM: CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKLM: SearchAssistant -> http://www.google.com/ie ->
HKCU: Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch ->
HKCU: Local Page -> C:\WINDOWS\system32\blank.htm ->
HKCU: Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch ->
HKCU: Start Page -> http://www.google.fi/ ->
HKCU: ProxyEnable -> 0 ->
< Trusted Sites > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
msn.com [ - ] -> ->
< BHO's > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> Adobe Systems Incorporated [Ver = 7.0.9.2006121800 | Size = 59032 bytes | Modified Date = 18.12.2006 5:16:42 | Attr = ]
{4F92B827-1E56-4E30-A978-A17A7861A606} [HKLM] -> D:\Windows skinit\PC Into Mac ohjelmat\WebBlinds\webblinds.dll [WebBlinds] -> Stardock Corporation [Ver = 0, 1, 0, 5 | Size = 405504 bytes | Modified Date = 6.2.2003 16:13:46 | Attr = ]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_02\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 501136 bytes | Modified Date = 12.7.2007 4:00:36 | Attr = ]
{7E853D72-626A-48EC-A868-BA8D5E23E045} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
{BDF3E430-B101-42AD-A544-FADC6B084872} [HKLM] -> %ProgramFiles%\Norton Internet Security\Norton AntiVirus\NAVSHEXT.DLL [CNavExtBho Class] -> Symantec Corporation [Ver = 11.0.16.2 | Size = 218768 bytes | Modified Date = 28.11.2005 15:58:30 | Attr = ]
< Internet Explorer ToolBars [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ ->
ShellBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKLM] -> %ProgramFiles%\Norton Internet Security\Norton AntiVirus\NAVSHEXT.DLL [Norton AntiVirus] -> Symantec Corporation [Ver = 11.0.16.2 | Size = 218768 bytes | Modified Date = 28.11.2005 15:58:30 | Attr = ]
WebBrowser\\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} [HKLM] -> %CommonProgramFiles%\Symantec Shared\AdBlocking\NISShExt.dll [Norton Internet Security] -> File not found
WebBrowser\\{DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} [HKLM] -> %ProgramFiles%\Google\Web Accelerator\GoogleWebAccToolbar.dll [Google Web Accelerator] -> File not found
< Internet Explorer Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_02\bin\npjpi160_02.dll [MenuText: Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 132496 bytes | Modified Date = 12.7.2007 4:00:36 | Attr = ]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKCU] -> %ProgramFiles%\Java\jre1.6.0_02\bin\ssv.dll [MenuText: Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 501136 bytes | Modified Date = 12.7.2007 4:00:36 | Attr = ]
{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> Reg Data - Key not found [MenuText: @xpsp3res.dll,-20001] -> File not found
{FB5F1910-F110-11d2-BB9E-00C04F795683} -> %ProgramFiles%\Messenger\msmsgs.exe [ButtonText: Messenger] -> File not found
< DNS Name Servers [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
{24F2689F-81DC-45D9-8BC7-ADB2E31D3EDD} -> (1394-verkkosovitin) ->
{4CDDAA79-B246-4395-90F8-1A16F68BA26E} -> () ->
{89FCE17D-03C3-4E9C-8F5F-E57D832DA7EB} -> (Realtek RTL8139/810x Family Fast Ethernet NIC) ->
< Winsock2 Catalogs [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\ ->
NameSpace_Catalog5\Catalog_Entries\000000000005 [mdnsNSP] -> %ProgramFiles%\Bonjour\mdnsNSP.dll -> Apple Computer, Inc. [Ver = 1,0,3,1 | Size = 94208 bytes | Modified Date = 28.2.2006 12:42:30 | Attr = ]
< Protocol Handlers [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ ->
ipp -> Reg Data - Key not found -> File not found
msdaipp -> Reg Data - Key not found -> File not found
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{0B79F48A-E8D6-11DB-9283-E25056D89593} -> F-Secure Online Scanner 3.1 - CodeBase = http://support.f-secure.com/ols/fscax.cab ->
{0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} -> CKAVWebScan Object - CodeBase = http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab ->
{166B1BCA-3F9C-11CF-8075-444553540000} -> Shockwave ActiveX Control - CodeBase = http://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab ->
{20A60F0D-9AFA-4515-A0FD-83BD84642501} -> Checkers Class - CodeBase = http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab ->
{5C051655-FCD5-4969-9182-770EA5AA5565} -> Solitaire Showdown Class - CodeBase = http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} -> Java Plug-in 1.6.0_02 - CodeBase = http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab ->
{9D190AE6-C81E-4039-8061-978EBAD10073} -> F-Secure Online Scanner 3.0 - CodeBase = http://support.f-secure.com/ols/fscax.cab ->
{B8BE5E93-A60C-4D26-A2DC-220313175592} -> MSN Games - Installer - CodeBase = http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab ->
{C3F79A2B-B9B4-4A66-B012-3EE46475B072} -> MessengerStatsClient Class - CodeBase = http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab ->
{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} -> Java Plug-in 1.6.0_02 - CodeBase = http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -> Java Plug-in 1.6.0_02 - CodeBase = http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab ->
{D27CDB6E-AE6D-11CF-96B8-444553540000} -> - CodeBase = http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab ->
{F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} -> Minesweeper Flags Class - CodeBase = http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab ->


