internet explorerista ponnahtaa pop-uppeja ja firefox vie toimimattomille sivuille

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Eset\nod32kui.exe
C:\WINDOWS\Xerox\PanelMgr\ssmmgr.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\TomTom HOME\TomTomHOME.exe
C:\Program Files\Easy TM\EasyTM.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Windows\system32\isys32.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\DAEMON Tools Pro\DTProAgent.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\system32\qwerty12.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\Protexis\License Service\PSIService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\explorer.exe
C:\Program Files\uTorrent\utorrent.exe
N:\Ohjelmat\Valvonta ja systeemin kunnossa pito\HiJackThis_v2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {938A8A03-A938-4019-B764-03FF8D167D79} - C:\WINDOWS\system32\tmp4A.tmp.dll
O2 - BHO: (no name) - {e0011c6e-af1b-4b6a-a7ca-4aea1d2d659f} - C:\WINDOWS\system32\esennet.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SW20] C:\WINDOWS\system32\sw20.exe
O4 - HKLM\..\Run: [SW24] C:\WINDOWS\system32\sw24.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Xerox PanelMgr] C:\WINDOWS\Xerox\PanelMgr\ssmmgr.exe /autorun
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [CorelDRAW Graphics Suite 11b] C:\Program Files\Corel\Corel Graphics 12\Languages\EN\Programs\Registration.exe /title="CorelDRAW Graphics Suite 12" /date=072807 serial=DR12WEX-1504397-KTY lang=EN
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s
O4 - HKLM\..\Run: [Easy TM] C:\Program Files\Easy TM\EasyTM.exe /min
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [winUpdate] C:\WINDOWS\system32\winUpdate.exe
O4 - HKLM\..\Run: [winehq.org] rundll32.exe "C:\WINDOWS\yabawt.dll",realset
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [MonAppli] C:\Windows\system32\isys32.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe"
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [winUpdate] C:\WINDOWS\system32\winUpdate.exe
O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Paikallinen palve')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Verkkopalve')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - AppInit_DLLs: c:\windows\system32\awtqonm.dll
O20 - Winlogon Notify: esennet - C:\WINDOWS\SYSTEM32\esennet.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Loogisen levyn hallinnan valvontapalvelu (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: DomainService - Unknown owner - C:\WINDOWS\system32\qwerty12.exe
O23 - Service: Tapahtumaloki (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: CD-levyjen kirjoittamisen IMAPI COM -palvelu (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: NetMeeting etätyöpöydän jakaminen (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Plug and Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Program Files\Common Files\Protexis\License Service\PSIService.exe
O23 - Service: Etätyöpöydän ohjeen istunnonhallinta (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Älykortti (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Resurssilokit ja -hälytykset (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Aseman tilannevedos (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Windows Updates - Unknown owner - C:\WINDOWS\windowsupdates.exe (file missing)
O23 - Service: WMI resurssisovitin (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe

 

1. Lataa combofix.exe työpöydällesi jommastakummasta linkistä:
http://www.techsupportforum.com/sectools/sUBs/ComboFix.exe
http://download.bleepingcomputer.com/sUBs/ComboFix.exe

2. Tuplaklikkaa combofix.exe tiedostoa ja seuraa ohjeistuksia.
3. Kun työkalu on valmis, se tuottaa lokin. (C:\ComboFix.txt) Lähetä tämä loki viesti ketjuusi.
Huom! Älä klikkaile combofixin ikkunaa käytön aikana. Tämä saattaa aiheuttaa ohjelman jumiutumisen.

 

2007-07-14 10:00:17 - ComboFix 07-07-13.8 - Service Pack 2 NTFS


(((((((((((((((((((((((((((((((((((((((((((( V Log )))))))))))))))))))))))))))))))))))))))))))))))))))))))


C:\WINDOWS\system32\awtqonm.dll
C:\WINDOWS\system32\esennet.dll


* * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *



((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\DOCUME~1\PEKKAR~1\APPLIC~1\tmp1049.tmp.exe
C:\DOCUME~1\PEKKAR~1\APPLIC~1\tmp1070.tmp.exe
C:\DOCUME~1\PEKKAR~1\APPLIC~1\tmp10BA.tmp.exe
C:\DOCUME~1\PEKKAR~1\APPLIC~1\tmp10BD.tmp.exe
C:\DOCUME~1\PEKKAR~1\APPLIC~1\tmp2CD.tmp.exe
C:\DOCUME~1\PEKKAR~1\APPLIC~1\tmp4A.tmp.exe
C:\DOCUME~1\PEKKAR~1\APPLIC~1\tmp757.tmp.exe
C:\DOCUME~1\PEKKAR~1\TYPYT~1.\internet explorer.lnk
C:\WINDOWS\exefld
C:\WINDOWS\system32\dnc70b1699.dat
C:\WINDOWS\system32\hldrrr.exe
C:\WINDOWS\system32\qwerty12.exe
C:\WINDOWS\system32\tmp10BA.tmp.dll
C:\WINDOWS\system32\tmp4A.tmp.dll
C:\WINDOWS\system32\winsys.exe


((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))


-------\LEGACY_DOMAINSERVICE
-------\DomainService


((((((((((((((((((((((((( Files Created from 2007-06-14 to 2007-07-14 )))))))))))))))))))))))))))))))


2007-07-14 09:59 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-07-13 17:29 <KANSIO> d-------- C:\Program Files\Winnydows
2007-07-13 17:29 <KANSIO> d-------- C:\Program Files\AviSynth 2.5
2007-07-13 10:53 36,528 --------- C:\WINDOWS\system32\drivers\PxHelp20.sys
2007-07-13 10:53 2,560 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys
2007-07-13 10:53 2,432 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys
2007-07-13 10:53 129,784 --------- C:\WINDOWS\system32\pxafs.dll
2007-07-13 10:53 115,880 --------- C:\WINDOWS\system32\pxinsi64.exe
2007-07-13 10:53 <KANSIO> d-------- C:\Program Files\Winamp
2007-07-12 10:38 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2007-07-12 10:07 <KANSIO> d-------- C:\DOCUME~1\PEKKAR~1\APPLIC~1\Creative
2007-07-12 10:05 41,984 --------- C:\WINDOWS\Ctregrun.exe
2007-07-12 10:00 44,032 --------- C:\WINDOWS\system32\CTSVCCDA.EXE
2007-07-12 10:00 25,088 --------- C:\WINDOWS\system32\CTSVCCTL.EXE
2007-07-12 09:57 <KANSIO> d-------- C:\WINDOWS\RegisteredPackages
2007-07-11 10:54 88 -r-hs---- C:\WINDOWS\system32\13DCD71260.sys
2007-07-11 10:52 <KANSIO> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
2007-07-11 10:51 <KANSIO> d-------- C:\Program Files\Common Files\Protexis
2007-07-10 19:13 4,682 --a------ C:\WINDOWS\system32\npptNT2.sys
2007-07-10 19:06 <KANSIO> d-------- C:\Program Files\DANCE!ONLINE
2007-07-10 16:33 <KANSIO> d-------- C:\psp games
2007-07-10 13:02 <KANSIO> d-------- C:\Program Files\SmartFTP Client
2007-07-10 13:02 <KANSIO> d-------- C:\DOCUME~1\PEKKAR~1\APPLIC~1\SmartFTP
2007-07-10 09:21 <KANSIO> d-------- C:\j-pop
2007-07-10 08:56 105,497 --a------ C:\WINDOWS\system32\pmnnl.exe
2007-07-10 08:45 <KANSIO> d-------- C:\Program Files\ProPilkki2
2007-07-10 07:49 <KANSIO> d-------- C:\DOCUME~1\PEKKAR~1\Shared
2007-07-10 07:49 <KANSIO> d-------- C:\DOCUME~1\PEKKAR~1\Incomplete
2007-07-10 07:48 <KANSIO> d-------- C:\Program Files\LimeWire
2007-07-10 07:48 <KANSIO> d-------- C:\DOCUME~1\PEKKAR~1\APPLIC~1\LimeWire
2007-07-10 07:36 <KANSIO> d-------- C:\Limewire 4.12.11 Pro
2007-07-10 00:02 33,952 --a------ C:\WINDOWS\system32\drivers\oreans32.sys
2007-07-10 00:02 1,155,245 --a------ C:\WINDOWS\system32\winUpdate.exe
2007-07-09 23:47 81,920 --a------ C:\WINDOWS\system32\OpenAL32.dll
2007-07-09 23:47 233,472 --a------ C:\WINDOWS\system32\wrap_oal.dll
2007-07-09 22:00 <KANSIO> d-------- C:\Program Files\Cracklock
2007-07-09 21:59 <KANSIO> d-------- C:\Program Files\CrackBuster
2007-07-09 21:57 <KANSIO> d-------- C:\Program Files\Craggle
2007-07-09 21:21 258,388 --a------ C:\WINDOWS\system32\flec003.exe
2007-07-09 19:41 <KANSIO> d-------- C:\DOCUME~1\PEKKAR~1\APPLIC~1\Thinstall
2007-07-09 17:31 <KANSIO> d-------- C:\Program Files\CDisplay
2007-07-09 13:38 <KANSIO> d-------- C:\Program Files\Common Files\Thraex Software
2007-07-09 13:38 <KANSIO> d-------- C:\PacSteam
2007-07-09 12:59 <KANSIO> d-------- C:\DOCUME~1\PEKKAR~1\APPLIC~1\funkitron
2007-07-09 12:16 <KANSIO> d-------- C:\WINDOWS\system32\AGEIA
2007-07-09 12:16 <KANSIO> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-07-09 12:16 <KANSIO> d-------- C:\Program Files\AGEIA Technologies
2007-07-09 11:17 16 --a------ C:\WINDOWS\popcinfo.dat
2007-07-09 10:44 8,704 --a------ C:\WINDOWS\system32\kbdjpn.dll
2007-07-09 10:44 8,192 --a------ C:\WINDOWS\system32\kbdkor.dll
2007-07-09 10:44 6,144 --a------ C:\WINDOWS\system32\kbd106.dll
2007-07-09 10:44 6,144 --a------ C:\WINDOWS\system32\kbd101c.dll
2007-07-09 10:44 6,144 --a------ C:\WINDOWS\system32\kbd101b.dll
2007-07-09 10:44 5,632 --a------ C:\WINDOWS\system32\kbd103.dll
2007-07-09 09:44 <KANSIO> d-------- C:\Program Files\Real
2007-07-09 09:44 <KANSIO> d-------- C:\Program Files\Common Files\xing shared
2007-07-09 09:44 <KANSIO> d-------- C:\Program Files\Common Files\Real
2007-07-09 09:44 <KANSIO> d-------- C:\DOCUME~1\PEKKAR~1\APPLIC~1\Real
2007-07-09 09:36 <KANSIO> d-------- C:\DOCUME~1\PEKKAR~1\APPLIC~1\Media Player Classic
2007-07-09 09:35 <KANSIO> d-------- C:\Program Files\Combined Community Codec Pack
2007-07-08 20:28 <KANSIO> d-------- C:\Program Files\RapidCheck
2007-07-07 20:50 <KANSIO> d-------- C:\Program Files\Creative
2007-07-07 13:26 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll
2007-07-07 13:26 255,848 --a------ C:\WINDOWS\system32\xactengine2_6.dll
2007-07-07 13:26 251,672 --a------ C:\WINDOWS\system32\xactengine2_5.dll
2007-07-07 13:26 <KANSIO> d-------- C:\DOCUME~1\PEKKAR~1\AppData
2007-07-07 13:22 <KANSIO> d-------- C:\Program Files\Microsoft Games
2007-07-07 10:38 <KANSIO> d-------- C:\Program Files\Ares
2007-07-06 13:36 <KANSIO> d-------- C:\Program Files\Burrrn
2007-07-05 17:49 <KANSIO> d-------- C:\bomberman
2007-07-05 15:47 <KANSIO> d-------- C:\WINDOWS\system32\LogFiles
2007-07-05 13:02 <KANSIO> d-------- C:\Program Files\DC++
2007-07-03 18:10 <KANSIO> d--h----- C:\WINDOWS\PIF
2007-07-02 23:05 4,182 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys
2007-07-02 23:04 <KANSIO> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Corel
2007-07-02 22:54 <KANSIO> d-------- C:\Program Files\ROUTE66
2007-07-02 22:50 <KANSIO> d-------- C:\Program Files\GmRekGTP
2007-07-02 22:50 <KANSIO> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Genimap
2007-07-02 22:47 73,216 --a------ C:\WINDOWS\ST6UNST.EXE
2007-07-02 22:47 389,120 --------- C:\WINDOWS\Setup1.exe
2007-07-02 22:47 <KANSIO> d-------- C:\Program Files\Euroword2004
2007-07-02 15:50 <KANSIO> d-------- C:\Program Files\MSN Messenger
2007-07-02 15:50 <KANSIO> d-------- C:\DOCUME~1\PEKKAR~1\Contacts
2007-07-02 12:12 <KANSIO> d-------- C:\Program Files\RADVideo
2007-07-02 10:37 49,152 --a------ C:\WINDOWS\system32\ffdrv1.dll
2007-07-02 10:37 380,928 --a------ C:\WINDOWS\system32\Xpadcpl.dll
2007-07-02 10:37 12,800 --a------ C:\WINDOWS\system32\drivers\Xpad.sys
2007-07-02 10:37 <KANSIO> d-------- C:\Program Files\Xbox Controller
2007-07-01 22:39 <KANSIO> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\TrackMania United
2007-07-01 22:01 <KANSIO> d-------- C:\Program Files\Easy TM
2007-07-01 14:38 <KANSIO> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\TomTom
2007-07-01 14:37 <KANSIO> d-------- C:\Program Files\TomTom HOME
2007-07-01 14:37 <KANSIO> d-------- C:\DOCUME~1\PEKKAR~1\APPLIC~1\InstallShield


