Moi! Voisko joku vilkaista logia.... kone hidastelee ja jumittaa... Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:14:46, on 13.11.2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\wltrysvc.exe C:\WINDOWS\System32\bcmwltry.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe C:\WINDOWS\system32\WLTRAY.exe C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE C:\Program Files\F-Secure\Common\FSMA32.EXE C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\F-Secure\Anti-Virus\fssm32.exe C:\Program Files\F-Secure\BackWeb\7681197\Program\F-Secure Automatic Update.exe C:\Program Files\F-Secure\Common\FSMB32.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Launch Manager\LaunchAp.exe C:\Program Files\Launch Manager\PowerKey.exe C:\Program Files\Launch Manager\HotkeyApp.exe C:\Program Files\Launch Manager\CtrlVol.exe C:\Program Files\Launch Manager\OSDCtrl.exe C:\Program Files\F-Secure\Common\FCH32.EXE C:\Program Files\Launch Manager\Wbutton.exe C:\Program Files\Arcade\PCMService.exe C:\Program Files\F-Secure\Common\FSM32.EXE C:\Program Files\QuickTime\qttask.exe C:\Program Files\RF Wireless Mouse\cm20.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\F-Secure\Common\FAMEH32.EXE C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\Program Files\TomTom HOME\TomTomHOME.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe C:\Program Files\F-Secure\Common\FNRB32.EXE C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe C:\Program Files\F-Secure\Common\FIH32.EXE C:\Program Files\Winamp\winampa.exe C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe C:\Program Files\acer\eRecovery\Monitor.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\WINDOWS\Twain_32\CA561A\SnapDetect.exe C:\Program Files\F-Secure\Anti-Virus\fsav32.exe C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\F-Secure\FSGUI\fsguiexe.exe C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Documents and Settings\LASZLO\Työpöytä\HiJackThis_v2.0.2.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file) O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fi\msntb.dll O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe O4 - HKLM\..\Run: [PowerKey] "C:\Program Files\Launch Manager\PowerKey.exe" O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\HotkeyApp.exe O4 - HKLM\..\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe O4 - HKLM\..\Run: [LMgrOSD] C:\Program Files\Launch Manager\OSDCtrl.exe O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe" O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Arcade\PCMService.exe" O4 - HKLM\..\Run: [eRecoveryService] C:\Windows\System32\Check.exe O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Start RF Wireless Mouse] C:\Program Files\RF Wireless Mouse\cm20.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [Windows Services Manager] svchost.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Paikallinen palve') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Verkkopalve') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: HP Image Zone -pikakäynnistys.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: SnapDetect.lnk = ? O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Matkaviestimen suosikkien luominen - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll O9 - Extra 'Tools' menuitem: Matkaviestimen suosikkien luominen... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.soneraplaza.fi O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {3D2CB570-D425-11D5-ABD0-00008369C46F} (CSMenu Class) - https://verkkopankki.sampopankki.fi/html/activex/DB/Menu.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: F-Secure Automatic Update (BackWeb Plug-in - 7681197) - Unknown owner - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe -- End of file - 13791 bytes
