Ajannut kaikki mieleen tulleet adware skannerit ja aina vaan pomppii mainosikkunoita. Alkoi, kun asensin Daemon toolsin, mutta poistin WhenU:n ja Savenow adwaret eli voi johtua jostain muustakin. Daemon tools on unistaloitu jne. ----- Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 20:51:48, on 27.6.2007 Platform: Windows Vista (WinNT 6.00.1904) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\ALCXMNTR.EXE C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Internet Explorer\IEUser.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\Nico Jäväjä\Desktop\HiJackThis_v2.0.0.0.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" O4 - HKCU\..\Run: [AnyDVD] "C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe" O4 - HKCU\..\Run: [WMPNSCFG] "C:\Program Files\Windows Media Player\WMPNSCFG.exe" O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\ie_banner_deny.htm O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll O13 - Gopher Prefix: O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1.0\r3hook.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @appmgmts.dll,-3250 (AppMgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\cscsvc.dll,-200 (CscService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dhcpcsvc.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\emdmgmt.dll,-1000 (EMDMgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (Eventlog) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-200 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\netprof.dll,-246 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe O23 - Service: @%SystemRoot%\system32\SLUINotify.dll,-103 (SLUINotify) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe -- End of file - 17293 bytes ----- Kiitos avusta!!!
1. Lataa combofix.exe työpöydällesi jommastakummasta linkistä: http://www.techsupportforum.com/sectools/sUBs/ComboFix.exe http://download.bleepingcomputer.com/sUBs/ComboFix.exe 2. Tuplaklikkaa combofix.exe tiedostoa ja seuraa ohjeistuksia. 3. Kun työkalu on valmis, se tuottaa lokin. (C:\ComboFix.txt) Lähetä tämä loki viesti ketjuusi. Huom! Älä klikkaile combofixin ikkunaa käytön aikana. Tämä saattaa aiheuttaa ohjelman jumiutumisen.
Luo poistolista: * Avaa HiJackThis * Klikkaa "Configure" valintaa oikealla alhaalla * Klikkaa "Misc Tools" * Klikkaa boxia joka sanoo "Uninstall Manager" * Klikkaa valintaa "Save list" * Kopioi ja liitä kyseinen lista muistiosta postiisi Luo käynnistyslista * Avaa HiJackThis * Klikkaa "Configure" valintaa oikealla alhaalla * Klikkaa "Misc Tools" * Rastita 2 boxia boxin vierestä jossa lukee "Generate StartupList log" * Klikkaa valintaa "Generate StartupList log" * Kopioi ja liitä käynnistyslistasi muistiosta postiisi
Poistolista: Ad-Aware 2007 Adobe Flash Player Plugin Adobe Reader 8 - Suomi AnyDVD AVG Anti-Spyware 7.5 CDex extraction audio CloneDVD2 FM Modifier 2.12 GT Reittikartta Suomi Plus HijackThis 2.0.0 Kaspersky Internet Security 6.0 Kaspersky Internet Security 6.0 Mozilla Firefox (2.0.0.4) Mozilla Thunderbird (2.0.0.4) Realtek AC'97 Audio Windows Media Player Firefox Plugin WinRAR archiver Käynnistyslista StartupList report, 28.6.2007, 15:16:31 StartupList version: 1.52.2 Started from : C:\Users\Nico Jäväjä\Desktop\HiJackThis_v2.0.0.0.EXE Detected: Windows Vista (WinNT 6.00.1904) Detected: Internet Explorer v7.00 (7.00.6000.16473) * Using default options * Including empty and uninteresting sections * Showing rarely important sections ================================================== Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\ALCXMNTR.EXE C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\system32\conime.exe C:\Program Files\Mozilla Thunderbird\thunderbird.exe C:\PROGRA~1\MOZILL~2\FIREFOX.EXE C:\Program Files\Internet Explorer\IEUser.exe C:\Users\Nico Jäväjä\Desktop\HiJackThis_v2.0.0.0.exe -------------------------------------------------- Listing of startup folders: Shell folders Startup: *Folder not found* Shell folders AltStartup: *Folder not found* User shell folders Startup: *Folder not found* User shell folders AltStartup: *Folder not found* Shell folders Common Startup: [C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup] Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe Shell folders Common AltStartup: *Folder not found* User shell folders Common Startup: *Folder not found* User shell folders Alternate Common Startup: *Folder not found* -------------------------------------------------- Checking Windows NT UserInit: [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] UserInit = C:\Windows\system32\userinit.exe, [HKLM\Software\Microsoft\Windows\CurrentVersion\Winlogon] *Registry key not found* [HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] *Registry value not found* [HKCU\Software\Microsoft\Windows\CurrentVersion\Winlogon] *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\Run Windows Defender = "C:\Program Files\Windows Defender\MSASCui.exe" -hide AlcxMonitor = ALCXMNTR.EXE AVP = "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" !AVG Anti-Spyware = "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\Run AnyDVD = "C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe" WMPNSCFG = "C:\Program Files\Windows Media Player\WMPNSCFG.exe" -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce *No values found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *No values found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices *No values found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\Run *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\Run *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- File association entry for .EXE: HKEY_CLASSES_ROOT\exefile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .COM: HKEY_CLASSES_ROOT\comfile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .BAT: HKEY_CLASSES_ROOT\batfile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .PIF: HKEY_CLASSES_ROOT\piffile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .SCR: HKEY_CLASSES_ROOT\scrfile\shell\open\command (Default) = "%1" /S -------------------------------------------------- File association entry for .HTA: HKEY_CLASSES_ROOT\htafile\shell\open\command (Default) = C:\Windows\system32\mshta.exe "%1" %* -------------------------------------------------- File association entry for .TXT: HKEY_CLASSES_ROOT\txtfile\shell\open\command (Default) = %SystemRoot%\system32\NOTEPAD.EXE %1 -------------------------------------------------- Enumerating Active Setup stub paths: HKLM\Software\Microsoft\Active Setup\Installed Components (* = disabled by HKCU twin) [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] StubPath = C:\Windows\system32\unregmp2.exe /ShowWMP [>{26923b43-4d38-484f-9b9e-de460746276c}] * StubPath = C:\Windows\system32\ie4uinit.exe -UserIconConfig [>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] * StubPath = RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP [{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] * StubPath = %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll [{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] * StubPath = "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE [{6BF52A52-394A-11d3-B153-00C04F79FAA6}] * StubPath = %SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI [{89820200-ECBD-11cf-8B85-00AA005B4340}] * StubPath = regsvr32.exe /s /n /i:U shell32.dll [{89820200-ECBD-11cf-8B85-00AA005B4383}] * StubPath = C:\Windows\system32\ie4uinit.exe -BaseSettings [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] * StubPath = C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install -------------------------------------------------- Enumerating ICQ Agent Autostart apps: HKCU\Software\Mirabilis\ICQ\Agent\Apps *Registry key not found* -------------------------------------------------- Load/Run keys from C:\Windows\WIN.INI: load=*INI section not found* run=*INI section not found* Load/Run keys from Registry: HKLM\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found* HKLM\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found* HKLM\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found* HKCU\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found* HKCU\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found* HKCU\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found* HKCU\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found* HKCU\..\Windows NT\CurrentVersion\Windows: load= HKCU\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: AppInit_DLLs=C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1.0\r3hook.dll -------------------------------------------------- Shell & screensaver key from C:\Windows\SYSTEM.INI: Shell=*INI section not found* SCRNSAVE.EXE=*INI section not found* drivers=*INI section not found* Shell & screensaver key from Registry: Shell=explorer.exe SCRNSAVE.EXE=C:\Windows\system32\logon.scr drivers=*Registry value not found* Policies Shell key: HKCU\..\Policies: Shell=*Registry key not found* HKLM\..\Policies: Shell=*Registry value not found* -------------------------------------------------- Checking for EXPLORER.EXE instances: C:\Windows\Explorer.exe: PRESENT! C:\Explorer.exe: not present C:\Windows\Explorer\Explorer.exe: not present C:\Windows\System\Explorer.exe: not present C:\Windows\System32\Explorer.exe: not present C:\Windows\Command\Explorer.exe: not present C:\Windows\Fonts\Explorer.exe: not present -------------------------------------------------- Checking for superhidden extensions: .lnk: HIDDEN! (arrow overlay: yes) .pif: HIDDEN! (arrow overlay: yes) .exe: not hidden .com: not hidden .bat: not hidden .hta: not hidden .scr: not hidden .shs: *Registry key not found* .shb: *Registry key not found* .vbs: not hidden .vbe: not hidden .wsh: not hidden .scf: HIDDEN! (arrow overlay: NO!) .url: HIDDEN! (arrow overlay: yes) .js: not hidden .jse: not hidden -------------------------------------------------- Verifying REGEDIT.EXE integrity: - Regedit.exe found in C:\Windows - .reg open command is normal (regedit.exe %1) - Regedit.exe has no CompanyName property! It is either missing or named something else. - Regedit.exe has no OriginalFilename property! It is either missing or named something else. - Regedit.exe has no FileDescription property! It is either missing or named something else. Registry check failed! -------------------------------------------------- Enumerating Browser Helper Objects: (no name) - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -------------------------------------------------- Enumerating Task Scheduler jobs: *No jobs found* -------------------------------------------------- Enumerating Winsock LSP files: NameSpace #1: C:\Windows\system32\NLAapi.dll NameSpace #2: C:\Windows\System32\mswsock.dll NameSpace #3: C:\Windows\System32\winrnr.dll NameSpace #4: C:\Windows\system32\napinsp.dll NameSpace #5: C:\Windows\system32\pnrpnsp.dll NameSpace #6: C:\Windows\system32\pnrpnsp.dll Protocol #1: C:\Windows\system32\mswsock.dll Protocol #2: C:\Windows\system32\mswsock.dll Protocol #3: C:\Windows\system32\mswsock.dll Protocol #4: C:\Windows\system32\mswsock.dll Protocol #5: C:\Windows\system32\mswsock.dll Protocol #6: C:\Windows\system32\mswsock.dll Protocol #7: C:\Windows\system32\mswsock.dll Protocol #8: C:\Windows\system32\mswsock.dll Protocol #9: C:\Windows\system32\mswsock.dll Protocol #10: C:\Windows\system32\mswsock.dll Protocol #11: C:\Windows\system32\mswsock.dll Protocol #12: C:\Windows\system32\mswsock.dll Protocol #13: C:\Windows\system32\mswsock.dll Protocol #14: C:\Windows\system32\mswsock.dll -------------------------------------------------- Enumerating Windows NT/2000/XP services ASUSTek SAA713x PCI Card: system32\DRIVERS\3xHybrid.sys (manual start) Ad-Aware 2007 Service: "C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe" (autostart) Microsoft ACPI Driver: system32\drivers\acpi.sys (system) adp94xx: \SystemRoot\system32\drivers\adp94xx.sys (disabled) adpahci: \SystemRoot\system32\drivers\adpahci.sys (disabled) adpu160m: \SystemRoot\system32\drivers\adpu160m.sys (disabled) adpu320: \SystemRoot\system32\drivers\adpu320.sys (disabled) @%SystemRoot%\system32\aelupsvc.dll,-1: %systemroot%\system32\svchost.exe -k netsvcs (autostart) Ancilliary Function Driver for Winsock: \SystemRoot\system32\drivers\afd.sys (system) Intel AGP Bus Filter: \SystemRoot\system32\drivers\agp440.sys (manual start) aic78xx: \SystemRoot\system32\drivers\djsvs.sys (disabled) Service for Realtek AC97 Audio (WDM): system32\drivers\ALCXWDM.SYS (manual start) @%SystemRoot%\system32\Alg.exe,-112: %SystemRoot%\System32\alg.exe (manual start) aliide: \SystemRoot\system32\drivers\aliide.sys (disabled) AMD AGP Bus Filter Driver: \SystemRoot\system32\drivers\amdagp.sys (manual start) amdide: \SystemRoot\system32\drivers\amdide.sys (disabled) AMD K7 Processor Driver: \SystemRoot\system32\drivers\amdk7.sys (disabled) AMD K8 Processor Driver: system32\DRIVERS\amdk8.sys (manual start) AnyDVD: System32\Drivers\AnyDVD.sys (manual start) @%systemroot%\system32\appinfo.dll,-100: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) @appmgmts.dll,-3250: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) arc: \SystemRoot\system32\drivers\arc.sys (disabled) arcsas: \SystemRoot\system32\drivers\arcsas.sys (disabled) RAS Asynchronous Media Driver: system32\DRIVERS\asyncmac.sys (manual start) IDE Channel: system32\drivers\atapi.sys (system) @%SystemRoot%\system32\audiosrv.dll,-204: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted (autostart) @%SystemRoot%\system32\audiosrv.dll,-200: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted (autostart) AVG Anti-Spyware Driver: \??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys (system) AVG Anti-Spyware Guard: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe (autostart) AVG Anti-Spyware Clean Driver: System32\DRIVERS\AvgAsCln.sys (system) Kaspersky Internet Security 6.0: "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" -r (autostart) @%SystemRoot%\system32\bfe.dll,-1001: %systemroot%\system32\svchost.exe -k LocalServiceNoNetwork (autostart) @%SystemRoot%\system32\qmgr.dll,-1000: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) blbdrive: \SystemRoot\system32\drivers\blbdrive.sys (disabled) Bowser: system32\DRIVERS\bowser.sys (manual start) Brother USB Mass-Storage Lower Filter Driver: \SystemRoot\system32\drivers\brfiltlo.sys (manual start) Brother USB Mass-Storage Upper Filter Driver: \SystemRoot\system32\drivers\brfiltup.sys (manual start) @%systemroot%\system32\browser.dll,-100: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Brother MFC Serial Port Interface Driver (WDM): \SystemRoot\system32\drivers\brserid.sys (disabled) Brother WDM Serial driver: \SystemRoot\system32\drivers\brserwdm.sys (disabled) Brother MFC USB Fax Only Modem: \SystemRoot\system32\drivers\brusbmdm.sys (disabled) Brother MFC USB Serial WDM Driver: \SystemRoot\system32\drivers\brusbser.sys (manual start) Bluetooth Serial Communications Driver: \SystemRoot\system32\drivers\bthmodem.sys (disabled) CD/DVD File System Reader: system32\DRIVERS\cdfs.sys (disabled) CD-ROM Driver: system32\DRIVERS\cdrom.sys (system) @%SystemRoot%\System32\certprop.dll,-11: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) Consumer IR Devices: \SystemRoot\system32\drivers\circlass.sys (disabled) Common Log (CLFS): System32\CLFS.sys (system) Microsoft .NET Framework NGEN v2.0.50727_X86: %systemroot%\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (manual start) cmdide: \SystemRoot\system32\drivers\cmdide.sys (disabled) Microsoft Composite Battery Driver: \SystemRoot\system32\drivers\compbatt.sys (disabled) @comres.dll,-947: %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} (manual start) core: system32\drivers\core.sys (system) Crcdisk Filter Driver: system32\drivers\crcdisk.sys (system) Transmeta Crusoe Processor Driver: \SystemRoot\system32\drivers\crusoe.sys (disabled) @%SystemRoot%\system32\cryptsvc.dll,-1001: %SystemRoot%\system32\svchost.exe -k NetworkService (autostart) Offline Files Driver: system32\drivers\csc.sys (system) @%systemroot%\system32\cscsvc.dll,-200: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted (autostart) @oleres.dll,-5012: %SystemRoot%\system32\svchost.exe -k DcomLaunch (autostart) Dfs Client Driver: System32\Drivers\dfsc.sys (system) @dfsrres.dll,-101: %SystemRoot%\system32\DFSR.exe (manual start) @%SystemRoot%\system32\dhcpcsvc.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted (autostart) Disk Driver: system32\drivers\disk.sys (system) @%SystemRoot%\System32\dnsapi.dll,-101: %SystemRoot%\system32\svchost.exe -k NetworkService (autostart) @%systemroot%\system32\dot3svc.dll,-1102: %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted (manual start) @%systemroot%\system32\dps.dll,-500: %SystemRoot%\System32\svchost.exe -k LocalServiceNoNetwork (autostart) Microsoft Kernel DRM Audio Descrambler: system32\drivers\drmkaud.sys (manual start) LDDM Graphics Subsystem: \SystemRoot\System32\drivers\dxgkrnl.sys (manual start) Intel(R) PRO/1000 NDIS 6 Adapter Driver: system32\DRIVERS\E1G60I32.sys (manual start) @%systemroot%\system32\eapsvc.dll,-1: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) ReadyBoost Caching Driver: System32\drivers\ecache.sys (system) @%SystemRoot%\ehome\ehrecvr.exe,-101: %systemroot%\ehome\ehRecvr.exe (manual start) @%SystemRoot%\ehome\ehsched.exe,-101: %systemroot%\ehome\ehsched.exe (manual start) @%SystemRoot%\ehome\ehstart.dll,-101: %windir%\system32\svchost.exe -k LocalServiceNoNetwork (autostart) ElbyCDIO Driver: System32\Drivers\ElbyCDIO.sys (system) ElbyDelay: System32\Drivers\ElbyDelay.sys (manual start) elxstor: \SystemRoot\system32\drivers\elxstor.sys (disabled) @%SystemRoot%\system32\emdmgmt.dll,-1000: %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted (autostart) EraserUtilRebootDrv: \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (manual start) @%SystemRoot%\system32\wevtsvc.dll,-200: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted (autostart) @comres.dll,-2450: %SystemRoot%\system32\svchost.exe -k LocalService (autostart) @%systemroot%\system32\fxsresm.dll,-118: %systemroot%\system32\fxssvc.exe (manual start) Floppy Disk Controller Driver: system32\DRIVERS\fdc.sys (disabled) @%systemroot%\system32\fdPHost.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalService (manual start) @%systemroot%\system32\fdrespub.