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-07-12 06:54:44 58,976 ----a-w C:\WINDOWS\system32\perfc00B.dat
2007-07-12 06:54:44 343,760 ----a-w C:\WINDOWS\system32\perfh00B.dat
2007-06-01 13:16:22 152,064 ----a-w C:\WINDOWS\system32\isys32.exe
2007-04-25 14:22:38 144,896 ----a-w C:\WINDOWS\system32\schannel.dll
2007-04-18 16:14:18 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll
2007-04-17 12:35:32 13,653,808 ----a-w C:\WINDOWS\system32\xlivefnt.dll
2007-04-17 12:34:58 7,677,744 ----a-w C:\WINDOWS\system32\xlive.dll
2007-04-16 19:45:28 92,504 ----a-w C:\WINDOWS\system32\cdm.dll
2007-04-16 19:45:20 43,352 ----a-w C:\WINDOWS\system32\wups2.dll


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
2006-10-22 23:08 62080 --a------ C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
2007-03-14 03:43 501400 --a------ C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2006-05-01 05:07]
"SoundMAX"="C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" [2006-04-10 09:19]
"nwiz"="nwiz.exe" [2006-08-08 09:54 C:\WINDOWS\system32\nwiz.exe]
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2007-06-27 18:02]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 16:40]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06]
"UnlockerAssistant"="C:\Program Files\Unlocker\UnlockerAssistant.exe" [2006-09-07 20:19]
"CorelDRAW Graphics Suite 11b"="C:\Program Files\Corel\Corel Graphics 12\Languages\EN\Programs\Registration.exe" [2003-11-25 13:39]
"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-03-23 13:20]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-04-27 09:41]
"TomTomHOME.exe"="C:\Program Files\TomTom HOME\TomTomHOME.exe" [2007-03-14 16:52]
"Easy TM"="C:\Program Files\Easy TM\EasyTM.exe" [2007-02-25 14:30]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-07-09 09:44]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2005-02-16 16:15]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-16 16:15]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2007-02-13 21:29]
"winUpdate"="C:\WINDOWS\system32\winUpdate.exe" [2007-07-10 00:02]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-09-14 16:12]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-08-22 09:52]
"DAEMON Tools Pro Agent"="C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" [2007-06-22 15:45]
"Steam"="C:\Program Files\Steam\Steam.exe" [2007-06-29 19:17]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:55]
"Creative Detector"="C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" [2004-12-02 18:23]
"winUpdate"="C:\WINDOWS\system32\winUpdate.exe" [2007-07-10 00:02]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"Nokia.PCSync"=C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=c:\windows\system32\awtqonm.dll


HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{9B71D88C-C598-4935-C5D1-43AA4DB90836}
C:\WINDOWS\system32\winUpdate.exe s

Contents of the 'Scheduled Tasks' folder
2007-07-10 06:16:00 C:\WINDOWS\tasks\AppleSoftwareUpdate.job

**************************************************************************

catchme 0.3.915 W2K/XP/Vista - rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-07-14 10:03:28
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Completion time: 2007-07-14 10:04:02 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-07-14 10:04

--- E O F ---

 

Avaa Notepad ja kopioi/liitä allaolevassa lainausboxissa oleva teksti sinne:

Tallenna se nimellä CFScript (Tarkista että on juuri noin kirjoitettu)

Sitten raahaa CFScript ComboFix.exeen kuten alla.



Käynnistä tietokone uudelleen pyydettäessä ja lähetä combofix.txt-tiedoston sisältö tänne.

=======

Lataa SDFix by AndyManchesta http://downloads.andymanchesta.com/RemovalTools/SDFix.exe ja tallenna se työpöydällesi.

Käynnistä koneesi vikasietotilaan ja valitse tavallinen käyttäjätilisi:

* Käynnistä tietokone
* Kun kuulet koneen piippaavan, paina F8, kuitenkin ennen Windowsin logon esiintuloa
* Seuraavaksi pitäisi ilmestyä valikko
* Valitse valikosta vikasietotila.


* Tee ohjelmalle oma kansio C:\SDFix ja siirrä se sinne
* Avaa SDFix-kansio ja tuplaklikkaa tiedostoa RunThis.bat käynnistääksesi ohjelman.
* Paina Y käynnistääksesi skriptin.
* Työkalu puhdistaa troijalaisen palvelut ja tekee myös joitakin korjauksia rekisteriin. Lopuksi se pyytää käynnistämään koneen uudelleen, "Press any key to Reboot".
* Paina mitä tahansa näppäintä ja kone käynnistyy uudelleen.
* Käynnistyminen kestää normaalia kauemmin sillä SDFix puhdistaa konetta.
* Kun kone on käynnistynyt ja työpöytä latautunut, SDFix kertoo että puhdistus on suoritettu, "Finished".
* Paina sitten mitä tahansa näppäintä sulkeaksesi skriptin ja ladataksesi pikakuvakkeet työpöydälle.
* Lopuksi avaa SDFix kansio ja kopioi & liitä tiedoston Report.txt sisältö viestiketjuusi

=======

myös uusi hijackthislogi

 

ComboFixin Tiedot:

2007-07-14 20:54:38 - ComboFix 07-07-13.8 - Service Pack 2 NTFS
Command switches used :: C:\Documents and Settings\Pekka Roulamo\Ty”p”yt„\CFScript.txt


((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\WINDOWS\system32\flec003.exe
C:\Windows\system32\isys32.exe
C:\WINDOWS\system32\pmnnl.exe
C:\WINDOWS\system32\winUpdate.exe


((((((((((((((((((((((((( Files Created from 2007-06-14 to 2007-07-14 )))))))))))))))))))))))))))))))


2007-07-14 09:59 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-07-13 17:29 <KANSIO> d-------- C:\Program Files\Winnydows
2007-07-13 17:29 <KANSIO> d-------- C:\Program Files\AviSynth 2.5
2007-07-13 10:53 36,528 --------- C:\WINDOWS\system32\drivers\PxHelp20.sys
2007-07-13 10:53 2,560 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys
2007-07-13 10:53 2,432 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys
2007-07-13 10:53 129,784 --------- C:\WINDOWS\system32\pxafs.dll
2007-07-13 10:53 115,880 --------- C:\WINDOWS\system32\pxinsi64.exe
2007-07-13 10:53 <KANSIO> d-------- C:\Program Files\Winamp
2007-07-12 10:38 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2007-07-12 10:07 <KANSIO> d-------- C:\DOCUME~1\PEKKAR~1\APPLIC~1\Creative
2007-07-12 10:05 41,984 --------- C:\WINDOWS\Ctregrun.exe
2007-07-12 10:00 44,032 --------- C:\WINDOWS\system32\CTSVCCDA.EXE
2007-07-12 10:00 25,088 --------- C:\WINDOWS\system32\CTSVCCTL.EXE
2007-07-12 09:57 <KANSIO> d-------- C:\WINDOWS\RegisteredPackages
2007-07-11 10:54 88 -r-hs---- C:\WINDOWS\system32\13DCD71260.sys
2007-07-11 10:52 <KANSIO> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
2007-07-11 10:51 <KANSIO> d-------- C:\Program Files\Common Files\Protexis
2007-07-11 10:48 <KANSIO> d-------- C:\CorelDRAW.Graphics.Suite.X3.v13.0.Incl.Keygen-SSG
2007-07-11 10:42 <KANSIO> d-------- C:\CorelDRAW.Graphics.Suite.X3.v13.0.Incl.Keygen--SSG
2007-07-10 19:13 4,682 --a------ C:\WINDOWS\system32\npptNT2.sys
2007-07-10 19:06 <KANSIO> d-------- C:\Program Files\DANCE!ONLINE
2007-07-10 16:33 <KANSIO> d-------- C:\psp games
2007-07-10 13:02 <KANSIO> d-------- C:\Program Files\SmartFTP Client
2007-07-10 13:02 <KANSIO> d-------- C:\DOCUME~1\PEKKAR~1\APPLIC~1\SmartFTP
2007-07-10 09:21 <KANSIO> d-------- C:\j-pop
2007-07-10 08:45 <KANSIO> d-------- C:\Program Files\ProPilkki2
2007-07-10 07:49 <KANSIO> d-------- C:\DOCUME~1\PEKKAR~1\Shared
2007-07-10 07:49 <KANSIO> d-------- C:\DOCUME~1\PEKKAR~1\Incomplete
2007-07-10 07:48 <KANSIO> d-------- C:\Program Files\LimeWire
2007-07-10 07:48 <KANSIO> d-------- C:\DOCUME~1\PEKKAR~1\APPLIC~1\LimeWire
2007-07-10 07:36 <KANSIO> d-------- C:\Limewire 4.12.11 Pro
2007-07-10 00:02 33,952 --a------ C:\WINDOWS\system32\drivers\oreans32.sys
2007-07-09 23:47 81,920 --a------ C:\WINDOWS\system32\OpenAL32.dll
2007-07-09 23:47 233,472 --a------ C:\WINDOWS\system32\wrap_oal.dll
2007-07-09 22:00 <KANSIO> d-------- C:\Program Files\Cracklock
2007-07-09 21:59 <KANSIO> d-------- C:\Program Files\CrackBuster
2007-07-09 21:57 <KANSIO> d-------- C:\Program Files\Craggle
2007-07-09 19:41 <KANSIO> d-------- C:\DOCUME~1\PEKKAR~1\APPLIC~1\Thinstall
2007-07-09 17:31 <KANSIO> d-------- C:\Program Files\CDisplay
2007-07-09 13:38 <KANSIO> d-------- C:\Program Files\Common Files\Thraex Software
2007-07-09 13:38 <KANSIO> d-------- C:\PacSteam
2007-07-09 12:59 <KANSIO> d-------- C:\DOCUME~1\PEKKAR~1\APPLIC~1\funkitron
2007-07-09 12:16 <KANSIO> d-------- C:\WINDOWS\system32\AGEIA
2007-07-09 12:16 <KANSIO> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-07-09 12:16 <KANSIO> d-------- C:\Program Files\AGEIA Technologies
2007-07-09 11:17 16 --a------ C:\WINDOWS\popcinfo.dat
2007-07-09 10:44 8,704 --a------ C:\WINDOWS\system32\kbdjpn.dll
2007-07-09 10:44 8,192 --a------ C:\WINDOWS\system32\kbdkor.dll
2007-07-09 10:44 6,144 --a------ C:\WINDOWS\system32\kbd106.dll
2007-07-09 10:44 6,144 --a------ C:\WINDOWS\system32\kbd101c.dll
2007-07-09 10:44 6,144 --a------ C:\WINDOWS\system32\kbd101b.dll
2007-07-09 10:44 5,632 --a------ C:\WINDOWS\system32\kbd103.dll
2007-07-09 09:44 <KANSIO> d-------- C:\Program Files\Real
2007-07-09 09:44 <KANSIO> d-------- C:\Program Files\Common Files\xing shared
2007-07-09 09:44 <KANSIO> d-------- C:\Program Files\Common Files\Real
2007-07-09 09:44 <KANSIO> d-------- C:\DOCUME~1\PEKKAR~1\APPLIC~1\Real
2007-07-09 09:36 <KANSIO> d-------- C:\DOCUME~1\PEKKAR~1\APPLIC~1\Media Player Classic
2007-07-09 09:35 <KANSIO> d-------- C:\Program Files\Combined Community Codec Pack
2007-07-08 20:28 <KANSIO> d-------- C:\Program Files\RapidCheck
2007-07-07 20:50 <KANSIO> d-------- C:\Program Files\Creative
2007-07-07 13:26 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll
2007-07-07 13:26 255,848 --a------ C:\WINDOWS\system32\xactengine2_6.dll
2007-07-07 13:26 251,672 --a------ C:\WINDOWS\system32\xactengine2_5.dll
2007-07-07 13:26 <KANSIO> d-------- C:\DOCUME~1\PEKKAR~1\AppData
2007-07-07 13:22 <KANSIO> d-------- C:\Program Files\Microsoft Games
2007-07-07 10:38 <KANSIO> d-------- C:\Program Files\Ares
2007-07-06 13:36 <KANSIO> d-------- C:\Program Files\Burrrn
2007-07-05 17:49 <KANSIO> d-------- C:\bomberman
2007-07-05 15:47 <KANSIO> d-------- C:\WINDOWS\system32\LogFiles
2007-07-05 13:02 <KANSIO> d-------- C:\Program Files\DC++
2007-07-05 10:13 <KANSIO> d-------- C:\SJK SANTA JUSTA KLAN, CD COMPLETO, CARATULAS, VIDEO
2007-07-05 10:12 <KANSIO> d-------- C:\Fran Perea - La chica de la habitaci¢n de al lado - ( 2003) - [EMG]
2007-07-04 14:30 <KANSIO> d-------- C:\SJK.[Santa_Justa_Klan]-D.P.M.-.[2006]-[WwW.DivxTotal.CoM]
2007-07-04 12:58 <KANSIO> d-------- C:\Live.Free.or.Die.Hard.2007.2CD.xvidsubs.com.v1.1
2007-07-03 18:10 <KANSIO> d--h----- C:\WINDOWS\PIF
2007-07-03 18:09 <KANSIO> d-------- C:\SJK.-.Santa.Justa.Klan.2005.MP3.-.GMP3.-.www.GuiaMP3.com
2007-07-02 23:05 4,182 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys
2007-07-02 23:04 <KANSIO> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Corel
2007-07-02 22:54 <KANSIO> d-------- C:\Program Files\ROUTE66
2007-07-02 22:50 <KANSIO> d-------- C:\Program Files\GmRekGTP
2007-07-02 22:50 <KANSIO> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Genimap
2007-07-02 22:47 73,216 --a------ C:\WINDOWS\ST6UNST.EXE
2007-07-02 22:47 389,120 --------- C:\WINDOWS\Setup1.exe
2007-07-02 22:47 <KANSIO> d-------- C:\Program Files\Euroword2004
2007-07-02 15:50 <KANSIO> d-------- C:\Program Files\MSN Messenger
2007-07-02 15:50 <KANSIO> d-------- C:\DOCUME~1\PEKKAR~1\Contacts
2007-07-02 12:12 <KANSIO> d-------- C:\Program Files\RADVideo
2007-07-02 10:37 49,152 --a------ C:\WINDOWS\system32\ffdrv1.dll
2007-07-02 10:37 380,928 --a------ C:\WINDOWS\system32\Xpadcpl.dll
2007-07-02 10:37 12,800 --a------ C:\WINDOWS\system32\drivers\Xpad.sys
2007-07-02 10:37 <KANSIO> d-------- C:\Program Files\Xbox Controller
2007-07-01 22:39 <KANSIO> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\TrackMania United
2007-07-01 22:01 <KANSIO> d-------- C:\Program Files\Easy TM
2007-07-01 14:38 <KANSIO> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\TomTom
2007-07-01 14:37 <KANSIO> d-------- C:\Program Files\TomTom HOME
2007-07-01 14:37 <KANSIO> d-------- C:\DOCUME~1\PEKKAR~1\APPLIC~1\InstallShield
2007-07-01 13:41 <KANSIO> d-------- C:\kg_new
2007-07-01 07:40 65,536 --a------ C:\WINDOWS\system32\a1.dll
2007-07-01 07:40 520,192 --a------ C:\WINDOWS\system32\wscma2u.exe