Lataa CCleaner tästä - Asennuksessa poista merkki/rasti kohdasta "asenna Yahoo! toolbar/työkalupalkki". - Asennuksen jälkeen aukaise CCleaner. - Valitse vasemmalta pystyrivistä Options. - Valitse viereisestä pystyrivistä Settings. - Language kohtaan valitse Suomi. - Käynnistä CCleaner. - Valitse Valinnat. - Paina Lisäasetukset. - Ota ruksi pois kohdasta "Poista vain yli 48 tuntia vanhat tiedostot Windowsin tilapäiskansioista". Puhdistaja - Valitse vasemmalta pystyrivistä Puhdistaja. - Paina alhaalta Tutki. Nyt CCleaner tutkii, mitä voidaan poistaa (tempit, cookiessit jne.). - Kun tutkiminen on valmis, paina Aja CCleaner. Nyt CCleaner poistaa löydetyt tempit, cookiessit jne. Rekisterin virheiden korjaus - Valitse vasemmalta pystyrivistä Rekisteri. - Paina alhaalta Etsi rekisterin virheitä. - Kun etsintä on valmis ja olet varma, että haluat korjata ne rivit jotka ovat merkattuja, niin paina Korjaa valitut rekisterin virheet. - Sinulta kysytään "haluatko varmuuskopioida muutokset rekisteriin", paina Kyllä. Tallenna varmuuskopio vaikka "Omat tiedostot" -kansioon. - Klikkaa uudesta aukeavasta ikkunasta Korjaa kaikki valitut virheet. - Saat vielä varmistus kysymyksen, paina Ok. - Kun virheet on korjattu, paina Sulje. Nyt voit suljea CCleanerin painamalla oikealta ylhäältä punaista rastia. Lataa Malwarebytes' Anti-Malware työpöydällesi. * Tuplaklikkaa mbam-setup.exe ja seuraa ohjeita asentaaksesi ohjelman. * Lopuksi varmistu, että seuraavat on valittu: Päivitä Malwarebytes' Anti-Malware ja Käynnistä Malwarebytes' Anti-Malware ja sen jälkeen klikkaa Lopeta. * Jos päivitys löytyy. ohjelma lataa ja asentaa uusimman version. * Kun ohjelma on latautunut, valitse Suorita täysi tarkistus ja klikkaa Tarkista. * Kun skanni on valmis, klikkaa OK ja sitten Näytä tulokset nähdäksesi tulokset. * Varmistu, että kaikki on merkitty ja klikkaa Poista valitut. * Tämän jälkeen loki avautuu muistioon. Tallenna se paikkaan, josta löydät sen helposti. Loki löytyy myös täältä: C:\Documents and Settings\Käyttäjänimi\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-päiväys.txt * Lähetä lokin sisältö seuraavassa viestissäsi + uusi hjt-loki.
tässä hjt logi ja mbam logi: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:08:42, on 15.11.2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\wltrysvc.exe C:\WINDOWS\System32\bcmwltry.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE C:\Program Files\F-Secure\Common\FSMA32.EXE C:\Program Files\F-Secure\Common\FSMB32.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\F-Secure\Anti-Virus\fssm32.exe C:\Program Files\F-Secure\Common\FCH32.EXE C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\F-Secure\Common\FAMEH32.EXE C:\WINDOWS\Explorer.EXE C:\Program Files\F-Secure\Common\FNRB32.EXE C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe C:\Program Files\F-Secure\Common\FIH32.EXE C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\system32\WLTRAY.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Launch Manager\LaunchAp.exe C:\Program Files\Launch Manager\PowerKey.exe C:\Program Files\Launch Manager\HotkeyApp.exe C:\Program Files\Launch Manager\CtrlVol.exe C:\Program Files\Launch Manager\OSDCtrl.exe C:\Program Files\Launch Manager\Wbutton.exe C:\Program Files\Arcade\PCMService.exe C:\Program Files\F-Secure\Common\FSM32.EXE C:\Program Files\QuickTime\qttask.exe C:\Program Files\RF Wireless Mouse\cm20.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\Program Files\F-Secure\BackWeb\7681197\Program\F-Secure Automatic Update.exe C:\Program Files\TomTom HOME\TomTomHOME.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe C:\Program Files\Winamp\winampa.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe C:\Program Files\F-Secure\Anti-Virus\fsav32.exe C:\Program Files\acer\eRecovery\Monitor.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\WINDOWS\Twain_32\CA561A\SnapDetect.exe C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe C:\Program Files\F-Secure\FSGUI\fsguiexe.exe C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\WINDOWS\system32\HPZipm12.exe C:\Documents and Settings\LASZLO\Työpöytä\HiJackThis_v2.0.2.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file) O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fi\msntb.dll O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe O4 - HKLM\..\Run: [PowerKey] "C:\Program Files\Launch Manager\PowerKey.exe" O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\HotkeyApp.exe O4 - HKLM\..\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe O4 - HKLM\..\Run: [LMgrOSD] C:\Program Files\Launch Manager\OSDCtrl.exe O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe" O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Arcade\PCMService.exe" O4 - HKLM\..