[Files/Folders - Created Within 30 days]
!KillBox -> %SystemDrive%\!KillBox -> [Folder | Created Date = 12.8.2007 22:52:20 | Attr = ]
backups -> %SystemDrive%\backups -> [Folder | Created Date = 10.8.2007 21:41:49 | Attr = ]
boot.ini.cf -> %SystemDrive%\boot.ini.cf -> [Ver = | Size = 453 bytes | Created Date = 10.8.2007 16:27:25 | Attr = HS]
boot.ini.comodofirewall -> %SystemDrive%\boot.ini.comodofirewall -> [Ver = | Size = 453 bytes | Created Date = 11.8.2007 16:26:34 | Attr = ]
Koti.exe -> %SystemDrive%\Koti.exe -> Trend Micro Inc. [Ver = 2.00.0002 | Size = 396288 bytes | Created Date = 10.8.2007 14:59:40 | Attr = ]
QooBox -> %SystemDrive%\QooBox -> [Folder | Created Date = 10.8.2007 16:26:16 | Attr = ]
SDFix -> %SystemDrive%\SDFix -> [Folder | Created Date = 10.8.2007 15:19:40 | Attr = ]
$NtUninstallKB925902$ -> %SystemRoot%\$NtUninstallKB925902$ -> [Folder | Created Date = 3.8.2007 17:17:55 | Attr = H ]
$NtUninstallKB926239$ -> %SystemRoot%\$NtUninstallKB926239$ -> [Folder | Created Date = 20.7.2007 1:01:34 | Attr = H ]
$NtUninstallKB929399$ -> %SystemRoot%\$NtUninstallKB929399$ -> [Folder | Created Date = 3.8.2007 17:13:14 | Attr = H ]
$NtUninstallMSCompPackV1$ -> %SystemRoot%\$NtUninstallMSCompPackV1$ -> [Folder | Created Date = 20.7.2007 1:00:57 | Attr = H ]
$NtUninstallWMFDist11$ -> %SystemRoot%\$NtUninstallWMFDist11$ -> [Folder | Created Date = 20.7.2007 0:58:55 | Attr = H ]
$NtUninstallwmp11$ -> %SystemRoot%\$NtUninstallwmp11$ -> [Folder | Created Date = 20.7.2007 1:00:10 | Attr = H ]
$NtUninstallWudf01000$ -> %SystemRoot%\$NtUninstallWudf01000$ -> [Folder | Created Date = 20.7.2007 0:58:02 | Attr = H ]
catchme.exe -> %SystemRoot%\catchme.exe -> [Ver = | Size = 109056 bytes | Created Date = 10.8.2007 16:22:24 | Attr = ]
ERDNT -> %SystemRoot%\ERDNT -> [Folder | Created Date = 10.8.2007 14:51:16 | Attr = ]
ERUNT -> %SystemRoot%\ERUNT -> [Folder | Created Date = 10.8.2007 15:23:58 | Attr = ]
ie7 -> %SystemRoot%\ie7 -> [Folder | Created Date = 10.8.2007 22:17:32 | Attr = H ]
nircmd.exe -> %SystemRoot%\nircmd.exe -> NirSoft [Ver = 2.00 | Size = 51200 bytes | Created Date = 10.8.2007 16:22:24 | Attr = ]
Profiles -> %SystemRoot%\Profiles -> [Folder | Created Date = 30.7.2007 19:12:17 | Attr = ]
_ISTMP1.DIR -> %SystemRoot%\_ISTMP1.DIR -> [Folder | Created Date = 30.7.2007 19:11:31 | Attr = ]
comdlg32.oca -> %System32%\comdlg32.oca -> [Ver = | Size = 35840 bytes | Created Date = 18.7.2007 17:36:09 | Attr = R ]
en-US -> %System32%\en-US -> [Folder | Created Date = 10.8.2007 22:18:36 | Attr = ]
FlashAX -> %System32%\FlashAX -> [Folder | Created Date = 15.7.2007 21:37:14 | Attr = ]
java.exe -> %System32%\java.exe -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 135168 bytes | Created Date = 10.8.2007 14:50:38 | Attr = ]
javacpl.cpl -> %System32%\javacpl.cpl -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 69632 bytes | Created Date = 10.8.2007 14:50:38 | Attr = ]
javaw.exe -> %System32%\javaw.exe -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 135168 bytes | Created Date = 10.8.2007 14:50:38 | Attr = ]
javaws.exe -> %System32%\javaws.exe -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 139264 bytes | Created Date = 10.8.2007 14:50:38 | Attr = ]
Kaspersky Lab -> %System32%\Kaspersky Lab -> [Folder | Created Date = 12.8.2007 18:36:45 | Attr = ]
LogFiles -> %System32%\LogFiles -> [Folder | Created Date = 20.7.2007 0:58:08 | Attr = ]
MSINET.oca -> %System32%\MSINET.oca -> [Ver = | Size = 29184 bytes | Created Date = 18.7.2007 17:36:09 | Attr = R ]
swreg.exe -> %System32%\swreg.exe -> SteelWerX [Ver = 2.0.1.8 | Size = 279552 bytes | Created Date = 10.8.2007 16:22:24 | Attr = ]
swsc.exe -> %System32%\swsc.exe -> SteelWerX [Ver = 2.0.0.0 | Size = 370688 bytes | Created Date = 10.8.2007 16:22:24 | Attr = ]
swxcacls.exe -> %System32%\swxcacls.exe -> SteelWerX [Ver = 1.0.1.1 | Size = 212480 bytes | Created Date = 10.8.2007 16:22:24 | Attr = ]
tmp.reg -> %System32%\tmp.reg -> [Ver = | Size = 2534 bytes | Created Date = 10.8.2007 15:12:21 | Attr = ]
vfind.exe -> %System32%\vfind.exe -> [Ver = | Size = 49152 bytes | Created Date = 10.8.2007 16:22:24 | Attr = ]
xmlparse.dll -> %System32%\xmlparse.dll -> [Ver = | Size = 36864 bytes | Created Date = 18.7.2007 17:36:09 | Attr = R ]
xmltok.dll -> %System32%\xmltok.dll -> [Ver = | Size = 69632 bytes | Created Date = 18.7.2007 17:36:09 | Attr = R ]
apphelp.sdb -> %System32%\dllcache\apphelp.sdb -> [Ver = | Size = 217118 bytes | Created Date = 20.7.2007 1:01:06 | Attr = ]
apph_sp.sdb -> %System32%\dllcache\apph_sp.sdb -> [Ver = | Size = 764868 bytes | Created Date = 20.7.2007 1:01:06 | Attr = ]
sysmain.sdb -> %System32%\dllcache\sysmain.sdb -> [Ver = | Size = 1197294 bytes | Created Date = 20.7.2007 1:01:06 | Attr = ]
cmdmon.sys -> %System32%\drivers\cmdmon.sys -> Comodo Research Lab., Inc. [Ver = 2.3.035 built by: WinDDK | Size = 75520 bytes | Created Date = 11.8.2007 16:26:25 | Attr = ]
inspect.sys -> %System32%\drivers\inspect.sys -> COMODO [Ver = 2, 0, 0, 1 | Size = 51328 bytes | Created Date = 11.8.2007 16:26:25 | Attr = ]
UMDF -> %System32%\drivers\UMDF -> [Folder | Created Date = 20.7.2007 0:58:08 | Attr = ]
MsftWdf_user_01_00_00.Wdf -> %System32%\drivers\UMDF\MsftWdf_user_01_00_00.Wdf -> [Ver = | Size = 0 bytes | Created Date = 20.7.2007 0:58:13 | Attr = H ]