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-07-12 06:54:44 58,976 ----a-w C:\WINDOWS\system32\perfc00B.dat
2007-07-12 06:54:44 343,760 ----a-w C:\WINDOWS\system32\perfh00B.dat
2007-04-25 14:22:38 144,896 ----a-w C:\WINDOWS\system32\schannel.dll
2007-04-18 16:14:18 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll
2007-04-17 12:35:32 13,653,808 ----a-w C:\WINDOWS\system32\xlivefnt.dll
2007-04-17 12:34:58 7,677,744 ----a-w C:\WINDOWS\system32\xlive.dll
2007-04-16 19:45:28 92,504 ----a-w C:\WINDOWS\system32\cdm.dll
2007-04-16 19:45:20 43,352 ----a-w C:\WINDOWS\system32\wups2.dll


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
2006-10-22 23:08 62080 --a------ C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
2007-03-14 03:43 501400 --a------ C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2006-05-01 05:07]
"SoundMAX"="C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" [2006-04-10 09:19]
"nwiz"="nwiz.exe" [2006-08-08 09:54 C:\WINDOWS\system32\nwiz.exe]
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2007-06-27 18:02]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 16:40]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06]
"UnlockerAssistant"="C:\Program Files\Unlocker\UnlockerAssistant.exe" [2006-09-07 20:19]
"CorelDRAW Graphics Suite 11b"="C:\Program Files\Corel\Corel Graphics 12\Languages\EN\Programs\Registration.exe" [2003-11-25 13:39]
"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-03-23 13:20]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-04-27 09:41]
"TomTomHOME.exe"="C:\Program Files\TomTom HOME\TomTomHOME.exe" [2007-03-14 16:52]
"Easy TM"="C:\Program Files\Easy TM\EasyTM.exe" [2007-02-25 14:30]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-07-09 09:44]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2005-02-16 16:15]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-16 16:15]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2007-02-13 21:29]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-09-14 16:12]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-08-22 09:52]
"DAEMON Tools Pro Agent"="C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" [2007-06-22 15:45]
"Steam"="C:\Program Files\Steam\Steam.exe" [2007-06-29 19:17]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:55]
"Creative Detector"="C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" [2004-12-02 18:23]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"Nokia.PCSync"=C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog

*Newly Created Service* - CATCHME

Contents of the 'Scheduled Tasks' folder
2007-07-10 06:16:00 C:\WINDOWS\tasks\AppleSoftwareUpdate.job

**************************************************************************

catchme 0.3.915 W2K/XP/Vista - rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-07-14 20:56:01
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Completion time: 2007-07-14 20:56:12
C:\ComboFix-quarantined-files.txt ... 2007-07-14 20:56
C:\ComboFix2.txt ... 2007-07-14 10:04

--- E O F ---

 

Tässä SDFix Report:


SDFix: Version 1.91

Run by HamasakiMan on la 14.07.2007 at 21:02

Microsoft Windows XP [versio 5.1.2600]

Running From: C:\SDFix

Safe Mode:
Checking Services:


Restoring Windows Registry Values
Restoring Windows Default Hosts File
Restoring Missing Security Center Service
Restoring Missing SharedAccess Service

Rebooting...


Normal Mode:
Checking Files:

No Trojan Files Found




Removing Temp Files...

ADS Check:

C:\WINDOWS
No streams found.

C:\WINDOWS\system32
No streams found.

C:\WINDOWS\system32\svchost.exe
No streams found.

C:\WINDOWS\system32\ntoskrnl.exe
No streams found.



Final Check:

Remaining Services:
------------------



Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabledxpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabledxpsp2res.dll,-22019"

Remaining Files:
---------------


Files with Hidden Attributes:

C:\WINDOWS\system32\13DCD71260.sys
C:\WINDOWS\system32\KGyGaAvL.sys
C:\WINDOWS\SoftwareDistribution\Download\ea0f75676c11484a862a8b83cc7166ab\download\BIT4B.tmp
C:\WINDOWS\system32\config\default.tmp.LOG
C:\WINDOWS\system32\config\SAM.tmp.LOG
C:\WINDOWS\system32\config\SECURITY.tmp.LOG
C:\WINDOWS\system32\config\software.tmp.LOG
C:\WINDOWS\system32\config\system.tmp.LOG

Finished

 

Tässä HijackThis Logi

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:10:21, on 14.7.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\Protexis\License Service\PSIService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\TomTom HOME\TomTomHOME.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\DAEMON Tools Pro\DTProAgent.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\WinRAR\WinRAR.exe
N:\Ohjelmat\Valvonta ja systeemin kunnossa pito\HijackThis\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [CorelDRAW Graphics Suite 11b] C:\Program Files\Corel\Corel Graphics 12\Languages\EN\Programs\Registration.exe /title="CorelDRAW Graphics Suite 12" /date=072807 serial=DR12WEX-1504397-KTY lang=EN
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s
O4 - HKLM\..\Run: [Easy TM] C:\Program Files\Easy TM\EasyTM.exe /min
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe"
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Paikallinen palve')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Verkkopalve')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Program Files\Common Files\Protexis\License Service\PSIService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 6188 bytes

sitten tota ennen se herjas jostain otin kuvan siitä jos voisit selittää mulle mitä toi tarkottaa

 

Jos käytät vain Windowsin omaa palomuuria, niin se ei ole riittävä suoja. Lataa vaikka näistä kolmesta Yksi palomuuri koneellesi ja asenna se. Poista sitten myös windowsin palomuuri käytöstä. Nämä 3 ovat aika suosittuja ja ilmaisia palomuureja:

Comodo
Kerio
Zonealarm

==========

Tarkista koneesi F-Securen online skannerilla

Huom, skanneri toimii vain Internet Explorer selaimella

* Lue sivun ohjeet huolella läpi
* Klikkaa Start scanning
* Mikäli saat Internet Explorer -suojausvaroituksen, klikkaa Asenna
* Klikkaa Accept
* Klikkaa Custom Scan
* Säädä asetukset seuraavasti

o "Virus Scan Option" kohdasta valitse Scan whole system
o "Other Scan Option" kohdasta valitse Scan All Files
o Valitse Scan whole system for rootkits
o Valitse Scan whole system for spyware
o Laita ruksi kohtaan Scan inside archives
o Varmista että Use advanced heuristics on valittuna

* Klikkaa Start
* Skannaus käynnistyy kun tarvittavat tiedostot/päivitykset on ladattu
* Odota kärsivällisesti
* Kun sakannaus on suoritettu, klikkaa Automatic cleaning
* Klikkaa Show Report
* Raportti aukeaa selaimessa, kopioi teksti kokonaan
* Liitä kopioitu teksti esim. muistioon tai Wordiin ja tallenna työpöydälle
* Voit sulkea skannerin
* Lähetä raportti viestiketjuusi

==========

Tämä jos tunnet tietokoneesi olevan hitaan puoleinen, etkä ole eheyttänyt pitkään aikaan:

Avaa Oma tietokone
-> Tee seuraava toimenpide kaikille Paikallisille levyille


==========

Lataa CCleaner ja asenna se:
Avaa "Options", sieltä "Language" ja valitse "Suomi (Finnish)"

Avaa "Virheet" kohta, paina "Etsi rekisterin virheitä", paina "Korjaa valitut rekisterin virheet..". Paina "Kyllä", kun ohjelma kysyy "Haluatko varmuuskopioida muutokset rekisteriin", tallenna tiedosto esim. työpöydälle.

Avaa "Puhdistaja", paina "Tutki" ja tämän jälkeen "Aja Ccleaner". Puhdista väliaikaistiedostot ja -kansiot ohjelmalla säännöllisesti.

==========

Jos sinulla ei ole tätä java versiota (6.2): Vanha java saastuttaa helposti koneesi!

Javan päivitys ja välimuistin tyhjennys:

1. Klikkaa Käynnistä -> Ohjauspaneeli ja tupla-klikkaa Lisää tai poista sovellus Ohjauspaneelissa.
2. Etsi listasta kaikki entiset Java versiosi. (J2SE Runtime Environment.... )
Niissä pitäisi olla seuraava kuva vieressä:
3. Valitse kaikki entiset Java versiosi ja valitse Poista.
4. Asenna uusin Java päivitys seuraavasta linkistä..
5. Käynnistä kone uudelleen asennuksen jälkeen:

http://java.sun.com/javase/downloads/index.jsp
tai http://www.filehippo.com/download_java_runtime/

Rullaa alas kohteeseen Java Runtime Environment (JRE) 6u2

Paina Download

Ruksaa Accept, ota offline installation, tallenna vaikka työpöydälle ja asenna se.

6. Käynnistyksen jälkeen, mene takaisin Ohjauspaneeliin ja avaa Java asetuksesi (Muita Ohjauspaneelin asetuksia -> Java kahvikuppi).

7. General Settings -osion alla, vedä liukusäädintä (Disk Space) pienemmälle, ja klikkaa Delete Files -nappia.

(Jotkut javapohjaiset ohjelmat saattavat tarvita enemmän levytilaa.
Jos huomaat säädön pienentämisen jälkeen koneessa hitautta, siirrä liukusäädintä isommalle).

8. Varmista että kaikki kaksi valintaa ovat rastitettuja:

*Applications and Applets

*Trace and Log Files


Ja paina OK -nappia

9. Klikkaa OK "Temporary Files Settings" -ikkunassasi.

10. Klikkaa OK jättääksesi Java asetusikkunasi.

==========

Lataa Deckard's System Scanner Työpöydällesi.

Huomioi: Sinulla tulee olla Järjestelmänvalvojan oikeudet ajaaksesi ohjelman.

[*]Sulje kaikki avoimet ikkunat ja ohjelmat.
[*]Tupla Klikkaa Dss.exe tiedostoa ajaaksesi ohjelman, seuraa ohjeita.
[*]Kun Scannaus on valmis 2 textitiedostoa pitäisi avautua, Main.txt ja extra.txt
[*]Näppäile Kopioi ( CTRL+A -> CTRL + C ) ja liitä ( CTRL + V )
[*]kopioi ja liitä Extra.txt & Main.txt sisältö seuraavaan vastaukseesi.

myös F-securen raportti

 

tässä f-securen raportti Minä Käytän palomuurina Nod32 ohjelmaa

Scanning Report
Sunday, July 15, 2007 01:31:34 - 09:51:30

Computer name: PEKKA-CB0DE5ABA
Scanning type: Scan system for viruses, rootkits, spyware
Target: C:\ D:\ E:\ F:\ G:\
Result: 31 malware found
Backdoor.Win32.Rbot.cij (virus)

* C:\[MOBILE]MSN.MESSENGER.J2ME.JAVA.NOKIA.SONY.ERICSSON.SAMSUNG.rar\[MOBILE]MSN.MESSENGER.J2ME.JAVA.NOKIA.SONY.ERICSSON.SAMSUNG\setup.exe
* C:\[MOBILE]MSN.MESSENGER.J2ME.JAVA.NOKIA.SONY.ERICSSON.SAMSUNG.rar (Submitted)

Email-Worm.Win32.Bagle.ir (virus)

* C:\Program Files\ESET\infected\2YXJUQAA.NQF (Renamed & Submitted)

HackTool.Win32.CrackSearch.a (virus)

* C:\Program Files\ESET\infected\AQEVQLAA.NQF (Renamed & Submitted)

Rootkit.Win32.Agent.p (virus)

* C:\Program Files\ESET\infected\UCCD01DA.NQF (Submitted)

Suspicious_F.gen.dropper (virus)

* E:\NOD32 Antivirus System 2.70.31 for Windows NT 2000 2003 XP x32 x64\NOD32.FiX.v2.1.exe (Submitted)

Tracking Cookie (spyware)

* System (Disinfected)
* System
* System
* System
* System
* System
* System
* System
* System
* System
* System
* System
* System
* System

