Logfile of HijackThis v1.99.1 Scan saved at 13:12:36, on 12.8.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16473) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Logitech\Bluetooth\LBTSERV.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\Sygate\SPF\smc.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\WIDCOMM\Bluetooth-ohjelmisto\bin\btwdins.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Logitech\Easy Synchronization\servicestub.exe C:\Program Files\Logitech\Easy Synchronization\LogitechEasySync.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\Program Files\Logitech\SetPoint\LBTWiz.exe C:\Program Files\Logitech\Easy Synchronization\LogitechEasySync.exe C:\Program Files\Logitech\MediaLife\MediaLifeService.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\DAEMON Tools\daemon.exe C:\Program Files\PC Connectivity Solution\ServiceLayer.exe C:\Program Files\WIDCOMM\Bluetooth-ohjelmisto\BTTray.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\PC Connectivity Solution\NclBTHandler.exe C:\hjt\scanner.exe.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [Logitech BT Wizard] LBTWiz.exe -silent O4 - HKLM\..\Run: [Easy Synchronization] C:\Program Files\Logitech\Easy Synchronization\LogitechEasySync.exe O4 - HKLM\..\Run: [MediaLifeService] "C:\Program Files\Logitech\MediaLife\MediaLifeService.exe" O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup O4 - HKLM\..\RunOnce: [Easy Synchronization] C:\Program Files\Logitech\Easy Synchronization\LogitechEasySync.exe --ports O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth-ohjelmisto\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth-ohjelmisto\btsendto_ie.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [INTERNATIONAL] International* O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://a1540.g.akamai.net/7/1540/52/20070501/qtinstall.info.apple.com/qtactivex/qtplugin.cab O20 - Winlogon Notify: LBTWlgn - c:\program files\common files\logitech\bluetooth\LBTWlgn.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth-ohjelmisto\bin\btwdins.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTSERV.EXE O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Logitech Easy Synchronization - Unknown owner - C:\Program Files\Logitech\Easy Synchronization\servicestub.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
Lataa Deckard's System Scanner Työpöydällesi. Huomioi: Sinulla tulee olla Järjestelmänvalvojan oikeudet ajaaksesi ohjelman. [*]Sulje kaikki avoimet ikkunat ja ohjelmat. [*]Tupla Klikkaa Dss.exe tiedostoa ajaaksesi ohjelman, seuraa ohjeita. [*]Kun Scannaus on valmis 2 textitiedostoa pitäisi avautua, Main.txt ja extra.txt [*]Näppäile Kopioi ( CTRL+A -> CTRL + C ) ja liitä ( CTRL + V ) [*]kopioi ja liitä Extra.txt & Main.txt sisältö seuraavaan vastaukseesi.
Deckard's System Scanner v20070809.63 Run by Mikko on 2007-08-15 at 12:22:07 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- System Restore -------------------------------------------------------------- Successfully created a Deckard's System Scanner Restore Point. -- Last 5 Restore Point(s) -- 11: 2007-08-15 09:22:11 UTC - RP11 - Deckard's System Scanner Restore Point 10: 2007-08-15 00:47:18 UTC - RP10 - Software Distribution Service 3.0 9: 2007-08-14 12:25:04 UTC - RP9 - Järjestelmän tarkistuspiste 8: 2007-08-13 12:24:00 UTC - RP8 - Järjestelmän tarkistuspiste 7: 2007-08-12 12:22:57 UTC - RP7 - Installed Java(TM) 6 Update 2 -- First Restore Point -- 1: 2007-08-12 10:04:57 UTC - RP1 - Järjestelmän tarkistuspiste Backed up registry hives. Performed disk cleanup. -- HijackThis Clone ------------------------------------------------------------ Emulating logfile of HijackThis v1.99.1 Scan saved at 2007-08-15 12:23:14 Platform: Windows XP Service Pack 2 (5.01.2600) MSIE: Internet Explorer (7.00.6000.16512) Running processes: C:\WINDOWS\system32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Logitech\Bluetooth\LBTSERV.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\Sygate\SPF\Smc.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Documents and Settings\Mikko\Työpöytä\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\WIDCOMM\Bluetooth-ohjelmisto\bin\btwdins.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Logitech\Easy Synchronization\servicestub.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Logitech\Easy Synchronization\LogitechEasySync.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Logitech\SetPoint\LBTWiz.exe C:\Program Files\Logitech\Easy Synchronization\LogitechEasySync.exe C:\Program Files\Logitech\MediaLife\MediaLifeService.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\WIDCOMM\Bluetooth-ohjelmisto\BTTray.exe C:\Program Files\PC Connectivity Solution\ServiceLayer.exe C:\Program Files\WIDCOMM\Bluetooth-ohjelmisto\BTStackServer.exe C:\Program Files\PC Connectivity Solution\NclBTHandler.exe C:\Program Files\Mozilla Firefox\firefox.exe E:\Lataukset\dss.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit R1 - HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O4 - HKEY_LOCAL_MACHINE\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKEY_LOCAL_MACHINE\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKEY_LOCAL_MACHINE\..