Moi Tollaisen päivitti itekseen ja sen jälkeen alko ongelmat.. Koneen palauttaa ennen ton päivitysta olevaan tilaan, niin toimii. Mutta aamulla taas käynnistyy vain vikasietotilaan.... Tässä olis hjt loki, jos joku viittis katsoo mitä olis vialla...? Logfile of HijackThis v1.99.1 Scan saved at 13:30:10, on 13.7.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16473) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Sygate\SPF\smc.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\ewido anti-spyware 4.0\guard.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\DOCUME~1\LEEVI\LOCALS~1\TEMP\_VWUPSRV.EXE C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\Nero StartSmart\NeroStartSmart.exe C:\Program Files\Ahead\nero\nero.exe C:\Hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.leevinet.tk/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\Userinit.exe O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fi\msntb.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fi\msntb.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [INTERNATIONAL] International* O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15009/CTSUEng.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1136212916359 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1136212903687 O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.lowrance.com/Software/PCSoftware/Install/iFINDERH2O/isetup.cab O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://62.197.172.28:8088/activex/AxisCamControl.cab O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://support.f-secure.com/ols/fscax.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://81.175.188.131/activex/AMC.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15010/CTPID.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe O23 - Service: AntiVir Update Temp (TmpUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\DOCUME~1\LEEVI\LOCALS~1\TEMP\_VWUPSRV.EXE Kiitti jo etukäteen.....
1. Download ATF (Atribune Temp File) Cleaner© by Atribune to your desktop. This program is for XP and Windows 2000 only! Double-click ATF Cleaner.exe to open it. Under Main select the following: *Windows Temp *Current User Temp *All Users Temp *Temporary Internet Files *Prefetch *Java Cache *The other boxes are optional* Then click the Empty Selected button. Click Exit on the Main menu to close the program. ======== Please download Deckard's System Scanner to your Desktop * Close all applications and windows. * Double-click on Dss.exe to run it, and follow the prompts. * The scan may take a minute. When the scan is complete, a text file will open Main.txt and extra.txt Please post Main.txt and Extra.txt
Deckard's System Scanner v20070711.54 Run by Leevi on 2007-07-13 at 16:34:24 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- System Restore -------------------------------------------------------------- Successfully created a Deckard's System Scanner Restore Point. -- Last 5 Restore Point(s) -- 10: 2007-07-13 13:34:40 UTC - RP732 - Deckard's System Scanner Restore Point 9: 2007-07-13 09:16:19 UTC - RP731 - Toiminto: Palautus 8: 2007-07-13 08:38:05 UTC - RP730 - Toiminto: Palautus 7: 2007-07-13 08:07:40 UTC - RP729 - Toiminto: Palautus 6: 2007-07-13 07:54:02 UTC - RP728 - Toiminto: Palautus -- First Restore Point -- 1: 2007-07-11 08:43:26 UTC - RP723 - Software Distribution Service 3.0 Backed up registry hives. Performed disk cleanup. -- HijackThis (run as Leevi.exe) ----------------------------------------------- Logfile of HijackThis v1.99.1 Scan saved at 16:35:43, on 13.7.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16473) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Sygate\SPF\smc.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\DOCUME~1\LEEVI\LOCALS~1\TEMP\_VWUPSRV.EXE C:\WINDOWS\system32\taskmgr.exe C:\Documents and Settings\Leevi\Omat tiedostot\Ajurit\dss.exe C:\HIJACK~1\Leevi.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.leevinet.tk/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\Userinit.exe O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fi\msntb.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fi\msntb.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [INTERNATIONAL] International* O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15009/CTSUEng.