[Files/Folders - Modified Within 30 days]
!KillBox -> %SystemDrive%\!KillBox -> [Folder | Modified Date = 12.8.2007 23:54:24 | Attr = ]
backups -> %SystemDrive%\backups -> [Folder | Modified Date = 10.8.2007 22:41:50 | Attr = ]
BOOT.INI -> %SystemDrive%\BOOT.INI -> [Ver = | Size = 453 bytes | Modified Date = 11.8.2007 17:26:36 | Attr = RHS]
boot.ini.cf -> %SystemDrive%\boot.ini.cf -> [Ver = | Size = 453 bytes | Modified Date = 3.8.2007 13:54:38 | Attr = HS]
boot.ini.comodofirewall -> %SystemDrive%\boot.ini.comodofirewall -> [Ver = | Size = 453 bytes | Modified Date = 3.8.2007 13:54:38 | Attr = ]
Cakewalk Projects -> %SystemDrive%\Cakewalk Projects -> [Folder | Modified Date = 22.7.2007 2:04:42 | Attr = ]
Config.Msi -> %SystemDrive%\Config.Msi -> [Folder | Modified Date = 12.8.2007 15:53:20 | Attr = H ]
Koti.exe -> %SystemDrive%\Koti.exe -> Trend Micro Inc. [Ver = 2.00.0002 | Size = 396288 bytes | Modified Date = 10.8.2007 15:25:36 | Attr = ]
Program Files -> %ProgramFiles% -> [Folder | Modified Date = 12.8.2007 13:32:40 | Attr = ]
QooBox -> %SystemDrive%\QooBox -> [Folder | Modified Date = 10.8.2007 17:26:18 | Attr = ]
RECYCLER -> %SystemDrive%\RECYCLER -> [Folder | Modified Date = 11.8.2007 19:31:08 | Attr = HS]
SDFix -> %SystemDrive%\SDFix -> [Folder | Modified Date = 10.8.2007 16:23:02 | Attr = ]
sqmdata19.sqm -> %SystemDrive%\sqmdata19.sqm -> [Ver = | Size = 268 bytes | Modified Date = 21.7.2007 16:12:58 | Attr = H ]
sqmnoopt19.sqm -> %SystemDrive%\sqmnoopt19.sqm -> [Ver = | Size = 244 bytes | Modified Date = 21.7.2007 16:12:58 | Attr = H ]
Temp -> %SystemDrive%\Temp -> [Folder | Modified Date = 3.8.2007 13:18:54 | Attr = ]
WINDOWS -> %SystemRoot% -> [Folder | Modified Date = 12.8.2007 23:18:50 | Attr = ]
$hf_mig$ -> %SystemRoot%\$hf_mig$ -> [Folder | Modified Date = 3.8.2007 18:12:06 | Attr = H ]
$NtUninstallKB925902$ -> %SystemRoot%\$NtUninstallKB925902$ -> [Folder | Modified Date = 3.8.2007 18:17:58 | Attr = H ]
$NtUninstallKB926239$ -> %SystemRoot%\$NtUninstallKB926239$ -> [Folder | Modified Date = 20.7.2007 2:01:36 | Attr = H ]
$NtUninstallKB929399$ -> %SystemRoot%\$NtUninstallKB929399$ -> [Folder | Modified Date = 3.8.2007 18:13:16 | Attr = H ]
$NtUninstallMSCompPackV1$ -> %SystemRoot%\$NtUninstallMSCompPackV1$ -> [Folder | Modified Date = 20.7.2007 2:00:58 | Attr = H ]
$NtUninstallWMFDist11$ -> %SystemRoot%\$NtUninstallWMFDist11$ -> [Folder | Modified Date = 20.7.2007 1:59:00 | Attr = H ]
$NtUninstallwmp11$ -> %SystemRoot%\$NtUninstallwmp11$ -> [Folder | Modified Date = 20.7.2007 2:00:18 | Attr = H ]
$NtUninstallWudf01000$ -> %SystemRoot%\$NtUninstallWudf01000$ -> [Folder | Modified Date = 20.7.2007 1:58:04 | Attr = H ]
AppPatch -> %SystemRoot%\AppPatch -> [Folder | Modified Date = 20.7.2007 3:16:00 | Attr = ]
assembly -> %SystemRoot%\assembly -> [Folder | Modified Date = 3.8.2007 18:33:08 | Attr = R S]
bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 12.8.2007 23:56:02 | Attr = S]
catchme.exe -> %SystemRoot%\catchme.exe -> [Ver = | Size = 109056 bytes | Modified Date = 20.7.2007 0:47:24 | Attr = ]
cdplayer.ini -> %SystemRoot%\cdplayer.ini -> [Ver = | Size = 1339 bytes | Modified Date = 20.7.2007 1:59:24 | Attr = ]
Downloaded Program Files -> %SystemRoot%\Downloaded Program Files -> [Folder | Modified Date = 12.8.2007 19:36:48 | Attr = S]
ERDNT -> %SystemRoot%\ERDNT -> [Folder | Modified Date = 10.8.2007 17:27:28 | Attr = ]
ERUNT -> %SystemRoot%\ERUNT -> [Folder | Modified Date = 10.8.2007 16:24:00 | Attr = ]
Fonts -> %SystemRoot%\Fonts -> [Folder | Modified Date = 3.8.2007 13:38:08 | Attr = R S]
Help -> %SystemRoot%\Help -> [Folder | Modified Date = 10.8.2007 23:20:00 | Attr = ]
ie7 -> %SystemRoot%\ie7 -> [Folder | Modified Date = 10.8.2007 23:18:16 | Attr = H ]
ie7updates -> %SystemRoot%\ie7updates -> [Folder | Modified Date = 10.8.2007 23:11:18 | Attr = ]
imsins.BAK -> %SystemRoot%\imsins.BAK -> [Ver = | Size = 1355 bytes | Modified Date = 3.8.2007 18:18:08 | Attr = ]
inf -> %SystemRoot%\inf -> [Folder | Modified Date = 12.8.2007 19:36:46 | Attr = H ]
Installer -> %SystemRoot%\Installer -> [Folder | Modified Date = 12.8.2007 15:53:20 | Attr = HS]
java -> %SystemRoot%\java -> [Folder | Modified Date = 10.8.2007 21:48:14 | Attr = ]
LogonStudio.ini -> %SystemRoot%\LogonStudio.ini -> [Ver = | Size = 24 bytes | Modified Date = 3.8.2007 13:49:56 | Attr = ]
Media -> %SystemRoot%\Media -> [Folder | Modified Date = 10.8.2007 23:18:30 | Attr = ]
Microsoft.NET -> %SystemRoot%\Microsoft.NET -> [Folder | Modified Date = 3.8.2007 18:33:10 | Attr = ]
PREFETCH -> %SystemRoot%\PREFETCH -> [Folder | Modified Date = 13.8.2007 0:02:28 | Attr = ]
Profiles -> %SystemRoot%\Profiles -> [Folder | Modified Date = 30.7.2007 20:12:18 | Attr = ]
pss -> %SystemRoot%\pss -> [Folder | Modified Date = 3.8.2007 13:54:38 | Attr = ]
QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes | Modified Date = 10.8.2007 18:48:20 | Attr = H ]
system.ini -> %SystemRoot%\system.ini -> [Ver = | Size = 227 bytes | Modified Date = 3.8.2007 13:54:38 | Attr = ]
system32 -> %System32% -> [Folder | Modified Date = 12.8.2007 19:36:46 | Attr = ]
Tasks -> %SystemRoot%\Tasks -> [Folder | Modified Date = 10.8.2007 22:31:12 | Attr = S]
Temp -> %SystemRoot%\Temp -> [Folder | Modified Date = 12.8.2007 23:58:02 | Attr = ]
TrayServerData.ini -> %SystemRoot%\TrayServerData.ini -> [Ver = | Size = 3080 bytes | Modified Date = 12.8.2007 23:59:40 | Attr = ]
WBEM -> %SystemRoot%\WBEM -> [Folder | Modified Date = 10.8.2007 23:18:38 | Attr = ]
win.ini -> %SystemRoot%\win.ini -> [Ver = | Size = 905 bytes | Modified Date = 3.8.2007 13:54:38 | Attr = ]