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalService (autostart) File Information FS MiniFilter: system32\drivers\fileinfo.sys (system) FileTrace: system32\drivers\filetrace.sys (manual start) Floppy Disk Driver: system32\DRIVERS\flpydisk.sys (disabled) FltMgr: system32\drivers\fltmgr.sys (system) @%SystemRoot%\system32\PresentationHost.exe,-3309: %systemroot%\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (manual start) BitLocker Drive Encryption Filter Driver: System32\DRIVERS\fvevol.sys (system) Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms: \SystemRoot\system32\drivers\gagp30kx.sys (manual start) @gpapi.dll,-112: %systemroot%\system32\svchost.exe -k netsvcs (autostart) Microsoft UAA Bus Driver for High Definition Audio: \SystemRoot\system32\drivers\hdaudbus.sys (disabled) Microsoft Bluetooth HID Miniport: \SystemRoot\system32\drivers\hidbth.sys (disabled) Microsoft Infrared HID Driver: \SystemRoot\system32\drivers\hidir.sys (disabled) @%SystemRoot%\System32\hidserv.dll,-101: %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted (autostart) Microsoft HID Class Driver: system32\DRIVERS\hidusb.sys (manual start) @%SystemRoot%\system32\kmsvc.dll,-6: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) HpCISSs: \SystemRoot\system32\drivers\hpcisss.sys (disabled) HTTP: system32\drivers\HTTP.sys (manual start) i2omp: \SystemRoot\system32\drivers\i2omp.sys (disabled) i8042 Keyboard and PS/2 Mouse Port Driver: system32\DRIVERS\i8042prt.sys (disabled) Intel RAID Controller Vista: \SystemRoot\system32\drivers\iastorv.sys (disabled) @%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8193: "%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe" (manual start) iirsp: \SystemRoot\system32\drivers\iirsp.sys (disabled) @%SystemRoot%\system32\ikeext.dll,-501: %systemroot%\system32\svchost.exe -k netsvcs (autostart) inic162x: system32\drivers\inic162x.sys (system) intelide: \SystemRoot\system32\drivers\intelide.sys (disabled) Intel Processor Driver: system32\DRIVERS\intelppm.sys (disabled) @%systemroot%\system32\IPBusEnum.dll,-102: %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted (manual start) IP Traffic Filter Driver: system32\DRIVERS\ipfltdrv.sys (manual start) @%SystemRoot%\system32\iphlpsvc.dll,-200: %SystemRoot%\System32\svchost.exe -k NetSvcs (autostart) IP in IP Tunnel Driver: system32\DRIVERS\ipinip.sys (manual start) IPMIDRV: \SystemRoot\system32\drivers\ipmidrv.sys (disabled) IP Network Address Translator: system32\DRIVERS\ipnat.sys (manual start) IR Bus Enumerator: system32\drivers\irenum.sys (manual start) PnP ISA/EISA Bus Driver: \SystemRoot\system32\drivers\isapnp.sys (disabled) iScsiPort Driver: system32\DRIVERS\msiscsi.sys (manual start) ITEATAPI_Service_Install: \SystemRoot\system32\drivers\iteatapi.sys (disabled) ITERAID_Service_Install: \SystemRoot\system32\drivers\iteraid.sys (disabled) Keyboard Class Driver: system32\DRIVERS\kbdclass.sys (system) Keyboard HID Driver: system32\DRIVERS\kbdhid.sys (system) @keyiso.dll,-100: %SystemRoot%\system32\lsass.exe (manual start) kl1: system32\DRIVERS\kl1.sys (system) KLIF: system32\DRIVERS\klif.sys (system) Kaspersky Anti-Virus NDIS 6 Filter: system32\DRIVERS\klim6.sys (system) KSecDD: System32\Drivers\ksecdd.sys (system) @comres.dll,-2946: %SystemRoot%\System32\svchost.exe -k NetworkService (autostart) @%systemroot%\system32\srvsvc.dll,-100: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) @%systemroot%\system32\wkssvc.dll,-100: %SystemRoot%\System32\svchost.exe -k LocalService (autostart) Link-Layer Topology Discovery Mapper I/O Driver: system32\DRIVERS\lltdio.sys (autostart) @%SystemRoot%\system32\lltdres.dll,-1: %SystemRoot%\System32\svchost.exe -k LocalService (manual start) @%SystemRoot%\system32\lmhsvc.dll,-101: %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted (autostart) LSI_FC: \SystemRoot\system32\drivers\lsi_fc.sys (disabled) LSI_SAS: \SystemRoot\system32\drivers\lsi_sas.sys (disabled) LSI_SCSI: \SystemRoot\system32\drivers\lsi_scsi.sys (disabled) UAC File Virtualization: \SystemRoot\system32\drivers\luafv.sys (autostart) @%SystemRoot%\ehome\ehres.dll,-15501: %SystemRoot%\system32\svchost.exe -k LocalService (disabled) megasas: \SystemRoot\system32\drivers\megasas.sys (disabled) @%systemroot%\system32\mmcss.dll,-100: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Modem: system32\drivers\modem.sys (manual start) Microsoft Monitor Class Function Driver Service: system32\DRIVERS\monitor.sys (manual start) Mouse Class Driver: system32\DRIVERS\mouclass.sys (system) Mouse HID Driver: system32\DRIVERS\mouhid.sys (manual start) Mount Point Manager: System32\drivers\mountmgr.sys (system) Microsoft Multi-Path Bus Driver: \SystemRoot\system32\drivers\mpio.sys (disabled) @%SystemRoot%\system32\FirewallAPI.dll,-23092: System32\drivers\mpsdrv.sys (manual start) @%SystemRoot%\system32\FirewallAPI.dll,-23090: %SystemRoot%\system32\svchost.exe -k LocalServiceNoNetwork (autostart) Mraid35x: \SystemRoot\system32\drivers\mraid35x.sys (disabled) WebDav Client Redirector Driver: \SystemRoot\system32\drivers\mrxdav.sys (manual start) SMB MiniRedirector Wrapper and Engine: system32\DRIVERS\mrxsmb.sys (manual start) SMB 1.x MiniRedirector: system32\DRIVERS\mrxsmb10.sys (manual start) SMB 2.0 MiniRedirector: system32\DRIVERS\mrxsmb20.sys (manual start) msahci: \SystemRoot\system32\drivers\msahci.sys (disabled) Microsoft Multi-Path Device Specific Module: \SystemRoot\system32\drivers\msdsm.sys (disabled) @comres.dll,-2797: %SystemRoot%\System32\msdtc.exe (manual start) ISA/EISA Class Driver: system32\drivers\msisadrv.sys (system) @%SystemRoot%\system32\iscsidsc.dll,-5000: %systemroot%\system32\svchost.exe -k netsvcs (manual start) @%SystemRoot%\system32\msimsg.dll,-27: %systemroot%\system32\msiexec /V (manual start) Microsoft Streaming Service Proxy: system32\drivers\MSKSSRV.sys (manual start) Microsoft Streaming Clock Proxy: system32\drivers\MSPCLOCK.sys (manual start) Microsoft Streaming Quality Manager Proxy: system32\drivers\MSPQM.sys (manual start) Microsoft System Management BIOS Driver: system32\DRIVERS\mssmbios.sys (manual start) Microsoft Streaming Tee/Sink-to-Sink Converter: system32\drivers\MSTEE.sys (manual start) Mup: System32\Drivers\mup.sys (system) @%SystemRoot%\system32\qagentrt.dll,-6: %SystemRoot%\System32\svchost.exe -k NetworkService (manual start) NativeWiFi Filter: system32\DRIVERS\nwifi.sys (manual start) NDIS System Driver: system32\drivers\ndis.sys (system) Remote Access NDIS TAPI Driver: system32\DRIVERS\ndistapi.sys (manual start) NDIS Usermode I/O Protocol: system32\DRIVERS\ndisuio.sys (manual start) Remote Access NDIS WAN Driver: system32\DRIVERS\ndiswan.sys (manual start) NetBIOS Interface: system32\DRIVERS\netbios.sys (system) NETBT: System32\DRIVERS\netbt.sys (system) @%SystemRoot%\System32\netlogon.dll,-102: %systemroot%\system32\lsass.exe (manual start) @%SystemRoot%\system32\netman.dll,-109: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted (manual start) @%SystemRoot%\system32\netprof.dll,-246: %SystemRoot%\System32\svchost.exe -k LocalService (autostart) @%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8201: "%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe" (disabled) nfrd960: \SystemRoot\system32\drivers\nfrd960.sys (disabled) @%SystemRoot%\System32\nlasvc.dll,-1: %SystemRoot%\System32\svchost.exe -k NetworkService (autostart) @%SystemRoot%\system32\nsisvc.dll,-200: %systemroot%\system32\svchost.exe -k LocalService (autostart) NSI proxy service: system32\drivers\nsiproxy.sys (system) N-trig HID Tablet Driver: \SystemRoot\system32\drivers\ntrigdigi.sys (disabled) nvlddmkm: system32\DRIVERS\nvlddmkm.sys (manual start) nvraid: \SystemRoot\system32\drivers\nvraid.sys (disabled) nvstor: \SystemRoot\system32\drivers\nvstor.sys (disabled) NVIDIA nForce AGP Bus Filter: \SystemRoot\system32\drivers\nv_agp.sys (manual start) IPX Traffic Filter Driver: system32\DRIVERS\nwlnkflt.sys (manual start) IPX Traffic Forwarder Driver: system32\DRIVERS\nwlnkfwd.sys (manual start) VIA OHCI Compliant IEEE 1394 Host Controller: system32\DRIVERS\ohci1394.sys (manual start) @%SystemRoot%\system32\p2psvc.dll,-8004: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted (manual start) @%SystemRoot%\system32\p2psvc.dll,-8006: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted (manual start) Parallel port driver: system32\DRIVERS\parport.sys (manual start) Partition Manager: System32\drivers\partmgr.sys (system) Parvdm: system32\DRIVERS\parvdm.sys (autostart) @%SystemRoot%\system32\pcasvc.dll,-1: %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted (autostart) PCI Bus Driver: system32\drivers\pci.sys (system) pciide: system32\drivers\pciide.sys (system) pcmcia: \SystemRoot\system32\drivers\pcmcia.sys (disabled) PEAUTH: system32\drivers\peauth.sys (autostart) Philips 713x Inbox PCI TV Card: system32\DRIVERS\Ph3xIB32.sys (manual start) @%systemroot%\system32\pla.dll,-500: %SystemRoot%\System32\svchost.exe -k LocalServiceNoNetwork (manual start) @%SystemRoot%\system32\umpnpmgr.dll,-100: %SystemRoot%\system32\svchost.exe -k DcomLaunch (autostart) @%SystemRoot%\system32\p2psvc.dll,-8002: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted (manual start) @%SystemRoot%\system32\p2psvc.dll,-8000: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted (manual start) @%SystemRoot%\System32\polstore.dll,-5010: %SystemRoot%\system32\svchost.exe -k NetworkServiceNetworkRestricted (autostart) WAN Miniport (PPTP): system32\DRIVERS\raspptp.sys (manual start) Processor Driver: \SystemRoot\system32\drivers\processr.sys (disabled) @%systemroot%\system32\profsvc.dll,-300: %systemroot%\system32\svchost.exe -k netsvcs (autostart) @%systemroot%\system32\psbase.dll,-300: %SystemRoot%\system32\lsass.exe (manual start) @%SystemRoot%\System32\drivers\pacer.sys,-101: system32\DRIVERS\pacer.sys (system) QLogic Fibre Channel Miniport Driver: \SystemRoot\system32\drivers\ql2300.sys (disabled) QLogic iSCSI Miniport Driver: \SystemRoot\system32\drivers\ql40xx.sys (disabled) @%SystemRoot%\system32\qwave.dll,-1: %windir%\system32\svchost.exe -k LocalService (manual start) @%SystemRoot%\system32\drivers\qwavedrv.sys,-1: \SystemRoot\system32\drivers\qwavedrv.sys (manual start) Remote Access Auto Connection Driver: System32\DRIVERS\rasacd.sys (system) @%Systemroot%\system32\rasauto.dll,-200: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) WAN Miniport (L2TP): system32\DRIVERS\rasl2tp.sys (manual start) @%Systemroot%\system32\rasmans.dll,-200: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) Remote Access PPPOE Driver: system32\DRIVERS\raspppoe.sys (manual start) Redirected Buffering Sub Sysytem: system32\DRIVERS\rdbss.sys (system) RDPCDD: System32\DRIVERS\RDPCDD.sys (system) Terminal Server Device Redirector Driver: system32\DRIVERS\rdpdr.sys (manual start) RDP Encoder Mirror Driver: system32\drivers\rdpencdd.sys (system) @%Systemroot%\system32\mprdim.dll,-200: %SystemRoot%\system32\svchost.exe -k netsvcs (disabled) @regsvc.dll,-1: %SystemRoot%\system32\svchost.exe -k regsvc (manual start) @%systemroot%\system32\Locator.exe,-2: %SystemRoot%\system32\locator.exe (manual start) @oleres.dll,-5010: %SystemRoot%\system32\svchost.exe -k rpcss (autostart) Link-Layer Topology Discovery Responder: system32\DRIVERS\rspndr.sys (autostart) Realtek 10/100 NIC Family NDIS x86 Driver: system32\DRIVERS\Rtnicxp.sys (manual start) @%SystemRoot%\system32\samsrv.dll,-1: %SystemRoot%\system32\lsass.exe (autostart) SBP-2 Transport/Protocol Bus Driver: \SystemRoot\system32\drivers\sbp2port.sys (disabled) @%SystemRoot%\System32\SCardSvr.dll,-1: %SystemRoot%\system32\svchost.exe -k LocalService (manual start) @%SystemRoot%\system32\schedsvc.dll,-100: %systemroot%\system32\svchost.exe -k netsvcs (autostart) @%SystemRoot%\System32\certprop.dll,-13: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) @%SystemRoot%\system32\sdrsvc.dll,-107: %SystemRoot%\system32\svchost.exe -k SDRSVC (manual start) @%SystemRoot%\system32\seclogon.dll,-7001: %windir%\system32\svchost.exe -k netsvcs (autostart) @%SystemRoot%\system32\Sens.dll,-200: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Serenum Filter Driver: \SystemRoot\system32\drivers\serenum.sys (manual start) Serial Port Driver: \SystemRoot\system32\drivers\serial.sys (disabled) Serial Mouse Driver: \SystemRoot\system32\drivers\sermouse.sys (disabled) @%SystemRoot%\System32\SessEnv.dll,-1026: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) SFF Storage Class Driver: \SystemRoot\system32\drivers\sffdisk.sys (disabled) SFF Storage Protocol Driver for MMC: \SystemRoot\system32\drivers\sffp_mmc.sys (manual start) SFF Storage Protocol Driver for SDBus: \SystemRoot\system32\drivers\sffp_sd.sys (manual start) High-Capacity Floppy Disk Drive: \SystemRoot\system32\drivers\sfloppy.sys (disabled) @%SystemRoot%\system32\ipnathlp.dll,-106: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled) @%SystemRoot%\System32\shsvcs.dll,-12288: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) SIS AGP Bus Filter: \SystemRoot\system32\drivers\sisagp.sys (manual start) SiSRaid2: \SystemRoot\system32\drivers\sisraid2.sys (disabled) SiSRaid4: \SystemRoot\system32\drivers\sisraid4.sys (disabled) @%SystemRoot%\system32\SLsvc.exe,-101: %SystemRoot%\system32\SLsvc.exe (autostart) @%SystemRoot%\system32\SLUINotify.dll,-103: %SystemRoot%\system32\svchost.exe -k LocalService (manual start) @%SystemRoot%\system32\tcpipcfg.dll,-50005: system32\DRIVERS\smb.sys (system) @%SystemRoot%\system32\snmptrap.exe,-3: %SystemRoot%\System32\snmptrap.exe (manual start) @%systemroot%\system32\spoolsv.exe,-1: %SystemRoot%\System32\spoolsv.exe (autostart) sptd: System32\Drivers\sptd.sys (system) srv: System32\DRIVERS\srv.sys (manual start) srv2: System32\DRIVERS\srv2.sys (manual start) srvnet: System32\DRIVERS\srvnet.sys (manual start) @%systemroot%\system32\ssdpsrv.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalService (manual start) @%SystemRoot%\system32\wiaservc.dll,-9: %SystemRoot%\system32\svchost.exe -k imgsvc (autostart) Software Bus Driver: system32\DRIVERS\swenum.sys (manual start) @%SystemRoot%\System32\swprv.dll,-103: %SystemRoot%\System32\svchost.exe -k swprv (manual start) Symc8xx: \SystemRoot\system32\drivers\symc8xx.sys (disabled) Sym_hi: \SystemRoot\system32\drivers\sym_hi.sys (disabled) Sym_u3: \SystemRoot\system32\drivers\sym_u3.sys (disabled) @%SystemRoot%\system32\sysmain.dll,-1000: %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted (autostart) @%SystemRoot%\system32\TabSvc.dll,-100: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted (autostart) @%SystemRoot%\system32\tapisrv.dll,-10100: %SystemRoot%\System32\svchost.exe -k NetworkService (manual start) @%SystemRoot%\system32\tbssvc.dll,-100: %SystemRoot%\System32\svchost.exe -k LocalService (manual start) @%SystemRoot%\system32\tcpipcfg.dll,-50003: System32\drivers\tcpip.sys (system) Microsoft IPv6 Protocol Driver: system32\DRIVERS\tcpip.sys (manual start) TCP/IP Registry Compatibility: System32\drivers\tcpipreg.sys (autostart) TDPIPE: system32\drivers\tdpipe.sys (manual start) TDTCP: system32\drivers\tdtcp.sys (manual start) @%SystemRoot%\system32\tcpipcfg.dll,-50004: system32\DRIVERS\tdx.sys (system) Terminal Device Driver: system32\DRIVERS\termdd.sys (system) @%SystemRoot%\System32\termsrv.dll,-268: %SystemRoot%\System32\svchost.exe -k NetworkService (autostart) @%SystemRoot%\System32\shsvcs.dll,-8192: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) @%systemroot%\system32\mmcss.dll,-102: %SystemRoot%\system32\svchost.exe -k LocalService (manual start) @%SystemRoot%\system32\trkwks.dll,-1: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted (autostart) @%SystemRoot%\servicing\TrustedInstaller.exe,-100: %SystemRoot%\servicing\TrustedInstaller.exe (manual start) Terminal Services Security Filter Driver: System32\DRIVERS\tssecsrv.sys (manual start) Microsoft IPv6 Tunnel Miniport Adapter Driver: system32\DRIVERS\tunnel.sys (manual start) Microsoft AGPv3.5 Filter: \SystemRoot\system32\drivers\uagp35.sys (manual start) udfs: system32\DRIVERS\udfs.sys (disabled) @%SystemRoot%\system32\ui0detect.exe,-101: %SystemRoot%\system32\UI0Detect.exe (manual start) Uli AGP Bus Filter: \SystemRoot\system32\drivers\uliagpkx.sys (manual start) uliahci: \SystemRoot\system32\drivers\uliahci.sys (disabled) UlSata: \SystemRoot\system32\drivers\ulsata.sys (disabled) ulsata2: \SystemRoot\system32\drivers\ulsata2.sys (disabled) UMBus Enumerator Driver: system32\DRIVERS\umbus.sys (manual start) @%SystemRoot%\system32\umrdp.dll,-1000: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted (manual start) @%systemroot%\system32\upnphost.dll,-213: %SystemRoot%\system32\svchost.exe -k LocalService (autostart) Microsoft USB Generic Parent Driver: system32\DRIVERS\usbccgp.sys (manual start) eHome Infrared Receiver (USBCIR): \SystemRoot\system32\drivers\usbcir.sys (disabled) Microsoft USB 2.0 Enhanced Host Controller Miniport Driver: system32\DRIVERS\usbehci.sys (manual start) Microsoft USB Standard Hub Driver: system32\DRIVERS\usbhub.sys (manual start) Microsoft USB Open Host Controller Miniport Driver: system32\DRIVERS\usbohci.sys (manual start) Microsoft USB PRINTER Class: \SystemRoot\system32\drivers\usbprint.sys (disabled) USB Mass Storage Driver: system32\DRIVERS\USBSTOR.SYS (manual start) Microsoft USB Universal Host Controller Miniport Driver: system32\DRIVERS\usbuhci.sys (disabled) @%SystemRoot%\system32\dwm.exe,-2000: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted (autostart) @%SystemRoot%\system32\vds.exe,-100: %SystemRoot%\System32\vds.exe (manual start) vga: system32\DRIVERS\vgapnp.sys (manual start) VgaSave: \SystemRoot\System32\drivers\vga.sys (system) VIA AGP Bus Filter: \SystemRoot\system32\drivers\viaagp.sys (manual start) VIA C7 Processor Driver: \SystemRoot\system32\drivers\viac7.sys (disabled) viaide: \SystemRoot\system32\drivers\viaide.sys (disabled) Volume Manager Driver: system32\drivers\volmgr.sys (system) Dynamic Volume Manager: System32\drivers\volmgrx.sys (system) Storage volumes: system32\drivers\volsnap.sys (system) vsmraid: \SystemRoot\system32\drivers\vsmraid.sys (disabled) @%systemroot%\system32\vssvc.exe,-102: %systemroot%\system32\vssvc.exe (manual start) @%SystemRoot%\system32\w32time.dll,-200: %SystemRoot%\system32\svchost.exe -k LocalService (autostart) Wacom Serial Pen HID Driver: \SystemRoot\system32\drivers\wacompen.sys (disabled) Remote Access IP ARP Driver: system32\DRIVERS\wanarp.sys (manual start) Remote Access IPv6 ARP Driver: system32\DRIVERS\wanarp.sys (system) @%systemroot%\system32\wbengine.exe,-104: "%systemroot%\system32\wbengine.exe" (manual start) @%SystemRoot%\system32\wcncsvc.dll,-3: %SystemRoot%\System32\svchost.exe -k LocalService (manual start) @%SystemRoot%\system32\WcsPlugInService.dll,-200: %SystemRoot%\system32\svchost.exe -k wcssvc (manual start) Microsoft Watchdog Timer Driver: \SystemRoot\system32\drivers\wd.sys (disabled) Kernel Mode Driver Frameworks service: system32\drivers\Wdf01000.sys (system) @%systemroot%\system32\wdi.dll,-502: %SystemRoot%\System32\svchost.exe -k wdisvc (manual start) @%systemroot%\system32\wdi.dll,-500: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted (manual start) @%systemroot%\system32\webclnt.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalService (autostart) @%SystemRoot%\system32\wecsvc.dll,-200: %SystemRoot%\system32\svchost.exe -k NetworkService (manual start) @%SystemRoot%\System32\wercplsupport.dll,-101: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) @%SystemRoot%\System32\wersvc.dll,-100: %SystemRoot%\System32\svchost.exe -k WerSvcGroup (autostart) @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103: %SystemRoot%\System32\svchost.exe -k secsvcs (autostart) @%SystemRoot%\system32\winhttp.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalService (manual start) @%Systemroot%\system32\wbem\wmisvc.dll,-205: %systemroot%\system32\svchost.exe -k netsvcs (autostart) @%Systemroot%\system32\wsmsvc.dll,-101: %SystemRoot%\System32\svchost.exe -k NetworkService (manual start) @%SystemRoot%\System32\wlansvc.dll,-257: %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted (manual start) Microsoft Windows Management Interface for ACPI: \SystemRoot\system32\drivers\wmiacpi.sys (disabled) @%Systemroot%\system32\wbem\wmiapsrv.exe,-110: %systemroot%\system32\wbem\WmiApSrv.exe (manual start) @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101: "%ProgramFiles%\Windows Media Player\wmpnetwk.exe" (manual start) @%SystemRoot%\system32\wpcsvc.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted (manual start) @%SystemRoot%\system32\wpdbusenum.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted (autostart) Winsock IFS driver: \SystemRoot\system32\drivers\ws2ifsl.sys (disabled) @%SystemRoot%\System32\wscsvc.dll,-200: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted (autostart) @%systemroot%\system32\SearchIndexer.exe,-103: %systemroot%\system32\SearchIndexer.exe /Embedding (autostart) @%systemroot%\system32\wuaueng.dll,-105: %systemroot%\system32\svchost.exe -k netsvcs (autostart) @%SystemRoot%\system32\wudfsvc.dll,-1000: %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted (autostart) -------------------------------------------------- Enumerating Windows NT logon/logoff scripts: *No scripts set to run* Windows NT checkdisk command: BootExecute = autocheck autochk * Windows NT 'Wininit.ini': PendingFileRenameOperations: C:\Users\NICOJV~1\AppData\Local\Temp\setup.exe -------------------------------------------------- Enumerating ShellServiceObjectDelayLoad items: WebCheck: C:\Windows\system32\webcheck.dll -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run *Registry key not found* -------------------------------------------------- End of report, 44 861 bytes Report generated in 0,234 seconds Command line options: /verbose - to add additional info on each section /complete - to include empty sections and unsuspicious data /full - to include several rarely-important sections /force9x - to include Win9x-only startups even if running on WinNT /forcent - to include WinNT-only startups even if running on Win9x /forceall - to include all Win9x and WinNT startups, regardless of platform /history - to list version history only