\Run: [eRecoveryService] C:\Windows\System32\Check.exe O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Start RF Wireless Mouse] C:\Program Files\RF Wireless Mouse\cm20.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [Windows Services Manager] svchost.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Paikallinen palve') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Verkkopalve') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: HP Image Zone -pikakäynnistys.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: SnapDetect.lnk = ? O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Matkaviestimen suosikkien luominen - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll O9 - Extra 'Tools' menuitem: Matkaviestimen suosikkien luominen... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.soneraplaza.fi O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {3D2CB570-D425-11D5-ABD0-00008369C46F} (CSMenu Class) - https://verkkopankki.sampopankki.fi/html/activex/DB/Menu.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: F-Secure Automatic Update (BackWeb Plug-in - 7681197) - Unknown owner - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe -- End of file - 13825 bytes Malwarebytes' Anti-Malware 1.30 Tietokantaversio: 1399 Windows 5.1.2600 Service Pack 3 15.11.2008 12:03:29 mbam-log-2008-11-15 (12-03-29).txt Tarkistustyyppi: Täysi tarkistus (C:\|D:\|) Tarkistetut kohteet: 140278 Kulunut aika: 1 hour(s), 24 minute(s), 38 second(s) Saastuneita muistiprosesseja: 0 Saastuneita muistimoduuleja: 0 Saastuneita rekisteriavaimia: 0 Saastuneita rekisteriarvoja: 0 Saastuneita rekisterikohteita: 0 Saastuneita hakemistoja: 0 Saastuneita tiedostoja: 0 Saastuneita muistiprosesseja: (Haitallisia kohteita ei löydetty) Saastuneita muistimoduuleja: (Haitallisia kohteita ei löydetty) Saastuneita rekisteriavaimia: (Haitallisia kohteita ei löydetty) Saastuneita rekisteriarvoja: (Haitallisia kohteita ei löydetty) Saastuneita rekisterikohteita: (Haitallisia kohteita ei löydetty) Saastuneita hakemistoja: (Haitallisia kohteita ei löydetty) Saastuneita tiedostoja: (Haitallisia kohteita ei löydetty)
Lataa SDFix by AndyManchesta ja tallenna se työpöydällesi. Käynnistä koneesi vikasietotilaan: sammuta ja käynnistä käynnistyksen yhteydessä hakkaa F8 nappia valitse nuolinäppäimellä vikasietotila paina enter ja enter valitse käyttäjätilisi paina kyllä Jossakin koneissa hakataan F8:sin sijasta F5:tä " Kun vikasietotilassa, pura tiedoston SDFix.zip sisältö (SDFix kansio) työpöydällesi. Työpöydälle pitäisi ilmestyä kansio nimeltä SDFix. " Avaa SDFix-kansio ja tuplaklikkaa tiedostoa RunThis.bat käynnistääksesi ohjelman. " Paina Y käynnistääksesi skriptin. " Työkalu puhdistaa troijalaisen palvelut ja tekee myös joitakin korjauksia rekisteriin. Lopuksi se pyytää käynnistämään koneen uudelleen, "Press any key to Reboot". " Paina mitä tahansa näppäintä ja kone käynnistyy uudelleen. " Käynnistyminen kestää normaalia kauemmin sillä SDFix puhdistaa konetta. " Kun kone on käynnistynyt ja työpöytä latautunut, SDFix kertoo että puhdistus on suoritettu, "Finished". " Paina sitten mitä tahansa näppäintä sulkeaksesi skriptin ja ladataksesi pikakuvakkeet työpöydälle. " Lopuksi avaa SDFix kansio (työpöydällä) ja kopioi & liitä tiedoston Report.txt sisältö viestiketjuusi uuden HijackThis:n lokin kera.
SDFix report ja hjt-logi SDFix: Version 1.240 Run by LASZLO on ke 19.11.2008 at 14:29 Microsoft Windows XP [versio 5.1.2600] Running From: C:\Documents and Settings\LASZLO\Työpöytä\SDFix\SDFix Checking Services : Restoring Default Security Values Restoring Default Hosts File Rebooting Checking Files : No Trojan Files Found Removing Temp Files ADS Check : Final Check : catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-11-19 14:48:49 Windows 5.1.2600 Service Pack 3 FAT NTAPI scanning hidden processes ... scanning hidden services ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 Remaining Services : Authorized Application Key Export: [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabledxpsp2res.dll,-22019" "C:\\Program Files\\F-Secure\\BackWeb\\7681197\\program\\F-Secure Automatic Update.exe"="C:\\Program Files\\F-Secure\\BackWeb\\7681197\\program\\F-Secure Automatic Update.exe:*:Enabled:F-Secure Automatic Update" "C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger" "C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:*:Enabled:ActiveSync