WinSxS -> %SystemRoot%\WinSxS -> [Folder | Modified Date = 3.8.2007 18:23:46 | Attr = ]
WMSysPr9.prx -> %SystemRoot%\WMSysPr9.prx -> [Ver = | Size = 316640 bytes | Modified Date = 20.7.2007 1:59:26 | Attr = ]
_ISTMP1.DIR -> %SystemRoot%\_ISTMP1.DIR -> [Folder | Modified Date = 30.7.2007 20:14:20 | Attr = ]
AppleSoftwareUpdate.job -> %SystemRoot%\tasks\AppleSoftwareUpdate.job -> [Ver = | Size = 284 bytes | Modified Date = 7.8.2007 12:07:02 | Attr = ]
SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 12.8.2007 23:56:12 | Attr = H ]
amcompat.tlb -> %System32%\amcompat.tlb -> [Ver = | Size = 16832 bytes | Modified Date = 20.7.2007 3:18:14 | Attr = ]
CatRoot -> %System32%\CatRoot -> [Folder | Modified Date = 11.8.2007 18:58:12 | Attr = ]
CatRoot2 -> %System32%\CatRoot2 -> [Folder | Modified Date = 12.8.2007 18:33:50 | Attr = ]
config -> %System32%\config -> [Folder | Modified Date = 10.8.2007 17:28:00 | Attr = ]
decdnet.dll -> %System32%\decdnet.dll -> RealNetworks, Inc. [Ver = 5.0.0.119 | Size = 61952 bytes | Modified Date = 9.12.2007 0:32:40 | Attr = ]
dllcache -> %System32%\dllcache -> [Folder | Modified Date = 11.8.2007 19:23:48 | Attr = RHS]
drivers -> %System32%\drivers -> [Folder | Modified Date = 11.8.2007 17:26:26 | Attr = ]
DRVSTORE -> %System32%\DRVSTORE -> [Folder | Modified Date = 3.8.2007 18:23:34 | Attr = ]
en-US -> %System32%\en-US -> [Folder | Modified Date = 10.8.2007 23:18:38 | Attr = ]
encdnet.dll -> %System32%\encdnet.dll -> RealNetworks, Inc. [Ver = 5.0.0.119 | Size = 85504 bytes | Modified Date = 9.12.2007 0:32:40 | Attr = ]
fi-fi -> %System32%\fi-fi -> [Folder | Modified Date = 11.8.2007 18:58:06 | Attr = ]
FlashAX -> %System32%\FlashAX -> [Folder | Modified Date = 15.7.2007 22:37:16 | Attr = ]
FNTCACHE.DAT -> %System32%\FNTCACHE.DAT -> [Ver = | Size = 1553112 bytes | Modified Date = 3.8.2007 18:27:32 | Attr = ]
inetsrv -> %System32%\inetsrv -> [Folder | Modified Date = 10.8.2007 21:49:24 | Attr = ]
Kaspersky Lab -> %System32%\Kaspersky Lab -> [Folder | Modified Date = 12.8.2007 19:36:46 | Attr = ]
LogFiles -> %System32%\LogFiles -> [Folder | Modified Date = 20.7.2007 1:58:10 | Attr = ]
nscompat.tlb -> %System32%\nscompat.tlb -> [Ver = | Size = 23392 bytes | Modified Date = 20.7.2007 3:18:14 | Attr = ]
perfc009.dat -> %System32%\perfc009.dat -> [Ver = | Size = 70164 bytes | Modified Date = 3.8.2007 18:15:26 | Attr = ]
perfc00B.dat -> %System32%\perfc00B.dat -> [Ver = | Size = 83516 bytes | Modified Date = 3.8.2007 18:15:26 | Attr = ]
perfh009.dat -> %System32%\perfh009.dat -> [Ver = | Size = 419030 bytes | Modified Date = 3.8.2007 18:15:26 | Attr = ]
perfh00B.dat -> %System32%\perfh00B.dat -> [Ver = | Size = 393762 bytes | Modified Date = 3.8.2007 18:15:26 | Attr = ]
PerfStringBackup.INI -> %System32%\PerfStringBackup.INI -> [Ver = | Size = 942712 bytes | Modified Date = 3.8.2007 18:15:26 | Attr = ]
pnc3250.dll -> %System32%\pnc3250.dll -> RealNetworks, Inc. [Ver = 5.0.0.113 | Size = 130560 bytes | Modified Date = 9.12.2007 0:32:40 | Attr = ]
pneng50.dll -> %System32%\pneng50.dll -> RealNetworks, Inc. [Ver = 5.0.0.113 | Size = 131072 bytes | Modified Date = 9.12.2007 0:32:40 | Attr = ]
pngu3263.dll -> %System32%\pngu3263.dll -> RealNetworks, Inc. [Ver = 6.3.0.226 | Size = 352768 bytes | Modified Date = 9.12.2007 0:32:40 | Attr = ]
ra3214_4.dll -> %System32%\ra3214_4.dll -> RealNetworks, Inc. [Ver = 5.0.0.119 | Size = 81920 bytes | Modified Date = 9.12.2007 0:32:40 | Attr = ]
ra3228_8.dll -> %System32%\ra3228_8.dll -> RealNetworks, Inc. [Ver = 5.0.0.119 | Size = 72704 bytes | Modified Date = 9.12.2007 0:32:40 | Attr = ]
ra32dnet.dll -> %System32%\ra32dnet.dll -> RealNetworks, Inc. [Ver = 5.0.0.119 | Size = 21504 bytes | Modified Date = 9.12.2007 0:32:40 | Attr = ]
ra32sipr.dll -> %System32%\ra32sipr.dll -> RealNetworks, Inc. [Ver = 5.0.0.119 | Size = 87040 bytes | Modified Date = 9.12.2007 0:32:40 | Attr = ]
rmbe3260.dll -> %System32%\rmbe3260.dll -> RealNetworks, Inc. [Ver = 6.0.7.26 | Size = 487936 bytes | Modified Date = 9.12.2007 0:32:40 | Attr = ]
swreg.exe -> %System32%\swreg.exe -> SteelWerX [Ver = 2.0.1.8 | Size = 279552 bytes | Modified Date = 22.7.2007 18:39:28 | Attr = ]
tmp.reg -> %System32%\tmp.reg -> [Ver = | Size = 2534 bytes | Modified Date = 10.8.2007 17:15:56 | Attr = ]
usmt -> %System32%\usmt -> [Folder | Modified Date = 11.8.2007 19:23:46 | Attr = ]
wpa.dbl -> %System32%\wpa.dbl -> [Ver = | Size = 1158 bytes | Modified Date = 12.8.2007 23:58:20 | Attr = ]
_PersonalityVert1.WB4 -> %System32%\_PersonalityVert1.WB4 -> [Ver = | Size = 274 bytes | Modified Date = 12.8.2007 14:02:22 | Attr = ]
_PersonalityVert2.WB4 -> %System32%\_PersonalityVert2.WB4 -> [Ver = | Size = 274 bytes | Modified Date = 12.8.2007 14:02:22 | Attr = ]
cmdmon.sys -> %System32%\drivers\cmdmon.sys -> Comodo Research Lab., Inc. [Ver = 2.3.035 built by: WinDDK | Size = 75520 bytes | Modified Date = 11.8.2007 17:26:26 | Attr = ]
etc -> %System32%\drivers\etc -> [Folder | Modified Date = 10.8.2007 22:33:08 | Attr = ]
inspect.sys -> %System32%\drivers\inspect.sys -> COMODO [Ver = 2, 0, 0, 1 | Size = 51328 bytes | Modified Date = 11.8.2007 17:26:26 | Attr = ]
secdrv.sys -> %System32%\drivers\secdrv.sys -> Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K. [Ver = 3.22.000 | Size = 11973 bytes | Modified Date = 16.7.2007 16:23:40 | Attr = ]
UMDF -> %System32%\drivers\UMDF -> [Folder | Modified Date = 20.7.2007 1:59:14 | Attr = ]
MsftWdf_user_01_00_00.Wdf -> %System32%\drivers\UMDF\MsftWdf_user_01_00_00.Wdf -> [Ver = | Size = 0 bytes | Modified Date = 20.7.2007 1:58:14 | Attr = H ]