Kokeilin skannata koneen vielä F-securen uusimalla kokeiluversiolla, mutta ei auttanut sekään. -------- Ad-Aware 2007 Build Log File Created on: 2007-06-28 18:45:10 Using Definitions File: C:\ProgramData\Lavasoft\Ad-Aware 2007\core.aawdef Computer name: **** Name of user performing scan: SYSTEM System information =========================== Number of processors: 1 Processor type: AMD Athlon(tm) 64 Processor 3400+ Memory Available: 57% Total Physical Memory: 2145320960 Bytes Available Physical Memory: 1206059008 Bytes Total Page File Size: 4519804928 Bytes Available On Page File: 3494023168 Bytes Total Virtual Memory: 2147352576 Bytes Available Virtual Memory: 1991745536 Bytes OS: Microsoft Windows Vista (Build 6000) Ad-Aware 2007 Settings =========================== Skipping files larger than 1048576 kB Ignoring infections with lower TAI than: 3 Extended Ad-Aware 2007 Settings =========================== Unloading known modules during scan Ignoring spanned files when scanning cab archives Scanning registry for all users Using permanent archive caching Reanalyzing results after scanning before displaying results Trying to unload modules prior to removal Let Windows remove files currently in use at next reboot Removing quarantined objects after restore Logging Ad-Aware events Blocking Pop-Ups aggressively Deactivating Ad-Watch during scans Writeprotecting system files after repairs Including Ad-aware command line parameters in log file Include info about ignored objects in log file Including basic settings in log file Including advanced settings in log file Including user and computer name in log file Include reference summary in log file Creating log file for removal operations Including module info in log file Include Alternate Data Stream details in log file Create and save WebUpdate log file Databaseinfo =========================== Version number: 2 Build Number: 0 Build Date and Time: 2007/06/05 20:22:29 Scan Statistics =========================== Method: Smart Scan tracking cookies.............................: On Scan ADS filestreams..............................: Off Item Scanned: 114553 Infections Detected: 13 Infections Ignored: 0 Scan detailed statistics =========================== Type Critical Total Process Scan....: 0 0 Registry Scan...: 0 0 Registry PE Scan: 0 0 Hosts File Scan.: 0 0 File Scan.......: 0 0 Folder Scan.....: 0 0 LSP Scan........: 0 0 ADS Scan........: 0 0 Cookie Scan.....: 12 12 File Hash Scan..: 0 0 Infections Found =========================== Family Id: 723 Name: Tracking Cookie Category: DataMiner TAI:3 Item Id: 600000212 Value: Browser: Internet Explorer Cookie: C:\Users\Nico Jäväjä\Cookies\index.dat blinck.112.2o7.net s_vi / Item Id: 600000000 Value: Browser: Internet Explorer Cookie: C:\Users\Nico Jäväjä\Cookies\index.dat zedo.com ZEDOIDX / Item Id: 600000000 Value: Browser: Internet Explorer Cookie: C:\Users\Nico Jäväjä\Cookies\index.dat zedo.com FFcat / Item Id: 600000000 Value: Browser: Internet Explorer Cookie: C:\Users\Nico Jäväjä\Cookies\index.dat zedo.com FFad / Item Id: 600000000 Value: Browser: Internet Explorer Cookie: C:\Users\Nico Jäväjä\Cookies\index.dat zedo.com ZEDOIDA / Item Id: 600000000 Value: Browser: Internet Explorer Cookie: C:\Users\Nico Jäväjä\Cookies\index.dat zedo.com geo / Item Id: 600000460 Value: Browser: Internet Explorer Cookie: C:\Users\Nico Jäväjä\Cookies\index.dat ad.yieldmanager.com uid / Item Id: 600000460 Value: Browser: Internet Explorer Cookie: C:\Users\Nico Jäväjä\Cookies\index.dat ad.yieldmanager.com liday1 / Item Id: 600000460 Value: Browser: Internet Explorer Cookie: C:\Users\Nico Jäväjä\Cookies\index.dat ad.yieldmanager.com vuday1 / Item Id: 600000460 Value: Browser: Internet Explorer Cookie: C:\Users\Nico Jäväjä\Cookies\index.dat ad.yieldmanager.com ih / Item Id: 600000409 Value: Browser: Internet Explorer Cookie: C:\Users\Nico Jäväjä\Cookies\index.dat server.iad.liveperson.net HumanClickID / Item Id: 600000409 Value: Browser: Internet Explorer Cookie: C:\Users\Nico Jäväjä\Cookies\index.dat server.iad.liveperson.net HumanClickACTIVE / Family Id: 9999 Name: MRU Object Category: MRU Object TAI:0 Item Id: 3 Value: MRU Registry Key: S-1-5-21-948586174-4176643047-2232486074-1000\Software\Microsoft\Internet Explorer\TypedURLs Count: 1 Items Ignored During Scan =========================== Listing of running processes =========================== C:\WINDOWS\SYSTEM32\SMSS.EXE c:\windows\system32\smss.exe c:\windows\system32\ntdll.dll C:\WINDOWS\SYSTEM32\CSRSS.EXE c:\windows\system32\csrss.exe c:\windows\system32\ntdll.dll c:\windows\system32\csrsrv.dll c:\windows\system32\basesrv.dll c:\windows\system32\winsrv.dll c:\windows\system32\user32.dll c:\windows\system32\kernel32.dll c:\windows\system32\gdi32.dll c:\windows\system32\advapi32.dll c:\windows\system32\rpcrt4.dll c:\windows\system32\lpk.dll c:\windows\system32\usp10.dll c:\windows\system32\msvcrt.dll c:\windows\system32\sxs.dll C:\WINDOWS\SYSTEM32\WININIT.EXE c:\windows\system32\wininit.exe c:\windows\system32\ntdll.dll c:\windows\system32\kernel32.dll c:\windows\system32\advapi32.dll c:\windows\system32\rpcrt4.dll c:\windows\system32\user32.dll c:\windows\system32\gdi32.dll c:\windows\system32\msvcrt.dll c:\windows\system32\userenv.dll c:\windows\system32\secur32.dll c:\windows\system32\imm32.dll c:\windows\system32\msctf.dll c:\windows\system32\lpk.dll c:\windows\system32\usp10.dll c:\windows\system32\apphelp.dll c:\windows\system32\ws2_32.dll c:\windows\system32\nsi.dll c:\windows\system32\mswsock.dll c:\windows\system32\wshtcpip.dll c:\windows\system32\wship6.dll c:\windows\system32\credssp.dll c:\windows\system32\crypt32.dll c:\windows\system32\msasn1.dll c:\windows\system32\schannel.dll c:\windows\system32\netapi32.dll c:\windows\system32\psapi.dll C:\WINDOWS\SYSTEM32\CSRSS.EXE c:\windows\system32\csrss.exe c:\windows\system32\ntdll.dll c:\windows\system32\csrsrv.dll c:\windows\system32\basesrv.dll c:\windows\system32\winsrv.dll c:\windows\system32\user32.dll c:\windows\system32\kernel32.dll c:\windows\system32\gdi32.dll c:\windows\system32\advapi32.dll c:\windows\system32\rpcrt4.dll c:\windows\system32\lpk.dll c:\windows\system32\usp10.dll c:\windows\system32\msvcrt.dll c:\windows\system32\sxs.dll C:\WINDOWS\SYSTEM32\SERVICES.EXE c:\windows\system32\services.exe c:\windows\system32\ntdll.dll c:\windows\system32\kernel32.dll c:\windows\system32\advapi32.dll c:\windows\system32\rpcrt4.dll c:\windows\system32\user32.dll c:\windows\system32\gdi32.dll c:\windows\system32\msvcrt.dll c:\windows\system32\userenv.dll c:\windows\system32\secur32.dll c:\windows\system32\scesrv.dll c:\windows\system32\authz.dll c:\windows\system32\netapi32.dll c:\windows\system32\psapi.dll c:\windows\system32\ncobjapi.dll c:\windows\system32\imm32.dll c:\windows\system32\msctf.dll c:\windows\system32\lpk.dll c:\windows\system32\usp10.dll c:\windows\system32\credssp.dll c:\windows\system32\crypt32.dll c:\windows\system32\msasn1.dll c:\windows\system32\schannel.dll c:\windows\system32\apphelp.dll c:\windows\system32\ntmarta.dll c:\windows\system32\wldap32.dll c:\windows\system32\ws2_32.dll c:\windows\system32\nsi.dll c:\windows\system32\samlib.dll c:\windows\system32\ole32.dll c:\program files\f-secure internet security\fsps\program\fslsp.dll c:\windows\system32\mswsock.dll c:\windows\system32\wshtcpip.dll c:\windows\system32\wship6.dll C:\WINDOWS\SYSTEM32\LSASS.EXE c:\windows\system32\lsass.exe c:\windows\system32\ntdll.dll c:\windows\system32\kernel32.dll c:\windows\system32\advapi32.dll c:\windows\system32\rpcrt4.dll c:\windows\system32\lsasrv.dll c:\windows\system32\msvcrt.dll c:\windows\system32\secur32.dll c:\windows\system32\user32.dll c:\windows\system32\gdi32.dll c:\windows\system32\samsrv.dll c:\windows\system32\cryptdll.dll c:\windows\system32\dnsapi.dll c:\windows\system32\ws2_32.dll c:\windows\system32\nsi.dll c:\windows\system32\netapi32.dll c:\windows\system32\psapi.dll c:\windows\system32\samlib.dll c:\windows\system32\msasn1.dll c:\windows\system32\ntdsapi.dll c:\windows\system32\wldap32.dll c:\windows\system32\feclient.dll c:\windows\system32\mpr.dll c:\windows\system32\userenv.dll c:\windows\system32\crypt32.dll c:\windows\system32\slc.dll c:\windows\system32\sysntfy.dll c:\windows\system32\wevtapi.dll c:\windows\system32\iphlpapi.dll c:\windows\system32\dhcpcsvc.dll c:\windows\system32\winnsi.dll c:\windows\system32\dhcpcsvc6.dll c:\windows\system32\imm32.dll c:\windows\system32\msctf.dll c:\windows\system32\lpk.dll c:\windows\system32\usp10.dll c:\windows\system32\cngaudit.dll c:\windows\system32\authz.dll c:\windows\system32\ncrypt.dll c:\windows\system32\bcrypt.dll c:\windows\system32\credssp.dll c:\windows\system32\msprivs.dll c:\windows\system32\kerberos.dll c:\windows\system32\mswsock.dll c:\windows\system32\wship6.dll c:\windows\system32\msv1_0.dll c:\windows\system32\netlogon.dll c:\windows\system32\winbrand.dll c:\windows\system32\schannel.dll c:\windows\system32\wdigest.dll c:\windows\system32\rsaenh.dll c:\windows\system32\tspkg.dll c:\windows\system32\gpapi.dll c:\windows\system32\scecli.dll c:\windows\system32\setupapi.dll c:\windows\system32\oleaut32.dll c:\windows\system32\ole32.dll c:\windows\system32\wshtcpip.dll c:\windows\system32\dssenh.dll C:\WINDOWS\SYSTEM32\LSM.EXE c:\windows\system32\lsm.exe c:\windows\system32\ntdll.dll c:\windows\system32\kernel32.dll c:\windows\system32\advapi32.dll c:\windows\system32\rpcrt4.dll c:\windows\system32\msvcrt.dll c:\windows\system32\sysntfy.dll c:\windows\system32\wmsgapi.dll c:\windows\system32\secur32.dll c:\windows\system32\credssp.dll c:\windows\system32\crypt32.dll c:\windows\system32\user32.dll c:\windows\system32\gdi32.dll c:\windows\system32\msasn1.dll c:\windows\system32\userenv.dll c:\windows\system32\imm32.dll c:\windows\system32\msctf.dll c:\windows\system32\lpk.dll c:\windows\system32\usp10.dll c:\windows\system32\schannel.dll c:\windows\system32\netapi32.dll c:\windows\system32\psapi.dll C:\WINDOWS\SYSTEM32\WINLOGON.EXE c:\windows\system32\winlogon.exe c:\windows\system32\ntdll.dll c:\windows\system32\kernel32.dll c:\windows\system32\advapi32.dll c:\windows\system32\rpcrt4.dll c:\windows\system32\user32.dll c:\windows\system32\gdi32.dll c:\windows\system32\msvcrt.dll c:\windows\system32\secur32.dll c:\windows\system32\winsta.dll c:\windows\system32\psapi.dll c:\windows\system32\userenv.dll c:\windows\system32\imm32.dll c:\windows\system32\msctf.dll c:\windows\system32\lpk.dll c:\windows\system32\usp10.dll c:\windows\system32\apphelp.dll c:\windows\system32\ntmarta.dll c:\windows\system32\wldap32.dll c:\windows\system32\ws2_32.dll c:\windows\system32\nsi.dll c:\windows\system32\samlib.dll c:\windows\system32\ole32.dll c:\windows\system32\shsvcs.dll c:\windows\system32\uxtheme.dll c:\windows\system32\rsaenh.dll c:\windows\system32\windowscodecs.dll c:\windows\system32\netapi32.dll c:\windows\system32\slc.dll c:\windows\system32\mpr.dll C:\WINDOWS\SYSTEM32\SVCHOST.EXE c:\windows\system32\svchost.exe c:\windows\system32\ntdll.dll c:\windows\system32\kernel32.dll c:\windows\system32\msvcrt.dll c:\windows\system32\advapi32.dll c:\windows\system32\rpcrt4.dll c:\windows\system32\umpnpmgr.dll c:\windows\system32\user32.dll c:\windows\system32\gdi32.dll c:\windows\system32\userenv.dll c:\windows\system32\secur32.dll c:\windows\system32\imm32.dll c:\windows\system32\msctf.dll c:\windows\system32\lpk.dll c:\windows\system32\usp10.dll c:\windows\system32\powrprof.dll c:\windows\system32\gpapi.dll c:\windows\system32\slc.dll c:\windows\system32\rpcss.dll c:\windows\system32\ws2_32.dll c:\windows\system32\nsi.dll c:\windows\system32\firewallapi.dll c:\windows\system32\oleaut32.dll c:\windows\system32\ole32.dll c:\windows\system32\version.dll c:\windows\system32\credssp.dll c:\windows\system32\crypt32.dll c:\windows\system32\msasn1.dll c:\windows\system32\schannel.dll c:\windows\system32\netapi32.dll c:\windows\system32\psapi.dll c:\windows\system32\setupapi.dll c:\windows\system32\cabinet.dll c:\windows\system32\ntmarta.dll c:\windows\system32\wldap32.dll c:\windows\system32\samlib.dll c:\windows\system32\winsta.dll c:\windows\system32\clbcatq.dll c:\windows\system32\apphelp.dll c:\windows\system32\wtsapi32.dll c:\windows\system32\svchost.exe c:\windows\system32\ntdll.dll c:\windows\system32\kernel32.dll c:\windows\system32\msvcrt.dll c:\windows\system32\advapi32.dll c:\windows\system32\rpcrt4.dll c:\windows\system32\rpcss.dll c:\windows\system32\ws2_32.dll c:\windows\system32\nsi.dll c:\windows\system32\secur32.dll c:\windows\system32\firewallapi.dll c:\windows\system32\user32.dll c:\windows\system32\gdi32.dll c:\windows\system32\oleaut32.dll c:\windows\system32\ole32.dll c:\windows\system32\version.dll c:\windows\system32\imm32.dll c:\windows\system32\msctf.dll c:\windows\system32\lpk.dll c:\windows\system32\usp10.dll c:\windows\system32\credssp.dll c:\windows\system32\crypt32.dll c:\windows\system32\msasn1.dll c:\windows\system32\userenv.dll c:\windows\system32\schannel.dll c:\windows\system32\netapi32.dll c:\windows\system32\psapi.dll c:\windows\system32\rsaenh.dll c:\program files\f-secure internet security\fsps\program\fslsp.dll c:\windows\system32\mswsock.dll c:\windows\system32\wshtcpip.dll c:\windows\system32\wship6.dll c:\windows\system32\clbcatq.dll c:\windows\system32\fwpuclnt.dll c:\windows\system32\wtsapi32.dll c:\windows\system32\winsta.dll c:\windows\system32\svchost.exe c:\windows\system32\ntdll.dll c:\windows\system32\kernel32.dll c:\windows\system32\msvcrt.dll c:\windows\system32\advapi32.dll c:\windows\system32\rpcrt4.dll c:\program files\windows defender\mpsvc.dll c:\windows\system32\version.dll c:\windows\system32\crypt32.dll c:\windows\system32\user32.dll c:\windows\system32\gdi32.dll c:\windows\system32\msasn1.dll c:\windows\system32\userenv.dll c:\windows\system32\secur32.dll c:\windows\system32\wintrust.dll c:\windows\system32\imagehlp.dll c:\program files\windows defender\mpclient.dll c:\windows\system32\shell32.dll c:\windows\system32\shlwapi.dll c:\windows\system32\ole32.dll c:\windows\system32\oleaut32.dll c:\windows\system32\imm32.dll c:\windows\system32\msctf.dll c:\windows\system32\lpk.dll c:\windows\system32\usp10.dll c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll c:\windows\system32\gpapi.dll c:\windows\system32\slc.dll c:\windows\system32\ntmarta.dll c:\windows\system32\wldap32.dll c:\windows\system32\ws2_32.dll c:\windows\system32\nsi.dll c:\windows\system32\psapi.dll c:\windows\system32\samlib.dll c:\windows\system32\rsaenh.dll c:\windows\system32\ncrypt.dll c:\windows\system32\bcrypt.dll c:\programdata\microsoft\windows defender\definition updates\{33d49424-77a1-4b7e-8d76-2048a2b51f8e}\mpengine.dll c:\windows\system32\netapi32.dll c:\windows\system32\ktmw32.dll c:\windows\system32\iphlpapi.dll c:\windows\system32\dhcpcsvc.dll c:\windows\system32\dnsapi.dll c:\windows\system32\winnsi.dll c:\windows\system32\dhcpcsvc6.dll c:\program files\windows defender\mprtplug.dll c:\windows\system32\tdh.dll c:\windows\system32\credssp.dll c:\windows\system32\schannel.dll c:\windows\system32\clbcatq.dll c:\windows\system32\svchost.exe c:\windows\system32\ntdll.dll c:\windows\system32\kernel32.dll c:\windows\system32\msvcrt.dll c:\windows\system32\advapi32.dll c:\windows\system32\rpcrt4.dll c:\windows\system32\wevtsvc.dll c:\windows\system32\userenv.dll c:\windows\system32\secur32.dll c:\windows\system32\user32.dll c:\windows\system32\gdi32.dll c:\windows\system32\version.dll c:\windows\system32\gpapi.dll c:\windows\system32\slc.dll c:\windows\system32\imm32.dll c:\windows\system32\msctf.dll c:\windows\system32\lpk.dll c:\windows\system32\usp10.dll c:\windows\system32\credssp.dll c:\windows\system32\crypt32.dll c:\windows\system32\msasn1.dll c:\windows\system32\schannel.dll c:\windows\system32\netapi32.dll c:\windows\system32\psapi.dll c:\windows\system32\ws2_32.dll c:\windows\system32\nsi.dll c:\windows\system32\mswsock.dll c:\windows\system32\wshtcpip.dll c:\windows\system32\wship6.dll c:\windows\system32\oleaut32.dll c:\windows\system32\ole32.dll c:\windows\system32\audiosrv.dll c:\windows\system32\mmdevapi.dll c:\windows\system32\shlwapi.dll c:\windows\system32\wtsapi32.dll c:\windows\system32\winsta.dll c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll c:\windows\system32\clbcatq.dll c:\windows\system32\setupapi.dll c:\windows\system32\wintrust.dll c:\windows\system32\imagehlp.dll c:\windows\system32\lmhsvc.dll c:\windows\system32\iphlpapi.dll c:\windows\system32\dhcpcsvc.dll c:\windows\system32\dnsapi.dll