Trojan-Downloader.Win32.Bagle.ca (virus)

* C:\Program Files\ESET\infected\3LADBRDA.NQF (Renamed & Submitted)

Trojan-Downloader.Win32.Tiny.id (virus)

* C:\Program Files\ESET\infected\4Z5EWNCA.NQF (Renamed & Submitted)

Trojan-Dropper.Win32.Mudrop.du (virus)

* C:\Documents and Settings\Pekka Roulamo\Shared\(ECHOS) suprme with cheese (Crack) (Unreleased).zip\Setup.exe
* C:\Documents and Settings\Pekka Roulamo\Shared\(RiSC) suprme with cheese iSO (Single).zip\Setup.exe
* C:\Documents and Settings\Pekka Roulamo\Omat tiedostot\Setup.exe (Renamed & Submitted)
* C:\Documents and Settings\Pekka Roulamo\Incomplete\T-1309300-(FiCO) suprme with cheese _serial_ (Radio.Version).zip\Setup.exe

Trojan.Win32.Pakes (virus)

* C:\QooBox\Quarantine\C\WINDOWS\system32\winUpdate.exe.vir (Renamed & Submitted)

W32/Bifrose.EKB (virus)

* C:\Program Files\eMule\Incoming\Turbo.Sliders.1.0.8.FULL.+.crack.by.Kirienko.rar\Turbo Sliders Crack ver 1_0_8 by Kirienko.rar\sliders.exe

W32/DLoader.CNGF (virus)

* C:\CorelDRAW.Graphics.Suite.X3.v13.0.Incl.Keygen--SSG!.rar\Keygen.exe

W32/Suspicious_F.gen.dropper (virus)

* E:\NOD32 Antivirus System 2.70.31 for Windows NT 2000 2003 XP x32 x64\NOD32view_2.06.2.exe (Submitted)
* E:\NOD32 Antivirus System 2.70.31 for Windows NT 2000 2003 XP x32 x64\NOD32view_2.07.2.exe (Submitted)

Statistics
Scanned:

* Files: 244625
* System: 4718
* Not scanned: 466

Actions:

* Disinfected: 1
* Renamed: 6
* Deleted: 0
* None: 24
* Submitted: 11

Files not scanned:

&#65533;Z`
&#65533;&`
Y-HOTW\PSY-HOTW.ISOC:\PROGRAM FILES\NERO\NERO 7\NERO VISION\3DANIMATIONS\MENUS\4_3\TOWERS\TOWERS.MP3C:\PROGRAM FILES\NERO\NERO 7\NERO VISION\3DANIMATIONS\MENUS\4_3\TOWERS\TOWERS_INTRO.MP3C:\PROGRAM FILES\NERO\NERO 7\NERO VISION\3DANIMATIONS\MENUS\4_3\TOWERS\TOWERS_MENU_TO_MENU.MP3C:\PROGRAM FILES\NERO\NERO 7\NERO VISION\3DANIMATIONS\MENUS\4_3\TOWERS\TOWERS_MENU_TO_MENU_REV.MP3C:\PROGRAM FILES\NERO\NERO 7\NERO VISION\3DANIMATIONS\MENUS

Options
Scanning engines:

* F-Secure AVP: 7.0.171, 2007-07-13
* F-Secure Blacklight: 1.0.64
* F-Secure Draco: 1.0.35, 0260-23-12
* F-Secure Libra: 2.4.2, 2007-07-13
* F-Secure Orion: 1.2.37, 2007-07-13
* F-Secure Pegasus: 1.19.0, 2007-06-12

Scanning options:

* Scan all files
* Scan inside archives
* Use Advanced heuristics

Copyright © 1998-2006 Product support |Send virus sample to F-Secure
F-Secure assumes no responsibility for material created or published by third parties that F-Secure World Wide Web pages have a link to. Unless you have clearly stated otherwise, by submitting material to any of our servers, for example by E-mail or via our F-Secure's CGI E-mail, you agree that the material you make available may be published in the F-Secure World Wide Pages or hard-copy publications. You will reach F-Secure public web site by clicking on underlined links. While doing this, your access will be logged to our private access statistics with your domain name.This information will not be given to any third party. You agree not to take action against us in relation to material that you submit. Unless you have clearly stated otherwise, by submitting material you warrant that F-Secure may incorporate any concepts described in it in the F-Secure products/publications without liability.

 

dekardin Main ja Extra Raportit

Main.txt

Deckard's System Scanner v20070711.54
Run by Pekka Roulamo on 2007-07-15 at 09:55:49
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
72: 2007-07-15 06:55:52 UTC - RP72 - Deckard's System Scanner Restore Point
71: 2007-07-14 09:40:02 UTC - RP71 - Järjestelmän tarkistuspiste
70: 2007-07-13 09:25:40 UTC - RP70 - Software Distribution Service 3.0
69: 2007-07-13 07:27:32 UTC - RP69 - Software Distribution Service 3.0
68: 2007-07-12 07:01:12 UTC - RP68 - Installed Creative MediaSource


-- First Restore Point --
1: 2007-06-27 14:44:49 UTC - RP1 - Järjestelmän tarkistuspiste


Backed up registry hives.

Performed disk cleanup.


-- HijackThis (run as Pekka Roulamo.exe) ---------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:57:32, on 15.7.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\Protexis\License Service\PSIService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\TomTom HOME\TomTomHOME.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\DAEMON Tools Pro\DTProAgent.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
G:\Magic ISO Maker v5.3 + Keygen\Setup.exe
C:\DOCUME~1\PEKKAR~1\LOCALS~1\Temp\ir_ext_temp_0\autorun.exe
C:\WINDOWS\explorer.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Documents and Settings\Pekka Roulamo\Työpöytä\dss.exe
N:\Ohjelmat\VALVON~1\HIJACK~1\Pekka Roulamo.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [CorelDRAW Graphics Suite 11b] C:\Program Files\Corel\Corel Graphics 12\Languages\EN\Programs\Registration.exe /title="CorelDRAW Graphics Suite 12" /date=072807 serial=DR12WEX-1504397-KTY lang=EN
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s
O4 - HKLM\..\Run: [Easy TM] C:\Program Files\Easy TM\EasyTM.exe /min
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe"
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Paikallinen palve')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Verkkopalve')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - http://support.f-secure.com/ols/fscax.cab
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Program Files\Common Files\Protexis\License Service\PSIService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 6378 bytes

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 oreans32 - c:\windows\system32\drivers\oreans32.sys
R2 DgiVecp - c:\windows\system32\drivers\dgivecp.sys <Not Verified; Samsung Electronics Co., Ltd.; Samsung Electronics Co., Ltd. VECP for Windows 2000, XP>
R3 ADIHdAudAddService (ADI UAA Function Driver for High Definition Audio Service) - c:\windows\system32\drivers\adihdaud.sys <Not Verified; Analog Devices, Inc.; SoundMAX Digital HD Audio Driver>
R3 AEAudio (AE Audio Service) - c:\windows\system32\drivers\aeaudio.sys <Not Verified; Andrea Electronics Corporation; Andrea Audio Driver>

S3 Asushwio - c:\windows\system32\drivers\asushwio.sys
S3 catchme - c:\docume~1\pekkar~1\locals~1\temp\catchme.sys (file missing)
S3 GMSIPCI - i:\install\gmsipci.sys (file missing)
S3 NPPTNT2 - c:\windows\system32\npptnt2.sys <Not Verified; INCA Internet Co., Ltd.; nProtect NPSC Kernel Mode Driver for NT>
S3 XPAD (XBox Controllers USB HID Mini Driver) - c:\windows\system32\drivers\xpad.sys <Not Verified; Beijing WiseGrup.,Ltd (gamepad.yeah.net); Xbox Gamepad USB Driver>


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 ProtexisLicensing - "c:\program files\common files\protexis\license service\psiservice.exe" <Not Verified; ; PSIService>
R3 ServiceLayer - "c:\program files\pc connectivity solution\servicelayer.exe" <Not Verified; Nokia.; PC Connectivity Solution>

S2 Windows Updates - "c:\windows\windowsupdates.exe" (file missing)
S3 AresChatServer (Ares Chatroom server) - c:\program files\ares\chatserver.exe <Not Verified; Ares Development Group; Ares Chat Server>
S3 NBService - c:\program files\nero\nero 7\nero backitup\nbservice.exe
S3 SM_Phaser6110_FUService (Phaser6110 Status Monitor Service) - "c:\program files\xerox\xerox phaser 6110\spanel\ssmsrvc /service (file missing)