\Run: [nwiz] nwiz.exe /install O4 - HKEY_LOCAL_MACHINE\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKEY_LOCAL_MACHINE\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKEY_LOCAL_MACHINE\..\Run: [Logitech BT Wizard] LBTWiz.exe -silent O4 - HKEY_LOCAL_MACHINE\..\Run: [Easy Synchronization] C:\Program Files\Logitech\Easy Synchronization\LogitechEasySync.exe O4 - HKEY_LOCAL_MACHINE\..\Run: [MediaLifeService] "C:\Program Files\Logitech\MediaLife\MediaLifeService.exe" O4 - HKEY_LOCAL_MACHINE\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui O4 - HKEY_LOCAL_MACHINE\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKEY_LOCAL_MACHINE\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKEY_LOCAL_MACHINE\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup O4 - HKEY_LOCAL_MACHINE\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKEY_LOCAL_MACHINE\..\RunOnce: [Easy Synchronization] C:\Program Files\Logitech\Easy Synchronization\LogitechEasySync.exe --ports O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe O4 - Global Startup: BTTray.lnk = C:\Program Files\WIDCOMM\Bluetooth-ohjelmisto\BTTray.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll O9 - Extra button: (no name) - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth-ohjelmisto\btsendto_ie.htm O9 - Extra 'Tools' menuitem: (no name) - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth-ohjelmisto\btsendto_ie.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} (Microsoft Office Template and Media Control) - http://office.microsoft.com/templates/ieawsdc.cab O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} () - http://a1540.g.akamai.net/7/1540/52/20070501/qtinstall.info.apple.com/qtactivex/qtplugin.cab O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab O18 - Protocol: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL O18 - Protocol: lid - {5C135180-9973-46D9-ABF4-148267CBB8BF} - C:\WINDOWS\system32\msvidctl.dll O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL O20 - Winlogon Notify: LBTWlgn - C:\Program Files\Common Files\Logitech\Bluetooth\LBTWlgn.DLL O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - "C:\Program Files\AntiVir PersonalEdition Classic\sched.exe" O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - "C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe" O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth-ohjelmisto\bin\btwdins.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTSERV.EXE O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - "C:\Program Files\Common Files\LightScribe\LSSrvc.exe" O23 - Service: Logitech Easy Synchronization - Unknown owner - C:\Program Files\Logitech\Easy Synchronization\servicestub.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: ServiceLayer - Nokia. - "C:\Program Files\PC Connectivity Solution\ServiceLayer.exe" -- File Associations ----------------------------------------------------------- All associations okay. -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- R0 Teefer (Teefer for NT) - c:\windows\system32\drivers\teefer.sys <Not Verified; Sygate Technologies, Inc.; Sygate Teefer Driver> R1 wpsdrvnt - c:\windows\system32\drivers\wpsdrvnt.sys <Not Verified; Sygate Technologies, Inc.; wpsdrvnt> R3 btwhid - c:\windows\system32\drivers\btwhid.sys <Not Verified; Broadcom Corporation.; Bluetooth Software 5.0.1.802> R3 pcouffin (VSO Software pcouffin) - c:\windows\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine> R3 vsbus (Virtual Serial Bus Enumerator) - c:\windows\system32\drivers\vsb.sys <Not Verified; ELTIMA Software; ELTIMA Virtual Serial Bus> S3 PCASp50 (PCASp50 NDIS Protocol Driver) - c:\windows\system32\drivers\pcasp50.sys (file missing) S3 vserial (ELTIMA Virtual Serial Ports Driver) - c:\windows\system32\drivers\vserial.sys <Not Verified; ELTIMA Software; ELTIMA Virtual Serial Ports> -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- R2 AntiVirScheduler (AntiVir PersonalEdition Classic Scheduler) - "c:\program files\antivir personaledition classic\sched.exe" <Not Verified; Avira GmbH; Scheduler> R2 LBTServ (Logitech Bluetooth Service) - c:\program files\common files\logitech\bluetooth\lbtserv.exe <Not Verified; Logitech Inc.; Logitech SetPoint> R2 Logitech Easy Synchronization - c:\program files\logitech\easy synchronization\servicestub.exe R3 ServiceLayer - "c:\program files\pc connectivity solution\servicelayer.exe" <Not Verified; Nokia.; PC Connectivity Solution> -- Device Manager: Disabled ---------------------------------------------------- Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A} Description: Nokia Windows Portable Device Driver Device ID: ROOT\WPD\0000 Manufacturer: Nokia Name: Nokia Windows Portable Device Driver PNP Device ID: ROOT\WPD\0000 Service: WUDFRd Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A} Description: Nokia Windows Portable Device Driver Device ID: ROOT\WPD\0001 Manufacturer: Nokia Name: Nokia N70 PNP Device ID: ROOT\WPD\0001 Service: WUDFRd Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A} Description: Nokia Windows Portable Device Driver Device ID: ROOT\WPD\0002 Manufacturer: Nokia Name: Nokia saija PNP Device ID: ROOT\WPD\0002 Service: WUDFRd -- Files created between 2007-07-15 and 2007-08-15 ----------------------------- 2007-08-12 15:23:01 0 d-------- C:\Program Files\Java 2007-08-12 15:23:00 0 d-------- C:\Program Files\Common Files\Java 2007-08-12 