c:\windows\system32\winnsi.dll c:\windows\system32\dhcpcsvc6.dll c:\windows\system32\rsaenh.dll c:\windows\system32\audioses.dll c:\windows\system32\audioeng.dll c:\windows\system32\avrt.dll c:\windows\system32\wscsvc.dll c:\windows\system32\firewallapi.dll c:\windows\system32\wbem\wbemprox.dll c:\windows\system32\wbem\wbemcomn.dll c:\windows\system32\wbem\wbemsvc.dll c:\windows\system32\wbem\fastprox.dll c:\windows\system32\ntdsapi.dll c:\windows\system32\wldap32.dll c:\windows\system32\wuapi.dll c:\windows\system32\cabinet.dll c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\comctl32.dll c:\windows\system32\svchost.exe c:\windows\system32\ntdll.dll c:\windows\system32\kernel32.dll c:\windows\system32\msvcrt.dll c:\windows\system32\advapi32.dll c:\windows\system32\rpcrt4.dll c:\windows\system32\ntmarta.dll c:\windows\system32\user32.dll c:\windows\system32\gdi32.dll c:\windows\system32\wldap32.dll c:\windows\system32\ws2_32.dll c:\windows\system32\nsi.dll c:\windows\system32\psapi.dll c:\windows\system32\samlib.dll c:\windows\system32\ole32.dll c:\windows\system32\imm32.dll c:\windows\system32\msctf.dll c:\windows\system32\lpk.dll c:\windows\system32\usp10.dll c:\windows\system32\audiosrv.dll c:\windows\system32\oleaut32.dll c:\windows\system32\mmdevapi.dll c:\windows\system32\shlwapi.dll c:\windows\system32\wtsapi32.dll c:\windows\system32\winsta.dll c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll c:\windows\system32\clbcatq.dll c:\windows\system32\setupapi.dll c:\windows\system32\wintrust.dll c:\windows\system32\crypt32.dll c:\windows\system32\msasn1.dll c:\windows\system32\userenv.dll c:\windows\system32\secur32.dll c:\windows\system32\imagehlp.dll c:\windows\system32\cscsvc.dll c:\windows\system32\shell32.dll c:\windows\system32\mpr.dll c:\windows\system32\rsaenh.dll c:\windows\system32\gpapi.dll c:\windows\system32\slc.dll c:\windows\system32\uxsms.dll c:\windows\system32\tabsvc.dll c:\windows\system32\hid.dll c:\windows\system32\wudfsvc.dll c:\windows\system32\wudfplatform.dll c:\windows\system32\version.dll c:\windows\system32\wevtapi.dll c:\windows\system32\netapi32.dll c:\windows\system32\apphelp.dll c:\windows\system32\emdmgmt.dll c:\windows\system32\wdscore.dll c:\windows\system32\slwga.dll c:\windows\system32\urlmon.dll c:\windows\system32\iertutil.dll c:\windows\system32\credssp.dll c:\windows\system32\schannel.dll c:\windows\system32\hidserv.dll c:\windows\system32\pcasvc.dll c:\windows\system32\sysmain.dll c:\windows\system32\trkwks.dll c:\windows\system32\wpdbusenum.dll c:\windows\system32\portabledeviceapi.dll c:\windows\system32\umb.dll c:\windows\system32\atl.dll c:\windows\system32\wdi.dll c:\windows\system32\pcadm.dll c:\windows\system32\netman.dll c:\windows\system32\rasapi32.dll c:\windows\system32\rasman.dll c:\windows\system32\tapi32.dll c:\windows\system32\rtutils.dll c:\windows\system32\winmm.dll c:\windows\system32\oleacc.dll c:\windows\system32\winnsi.dll c:\windows\system32\netshell.dll c:\windows\system32\iphlpapi.dll c:\windows\system32\dhcpcsvc.dll c:\windows\system32\dnsapi.dll c:\windows\system32\dhcpcsvc6.dll c:\windows\system32\nlaapi.dll c:\windows\system32\cscobj.dll c:\windows\system32\cscapi.dll c:\windows\system32\rasdlg.dll c:\windows\system32\mprapi.dll c:\windows\system32\activeds.dll c:\windows\system32\adsldpc.dll c:\windows\system32\credui.dll c:\windows\system32\radardt.dll c:\windows\system32\hnetcfg.dll c:\windows\system32\winhttp.dll c:\program files\f-secure internet security\fsps\program\fslsp.dll c:\windows\system32\mswsock.dll c:\windows\system32\wshtcpip.dll c:\windows\system32\upnp.dll c:\windows\system32\ssdpapi.dll c:\windows\system32\sxs.dll c:\windows\system32\netcfgx.dll c:\windows\system32\cabinet.dll c:\windows\system32\wbem\wbemprox.dll c:\windows\system32\wbem\wbemcomn.dll c:\windows\system32\wbem\wbemsvc.dll c:\windows\system32\wbem\fastprox.dll c:\windows\system32\ntdsapi.dll c:\windows\system32\svchost.exe c:\windows\system32\ntdll.dll c:\windows\system32\kernel32.dll c:\windows\system32\msvcrt.dll c:\windows\system32\advapi32.dll c:\windows\system32\rpcrt4.dll c:\windows\system32\ntmarta.dll c:\windows\system32\user32.dll c:\windows\system32\gdi32.dll c:\windows\system32\wldap32.dll c:\windows\system32\ws2_32.dll c:\windows\system32\nsi.dll c:\windows\system32\psapi.dll c:\windows\system32\samlib.dll c:\windows\system32\ole32.dll c:\windows\system32\imm32.dll c:\windows\system32\msctf.dll c:\windows\system32\lpk.dll c:\windows\system32\usp10.dll c:\windows\system32\mmcss.dll c:\windows\system32\avrt.dll c:\windows\system32\gpsvc.dll c:\windows\system32\secur32.dll c:\windows\system32\netapi32.dll c:\windows\system32\ntdsapi.dll c:\windows\system32\dnsapi.dll c:\windows\system32\wtsapi32.dll c:\windows\system32\oleaut32.dll c:\windows\system32\userenv.dll c:\windows\system32\gpapi.dll c:\windows\system32\slc.dll c:\windows\system32\authz.dll c:\windows\system32\sysntfy.dll c:\windows\system32\winsta.dll c:\windows\system32\nlaapi.dll c:\windows\system32\iphlpapi.dll c:\windows\system32\dhcpcsvc.dll c:\windows\system32\winnsi.dll c:\windows\system32\dhcpcsvc6.dll c:\windows\system32\profsvc.dll c:\windows\system32\atl.dll c:\windows\system32\shsvcs.dll c:\windows\system32\sens.dll c:\windows\system32\rsaenh.dll c:\windows\system32\clbcatq.dll c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\comctl32.dll c:\windows\system32\setupapi.dll c:\windows\system32\wintrust.dll c:\windows\system32\crypt32.dll c:\windows\system32\msasn1.dll c:\windows\system32\imagehlp.dll c:\windows\system32\schedsvc.dll c:\windows\system32\ktmw32.dll c:\windows\system32\shlwapi.dll c:\windows\system32\wevtapi.dll c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll c:\windows\system32\credssp.dll c:\windows\system32\schannel.dll c:\windows\system32\taskcomp.dll c:\windows\system32\version.dll c:\program files\f-secure internet security\fsps\program\fslsp.dll c:\windows\system32\mswsock.dll c:\windows\system32\wshtcpip.dll c:\windows\system32\wship6.dll c:\windows\system32\srvsvc.dll c:\windows\system32\sscore.dll c:\windows\system32\firewallapi.dll c:\windows\system32\clusapi.dll c:\windows\system32\activeds.dll c:\windows\system32\adsldpc.dll c:\windows\system32\credui.dll c:\windows\system32\shell32.dll c:\windows\system32\resutils.dll c:\windows\system32\wiarpc.dll c:\windows\system32\uxtheme.dll c:\windows\system32\propsys.dll c:\windows\system32\sxs.dll c:\windows\system32\apphelp.dll c:\windows\system32\tschannel.dll c:\windows\system32\aelupsvc.dll c:\windows\system32\ikeext.dll c:\windows\system32\fwpuclnt.dll c:\windows\system32\seclogon.dll c:\windows\system32\ncrypt.dll c:\windows\system32\bcrypt.dll c:\windows\system32\wbem\wmisvc.dll c:\windows\system32\wbem\wbemcomn.dll c:\windows\system32\iphlpsvc.dll c:\windows\system32\rtutils.dll c:\windows\system32\sqmapi.dll c:\windows\system32\cabinet.dll c:\windows\system32\winhttp.dll c:\windows\system32\vssapi.dll c:\windows\system32\vsstrace.dll c:\windows\system32\xmllite.dll c:\windows\system32\mpr.dll c:\windows\system32\wbem\wbemcore.dll c:\windows\system32\wbem\esscli.dll c:\windows\system32\wbem\fastprox.dll c:\windows\system32\wbem\wbemsvc.dll c:\windows\system32\wbem\wmiutils.dll c:\windows\system32\wbem\repdrvfs.dll c:\windows\system32\wbem\wmiprvsd.dll c:\windows\system32\ncobjapi.dll c:\windows\system32\wbem\wbemess.dll c:\windows\system32\wscapi.dll c:\windows\system32\urlmon.dll c:\windows\system32\iertutil.dll c:\windows\system32\winrnr.dll c:\windows\system32\napinsp.dll c:\windows\system32\pnrpnsp.dll c:\windows\system32\rasadhlp.dll c:\windows\system32\rasmans.dll c:\windows\system32\cryptdll.dll c:\windows\system32\rastapi.dll c:\windows\system32\tapi32.dll c:\windows\system32\winmm.dll c:\windows\system32\oleacc.dll c:\windows\system32\rasppp.dll c:\windows\system32\mprapi.dll c:\windows\system32\rasapi32.dll c:\windows\system32\rasman.dll c:\windows\system32\kerberos.dll c:\windows\system32\rasqec.dll c:\windows\system32\qutil.dll c:\windows\system32\raschap.dll c:\windows\system32\rastls.dll c:\windows\system32\cryptui.dll c:\windows\system32\msimg32.dll c:\windows\system32\winscard.dll c:\windows\system32\wbem\ncprov.dll c:\windows\system32\qmgr.dll c:\windows\system32\shfolder.dll c:\windows\system32\bitsperf.dll c:\windows\system32\bitsigd.dll c:\windows\system32\upnp.dll c:\windows\system32\ssdpapi.dll c:\windows\system32\wuaueng.dll c:\windows\system32\esent.dll c:\windows\system32\winspool.drv c:\windows\system32\mspatcha.dll c:\windows\system32\wmsgapi.dll c:\windows\system32\advpack.dll c:\windows\system32\msi.dll c:\windows\system32\appmgmts.dll c:\windows\system32\appinfo.dll c:\windows\system32\wbem\wbemprox.dll C:\WINDOWS\SYSTEM32\SLSVC.EXE c:\windows\system32\slsvc.exe c:\windows\system32\ntdll.dll c:\windows\system32\kernel32.dll c:\windows\system32\advapi32.dll c:\windows\system32\rpcrt4.dll c:\windows\system32\msvcrt.dll c:\windows\system32\slc.dll c:\windows\system32\user32.dll c:\windows\system32\gdi32.dll c:\windows\system32\dnsapi.dll c:\windows\system32\ws2_32.dll c:\windows\system32\nsi.dll c:\windows\system32\imm32.dll c:\windows\system32\msctf.dll c:\windows\system32\lpk.dll c:\windows\system32\usp10.dll c:\windows\system32\rsaenh.dll c:\windows\system32\shell32.dll c:\windows\system32\shlwapi.dll c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll c:\windows\system32\ole32.dll c:\windows\system32\userenv.dll c:\windows\system32\secur32.dll C:\WINDOWS\SYSTEM32\SVCHOST.EXE c:\windows\system32\svchost.exe c:\windows\system32\ntdll.dll c:\windows\system32\kernel32.dll c:\windows\system32\msvcrt.dll c:\windows\system32\advapi32.dll c:\windows\system32\rpcrt4.dll c:\windows\system32\ntmarta.dll c:\windows\system32\user32.dll c:\windows\system32\gdi32.dll c:\windows\system32\wldap32.dll c:\windows\system32\ws2_32.dll c:\windows\system32\nsi.dll c:\windows\system32\psapi.dll c:\windows\system32\samlib.dll c:\windows\system32\ole32.dll c:\windows\system32\imm32.dll c:\windows\system32\msctf.dll c:\windows\system32\lpk.dll c:\windows\system32\usp10.dll c:\windows\system32\es.dll c:\windows\system32\oleaut32.dll c:\windows\system32\propsys.dll c:\windows\system32\rsaenh.dll c:\windows\system32\clbcatq.dll c:\windows\system32\nsisvc.dll c:\windows\system32\mswsock.dll c:\windows\system32\wshtcpip.dll c:\windows\system32\wship6.dll c:\windows\system32\secur32.dll c:\windows\system32\credssp.dll c:\windows\system32\crypt32.dll c:\windows\system32\msasn1.dll c:\windows\system32\userenv.dll c:\windows\system32\schannel.dll c:\windows\system32\netapi32.dll c:\windows\system32\webclnt.dll c:\windows\system32\winhttp.dll c:\windows\system32\shlwapi.dll c:\windows\system32\urlmon.dll c:\windows\system32\iertutil.dll c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll c:\windows\system32\shell32.dll c:\windows\system32\wininet.dll c:\windows\system32\normaliz.dll c:\windows\system32\wkssvc.dll c:\windows\system32\iphlpapi.dll c:\windows\system32\dhcpcsvc.dll c:\windows\system32\dnsapi.dll c:\windows\system32\winnsi.dll c:\windows\system32\dhcpcsvc6.dll c:\windows\system32\ntdsapi.dll c:\windows\system32\winbrand.dll c:\windows\system32\sxs.dll c:\windows\system32\fdrespub.dll c:\windows\system32\wsdapi.dll c:\windows\system32\httpapi.dll c:\windows\system32\wintrust.dll c:\windows\system32\imagehlp.dll c:\windows\system32\xmllite.dll c:\windows\system32\firewallapi.dll c:\windows\system32\version.dll c:\windows\system32\fundisc.dll c:\windows\system32\atl.dll c:\windows\system32\setupapi.dll c:\windows\system32\msxml3.dll c:\windows\system32\ssdpsrv.dll c:\windows\system32\w32time.dll c:\windows\system32\cryptdll.dll c:\windows\system32\gpapi.dll c:\windows\system32\slc.dll c:\windows\system32\upnphost.dll c:\windows\system32\ssdpapi.dll c:\windows\system32\netprofm.dll c:\windows\system32\nlaapi.dll c:\windows\system32\npmproxy.dll c:\windows\system32\fdphost.dll c:\windows\system32\fdwsd.dll c:\windows\system32\mlang.dll c:\windows\system32\winrnr.dll c:\windows\system32\napinsp.dll c:\windows\system32\pnrpnsp.dll c:\windows\system32\rasadhlp.dll c:\windows\system32\fdssdp.dll c:\windows\system32\fdproxy.dll c:\windows\system32\svchost.exe c:\windows\system32\ntdll.dll c:\windows\system32\kernel32.dll c:\windows\system32\msvcrt.dll c:\windows\system32\advapi32.dll c:\windows\system32\rpcrt4.dll c:\windows\system32\ntmarta.dll c:\windows\system32\user32.dll c:\windows\system32\gdi32.dll c:\windows\system32\wldap32.dll c:\windows\system32\ws2_32.dll c:\windows\system32\nsi.dll c:\windows\system32\psapi.dll c:\windows\system32\samlib.dll c:\windows\system32\ole32.dll c:\windows\system32\imm32.dll c:\windows\system32\msctf.dll c:\windows\system32\lpk.dll c:\windows\system32\usp10.dll c:\windows\system32\dnsrslvr.dll c:\windows\system32\dnsapi.dll c:\windows\system32\dhcpcsvc.dll c:\windows\system32\secur32.dll c:\windows\system32\winnsi.dll c:\windows\system32\dhcpcsvc6.dll c:\windows\system32\iphlpapi.dll c:\windows\system32\mswsock.dll c:\windows\system32\wship6.dll c:\windows\system32\wshtcpip.dll c:\windows\system32\cryptsvc.dll c:\windows\system32\oleaut32.dll c:\windows\system32\vssapi.dll c:\windows\system32\atl.dll c:\windows\system32\vsstrace.dll c:\windows\system32\authz.dll c:\windows\system32\xmllite.dll c:\windows\system32\netapi32.dll c:\windows\system32\mpr.dll c:\windows\system32\setupapi.dll c:\windows\system32\crypt32.dll c:\windows\system32\msasn1.dll c:\windows\system32\userenv.dll c:\windows\system32\rsaenh.dll c:\windows\system32\clbcatq.dll c:\windows\system32\es.dll c:\windows\system32\propsys.dll c:\windows\system32\nlasvc.dll c:\windows\system32\wevtapi.dll c:\windows\system32\ncsi.dll c:\windows\system32\winhttp.dll c:\windows\system32\shlwapi.dll c:\windows\system32\wtsapi32.dll c:\windows\system32\bcrypt.dll c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll c:\windows\system32\termsrv.dll c:\windows\system32\icaapi.dll c:\windows\system32\wintrust.dll c:\windows\system32\imagehlp.dll c:\windows\system32\shell32.dll c:\windows\system32\credssp.dll c:\windows\system32\schannel.dll c:\windows\system32\ssdpapi.dll c:\windows\system32\winsta.dll c:\windows\system32\tapisrv.dll c:\windows\system32\activeds.dll c:\windows\system32\adsldpc.dll c:\windows\system32\credui.dll c:\windows\system32\rtutils.dll c:\windows\system32\winmm.dll c:\windows\system32\oleacc.dll c:\windows\system32\unimdm.tsp c:\windows\system32\uniplat.dll c:\windows\system32\kmddsp.tsp c:\windows\system32\ndptsp.tsp c:\windows\system32\hidphone.tsp c:\windows\system32\hid.dll c:\windows\system32\esent.dll c:\windows\system32\nlaapi.dll c:\windows\system32\winrnr.dll c:\windows\system32\napinsp.dll c:\windows\system32\pnrpnsp.dll c:\windows\system32\rasadhlp.dll c:\windows\system32\msdtckrm.dll c:\windows\system32\version.dll c:\windows\system32\ktmw32.dll C:\WINDOWS\SYSTEM32\SPOOLSV.EXE c:\windows\system32\spoolsv.exe c:\windows\system32\ntdll.dll c:\windows\system32\kernel32.dll c:\windows\system32\advapi32.dll c:\windows\system32\rpcrt4.dll c:\windows\system32\msvcrt.dll c:\windows\system32\slc.dll c:\windows\system32\secur32.dll c:\windows\system32\credssp.dll c:\windows\system32\crypt32.dll c:\windows\system32\user32.dll c:\windows\system32\gdi32.dll c:\windows\system32\msasn1.dll c:\windows\system32\userenv.dll c:\windows\system32\imm32.dll c:\windows\system32\msctf.dll c:\windows\system32\lpk.dll c:\windows\system32\usp10.dll c:\windows\system32\schannel.dll c:\windows\system32\netapi32.dll c:\windows\system32\psapi.dll c:\windows\system32\spoolss.dll c:\windows\system32\wtsapi32.dll c:\windows\system32\winsta.dll c:\windows\system32\iphlpapi.dll c:\windows\system32\dhcpcsvc.dll c:\windows\system32\dnsapi.dll c:\windows\system32\ws2_32.dll c:\windows\system32\nsi.dll c:\windows\system32\winnsi.dll c:\windows\system32\dhcpcsvc6.dll c:\windows\system32\mswsock.dll c:\windows\system32\rasadhlp.dll c:\windows\system32\ole32.dll c:\windows\system32\clbcatq.dll c:\windows\system32\oleaut32.dll c:\windows\system32\wintrust.dll c:\windows\system32\imagehlp.dll c:\windows\system32\localspl.dll c:\windows\system32\version.dll c:\windows\system32\sfc.dll c:\windows\system32\shlwapi.dll c:\windows\system32\shell32.dll c:\windows\system32\setupapi.dll c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll c:\windows\system32\winspool.drv c:\windows\system32\fxsmon.dll c:\windows\system32\fxsresm.dll c:\windows\system32\tcpmon.dll c:\windows\system32\snmpapi.dll c:\windows\system32\wsnmp32.dll c:\windows\system32\msxml6.dll c:\windows\system32\tcpmib.dll c:\windows\system32\mgmtapi.dll c:\windows\system32\usbmon.dll c:\windows\system32\wls0wndh.dll c:\windows\system32\wsdmon.dll c:\windows\system32\wsdapi.dll c:\windows\system32\httpapi.dll c:\windows\system32\winhttp.dll c:\windows\system32\xmllite.dll c:\windows\system32\fundisc.dll c:\windows\system32\atl.dll c:\windows\system32\msxml3.dll c:\windows\system32\ntmarta.dll c:\windows\system32\wldap32.dll c:\windows\system32\samlib.dll c:\windows\system32\win32spl.dll c:\windows\system32\netrap.dll c:\windows\system32\printcom.dll c:\windows\system32\sensapi.dll c:\windows\system32\gpapi.dll c:\windows\system32\inetpp.dll c:\program files\f-secure internet security\fsps\program\fslsp.dll c:\windows\system32\wshtcpip.dll c:\windows\system32\wship6.dll c:\windows\system32\nlaapi.dll c:\windows\system32\winrnr.dll c:\windows\system32\napinsp.dll c:\windows\system32\pnrpnsp.dll c:\windows\system32\rsaenh.dll C:\WINDOWS\SYSTEM32\SVCHOST.EXE c:\windows\system32\svchost.exe c:\windows\system32\ntdll.dll c:\windows\system32\kernel32.dll c:\windows\system32\msvcrt.dll c:\windows\system32\advapi32.dll c:\windows\system32\rpcrt4.dll c:\windows\system32\bfe.dll c:\windows\system32\authz.dll c:\windows\system32\secur32.dll c:\windows\system32\user32.dll c:\windows\system32\gdi32.dll c:\windows\system32\imm32.dll c:\windows\system32\msctf.dll c:\windows\system32\lpk.dll c:\windows\system32\usp10.dll c:\windows\system32\mpssvc.dll c:\windows\system32\firewallapi.dll c:\windows\system32\oleaut32.dll c:\windows\system32\ole32.dll c:\windows\system32\version.dll c:\windows\system32\nlaapi.dll c:\windows\system32\iphlpapi.dll c:\windows\system32\dhcpcsvc.dll c:\windows\system32\dnsapi.dll c:\windows\system32\ws2_32.dll c:\windows\system32\nsi.dll c:\windows\system32\winnsi.dll c:\windows\system32\dhcpcsvc6.dll c:\windows\system32\crypt32.dll c:\windows\system32\msasn1.dll c:\windows\system32\userenv.dll c:\windows\system32\bcrypt.dll c:\windows\system32\wtsapi32.dll c:\windows\system32\shlwapi.dll c:\windows\system32\fwpuclnt.dll c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll c:\windows\system32\credssp.dll c:\windows\system32\schannel.dll c:\windows\system32\netapi32.dll c:\windows\system32\psapi.dll c:\windows\system32\gpapi.dll c:\windows\system32\slc.dll c:\windows\system32\wfapigp.dll c:\windows\system32\dps.dll c:\windows\system32\wdi.dll c:\windows\system32\clbcatq.dll c:\windows\system32\taskschd.dll c:\windows\system32\xmllite.dll c:\program files\f-secure