-- Scheduled Tasks -------------------------------------------------------------

2007-07-10 09:16:00 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job


-- Files created between 2007-06-15 and 2007-07-15 -----------------------------

2007-07-15 01:29:15 0 d-------- C:\WINDOWS\LastGood
2007-07-14 23:34:28 0 d-------- C:\Program Files\MagicISO
2007-07-14 21:48:50 0 d-------- C:\Temp
2007-07-14 21:01:55 0 d-------- C:\WINDOWS\ERUNT
2007-07-14 10:03:01 0 d-------- C:\Avenger
2007-07-13 17:29:16 0 d-------- C:\Program Files\AviSynth 2.5
2007-07-13 17:29:06 0 d-------- C:\Program Files\Winnydows
2007-07-13 10:53:47 0 d-------- C:\Program Files\Winamp
2007-07-12 10:07:07 0 d-------- C:\Documents and Settings\Pekka Roulamo\Application Data\Creative
2007-07-12 10:05:01 41984 -----n--- C:\WINDOWS\Ctregrun.exe <Not Verified; Creative Technology Ltd; Creative On-line Registration System>
2007-07-12 10:00:35 25088 -----n--- C:\WINDOWS\system32\CTSVCCTL.EXE <Not Verified; Creative Technology Ltd; Creative Service Control>
2007-07-12 10:00:35 44032 -----n--- C:\WINDOWS\system32\CTSVCCDA.EXE <Not Verified; Creative Technology Ltd; Creative Service for CDROM Access>
2007-07-12 09:57:04 0 d-------- C:\WINDOWS\RegisteredPackages
2007-07-11 10:54:20 88 -r-hs---- C:\WINDOWS\system32\13DCD71260.sys
2007-07-11 10:52:03 0 d-------- C:\Documents and Settings\All Users\Application Data\InstallShield
2007-07-11 10:51:14 0 d-------- C:\Program Files\Common Files\Protexis
2007-07-11 10:48:30 0 d-------- C:\CorelDRAW.Graphics.Suite.X3.v13.0.Incl.Keygen-SSG
2007-07-11 10:42:20 0 d-------- C:\CorelDRAW.Graphics.Suite.X3.v13.0.Incl.Keygen--SSG
2007-07-10 19:13:18 4682 --a------ C:\WINDOWS\system32\npptNT2.sys <Not Verified; INCA Internet Co., Ltd.; nProtect NPSC Kernel Mode Driver for NT>
2007-07-10 19:06:38 0 d-------- C:\Program Files\DANCE!ONLINE
2007-07-10 16:33:32 0 d-------- C:\psp games
2007-07-10 13:02:59 0 d-------- C:\Documents and Settings\Pekka Roulamo\Application Data\SmartFTP
2007-07-10 13:02:47 0 d-------- C:\Program Files\SmartFTP Client
2007-07-10 09:21:51 0 d-------- C:\j-pop
2007-07-10 08:45:28 0 d-------- C:\Program Files\ProPilkki2
2007-07-10 07:49:03 0 d-------- C:\Documents and Settings\Pekka Roulamo\Shared
2007-07-10 07:49:01 0 d-------- C:\Documents and Settings\Pekka Roulamo\Incomplete
2007-07-10 07:48:51 0 d-------- C:\Documents and Settings\Pekka Roulamo\Application Data\LimeWire
2007-07-10 07:48:47 0 d-------- C:\Program Files\LimeWire
2007-07-10 07:36:09 0 d-------- C:\Limewire 4.12.11 Pro
2007-07-10 00:02:12 33952 --a------ C:\WINDOWS\system32\drivers\oreans32.sys
2007-07-09 23:47:34 233472 --a------ C:\WINDOWS\system32\wrap_oal.dll <Not Verified; Creative Labs; Creative Labs OpenAL32>
2007-07-09 23:47:34 81920 --a------ C:\WINDOWS\system32\OpenAL32.dll <Not Verified; Portions (c) Creative Labs Inc. and NVIDIA Corp.; Standard OpenAL(TM) Library>
2007-07-09 22:00:20 0 d-------- C:\Program Files\Cracklock
2007-07-09 21:59:05 0 d-------- C:\Program Files\CrackBuster
2007-07-09 21:57:03 0 d-------- C:\Program Files\Craggle
2007-07-09 21:24:09 0 dr-h----- C:\Documents and Settings\Pekka Roulamo\Recent
2007-07-09 19:41:16 0 d-------- C:\Documents and Settings\Pekka Roulamo\Application Data\Thinstall
2007-07-09 17:31:46 0 d-------- C:\Program Files\CDisplay
2007-07-09 13:38:34 0 d-------- C:\Program Files\Common Files\Thraex Software
2007-07-09 13:38:34 0 d-------- C:\PacSteam
2007-07-09 12:59:27 0 d-------- C:\Documents and Settings\Pekka Roulamo\Application Data\funkitron
2007-07-09 12:16:26 0 d-------- C:\WINDOWS\system32\AGEIA
2007-07-09 12:16:26 0 d-------- C:\Program Files\AGEIA Technologies
2007-07-09 12:16:17 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-07-09 11:17:55 16 --a------ C:\WINDOWS\popcinfo.dat
2007-07-09 09:44:45 0 d-------- C:\Program Files\Common Files\xing shared
2007-07-09 09:44:39 0 d-------- C:\Program Files\Real
2007-07-09 09:44:39 0 d-------- C:\Program Files\Common Files\Real
2007-07-09 09:44:26 0 d-------- C:\Documents and Settings\Pekka Roulamo\Application Data\Real
2007-07-09 09:36:08 0 d-------- C:\Documents and Settings\Pekka Roulamo\Application Data\Media Player Classic
2007-07-09 09:35:32 0 d-------- C:\Program Files\Combined Community Codec Pack
2007-07-08 20:28:39 0 d-------- C:\Program Files\RapidCheck
2007-07-07 20:50:59 0 d-------- C:\Program Files\Creative
2007-07-07 13:26:30 0 d-------- C:\Documents and Settings\Pekka Roulamo\AppData
2007-07-07 13:22:25 0 d-------- C:\Program Files\Microsoft Games
2007-07-07 10:38:40 0 d-------- C:\Program Files\Ares
2007-07-06 13:36:32 0 d-------- C:\Program Files\Burrrn
2007-07-05 17:49:21 0 d-------- C:\bomberman
2007-07-05 15:47:32 0 d-------- C:\WINDOWS\system32\LogFiles
2007-07-05 13:02:01 0 d-------- C:\Program Files\DC++
2007-07-05 10:13:28 0 d-------- C:\SJK SANTA JUSTA KLAN, CD COMPLETO, CARATULAS, VIDEO
2007-07-05 10:12:49 0 d-------- C:\Fran Perea - La chica de la habitación de al lado - ( 2003) - [EMG]
2007-07-04 14:30:23 0 d-------- C:\SJK.[Santa_Justa_Klan]-D.P.M.-.[2006]-[WwW.DivxTotal.CoM]
2007-07-04 12:58:13 0 d-------- C:\Live.Free.or.Die.Hard.2007.2CD.xvidsubs.com.v1.1
2007-07-03 18:10:41 0 d--h----- C:\WINDOWS\PIF
2007-07-03 18:09:53 0 d-------- C:\SJK.-.Santa.Justa.Klan.2005.MP3.-.GMP3.-.www.GuiaMP3.com
2007-07-02 23:05:27 4182 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys
2007-07-02 23:04:29 0 d-------- C:\Documents and Settings\All Users\Application Data\Corel
2007-07-02 22:54:06 0 d-------- C:\Program Files\ROUTE66
2007-07-02 22:50:38 0 d-------- C:\Program Files\GmRekGTP
2007-07-02 22:50:38 0 d-------- C:\Documents and Settings\All Users\Application Data\Genimap
2007-07-02 22:47:46 0 d-------- C:\Program Files\Euroword2004
2007-07-02 22:47:35 389120 -----n--- C:\WINDOWS\Setup1.exe <Not Verified; Matti Aladin; Visual Basic 6.0 Asennus Suomi>
2007-07-02 22:47:34 73216 --a------ C:\WINDOWS\ST6UNST.EXE <Not Verified; Microsoft Corporation; Microsoft® Visual Basic for Windows>
2007-07-02 15:50:51 0 d-------- C:\Documents and Settings\Pekka Roulamo\Contacts
2007-07-02 15:50:31 0 d-------- C:\Program Files\MSN Messenger
2007-07-02 12:12:48 0 d-------- C:\Program Files\RADVideo
2007-07-02 10:37:16 380928 --a------ C:\WINDOWS\system32\Xpadcpl.dll <Not Verified; TigerGame; >
2007-07-02 10:37:16 49152 --a------ C:\WINDOWS\system32\ffdrv1.dll <Not Verified; TigerGame Ltd.,; Super Usb Force Feedback Joypad>
2007-07-02 10:37:16 12800 --a------ C:\WINDOWS\system32\drivers\Xpad.sys <Not Verified; Beijing WiseGrup.,Ltd (gamepad.yeah.net); Xbox Gamepad USB Driver>
2007-07-02 10:37:15 0 d-------- C:\Program Files\Xbox Controller
2007-07-01 22:39:17 0 d-------- C:\Documents and Settings\All Users\Application Data\TrackMania United
2007-07-01 22:01:48 0 d-------- C:\Program Files\Easy TM
2007-07-01 14:38:40 0 d-------- C:\Documents and Settings\All Users\Application Data\TomTom
2007-07-01 14:37:27 0 d-------- C:\Program Files\TomTom HOME
2007-07-01 14:37:16 0 d-------- C:\Documents and Settings\Pekka Roulamo\Application Data\InstallShield
2007-07-01 13:41:30 0 d-------- C:\kg_new
2007-07-01 07:44:22 457228 --a------ C:\amt1
2007-07-01 07:40:59 520192 --a------ C:\WINDOWS\system32\wscma2u.exe <Not Verified; YAMAHA CORPORATION; WSC-MA2 (UTF-8)>
2007-07-01 07:40:59 278528 --a------ C:\WINDOWS\system32\ammpp.dll
2007-07-01 07:40:59 65536 --a------ C:\WINDOWS\system32\a1.dll
2007-07-01 07:40:58 193536 --a------ C:\WINDOWS\system32\atomid.exe
2007-07-01 07:40:57 0 d-------- C:\Program Files\AnMing
2007-06-29 19:16:49 0 d-------- C:\Program Files\Steam
2007-06-29 12:32:23 0 d-------- C:\Program Files\coverXP
2007-06-29 10:29:12 0 d-------- C:\Documents and Settings\Pekka Roulamo\Application Data\Apple Computer
2007-06-29 10:28:48 1755 --a------ C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
2007-06-29 10:27:33 0 d-------- C:\Program Files\QuickTime
2007-06-29 10:27:27 0 d-------- C:\Program Files\Apple Software Update
2007-06-29 10:27:21 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2007-06-29 10:14:47 0 d-------- C:\Program Files\eMule
2007-06-29 10:11:41 0 d-------- C:\WINDOWS\Sun
2007-06-29 10:11:41 0 d-------- C:\Documents and Settings\Pekka Roulamo\Application Data\Sun
2007-06-29 10:10:43 0 d-------- C:\Program Files\Java
2007-06-29 10:10:00 0 d-------- C:\Program Files\Common Files\Java
2007-06-29 09:23:12 0 d-------- C:\Program Files\URUSoft
2007-06-29 03:00:34 0 d-------- C:\Program Files\MSXML 4.0
2007-06-29 00:03:38 0 d-------- C:\Documents and Settings\Pekka Roulamo\Application Data\dvdcss
2007-06-28 23:49:05 0 d-------- C:\Documents and Settings\Pekka Roulamo\Application Data\Nokia Multimedia Player
2007-06-28 21:24:47 0 d-------- C:\Documents and Settings\Pekka Roulamo\Phone Browser
2007-06-28 21:24:17 0 d-------- C:\Documents and Settings\All Users\Application Data\PC Suite
2007-06-28 21:24:08 0 d-------- C:\Documents and Settings\Pekka Roulamo\Application Data\Nokia
2007-06-28 21:23:54 0 d-------- C:\Program Files\Common Files\PCSuite
2007-06-28 21:23:53 0 d-------- C:\Program Files\Common Files\Nokia
2007-06-28 21:23:48 0 d-------- C:\Program Files\DIFX
2007-06-28 21:23:47 0 d-------- C:\Documents and Settings\Pekka Roulamo\Application Data\PC Suite
2007-06-28 21:23:43 0 d-------- C:\Program Files\PC Connectivity Solution
2007-06-28 21:23:40 0 d------c- C:\WINDOWS\system32\DRVSTORE
2007-06-28 21:23:27 0 d-------- C:\Program Files\Nokia
2007-06-28 21:23:18 0 d-------- C:\Documents and Settings\All Users\Application Data\Installations
2007-06-28 13:32:16 0 d-------- C:\Documents and Settings\Pekka Roulamo\Application Data\Corel
2007-06-28 13:27:28 0 d-------- C:\Program Files\Common Files\Corel
2007-06-28 13:27:07 0 d-------- C:\Program Files\Corel
2007-06-28 11:29:05 0 d-------- C:\Program Files\Electronic Arts
2007-06-28 11:26:02 0 d-------- C:\Documents and Settings\Pekka Roulamo\Application Data\DAEMON Tools Pro
2007-06-28 11:11:35 0 d-------- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro
2007-06-28 11:11:00 0 d-------- C:\Program Files\DAEMON Tools Pro
2007-06-28 11:07:08 685816 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2007-06-28 11:05:52 0 d-------- C:\Program Files\DAMN NFO Viewer
2007-06-27 23:01:49 0 d-------- C:\Documents and Settings\Pekka Roulamo\Application Data\foobar2000
2007-06-27 23:00:58 0 d-------- C:\Program Files\foobar2000
2007-06-27 21:58:27 0 d-------- C:\Program Files\ffdshow
2007-06-27 21:29:21 0 d-------- C:\Documents and Settings\Pekka Roulamo\Application Data\uTorrent
2007-06-27 21:28:13 0 d-------- C:\Documents and Settings\Pekka Roulamo\Application Data\Macromedia
2007-06-27 21:28:10 1277 --a------ C:\WINDOWS\mozver.dat
2007-06-27 21:20:18 0 d-------- C:\WINDOWS\SHELLNEW
2007-06-27 21:13:41 49152 --a------ C:\WINDOWS\system32\ssusbpn.dll <Not Verified; Samsung Electronics; Samsung MFP>
2007-06-27 21:13:41 65536 --a------ C:\WINDOWS\system32\ssdevm.dll <Not Verified; Samsung Electronics; Samsung MFP>
2007-06-27 21:13:30 0 d-------- C:\WINDOWS\Xerox
2007-06-27 21:13:30 82432 --a------ C:\WINDOWS\system32\msxml4r.dll <Not Verified; Microsoft Corporation; Microsoft(R) MSXML 4.0 SP1>
2007-06-27 21:13:30 44544 --a------ C:\WINDOWS\system32\msxml4a.dll <Not Verified; Microsoft Corporation; Microsoft(R) MSXML 4.0 SP1>
2007-06-27 21:13:30 454656 --a------ C:\WINDOWS\ssndii.exe <Not Verified; ; Non-Device INF Installer>
2007-06-27 21:12:07 0 d-------- C:\WINDOWS\system32\drivers\Xerox
2007-06-27 21:10:33 41984 -----n--- C:\WINDOWS\system32\drivers\DGIVECP.SYS <Not Verified; Samsung Electronics Co., Ltd.; Samsung Electronics Co., Ltd. VECP for Windows 2000, XP>
2007-06-27 20:44:39 0 d-------- C:\Program Files\uTorrent
2007-06-27 20:27:27 0 d--hs---- C:\WINDOWS\Installer
2007-06-27 20:27:26 0 d-------- C:\Program Files\Common Files\ODBC
2007-06-27 20:27:24 0 d-------- C:\Program Files\Common Files\SpeechEngines
2007-06-27 20:27:23 0 dr------- C:\Program Files
2007-06-27 20:26:58 0 d--h----- C:\Documents and Settings\Default User\Verkkoympäristö
2007-06-27 20:26:58 0 d-------- C:\Documents and Settings\Default User\Työpöytä
2007-06-27 20:26:58 0 d--h----- C:\Documents and Settings\Default User\Tulostinympäristö