[File String Scan - Non-Microsoft Only]
UPX! , UPX0 , -> %SystemDrive%\Koti.exe -> Trend Micro Inc. [Ver = 2.00.0002 | Size = 396288 bytes | Modified Date = 10.8.2007 15:25:36 | Attr = ]
UPX! , UPX0 , -> %SystemRoot%\daemon.dll -> [Ver = 3.47.0.0 | Size = 69120 bytes | Modified Date = 22.8.2004 17:04:56 | Attr = ]
WSUD , -> %System32%\alsndmgr.cpl -> Realtek Semiconductor Corp. [Ver = 2, 2, 0, 73 | Size = 18804736 bytes | Modified Date = 17.11.2006 6:40:46 | Attr = ]
UPX! , UPX0 , -> %System32%\aswBoot.exe -> [Ver = 4, 7, 936, 0 | Size = 689280 bytes | Modified Date = 15.1.2007 20:32:08 | Attr = ]
aspack , -> %System32%\avcodec-51.dll -> [Ver = | Size = 1839104 bytes | Modified Date = 23.8.2006 22:08:28 | Attr = ]
aspack , -> %System32%\avformat-50.dll -> [Ver = | Size = 217088 bytes | Modified Date = 23.8.2006 22:08:30 | Attr = ]
UPX! , UPX0 , -> %System32%\avisynth.dll -> The Public [Ver = 2, 5, 6, 0 | Size = 308224 bytes | Modified Date = 28.10.2005 19:44:12 | Attr = ]
aspack , -> %System32%\avutil-49.dll -> [Ver = | Size = 16896 bytes | Modified Date = 23.8.2006 22:08:26 | Attr = ]
UPX! , UPX0 , -> %System32%\CoreAAC.ax -> [Ver = 1, 1, 0, 642 | Size = 167936 bytes | Modified Date = 9.7.2004 11:47:04 | Attr = RHS]
PEC2 , -> %System32%\dfrg.msc -> [Ver = | Size = 41113 bytes | Modified Date = 15.9.2004 14:00:00 | Attr = ]
PEC2 , PECompact2 , -> %System32%\DivX.dll -> DivX, Inc. [Ver = 6.6.1.4 | Size = 740442 bytes | Modified Date = 9.7.2007 22:05:56 | Attr = ]
UPX! , UPX0 , -> %System32%\Lame.exe -> [Ver = | Size = 187904 bytes | Modified Date = 26.7.2004 12:12:38 | Attr = ]
UPX! , UPX0 , -> %System32%\LameACM.acm -> http://www.mp3dev.org/ [Ver = 0.9.1 | Size = 200192 bytes | Modified Date = 26.7.2004 12:13:08 | Attr = ]
aspack , -> %System32%\lame_enc.dll -> [Ver = | Size = 126464 bytes | Modified Date = 7.8.2003 15:01:52 | Attr = ]
UPX! , UPX0 , -> %System32%\MACDec.dll -> Matthew T. Ashland [Ver = 3.99 | Size = 75264 bytes | Modified Date = 15.5.2004 17:10:42 | Attr = ]
UPX! , UPX0 , -> %System32%\MonkeySource.ax -> [Ver = | Size = 177152 bytes | Modified Date = 19.6.2004 19:28:44 | Attr = ]
Thawte Consulting , -> %System32%\SmartUI2.ocx -> Xceed Software Inc (450) 442-2626 support@xceedsoft.com www.xceedsoft.com [Ver = 2.00.0202 | Size = 874248 bytes | Modified Date = 14.6.2004 15:04:34 | Attr = ]
UPX! , UPX0 , -> %System32%\swreg.exe -> SteelWerX [Ver = 2.0.1.8 | Size = 279552 bytes | Modified Date = 22.7.2007 18:39:28 | Attr = ]
UPX! , UPX0 , -> %System32%\Uharc.exe -> [Ver = | Size = 111104 bytes | Modified Date = 3.12.2006 17:15:34 | Attr = ]
winsync , -> %System32%\wbdbase.deu -> [Ver = | Size = 1309184 bytes | Modified Date = 15.9.2004 14:00:00 | Attr = ]
Thawte Consulting , -> %System32%\XceedCry.dll -> Xceed Software Inc (450) 442-2626 support@xceedsoft.com www.xceedsoft.com [Ver = 1.1.107.0 | Size = 512688 bytes | Modified Date = 19.11.2003 15:59:36 | Attr = ]
Thawte Consulting , -> %System32%\XceedZip.dll -> Xceed Software Inc (450) 442-2626 support@xceedsoft.com www.xceedsoft.com [Ver = 5.0.117.0 | Size = 427864 bytes | Modified Date = 14.6.2004 15:56:26 | Attr = ]