internet security\fsps\program\fslsp.dll c:\windows\system32\mswsock.dll c:\windows\system32\wshtcpip.dll c:\windows\system32\wship6.dll c:\windows\system32\rsaenh.dll c:\windows\system32\npmproxy.dll c:\windows\system32\diagperf.dll c:\windows\system32\shell32.dll C:\WINDOWS\SYSTEM32\TASKENG.EXE c:\windows\system32\taskeng.exe c:\windows\system32\ntdll.dll c:\windows\system32\kernel32.dll c:\windows\system32\advapi32.dll c:\windows\system32\rpcrt4.dll c:\windows\system32\user32.dll c:\windows\system32\gdi32.dll c:\windows\system32\msvcrt.dll c:\windows\system32\shell32.dll c:\windows\system32\shlwapi.dll c:\windows\system32\ole32.dll c:\windows\system32\oleaut32.dll c:\windows\system32\secur32.dll c:\windows\system32\xmllite.dll c:\windows\system32\mpr.dll c:\windows\system32\imm32.dll c:\windows\system32\msctf.dll c:\windows\system32\lpk.dll c:\windows\system32\usp10.dll c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll c:\windows\system32\rsaenh.dll c:\windows\system32\clbcatq.dll c:\windows\system32\tschannel.dll c:\windows\system32\hotstartuseragent.dll c:\windows\system32\slc.dll c:\windows\system32\msctfmonitor.dll c:\windows\system32\msutb.dll c:\windows\system32\dwmapi.dll c:\windows\system32\uxtheme.dll c:\windows\system32\dimsjob.dll c:\windows\system32\userenv.dll c:\windows\system32\ncrypt.dll c:\windows\system32\crypt32.dll c:\windows\system32\msasn1.dll c:\windows\system32\playsndsrv.dll c:\windows\system32\winmm.dll c:\windows\system32\oleacc.dll c:\windows\system32\tmm.dll c:\windows\system32\wtsapi32.dll c:\windows\system32\setupapi.dll c:\windows\system32\powrprof.dll c:\windows\system32\d3d9.dll c:\windows\system32\version.dll c:\windows\system32\d3d8thk.dll c:\windows\system32\wintrust.dll c:\windows\system32\imagehlp.dll c:\windows\system32\gpapi.dll c:\windows\system32\pautoenr.dll c:\windows\system32\netapi32.dll c:\windows\system32\psapi.dll c:\windows\system32\wldap32.dll c:\windows\system32\ws2_32.dll c:\windows\system32\nsi.dll c:\windows\system32\certcli.dll c:\windows\system32\atl.dll c:\windows\system32\wininet.dll c:\windows\system32\normaliz.dll c:\windows\system32\iertutil.dll c:\windows\system32\certenroll.dll c:\windows\system32\ntdsapi.dll c:\windows\system32\dnsapi.dll c:\windows\system32\winscard.dll c:\windows\system32\winsta.dll c:\windows\system32\wdmaud.drv c:\windows\system32\ksuser.dll c:\windows\system32\avrt.dll c:\windows\system32\mmdevapi.dll c:\windows\system32\audioses.dll c:\windows\system32\audioeng.dll c:\windows\system32\msacm32.drv c:\windows\system32\msacm32.dll c:\windows\system32\midimap.dll c:\windows\system32\qagent.dll c:\windows\system32\qutil.dll c:\windows\system32\wevtapi.dll c:\windows\system32\fwpuclnt.dll c:\windows\system32\apphelp.dll C:\WINDOWS\SYSTEM32\DWM.EXE c:\windows\system32\dwm.exe c:\windows\system32\ntdll.dll c:\windows\system32\kernel32.dll c:\windows\system32\advapi32.dll c:\windows\system32\rpcrt4.dll c:\windows\system32\gdi32.dll c:\windows\system32\user32.dll c:\windows\system32\msvcrt.dll c:\windows\system32\ole32.dll c:\windows\system32\oleaut32.dll c:\windows\system32\uxtheme.dll c:\windows\system32\imm32.dll c:\windows\system32\msctf.dll c:\windows\system32\dwmredir.dll c:\windows\system32\slwga.dll c:\windows\system32\urlmon.dll c:\windows\system32\shlwapi.dll c:\windows\system32\iertutil.dll c:\windows\system32\wtsapi32.dll c:\windows\system32\slc.dll c:\windows\system32\lpk.dll c:\windows\system32\usp10.dll c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll c:\windows\system32\ntmarta.dll c:\windows\system32\wldap32.dll c:\windows\system32\ws2_32.dll c:\windows\system32\nsi.dll c:\windows\system32\psapi.dll c:\windows\system32\samlib.dll c:\windows\system32\milcore.dll c:\windows\system32\version.dll c:\windows\system32\dwmapi.dll c:\windows\system32\udwm.dll c:\windows\system32\windowscodecs.dll c:\windows\system32\avrt.dll c:\windows\system32\wintrust.dll c:\windows\system32\crypt32.dll c:\windows\system32\msasn1.dll c:\windows\system32\userenv.dll c:\windows\system32\secur32.dll c:\windows\system32\imagehlp.dll c:\windows\system32\rsaenh.dll c:\windows\system32\ncrypt.dll c:\windows\system32\bcrypt.dll c:\windows\system32\shell32.dll C:\WINDOWS\EXPLORER.EXE c:\windows\explorer.exe c:\windows\system32\ntdll.dll c:\windows\system32\kernel32.dll c:\windows\system32\advapi32.dll c:\windows\system32\rpcrt4.dll c:\windows\system32\gdi32.dll c:\windows\system32\user32.dll c:\windows\system32\msvcrt.dll c:\windows\system32\shlwapi.dll c:\windows\system32\shell32.dll c:\windows\system32\ole32.dll c:\windows\system32\oleaut32.dll c:\windows\system32\shdocvw.dll c:\windows\system32\uxtheme.dll c:\windows\system32\powrprof.dll c:\windows\system32\dwmapi.dll c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16386_none_9ea0ac9ec96e7127\gdiplus.dll c:\windows\system32\slc.dll c:\windows\system32\propsys.dll c:\windows\system32\browseui.dll c:\windows\system32\imm32.dll c:\windows\system32\msctf.dll c:\windows\system32\duser.dll c:\windows\system32\lpk.dll c:\windows\system32\usp10.dll c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll c:\windows\system32\windowscodecs.dll c:\windows\system32\apphelp.dll c:\windows\system32\clbcatq.dll c:\windows\system32\cscui.dll c:\windows\system32\cscdll.dll c:\windows\system32\cscapi.dll c:\windows\system32\iconcodecservice.dll c:\windows\system32\secur32.dll c:\windows\system32\rsaenh.dll c:\windows\system32\timedate.cpl c:\windows\system32\atl.dll c:\windows\system32\netapi32.dll c:\windows\system32\psapi.dll c:\windows\system32\oleacc.dll c:\windows\system32\actxprxy.dll c:\windows\system32\userenv.dll c:\windows\system32\msutb.dll c:\progra~1\wi4eb4~1\wmpband.dll c:\windows\system32\mpr.dll c:\windows\system32\winbrand.dll c:\windows\system32\shacct.dll c:\windows\system32\samlib.dll c:\windows\system32\msshsq.dll c:\windows\system32\naturallanguage6.dll c:\windows\system32\crypt32.dll c:\windows\system32\msasn1.dll c:\windows\system32\authui.dll c:\windows\system32\msimg32.dll c:\windows\system32\linkinfo.dll c:\windows\system32\msiltcfg.dll c:\windows\system32\version.dll c:\windows\system32\msi.dll c:\windows\system32\ntmarta.dll c:\windows\system32\wldap32.dll c:\windows\system32\ws2_32.dll c:\windows\system32\nsi.dll c:\windows\system32\urlmon.dll c:\windows\system32\iertutil.dll c:\windows\system32\ieframe.dll c:\windows\system32\winmm.dll c:\windows\system32\wdmaud.drv c:\windows\system32\ksuser.dll c:\windows\system32\avrt.dll c:\windows\system32\mmdevapi.dll c:\windows\system32\setupapi.dll c:\windows\system32\wintrust.dll c:\windows\system32\imagehlp.dll c:\windows\system32\audioses.dll c:\windows\system32\audioeng.dll c:\windows\system32\explorerframe.dll c:\windows\system32\wininet.dll c:\windows\system32\normaliz.dll c:\windows\system32\ntlanman.dll c:\windows\system32\drprov.dll c:\windows\system32\davclnt.dll c:\windows\system32\wpdshext.dll c:\windows\system32\portabledeviceapi.dll c:\windows\system32\audiodev.dll c:\windows\system32\wmvcore.dll c:\windows\system32\wmasf.dll c:\windows\system32\msacm32.drv c:\windows\system32\msacm32.dll c:\windows\system32\midimap.dll c:\windows\system32\rasapi32.dll c:\windows\system32\rasman.dll c:\windows\system32\tapi32.dll c:\windows\system32\rtutils.dll c:\windows\system32\sensapi.dll c:\windows\system32\nlaapi.dll c:\windows\system32\iphlpapi.dll c:\windows\system32\dhcpcsvc.dll c:\windows\system32\dnsapi.dll c:\windows\system32\winnsi.dll c:\windows\system32\dhcpcsvc6.dll c:\program files\f-secure internet security\fsps\program\fslsp.dll c:\program files\f-secure internet security\scanner-interface\fsgkiapi.dll c:\windows\system32\mswsock.dll c:\windows\system32\wshtcpip.dll c:\windows\system32\wship6.dll c:\windows\system32\winrnr.dll c:\windows\system32\napinsp.dll c:\windows\system32\pnrpnsp.dll c:\windows\system32\rasadhlp.dll c:\windows\system32\stobject.dll c:\windows\system32\batmeter.dll c:\windows\system32\wtsapi32.dll c:\windows\system32\winsta.dll c:\windows\system32\es.dll c:\windows\system32\sndvolsso.dll c:\windows\ehome\ehsso.dll c:\windows\system32\hid.dll c:\windows\system32\netshell.dll c:\windows\system32\pnidui.dll c:\windows\system32\qutil.dll c:\windows\system32\wevtapi.dll c:\windows\system32\wlanutil.dll c:\windows\system32\firewallapi.dll c:\windows\system32\fundisc.dll c:\windows\system32\fdproxy.dll c:\windows\system32\credssp.dll c:\windows\system32\schannel.dll c:\windows\system32\npmproxy.dll c:\windows\system32\wlanapi.dll c:\windows\system32\onex.dll c:\windows\system32\eappprxy.dll c:\windows\system32\eappcfg.dll c:\windows\system32\bcrypt.dll c:\windows\system32\alttab.dll c:\windows\system32\wpdshserviceobj.dll c:\windows\system32\winhttp.dll c:\windows\system32\ntshrui.dll c:\windows\system32\srchadmin.dll c:\windows\system32\cscobj.dll c:\windows\system32\webcheck.dll c:\windows\system32\synccenter.dll c:\windows\system32\wscntfy.dll c:\windows\system32\wscapi.dll c:\windows\system32\imapi2.dll c:\windows\system32\mssprxy.dll c:\windows\system32\bthprops.cpl c:\windows\system32\fxsst.dll c:\windows\system32\fxsapi.dll c:\windows\system32\winspool.drv c:\windows\system32\fxsresm.dll c:\windows\system32\qagent.dll c:\windows\system32\fwpuclnt.dll c:\windows\system32\portabledevicetypes.dll c:\windows\system32\sxs.dll c:\windows\system32\cabinet.dll c:\windows\system32\mlang.dll c:\windows\system32\mshtml.dll c:\windows\system32\msls31.dll c:\windows\system32\msimtf.dll c:\windows\system32\jscript.dll c:\windows\system32\mshtmled.dll c:\windows\system32\twext.dll c:\program files\f-secure internet security\common\fpshx.dll c:\program files\f-secure internet security\common\fsma32.dll c:\program files\f-secure internet security\common\fspmapi.dll c:\program files\f-secure internet security\common\fslapi.dll c:\windows\system32\mfc42.dll c:\windows\system32\odbc32.dll c:\windows\system32\comdlg32.dll c:\windows\system32\odbcint.dll c:\program files\f-secure internet security\common\fpshx.eng c:\program files\winrar\rarext.dll c:\windows\system32\syncui.dll c:\windows\system32\synceng.dll c:\program files\grisoft\avg anti-spyware 7.5\context.dll c:\windows\system32\thumbcache.dll c:\windows\system32\vbscript.dll c:\windows\system32\nlsdata0000.dll C:\PROGRAM FILES\WINDOWS DEFENDER\MSASCUI.EXE c:\program files\windows defender\msascui.exe c:\windows\system32\ntdll.dll c:\windows\system32\kernel32.dll c:\windows\system32\advapi32.dll c:\windows\system32\rpcrt4.dll c:\windows\system32\gdi32.dll c:\windows\system32\user32.dll c:\windows\system32\msvcrt.dll c:\windows\system32\shell32.dll c:\windows\system32\shlwapi.dll c:\windows\system32\ole32.dll c:\windows\system32\oleaut32.dll c:\program files\windows defender\mpclient.dll c:\windows\system32\userenv.dll c:\windows\system32\secur32.dll c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16386_none_9ea0ac9ec96e7127\gdiplus.dll c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll c:\windows\system32\oleacc.dll c:\program files\windows defender\msmpres.dll c:\program files\windows defender\mprtmon.dll c:\windows\system32\netapi32.dll c:\windows\system32\psapi.dll c:\windows\system32\winhttp.dll c:\windows\system32\urlmon.dll c:\windows\system32\iertutil.dll c:\windows\system32\version.dll c:\windows\system32\imm32.dll c:\windows\system32\msctf.dll c:\windows\system32\lpk.dll c:\windows\system32\usp10.dll c:\windows\system32\uxtheme.dll c:\windows\system32\msftedit.dll c:\windows\system32\rsaenh.dll c:\windows\system32\credssp.dll c:\windows\system32\crypt32.dll c:\windows\system32\msasn1.dll c:\windows\system32\schannel.dll c:\windows\system32\gpapi.dll c:\windows\system32\slc.dll C:\WINDOWS\ALCXMNTR.EXE c:\windows\alcxmntr.exe c:\windows\system32\ntdll.dll c:\windows\system32\kernel32.dll c:\windows\system32\dsound.dll c:\windows\system32\msvcrt.dll c:\windows\system32\user32.dll c:\windows\system32\gdi32.dll c:\windows\system32\advapi32.dll c:\windows\system32\rpcrt4.dll c:\windows\system32\ole32.dll c:\windows\system32\winmm.dll c:\windows\system32\oleaut32.dll c:\windows\system32\oleacc.dll c:\windows\system32\powrprof.dll c:\windows\system32\setupapi.dll c:\windows\system32\shell32.dll c:\windows\system32\shlwapi.dll c:\windows\system32\imm32.dll c:\windows\system32\msctf.dll c:\windows\system32\lpk.dll c:\windows\system32\usp10.dll c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll c:\windows\system32\wintrust.dll c:\windows\system32\crypt32.dll c:\windows\system32\msasn1.dll c:\windows\system32\userenv.dll c:\windows\system32\secur32.dll c:\windows\system32\imagehlp.dll c:\windows\system32\uxtheme.dll c:\windows\system32\clbcatq.dll C:\PROGRAM FILES\GRISOFT\AVG ANTI-SPYWARE 7.5\AVGAS.EXE c:\program files\grisoft\avg anti-spyware 7.5\avgas.exe c:\windows\system32\ntdll.dll c:\windows\system32\kernel32.dll c:\windows\system32\psapi.dll c:\windows\system32\shlwapi.dll c:\windows\system32\gdi32.dll c:\windows\system32\user32.dll c:\windows\system32\advapi32.dll c:\windows\system32\rpcrt4.dll c:\windows\system32\msvcrt.dll c:\program files\grisoft\avg anti-spyware 7.5\engine.dll c:\windows\system32\shfolder.dll c:\windows\system32\shell32.dll c:\windows\system32\winmm.dll c:\windows\system32\ole32.dll c:\windows\system32\oleaut32.dll c:\windows\system32\oleacc.dll c:\windows\system32\msimg32.dll c:\windows\system32\comdlg32.dll c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll c:\windows\system32\wsock32.dll c:\windows\system32\ws2_32.dll c:\windows\system32\nsi.dll c:\windows\system32\version.dll c:\windows\system32\imm32.dll c:\windows\system32\msctf.dll c:\windows\system32\lpk.dll c:\windows\system32\usp10.dll c:\windows\system32\userenv.dll c:\windows\system32\secur32.dll c:\windows\system32\uxtheme.dll c:\windows\system32\windowscodecs.dll c:\windows\system32\apphelp.dll c:\windows\system32\clbcatq.dll c:\windows\system32\cscui.dll c:\windows\system32\propsys.dll c:\windows\system32\cscdll.dll c:\windows\system32\cscapi.dll c:\windows\system32\setupapi.dll c:\windows\system32\linkinfo.dll c:\windows\system32\ntmarta.dll c:\windows\system32\wldap32.dll c:\windows\system32\samlib.dll C:\PROGRAM FILES\F-SECURE INTERNET SECURITY\COMMON\FSM32.EXE c:\program files\f-secure internet security\common\fsm32.exe c:\windows\system32\ntdll.dll c:\windows\system32\kernel32.dll c:\windows\system32\gdi32.dll c:\windows\system32\user32.dll c:\windows\system32\advapi32.dll c:\windows\system32\rpcrt4.dll c:\program files\f-secure internet security\common\fspmapi.dll c:\program files\f-secure internet security\common\fslapi.dll c:\program files\f-secure internet security\common\fsma32.dll c:\windows\system32\shell32.dll c:\windows\system32\msvcrt.dll c:\windows\system32\shlwapi.dll c:\windows\system32\imm32.dll c:\windows\system32\msctf.dll c:\windows\system32\lpk.dll c:\windows\system32\usp10.dll c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll c:\program files\f-secure internet security\common\fsexc.dll c:\program files\f-secure internet security\fsgui\about.dll c:\windows\system32\comdlg32.dll c:\windows\system32\winspool.drv c:\windows\system32\oleaut32.dll c:\windows\system32\ole32.dll c:\program files\f-secure internet security\common\fsmres.eng c:\windows\system32\uxtheme.dll c:\windows\system32\secur32.dll c:\program files\f-secure internet security\fsgui\fsmuiav.dll c:\windows\system32\msimg32.dll c:\program files\f-secure internet security\fsgui\fsavures.eng c:\program files\f-secure internet security\tnb\fstnb.dll c:\program files\f-secure internet security\fsaua\program\fsauainfo.dll c:\program files\f-secure internet security\fsgui\guilaunc.dll c:\windows\system32\oleacc.dll c:\windows\system32\apphelp.dll c:\program files\f-secure internet security\common\fsmaui32.dll c:\windows\system32\mpr.dll c:\windows\system32\wtsapi32.dll c:\windows\system32\winsta.dll c:\program files\f-secure internet security\common\fsmaures.eng c:\windows\system32\riched32.dll c:\windows\system32\riched20.dll c:\program files\f-secure internet security\fsgui\aboutres.dll c:\program files\f-secure internet security\fsgui\strres.eng C:\PROGRAM FILES\SLYSOFT\ANYDVD\ANYDVD.EXE c:\program files\slysoft\anydvd\anydvd.exe c:\windows\system32\ntdll.dll c:\windows\system32\kernel32.dll c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll c:\windows\system32\msvcrt.dll c:\windows\system32\advapi32.dll c:\windows\system32\rpcrt4.dll c:\windows\system32\gdi32.dll c:\windows\system32\user32.dll c:\windows\system32\shlwapi.dll c:\windows\system32\shell32.dll c:\windows\system32\ole32.dll c:\windows\system32\imm32.dll c:\windows\system32\msctf.dll c:\windows\system32\lpk.dll c:\windows\system32\usp10.dll c:\windows\system32\uxtheme.dll c:\program files\slysoft\anydvd\anydialog.dll c:\windows\system32\version.dll c:\windows\system32\winspool.drv c:\windows\system32\comdlg32.dll c:\windows\system32\winmm.dll c:\windows\system32\oleaut32.dll c:\windows\system32\oleacc.dll c:\windows\system32\userenv.dll c:\windows\system32\secur32.dll c:\windows\system32\setupapi.dll c:\windows\system32\elbycdio.dll c:\windows\system32\clbcatq.dll c:\windows\system32\wininet.dll c:\windows\system32\normaliz.dll c:\windows\system32\iertutil.dll c:\windows\system32\ws2_32.dll c:\windows\system32\nsi.dll C:\PROGRAM FILES\LAVASOFT\AD-AWARE 2007\AAWSERVICE.EXE c:\program files\lavasoft\ad-aware 2007\aawservice.exe c:\windows\system32\ntdll.dll c:\windows\system32\kernel32.dll c:\program files\lavasoft\ad-aware 2007\ceapi.dll c:\windows\system32\advapi32.dll c:\windows\system32\rpcrt4.dll c:\program files\lavasoft\ad-aware 2007\pkarchive84cb.dll c:\windows\system32\shell32.dll c:\windows\system32\msvcrt.dll c:\windows\system32\gdi32.dll c:\windows\system32\user32.dll c:\windows\system32\shlwapi.dll c:\windows\system32\ole32.dll c:\windows\system32\crypt32.dll c:\windows\system32\msasn1.dll c:\windows\system32\userenv.dll c:\windows\system32\secur32.dll c:\windows\system32\wldap32.dll c:\windows\system32\ws2_32.dll c:\windows\system32\nsi.dll c:\windows\system32\psapi.dll c:\windows\system32\version.dll c:\windows\system32\wininet.dll c:\windows\system32\normaliz.dll c:\windows\system32\iertutil.dll c:\program files\lavasoft\ad-aware 2007\update.dll c:\windows\system32\wsock32.dll c:\windows\system32\imm32.dll c:\windows\system32\msctf.dll c:\windows\system32\lpk.dll c:\windows\system32\usp10.dll c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll c:\windows\system32\rsaenh.dll c:\windows\system32\wls0wndh.dll C:\PROGRAM FILES\WINDOWS MEDIA PLAYER\WMPNSCFG.EXE c:\program files\windows media player\wmpnscfg.exe c:\windows\system32\ntdll.dll c:\windows\system32\kernel32.dll c:\windows\system32\advapi32.dll c:\windows\system32\rpcrt4.dll c:\windows\system32\gdi32.dll c:\windows\system32\user32.dll c:\windows\system32\msvcrt.dll c:\windows\system32\ole32.dll c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16386_none_9ea0ac9ec96e7127\gdiplus.dll c:\windows\system32\shlwapi.dll c:\windows\system32\secur32.dll c:\windows\system32\netapi32.dll c:\windows\system32\psapi.dll c:\windows\system32\imm32.dll