15:19:55 0 d-------- C:\Program Files\Sun 2007-08-12 14:16:56 0 d-------- C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Grisoft 2007-08-12 14:16:25 0 d--h----- C:\Documents and Settings\Järjestelmänvalvoja\Verkkoympäristö 2007-08-12 14:16:25 0 d-------- C:\Documents and Settings\Järjestelmänvalvoja\Työpöytä 2007-08-12 14:16:25 0 d--h----- C:\Documents and Settings\Järjestelmänvalvoja\Tulostinympäristö 2007-08-12 14:16:25 0 d-------- C:\Documents and Settings\Järjestelmänvalvoja\Suosikit 2007-08-12 14:16:25 0 dr-h----- C:\Documents and Settings\Järjestelmänvalvoja\SendTo 2007-08-12 14:16:25 0 d--h----- C:\Documents and Settings\Järjestelmänvalvoja\Recent 2007-08-12 14:16:25 0 d--h----- C:\Documents and Settings\Järjestelmänvalvoja\Mallit 2007-08-12 14:16:25 0 d--h----- C:\Documents and Settings\Järjestelmänvalvoja\Local Settings 2007-08-12 14:16:25 0 dr------- C:\Documents and Settings\Järjestelmänvalvoja\Käynnistä-valikko 2007-08-12 14:16:25 0 d--hs---- C:\Documents and Settings\Järjestelmänvalvoja\Cookies 2007-08-12 14:16:25 0 dr-h----- C:\Documents and Settings\Järjestelmänvalvoja\Application Data 2007-08-12 14:16:25 0 d---s---- C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Microsoft 2007-08-12 14:16:24 524288 --ah----- C:\Documents and Settings\Järjestelmänvalvoja\NTUSER.DAT 2007-08-12 14:02:12 0 d-------- C:\Documents and Settings\Mikko\Application Data\Grisoft 2007-08-12 14:02:03 0 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft 2007-08-12 13:59:25 0 dr-h----- C:\Documents and Settings\Mikko\Recent 2007-08-12 13:48:13 0 d-------- C:\Documents and Settings\Mikko\Application Data\HP 2007-08-12 13:46:23 0 d-------- C:\Documents and Settings\Mikko\Application Data\Image Zone Express 2007-08-12 13:03:58 0 d-------- C:\Program Files\SpywareBlaster 2007-08-10 11:46:05 0 d-------- C:\Program Files\Common Files\PCSuite 2007-08-10 11:46:04 0 d-------- C:\Program Files\Common Files\Nokia 2007-08-10 11:45:53 0 d-------- C:\Program Files\Nokia 2007-08-10 11:29:28 0 d-------- C:\Documents and Settings\All Users\Application Data\Downloaded Installations 2007-08-10 11:19:26 0 d-------- C:\WINDOWS\SxsCaPendDel 2007-08-10 09:28:25 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer 2007-08-10 09:26:13 0 d-------- C:\Program Files\QuickTime 2007-08-10 09:13:17 0 d-------- C:\Program Files\Total Video Converter 2007-08-10 09:06:00 0 d-------- C:\Program Files\Keronsoft 2007-08-10 07:43:07 0 d-------- C:\Documents and Settings\All Users\Application Data\Nokia 2007-08-07 01:57:34 0 d-------- C:\Program Files\URUSoft 2007-08-06 19:45:08 0 d-------- C:\Program Files\PC Connectivity Solution 2007-08-06 19:39:35 0 d-------- C:\Documents and Settings\Mikko\Phone Browser 2007-08-06 17:53:23 0 d-------- C:\Documents and Settings\All Users\Application Data\vsosdk 2007-08-06 15:34:24 217127 --a------ C:\WINDOWS\system32\drv43260.dll <Not Verified; RealNetworks, Inc.; RealVideo 9 (32-bit)> 2007-08-06 15:34:24 208935 --a------ C:\WINDOWS\system32\drv33260.dll <Not Verified; RealNetworks, Inc.; RealVideo 8 (32-bit)> 2007-08-06 15:34:24 176165 --a------ C:\WINDOWS\system32\drv23260.dll <Not Verified; RealNetworks, Inc.; RealVideo G2 (32-bit)> 2007-08-06 13:36:14 0 d-------- C:\Program Files\vso 2007-08-06 10:54:05 0 d-------- C:\Program Files\ImTOO 2007-08-04 14:00:51 47360 --a------ C:\WINDOWS\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine> 2007-08-04 14:00:51 0 d-------- C:\Documents and Settings\Mikko\Application Data\Vso 2007-08-04 14:00:51 47360 --a------ C:\Documents and Settings\Mikko\Application Data\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine> 2007-08-04 14:00:47 0 d-------- C:\Program Files\DVDFab Platinum 3 2007-08-04 13:58:00 106496 -----n--- C:\WINDOWS\system32\TwnLib20.dll <Not Verified; Pegasus Software; TWNLIB20> 2007-08-04 13:57:59 364544 -----n--- C:\WINDOWS\system32\TwnLib4.dll <Not Verified; Pegasus Imaging Corp.; TwnLib4> 2007-08-04 13:57:59 38912 -----n--- C:\WINDOWS\system32\picn20.dll <Not Verified; Pegasus Imaging Corp.; PEGASUS> 2007-08-04 13:57:59 155648 --a------ C:\WINDOWS\system32\NeroCheck.exe <Not Verified; Ahead Software Gmbh; Ahead Software Gmbh NeroCheck> 2007-08-04 13:57:59 471040 -----n--- C:\WINDOWS\system32\ImagXRA7.dll <Not Verified; Pegasus Imaging Corp.; ImagXpress7> 2007-08-04 13:57:59 262144 -----n--- C:\WINDOWS\system32\ImagXR7.dll <Not Verified; Pegasus Imaging Corp.; ImagXpress7> 2007-08-04 13:57:59 1568768 -----n--- C:\WINDOWS\system32\ImagX7.dll <Not Verified; Pegasus Imaging Corp.; ImagXpress7> 2007-08-04 13:36:01 0 d-------- C:\Program Files\CCleaner 2007-08-04 09:55:43 0 dr------- C:\Documents and Settings\NetworkService\Suosikit 2007-08-04 09:55:22 0 d-------- C:\Documents and Settings\NetworkService\Application Data\Mozilla 2007-08-04 08:01:44 0 d-------- C:\hjt 2007-08-04 07:21:49 0 d-------- C:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic 2007-08-04 07:16:33 60496 --a------ C:\WINDOWS\system32\drivers\Teefer.sys <Not Verified; Sygate Technologies, Inc.; Sygate Teefer Driver> 2007-08-04 07:16:32 21075 --a------ C:\WINDOWS\system32\drivers\wpsdrvnt.sys <Not Verified; Sygate Technologies, Inc.; wpsdrvnt> 2007-08-04 07:16:23 0 d-------- C:\Program Files\Sygate 2007-08-04 07:16:00 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard 2007-08-04 06:08:04 0 d-------- C:\Program Files\Elaborate Bytes 2007-08-04 05:57:42 0 d-------- C:\WINDOWS\system32\UNINSTALL <UNINST~1> 2007-08-04 05:57:41 45056 --a------ C:\WINDOWS\system32\WNASPI32.DLL <Not Verified; Adaptec; Adaptec's ASPI Layer> 2007-08-04 05:57:41 16512 --a------ C:\WINDOWS\system32\drivers\ASPI32.SYS <Not Verified; Adaptec; Adaptec's ASPI Layer> 2007-08-04 05:29:14 0 d-------- C:\Documents and Settings\All Users\Application Data\DVD Shrink 2007-08-04 02:01:41 0 d-------- C:\Documents and Settings\Mikko\Application Data\Help 2007-07-27 08:39:48 86016 --a------ C:\WINDOWS\unvise32.exe <Not Verified; MindVision Software; Installer VISE> 2007-07-27 08:39:46 0 d-------- C:\Program Files\DCPlusPlus 2007-07-27 08:02:16 0 d--h----- C:\WINDOWS\PIF 2007-07-24 07:49:37 1156 --a------ C:\WINDOWS\mozver.dat 2007-07-24 06:50:38 0 d-------- C:\Program Files\RevConnect 2007-07-24 06:35:23 0 d-------- C:\Program Files\uTorrent 2007-07-24 06:35:11 0 d-------- C:\Documents and Settings\Mikko\Application Data\uTorrent 2007-07-24 06:31:15 0 --a------ C:\WINDOWS\nsreg.dat 2007-07-24 06:31:13 0 d-------- C:\Documents and Settings\Mikko\Application Data\Mozilla -- Find3M Report --------------------------------------------------------------- 2007-08-12 15:23:00 0 d-------- C:\Program Files\Common Files 2007-08-10 11:45:28 0 d-------- C:\Documents and Settings\Mikko\Application Data\PC Suite 2007-08-06 21:18:13 0 d-------- C:\Documents and Settings\Mikko\Application Data\Nokia 2007-08-06 10:42:38 0 d-------- C:\Program Files\Ahead 2007-08-06 01:06:57 0 d-------- C:\Documents and Settings\Mikko\Application Data\dvdcss 2007-08-04 14:01:15 34 --a------ C:\Documents and Settings\Mikko\Application Data\pcouffin.log 2007-08-04 14:00:51 1144 --a------ C:\Documents and Settings\Mikko\Application Data\pcouffin.inf 2007-08-04 14:00:51 7887 --a------ C:\Documents and Settings\Mikko\Application Data\pcouffin.cat 2007-08-04 13:57:59 0 d-------- C:\Program Files\Common Files\Ahead 2007-08-04 07:15:20 0 d-------- C:\Program Files\Sonera Tietoturva 2007-07-27 17:03:41 0 d-------- C:\Program Files\Winamp 2007-07-24 04:26:44 0 d-------- C:\Documents and Settings\Mikko\Application Data\Azureus 2007-07-22 08:49:56 0 d-------- C:\Program Files\TVUPlayer 2007-07-14 15:02:31 0 d-------- C:\Documents and Settings\Mikko\Application Data\CyberLink 2007-07-09 18:45:20 0 d-------- C:\Program Files\PAFPoker 2007-07-07 03:55:42 0 d-------- C:\Documents and Settings\Mikko\Application Data\Ahead 2007-06-28 15:22:39 0 d-------- C:\Program Files\Full Tilt Poker 2007-06-26 16:26:30 0 d--h----- C:\Program Files\InstallShield Installation Information -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [11.05.2005 23:12] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [22.10.2006 12:22] "nwiz"="nwiz.exe" [22.10.2006 12:22 C:\WINDOWS\system32\nwiz.exe] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [22.10.2006 12:22] "Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [03.11.2005 13:58 C:\WINDOWS\KHALMNPR.Exe] "Logitech BT Wizard"="LBTWiz.exe" [] "Easy Synchronization"="C:\Program Files\Logitech\Easy Synchronization\LogitechEasySync.exe" [05.10.2005 12:00] "MediaLifeService"="C:\Program Files\Logitech\MediaLife\MediaLifeService.exe" [03.06.2005 17:09] "SmcService"="C:\PROGRA~1\Sygate\SPF\smc.exe" [15.10.2004 19:40] "avgnt"="C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" [02.04.2007 10:35] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [09.07.2001 11:50] "PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [18.06.2007 15:10] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [12.07.2007 04:00] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [14.09.2004 16:12] "DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [04.04.2007 01:29] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce] "Easy Synchronization"=C:\Program Files\Logitech\Easy Synchronization\LogitechEasySync.exe --ports [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "Nokia.PCSync"=C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog C:\Documents and Settings\All Users\K„ynnist„-valikko\Ohjelmat\K„ynnistys\ Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe [23.10.2006 1:48:20] Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [23.10.2006 0:01:50] BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth-ohjelmisto\BTTray.exe [16.9.2005 15:02:14] HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [11.5.2005 23:23:26] Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [20.5.2007 16:14:47] Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [13.2.2001 12:01:04] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "DisableRegistryTools"=0 (0x0) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{FE24CD78-7C63-465D-8787-4EDF7FC79895}"= C:\Program Files\Logitech\Easy Synchronization\shellexecutehook.dll [05.10.2005 12:00 69632] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn] c:\program files\common files\logitech\bluetooth\LBTWlgn.dll 23.11.2005 02:47 53248 c:\Program Files\Common Files\Logitech\Bluetooth\LBTWlgn.DLL [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] @="Volume shadow copy" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DaemonTools_WhenUSave_Installer] C:\Program Files\DaemonTools_WhenUSave_Installer\DaemonTools_WhenUSave_Installer.