Connection Manager" "C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:*:Enabled:ActiveSync Application" "C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype" "C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Enabled:Yahoo! Messenger" "C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000" "C:\\Program Files\\Google\\Google Talk\\googletalk.exe"="C:\\Program Files\\Google\\Google Talk\\googletalk.exe:*:Enabled:Google Talk" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "C:\\Program Files\\Winamp Remote\\bin\\Orb.exe"="C:\\Program Files\\Winamp Remote\\bin\\Orb.exe:*:Enabled:Orb" "C:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"="C:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe:*:Enabled:OrbTray" "C:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"="C:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe:*:Enabled:Orb Stream Client" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabledxpsp2res.dll,-22019" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" Remaining Files : Files with Hidden Attributes : Wed 13 Apr 2005 1,024 ...HR --- "C:\WINDOWS\system32\NTICDMK7.dll" Wed 13 Apr 2005 1,024 ...HR --- "C:\WINDOWS\system32\NTIMPEG2.dll" Wed 13 Apr 2005 1,024 ...HR --- "C:\WINDOWS\system32\NTIMP3.dll" Wed 13 Apr 2005 1,024 ...HR --- "C:\WINDOWS\system32\NTIFCD3.dll" Wed 13 Apr 2005 1,024 ...HR --- "C:\WINDOWS\system32\NTIBUN4.dll" Wed 3 May 2006 163,328 ..SHR --- "C:\WINDOWS\system32\flvDX.dll" Tue 30 May 2006 4,348 ..SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak" Sun 21 Jan 2007 72,704 ..SHR --- "C:\Program Files\eRightSoft\SUPER\Setup.exe" Sun 26 Jun 2005 616,448 ..SHR --- "C:\Program Files\eRightSoft\SUPER\cygwin1.dll" Tue 21 Jun 2005 45,568 ..SHR --- "C:\Program Files\eRightSoft\SUPER\cygz.dll" Fri 27 Oct 2006 16,384 A.SHR --- "C:\Program Files\eRightSoft\SUPER\_Setup.dll" Fri 29 Feb 2008 6,656 A..H. --- "C:\System Volume Information\_restore{4CA1FCC9-8A05-421B-B5B7-50DAE9EC9BAF}\RP273\A0097074.exe" Thu 7 Aug 2008 1,024 A..H. --- "C:\System Volume Information\_restore{4CA1FCC9-8A05-421B-B5B7-50DAE9EC9BAF}\RP273\A0097075.sys" Sun 18 Nov 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp" Sat 1 Dec 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv02.tmp" Tue 4 Jun 2002 84,992 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\14_43260.dll" Tue 4 Jun 2002 44,032 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\28_83260.dll" Tue 10 Dec 2002 73,766 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\atrc3260.dll" Tue 10 Dec 2002 65,575 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\cook3260.dll" Sun 9 Jun 2002 36,864 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\ddnt3260.dll" Tue 4 Jun 2002 20,480 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\dnet3260.dll" Tue 10 Dec 2002 102,437 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv13260.dll" Tue 10 Dec 2002 176,165 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv23260.dll" Tue 10 Dec 2002 208,935 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv33260.dll" Tue 10 Dec 2002 217,127 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv43260.dll" Sun 9 Jun 2002 40,448 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\dspr3260.dll" Sun 4 Nov 2001 225,280 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\ivvideo.dll" Tue 10 Apr 2001 225,280 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\qtmlClient.dll" Fri 20 Feb 2004 232,960 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\raac.dll" Sun 9 Jun 2002 525,824 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rnco3260.dll" Tue 10 Dec 2002 245,805 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rnlt3260.dll" Tue 10 Dec 2002 45,093 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv103260.dll" Tue 10 Dec 2002 98,341 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv203260.dll" Tue 10 Dec 2002 94,247 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv303260.dll" Tue 10 Dec 2002 90,151 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv403260.dll" Tue 10 Dec 2002 102,439 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\sipr3260.dll" Sun 9 Jun 2002 49,152 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\tokr3260.dll" Sat 23 Apr 2005 511,424 