< End of report >

 

Eli.. tämän koneen putsaaminen on vähän kuin upottava suo... Jos tää ei löydä mitään niin.. voin sanoa koneen olevan puhdas..

Nettisivu http://www.trendmicro.com/download/dcs.asp
Ohjeet Enkuksi Täällä http://www.trendmicro.com/ftp/products/tsc/readme.txt

V. How to Use

1. Tee oma hakemisto minne asennat (purat) ladatut tiedostot.

2. Lataa sysclean http://www.trendmicro.com/ftp/products/tsc/sysclean.com TÄÄLTÄ tekemääsi kansioon.

3. Lataa päivitykset http://www.trendmicro.com/download/pattern.asp TÄÄLTÄ tekemääsi kansioon.
Lataa seuraavista kohdista kaikki tiedostot
-Virus Pattern Files / Cleanup Templates
-Spyware Pattern Files / Cleanup Templates
-Network Virus Pattern
-Vulnerability Assessment (VA) Pattern

4. Pura sysclean ja päivitykset samaan kansioon.

5. Irrota nettipiuha

6. Sammuta antivirusohjelmasi ja palomuurisi

7. Tuplaklikkaa SYSCLEAN.COM tiedostoa.

8. Kun sysclean on valmis, Käynnistä palomuuri ja antiviruksesi ja scannaa koko koneesi antivirusohjelmallasi.

9. Kun kaikki noi toimenpiteet on tehty, niin yhdistä koneesi nettiin ja lähetä SYSCLEAN.LOG ja pyydetyt lokit

HUOM. Työkalu tekee lokin SYSCLEAN.LOG samaan kansioon missä scanneri on.

 

Tässä se viimeisin raportti. Varmaan on 'puhdast', oma virusohjelma ei löytäny mitää... Saahan ton qoobox juttu kansion tyhjätä?



/--------------------------------------------------------------\
| Trend Micro System Cleaner |
| Copyright 2006, Trend Micro, Inc. |
| http://www.antivirus.com |
\--------------------------------------------------------------/


2007-08-13, 18:04:28, Auto-clean mode specified.
2007-08-13, 18:04:28, Running scanner "D:\Trendmicro\TSC.BIN"...
2007-08-13, 18:04:40, Scanner "D:\Trendmicro\TSC.BIN" has finished running.
2007-08-13, 18:04:40, TSC Log:

2007-08-13, 18:09:04, An error was detected on "D:\Documents and Settings\Koti\Local Settings\Application Data\Microsoft\Messenger\hyb90@hotmail.com\SharingMetadata\hanaapoika@hotmail.com\DFSR\ConflictDelete\Papa Roach - Discografia [www.emwreloaded-{72D74CDD-D4BE-4240-878F-A91788394FF9}-v3618.com]\Papa Roach - 5 Tracks Deep [1998]\racks Deep [1998]\r": Säilö ei riitä komennon käsittelemiseen.
2007-08-13, 18:09:04, An error was detected on "D:\Documents and Settings\Koti\Local Settings\Application Data\Microsoft\Messenger\hyb90@hotmail.com\SharingMetadata\hanaapoika@hotmail.com\DFSR\ConflictDelete\Papa Roach - Discografia [www.emwreloaded-{72D74CDD-D4BE-4240-878F-A91788394FF9}-v3618.com]\Papa Roach - Getting Away With Murder [2004]\ting Away With Murder [2004]\t|b‘|“‘|€À—|p‘|": Säilö ei riitä komennon käsittelemiseen.
2007-08-13, 18:09:04, An error was detected on "D:\Documents and Settings\Koti\Local Settings\Application Data\Microsoft\Messenger\hyb90@hotmail.com\SharingMetadata\hanaapoika@hotmail.com\DFSR\ConflictDelete\Papa Roach - Discografia [www.emwreloaded-{72D74CDD-D4BE-4240-878F-A91788394FF9}-v3618.com]\Papa Roach - Infest [2000]\est [2000]\e2004]\ting Away With Murder [2004]\t|b‘|“‘|€À—|p‘|": Säilö ei riitä komennon käsittelemiseen.
2007-08-13, 18:09:04, An error was detected on "D:\Documents and Settings\Koti\Local Settings\Application Data\Microsoft\Messenger\hyb90@hotmail.com\SharingMetadata\hanaapoika@hotmail.com\DFSR\ConflictDelete\Papa Roach - Discografia [www.emwreloaded-{72D74CDD-D4BE-4240-878F-A91788394FF9}-v3618.com]\Papa Roach - Let'em Know [1999]\'em Know [1999]\' Away With Murder [2004]\t|b‘|“‘|€À—|p‘|": Säilö ei riitä komennon käsittelemiseen.
2007-08-13, 18:09:04, An error was detected on "D:\Documents and Settings\Koti\Local Settings\Application Data\Microsoft\Messenger\hyb90@hotmail.com\SharingMetadata\hanaapoika@hotmail.com\DFSR\ConflictDelete\Papa Roach - Discografia [www.emwreloaded-{72D74CDD-D4BE-4240-878F-A91788394FF9}-v3618.com]\Papa Roach - Live & Murderous In Chicago [DVDA][2005]\e & Murderous In Chicago [DVDA][2005]\e": Säilö ei riitä komennon käsittelemiseen.
2007-08-13, 18:09:04, An error was detected on "D:\Documents and Settings\Koti\Local Settings\Application Data\Microsoft\Messenger\hyb90@hotmail.com\SharingMetadata\hanaapoika@hotmail.com\DFSR\ConflictDelete\Papa Roach - Discografia [www.emwreloaded-{72D74CDD-D4BE-4240-878F-A91788394FF9}-v3618.com]\Papa Roach - Live Rock Am Ring [Hard Rock][2005]\e Rock Am Ring [Hard Rock][2005]\eA][2005]\e": Säilö ei riitä komennon käsittelemiseen.
2007-08-13, 18:09:04, An error was detected on "D:\Documents and Settings\Koti\Local Settings\Application Data\Microsoft\Messenger\hyb90@hotmail.com\SharingMetadata\hanaapoika@hotmail.com\DFSR\ConflictDelete\Papa Roach - Discografia [www.emwreloaded-{72D74CDD-D4BE-4240-878F-A91788394FF9}-v3618.com]\Papa Roach - LoveHateTragedy [2002]\eHateTragedy [2002]\em Ring [Hard Rock][2005]\eA][2005]\e": Säilö ei riitä komennon käsittelemiseen.
2007-08-13, 18:09:04, An error was detected on "D:\Documents and Settings\Koti\Local Settings\Application Data\Microsoft\Messenger\hyb90@hotmail.com\SharingMetadata\hanaapoika@hotmail.com\DFSR\ConflictDelete\Papa Roach - Discografia [www.emwreloaded-{72D74CDD-D4BE-4240-878F-A91788394FF9}-v3618.com]\Papa Roach - Old Friends From Young Years [1995]\ Friends From Young Years [1995]\ A][2005]\e": Säilö ei riitä komennon käsittelemiseen.
2007-08-13, 18:09:04, An error was detected on "D:\Documents and Settings\Koti\Local Settings\Application Data\Microsoft\Messenger\hyb90@hotmail.com\SharingMetadata\hanaapoika@hotmail.com\DFSR\ConflictDelete\Papa Roach - Discografia [www.emwreloaded-{72D74CDD-D4BE-4240-878F-A91788394FF9}-v3618.com]\Papa Roach - Potatoes For Christmas [1994]\atoes For Christmas [1994]\aars [1995]\ A][2005]\e": Säilö ei riitä komennon käsittelemiseen.
2007-08-13, 18:09:57, An error was detected on "D:\System Volume Information\*.*": Käyttö estetty.
2007-08-13, 18:48:19, Files Detected:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 8/13/2007 18:10:59
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 649 (214829 Patterns) (2007/08/13) (464900)
Command Line: D:\Trendmicro\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 C:\*.* /P=D:\Trendmicro