2007-06-27 20:26:58 0 d-------- C:\Documents and Settings\Default User\Suosikit
2007-06-27 20:26:58 0 dr-h----- C:\Documents and Settings\Default User\SendTo
2007-06-27 20:26:58 0 d--h----- C:\Documents and Settings\Default User\Recent
2007-06-27 20:26:58 0 d--h----- C:\Documents and Settings\Default User\Mallit
2007-06-27 20:26:58 0 dr-h----- C:\Documents and Settings\Default User\Local Settings
2007-06-27 20:26:58 0 dr------- C:\Documents and Settings\Default User\Käynnistä-valikko
2007-06-27 20:26:58 0 d---s---- C:\Documents and Settings\Default User\Cookies
2007-06-27 20:26:58 0 d-------- C:\Documents and Settings\All Users\Työpöytä
2007-06-27 20:26:58 0 dr------- C:\Documents and Settings\All Users\Tiedostot
2007-06-27 20:26:58 0 d-------- C:\Documents and Settings\All Users\Suosikit
2007-06-27 20:26:58 0 d--h----- C:\Documents and Settings\All Users\Mallit
2007-06-27 20:26:58 0 dr------- C:\Documents and Settings\All Users\Käynnistä-valikko
2007-06-27 20:26:47 0 d-------- C:\WINDOWS\system32\CatRoot2
2007-06-27 20:26:47 0 d-------- C:\WINDOWS\system32\CatRoot
2007-06-27 20:26:42 0 dr-h----- C:\Documents and Settings\Default User\Application Data
2007-06-27 20:26:42 0 d---s---- C:\Documents and Settings\Default User\Application Data\Microsoft
2007-06-27 20:26:42 0 dr-h----- C:\Documents and Settings\All Users\Application Data
2007-06-27 20:26:42 0 d---s---- C:\Documents and Settings\All Users\Application Data\Microsoft
2007-06-27 20:26:21 0 d--hs---- C:\System Volume Information
2007-06-27 20:26:21 0 d-------- C:\Documents and Settings
2007-06-27 20:20:43 0 d-------- C:\WINDOWS
2007-06-27 20:20:43 0 d-------- C:\WINDOWS\WinSxS
2007-06-27 20:20:43 0 dr------- C:\WINDOWS\Web
2007-06-27 20:20:43 0 d-------- C:\WINDOWS\twain_32
2007-06-27 20:20:43 0 d-------- C:\WINDOWS\system32
2007-06-27 20:20:43 0 d-------- C:\WINDOWS\system32\wins
2007-06-27 20:20:43 0 d-------- C:\WINDOWS\system32\wbem
2007-06-27 20:20:43 0 d-------- C:\WINDOWS\system32\usmt
2007-06-27 20:20:43 0 d-------- C:\WINDOWS\system32\spool
2007-06-27 20:20:43 0 d-------- C:\WINDOWS\system32\ShellExt
2007-06-27 20:20:43 0 d-------- C:\WINDOWS\system32\Setup
2007-06-27 20:20:43 0 d-------- C:\WINDOWS\system32\ras
2007-06-27 20:20:43 0 d-------- C:\WINDOWS\system32\oobe
2007-06-27 20:20:43 0 d-------- C:\WINDOWS\system32\npp
2007-06-27 20:20:43 0 d-------- C:\WINDOWS\system32\mui
2007-06-27 20:20:43 0 d-------- C:\WINDOWS\system32\inetsrv
2007-06-27 20:20:43 0 d-------- C:\WINDOWS\system32\IME
2007-06-27 20:20:43 0 d-------- C:\WINDOWS\system32\icsxml
2007-06-27 20:20:43 0 d-------- C:\WINDOWS\system32\ias
2007-06-27 20:20:43 0 d-------- C:\WINDOWS\system32\export
2007-06-27 20:20:43 0 d-------- C:\WINDOWS\system32\drivers
2007-06-27 20:20:43 0 d-------- C:\WINDOWS\system32\drivers\etc
2007-06-27 20:20:43 0 d-------- C:\WINDOWS\system32\drivers\disdn
2007-06-27 20:20:43 0 dr-hs--c- C:\WINDOWS\system32\dllcache
2007-06-27 20:20:43 0 d-------- C:\WINDOWS\system32\dhcp
2007-06-27 20:20:43 0 d-------- C:\WINDOWS\system32\config
2007-06-27 20:20:43 0 d-------- C:\WINDOWS\system32\3com_dmi
2007-06-27 20:20:43 0 d-------- C:\WINDOWS\system32\3076
2007-06-27 20:20:43 0 d-------- C:\WINDOWS\system32\2052
2007-06-27 20:20:43 0 d-------- C:\WINDOWS\system32\1054
2007-06-27 20:20:43 0 d-------- C:\WINDOWS\system32\1042
2007-06-27 20:20:43 0 d-------- C:\WINDOWS\system32\1041
2007-06-27 20:20:43 0 d-------- C:\WINDOWS\system32\1037
2007-06-27 20:20:43 0 d-------- C:\WINDOWS\system32\1035
2007-06-27 20:20:43 0 d-------- C:\WINDOWS\system32\1033
2007-06-27 20:20:43 0 d-------- C:\WINDOWS\system32\1031
2007-06-27 20:20:43 0 d-------- C:\WINDOWS\system32\1028
2007-06-27 20:20:43 0 d-------- C:\WINDOWS\system32\1025
2007-06-27 20:20:43 0 d-------- C:\WINDOWS\system
2007-06-27 20:20:43 0 d-------- C:\WINDOWS\security
2007-06-27 20:20:43 0 d-------- C:\WINDOWS\Resources
2007-06-27 20:20:43 0 d-------- C:\WINDOWS\repair
2007-06-27 20:20:43 0 d-------- C:\WINDOWS\Provisioning
2007-06-27 20:20:43 0 d-------- C:\WINDOWS\PeerNet
2007-06-27 20:20:43 0 d-------- C:\WINDOWS\pchealth
2007-06-27 20:20:43 0 d-------- C:\WINDOWS\mui
2007-06-27 20:20:43 0 d-------- C:\WINDOWS\msapps
2007-06-27 20:20:43 0 d-------- C:\WINDOWS\msagent
2007-06-27 20:20:43 0 d-------- C:\WINDOWS\Media
2007-06-27 20:20:43 0 d-------- C:\WINDOWS\java
2007-06-27 20:20:43 0 d--h----- C:\WINDOWS\inf
2007-06-27 20:20:43 0 d-------- C:\WINDOWS\ime
2007-06-27 20:20:43 0 d-------- C:\WINDOWS\Help
2007-06-27 20:20:43 0 dr--s---- C:\WINDOWS\Fonts
2007-06-27 20:20:43 0 d-------- C:\WINDOWS\ehome
2007-06-27 20:20:43 0 d-------- C:\WINDOWS\Driver Cache
2007-06-27 20:20:43 0 d-------- C:\WINDOWS\Debug
2007-06-27 20:20:43 0 d-------- C:\WINDOWS\Cursors
2007-06-27 20:20:43 0 d-------- C:\WINDOWS\Connection Wizard
2007-06-27 20:20:43 0 d-------- C:\WINDOWS\Config
2007-06-27 20:20:43 0 d-------- C:\WINDOWS\AppPatch
2007-06-27 20:20:43 0 d-------- C:\WINDOWS\addins
2007-06-27 19:09:24 0 d-------- C:\Documents and Settings\Pekka Roulamo\Application Data\vlc
2007-06-27 19:08:55 0 d-------- C:\Program Files\VideoLAN
2007-06-27 18:21:31 0 d-------- C:\WINDOWS\system32\PreInstall
2007-06-27 18:21:31 0 d-------- C:\Program Files\Common Files\Adobe
2007-06-27 18:21:28 0 d-------- C:\WINDOWS\SxsCaPendDel
2007-06-27 18:19:39 0 --a------ C:\WINDOWS\nsreg.dat
2007-06-27 18:19:38 0 d-------- C:\Documents and Settings\Pekka Roulamo\Application Data\Mozilla
2007-06-27 18:15:49 0 d-------- C:\Documents and Settings\Pekka Roulamo\Application Data\Ahead
2007-06-27 18:14:25 0 d-------- C:\Program Files\Nero
2007-06-27 18:14:25 0 d-------- C:\Program Files\Common Files\Ahead
2007-06-27 18:09:09 0 d-------- C:\Documents and Settings\Pekka Roulamo\Application Data\Adobe
2007-06-27 18:08:54 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe
2007-06-27 18:03:09 298104 --a------ C:\WINDOWS\system32\imon.dll <Not Verified; Eset; NOD32 Antivirus System>
2007-06-27 18:02:02 0 d--h----- C:\WINDOWS\$hf_mig$
2007-06-27 18:01:10 53 --a------ C:\biosinfo
2007-06-27 17:57:00 0 d-------- C:\WINDOWS\nview
2007-06-27 17:56:59 9728 -ra------ C:\WINDOWS\system32\sysinfoX64.sys
2007-06-27 17:56:59 8192 -ra------ C:\WINDOWS\system32\sysinfo.sys
2007-06-27 17:56:59 114688 -ra------ C:\WINDOWS\system32\sysinfo.dll <Not Verified; Crystal Dew World; SysInfo>
2007-06-27 17:56:58 69632 -ra------ C:\WINDOWS\system32\sw24.exe
2007-06-27 17:56:58 208896 -ra------ C:\WINDOWS\system32\sw20.exe <Not Verified; ; sw20 Application>
2007-06-27 17:56:58 1576960 -ra------ C:\WINDOWS\system32\msicpl.dll <Not Verified; MSI; MSI MsiCpl>
2007-06-27 17:51:34 24064 -ra------ C:\WINDOWS\system32\PostProc.dll <Not Verified; Analog Devices, Inc.; SoundMAX coinstaller>
2007-06-27 17:51:34 65536 -ra------ C:\WINDOWS\system32\a3d.dll <Not Verified; Sensaura Ltd; Sensaura>
2007-06-27 17:51:34 765952 -ra------ C:\WINDOWS\system\crlds3d.dll <Not Verified; Sensaura Ltd; Sensaura 3DPA>
2007-06-27 17:51:33 93824 -ra------ C:\WINDOWS\system32\drivers\aeaudio.sys <Not Verified; Andrea Electronics Corporation; Andrea Audio Driver>
2007-06-27 17:51:33 229888 -ra------ C:\WINDOWS\system32\drivers\ADIHdAud.sys <Not Verified; Analog Devices, Inc.; SoundMAX Digital HD Audio Driver>
2007-06-27 17:51:25 53248 -----n--- C:\WINDOWS\system32\wdmioctl.dll <Not Verified; Analog Devices Inc.; Analog Devices Inc. wdmioctl>
2007-06-27 17:51:25 1285632 -----n--- C:\WINDOWS\system32\SMMedia.dll <Not Verified; Analog Devices; SoundMAX Integrated Digital Audio>
2007-06-27 17:51:23 49152 --a------ C:\WINDOWS\system32\DSndUp.exe <Not Verified; Analog Devices Inc.; adi DSndUp>
2007-06-27 17:51:23 45056 -----n--- C:\WINDOWS\system32\CleanUp.exe <Not Verified; adi; adi CleanUp>
2007-06-27 17:51:23 0 d-------- C:\Program Files\Analog Devices
2007-06-27 17:49:33 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-06-27 17:49:33 0 d-------- C:\Program Files\AMD
2007-06-27 17:48:59 0 d-------- C:\WINDOWS\system32\ReinstallBackups
2007-06-27 17:48:39 0 d-------- C:\WINDOWS\NV24842488.TMP
2007-06-27 17:48:11 0 d-------- C:\Program Files\Common Files\InstallShield
2007-06-27 17:47:58 486400 -ra------ C:\WINDOWS\system32\AsusSetup.exe <Not Verified; ASUS; AsusSetup>
2007-06-27 17:47:26 0 d-------- C:\WINDOWS\ASUSInstAll
2007-06-27 17:47:02 5824 --a------ C:\WINDOWS\system32\drivers\ASUSHWIO.SYS
2007-06-27 17:44:40 0 d-------- C:\Documents and Settings\Pekka Roulamo\Application Data\Identities
2007-06-27 17:44:38 0 dr------- C:\Documents and Settings\Pekka Roulamo\Omat tiedostot
2007-06-27 17:44:34 0 d--h----- C:\Documents and Settings\Pekka Roulamo\Verkkoympäristö
2007-06-27 17:44:34 0 d-------- C:\Documents and Settings\Pekka Roulamo\Työpöytä
2007-06-27 17:44:34 0 d--h----- C:\Documents and Settings\Pekka Roulamo\Tulostinympäristö
2007-06-27 17:44:34 0 dr------- C:\Documents and Settings\Pekka Roulamo\Suosikit
2007-06-27 17:44:34 0 dr-h----- C:\Documents and Settings\Pekka Roulamo\SendTo
2007-06-27 17:44:34 3670016 --ah----- C:\Documents and Settings\Pekka Roulamo\NTUSER.DAT
2007-06-27 17:44:34 0 d--h----- C:\Documents and Settings\Pekka Roulamo\Mallit
2007-06-27 17:44:34 0 d--h----- C:\Documents and Settings\Pekka Roulamo\Local Settings
2007-06-27 17:44:34 0 dr------- C:\Documents and Settings\Pekka Roulamo\Käynnistä-valikko
2007-06-27 17:44:34 0 d---s---- C:\Documents and Settings\Pekka Roulamo\Cookies
2007-06-27 17:44:34 0 dr-h----- C:\Documents and Settings\Pekka Roulamo\Application Data
2007-06-27 17:44:15 0 d-------- C:\WINDOWS\system32\SoftwareDistribution
2007-06-27 17:43:25 0 d-------- C:\WINDOWS\SoftwareDistribution
2007-06-27 17:43:14 0 d-------- C:\WINDOWS\Prefetch
2007-06-27 17:43:13 0 d---s---- C:\WINDOWS\system32\Microsoft
2007-06-27 17:43:13 229376 --ah----- C:\Documents and Settings\LocalService\NTUSER.DAT
2007-06-27 17:43:13 0 d--h----- C:\Documents and Settings\LocalService\Local Settings
2007-06-27 17:43:13 0 d---s---- C:\Documents and Settings\LocalService\Cookies
2007-06-27 17:43:13 0 d-------- C:\Documents and Settings\LocalService\Application Data
2007-06-27 17:43:13 0 d---s---- C:\Documents and Settings\LocalService\Application Data\Microsoft
2007-06-27 17:39:40 229376 --ah----- C:\Documents and Settings\NetworkService\NTUSER.DAT
2007-06-27 17:39:40 0 d--h----- C:\Documents and Settings\NetworkService\Local Settings
2007-06-27 17:39:40 0 d---s---- C:\Documents and Settings\NetworkService\Cookies
2007-06-27 17:39:40 0 d-------- C:\Documents and Settings\NetworkService\Application Data
2007-06-27 17:39:40 0 d---s---- C:\Documents and Settings\NetworkService\Application Data\Microsoft
2007-06-27 17:37:04 0 d-------- C:\WINDOWS\system32\xircom
2007-06-27 17:37:04 0 d-------- C:\Program Files\microsoft frontpage
2007-06-27 17:36:54 229376 ---h----- C:\Documents and Settings\Default User\NTUSER.DAT
2007-06-27 17:36:48 0 -rahs---- C:\MSDOS.SYS
2007-06-27 17:36:48 0 -rahs---- C:\IO.SYS
2007-06-27 17:36:48 0 --a------ C:\CONFIG.SYS
2007-06-27 17:36:48 0 --a------ C:\AUTOEXEC.BAT
2007-06-27 17:36:10 0 d--hs---- C:\Documents and Settings\All Users\DRM
2007-06-27 17:36:04 0 dr------- C:\WINDOWS\Offline Web Pages
2007-06-27 17:36:04 0 d---s---- C:\WINDOWS\Downloaded Program Files
2007-06-27 17:35:57 0 d--h----- C:\Program Files\WindowsUpdate
2007-06-27 17:35:54 0 d-------- C:\Program Files\Online Services
2007-06-27 17:35:39 0 d-------- C:\WINDOWS\system32\DirectX
2007-06-27 17:35:00 0 d---s---- C:\WINDOWS\Tasks
2007-06-27 17:34:59 0 d-------- C:\Program Files\Common Files\MSSoap
2007-06-27 17:34:54 0 d-------- C:\WINDOWS\system32\Macromed
2007-06-27 17:34:54 0 d-------- C:\WINDOWS\srchasst
2007-06-27 17:34:44 0 d-------- C:\Program Files\Movie Maker
2007-06-27 17:34:33 0 d-------- C:\WINDOWS\system32\Restore
2007-06-27 17:33:57 21672 --a------ C:\WINDOWS\system32\emptyregdb.dat
2007-06-27 17:33:46 0 d-------- C:\WINDOWS\Registration
2007-06-27 17:33:36 0 d-------- C:\Program Files\Messenger
2007-06-27 17:33:32 0 d-------- C:\Program Files\MSN Gaming Zone
2007-06-27 17:32:59 0 d-------- C:\Program Files\Windows NT
2007-06-27 17:32:56 0 d-------- C:\WINDOWS\system32\MsDtc
2007-06-27 17:32:54 0 d-------- C:\WINDOWS\system32\Com