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_18\40Comupd.exe" Sat 23 Apr 2005 168,448 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_18\Setup.exe" Sat 23 Apr 2005 118,784 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_18\autorun.exe" Sat 23 Apr 2005 511,424 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_17\40Comupd.exe" Sat 23 Apr 2005 168,448 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_17\Setup.exe" Sat 23 Apr 2005 118,784 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_17\autorun.exe" Sat 23 Apr 2005 1,162,240 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_16\Setup.exe" Sat 23 Apr 2005 1,162,240 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_16\Setup_original.exe" Sat 23 Apr 2005 28,672 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_16\USBPort.dll" Sat 23 Apr 2005 511,424 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_15\40Comupd.exe" Sat 23 Apr 2005 168,448 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_15\Setup.exe" Sat 23 Apr 2005 118,784 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_15\autorun.exe" Sat 23 Apr 2005 511,424 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_14\40Comupd.exe" Sat 23 Apr 2005 168,448 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_14\Setup.exe" Sat 23 Apr 2005 118,784 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_14\autorun.exe" Sat 23 Apr 2005 511,424 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_9\40Comupd.exe" Sat 23 Apr 2005 168,448 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_9\Setup.exe" Sat 23 Apr 2005 118,784 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_9\autorun.exe" Sat 23 Apr 2005 511,424 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_8\40Comupd.exe" Sat 23 Apr 2005 168,448 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_8\Setup.exe" Sat 23 Apr 2005 118,784 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_8\autorun.exe" Sat 23 Apr 2005 511,424 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_7\40Comupd.exe" Sat 23 Apr 2005 168,448 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_7\Setup.exe" Sat 23 Apr 2005 118,784 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_7\autorun.exe" Sat 23 Apr 2005 511,424 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_6\40Comupd.exe" Sat 23 Apr 2005 168,448 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_6\Setup.exe" Sat 23 Apr 2005 118,784 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_6\autorun.exe" Sat 23 Apr 2005 511,424 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_5\40Comupd.exe" Sat 23 Apr 2005 168,448 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_5\Setup.exe" Sat 23 Apr 2005 118,784 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_5\autorun.exe" Sat 23 Apr 2005 511,424 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_4\40Comupd.exe" Sat 23 Apr 2005 168,448 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_4\Setup.exe" Sat 23 Apr 2005 118,784 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_4\autorun.exe" Sat 23 Apr 2005 511,424 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_3\40Comupd.exe" Sat 23 Apr 2005 168,448 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_3\Setup.exe" Sat 23 Apr 2005 118,784 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_3\autorun.exe" Sat 23 Apr 2005 511,424 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_2\40Comupd.exe" Sat 23 Apr 2005 168,448 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_2\Setup.exe" Sat 23 Apr 2005 118,784 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_2\autorun.exe" Sat 23 Apr 2005 511,424 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_13\40Comupd.exe" Sat 23 Apr 2005 168,448 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_13\Setup.exe" Sat 23 Apr 2005 118,784 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_13\autorun.exe" Sat 23 Apr 2005 511,424 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_12\40Comupd.exe" Sat 23 Apr 2005 168,448 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_12\Setup.exe" Sat 23 Apr 2005 118,784 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_12\autorun.exe" Sat 23 Apr 2005 511,424 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_11\40Comupd.exe" Sat 23 Apr 2005 168,448 