C:\QooBox\Quarantine\C\WINDOWS\system32\IIS\setup.bat.vir [BAT_Generic]
200476 files have been read.
200476 files have been checked.
130159 files have been scanned.
172819 files have been scanned. (including files in archived)
1 files containing viruses.
Found 1 viruses totally.
Maybe 0 viruses totally.
Stop At : 8/13/2007 18:48:19
---------*---------*---------*---------*---------*---------*---------*---------*
2007-08-13, 18:48:19, Files Clean:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 8/13/2007 18:10:59
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 649 (214829 Patterns) (2007/08/13) (464900)
Command Line: D:\Trendmicro\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 C:\*.* /P=D:\Trendmicro

Success Clean [ BAT_Generic]( 1) from C:\QooBox\Quarantine\C\WINDOWS\system32\IIS\setup.bat.vir
200476 files have been read.
200476 files have been checked.
130159 files have been scanned.
172819 files have been scanned. (including files in archived)
1 files containing viruses.
Found 1 viruses totally.
Maybe 0 viruses totally.
Stop At : 8/13/2007 18:48:19 37 minutes 19 seconds (2238.70 seconds) has elapsed.

---------*---------*---------*---------*---------*---------*---------*---------*
2007-08-13, 18:48:19, Clean Fail:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 8/13/2007 18:10:59
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 649 (214829 Patterns) (2007/08/13) (464900)
Command Line: D:\Trendmicro\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 C:\*.* /P=D:\Trendmicro

200476 files have been read.
200476 files have been checked.
130159 files have been scanned.
172819 files have been scanned. (including files in archived)
1 files containing viruses.
Found 1 viruses totally.
Maybe 0 viruses totally.
Stop At : 8/13/2007 18:48:19 37 minutes 19 seconds (2238.70 seconds) has elapsed.

---------*---------*---------*---------*---------*---------*---------*---------*
2007-08-13, 18:48:19, Scanner "D:\Trendmicro\VSCANTM.BIN" has finished running.
2007-08-13, 19:17:14, Files Detected:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 8/13/2007 18:48:20
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 649 (214829 Patterns) (2007/08/13) (464900)
Command Line: D:\Trendmicro\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 D:\*.* /P=D:\Trendmicro

97314 files have been read.
97314 files have been checked.
81936 files have been scanned.
125257 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 8/13/2007 19:17:14
---------*---------*---------*---------*---------*---------*---------*---------*
2007-08-13, 19:17:14, Files Clean:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 8/13/2007 18:48:20
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 649 (214829 Patterns) (2007/08/13) (464900)
Command Line: D:\Trendmicro\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 D:\*.* /P=D:\Trendmicro

97314 files have been read.
97314 files have been checked.
81936 files have been scanned.
125257 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 8/13/2007 19:17:14 28 minutes 52 seconds (1731.48 seconds) has elapsed.

---------*---------*---------*---------*---------*---------*---------*---------*
2007-08-13, 19:17:14, Clean Fail:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 8/13/2007 18:48:20
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 649 (214829 Patterns) (2007/08/13) (464900)
Command Line: D:\Trendmicro\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 D:\*.* /P=D:\Trendmicro

97314 files have been read.
97314 files have been checked.
81936 files have been scanned.
125257 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 8/13/2007 19:17:14 28 minutes 52 seconds (1731.48 seconds) has elapsed.

---------*---------*---------*---------*---------*---------*---------*---------*
2007-08-13, 19:17:14, Scanner "D:\Trendmicro\VSCANTM.BIN" has finished running.
2007-08-13, 19:38:07, Files Detected:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 8/13/2007 19:17:14
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 649 (214829 Patterns) (2007/08/13) (464900)
Command Line: D:\Trendmicro\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 F:\*.* /P=D:\Trendmicro

78974 files have been read.
78974 files have been checked.
65192 files have been scanned.
134779 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 8/13/2007 19:38:06
---------*---------*---------*---------*---------*---------*---------*---------*
2007-08-13, 19:38:07, Files Clean:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 8/13/2007 19:17:14
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 649 (214829 Patterns) (2007/08/13) (464900)
Command Line: D:\Trendmicro\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 F:\*.* /P=D:\Trendmicro

78974 files have been read.
78974 files have been checked.
65192 files have been scanned.
134779 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 8/13/2007 19:38:06 20 minutes 50 seconds (1250.17 seconds) has elapsed.

---------*---------*---------*---------*---------*---------*---------*---------*
2007-08-13, 19:38:07, Clean Fail:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 8/13/2007 19:17:14
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 649 (214829 Patterns) (2007/08/13) (464900)
Command Line: D:\Trendmicro\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 F:\*.* /P=D:\Trendmicro

78974 files have been read.
78974 files have been checked.
65192 files have been scanned.
134779 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 8/13/2007 19:38:06 20 minutes 50 seconds (1250.17 seconds) has elapsed.

---------*---------*---------*---------*---------*---------*---------*---------*
2007-08-13, 19:38:07, Scanner "D:\Trendmicro\VSCANTM.BIN" has finished running.