-- Find3M Report ---------------------------------------------------------------

2007-07-12 09:54:44 343760 --a------ C:\WINDOWS\system32\perfh00B.dat
2007-07-12 09:54:44 58976 --a------ C:\WINDOWS\system32\perfc00B.dat
2007-06-27 20:26:58 62 --ahs---- C:\Documents and Settings\Pekka Roulamo\Application Data\desktop.ini


-- Registry Dump ---------------------------------------------------------------

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"SoundMAXPnP"="C:\\Program Files\\Analog Devices\\Core\\smax4pnp.exe"
"SoundMAX"="\"C:\\Program Files\\Analog Devices\\SoundMAX\\Smax4.exe\" /tray"
"nwiz"="nwiz.exe /install"
"nod32kui"="\"C:\\Program Files\\Eset\\nod32kui.exe\" /WAITSERVICE"
"NeroFilterCheck"="C:\\Program Files\\Common Files\\Ahead\\Lib\\NeroCheck.exe"
"Adobe Reader Speed Launcher"="\"C:\\Program Files\\Adobe\\Reader 8.0\\Reader\\Reader_sl.exe\""
"UnlockerAssistant"="\"C:\\Program Files\\Unlocker\\UnlockerAssistant.exe\""
"CorelDRAW Graphics Suite 11b"="C:\\Program Files\\Corel\\Corel Graphics 12\\Languages\\EN\\Programs\\Registration.exe /title=\"CorelDRAW Graphics Suite 12\" /date=072807 serial=DR12WEX-1504397-KTY lang=EN"
"PCSuiteTrayApplication"="C:\\Program Files\\Nokia\\Nokia PC Suite 6\\LaunchApplication.exe -startup"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.6.0_01\\bin\\jusched.exe\""
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"TomTomHOME.exe"="\"C:\\Program Files\\TomTom HOME\\TomTomHOME.exe\" -s"
"Easy TM"="C:\\Program Files\\Easy TM\\EasyTM.exe /min"
"TkBellExe"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"
"ISUSPM Startup"="C:\\PROGRA~1\\COMMON~1\\INSTAL~1\\UPDATE~1\\ISUSPM.exe -startup"
"ISUSScheduler"="\"C:\\Program Files\\Common Files\\InstallShield\\UpdateService\\issch.exe\" -start"
"WinampAgent"="C:\\Program Files\\Winamp\\winampa.exe"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="\"C:\\Program Files\\Common Files\\Ahead\\Lib\\NMBgMonitor.exe\""
"DAEMON Tools Pro Agent"="\"C:\\Program Files\\DAEMON Tools Pro\\DTProAgent.exe\""
"Steam"="\"C:\\Program Files\\Steam\\Steam.exe\" -silent"
"MsnMsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background"
"Creative Detector"="\"C:\\Program Files\\Creative\\MediaSource\\Detector\\CTDetect.exe\" /R"

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"
"Nokia.PCSync"="C:\\Program Files\\Nokia\\Nokia PC Suite 6\\PcSync2.exe /NoDialog"

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa
Authentication Packages REG_MULTI_SZ msv1_0\0\0
Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0wdigest\0\0
Notification Packages REG_MULTI_SZ scecli\0\0


[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0

*newlycreated* - HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\LEGACY_F-SECURE_STANDALONE_MINIFILTER


-- End of Deckard's System Scanner: finished at 2007-07-15 at 09:58:19 ---------


Extra.txt

Deckard's System Scanner v20070711.54
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: Other (040B) - see http://preview.tinyurl.com/mhhp6

CPU 0: AMD Athlon(tm) 64 X2 Dual Core Processor 4200+
CPU 1: AMD Athlon(tm) 64 X2 Dual Core Processor 4200+
Percentage of Memory in Use: 36%
Physical Memory (total/avail): 1534.48 MiB / 970.85 MiB
Pagefile Memory (total/avail): 3430.37 MiB / 3133.55 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1930.03 MiB

A: is Removable (Unformatted)
C: is Fixed (NTFS) - 244.14 GiB total, 155.61 GiB free.
D: is Fixed (FAT32) - 97.64 GiB total, 11.74 GiB free.
E: is Fixed (FAT32) - 97.64 GiB total, 12.42 GiB free.
F: is Fixed (FAT32) - 84.13 GiB total, 2.24 GiB free.
G: is Fixed (NTFS) - 221.62 GiB total, 175.35 GiB free.
H: is Removable (No Media)
I: is CDROM (No Media)
J: is Removable (No Media)
K: is Removable (No Media)
L: is Removable (No Media)
M: is CDROM (UDF)
N: is Removable (FAT)


-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.

FirstRunDisabled is set.

AV: ESET NOD32 antivirus system 2.70 v2.70 (ESET, spol. s r.o.)

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabledxpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabledxpsp2res.dll,-22019"
"C:\\Program Files\\uTorrent\\utorrent.exe"="C:\\Program Files\\uTorrent\\utorrent.exe:*:Enabled:µTorrent"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Messenger"


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Pekka Roulamo\Application Data
CLASSPATH=.;C:\Program Files\Java\jre1.6.0_01\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=PEKKA-CB0DE5ABA
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Pekka Roulamo
LOGONSERVER=\\PEKKA-CB0DE5ABA
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\Program Files\PC Connectivity Solution\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 75 Stepping 2, AuthenticAMD
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=4b02
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.6.0_01\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\PEKKAR~1\LOCALS~1\Temp
TMP=C:\DOCUME~1\PEKKAR~1\LOCALS~1\Temp
USERDOMAIN=PEKKA-CB0DE5ABA
USERNAME=Pekka Roulamo
USERPROFILE=C:\Documents and Settings\Pekka Roulamo
windir=C:\WINDOWS
__COMPAT_LAYER=EnableNXShowUI


-- User Profiles ---------------------------------------------------------------

Pekka Roulamo (admin)