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s -- End of Deckard's System Scanner: finished at 2007-08-15 at 12:24:50 --------- Deckard's System Scanner v20070809.63 Extra logfile - please post this as an attachment with your post. -------------------------------------------------------------------------------- -- System Information ---------------------------------------------------------- Microsoft Windows XP Professional (build 2600) SP 2.0 Architecture: X86; Language: Other (040B) - see http://preview.tinyurl.com/mhhp6 CPU 0: AMD Sempron(tm) Processor 2600+ Percentage of Memory in Use: 50% Physical Memory (total/avail): 1023.17 MiB / 503.84 MiB Pagefile Memory (total/avail): 2363.71 MiB / 1937.74 MiB Virtual Memory (total/avail): 2047.88 MiB / 1962.12 MiB A: is Removable (No Media) C: is Fixed (NTFS) - 128 GiB total, 111.07 GiB free. D: is CDROM (No Media) E: is Fixed (NTFS) - 100 GiB total, 35.93 GiB free. F: is Fixed (NTFS) - 70.09 GiB total, 10.67 GiB free. G: is CDROM (No Media) -- Security Center ------------------------------------------------------------- AUOptions is scheduled to auto-install. Windows Internal Firewall is disabled. FW: Sygate Personal Firewall v4.6 (Sygate Technologies, Inc.) AV: Avira AntiVir PersonalEdition v 6.39.1.0 (Avira GmbH) [HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabledxpsp2res.dll,-22019" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000" [HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabledxpsp2res.dll,-22019" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe:*:Enabled:hpqtra08.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe:*:Enabled:hpqcopy.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe:*:Enabled:hpfccopy.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe" "C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe:*:Enabled:hpqphunl.exe" "C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe:*:Enabled:hpqdia.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe" "C:\\Program Files\\Azureus\\Azureus.exe"="C:\\Program Files\\Azureus\\Azureus.exe:*:Enabled:Azureus" "C:\\Program Files\\RevConnect\\DCPlusPlus.exe"="C:\\Program Files\\RevConnect\\DCPlusPlus.exe:*:EnabledC++" "C:\\Program Files\\TVUPlayer\\TVUPlayer.exe"="C:\\Program Files\\TVUPlayer\\TVUPlayer.exe:*isabled:TVU Player Component" "C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger" "C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:µTorrent" -- Environment Variables ------------------------------------------------------- ALLUSERSPROFILE=C:\Documents and Settings\All Users APPDATA=C:\Documents and Settings\Mikko\Application Data CLIENTNAME=Console CommonProgramFiles=C:\Program Files\Common Files COMPUTERNAME=MPH-3GNDVNVGCNS ComSpec=C:\WINDOWS\system32\cmd.exe FP_NO_HOST_CHECK=NO HOMEDRIVE=C: HOMEPATH=\Documents and Settings\Mikko LOGONSERVER=\\MPH-3GNDVNVGCNS NUMBER_OF_PROCESSORS=1 OS=Windows_NT Path=C:\Program Files\Mozilla Firefox;C:\Program Files\PC Connectivity Solution\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH PROCESSOR_ARCHITECTURE=x86 PROCESSOR_IDENTIFIER=x86 Family 15 Model 44 Stepping 2, AuthenticAMD PROCESSOR_LEVEL=15 PROCESSOR_REVISION=2c02 ProgramFiles=C:\Program Files PROMPT=$P$G SESSIONNAME=Console SystemDrive=C: SystemRoot=C:\WINDOWS TEMP=C:\DOCUME~1\Mikko\LOCALS~1\Temp TMP=C:\DOCUME~1\Mikko\LOCALS~1\Temp USERDOMAIN=MPH-3GNDVNVGCNS USERNAME=Mikko USERPROFILE=C:\Documents and Settings\Mikko windir=C:\WINDOWS -- User Profiles --------------------------------------------------------------- Mikko (admin) Järjestelmänvalvoja (new local, admin) -- Add/Remove Programs --------------------------------------------------------- --> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Adobe Flash Player 9 ActiveX --> C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Adobe Reader 8 - Suomi --> MsiExec.exe /I{AC76BA86-7AD7-1035-7B44-A80000000000} Adobe Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log µTorrent --> "C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL AVG Anti-Spyware 7.5 --> C:\Documents and Settings\Mikko\Työpöytä\AVG Anti-Spyware 7.5\Uninstall.exe Avira AntiVir PersonalEdition Classic --> C:\Program Files\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe" ConvertXtoDVD 2.2.3.258 --> "C:\Program Files\vso\ConvertXtoDVD\unins000.exe" DCPlusPlus --> C:\WINDOWS\unvise32.exe C:\Program Files\DCPlusPlus\uninstal.log DVDFab Platinum 3.1.5.0 --> "C:\Program Files\DVDFab Platinum 3\unins000.exe" Easy CD-DA Extractor 10 --> "C:\WINDOWS\Easy CD-DA Extractor\uninstall.exe" "/U:C:\Program Files\Easy CD-DA Extractor 10\irunin.xml" ffdshow [rev 610] [2006-12-01] --> "C:\Program Files\ffdshow\unins000.exe" Full Tilt Poker --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}\setup.exe" -l0x9 -removeonly GearDrivers --> rundll32.exe C:\WINDOWS\system32\UNINSTALL\UninstWDM.dll,UninstInitialize Hotfix-päivitys Windows XP:lle (KB914440) --> "C:\WINDOWS\$NtUninstallKB914440$\spuninst\spuninst.exe" Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe" HP Extended Capabilities 5.3 --> C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat HP Imaging Device Functions 5.3 --> C:\Program Files\HP\Digital Imaging\DigitalImagingMonitor\hpzscr01.exe -datfile hpqbud01.dat HP Photosmart Essential --> MsiExec.exe /X{6994491D-D491-48F1-AE1F-E179C1FFFC2F} HP PSC & OfficeJet 5.3.B --> "C:\Program Files\HP\Digital Imaging\{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}\setup\hpzscr01.exe" -datfile hposcr07.dat HP Software Update --> MsiExec.exe /X{15EE79F4-4ED1-4267-9B0F-351009325D7D} HP Solution Center & Imaging Support Tools 5.3 --> C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat ImTOO 3GP Video Converter --> C:\Program Files\ImTOO\3GP Video Converter 3\Uninstall.exe ImTOO DivX to DVD Converter --> C:\Program Files\ImTOO\DivX to DVD Converter\Uninstall.exe Java DB 10.2.2.0 --> MsiExec.exe /X{0ECB59D5-A3FC-4D61-AD3B-6CE679B3F852} Java(TM) 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020} Kultalinkki --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6810F10A-F198-45A0-B8D2-0B02D89CF893}\Setup.exe" -l0xb Logitech SetPoint --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}\setup.exe" -l0xb -removeonly MediaLife --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{362BFFCD-8274-11D8-97C8-000129760CBE}\setup.exe" -uninstall Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft Office XP Professional ja FrontPage --> MsiExec.exe /I{9028040B-6000-11D3-8CFE-0050048383C9} Microsoft User-Mode Driver Framework Feature Pack 1.5 --> "C:\WINDOWS\$NtUninstallWudf01005$\spuninst\spuninst.exe" Mobile Phone Suite Easy Synchronization --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AC134D03-97F1-45B9-B32A-52E885AFA895}\setup.exe" -l0xb Mozilla Firefox (2.0.0.6) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe Nero 6 Ultra Edition --> C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL NeroVision Express 2 --> C:\WINDOWS\UNNeroVision.exe /UNINSTALL Nokia Connectivity Cable Driver --> MsiExec.exe /X{11964613-805F-432D-A12B-169554B793E7} Nokia PC Suite --> C:\Documents and Settings\All Users\Application Data\Installations\{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}\Nokia_PC_Suite_6_84_10_3_fin_web.exe Nokia PC Suite --> MsiExec.exe /I{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72} NVIDIA Drivers --> C:\WINDOWS\system32\nvudisp.exe UninstallGUI PAF POKER (remove only) --> "C:\Program Files\PAFPoker\uninstall.exe" PC Connectivity Solution --> MsiExec.exe /I{99A40651-0BC2-4095-8F9A-A40FAB224FEF} Päivitys Windows XP:lle (KB894391) --> "C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe" Päivitys Windows XP:lle (KB898461) --> "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe" Päivitys Windows XP:lle (KB900485) --> "C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe" Päivitys Windows XP:lle (KB904942) --> "C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe" Päivitys Windows XP:lle (KB908531) --> "C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe" Päivitys Windows XP:lle (KB910437) --> "C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe" Päivitys Windows XP:lle (KB911280) --> "C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe" Päivitys Windows XP:lle (KB916595) --> "C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe" Päivitys Windows XP:lle (KB920872) --> "C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe" Päivitys Windows XP:lle (KB922582) --> "C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe" Päivitys Windows XP:lle (KB927891) --> "C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe" Päivitys Windows XP:lle (KB929338) --> "C:\WINDOWS\$NtUninstallKB929338$\spuninst\spuninst.exe" Päivitys Windows XP:lle (KB930916) --> "C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe" Päivitys Windows XP:lle (KB931836) --> "C:\WINDOWS\$NtUninstallKB931836$\spuninst\spuninst.exe" Päivitys Windows XP:lle (KB938828) --> "C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe" RevConnect --> "C:\Program Files\RevConnect\uninstall.exe" SpywareBlaster v3.5.1 --> "C:\Program Files\SpywareBlaster\unins000.exe" Subtitle Workshop 2.51 --> "C:\Program Files\URUSoft\Subtitle Workshop\uninstall.exe" Suojauspäivitys ohjelmistolle Windows XP (KB923689) --> "C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB893756) --> "C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB896358) --> "C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB896423) --> "C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB896424) --> "C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB896428) --> "C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB899587) --> "C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB899591) --> "C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB900725) --> "C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB901017) --> "C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB901190) --> "C:\WINDOWS\$NtUninstallKB901190$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB901214) --> "C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB902400) --> "C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB904706) --> "C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB905414) --> "C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB905749) --> "C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB908519) --> "C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB911562) --> "C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB911927) --> "C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB912919) --> "C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB913580) --> "C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB914388) --> "C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB914389) --> "C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB917344) --> "C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB917422) --> "C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB917953) --> "C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB918118) --> "C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB918439) --> "C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB919007) --> "C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB920213) --> "C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB920670) --> "C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB920683) --> "C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB920685) --> "C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB921503) --> "C:\WINDOWS\$NtUninstallKB921503$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB922819) --> "C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB923191) --> "C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB923414) --> "C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB923694) --> "C:\WINDOWS\$NtUninstallKB923694$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB923789) --> C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf Suojauspäivitys Windows XP:lle (KB923980) --> "C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB924191) --> "C:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB924270) --> "C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB924496) --> "C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB924667) --> "C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB925902) --> "C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB926255) --> "C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB926436) --> "C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB927779) --> "C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB927802) --> "C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB928090) --> "C:\WINDOWS\$NtUninstallKB928090$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB928255) --> "C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB928843) --> "C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB929123) --> "C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB930178) --> "C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB931261) --> "C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB931784) --> "C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB932168) --> "C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB935839) --> "C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB935840) --> "C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB936021) --> "C:\WINDOWS\$NtUninstallKB936021$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB938829) --> "C:\WINDOWS\$NtUninstallKB938829$\spuninst\spuninst.exe" Sygate Personal Firewall --> MsiExec.exe /I{F34D9A5F-484A-4E31-A9D3-908CB265B289} TomTom HOME --> C:\Program Files\InstallShield Installation Information\{CE325D55-FCAF-4273-BB79-069BB8747270}\setup.exe -runfromtemp -l0x000b -removeonly -removeonly WIDCOMM Bluetooth-ohjelmisto --> MsiExec.exe /X{3F4EC965-28EF-45C3-B063-04B25D4E9679} VideoLAN VLC media player 0.8.6a --> C:\Program Files\VideoLAN\VLC\uninstall.exe Winamp (remove only) --> "C:\Program Files\Winamp\UninstWA.exe" Windows Driver Package - Nokia Modem (02/15/2007 3.1) --> C:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccs_bluet_8B37DC72918CCD58A6EC20373AF6242B037A293B\pccs_bluetooth.inf Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" Windowsin ohjainpaketti - Nokia (WUDFRd) WPD (06/01/2007 6.84.33.0) --> C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccswpddri_044C8712DB44F83D9DE6C376991EE9254E0A69E4\pccswpddriver.inf Windowsin ohjainpaketti - Nokia Modem (02/15/2007 3.1) --> C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccs_bluet_F12A08B6F776984A95553486F64C541356F86E38\pccs_bluetooth.inf Windowsin ohjainpaketti - Nokia Modem (05/24/2007 6.84.0.1) --> C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_5E1541AFF1E1EA3554CE566743CCAD323ED1C108\nokbtmdm.inf Windowsin ohjainpaketti - Nokia Modem (11/03/2006 6.82.0.1) --> C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_4EFFAAE27A08EDFDE145390033D8EF099DA65567\nokbtmdm.inf WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe VobSub v2.23 (Remove Only) --> "C:\Program Files\Gabest\VobSub\uninstall.exe" -- Application Event Log ------------------------------------------------------- Event ID #1558: Warning Event Submitted/Written: 08/15/2007 03:49:54 AM Event Source: Userenv Event Description: Windows tallensi käyttäjän MPH-3GNDVNVGCNS\Mikko rekisterin, kun jokin sovellus tai palvelu käytti yhä rekisteriä uloskirjautumisen aikana. Käyttäjän rekisterin varaamaa muistia ei ole vapautettu. Rekisterin lataus poistetaan, kun rekisteri ei ole enää käytössä. Tähän on usein syynä käyttäjän tilin avulla suoritettavat palvelut. Määritä palvelut LocalService- tai NetworkService-tilin avulla suoritettaviksi. Event ID #1518: Warning Event Submitted/Written: 08/12/2007 02:05:56 PM Event Source: Userenv Event Description: Windows