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1136212916359 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1136212903687 O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.lowrance.com/Software/PCSoftware/Install/iFINDERH2O/isetup.cab O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://62.197.172.28:8088/activex/AxisCamControl.cab O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://support.f-secure.com/ols/fscax.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://81.175.188.131/activex/AMC.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15010/CTPID.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe O23 - Service: AntiVir Update Temp (TmpUpSrv) - Unknown owner - C:\DOCUME~1\LEEVI\LOCALS~1\TEMP\_VWUPSRV.EXE (file missing) -- HijackThis Fixed Entries (C:\HIJACK~1\backups\) ----------------------------- backup-20060915-181927-136 O17 - HKLM\System\CCS\Services\Tcpip\..\{2CFE49F3-6FAD-434E-945B-559E9FCE1B32}: NameServer = 85.255.115.60,85.255.112.87 backup-20060915-181927-239 O17 - HKLM\System\CCS\Services\Tcpip\..\{CCAF8BF7-C14B-494C-B3AB-9B1C86D22CA1}: NameServer = 85.255.115.60,85.255.112.87 backup-20060915-181927-655 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.60 85.255.112.87 backup-20060915-181927-741 O17 - HKLM\System\CCS\Services\Tcpip\..\{2AC10C2B-F22C-40F5-BF6A-4865FF4C534E}: NameServer = 85.255.115.60,85.255.112.87 backup-20060915-181927-773 O17 - HKLM\System\CCS\Services\Tcpip\..\{A83A4627-8B68-49C1-B388-A675E143709C}: NameServer = 85.255.115.60,85.255.112.87 backup-20060915-181927-901 O17 - HKLM\System\CS1\Services\Tcpip\..\{2AC10C2B-F22C-40F5-BF6A-4865FF4C534E}: NameServer = 85.255.115.60,85.255.112.87 backup-20060915-181927-908 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.115.60 85.255.112.87 backup-20060915-181927-950 O17 - HKLM\System\CCS\Services\Tcpip\..\{4A23288F-6B39-496A-9C43-D21398172BE5}: NameServer = 85.255.115.60,85.255.112.87 backup-20060915-181927-961 O4 - HKCU\..\Run: [mags grey] C:\DOCUME~1\Leevi\APPLIC~1\THISME~1\Idle anti bone.exe backup-20060915-181927-982 O4 - HKLM\..\Run: [Mix Name Active Locks] C:\Documents and Settings\All Users\Application Data\cash user mix name\CastNurb.exe backup-20060915-190420-511 O2 - BHO: (no name) - {F371B35F-4762-F3FC-43F9-8D65A193EEDB} - C:\DOCUME~1\Leevi\APPLIC~1\Dupebyte\Ballproc.exe (file missing) -- File Associations ----------------------------------------------------------- All associations okay. -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- R0 avgntmgr - c:\windows\system32\drivers\avgntmgr.sys <Not Verified; AVIRA GmbH; AntiVir®> R0 Teefer (Teefer for NT) - c:\windows\system32\drivers\teefer.sys <Not Verified; Sygate Technologies, Inc.; Sygate Teefer Driver> R1 wpsdrvnt - c:\windows\system32\drivers\wpsdrvnt.sys <Not Verified; Sygate Technologies, Inc.; wpsdrvnt> R2 devdpl - c:\windows\system32\drivers\devdpl.sys R2 ElbyCDIO (ElbyCDIO Driver) - c:\windows\system32\drivers\elbycdio.sys <Not Verified; Elaborate Bytes AG; CDRTools> R2 litdpl - c:\windows\system32\drivers\litdpl.sys R3 AnyDVD - c:\windows\system32\drivers\anydvd.sys <Not Verified; SlySoft, Inc.; AnyDVD> R3 ElbyDelay - c:\windows\system32\drivers\elbydelay.sys <Not Verified; Elaborate Bytes; CDRTools> -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- R2 AntiVirScheduler (AntiVir PersonalEdition Classic Scheduler) - c:\program files\antivir personaledition classic\sched.exe <Not Verified; Avira GmbH; Scheduler> R2 TmpUpSrv (AntiVir Update Temp) - "c:\docume~1\leevi\locals~1\temp\_vwupsrv.exe" (file missing) -- Files created between 2007-06-13 and 2007-07-13 ----------------------------- 2007-07-13 13:13:38 0 d-------- C:\testi1 2007-07-13 11:57:04 0 d-------- C:\Documents and Settings\Järjestelmänvalvoja.YOUR-IVUW7W2CAX.005\Suosikit 2007-07-13 11:57:04 0 d-------- C:\Documents and Settings\Järjestelmänvalvoja.YOUR-IVUW7W2CAX.005\Mallit 2007-07-13 11:57:04 0 d-------- C:\Documents and Settings\Järjestelmänvalvoja.YOUR-IVUW7W2CAX.005\Local Settings 2007-07-13 11:57:04 0 d-------- C:\Documents and Settings\Järjestelmänvalvoja.YOUR-IVUW7W2CAX.005\Cookies 2007-07-13 11:57:04 0 d-------- C:\Documents and Settings\Järjestelmänvalvoja.YOUR-IVUW7W2CAX.005\Application Data 2007-07-13 11:57:04 0 