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_11\Setup.exe" Sat 23 Apr 2005 118,784 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_11\autorun.exe" Sat 23 Apr 2005 417,792 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_18\Spanish\MapSource_Lang.dll" Sat 23 Apr 2005 421,888 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_18\Italian\MapSource_Lang.dll" Sat 23 Apr 2005 421,888 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_18\German\MapSource_Lang.dll" Sat 23 Apr 2005 421,888 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_18\French\MapSource_Lang.dll" Sat 23 Apr 2005 397,312 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_18\English\MapSource_Lang.dll" Sat 23 Apr 2005 417,792 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_17\Spanish\MapSource_Lang.dll" Sat 23 Apr 2005 421,888 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_17\Italian\MapSource_Lang.dll" Sat 23 Apr 2005 421,888 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_17\German\MapSource_Lang.dll" Sat 23 Apr 2005 421,888 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_17\French\MapSource_Lang.dll" Sat 23 Apr 2005 397,312 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_17\English\MapSource_Lang.dll" Sat 23 Apr 2005 511,424 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_16\GPS_AT\40Comupd.exe" Sat 23 Apr 2005 168,448 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_16\GPS_AT\Setup.exe" Sat 23 Apr 2005 118,784 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_16\GPS_AT\autorun.exe" Sat 23 Apr 2005 417,792 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_15\Spanish\MapSource_Lang.dll" Sat 23 Apr 2005 421,888 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_15\Italian\MapSource_Lang.dll" Sat 23 Apr 2005 421,888 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_15\German\MapSource_Lang.dll" Sat 23 Apr 2005 421,888 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_15\French\MapSource_Lang.dll" Sat 23 Apr 2005 397,312 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_15\English\MapSource_Lang.dll" Sat 23 Apr 2005 417,792 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_14\Spanish\MapSource_Lang.dll" Sat 23 Apr 2005 421,888 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_14\Italian\MapSource_Lang.dll" Sat 23 Apr 2005 421,888 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_14\German\MapSource_Lang.dll" Sat 23 Apr 2005 421,888 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_14\French\MapSource_Lang.dll" Sat 23 Apr 2005 397,312 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_14\English\MapSource_Lang.dll" Sat 23 Apr 2005 417,792 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_9\Spanish\MapSource_Lang.dll" Sat 23 Apr 2005 421,888 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_9\Italian\MapSource_Lang.dll" Sat 23 Apr 2005 421,888 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_9\German\MapSource_Lang.dll" Sat 23 Apr 2005 421,888 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_9\French\MapSource_Lang.dll" Sat 23 Apr 2005 397,312 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_9\English\MapSource_Lang.dll" Sat 23 Apr 2005 417,792 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_8\Spanish\MapSource_Lang.dll" Sat 23 Apr 2005 421,888 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_8\Italian\MapSource_Lang.dll" Sat 23 Apr 2005 421,888 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_8\German\MapSource_Lang.dll" Sat 23 Apr 2005 421,888 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_8\French\MapSource_Lang.dll" Sat 23 Apr 2005 397,312 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_8\English\MapSource_Lang.dll" Sat 23 Apr 2005 385,024 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_7\Spanish\MapSource_Lang.dll" Sat 23 Apr 2005 393,216 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_7\Italian\MapSource_Lang.dll" Sat 23 Apr 2005 393,216 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_7\German\MapSource_Lang.dll" Sat 23 Apr 2005 389,120 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_7\French\MapSource_Lang.dll" Sat 23 Apr 2005 372,736 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_7\English\MapSource_Lang.dll" Sat 23 Apr 2005 385,024 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_6\Spanish\MapSource_Lang.dll" Sat 