-- Add/Remove Programs ---------------------------------------------------------

--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
--> C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
--> C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
--> C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
--> C:\WINDOWS\UNNeroVision.exe /UNINSTALL
--> C:\WINDOWS\UNRecode.exe /UNINSTALL
--> MsiExec.exe /X{7B4AB13C-1A5C-4BC5-ABA6-762F8198444C}
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0B095086-7205-4D48-90DF-DCD16613C6D4}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0B095086-7205-4D48-90DF-DCD16613C6D4}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{103BCDA0-E063-46AC-8028-64E78722ABA7}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{103BCDA0-E063-46AC-8028-64E78722ABA7}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2616B36E-38CE-4357-8AB5-8B3EE9B1C117}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2616B36E-38CE-4357-8AB5-8B3EE9B1C117}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4095E277-3005-42E9-8D84-DE6EB8704CEC}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4095E277-3005-42E9-8D84-DE6EB8704CEC}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4F2F3E0C-2025-4F5E-9583-AB8CD5AA88A6}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4F2F3E0C-2025-4F5E-9583-AB8CD5AA88A6}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{57FA4E0F-82C9-417D-87BC-0186D6CB7A44}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{66BCC50C-22D9-4927-9251-27FA88A32214}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{66BCC50C-22D9-4927-9251-27FA88A32214}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7550D6AA-CCF3-4FDA-87D6-C2C1B2E5358D}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7550D6AA-CCF3-4FDA-87D6-C2C1B2E5358D}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{98181885-5B28-4280-9B56-452FF877D5B9}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{98181885-5B28-4280-9B56-452FF877D5B9}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9AB14DF5-3B04-4E3B-9969-695DBA7F2008}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9AB14DF5-3B04-4E3B-9969-695DBA7F2008}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A82F10CB-18B5-4EAC-AEF2-FA49CD565626}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D42EFA6C-0553-45F7-AD03-6D36207CA6D4}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D42EFA6C-0553-45F7-AD03-6D36207CA6D4}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DD2D9012-E5A1-4717-8EE9-8DB3F36E2F8C}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DD2D9012-E5A1-4717-8EE9-8DB3F36E2F8C}\setup.exe" -l0x9 /remove
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
µTorrent --> "C:\Program Files\uTorrent\uninstall.exe"
688(I) Hunter-Killer --> "C:\PacSteam\steam.exe" steam://uninstall/2900
Adobe Reader 8.1.0 - Suomi --> MsiExec.exe /I{AC76BA86-7AD7-1035-7B44-A81000000003}
Advent Rising --> "C:\PacSteam\steam.exe" steam://uninstall/3800
AGEIA PhysX v2.6.0 --> MsiExec.exe /X{582876EC-A178-44D4-9823-C10D6C62EAFF}
AlexWarp --> C:\WINDOWS\system32\javaws.exe -uninstall -prompt "http://www.alexrosen.net/warp/alexwarp.jnlp"
Ancient Wars: Sparta --> "C:\PacSteam\steam.exe" steam://uninstall/8010
Apple Software Update --> MsiExec.exe /I{A260B422-70E1-41E2-957D-F76FA21266D5}
Ares 2.0.9 --> "C:\Program Files\Ares\uninstall.exe"
Arx Fatalis --> "C:\PacSteam\steam.exe" steam://uninstall/1700
Athlon 64 Processor Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe" -l0xb
Battlestations: Midway --> "C:\PacSteam\steam.exe" steam://uninstall/6870
Bejeweled 2 Deluxe --> "C:\Program Files\Steam\steam.exe" steam://uninstall/3300
Bejeweled Deluxe --> "C:\Program Files\Steam\steam.exe" steam://uninstall/3350
Bink and Smacker --> C:\PROGRA~1\RADVideo\UNWISE.EXE C:\PROGRA~1\RADVideo\INSTALL.LOG
BloodRayne --> "C:\Program Files\Steam\steam.exe" steam://uninstall/3810
BookWorm Deluxe --> "C:\PacSteam\steam.exe" steam://uninstall/3370
BugOff 1.10 --> N:\Ohjelmat\Valvonta ja systeemin kunnossa pito\BugOff.exe /uninstall
CCleaner (remove only) --> "N:\Ohjelmat\Valvonta ja systeemin kunnossa pito\CCleaner\uninst.exe"
CDisplay 1.8 --> "C:\Program Files\CDisplay\unins000.exe"
Combined Community Codec Pack 2007-02-22 --> "C:\Program Files\Combined Community Codec Pack\unins000.exe"
Condition Zero Deleted Scenes --> "C:\Program Files\Steam\steam.exe" steam://uninstall/100
Corel Paint Shop Pro Photo XI --> MsiExec.exe /I{E1C7EF5E-3A7B-4ED4-A48B-F70F1B36EAB4}
CorelDRAW Graphics Suite 12 --> MsiExec.exe /I{505AFDC0-5E72-4928-8368-5DEA385E3647}
CorelDRAW Graphics Suite X3 --> C:\Program Files\Corel\CorelDRAW Graphics Suite 13\Programs\MSILauncher {63218538-4A69-497F-8455-904261B0E9E4} C:\DOCUME~1\PEKKAR~1\LOCALS~1\Temp\CGSX3.log
CorelDRAW Graphics Suite X3 --> MsiExec.exe /I{63218538-4A69-497F-8455-904261B0E9E4}
coverXP (remove only) --> "C:\Program Files\coverXP\cxp-uninst.exe"
CrackBuster Public Beta 1.3 --> "C:\Program Files\CrackBuster\unins000.exe"
Craggle v1.91 --> C:\Program Files\Craggle\Uninstall Craggle.exe
Creative MediaSource --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2E0C1913-886B-4C5C-8DAF-D1E649CE5FCC}\SETUP.EXE" -l0x9 /remove
Creative Removable Disk Manager --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{57FA4E0F-82C9-417D-87BC-0186D6CB7A44}\setup.exe" -l0x9 /remove
Creative System Information --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x9 /remove
Creative Zen Vision M --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DC3065BF-95B4-42C5-B47D-0B713CDA75D0}\SETUP.EXE" -l0x9 /remove
DANCE!ONLINE --> C:\Program Files\InstallShield Installation Information\{AFE7023B-FADC-4D91-AC95-BFC214060F3E}\setup.exe -runfromtemp -l0x0009
Darwinia --> "C:\PacSteam\steam.exe" steam://uninstall/1500
DC++ 0.699 --> "C:\Program Files\DC++\uninstall.exe"
Defcon --> "C:\Program Files\Steam\steam.exe" steam://uninstall/1520
Dr. Lunatic Supreme With Cheese v7.31 --> n:\pelejä\Supreme\unins000.exe
Dreamfall: The Longest Journey --> "C:\PacSteam\steam.exe" steam://uninstall/6300
Easy TM 2.4.4 --> C:\Program Files\Easy TM\uninst.exe
Eets --> "C:\Program Files\Steam\steam.exe" steam://uninstall/6100
eMule --> "C:\Program Files\eMule\Uninstall.exe"
EN --> MsiExec.exe /I{32A72502-BC2C-4C39-ACEA-BC3D463F0697}
Euroword 2004 Pro --> C:\WINDOWS\st6unst.exe -n "C:\Program Files\Euroword2004\ST6UNST.LOG"
ffdshow [rev 610] [2006-12-01] --> "C:\Program Files\ffdshow\unins000.exe"
FontNav --> MsiExec.exe /I{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}
foobar2000 v0.9.4.3 --> "C:\Program Files\foobar2000\uninstall.exe"
Full Pipe --> "C:\PacSteam\steam.exe" steam://uninstall/4600
GT Reittikartta Suomi Plus --> MsiExec.exe /I{A6E958B1-976E-4B77-84B9-B650437ED930}
GTI Racing --> "C:\Program Files\Steam\steam.exe" steam://uninstall/3000
Harry Potter ja Feeniksin kilta™ --> C:\Program Files\Electronic Arts\Harry Potter ja Feeniksin kilta\EAUninstall.exe
Heavy Weapon Deluxe --> "C:\Program Files\Steam\steam.exe" steam://uninstall/3410
High Definition Audio Driver Package - KB888111 --> C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe
HijackThis 2.0.2 --> "N:\Ohjelmat\Valvonta ja systeemin kunnossa pito\HijackThis\HijackThis.exe" /uninstall
Jagged Alliance 2 --> "C:\Program Files\Steam\steam.exe" steam://uninstall/1620
Java(TM) SE Runtime Environment 6 Update 1 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
LimeWire PRO 4.12.11 --> "C:\Program Files\LimeWire\uninstall.exe"
LIVE gaming on Windows Runtime Version 1.0.6027 --> MsiExec.exe /X{839916F4-D8B5-4407-BE6D-6D4EB9D96AF4}
Magic ISO Maker v5.3 (build 0216) --> C:\PROGRA~1\MagicISO\UNWISE.EXE C:\PROGRA~1\MagicISO\INSTALL.LOG
MicroBest Cracklock 3.8.4 --> "C:\Program Files\Cracklock\unins000.exe"
Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{9011040B-6000-11D3-8CFE-0150048383C9}
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mozilla Firefox (2.0.0.4) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MP3 To Ringtone Gold 3.26 --> "C:\Program Files\AnMing\unins000.exe"
Nero 7 Ultra Edition --> MsiExec.exe /I{2F351A97-7BAC-4045-80A4-3527805E1035}
NOD32 antivirus system --> C:\Program Files\Eset\Setup\setup.exe /UNINSTALL
NOD32 FiX v2.1 --> "C:\Program Files\Eset\unins000.exe"
Nokia Connectivity Cable Driver --> MsiExec.exe /X{972B1D9B-0EAD-49E8-B7D6-3B83FD5665B1}
Nokia PC Suite --> C:\Documents and Settings\All Users\Application Data\Installations\{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}\Nokia_PC_Suite_683_rel_14_1_fin_web.exe /LANG="1035"
Nokia PC Suite --> MsiExec.exe /I{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}
NVIDIA Drivers --> C:\WINDOWS\system32\nvudisp.exe UninstallGUI
oo2-soikko-Windows-1.1.2 --> N:\Ohjelmat\Kirjottaminen\oo2-soikko-Windows-1.1.2\Uninstall-oo2-soikko-Windows-1.1.2.exe
OpenOffice.org 2.2 Language Pack (suomi) --> MsiExec.exe /I{DA237C16-62E5-4BB0-A5A3-87CD34B62460}
Outrun2006 Coast 2 Coast --> "C:\Program Files\Steam\steam.exe" steam://uninstall/4730
PacSteam --> C:\PacSteam\PacSteam-Uninstall.exe
Painkiller Gold Edition --> "C:\Program Files\Steam\steam.exe" steam://uninstall/3200
PC Connectivity Solution --> MsiExec.exe /I{066D65EA-ED53-44E4-A96A-F81B6E409D2E}
Poker Superstars II --> "C:\Program Files\Steam\steam.exe" steam://uninstall/4100
Pro Pilkki 2 --> "C:\Program Files\ProPilkki2\uninstall.exe"
Psychonauts --> "C:\Program Files\Steam\steam.exe" steam://uninstall/3830
Päivitys Windows XP:lle (KB894391) --> "C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
Päivitys Windows XP:lle (KB898461) --> "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Päivitys Windows XP:lle (KB900485) --> "C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
Päivitys Windows XP:lle (KB908531) --> "C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
Päivitys Windows XP:lle (KB910437) --> "C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
Päivitys Windows XP:lle (KB911280) --> "C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
Päivitys Windows XP:lle (KB916595) --> "C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
Päivitys Windows XP:lle (KB920872) --> "C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
Päivitys Windows XP:lle (KB922582) --> "C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
Päivitys Windows XP:lle (KB927891) --> "C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe"
Päivitys Windows XP:lle (KB930916) --> "C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe"
Päivitys Windows XP:lle (KB931836) --> "C:\WINDOWS\$NtUninstallKB931836$\spuninst\spuninst.exe"
QuickTime --> MsiExec.exe /I{08094E03-AFE4-4853-9D31-6D0743DF5328}
RapidCheck v0.5 --> "C:\Program Files\RapidCheck\unins000.exe"
RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
RIP 3 - The Last Hero --> "C:\PacSteam\steam.exe" steam://uninstall/2550
RoboBlitz --> "C:\Program Files\Steam\steam.exe" steam://uninstall/4300
ROUTE 66 Route Eurooppa 2005 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9443D8A5-0CC2-43E2-9C30-76D17BCD7FAB}\setup.exe" -l0xb
Shadowgrounds --> "C:\Program Files\Steam\steam.exe" steam://uninstall/2500
Shadowrun --> C:\Program Files\InstallShield Installation Information\{8B3B9003-D3E5-45E3-8CCE-CDDDB111F42D}\setup.exe -runfromtemp -l0x0409
SmartFTP Client --> MsiExec.exe /I{C169D3BB-9A27-43F5-9979-09A0D65FE95C}
SoundMAX --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\setup.exe" -l0xb -removeonly
Steam --> MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
Subtitle Workshop 2.51 --> "C:\Program Files\URUSoft\Subtitle Workshop\uninstall.exe"
Suojauspäivitys ohjelmistolle Windows XP (KB923689) --> "C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB893756) --> "C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB896358) --> "C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB896423) --> "C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB896428) --> "C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB899587) --> "C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB899591) --> "C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB900725) --> "C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB901017) --> "C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB901214) --> "C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB902400) --> "C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB904706) --> "C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB905414) --> "C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB905749) --> "C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB908519) --> "C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB911562) --> "C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB911927) --> "C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB913580) --> "C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB914388) --> "C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB914389) --> "C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB917344) --> "C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB917953) --> "C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB918118) --> "C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB918439) --> "C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB919007) --> "C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB920213) --> "C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB920670) --> "C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB920683) --> "C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB920685) --> "C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB922819) --> "C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB923191) --> "C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB923414) --> "C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB923789) --> C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Suojauspäivitys Windows XP:lle (KB923980) --> "C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB924191) --> "C:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB924270) --> "C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB924496) --> "C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB924667) --> "C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB925902) --> "C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB926255) --> "C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB926436) --> "C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB927779) --> "C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB927802) --> "C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB928255) --> "C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB928843) --> "C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB929123) --> "C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB929969) --> "C:\WINDOWS\$NtUninstallKB929969$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB930178) --> "C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB931261) --> "C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB931784) --> "C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB932168) --> "C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB933566) --> "C:\WINDOWS\$NtUninstallKB933566$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB935839) --> "C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB935840) --> "C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe"
Supreme With Cheese Demo --> "N:\Pelejä\Dr. Lunatic Suprme With Cheese\unins000.exe"
TigerGame Xbox to USB Controller Version 2.01 --> C:\PROGRA~1\XBOXCO~1\UNWISE.EXE C:\PROGRA~1\XBOXCO~1\INSTALL.LOG
TomTom HOME --> C:\Program Files\InstallShield Installation Information\{CE325D55-FCAF-4273-BB79-069BB8747270}\setup.exe -runfromtemp -l0x000b -removeonly -removeonly
Top Spin 2 --> "C:\Program Files\Steam\steam.exe" steam://uninstall/7810
TrackMania United --> "C:\Program Files\Steam\steam.exe" steam://uninstall/7200
Turbo Sliders (remove only) --> "N:\Pelejä\Turbo Sliders\uninstall.exe"
Unlocker 1.8.5 --> C:\Program Files\Unlocker\uninst.exe
Update Manager --> MsiExec.exe /I{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}
VBA --> MsiExec.exe /I{C94E45B0-6AA6-4FB9-9AAE-22085F631880}
VideoLAN VLC media player 0.8.6c --> C:\Program Files\VideoLAN\VLC\uninstall.exe
Vigil - Blood Bitterness --> "C:\Program Files\Steam\steam.exe" steam://uninstall/2570
Winamp (remove only) --> "C:\Program Files\Winamp\UninstWA.exe"
Windows Driver Package - Nokia (WUDFRd) WPD (03/19/2007 6.83.31.1) --> C:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccswpddri_039E7E24575DBAE6A389611AF28F4EB97729D33E\pccswpddriver.inf
Windows Driver Package - Nokia Modem (02/15/2007 3.1) --> C:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccs_bluet_8B37DC72918CCD58A6EC20373AF6242B037A293B\pccs_bluetooth.inf
Windows Live Messenger --> MsiExec.exe /I{DF6FEB75-A0D1-44E5-A754-0072D4967734}
Windowsin ohjainpaketti - Nokia Modem (11/03/2006 6.82.0.1) --> C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_4EFFAAE27A08EDFDE145390033D8EF099DA65567\nokbtmdm.inf
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
X-COM: Terror from the Deep --> "C:\PacSteam\steam.exe" steam://uninstall/7650
X2: The Threat --> "C:\Program Files\Steam\steam.exe" steam://uninstall/2800
Xerox Phaser 6110 --> C:\Program Files\Xerox\Xerox Phaser 6110\Install\Setup.exe /R
XviD4PSP by Winnydows --> C:\Program Files\Winnydows\XviD4PSP\Uninstall.exe


-- End of Deckard's System Scanner: finished at 2007-07-15 at 09:58:19 ---------

 

HijackThis raportti

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:04:04, on 15.7.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\Protexis\License Service\PSIService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\TomTom HOME\TomTomHOME.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\DAEMON Tools Pro\DTProAgent.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
G:\Magic ISO Maker v5.3 + Keygen\Setup.exe
C:\DOCUME~1\PEKKAR~1\LOCALS~1\Temp\ir_ext_temp_0\autorun.exe
C:\WINDOWS\explorer.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
N:\Ohjelmat\Valvonta ja systeemin kunnossa pito\HijackThis\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [CorelDRAW Graphics Suite 11b] C:\Program Files\Corel\Corel Graphics 12\Languages\EN\Programs\Registration.exe /title="CorelDRAW Graphics Suite 12" /date=072807 serial=DR12WEX-1504397-KTY lang=EN
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s
O4 - HKLM\..\Run: [Easy TM] C:\Program Files\Easy TM\EasyTM.exe /min
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe"
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Paikallinen palve')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Verkkopalve')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - http://support.f-secure.com/ols/fscax.cab
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Program Files\Common Files\Protexis\License Service\PSIService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 6426 bytes

 

Kuten näät kannattaa noitten kräkkejen kaa olla aika varovainen ja delotoida ne

Pysy puhtaana

-> Tyhjennä järjestelmänpalautus Ohjeet
Tyhjennä järjestelmänpalautuskansio ja luo uusi palautuspiste. Tämä puhdistaa palautuskansion mahdollisista haittaohjelmajäännöksistä.

-> Käytä CCleaneria -> CCleaner
Lataa ja asenna CCleaner. Puhdista väliaikaistiedostot ja -kansiot ohjelmalla säännöllisesti.

-> Asenna SpywareBlaster -> SpywareBlaster
SpywareBlaster estää haittaohjelmia asentumasta koneellesi. Ei kuluta muistia!
Opas saatavilla suomeksi! Nimimerkki Ad-Awaren opas

-> Asenna MVPS Hosts tiedosto -> MVPS Hosts
Estää koneesi yhteyden haitallisiin sivustoihin.
Opas saatavilla suomeksi! Nimimerkki Axelin opas

-> Vaihda selaimesi Firefoxiin -> Firefox
Firefox on nopeampi, turvallisempi ja parempi selain kuin Internet Explorer.

-> Pidä järjestelmäsi ajantasalla. -> Windows Update
Vieraile Windows Updatessa säännöllisesti.

-> Pidä palomuuri ja virustorjunta ajantasalla
Päivitä ja skannaa koneesi säännöllisesti virustorjuntaohjelmallasi.
ja hyvä myös escan http://koti.mbnet.fi/pattaya1/escanmwav.htm

->Pidä ohjelmistosi ajantasalla. -> Secunia Software Inspector
Secunia Software Inspector tutkii sinun järjestälmäsi ja ohjelmistosi puuttuvien turvallisuuspäivityksien osalta. Tavallinen tutkinta kestää normaalisti 5-40 sekuntia, kun läpikotainen (thorough system inspection) voi kestää useita minuutteja.

->Seuraa säännöllisesti viestintäviraston tietoja uusista haavoittuvuuksista -> CERT-FI

Jos tulevaisuudessa tulee haittaohjelmien kanssa ongelmia, älä epäröi laittaa Hijackthis-logia tarkistettavaksi!