d-------- C:\Documents and Settings\Järjestelmänvalvoja.YOUR-IVUW7W2CAX.005\Application Data\Microsoft 2007-07-13 11:57:03 786432 --ah----- C:\Documents and Settings\Järjestelmänvalvoja.YOUR-IVUW7W2CAX.005\NTUSER.DAT 2007-07-13 11:36:52 0 d-------- C:\Documents and Settings\Järjestelmänvalvoja.YOUR-IVUW7W2CAX.004\Cookies 2007-07-13 11:36:52 0 d-------- C:\Documents and Settings\Järjestelmänvalvoja.YOUR-IVUW7W2CAX.004\Application Data 2007-07-13 11:36:52 0 d-------- C:\Documents and Settings\Järjestelmänvalvoja.YOUR-IVUW7W2CAX.004\Application Data\Microsoft 2007-07-13 11:36:51 0 d-------- C:\Documents and Settings\Järjestelmänvalvoja.YOUR-IVUW7W2CAX.004\Suosikit 2007-07-13 11:36:51 786432 --ah----- C:\Documents and Settings\Järjestelmänvalvoja.YOUR-IVUW7W2CAX.004\NTUSER.DAT 2007-07-13 11:36:51 0 d-------- C:\Documents and Settings\Järjestelmänvalvoja.YOUR-IVUW7W2CAX.004\Mallit 2007-07-13 11:36:51 0 d-------- C:\Documents and Settings\Järjestelmänvalvoja.YOUR-IVUW7W2CAX.004\Local Settings 2007-07-13 11:03:51 0 d-------- C:\Documents and Settings\Järjestelmänvalvoja.YOUR-IVUW7W2CAX.003\Suosikit 2007-07-13 11:03:51 786432 --ah----- C:\Documents and Settings\Järjestelmänvalvoja.YOUR-IVUW7W2CAX.003\NTUSER.DAT 2007-07-13 11:03:51 0 d-------- C:\Documents and Settings\Järjestelmänvalvoja.YOUR-IVUW7W2CAX.003\Mallit 2007-07-13 11:03:51 0 d-------- C:\Documents and Settings\Järjestelmänvalvoja.YOUR-IVUW7W2CAX.003\Local Settings 2007-07-13 11:03:51 0 d-------- C:\Documents and Settings\Järjestelmänvalvoja.YOUR-IVUW7W2CAX.003\Cookies 2007-07-13 11:03:51 0 d-------- C:\Documents and Settings\Järjestelmänvalvoja.YOUR-IVUW7W2CAX.003\Application Data 2007-07-13 11:03:51 0 d-------- C:\Documents and Settings\Järjestelmänvalvoja.YOUR-IVUW7W2CAX.003\Application Data\Microsoft 2007-07-13 10:52:16 0 d-------- C:\Documents and Settings\Järjestelmänvalvoja.YOUR-IVUW7W2CAX.002\Suosikit 2007-07-13 10:52:16 0 d-------- C:\Documents and Settings\Järjestelmänvalvoja.YOUR-IVUW7W2CAX.002\Mallit 2007-07-13 10:52:16 0 d-------- C:\Documents and Settings\Järjestelmänvalvoja.YOUR-IVUW7W2CAX.002\Local Settings 2007-07-13 10:52:16 0 d-------- C:\Documents and Settings\Järjestelmänvalvoja.YOUR-IVUW7W2CAX.002\Cookies 2007-07-13 10:52:16 0 d-------- C:\Documents and Settings\Järjestelmänvalvoja.YOUR-IVUW7W2CAX.002\Application Data 2007-07-13 10:52:16 0 d-------- C:\Documents and Settings\Järjestelmänvalvoja.YOUR-IVUW7W2CAX.002\Application Data\Microsoft 2007-07-13 10:52:15 786432 --ah----- C:\Documents and Settings\Järjestelmänvalvoja.YOUR-IVUW7W2CAX.002\NTUSER.DAT 2007-07-12 13:36:01 0 d-------- C:\Documents and Settings\Järjestelmänvalvoja.YOUR-IVUW7W2CAX.001\Suosikit 2007-07-12 13:36:01 786432 --ah----- C:\Documents and Settings\Järjestelmänvalvoja.YOUR-IVUW7W2CAX.001\NTUSER.DAT 2007-07-12 13:36:01 0 d-------- C:\Documents and Settings\Järjestelmänvalvoja.YOUR-IVUW7W2CAX.001\Mallit 2007-07-12 13:36:01 0 d-------- C:\Documents and Settings\Järjestelmänvalvoja.YOUR-IVUW7W2CAX.001\Local Settings 2007-07-12 13:36:01 0 d-------- C:\Documents and Settings\Järjestelmänvalvoja.YOUR-IVUW7W2CAX.001\Cookies 2007-07-12 13:36:01 0 d-------- C:\Documents and Settings\Järjestelmänvalvoja.YOUR-IVUW7W2CAX.001\Application Data 2007-07-12 13:36:01 0 d-------- C:\Documents and Settings\Järjestelmänvalvoja.YOUR-IVUW7W2CAX.001\Application Data\Microsoft 2007-07-12 13:32:44 0 d-------- C:\WINDOWS\LastGood(2) 2007-07-12 13:18:49 0 d-------- C:\Documents and Settings\Järjestelmänvalvoja.YOUR-IVUW7W2CAX.000\Suosikit 2007-07-12 13:18:49 0 d-------- C:\Documents and Settings\Järjestelmänvalvoja.YOUR-IVUW7W2CAX.000\Mallit 2007-07-12 13:18:49 0 d-------- C:\Documents and Settings\Järjestelmänvalvoja.YOUR-IVUW7W2CAX.000\Local Settings 2007-07-12 13:18:49 0 d-------- C:\Documents and Settings\Järjestelmänvalvoja.YOUR-IVUW7W2CAX.000\Cookies 2007-07-12 13:18:49 0 d-------- C:\Documents and Settings\Järjestelmänvalvoja.YOUR-IVUW7W2CAX.000\Application Data 2007-07-12 13:18:49 0 d-------- C:\Documents and Settings\Järjestelmänvalvoja.YOUR-IVUW7W2CAX.000\Application Data\Microsoft 2007-07-12 13:18:48 786432 --ah----- C:\Documents and Settings\Järjestelmänvalvoja.YOUR-IVUW7W2CAX.000\NTUSER.DAT 2007-07-12 13:12:57 0 d-------- C:\Documents and Settings\Järjestelmänvalvoja.YOUR-IVUW7W2CAX\Suosikit 