23 Apr 2005 393,216 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_6\Italian\MapSource_Lang.dll" Sat 23 Apr 2005 393,216 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_6\German\MapSource_Lang.dll" Sat 23 Apr 2005 389,120 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_6\French\MapSource_Lang.dll" Sat 23 Apr 2005 372,736 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_6\English\MapSource_Lang.dll" Sat 23 Apr 2005 385,024 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_5\Spanish\MapSource_Lang.dll" Sat 23 Apr 2005 393,216 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_5\Italian\MapSource_Lang.dll" Sat 23 Apr 2005 393,216 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_5\German\MapSource_Lang.dll" Sat 23 Apr 2005 389,120 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_5\French\MapSource_Lang.dll" Sat 23 Apr 2005 372,736 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_5\English\MapSource_Lang.dll" Sat 23 Apr 2005 385,024 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_4\Spanish\MapSource_Lang.dll" Sat 23 Apr 2005 393,216 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_4\Italian\MapSource_Lang.dll" Sat 23 Apr 2005 393,216 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_4\German\MapSource_Lang.dll" Sat 23 Apr 2005 389,120 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_4\French\MapSource_Lang.dll" Sat 23 Apr 2005 372,736 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_4\English\MapSource_Lang.dll" Sat 23 Apr 2005 385,024 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_3\Spanish\MapSource_Lang.dll" Sat 23 Apr 2005 393,216 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_3\Italian\MapSource_Lang.dll" Sat 23 Apr 2005 393,216 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_3\German\MapSource_Lang.dll" Sat 23 Apr 2005 389,120 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_3\French\MapSource_Lang.dll" Sat 23 Apr 2005 372,736 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_3\English\MapSource_Lang.dll" Sat 23 Apr 2005 385,024 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_2\Spanish\MapSource_Lang.dll" Sat 23 Apr 2005 393,216 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_2\Italian\MapSource_Lang.dll" Sat 23 Apr 2005 393,216 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_2\German\MapSource_Lang.dll" Sat 23 Apr 2005 389,120 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_2\French\MapSource_Lang.dll" Sat 23 Apr 2005 372,736 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_2\English\MapSource_Lang.dll" Sat 23 Apr 2005 417,792 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_13\Spanish\MapSource_Lang.dll" Sat 23 Apr 2005 421,888 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_13\Italian\MapSource_Lang.dll" Sat 23 Apr 2005 421,888 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_13\German\MapSource_Lang.dll" Sat 23 Apr 2005 421,888 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_13\French\MapSource_Lang.dll" Sat 23 Apr 2005 397,312 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_13\English\MapSource_Lang.dll" Sat 23 Apr 2005 417,792 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_12\Spanish\MapSource_Lang.dll" Sat 23 Apr 2005 421,888 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_12\Italian\MapSource_Lang.dll" Sat 23 Apr 2005 421,888 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_12\German\MapSource_Lang.dll" Sat 23 Apr 2005 421,888 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_12\French\MapSource_Lang.dll" Sat 23 Apr 2005 397,312 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_12\English\MapSource_Lang.dll" Sat 23 Apr 2005 417,792 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_11\Spanish\MapSource_Lang.dll" Sat 23 Apr 2005 421,888 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_11\Italian\MapSource_Lang.dll" Sat 23 Apr 2005 421,888 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_11\German\MapSource_Lang.dll" Sat 23 Apr 2005 421,888 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_11\French\MapSource_Lang.dll" Sat 23 Apr 2005 397,312 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_11\English\MapSource_Lang.dll" Sat 23 Apr 2005 417,792 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_16\GPS_AT\Spanish\MapSource_Lang.dll" Sat 23 Apr 2005 421,888 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_16\GPS_AT\Italian\MapSource_Lang.dll" Sat 23 Apr 2005 421,888 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_16\GPS_AT\German\MapSource_Lang.dll" Sat 23 Apr 2005 421,888 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_16\GPS_AT\French\MapSource_Lang.dll" Sat 23 Apr 2005 397,312 A..H. --- "C:\Documents and Settings\LASZLO\Ty”p”yt„\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_16\GPS_AT\English\MapSource_Lang.dll" Finished! Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:55:02, on 19.11.2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\wltrysvc.exe C:\WINDOWS\System32\bcmwltry.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE C:\Program Files\F-Secure\Common\FSMA32.EXE C:\Program Files\F-Secure\Anti-Virus\fssm32.exe C:\Program Files\F-Secure\Common\FSMB32.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\F-Secure\Common\FCH32.EXE C:\Program Files\F-Secure\Common\FAMEH32.EXE C:\Program Files\F-Secure\Common\FNRB32.EXE C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe C:\Program Files\F-Secure\Common\FIH32.EXE C:\WINDOWS\System32\svchost.exe C:\Program Files\F-Secure\Anti-Virus\fsav32.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\F-Secure\BackWeb\7681197\Program\F-Secure Automatic Update.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\system32\WLTRAY.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Launch Manager\LaunchAp.exe C:\Program Files\Launch Manager\PowerKey.exe C:\Program Files\Launch Manager\HotkeyApp.exe C:\Program Files\Launch Manager\CtrlVol.exe C:\Program Files\Launch Manager\OSDCtrl.exe C:\Program Files\Launch Manager\Wbutton.exe C:\Program Files\Arcade\PCMService.exe C:\Program Files\F-Secure\Common\FSM32.EXE C:\Program Files\QuickTime\qttask.exe C:\Program Files\RF Wireless Mouse\cm20.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Internet Explorer\iexplore.exe C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\Program Files\acer\eRecovery\Monitor.exe C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe C:\Program Files\TomTom HOME\TomTomHOME.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe C:\Program Files\F-Secure\FSGUI\fsguiexe.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\WINDOWS\Twain_32\CA561A\SnapDetect.exe C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe C:\Documents and Settings\LASZLO\Työpöytä\HiJackThis_v2.0.2.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file) O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fi\msntb.dll O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe O4 - HKLM\..\Run: [PowerKey] "C:\Program Files\Launch Manager\PowerKey.exe" O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\HotkeyApp.exe O4 - HKLM\..\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe O4 - HKLM\..\Run: [LMgrOSD] C:\Program Files\Launch Manager\OSDCtrl.exe O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe" O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Arcade\PCMService.exe" O4 - HKLM\..\Run: [eRecoveryService] C:\Windows\System32\Check.exe O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Start RF Wireless Mouse] C:\Program Files\RF Wireless Mouse\cm20.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [Windows Services Manager] svchost.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Paikallinen palve') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Verkkopalve') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: HP Image Zone -pikakäynnistys.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: SnapDetect.lnk = ? O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Matkaviestimen suosikkien luominen - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll O9 - Extra 'Tools' menuitem: Matkaviestimen suosikkien luominen... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.soneraplaza.fi O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {3D2CB570-D425-11D5-ABD0-00008369C46F} (CSMenu Class) - https://verkkopankki.sampopankki.fi/html/activex/DB/Menu.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: F-Secure Automatic Update (BackWeb Plug-in - 7681197) - Unknown owner - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe -- End of file - 13794 bytes