c:\windows\system32\msctf.dll c:\windows\system32\lpk.dll c:\windows\system32\usp10.dll c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll c:\windows\system32\uxtheme.dll c:\windows\system32\clbcatq.dll c:\windows\system32\oleaut32.dll c:\windows\system32\rsaenh.dll c:\program files\windows media player\wmpnssci.dll c:\windows\system32\ntmarta.dll c:\windows\system32\wldap32.dll c:\windows\system32\ws2_32.dll c:\windows\system32\nsi.dll c:\windows\system32\samlib.dll C:\PROGRAM FILES\GRISOFT\AVG ANTI-SPYWARE 7.5\GUARD.EXE c:\program files\grisoft\avg anti-spyware 7.5\guard.exe c:\windows\system32\ntdll.dll c:\windows\system32\kernel32.dll c:\program files\grisoft\avg anti-spyware 7.5\engine.dll c:\windows\system32\shfolder.dll c:\windows\system32\shell32.dll c:\windows\system32\msvcrt.dll c:\windows\system32\gdi32.dll c:\windows\system32\user32.dll c:\windows\system32\advapi32.dll c:\windows\system32\rpcrt4.dll c:\windows\system32\shlwapi.dll c:\windows\system32\winmm.dll c:\windows\system32\ole32.dll c:\windows\system32\oleaut32.dll c:\windows\system32\oleacc.dll c:\windows\system32\psapi.dll c:\windows\system32\version.dll c:\windows\system32\iphlpapi.dll c:\windows\system32\dhcpcsvc.dll c:\windows\system32\dnsapi.dll c:\windows\system32\ws2_32.dll c:\windows\system32\nsi.dll c:\windows\system32\secur32.dll c:\windows\system32\winnsi.dll c:\windows\system32\dhcpcsvc6.dll c:\windows\system32\imm32.dll c:\windows\system32\msctf.dll c:\windows\system32\lpk.dll c:\windows\system32\usp10.dll c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll c:\windows\system32\ntmarta.dll c:\windows\system32\wldap32.dll c:\windows\system32\samlib.dll c:\windows\system32\clbcatq.dll c:\windows\system32\wbem\wbemprox.dll c:\windows\system32\wbem\wbemcomn.dll c:\windows\system32\rsaenh.dll c:\windows\system32\wbem\wbemsvc.dll c:\windows\system32\wbem\fastprox.dll c:\windows\system32\ntdsapi.dll c:\windows\system32\netapi32.dll C:\PROGRAM FILES\F-SECURE INTERNET SECURITY\ANTI-VIRUS\FSGK32ST.EXE c:\program files\f-secure internet security\anti-virus\fsgk32st.exe c:\windows\system32\ntdll.dll c:\windows\system32\kernel32.dll c:\windows\system32\user32.dll c:\windows\system32\gdi32.dll c:\windows\system32\advapi32.dll c:\windows\system32\rpcrt4.dll c:\windows\system32\msvcrt.dll c:\windows\system32\imm32.dll c:\windows\system32\msctf.dll c:\windows\system32\lpk.dll c:\windows\system32\usp10.dll c:\windows\system32\apphelp.dll C:\PROGRAM FILES\F-SECURE INTERNET SECURITY\COMMON\FSMA32.EXE c:\program files\f-secure internet security\common\fsma32.exe c:\windows\system32\ntdll.dll c:\windows\system32\kernel32.dll c:\program files\f-secure internet security\common\fspmapi.dll c:\windows\system32\user32.dll c:\windows\system32\gdi32.dll c:\windows\system32\advapi32.dll c:\windows\system32\rpcrt4.dll c:\program files\f-secure internet security\common\fsma32.dll c:\windows\system32\imm32.dll c:\windows\system32\msctf.dll c:\windows\system32\msvcrt.dll c:\windows\system32\lpk.dll c:\windows\system32\usp10.dll c:\windows\system32\shlwapi.dll c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll c:\windows\system32\ole32.dll c:\windows\system32\userenv.dll c:\windows\system32\secur32.dll c:\program files\f-secure internet security\common\fsexc.dll c:\windows\system32\apphelp.dll c:\windows\system32\psapi.dll C:\PROGRAM FILES\F-SECURE INTERNET SECURITY\ANTI-VIRUS\FSGK32.EXE c:\program files\f-secure internet security\anti-virus\fsgk32.exe c:\windows\system32\ntdll.dll c:\windows\system32\kernel32.dll c:\windows\system32\advapi32.dll c:\windows\system32\rpcrt4.dll c:\windows\system32\user32.dll c:\windows\system32\gdi32.dll c:\windows\system32\imm32.dll c:\windows\system32\msctf.dll c:\windows\system32\msvcrt.dll c:\windows\system32\lpk.dll c:\windows\system32\usp10.dll c:\program files\f-secure internet security\common\fspmapi.dll c:\program files\f-secure internet security\common\fsma32s.dll c:\program files\f-secure internet security\anti-virus\avperf.dll c:\program files\f-secure internet security\scanner-interface\fsgkiapi.dll c:\windows\system32\fltlib.dll c:\program files\f-secure internet security\hips\fships.dll c:\windows\system32\version.dll c:\windows\system32\psapi.dll c:\windows\system32\wtsapi32.dll c:\windows\system32\userenv.dll c:\windows\system32\secur32.dll c:\program files\f-secure internet security\common\fsma32.dll c:\windows\system32\apphelp.dll c:\program files\f-secure internet security\daas\fsclm.dll c:\windows\system32\winsta.dll C:\WINDOWS\SYSTEM32\SVCHOST.EXE c:\windows\system32\svchost.exe c:\windows\system32\ntdll.dll c:\windows\system32\kernel32.dll c:\windows\system32\msvcrt.dll c:\windows\system32\advapi32.dll c:\windows\system32\rpcrt4.dll c:\windows\system32\ipsecsvc.dll c:\windows\system32\authz.dll c:\windows\system32\iphlpapi.dll c:\windows\system32\dhcpcsvc.dll c:\windows\system32\dnsapi.dll c:\windows\system32\ws2_32.dll c:\windows\system32\nsi.dll c:\windows\system32\secur32.dll c:\windows\system32\winnsi.dll c:\windows\system32\dhcpcsvc6.dll c:\windows\system32\crypt32.dll c:\windows\system32\user32.dll c:\windows\system32\gdi32.dll c:\windows\system32\msasn1.dll c:\windows\system32\userenv.dll c:\windows\system32\fwpuclnt.dll c:\windows\system32\firewallapi.dll c:\windows\system32\oleaut32.dll c:\windows\system32\ole32.dll c:\windows\system32\version.dll c:\windows\system32\fwremotesvr.dll c:\windows\system32\wldap32.dll c:\windows\system32\psapi.dll c:\windows\system32\imm32.dll c:\windows\system32\msctf.dll c:\windows\system32\lpk.dll c:\windows\system32\usp10.dll c:\program files\f-secure internet security\fsps\program\fslsp.dll c:\windows\system32\mswsock.dll c:\windows\system32\wshtcpip.dll c:\windows\system32\wship6.dll c:\windows\system32\credssp.dll c:\windows\system32\schannel.dll c:\windows\system32\netapi32.dll c:\windows\system32\svchost.exe c:\windows\system32\ntdll.dll c:\windows\system32\kernel32.dll c:\windows\system32\msvcrt.dll c:\windows\system32\advapi32.dll c:\windows\system32\rpcrt4.dll c:\windows\system32\wiaservc.dll c:\windows\system32\user32.dll c:\windows\system32\gdi32.dll c:\windows\system32\oleaut32.dll c:\windows\system32\ole32.dll c:\windows\system32\version.dll c:\windows\system32\comdlg32.dll c:\windows\system32\shlwapi.dll c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\comctl32.dll c:\windows\system32\shell32.dll c:\windows\system32\imm32.dll c:\windows\system32\msctf.dll c:\windows\system32\lpk.dll c:\windows\system32\usp10.dll c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll c:\windows\system32\wiatrace.dll c:\windows\system32\secur32.dll c:\windows\system32\credssp.dll c:\windows\system32\crypt32.dll c:\windows\system32\msasn1.dll c:\windows\system32\userenv.dll c:\windows\system32\schannel.dll c:\windows\system32\netapi32.dll c:\windows\system32\psapi.dll c:\windows\system32\msv1_0.dll c:\windows\system32\cryptdll.dll c:\windows\system32\ws2_32.dll c:\windows\system32\nsi.dll c:\windows\system32\wsdchngr.dll c:\windows\system32\clbcatq.dll c:\windows\system32\fundisc.dll c:\windows\system32\atl.dll c:\windows\system32\setupapi.dll c:\windows\system32\msxml3.dll c:\windows\system32\wintrust.dll c:\windows\system32\imagehlp.dll c:\windows\system32\rsaenh.dll c:\windows\system32\svchost.exe c:\windows\system32\ntdll.dll c:\windows\system32\kernel32.dll c:\windows\system32\msvcrt.dll c:\windows\system32\advapi32.dll c:\windows\system32\rpcrt4.dll c:\windows\system32\wersvc.dll C:\WINDOWS\SYSTEM32\SEARCHINDEXER.EXE c:\windows\system32\searchindexer.exe c:\windows\system32\ntdll.dll c:\windows\system32\kernel32.dll c:\windows\system32\advapi32.dll c:\windows\system32\rpcrt4.dll c:\windows\system32\user32.dll c:\windows\system32\gdi32.dll c:\windows\system32\msvcrt.dll c:\windows\system32\ole32.dll c:\windows\system32\oleaut32.dll c:\windows\system32\tquery.dll c:\windows\system32\propsys.dll c:\windows\system32\netapi32.dll c:\windows\system32\psapi.dll c:\windows\system32\wintrust.dll c:\windows\system32\crypt32.dll c:\windows\system32\msasn1.dll c:\windows\system32\userenv.dll c:\windows\system32\secur32.dll c:\windows\system32\imagehlp.dll c:\windows\system32\shlwapi.dll c:\windows\system32\query.dll c:\windows\system32\shell32.dll c:\windows\system32\mpr.dll c:\windows\system32\imm32.dll c:\windows\system32\msctf.dll c:\windows\system32\lpk.dll c:\windows\system32\usp10.dll c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll c:\windows\system32\clbcatq.dll c:\windows\system32\msstrc.dll c:\windows\system32\credssp.dll c:\windows\system32\schannel.dll c:\windows\system32\mssrch.dll c:\windows\system32\wtsapi32.dll c:\windows\system32\dbghelp.dll c:\windows\system32\version.dll c:\windows\system32\msidle.dll c:\windows\system32\winsta.dll c:\windows\system32\rsaenh.dll c:\windows\system32\propdefs.dll c:\windows\system32\en-us\tquery.dll.mui c:\windows\system32\esent.dll c:\windows\system32\msscb.dll c:\windows\system32\mssprxy.dll c:\windows\system32\vssapi.dll c:\windows\system32\atl.dll c:\windows\system32\vsstrace.dll c:\windows\system32\authz.dll c:\windows\system32\xmllite.dll c:\windows\system32\setupapi.dll c:\windows\system32\samlib.dll c:\windows\system32\es.dll c:\windows\system32\sxs.dll c:\windows\system32\slc.dll c:\windows\system32\apphelp.dll c:\windows\system32\ntmarta.dll c:\windows\system32\wldap32.dll c:\windows\system32\ws2_32.dll c:\windows\system32\nsi.dll c:\windows\system32\naturallanguage6.dll c:\windows\system32\shdocvw.dll c:\windows\system32\actxprxy.dll C:\PROGRAM FILES\F-SECURE INTERNET SECURITY\COMMON\FSMB32.EXE c:\program files\f-secure internet security\common\fsmb32.exe c:\windows\system32\ntdll.dll c:\windows\system32\kernel32.dll c:\windows\system32\rpcrt4.dll c:\windows\system32\advapi32.dll c:\windows\system32\user32.dll c:\windows\system32\gdi32.dll c:\windows\system32\imm32.dll c:\windows\system32\msctf.dll c:\windows\system32\msvcrt.dll c:\windows\system32\lpk.dll c:\windows\system32\usp10.dll c:\program files\f-secure internet security\common\fsexc.dll C:\PROGRAM FILES\F-SECURE INTERNET SECURITY\COMMON\FCH32.EXE c:\program files\f-secure internet security\common\fch32.exe c:\windows\system32\ntdll.dll c:\windows\system32\kernel32.dll c:\program files\f-secure internet security\common\fspmapi.dll c:\windows\system32\user32.dll c:\windows\system32\gdi32.dll c:\windows\system32\advapi32.dll c:\windows\system32\rpcrt4.dll c:\program files\f-secure internet security\common\fsma32.dll c:\windows\system32\imm32.dll c:\windows\system32\msctf.dll c:\windows\system32\msvcrt.dll c:\windows\system32\lpk.dll c:\windows\system32\usp10.dll c:\program files\f-secure internet security\common\fsexc.dll c:\program files\f-secure internet security\common\fspmeng.dll c:\program files\f-secure internet security\daas\fsclm.dll c:\windows\system32\ws2_32.dll c:\windows\system32\nsi.dll c:\windows\system32\iphlpapi.dll c:\windows\system32\dhcpcsvc.dll c:\windows\system32\dnsapi.dll c:\windows\system32\secur32.dll c:\windows\system32\winnsi.dll c:\windows\system32\dhcpcsvc6.dll c:\windows\system32\rasadhlp.dll C:\PROGRAM FILES\F-SECURE INTERNET SECURITY\COMMON\FAMEH32.EXE c:\program files\f-secure internet security\common\fameh32.exe c:\windows\system32\ntdll.dll c:\windows\system32\kernel32.dll c:\program files\f-secure internet security\common\fspmapi.dll c:\windows\system32\user32.dll c:\windows\system32\gdi32.dll c:\windows\system32\advapi32.dll c:\windows\system32\rpcrt4.dll c:\program files\f-secure internet security\common\fslapi.dll c:\program files\f-secure internet security\common\fsma32.dll c:\windows\system32\imm32.dll c:\windows\system32\msctf.dll c:\windows\system32\msvcrt.dll c:\windows\system32\lpk.dll c:\windows\system32\usp10.dll c:\windows\system32\wtsapi32.dll c:\program files\f-secure internet security\common\fsexc.dll c:\program files\f-secure internet security\common\amehevn.dll c:\program files\f-secure internet security\common\amehlog.dll c:\program files\f-secure internet security\common\amehsmt.dll c:\windows\system32\wsock32.dll c:\windows\system32\ws2_32.dll c:\windows\system32\nsi.dll c:\program files\f-secure internet security\common\amehtvl.dll C:\PROGRAM FILES\F-SECURE INTERNET SECURITY\ANTI-VIRUS\FSQH.EXE c:\program files\f-secure internet security\anti-virus\fsqh.exe c:\windows\system32\ntdll.dll c:\windows\system32\kernel32.dll c:\windows\system32\user32.dll c:\windows\system32\gdi32.dll c:\windows\system32\advapi32.dll c:\windows\system32\rpcrt4.dll c:\windows\system32\msvcrt.dll c:\windows\system32\imm32.dll c:\windows\system32\msctf.dll c:\windows\system32\lpk.dll c:\windows\system32\usp10.dll c:\program files\f-secure internet security\common\fsma32.dll c:\program files\f-secure internet security\common\fspmapi.dll c:\program files\f-secure internet security\anti-virus\qrt.dll c:\windows\system32\version.dll c:\windows\system32\secur32.dll C:\WINDOWS\SYSTEM32\TASKENG.EXE c:\windows\system32\taskeng.exe c:\windows\system32\ntdll.dll c:\windows\system32\kernel32.dll c:\windows\system32\advapi32.dll c:\windows\system32\rpcrt4.dll c:\windows\system32\user32.dll c:\windows\system32\gdi32.dll c:\windows\system32\msvcrt.dll c:\windows\system32\shell32.dll c:\windows\system32\shlwapi.dll c:\windows\system32\ole32.dll c:\windows\system32\oleaut32.dll c:\windows\system32\secur32.dll c:\windows\system32\xmllite.dll c:\windows\system32\mpr.dll c:\windows\system32\imm32.dll c:\windows\system32\msctf.dll c:\windows\system32\lpk.dll c:\windows\system32\usp10.dll c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll c:\windows\system32\rsaenh.dll c:\windows\system32\clbcatq.dll c:\windows\system32\tschannel.dll c:\windows\system32\dimsjob.dll c:\windows\system32\userenv.dll c:\windows\system32\ncrypt.dll c:\windows\system32\crypt32.dll c:\windows\system32\msasn1.dll c:\windows\system32\gpapi.dll c:\windows\system32\slc.dll c:\windows\system32\pautoenr.dll c:\windows\system32\netapi32.dll c:\windows\system32\psapi.dll c:\windows\system32\wldap32.dll c:\windows\system32\ws2_32.dll c:\windows\system32\nsi.dll c:\windows\system32\certcli.dll c:\windows\system32\atl.dll c:\windows\system32\wininet.dll c:\windows\system32\normaliz.dll c:\windows\system32\iertutil.dll c:\windows\system32\certenroll.dll c:\windows\system32\ntdsapi.dll c:\windows\system32\dnsapi.dll c:\windows\system32\winscard.dll c:\windows\system32\wtsapi32.dll c:\windows\system32\winsta.dll c:\windows\system32\apphelp.dll C:\PROGRAM FILES\F-SECURE INTERNET SECURITY\FSAUA\PROGRAM\FSAUA.EXE c:\program files\f-secure internet security\fsaua\program\fsaua.exe c:\windows\system32\ntdll.dll c:\windows\system32\kernel32.dll c:\windows\system32\ws2_32.dll c:\windows\system32\msvcrt.dll c:\windows\system32\advapi32.dll c:\windows\system32\rpcrt4.dll c:\windows\system32\nsi.dll c:\windows\system32\wininet.dll c:\windows\system32\shlwapi.dll c:\windows\system32\gdi32.dll c:\windows\system32\user32.dll c:\windows\system32\normaliz.dll c:\windows\system32\iertutil.dll c:\windows\system32\userenv.dll c:\windows\system32\secur32.dll c:\windows\system32\shell32.dll c:\windows\system32\sensapi.dll c:\windows\system32\imm32.dll c:\windows\system32\msctf.dll c:\windows\system32\lpk.dll c:\windows\system32\usp10.dll c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll c:\program files\f-secure internet security\common\fspmapi.dll c:\program files\f-secure internet security\common\fsma32.dll c:\windows\system32\apphelp.dll c:\windows\system32\ole32.dll c:\windows\system32\winsta.dll c:\windows\system32\netapi32.dll c:\windows\system32\psapi.dll c:\windows\system32\ntmarta.dll c:\windows\system32\wldap32.dll c:\windows\system32\samlib.dll c:\windows\system32\nlaapi.dll c:\windows\system32\iphlpapi.dll c:\windows\system32\dhcpcsvc.dll c:\windows\system32\dnsapi.dll c:\windows\system32\winnsi.dll c:\windows\system32\dhcpcsvc6.dll c:\windows\system32\mswsock.dll c:\windows\system32\winrnr.dll c:\windows\system32\napinsp.dll c:\windows\system32\pnrpnsp.dll c:\windows\system32\rasadhlp.dll c:\program files\f-secure internet security\fsps\program\fslsp.dll c:\windows\system32\wshtcpip.dll C:\PROGRAM FILES\F-SECURE INTERNET SECURITY\ANTI-VIRUS\FSSM32.EXE c:\program files\f-secure internet security\anti-virus\fssm32.exe c:\windows\system32\ntdll.dll c:\windows\system32\kernel32.dll c:\windows\system32\advapi32.dll c:\windows\system32\rpcrt4.dll c:\windows\system32\user32.dll c:\windows\system32\gdi32.dll c:\program files\f-secure internet security\anti-virus\fm4av.dll c:\windows\system32\imm32.dll c:\windows\system32\msctf.dll c:\windows\system32\msvcrt.dll c:\windows\system32\lpk.dll c:\windows\system32\usp10.dll c:\windows\system32\fltlib.dll c:\program files\f-secure internet security\anti-virus\avperf.dll c:\program files\f-secure internet security\anti-virus\avpproxy.dll c:\program files\f-secure internet security\anti-virus\avpfpi0.dll c:\program files\f-secure internet security\anti-virus\avp_iont.dll c:\program files\f-secure internet security\anti-virus\avpfpi1.dll c:\windows\system32\userenv.dll c:\windows\system32\secur32.dll c:\windows\system32\psapi.dll c:\windows\system32\ole32.dll c:\windows\system32\netapi32.dll c:\program files\f-secure internet security\anti-spyware\lsse.dll c:\program files\f-secure internet security\gemini\fsgem.dll c:\windows\system32\crypt32.dll c:\windows\system32\msasn1.dll c:\program files\f-secure internet security\anti-virus\fslfpi.dll c:\program files\f-secure internet security\anti-virus\dffpi.dll c:\windows\system32\ws2_32.dll c:\windows\system32\nsi.dll c:\program files\f-secure internet security\pegasus\fpinor.dll c:\program files\f-secure internet security\anti-virus\fsuss.dll c:\program files\f-secure internet security\anti-virus\fsusscr.dll c:\program files\f-secure internet security\daas\fsclm.dll c:\windows\system32\rsaenh.dll c:\windows\system32\ncrypt.dll c:\windows\system32\bcrypt.dll c:\windows\system32\ntmarta.dll c:\windows\system32\wldap32.dll c:\windows\system32\samlib.dll c:\windows\system32\gpapi.dll c:\windows\system32\slc.dll c:\program files\f-secure internet security\gemini\fsgeme.dll c:\windows\system32\oleaut32.dll c:\windows\system32\wintrust.dll c:\windows\system32\imagehlp.dll c:\program files\f-secure internet security\pegasus\nse_w32.dll c:\windows\system32\winsta.dll c:\windows\system32\shlwapi.dll c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll c:\windows\system32\shell32.dll C:\PROGRAM FILES\WINDOWS MEDIA PLAYER\WMPNETWK.EXE c:\program files\windows media player\wmpnetwk.exe c:\windows\system32\ntdll.dll c:\windows\system32\kernel32.dll c:\windows\system32\advapi32.dll c:\windows\system32\rpcrt4.dll c:\windows\system32\msvcrt.dll c:\windows\system32\user32.dll c:\windows\system32\gdi32.dll c:\windows\system32\oleaut32.dll c:\windows\system32\ole32.dll c:\windows\system32\wsock32.dll c:\windows\system32\ws2_32.dll c:\windows\system32\nsi.dll c:\windows\system32\iphlpapi.dll c:\windows\system32\dhcpcsvc.dll c:\windows\system32\dnsapi.dll c:\windows\system32\secur32.dll c:\windows\system32\winnsi.dll