2007-07-12 13:12:57 786432 --ah----- C:\Documents and Settings\Järjestelmänvalvoja.YOUR-IVUW7W2CAX\NTUSER.DAT 2007-07-12 13:12:57 0 d-------- C:\Documents and Settings\Järjestelmänvalvoja.YOUR-IVUW7W2CAX\Mallit 2007-07-12 13:12:57 0 d-------- C:\Documents and Settings\Järjestelmänvalvoja.YOUR-IVUW7W2CAX\Local Settings 2007-07-12 13:12:57 0 d-------- C:\Documents and Settings\Järjestelmänvalvoja.YOUR-IVUW7W2CAX\Cookies 2007-07-12 13:12:57 0 d-------- C:\Documents and Settings\Järjestelmänvalvoja.YOUR-IVUW7W2CAX\Application Data 2007-07-12 13:12:57 0 d-------- C:\Documents and Settings\Järjestelmänvalvoja.YOUR-IVUW7W2CAX\Application Data\Microsoft 2007-07-12 12:57:06 0 d-------- C:\Documents and Settings\Järjestelmänvalvoja\Suosikit 2007-07-12 12:57:06 786432 --ah----- C:\Documents and Settings\Järjestelmänvalvoja\NTUSER.DAT 2007-07-12 12:57:06 0 d-------- C:\Documents and Settings\Järjestelmänvalvoja\Mallit 2007-07-12 12:57:06 0 d-------- C:\Documents and Settings\Järjestelmänvalvoja\Local Settings 2007-07-12 12:57:06 0 d-------- C:\Documents and Settings\Järjestelmänvalvoja\Cookies 2007-07-12 12:57:06 0 d-------- C:\Documents and Settings\Järjestelmänvalvoja\Application Data 2007-07-12 12:57:06 0 d-------- C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Microsoft 2007-07-11 11:43:20 233472 --a------ C:\Documents and Settings\LocalService\ntuser.dat 2007-07-11 11:43:20 7340032 --a------ C:\Documents and Settings\Leevi\ntuser.dat 2007-06-15 15:30:21 0 d-------- C:\Documents and Settings\Vieras\Contacts -- Find3M Report --------------------------------------------------------------- 2007-07-13 14:06:19 0 d-------- C:\Program Files\ewido anti-spyware 4.0 2007-07-13 13:10:25 0 d--h----- C:\Program Files\InstallShield Installation Information 2007-07-09 19:07:26 0 d-------- C:\Program Files\WinALDL 2007-07-09 13:23:06 0 d-------- C:\Program Files\DC++ 2007-06-26 20:41:46 5632 --ahs---- C:\Program Files\Thumbs.db -- Registry Dump --------------------------------------------------------------- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects] {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll {53707962-6F74-2D53-2644-206D7942484F} C:\Program Files\Spybot - Search & Destroy\SDHelper.dll {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll {9030D464-4C02-4ABF-8ECC-5164760863C6} C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll {9394EDE7-C8B5-483E-8773-474BF36AF6E4} C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll {AA58ED58-01DD-4d91-8333-CF10577473F7} c:\program files\google\googletoolbar4.dll {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fi\msntb.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] "Wizard"=hex(2):00 "NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\System32\\NvCpl.dll,NvStartup" "nwiz"="nwiz.exe /install" "NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\System32\\NvMcTray.dll,NvTaskbarInit" "SoundMan"="SOUNDMAN.EXE" "NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe" "SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.6.0_01\\bin\\jusched.exe\"" "SmcService"="C:\\PROGRA~1\\Sygate\\SPF\\smc.exe -startgui" "QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime" "avgnt"="\"C:\\Program Files\\AntiVir PersonalEdition Classic\\avgnt.exe\" /min" "KernelFaultCheck"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,73,79,73,74,\ [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] "MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background" "msnmsgr"="\"C:\\Program Files\\MSN Messenger\\msnmsgr.exe\" /background" "ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe" "AnyDVD"="C:\\Program Files\\SlySoft\\AnyDVD\\AnyDVD.exe" "swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.2.1128.5462\\GoogleToolbarNotifier.exe" [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "DisableRegistryTools"=dword:00000000 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="ewido anti-spyware 4.0" HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa Authentication Packages REG_MULTI_SZ msv1_0\0\0 Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0wdigest\0\0 Notification Packages REG_MULTI_SZ scecli\0\0 [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost] LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0 