tallensi käyttäjän MPH-3GNDVNVGCNS\Mikko rekisterin, kun jokin sovellus tai palvelu käytti yhä rekisteriä uloskirjautumisen aikana. Käyttäjän rekisterin varaamaa muistia ei ole vapautettu. Rekisterin lataus poistetaan, kun rekisteri ei ole enää käytössä. Tähän on usein syynä käyttäjän tilin avulla suoritettavat palvelut. Määritä palvelut LocalService- tai NetworkService-tilin avulla suoritettaviksi. Event ID #1505: Warning Event Submitted/Written: 08/12/2007 00:44:32 PM Event Source: Userenv Event Description: Windows tallensi käyttäjän MPH-3GNDVNVGCNS\Mikko rekisterin, kun jokin sovellus tai palvelu käytti yhä rekisteriä uloskirjautumisen aikana. Käyttäjän rekisterin varaamaa muistia ei ole vapautettu. Rekisterin lataus poistetaan, kun rekisteri ei ole enää käytössä. Tähän on usein syynä käyttäjän tilin avulla suoritettavat palvelut. Määritä palvelut LocalService- tai NetworkService-tilin avulla suoritettaviksi. Event ID #1498: Warning Event Submitted/Written: 08/12/2007 11:57:43 AM Event Source: Userenv Event Description: Windows tallensi käyttäjän MPH-3GNDVNVGCNS\Mikko rekisterin, kun jokin sovellus tai palvelu käytti yhä rekisteriä uloskirjautumisen aikana. Käyttäjän rekisterin varaamaa muistia ei ole vapautettu. Rekisterin lataus poistetaan, kun rekisteri ei ole enää käytössä. Tähän on usein syynä käyttäjän tilin avulla suoritettavat palvelut. Määritä palvelut LocalService- tai NetworkService-tilin avulla suoritettaviksi. Event ID #1491: Warning Event Submitted/Written: 08/10/2007 00:26:39 PM Event Source: Userenv Event Description: Windows tallensi käyttäjän MPH-3GNDVNVGCNS\Mikko rekisterin, kun jokin sovellus tai palvelu käytti yhä rekisteriä uloskirjautumisen aikana. Käyttäjän rekisterin varaamaa muistia ei ole vapautettu. Rekisterin lataus poistetaan, kun rekisteri ei ole enää käytössä. Tähän on usein syynä käyttäjän tilin avulla suoritettavat palvelut. Määritä palvelut LocalService- tai NetworkService-tilin avulla suoritettaviksi. -- Security Event Log ---------------------------------------------------------- No Errors/Warnings found. -- System Event Log ------------------------------------------------------------ Event ID #33819: Warning Event Submitted/Written: 08/14/2007 02:59:39 AM Event Source: W32Time Event Description: Aikapalvelu ei ole voinut synkronoida järjestelmän kelloa 49152 sekuntiin, koska aikatoimittaja ei ole voinut toimittaa käytettävää aikaleimaa. Järjestelmän kelloa ei ole synkronoitu. Event ID #33818: Error Event Submitted/Written: 08/14/2007 02:06:16 AM Event Source: DCOM Event Description: DCOM vastaanotti virheen "%%1058" yrittäessään käynnistää palvelun upnphost argumenteilla "" suorittaakseen palvelinosan: {204810B9-73B2-11D4-BF42-00B0D0118B56} Event ID #33817: Error Event Submitted/Written: 08/14/2007 01:11:29 AM Event Source: DCOM Event Description: DCOM vastaanotti virheen "%%1058" yrittäessään käynnistää palvelun upnphost argumenteilla "" suorittaakseen palvelinosan: {204810B9-73B2-11D4-BF42-00B0D0118B56} Event ID #33816: Error Event Submitted/Written: 08/14/2007 01:07:27 AM Event Source: DCOM Event Description: DCOM vastaanotti virheen "%%1058" yrittäessään käynnistää palvelun upnphost argumenteilla "" suorittaakseen palvelinosan: {204810B9-73B2-11D4-BF42-00B0D0118B56} Event ID #33706: Error Event Submitted/Written: 08/13/2007 01:20:29 PM Event Source: Service Control Manager Event Description: Palvelu NVIDIA Display Driver Service lopetti yllättäen toimintansa. Se on tehnyt näin jo 1 kertaa. -- End of Deckard's System Scanner: finished at 2007-08-15 at 12:24:50 ---------
Lataa Dr.Web CureIt työpöydälle: Tuplaklikkaa drweb-cureit.exe ja anna sen tehdä express scan Se skannaa käynnissä olevat ohjelmat ja jos jotain löytyy, klikkaa yes kun se kysyy haluatko poistaa sen. Tämä on vain lyhyt scan. Kun scan on valmis, merkkaa asemat, jotka haluat scannata. Valitse kaikki asemat. Punainen piste osoittaa, mitkä asemat on valittu. Klikaa vihreää nuolta oikealla ja scan alkaa. Klikkaa 'Yes to all', jos kysytään haluatko poistaa/siirtää tiedoston. Kun scan on valmis, katso voitko klikata next-kuvaketta löytyneiden tiedostojen vieressä: Jos asia on niin, klikkaa sitä ja sitten klikkaa next-kuvaketta oikealla alhaalla ja valitse Move incurable kuten alla olevalla kuvassa: Tämä siirtää sen %userprofile%\DoctorWeb\quarantine-hakemistoon. Tämän jälkeen klikkaa Dr.Web CureIt-valikossa file ja valitse save report list Tallenna raportti työpöydälle. Raportin nimi on DrWeb.csv Sulje Dr.Web Cureit. Käynnistä kone uudelleen !! Tämä siksi, että käytössä olevat tiedostot poistetaan/siirretään käynnistyksen yhteydessä. Käynnistyksen jälkeen liitä Dr.Web-lokin, jonka tallensit aiemmin, sisältö seuraavaan vastaukseesi.
SetupDTSB.exe C:\Program Files\DAEMON Tools Adware.SaveNow Incurable.Moved. DaemonTools_WhenUSave_Installer.exe C:\Program Files\DaemonTools_WhenUSave_Installer Adware.SaveNow Incurable.Moved. A0000009.exe C:\System Volume Information\_restore{0EE3E089-093D-4DF9-A207-C5D15C75C9E4}\RP1 Tool.Prockill Incurable.Moved. 07 - Irwin Goodman - Terveisiä Perseestä.mp3 E:\MP3\Albumit\Irwin Goodman\1984 - Härmäläinen Perusjuntti Modification of Trojan.Nadoel Moved. 07 - Irwin Goodman - Terveisiä Perseestä.mp3 H:\MP3\Irwin Goodman\1984 - Härmäläinen Perusjuntti Modification of Trojan.Nadoel Moved.