c:\windows\system32\dhcpcsvc6.dll c:\windows\system32\shlwapi.dll c:\windows\system32\wmpmde.dll c:\windows\system32\mf.dll c:\windows\system32\atl.dll c:\windows\system32\mfplat.dll c:\windows\system32\avrt.dll c:\windows\system32\evr.dll c:\windows\system32\winmm.dll c:\windows\system32\oleacc.dll c:\windows\system32\powrprof.dll c:\windows\system32\wmdrmsdk.dll c:\windows\system32\userenv.dll c:\windows\system32\imm32.dll c:\windows\system32\msctf.dll c:\windows\system32\lpk.dll c:\windows\system32\usp10.dll c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll c:\windows\system32\dxva2.dll c:\windows\system32\ntmarta.dll c:\windows\system32\wldap32.dll c:\windows\system32\psapi.dll c:\windows\system32\samlib.dll c:\windows\system32\clbcatq.dll c:\windows\system32\rsaenh.dll c:\windows\system32\upnp.dll c:\windows\system32\winhttp.dll c:\windows\system32\ssdpapi.dll c:\windows\system32\sxs.dll c:\windows\system32\wmp.dll c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\comctl32.dll c:\windows\system32\version.dll c:\windows\system32\msvfw32.dll c:\windows\system32\shell32.dll c:\windows\system32\dbghelp.dll c:\windows\system32\wmploc.dll c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16386_none_9ea0ac9ec96e7127\gdiplus.dll c:\windows\system32\actxprxy.dll c:\windows\system32\windowscodecs.dll c:\windows\system32\wintrust.dll c:\windows\system32\crypt32.dll c:\windows\system32\msasn1.dll c:\windows\system32\imagehlp.dll c:\windows\system32\ncrypt.dll c:\windows\system32\bcrypt.dll c:\windows\system32\gpapi.dll c:\windows\system32\slc.dll c:\windows\system32\cryptnet.dll c:\windows\system32\sensapi.dll c:\windows\system32\netapi32.dll c:\windows\system32\wmpps.dll c:\windows\system32\netprofm.dll c:\windows\system32\nlaapi.dll c:\windows\system32\npmproxy.dll C:\PROGRAM FILES\F-SECURE INTERNET SECURITY\FWES\PROGRAM\FSDFWD.EXE c:\program files\f-secure internet security\fwes\program\fsdfwd.exe c:\windows\system32\ntdll.dll c:\windows\system32\kernel32.dll c:\windows\system32\advapi32.dll c:\windows\system32\rpcrt4.dll c:\windows\system32\ws2_32.dll c:\windows\system32\msvcrt.dll c:\windows\system32\nsi.dll c:\windows\system32\iphlpapi.dll c:\windows\system32\dhcpcsvc.dll c:\windows\system32\dnsapi.dll c:\windows\system32\secur32.dll c:\windows\system32\winnsi.dll c:\windows\system32\dhcpcsvc6.dll c:\windows\system32\user32.dll c:\windows\system32\gdi32.dll c:\windows\system32\version.dll c:\windows\system32\ole32.dll c:\windows\system32\imm32.dll c:\windows\system32\msctf.dll c:\windows\system32\lpk.dll c:\windows\system32\usp10.dll c:\program files\f-secure internet security\common\fsma32.dll c:\program files\f-secure internet security\common\fspmapi.dll c:\program files\f-secure internet security\tnb\fstnb.dll c:\windows\system32\shlwapi.dll c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll c:\program files\f-secure internet security\common\fslapi.dll c:\program files\f-secure internet security\common\fswscs.dll c:\windows\system32\oleaut32.dll c:\windows\system32\msvcp60.dll c:\program files\f-secure internet security\fwes\program\fsmirror.dll c:\program files\f-secure internet security\scanner-interface\fsgkiapi.dll c:\program files\f-secure internet security\common\fsdfwres.eng c:\program files\f-secure internet security\fwes\program\fsesperf.dll c:\program files\f-secure internet security\fwes\program\fsfwperf.dll c:\program files\f-secure internet security\fsaua\program\fsaua_api_dll.dll c:\program files\f-secure internet security\daas\daas.dll c:\program files\f-secure internet security\daas\fsclm.dll C:\PROGRAM FILES\F-SECURE INTERNET SECURITY\FSAUA\PROGRAM\FSUS.EXE c:\program files\f-secure internet security\fsaua\program\fsus.exe c:\windows\system32\ntdll.dll c:\windows\system32\kernel32.dll c:\program files\f-secure internet security\fsaua\program\fsbwups_.dll c:\windows\system32\mpr.dll c:\windows\system32\advapi32.dll c:\windows\system32\rpcrt4.dll c:\windows\system32\user32.dll c:\windows\system32\gdi32.dll c:\windows\system32\wsock32.dll c:\windows\system32\ws2_32.dll c:\windows\system32\msvcrt.dll c:\windows\system32\nsi.dll c:\program files\f-secure internet security\fsaua\program\fsaua_api_dll.dll c:\windows\system32\comdlg32.dll c:\windows\system32\shlwapi.dll c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\comctl32.dll c:\windows\system32\shell32.dll c:\windows\system32\winspool.drv c:\windows\system32\oleaut32.dll c:\windows\system32\ole32.dll c:\windows\system32\imm32.dll c:\windows\system32\msctf.dll c:\windows\system32\lpk.dll c:\windows\system32\usp10.dll c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll c:\windows\system32\secur32.dll c:\program files\f-secure internet security\common\fspmapi.dll c:\program files\f-secure internet security\common\fsma32.dll c:\program files\f-secure internet security\tnb\fstnb.dll c:\windows\system32\iphlpapi.dll c:\windows\system32\dhcpcsvc.dll c:\windows\system32\dnsapi.dll c:\windows\system32\winnsi.dll c:\windows\system32\dhcpcsvc6.dll c:\windows\system32\rasadhlp.dll C:\PROGRAM FILES\F-SECURE INTERNET SECURITY\ANTI-VIRUS\FSAV32.EXE c:\program files\f-secure internet security\anti-virus\fsav32.exe c:\windows\system32\ntdll.dll c:\windows\system32\kernel32.dll c:\windows\system32\advapi32.dll c:\windows\system32\rpcrt4.dll c:\windows\system32\user32.dll c:\windows\system32\gdi32.dll c:\program files\f-secure internet security\anti-virus\fsched.dll c:\windows\system32\ole32.dll c:\windows\system32\msvcrt.dll c:\program files\f-secure internet security\anti-virus\fstsm.dll c:\windows\system32\shell32.dll c:\windows\system32\shlwapi.dll c:\windows\system32\imm32.dll c:\windows\system32\msctf.dll c:\windows\system32\lpk.dll c:\windows\system32\usp10.dll c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll c:\program files\f-secure internet security\common\fsma32s.dll c:\program files\f-secure internet security\common\fspmapi.dll c:\program files\f-secure internet security\common\fswscs.dll c:\windows\system32\oleaut32.dll c:\windows\system32\msvcp60.dll c:\program files\f-secure internet security\tnb\fstnb.dll c:\program files\f-secure internet security\common\fslapi.dll c:\program files\f-secure internet security\anti-virus\fsavhres.eng c:\windows\system32\clbcatq.dll c:\windows\system32\wbem\wbemprox.dll c:\windows\system32\wbem\wbemcomn.dll c:\windows\system32\ws2_32.dll c:\windows\system32\nsi.dll c:\windows\system32\rsaenh.dll c:\windows\system32\wbem\wbemsvc.dll c:\windows\system32\wbem\fastprox.dll c:\windows\system32\ntdsapi.dll c:\windows\system32\dnsapi.dll c:\windows\system32\wldap32.dll c:\windows\system32\psapi.dll c:\windows\system32\netapi32.dll c:\windows\system32\secur32.dll c:\program files\f-secure internet security\fsaua\program\fsaua_api_dll.dll c:\program files\f-secure internet security\common\fsma32.dll c:\program files\f-secure internet security\daas\fsclm.dll C:\PROGRAM FILES\F-SECURE INTERNET SECURITY\FSGUI\FSGUIDLL.EXE c:\program files\f-secure internet security\fsgui\fsguidll.exe c:\windows\system32\ntdll.dll c:\windows\system32\kernel32.dll c:\windows\system32\iphlpapi.dll c:\windows\system32\msvcrt.dll c:\windows\system32\advapi32.dll c:\windows\system32\rpcrt4.dll c:\windows\system32\dhcpcsvc.dll c:\windows\system32\dnsapi.dll c:\windows\system32\ws2_32.dll c:\windows\system32\nsi.dll c:\windows\system32\secur32.dll c:\windows\system32\winnsi.dll c:\windows\system32\dhcpcsvc6.dll c:\windows\system32\user32.dll c:\windows\system32\gdi32.dll c:\windows\system32\comdlg32.dll c:\windows\system32\shlwapi.dll c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll c:\windows\system32\shell32.dll c:\windows\system32\winspool.drv c:\windows\system32\ole32.dll c:\windows\system32\oleaut32.dll c:\windows\system32\imm32.dll c:\windows\system32\msctf.dll c:\windows\system32\lpk.dll c:\windows\system32\usp10.dll c:\windows\system32\uxtheme.dll c:\program files\f-secure internet security\common\fsexc.dll c:\program files\f-secure internet security\common\fslapi.dll c:\program files\f-secure internet security\fsgui\guiplugn.dll c:\windows\system32\msimg32.dll c:\program files\f-secure internet security\tnb\fstnb.dll c:\program files\f-secure internet security\fsgui\flyer.dll c:\windows\system32\wtsapi32.dll c:\windows\system32\version.dll c:\program files\f-secure internet security\common\fsma32.dll c:\program files\f-secure internet security\common\fspmapi.dll c:\program files\f-secure internet security\fsgui\strres.eng c:\windows\system32\winsta.dll c:\program files\f-secure internet security\fsgui\fsavesui.dll c:\program files\f-secure internet security\fsgui\flyerres.eng c:\program files\f-secure internet security\fsgui\gres.dll c:\windows\system32\apphelp.dll c:\windows\system32\propsys.dll c:\windows\system32\userenv.dll c:\windows\system32\clbcatq.dll c:\windows\system32\urlmon.dll c:\windows\system32\iertutil.dll c:\windows\system32\setupapi.dll C:\PROGRAM FILES\INTERNET EXPLORER\IEUSER.EXE c:\program files\internet explorer\ieuser.exe c:\windows\system32\ntdll.dll c:\windows\system32\kernel32.dll c:\windows\system32\advapi32.dll c:\windows\system32\rpcrt4.dll c:\windows\system32\user32.dll c:\windows\system32\gdi32.dll c:\windows\system32\msvcrt.dll c:\windows\system32\ole32.dll c:\windows\system32\psapi.dll c:\windows\system32\msimg32.dll c:\windows\system32\shell32.dll c:\windows\system32\shlwapi.dll c:\windows\system32\crypt32.dll c:\windows\system32\msasn1.dll c:\windows\system32\userenv.dll c:\windows\system32\secur32.dll c:\windows\system32\oleaut32.dll c:\windows\system32\version.dll c:\windows\system32\wintrust.dll c:\windows\system32\imagehlp.dll c:\windows\system32\imm32.dll c:\windows\system32\msctf.dll c:\windows\system32\lpk.dll c:\windows\system32\usp10.dll c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll c:\windows\system32\clbcatq.dll c:\windows\system32\rsaenh.dll c:\windows\system32\uxtheme.dll c:\windows\system32\actxprxy.dll c:\windows\system32\ieframe.dll c:\windows\system32\iertutil.dll c:\windows\system32\wininet.dll c:\windows\system32\normaliz.dll c:\windows\system32\ws2_32.dll c:\windows\system32\nsi.dll c:\windows\system32\rasapi32.dll c:\windows\system32\rasman.dll c:\windows\system32\netapi32.dll c:\windows\system32\tapi32.dll c:\windows\system32\rtutils.dll c:\windows\system32\winmm.dll c:\windows\system32\oleacc.dll c:\windows\system32\credssp.dll c:\windows\system32\schannel.dll c:\windows\system32\sensapi.dll c:\windows\system32\nlaapi.dll c:\windows\system32\iphlpapi.dll c:\windows\system32\dhcpcsvc.dll c:\windows\system32\dnsapi.dll c:\windows\system32\winnsi.dll c:\windows\system32\dhcpcsvc6.dll c:\windows\system32\rasadhlp.dll c:\windows\system32\apphelp.dll c:\windows\system32\sxs.dll c:\windows\system32\urlmon.dll c:\windows\system32\ntmarta.dll c:\windows\system32\wldap32.dll c:\windows\system32\samlib.dll c:\windows\system32\msfeeds.dll c:\windows\system32\mlang.dll c:\windows\system32\setupapi.dll C:\PROGRAM FILES\MOZILLA FIREFOX\FIREFOX.EXE c:\program files\mozilla firefox\firefox.exe c:\windows\system32\ntdll.dll c:\windows\system32\kernel32.dll c:\program files\mozilla firefox\js3250.dll c:\program files\mozilla firefox\nspr4.dll c:\windows\system32\advapi32.dll c:\windows\system32\rpcrt4.dll c:\windows\system32\wsock32.dll c:\windows\system32\ws2_32.dll c:\windows\system32\msvcrt.dll c:\windows\system32\nsi.dll c:\windows\system32\winmm.dll c:\windows\system32\user32.dll c:\windows\system32\gdi32.dll c:\windows\system32\ole32.dll c:\windows\system32\oleaut32.dll c:\windows\system32\oleacc.dll c:\program files\mozilla firefox\xpcom_core.dll c:\program files\mozilla firefox\plc4.dll c:\program files\mozilla firefox\plds4.dll c:\windows\system32\shell32.dll c:\windows\system32\shlwapi.dll c:\windows\system32\version.dll c:\program files\mozilla firefox\smime3.dll c:\program files\mozilla firefox\nss3.dll c:\program files\mozilla firefox\softokn3.dll c:\program files\mozilla firefox\ssl3.dll c:\program files\mozilla firefox\xpcom_compat.dll c:\windows\system32\comdlg32.dll c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll c:\windows\system32\winspool.drv c:\windows\system32\imm32.dll c:\windows\system32\msctf.dll c:\windows\system32\lpk.dll c:\windows\system32\usp10.dll c:\program files\f-secure internet security\fsps\program\fslsp.dll c:\program files\f-secure internet security\scanner-interface\fsgkiapi.dll c:\windows\system32\mswsock.dll c:\windows\system32\wship6.dll c:\windows\system32\uxtheme.dll c:\windows\system32\setupapi.dll c:\windows\system32\userenv.dll c:\windows\system32\secur32.dll c:\windows\system32\propsys.dll c:\windows\system32\clbcatq.dll c:\program files\mozilla firefox\components\myspell.dll c:\windows\system32\wshtcpip.dll c:\windows\system32\iphlpapi.dll c:\windows\system32\dhcpcsvc.dll c:\windows\system32\dnsapi.dll c:\windows\system32\winnsi.dll c:\windows\system32\dhcpcsvc6.dll c:\program files\mozilla firefox\components\jar50.dll c:\windows\system32\nlaapi.dll c:\windows\system32\winrnr.dll c:\windows\system32\wldap32.dll c:\windows\system32\psapi.dll c:\windows\system32\napinsp.dll c:\windows\system32\pnrpnsp.dll c:\windows\system32\msimtf.dll c:\windows\system32\rsaenh.dll c:\program files\mozilla firefox\components\spellchk.dll c:\users\nico jäväjä\appdata\roaming\mozilla\firefox\profiles\tf710844.default\extensions\{ffa36170-80b1-4535-b0e3-a4569e497dd0}\platform\winnt_x86-msvc\components\mgmouseservice.dll c:\program files\mozilla firefox\xpcom.dll c:\windows\system32\rasadhlp.dll c:\windows\system32\msimg32.dll c:\program files\mozilla firefox\freebl3.dll c:\program files\mozilla firefox\nssckbi.dll c:\program files\mozilla firefox\plugins\npnul32.dll c:\windows\system32\crypt32.dll c:\windows\system32\msasn1.dll c:\windows\system32\mlang.dll c:\windows\system32\wdmaud.drv c:\windows\system32\ksuser.dll c:\windows\system32\avrt.dll c:\windows\system32\mmdevapi.dll c:\windows\system32\wintrust.dll c:\windows\system32\imagehlp.dll c:\windows\system32\audioses.dll c:\windows\system32\audioeng.dll c:\windows\system32\msacm32.drv c:\windows\system32\msacm32.dll c:\windows\system32\midimap.dll c:\windows\system32\credssp.dll c:\windows\system32\schannel.dll c:\windows\system32\netapi32.dll c:\windows\system32\macromed\flash\npswf32.dll c:\windows\system32\wininet.dll c:\windows\system32\normaliz.dll c:\windows\system32\iertutil.dll C:\PROGRAM FILES\MOZILLA THUNDERBIRD\THUNDERBIRD.EXE c:\program files\mozilla thunderbird\thunderbird.exe c:\windows\system32\ntdll.dll c:\windows\system32\kernel32.dll c:\program files\mozilla thunderbird\js3250.dll c:\program files\mozilla thunderbird\nspr4.dll c:\windows\system32\advapi32.dll c:\windows\system32\rpcrt4.dll c:\windows\system32\wsock32.dll c:\windows\system32\ws2_32.dll c:\windows\system32\msvcrt.dll c:\windows\system32\nsi.dll c:\windows\system32\winmm.dll c:\windows\system32\user32.dll c:\windows\system32\gdi32.dll c:\windows\system32\ole32.dll c:\windows\system32\oleaut32.dll c:\windows\system32\oleacc.dll c:\program files\mozilla thunderbird\xpcom_core.dll c:\program files\mozilla thunderbird\plc4.dll c:\program files\mozilla thunderbird\plds4.dll c:\windows\system32\shell32.dll c:\windows\system32\shlwapi.dll c:\windows\system32\version.dll c:\program files\mozilla thunderbird\smime3.dll c:\program files\mozilla thunderbird\nss3.dll c:\program files\mozilla thunderbird\softokn3.dll c:\program files\mozilla thunderbird\ssl3.dll c:\program files\mozilla thunderbird\nsldap32v50.dll c:\program files\mozilla thunderbird\nsldappr32v50.dll c:\program files\mozilla thunderbird\xpcom_compat.dll c:\windows\system32\comdlg32.dll c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll c:\windows\system32\winspool.drv c:\windows\system32\imm32.dll c:\windows\system32\msctf.dll c:\windows\system32\lpk.dll c:\windows\system32\usp10.dll c:\program files\f-secure internet security\fsps\program\fslsp.dll c:\program files\f-secure internet security\scanner-interface\fsgkiapi.dll c:\windows\system32\mswsock.dll c:\windows\system32\wship6.dll c:\windows\system32\uxtheme.dll c:\windows\system32\setupapi.dll c:\windows\system32\userenv.dll c:\windows\system32\secur32.dll c:\windows\system32\propsys.dll c:\windows\system32\clbcatq.dll c:\program files\mozilla thunderbird\components\myspell.dll c:\windows\system32\wshtcpip.dll c:\windows\system32\iphlpapi.dll c:\windows\system32\dhcpcsvc.dll c:\windows\system32\dnsapi.dll c:\windows\system32\winnsi.dll c:\windows\system32\dhcpcsvc6.dll c:\program files\mozilla thunderbird\components\jar50.dll c:\windows\system32\nlaapi.dll c:\windows\system32\winrnr.dll c:\windows\system32\wldap32.dll c:\windows\system32\psapi.dll c:\windows\system32\napinsp.dll c:\windows\system32\pnrpnsp.dll c:\windows\system32\rsaenh.dll c:\windows\system32\msimtf.dll c:\program files\mozilla thunderbird\components\spellchk.dll c:\windows\system32\msimg32.dll c:\program files\mozilla thunderbird\freebl3.dll c:\program files\mozilla thunderbird\nssckbi.dll c:\windows\system32\rasadhlp.dll c:\windows\system32\wdmaud.drv c:\windows\system32\ksuser.dll c:\windows\system32\avrt.dll c:\windows\system32\mmdevapi.dll c:\windows\system32\wintrust.dll c:\windows\system32\crypt32.dll c:\windows\system32\msasn1.dll c:\windows\system32\imagehlp.dll c:\windows\system32\audioses.dll c:\windows\system32\audioeng.dll c:\windows\system32\msacm32.drv c:\windows\system32\msacm32.dll c:\windows\system32\midimap.dll c:\windows\system32\apphelp.dll c:\windows\system32\iertutil.dll c:\windows\system32\urlmon.dll C:\PROGRAM FILES\LAVASOFT\AD-AWARE 2007\AD-AWARE2007.EXE c:\program files\lavasoft\ad-aware 2007\ad-aware2007.exe c:\windows\system32\ntdll.dll c:\windows\system32\kernel32.dll c:\windows\system32\user32.dll c:\windows\system32\gdi32.dll c:\windows\system32\advapi32.dll c:\windows\system32\rpcrt4.dll c:\windows\system32\imm32.dll c:\windows\system32\msctf.dll c:\windows\system32\msvcrt.dll c:\windows\system32\lpk.dll c:\windows\system32\usp10.dll c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\comctl32.dll c:\windows\system32\comdlg32.dll c:\windows\system32\shlwapi.dll c:\windows\system32\shell32.dll c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll c:\windows\system32\oleaut32.dll c:\windows\system32\ole32.dll c:\windows\system32\ws2_32.dll c:\windows\system32\nsi.dll c:\windows\system32\inetmib1.dll c:\windows\system32\iphlpapi.dll c:\windows\system32\dhcpcsvc.dll c:\windows\system32\dnsapi.dll c:\windows\system32\secur32.dll c:\windows\system32\winnsi.dll c:\windows\system32\dhcpcsvc6.dll c:\windows\system32\snmpapi.dll c:\windows\system32\version.dll c:\windows\system32\mpr.dll c:\windows\system32\winmm.dll c:\windows\system32\oleacc.dll c:\windows\system32\uxtheme.dll c:\windows\system32\setupapi.dll c:\windows\system32\userenv.dll c:\windows\system32\windowscodecs.dll c:\windows\system32\apphelp.dll c:\windows\system32\olepro32.dll c:\windows\system32\dwmapi.dll End of Scan Section =========================== AVG ei jostain syystä suostunut tekemään raporttia, mutta otin skreenin mitä se löysi.