NetworkService REG_MULTI_SZ DnsCache\0\0 rpcss REG_MULTI_SZ RpcSs\0\0 imgsvc REG_MULTI_SZ StiSvc\0\0 termsvcs REG_MULTI_SZ TermService\0\0 Usnsvc REG_MULTI_SZ usnsvc\0\0 HTTPFilter REG_MULTI_SZ HTTPFilter\0\0 DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0 -- End of Deckard's System Scanner: finished at 2007-07-13 at 16:37:27 --------- Ja extra eckard's System Scanner v20070711.54 Extra logfile - please post this as an attachment with your post. -------------------------------------------------------------------------------- -- System Information ---------------------------------------------------------- Microsoft Windows XP Home Edition (build 2600) SP 2.0 Architecture: X86; Language: Other (040B) - see http://preview.tinyurl.com/mhhp6 CPU 0: Intel(R) Celeron(R) CPU 2.93GHz Percentage of Memory in Use: 45% Physical Memory (total/avail): 511.48 MiB / 278.97 MiB Pagefile Memory (total/avail): 1249.34 MiB / 998.81 MiB Virtual Memory (total/avail): 2047.88 MiB / 1965.33 MiB C: is Fixed (NTFS) - 74.49 GiB total, 3.03 GiB free. D: is CDROM (No Media) J: is Removable (No Media) K: is Removable (No Media) L: is Removable (No Media) M: is Removable (No Media) N: is Removable (No Media) -- Security Center ------------------------------------------------------------- AUOptions is set to notify before download. Windows Internal Firewall is disabled. FirewallOverride is set. FW: Sygate Personal Firewall v4.6 (Sygate Technologies, Inc.) AV: Avira AntiVir PersonalEdition Classic v 6.38.1.19 (Avira GmbH) AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH) AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH) AV: Avira AntiVir PersonalEdition v 6.39.0.141 (Avira GmbH) [HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\\Program Files\\F-Secure Internet Security\\backweb\\1245240\\program\\fspex.exe"="C:\\Program Files\\F-Secure Internet Security\\backweb\\1245240\\program\\fspex.exe:*:enabled:F-Secure Internet Security 2005 OEM" "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabledxpsp2res.dll,-22019" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.0" "C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000" [HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\\Program Files\\F-Secure Internet Security\\backweb\\1245240\\program\\fspex.exe"="C:\\Program Files\\F-Secure Internet Security\\backweb\\1245240\\program\\fspex.exe:*:enabled:F-Secure Internet Security 2005 OEM" "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabledxpsp2res.dll,-22019" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.0" "C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)" "C:\\Program Files\\Azureus\\Azureus.exe"="C:\\Program Files\\Azureus\\Azureus.exe:*:Enabled:Azureus" "C:\\Program Files\\DC++\\DCPlusPlus.exe"="C:\\Program Files\\DC++\\DCPlusPlus.exe:*:EnabledC++" "C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000" -- Environment Variables ------------------------------------------------------- ALLUSERSPROFILE=C:\Documents and Settings\All Users APPDATA=C:\Documents and Settings\Leevi\Application Data CLIENTNAME=Console CommonProgramFiles=C:\Program Files\Common Files COMPUTERNAME=YOUR-IVUW7W2CAX ComSpec=C:\WINDOWS\system32\cmd.exe FP_NO_HOST_CHECK=NO HOMEDRIVE=C: HOMEPATH=\Documents and Settings\Leevi LOGONSERVER=\\YOUR-IVUW7W2CAX NUMBER_OF_PROCESSORS=1 OS=Windows_NT Path=C:\Program Files\Internet Explorer;;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH PROCESSOR_ARCHITECTURE=x86 PROCESSOR_IDENTIFIER=x86 Family 15 Model 3 Stepping 4, GenuineIntel PROCESSOR_LEVEL=15 PROCESSOR_REVISION=0304 ProgramFiles=C:\Program Files PROMPT=$P$G SESSIONNAME=Console SystemDrive=C: SystemRoot=C:\WINDOWS TEMP=C:\DOCUME~1\Leevi\LOCALS~1\Temp TMP=C:\DOCUME~1\Leevi\LOCALS~1\Temp USERDOMAIN=YOUR-IVUW7W2CAX USERNAME=Leevi USERPROFILE=C:\Documents and Settings\Leevi windir=C:\WINDOWS -- User Profiles --------------------------------------------------------------- Leevi (admin) Mari Mari.YOUR-IVUW7W2CAX Vieras (guest) -- Add/Remove Programs --------------------------------------------------------- --> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf 3GP Video Converter 3 --> C:\Program Files\ImTOO\3GP Video Converter 3\Uninstall.exe Ad-Aware SE Personal --> C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG Adobe Flash Player 9 ActiveX --> C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete Adobe Photoshop 6.0 --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Adobe\Photoshop 6.0\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop 6.0\Uninst.dll" Adobe Reader 6.0.1 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A00000000001} Adobe SVG Viewer --> C:\WINDOWS\IsUninst.exe -f"C:\WINDOWS\System32\Adobe\SVG Viewer\Uninst.isu" AnyDVD --> "C:\Program Files\SlySoft\AnyDVD\AnyDVD-uninst.exe" /D="C:\Program Files\SlySoft\AnyDVD" Auto Gordian Knot 2.15 beta --> C:\Program Files\AutoGK\uninst.exe Avira AntiVir PersonalEdition Classic --> C:\Program Files\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE AviSynth 2.5 --> "C:\Program Files\AviSynth 2.5\Uninstall.exe" AXIS Media Control Embedded --> rundll32 "C:\Program Files\Axis Communications\AXIS Media Control Embedded\AxisMediaControlEmb.dll",UninstallMe Azureus --> C:\Program Files\Azureus\Uninstall.exe BSPlayer --> "C:\Program Files\Webteh\BSplayer\uninstall.exe" CloneDVD2 --> "C:\Program Files\Elaborate Bytes\CloneDVD2\CloneDVD2-uninst.exe" /D="C:\Program Files\Elaborate Bytes\CloneDVD2" Creative WebCam Driver --> C:\WINDOWS\CtDrvIns.exe -uninstall USB\VID_041E&PID_400D -plugin P1001Pin.dll -pluginres P1001Pin.crl dBpowerAMP Music Converter --> "C:\WINDOWS\System32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\System32\SpoonUninstall-dBpowerAMP Music Converter.dat DC++ 0.667 --> "C:\Program Files\DC++\uninstall.exe" DivxToDVD 0.3.1 --> "C:\Program Files\vso\DivxToDVD\unins000.exe" DVD Decrypter (Remove Only) --> "C:\Program Files\DVD Decrypter\uninstall.exe" DVD Shrink 3.2 --> "C:\Program Files\DVD Shrink\unins000.exe" eMule --> "C:\Program Files\eMule\Uninstall.exe" EVEREST Home Edition v2.20 --> "C:\Program Files\Lavalys\EVEREST Home Edition\unins000.exe" ewido anti-spyware 4.0 --> C:\Program Files\ewido anti-spyware 4.0\Uninstall.exe ffdshow (remove only) --> "C:\Program Files\ffdshow\uninstall.exe" FileZilla (remove only) --> "C:\Program Files\FileZilla\uninstall.exe" foobar2000 --> "C:\Program Files\foobar2000\uninstall.exe" Free Mp3 Wma Converter V 1.4.0 --> "C:\Program Files\Free Audio Pack\unins000.exe" Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar4.dll" GT Reittikartta Suomi Plus --> MsiExec.exe /I{A6E958B1-976E-4B77-84B9-B650437ED930} High Definition Audio Driver Package - KB835221 --> C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuninst.exe HijackThis 1.99.1 --> C:\Hijackthis\HijackThis.exe /uninstall Hotfix-päivitys Windows XP:lle (KB914440) --> "C:\WINDOWS\$NtUninstallKB914440$\spuninst\spuninst.exe" InterVideo WinDVD --> "C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL IrfanView (remove only) --> C:\Program Files\IrfanView\iv_uninstall.exe J2SE Runtime Environment 5.0 Update 10 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100} J2SE Runtime Environment 5.0 Update 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060} Java 2 Runtime Environment, SE v1.4.2_06 --> MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142060} Java(TM) SE Runtime Environment 6 Update 1 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010} Language pack for Ad-Aware SE --> C:\PROGRA~1\Lavasoft\AD-AWA~1\Plugins\Langs\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\Plugins\Langs\INSTALL.LOG Macromedia Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log MapSend Streets and Destinations Suomi --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{561716C8-E22C-42F4-BF0F-FFAC4D741E66}\Setup.exe" -l0x9 MapSend WorldWide --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0439199A-D488-11D6-A117-00E0290FE35A}\Setup.exe" -l0x9 Microsoft Data Access Components KB870669 --> C:\WINDOWS\muninst.exe C:\WINDOWS\INF\KB870669.inf Microsoft Office XP Professional ja FrontPage --> MsiExec.exe /I{9028040B-6000-11D3-8CFE-0050048383C9} Microsoft Works 7.0 --> MsiExec.exe /I{323F6CCF-BBBA-41FB-AF39-62C4FE717CA4} MSN Työkalupalkki --> C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fi\mtbs.exe c Nero OEM --> C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL NeroVision Express 2 SE --> C:\WINDOWS\UNNeroVision.exe /UNINSTALL NVIDIA Drivers --> C:\WINDOWS\System32\nvudisp.exe UninstallGUI Nvu 1.0 --> "C:\Program