 

Lataa Dr.Web CureIt työpöydälle:

Tuplaklikkaa drweb-cureit.exe ja anna sen tehdä express scan
Se skannaa käynnissä olevat ohjelmat ja jos jotain löytyy, klikkaa yes kun se kysyy haluatko poistaa sen. Tämä on vain lyhyt scan.
Kun scan on valmis, merkkaa asemat, jotka haluat scannata.
Valitse kaikki asemat. Punainen piste osoittaa, mitkä asemat on valittu.
Klikaa vihreää nuolta oikealla ja scan alkaa.
Klikkaa 'Yes to all', jos kysytään haluatko poistaa/siirtää tiedoston.
Kun scan on valmis, katso voitko klikata next-kuvaketta löytyneiden tiedostojen vieressä:
Jos asia on niin, klikkaa sitä ja sitten klikkaa next-kuvaketta oikealla alhaalla ja valitse Move incurable kuten alla olevalla kuvassa:

Tämä siirtää sen %userprofile%\DoctorWeb\quarantine-hakemistoon.
Tämän jälkeen klikkaa Dr.Web CureIt-valikossa file ja valitse save report list
Tallenna raportti työpöydälle. Raportin nimi on DrWeb.csv
Sulje Dr.Web Cureit.
Käynnistä kone uudelleen !! Tämä siksi, että käytössä olevat tiedostot poistetaan/siirretään käynnistyksen yhteydessä.
Käynnistyksen jälkeen liitä Dr.Web-lokin, jonka tallensit aiemmin, sisältö seuraavaan vastaukseesi

==============

Lataa tuolta http://www.ccleaner.com/download/builds.aspx
CCleaner v1.41.544 - Basic, ÄLÄ aseenna Yahoo toolbaria!

laita asetukset näin:
Valinnat --> Lisäasetukset --> Ota ruksi pois kohdasta Poista vain yli 48 tuntia vanhat tilapäistiedostot.

aja Puhdistaja > tutki nappi > aja ccleaner nappi oikea alakulma
aja Virheet > etsi rekisteri virheitä nappi > Korjaa rekisteri virheet. nappi

 

Viimeinkin nämä ajettu. Tässä se Dr.Web tiedosto. (tarvitko vielä muita logeja?)
POSTOOBE.NEC;C:\DRIVERS;VBS.Generic.278;Deleted.;
scvhost.exe.vir;C:\QooBox\Quarantine\C\WINDOWS\system32\IIS;Program.mIRC.591;Incurable.Moved.;
Process.exe;C:\SDFix\SDFix\apps;Tool.Prockill;Incurable.Moved.;
pskill.exe;C:\WINDOWS\system32;Tool.Prockill;Incurable.Moved.;
Fport.exe;C:\winnt\system32\dllcache;Program.FPort.20;Incurable.Moved.;
mirc32.exe;C:\winnt\system32\dllcache;Program.mIRC.591;Incurable.Moved.;
PSKILL.EXE;C:\winnt\system32\dllcache;Tool.Prockill;Incurable.Moved.;
Process.exe;D:\Documents and Settings\Koti\Työpöytä\SmitfraudFix;Tool.Prockill;Incurable.Moved.;
restart.exe;D:\Documents and Settings\Koti\Työpöytä\SmitfraudFix;Tool.ShutDown.11;Incurable.Moved.;
LFS.exe;F:\oma\ajopeli2;Probably DLOADER.Trojan;Incurable.Moved.;
LFS.exe;F:\oma\ajopeli;Probably DLOADER.Trojan;Incurable.Moved.;

 

jokos se tietsikka on kiva käteen ja mukava kattella?

 

Eiköhän tää rupee oleen ok
Onko muuten tuo ccleaner 'turvallinen' siinä mieles, että uskaltaa useimmat sen löytämät jutut korjata/poistaa?

 

juu käyttä sitä vain saat turhaa pois.

Lataa tuolta http://www.ccleaner.com/download/builds.aspx
CCleaner v1.41.544 - Basic, ÄLÄ aseenna Yahoo toolbaria!

laita asetukset näin:
Valinnat --> Lisäasetukset --> Ota ruksi pois kohdasta Poista vain yli 48 tuntia vanhat tilapäistiedostot.

aja Puhdistaja > tutki nappi > aja ccleaner nappi oikea alakulma
aja Virheet > etsi rekisteri virheitä nappi > Korjaa rekisteri virheet. nappi

 

Joo, tein sen jo. Kiitti teille paljon monen päivän avusta!

 

Ei voi olla kysymättä, että eikö noin häiriintyneen koneen paras eli yksinkertasin puhdistuskeino olisi formatointi ja Windowsin uudelleen asennus? Itse en tosiaan sitä useinkaan suosittele (Windows- ja ajuriongelmat) ainakaan esimmäisinä toimenpiteinä, mutta eikö jokin paino ole myös tuollaisella asennus- puhdistusrumballa? Tietty, onhan se opettavaista ja kivaa harrastella, mutta resurssien käytön kannalta ei liene kovin tehokasta.

 

Sen formatoinin voi päättää jokainen itse.
Siinä on myös oma rumpansa. Pitää myös löytyä tarvittavat cd levyt.
Kyllä siinä hajetaan myös ohjelmia netistä.

 

Se riippuu mitä koneeseen on asennettu ja miten, myös siitä miten käyttiksen asennus on tehty. Ajurit on monella etukäteen CD-levyllä ja jos ei ole niin on syytä laittaa. Myös nykyiset irroitettavat kovalevyt ovat tekemässä yksinkertaiseksi ohjelmien ja tärkeiden tiedostojen säilömistä.

Kyllä tuossa esimerkkitapauksessa olisi uudelleenasennus ollut varmasti yksinkertaisempi toimenpide. Windows-palstoilla ja ajureissakin ei formatointia voida mm. siksi helposti suositella, koska kyseessä on usein myös tai pelkästään rautapuolen vikoja, joita uudelleenasennus ei tietenkään korjaa, pikemminkin kone huononee toimimattomaksi. Siksi harkintaa pitää tehdä, mutta tämän esimerkin kaltainen ajankäyttö ja näprääminen on kyllä eri asia.

 

Formatoitia käyttetään yleensä siinä viimisenä toimenpiteenä tai jos on semmonen örkki joka on pistänyt käyttiksen pöpöseksi.

 

Tässä juuri oli ja Windows aivan sekaisin. En nyt lähde ryhmittelemään formatoinnin paikkaa yleensä virustenpoistossa, vain tässä tapauksessa. Ja samalla muistuttaa siitä, että aina kannattaa pitää järki kädessä.

 

Tännehän olikin tullut vielä kommentteja, joten pakkohan on omaa alottamaa avunpyyntöä myös kommentoida. Ensinnäkin jäi tuosta Neptunin sanomasta sellainen mielikuva, että kone olis vieläkin ihan sekasin??? Ja toisekseen tuo kone on niitä Gigantti-koneita, eli siinä on se palautusjuttu tehdasasetuksiin, mikäli tulee ongelmia, mutta eihän se viruksia poista. Ja koska mukana ei ole tullut asennus-cd:tä, niin oli helpompi puhdistella kone noiden yksittäisten toimenpiteiden mukaan.