Kaspersky online-skanneri Skannaa koneesi Kaspersky Online Skannerilla Sinulta kysytään sallitko ActiveX -komponentin asentamisen Kasperskyltä, klikkaa Kyllä. [*] Ohjelma käynnistyy ja aloittaa viimeisimpien tunnistetiedostojen lataamisen. [*] Kun skanneri on asennettu ja tunnistetiedot ladattu, klikkaa Next. [*] Klikkaa nyt asetuksia, Scan Settings [*] Tarkista asetuksista, että seuraavat ovat valittuina: o Scan using the following Anti-Virus database: + Extended (Jos valittavissa, muuten valitse Standard) o Scan Options: + Scan Archives + Scan Mail Bases [*] Klikkaa OK [*] Nyt valitse "select a target to scan" otsikon alta Oma Tietokone, My Computer [*] Skannaus vie aikaa, joten ole kärsivällinen. Kun skannaus on valmis saat ilmoituksen, jos koneesi on saastunut. [*] Klikkaa nyt Save as Text-painiketta. [*] Tallenna tiedosto työpöydällesi. [*] Kopioi ja Liitä tiedoston sisältö seuraavaan vastaukseesi.
------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER REPORT Friday, June 29, 2007 6:16:52 AM Operating System: Microsoft Windows Vista Professional, (Build 6000) Kaspersky Online Scanner version: 5.0.93.0 Kaspersky Anti-Virus database last update: 28/06/2007 Kaspersky Anti-Virus database records: 355012 ------------------------------------------------------------------------------- Scan Settings: Scan using the following antivirus database: extended Scan Archives: true Scan Mail Bases: true Scan Target - My Computer: C:\ E:\ F:\ H:\ I:\ J:\ K:\ Scan Statistics: Total number of scanned objects: 85493 Number of viruses found: 1 Number of infected objects: 3 Number of suspicious objects: 0 Duration of the scan process: 00:56:52 Infected Object Name / Virus Name / Last Action C:\Boot\BCD Object is locked skipped C:\Boot\BCD.LOG Object is locked skipped C:\Program Files\F-Secure Internet Security\Anti-Virus\dbupdate.log Object is locked skipped C:\Program Files\F-Secure Internet Security\Anti-Virus\deleteme_msg.log Object is locked skipped C:\Program Files\F-Secure Internet Security\Anti-Virus\fsqh.exe.Qrt.log Object is locked skipped C:\Program Files\F-Secure Internet Security\Anti-Virus\perf.dat Object is locked skipped C:\Program Files\F-Secure Internet Security\Anti-Virus\power.dat Object is locked skipped C:\Program Files\F-Secure Internet Security\Common\History\ha.bpf Object is locked skipped C:\Program Files\F-Secure Internet Security\Common\History\hb.bpf Object is locked skipped C:\Program Files\F-Secure Internet Security\Common\History\index.txt Object is locked skipped C:\Program Files\F-Secure Internet Security\Common\policy.bpf Object is locked skipped C:\Program Files\F-Secure Internet Security\Common\policy.ipf Object is locked skipped C:\Program Files\F-Secure Internet Security\DAAS\daas.log Object is locked skipped C:\Program Files\F-Secure Internet Security\FSAUA\fsbwupst.log Object is locked skipped C:\Program Files\F-Secure Internet Security\FSAUA\program\fsaua.dbg Object is locked skipped C:\Program Files\F-Secure Internet Security\FSAUA\program\fsaua.log Object is locked skipped C:\ProgramData\F-Secure\logs\FSMA\fsma.log Object is locked skipped C:\Users\*\AppData\Local\Microsoft\Feeds Cache\index.dat Object is locked skipped C:\Users\*\AppData\Local\Microsoft\Internet Explorer\MSIMGSIZ.DAT Object is locked skipped C:\Users\*\AppData\Local\Microsoft\Windows\Explorer\thumbcache_1024.db Object is locked skipped C:\Users\*\AppData\Local\Microsoft\Windows\Explorer\thumbcache_256.db Object is locked skipped C:\Users\*\AppData\Local\Microsoft\Windows\Explorer\thumbcache_32.db Object is locked skipped C:\Users\*\AppData\Local\Microsoft\Windows\Explorer\thumbcache_96.db Object is locked skipped C:\Users\*\AppData\Local\Microsoft\Windows\Explorer\thumbcache_idx.db Object is locked skipped C:\Users\*\AppData\Local\Microsoft\Windows\Explorer\thumbcache_sr.db Object is locked skipped C:\Users\*\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat Object is locked skipped C:\Users\*\AppData\Local\Microsoft\Windows\History\Low\History.IE5\index.dat Object is locked skipped C:\Users\*\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Users\*\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped C:\Users\*\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\index.dat Object is locked skipped C:\Users\*\AppData\Local\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Users\*\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1 Object is locked skipped C:\Users\*\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG2 Object is locked skipped C:\Users\*\AppData\Local\Microsoft\Windows\UsrClass.dat{702dfd94-1bee-11dc-b29f-0013d3dbdfa7}.TM.blf Object is locked skipped C:\Users\*\AppData\Local\Microsoft\Windows\UsrClass.dat{702dfd94-1bee-11dc-b29f-0013d3dbdfa7}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped C:\Users\*\AppData\Local\Microsoft\Windows\UsrClass.dat{702dfd94-1bee-11dc-b29f-0013d3dbdfa7}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped C:\Users\*\AppData\Local\Microsoft\Windows Defender\FileTracker\{DC372B8D-6B6B-417C-ACA8-AF75D3965B86} Object is locked skipped C:\Users\*\AppData\Local\Mozilla\Firefox\Profiles\tf710844.default\Cache\_CACHE_001_ Object is locked skipped C:\Users\*\AppData\Local\Mozilla\Firefox\Profiles\tf710844.default\Cache\_CACHE_002_ Object is locked skipped C:\Users\*\AppData\Local\Mozilla\Firefox\Profiles\tf710844.default\Cache\_CACHE_003_ Object is locked skipped C:\Users\*\AppData\Local\Mozilla\Firefox\Profiles\tf710844.default\Cache\_CACHE_MAP_ Object is locked skipped C:\Users\*\AppData\Local\Temp\FXSAPIDebugLogFile.txt Object is locked skipped C:\Users\*\AppData\Roaming\Microsoft\Windows\Cookies\index.dat Object is locked skipped C:\Users\*\AppData\Roaming\Microsoft\Windows\Cookies\Low\index.dat Object is locked skipped C:\Users\*\AppData\Roaming\Mozilla\Firefox\Profiles\tf710844.default\cert8.db Object is locked skipped C:\Users\*\AppData\Roaming\Mozilla\Firefox\Profiles\tf710844.default\formhistory.dat Object is locked skipped C:\Users\*\AppData\Roaming\Mozilla\Firefox\Profiles\tf710844.default\history.dat Object is locked skipped C:\Users\*\AppData\Roaming\Mozilla\Firefox\Profiles\tf710844.default\key3.db Object is locked skipped C:\Users\*\AppData\Roaming\Mozilla\Firefox\Profiles\tf710844.default\parent.lock Object is locked skipped C:\Users\*\AppData\Roaming\Mozilla\Firefox\Profiles\tf710844.default\search.sqlite Object is locked skipped C:\Users\*\AppData\Roaming\Mozilla\Firefox\Profiles\tf710844.default\urlclassifier2.sqlite Object is locked skipped C:\Users\*\Desktop\SmitfraudFix.exe/data.rar/SmitfraudFix/Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped C:\Users\*\Desktop\SmitfraudFix.exe/data.rar Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped C:\Users\*\Desktop\SmitfraudFix.exe RarSFX: infected - 2 skipped C:\Users\*\NTUSER.DAT Object is locked skipped C:\Users\*\ntuser.dat.LOG1 Object is locked skipped C:\Users\*\ntuser.dat.LOG2 Object is locked skipped C:\Users\*\NTUSER.DAT{0f69446d-6a70-11db-8eb3-985e31beb686}.TM.blf Object is locked skipped C:\Users\*\NTUSER.DAT{0f69446d-6a70-11db-8eb3-985e31beb686}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped C:\Users\*\NTUSER.DAT{0f69446d-6a70-11db-8eb3-985e31beb686}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped C:\Windows\Debug\PASSWD.LOG Object is locked skipped C:\Windows\Debug\sam.log Object is locked skipped C:\Windows\Logs\DPX\setupact.log Object is locked skipped C:\Windows\Logs\DPX\setuperr.log Object is locked skipped C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe.config Object is locked skipped C:\Windows\Panther\UnattendGC\diagerr.xml Object is locked skipped C:\Windows\Panther\UnattendGC\diagwrn.xml Object is locked skipped C:\Windows\Panther\UnattendGC\setupact.log Object is locked skipped C:\Windows\Panther\UnattendGC\setuperr.log Object is locked skipped C:\Windows\security\database\secedit.sdb Object is locked skipped C:\Windows\SoftwareDistribution\EventCache\{853DAC40-CF12-4A87-9551-160D54C09C00}.bin Object is locked skipped C:\Windows\SoftwareDistribution\ReportingEvents.log Object is locked skipped C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 Object is locked skipped C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 Object is locked skipped C:\Windows\System32\catroot2\edb.log Object is locked skipped C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb Object is locked skipped C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb Object is locked skipped C:\Windows\System32\config\COMPONENTS Object is locked skipped C:\Windows\System32\config\COMPONENTS.LOG1 Object is locked skipped C:\Windows\System32\config\COMPONENTS.LOG2 Object is locked skipped C:\Windows\System32\config\DEFAULT Object is locked skipped C:\Windows\System32\config\DEFAULT.LOG1 Object is locked skipped C:\Windows\System32\config\DEFAULT.LOG2 Object is locked skipped C:\Windows\System32\config\SAM Object is locked skipped C:\Windows\System32\config\SAM.LOG1 Object is locked skipped C:\Windows\System32\config\SAM.LOG2 Object is locked skipped C:\Windows\System32\config\SECURITY Object is locked skipped C:\Windows\System32\config\SECURITY.LOG1 Object is locked skipped C:\Windows\System32\config\SECURITY.LOG2 Object is locked skipped C:\Windows\System32\config\SOFTWARE Object is locked skipped C:\Windows\System32\config\SOFTWARE.LOG1 Object is locked skipped C:\Windows\System32\config\SOFTWARE.LOG2 Object is locked skipped C:\Windows\System32\config\SYSTEM Object is locked skipped C:\Windows\System32\config\SYSTEM.LOG1 Object is locked skipped C:\Windows\System32\config\SYSTEM.LOG2 Object is locked skipped C:\Windows\System32\config\TxR\{250834b7-750c-494d-bdc3-da86b6e2101a}.TxR.0.regtrans-ms Object is locked skipped C:\Windows\System32\config\TxR\{250834b7-750c-494d-bdc3-da86b6e2101a}.TxR.1.regtrans-ms Object is locked skipped C:\Windows\System32\config\TxR\{250834b7-750c-494d-bdc3-da86b6e2101a}.TxR.2.regtrans-ms Object is locked skipped C:\Windows\System32\config\TxR\{250834b7-750c-494d-bdc3-da86b6e2101a}.TxR.blf Object is locked skipped C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TM.blf Object is locked skipped C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped C:\Windows\System32\drivers\core.cache.dsk Object is locked skipped C:\Windows\System32\drivers\core.sys Object is locked skipped C:\Windows\System32\drivers\sptd.sys Object is locked skipped C:\Windows\System32\LogFiles\Scm\SCM.EVM Object is locked skipped C:\Windows\System32\LogFiles\WUDF\WUDFTrace.etl Object is locked skipped C:\Windows\System32\restore\MachineGuid.txt Object is locked skipped C:\Windows\System32\spool\SpoolerETW.etl Object is locked skipped C:\Windows\System32\wbem\AutoRecover\0362B4787685BACB0A91F4523A6C5B02.mof Object is locked skipped C:\Windows\System32\wbem\AutoRecover\1127785A0D2515EFB14D770974186973.mof Object is locked skipped C:\Windows\System32\wbem\AutoRecover\1BFEB2146964276E63D5BDBF1E6CEE3D.mof Object is locked skipped C:\Windows\System32\wbem\AutoRecover\3D4C4DA08E39A4D0694AD58275CC59C9.mof Object is locked skipped C:\Windows\System32\wbem\AutoRecover\4241732DCF7D7A4ADEC9E1E13C5AF4E7.mof Object is locked skipped C:\Windows\System32\wbem\AutoRecover\51C439FE2321D09DE8EAEBD9EBF4EC8F.mof Object is locked skipped C:\Windows\System32\wbem\AutoRecover\51F1B5EC0094E5D25115092610CB5598.mof Object is locked skipped C:\Windows\System32\wbem\AutoRecover\54B1DC87AC27C5F90A276AC457555D30.mof Object is locked skipped C:\Windows\System32\wbem\AutoRecover\5E0782DFDE0EB5CF32AE34000191E366.mof Object is locked skipped C:\Windows\System32\wbem\AutoRecover\6201B795849224C844635401410F9B50.mof Object is locked skipped C:\Windows\System32\wbem\AutoRecover\65E2874A603ECDF0E374F109D9FDF548.mof Object is locked skipped C:\Windows\System32\wbem\AutoRecover\6D32D8B841762BD6A40F1A3AB0B6EFA2.mof Object is locked skipped C:\Windows\System32\wbem\AutoRecover\700157A4D28DE4F6B58A4D6258009A01.mof Object is locked skipped C:\Windows\System32\wbem\AutoRecover\727E6D6C4B3B75813C127B5A45780C43.mof Object is locked skipped C:\Windows\System32\wbem\AutoRecover\8EA90EC69C8EAF91AEF941AE76286881.mof Object is locked skipped C:\Windows\System32\wbem\AutoRecover\9223F9CD1DE2C7825D6BD888874074BF.mof Object is locked skipped C:\Windows\System32\wbem\AutoRecover\939C638717F3C06B132743AA34AF63E5.mof Object is locked skipped C:\Windows\System32\wbem\AutoRecover\9B52C19BADB41D2D1EA90ACAD34DAAD1.mof Object is locked skipped C:\Windows\System32\wbem\AutoRecover\9F186A255B2B8639F5EE8E8FEBB98710.mof Object is locked skipped C:\Windows\System32\wbem\AutoRecover\A97F22CE83FA0E7B71D81AC7843ED128.mof Object is locked skipped C:\Windows\System32\wbem\AutoRecover\B6D14C2E674E83D9515AC3DEF725E0AC.mof Object is locked skipped C:\Windows\System32\wbem\AutoRecover\B976CEEBE58BCC597F22C8AA958EDDD1.mof Object is locked skipped C:\Windows\System32\wbem\AutoRecover\BB2B8DA4050E7585A54EF8DDF2BB27D3.mof Object is locked skipped C:\Windows\System32\wbem\AutoRecover\BF3A10890778E4D8159D7713B6234F09.mof Object is locked skipped C:\Windows\System32\wbem\AutoRecover\C9F325917384D991C5300825D9F56E1C.mof Object is locked skipped C:\Windows\System32\wbem\AutoRecover\D55D6B25F9072BA4FC3A086E7F735F71.mof Object is locked skipped C:\Windows\System32\wbem\AutoRecover\DF1966B8A1C68B8175452F99CAEC2C88.mof Object is locked skipped C:\Windows\System32\wbem\AutoRecover\E4637F90CF1DD9A045D840098A66EB3D.mof Object is locked skipped C:\Windows\System32\wbem\AutoRecover\E48393ACB04A833A549B014D7A12FBC4.mof Object is locked skipped C:\Windows\System32\wbem\AutoRecover\E652BD838796B6410C95E5A12753451B.mof Object is locked skipped C:\Windows\System32\wbem\AutoRecover\F579BE2ADD71E7FF1AB24C10EEE395DF.mof Object is locked skipped C:\Windows\System32\wbem\AutoRecover\FC04F9C34BDA1EC0D9D88BEDC2B29E33.mof Object is locked skipped C:\Windows\System32\wbem\AutoRecover\FDD6FF2996C25746CE30A61266B3F9C3.mof Object is locked skipped C:\Windows\System32\wbem\Logs\WMITracing.log Object is locked skipped C:\Windows\System32\wbem\Repository\INDEX.BTR Object is locked skipped C:\Windows\System32\wbem\Repository\MAPPING1.MAP Object is locked skipped C:\Windows\System32\wbem\Repository\MAPPING2.MAP Object is locked skipped C:\Windows\System32\wbem\Repository\OBJECTS.DATA Object is locked skipped C:\Windows\System32\winevt\Logs\Antivirus.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Application.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\DFS Replication.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\HardwareEvents.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Internet Explorer.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Key Management Service.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Media Center.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-Bits-Client%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-CodeIntegrity%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnosis-DPS%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnostics-Networking%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnostics-Performance%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-DiskDiagnosticDataCollector%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-DriverFrameworks-UserMode%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-GroupPolicy%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-Help%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-International%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-WHEA.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-LanguagePackSetup%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-MUI%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-NetworkAccessProtection%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-ParentalControls%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-Program-Compatibility-Assistant%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-ReadyBoost%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-ReliabilityAnalysisComponent%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-Resource-Exhaustion-Detector%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-Resource-Exhaustion-Resolver%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-Resource-Leak-Diagnostic%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-RestartManager%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-TaskScheduler%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-UAC%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-UAC-FileVirtualization%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-WindowsUpdateClient%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-Winsock-WS2HELP%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Security.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Setup.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\System.evtx Object is locked skipped C:\Windows\Tasks\SCHEDLGU.TXT Object is locked skipped C:\Windows\WindowsUpdate.log Object is locked skipped C:\Windows\winsxs\x86_microsoft-windows-n..n_service_datastore_31bf3856ad364e35_6.0.6000.16386_none_cef7ceb03914a67f\dnary.xsd Object is locked skipped Scan process completed.
Kyllä on. Käytän itse Mozillaa ja Operaa, mutta PopUpit tulevat IE:llä. Yleensä silloin kun on joku toinen selain päällä.
Moi, combofix toimii vistassa. Ajetaanpas blacklightia. Lataa ja tallenna Blacklight työpöydällesi; Tupla-klikkaa fsbl.exe, hyväksy sopimus, klikkaa -> Scan, sitten -> Next Näet listan kaikesta mitä löytyi. Työpöydällesi myös ilmestyy loki jonka nimi on fsbl.xxxxxxx.log (xxxxxxx;n tilalla on luultavimmin numeroita). Kopioi ja liitä tämä loki seuraavaan vastaukseesi. Älä valitse "Rename" optiota vielä! Haluamme nähdä login ensin, koska hyviä tiedostoja saattaa olla mukana, kuten "wbemtest.exe". ======== Lataa Dr.Web CureIt työpöydälle: ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe [*]Tuplaklikkaa drweb-cureit.exe ja anna sen tehdä express scan [*]Se skannaa käynnissä olevat ohjelmat ja jos jotain löytyy, klikkaa yes kun se kysyy haluatko poistaa sen. Tämä on vain lyhyt scan. [*]Kun scan on valmis, merkkaa asemat, jotka haluat scannata. [*]Valitse kaikki asemat. Punainen piste osoittaa, mitkä asemat on valittu. [*]Klikaa vihreää nuolta oikealla ja scan alkaa. [*]Klikkaa 'Yes to all', jos kysytään haluatko poistaa/siirtää tiedoston. [*]Kun scan on valmis, katso voitko klikata next-kuvaketta löytyneiden tiedostojen vieressä: [*]Jos asia on niin, klikkaa sitä ja sitten klikkaa next-kuvaketta oikealla alhaalla ja valitse Move incurable kuten alla olevalla kuvassa: Tämä siirtää sen %userprofile%\DoctorWeb\quarantine-hakemistoon. [*]Tämän jälkeen klikkaa Dr.Web CureIt-valikossa file ja valitse save report list [*]Tallenna raportti työpöydälle. Raportin nimi on DrWeb.csv [*]Sulje Dr.Web Cureit. [*]Käynnistä kone uudelleen !! Tämä siksi, että käytössä olevat tiedostot poistetaan/siirretään käynnistyksen yhteydessä. [*]Käynnistyksen jälkeen liitä Dr.Web-lokin, jonka tallensit aiemmin, sisältö seuraavaan vastaukseesi.
Blacklight 06/29/07 17:59:47 [Info]: BlackLight Engine 1.0.64 initialized 06/29/07 17:59:47 [Info]: OS: 6.0 build 6000 () 06/29/07 17:59:47 [Note]: 7019 4 06/29/07 17:59:47 [Note]: 7005 0 06/29/07 17:59:50 [Note]: 7006 0 06/29/07 17:59:50 [Note]: 7027 0 06/29/07 17:59:52 [Note]: FSRAW library version 1.7.1022 06/29/07 18:02:45 [Note]: 7007 0 Dr. Web Process.exe;C:\Program Files\Mozilla Firefox\SmitfraudFix;Tool.Prockill;Incurable.Moved.; restart.exe;C:\Program Files\Mozilla Firefox\SmitfraudFix;Tool.ShutDown.11;Incurable.Moved.; Process.exe;C:\Windows\System32;Tool.Prockill;Incurable.Moved.; --- Aina vaan pomppii ---
koita saada toi combofix toimii, se on ainakin muilla toiminu, tai sitten rouheesti vaan asennat vistan uudelleen.