Files\Nvu\unins000.exe" OLYMPUS CAMEDIA Master 4.2 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{30BB4D60-81DB-11D5-BB77-00400536ABAC}\Setup.exe" CAMEDIA Master 4.2 Opera --> C:\PROGRA~1\Opera\UnInst\UNWISE.EXE C:\PROGRA~1\Opera\UnInst\Install.log PeerGuardian v1.99 pr14 --> "C:\Program Files\PeerGuardian pr14\unins000.exe" Päivitys Windows XP:lle (KB894391) --> "C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe" Päivitys Windows XP:lle (KB898461) --> "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe" Päivitys Windows XP:lle (KB900485) --> "C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe" Päivitys Windows XP:lle (KB904942) --> "C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe" Päivitys Windows XP:lle (KB908531) --> "C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe" Päivitys Windows XP:lle (KB910437) --> "C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe" Päivitys Windows XP:lle (KB911280) --> "C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe" Päivitys Windows XP:lle (KB916595) --> "C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe" Päivitys Windows XP:lle (KB920872) --> "C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe" Päivitys Windows XP:lle (KB922582) --> "C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe" Päivitys Windows XP:lle (KB927891) --> "C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe" Päivitys Windows XP:lle (KB929338) --> "C:\WINDOWS\$NtUninstallKB929338$\spuninst\spuninst.exe" Päivitys Windows XP:lle (KB930916) --> "C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe" Päivitys Windows XP:lle (KB931836) --> "C:\WINDOWS\$NtUninstallKB931836$\spuninst\spuninst.exe" PowerArchiver --> C:\Program Files\PowerArchiver\UNINST.EXE QuickTime --> C:\WINDOWS\unvise32qt.exe C:\WINDOWS\System32\QuickTime\Uninstall.log Rapala Pro Fishing --> MsiExec.exe /I{CCCAA826-D6DE-4FA9-AC5F-73966AA00028} SoftV92 Data Fax Modem with SmartCP --> C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200014F1\HXFSETUP.EXE -U -IVEN_14F1&DEV_2F20&SUBSYS_200014F1 Spybot - Search & Destroy 1.3 --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe" Suojauspäivitys ohjelmistolle Windows XP (KB923689) --> "C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB890046) --> "C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB893756) --> "C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB896358) --> "C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB896423) --> "C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB896424) --> "C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB896428) --> "C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB899587) --> "C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB899591) --> "C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB900725) --> "C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB901017) --> "C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB901190) --> "C:\WINDOWS\$NtUninstallKB901190$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB901214) --> "C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB902400) --> "C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB904706) --> "C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB905414) --> "C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB905749) --> "C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB908519) --> "C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB911562) --> "C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB911567) --> "C:\WINDOWS\$NtUninstallKB911567$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB911927) --> "C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB912919) --> "C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB913580) --> "C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB914388) --> "C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB914389) --> "C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB917159) --> "C:\WINDOWS\$NtUninstallKB917159$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB917344) --> "C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB917422) --> "C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB917953) --> "C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB918118) --> "C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB918439) --> "C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB918899) --> "C:\WINDOWS\$NtUninstallKB918899$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB919007) --> "C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB920213) --> "C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB920214) --> "C:\WINDOWS\$NtUninstallKB920214$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB920670) --> "C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB920683) --> "C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB920685) --> "C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB921398) --> "C:\WINDOWS\$NtUninstallKB921398$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB921883) --> "C:\WINDOWS\$NtUninstallKB921883$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB922616) --> "C:\WINDOWS\$NtUninstallKB922616$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB922760) --> "C:\WINDOWS\$NtUninstallKB922760$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB922819) --> "C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB923191) --> "C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB923414) --> "C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB923694) --> "C:\WINDOWS\$NtUninstallKB923694$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB923980) --> "C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB924191) --> "C:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB924270) --> "C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB924496) --> "C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB924667) --> "C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB925486) --> "C:\WINDOWS\$NtUninstallKB925486$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB925902) --> "C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB926255) --> "C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB926436) --> "C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB927779) --> "C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB927802) --> "C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB928255) --> "C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB928843) --> "C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB929123) --> "C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB930178) --> "C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB931261) --> "C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB931784) --> "C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB932168) --> "C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB935839) --> "C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB935840) --> "C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe" Sygate Personal Firewall --> MsiExec.exe /I{F34D9A5F-484A-4E31-A9D3-908CB265B289} ThumbHTML 2.9.1, Build 356 --> "C:\Program Files\ThumbHTML\unins000.exe" TMPGEnc DVD Author 1.6 --> MsiExec.exe /I{1A995D22-F711-4199-83D4-579B593A46C5} WinALDL --> C:\Program Files\WinALDL\uninstall.exe Windows Live Messenger --> MsiExec.exe /I{57319C68-AC4B-43DB-B516-349FE09E6774} Windows Live Sign-in Assistant --> MsiExec.exe /I{22B3CC30-77B8-419C-AA4B-F571FDF5D66D} WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe VobSub v2.23 (Remove Only) --> "C:\Program Files\Gabest\VobSub\uninstall.exe" XoftSpy --> C:\Program Files\XoftSpy\uninstall.exe XviD MPEG-4 Video Codec --> "C:\Program Files\XviD\unins000.exe" XviD MPEG4 Video Codec (remove only) --> "C:\WINDOWS\System32\xvid-uninstall.exe" -- End of Deckard's System Scanner: finished at 2007-07-13 at 16:37:27 ---------
Eli mitä kannattaa tehdä, jos huomenaamulla on taas kone vikasietotilas.... Eikös jos kerran palauttaa koneen pari viikkoo taaksepäin, niin eiks sen potäis unohtaa mitä on päivitetty esim eilen..? Ja mikähän maaginen juttu, toi yö on et menee kyykkyyn??
Moi Menee näköjään kyykkyyn,aina kun sammuttaa koneen.. Jos uudelleenkäynnistää ei ongelmia.. Mut sammuttaa kokonaa ja vähän ajan päästä uudelleen käyntiin niin ei.. Voiko kovalevy olla valmis, vai mmistä vikaa etsimään?? Ja millä voi kovalevyn kunnon tarkistaa?
http://keskustelu.afterdawn.com/forum_view.cfm/122 Esim. tuolla osaan neuvoa paremmin, itse olen aika keskittynyt haittaohjelmiin, tulen kyllä seuraaman ketjuasia tuollakin.
