Tietokone ruvennu sekoilee ihan hirveesti eikä meinaa aina sammua. Nuo tehtävä palkit hyppii välilla ja muutkin kuvakkeet samoin. Esim. tuo kello katoaa välillä tuolta alaalta ja näin käy välillä: Mutta tässä olisi siis tuo Hjt loki. Logfile of HijackThis v1.99.1 Scan saved at 16:18:50, on 12.8.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\windows\system\hpsysdrv.exe C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\ALCXMNTR.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\DOCUME~1\Omistaja\OMATTI~1\HANNAN~1\SONICS~1\SsAAD.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe H:\Valve\Steam\Steam.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEE.EXE C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe C:\APPS\DataSecure\PBBckupUI.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\WINDOWS\system32\svchost.exe C:\hjt\Scanner.exe.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cus...aults/sb/*http://www.yahoo.com/search/ie.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ycomp_wave/defaults/sp/*http://www.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mtv3.fi/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://koti.saunalahti.fi R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ycomp_wave/defaults/su/*http://www.yahoo.com R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: HP-näkymä - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpdtlk02.dll O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_19_0.dll (file missing) O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r O4 - HKLM\..\Run: [Home Theater SchSvr] "C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe" O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [EPSON Stylus DX4200 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEE.EXE /P26 "EPSON Stylus DX4200 Series" /O6 "USB001" /M "Stylus DX4200" O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [SsAAD.exe] C:\DOCUME~1\Omistaja\OMATTI~1\HANNAN~1\SONICS~1\SsAAD.exe O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKCU\..\Run: [BackupNotify] c:\Program Files\Hewlett-Packard\Digital Imaging\bin\backupnotify.exe O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook O4 - HKCU\..\Run: [Steam] "H:\Valve\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [SsAAD.exe] I:\ALEKSI~1\SsAAD.exe O4 - HKCU\..\Run: [EPSON Stylus DX4200 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEE.EXE /P26 "EPSON Stylus DX4200 Series" /M "Stylus DX4200" /EF "HKCU" O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe" O4 - HKCU\..\Run: [Gadwin PrintScreen 3.5] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash O4 - HKCU\..\Run: [Data Secure] C:\APPS\DataSecure\PBBckupUI.exe /HIDDEN O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O14 - IERESET.INF: START_PAGE_URL=http://koti.saunalahti.fi O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F98} - http://www.miniclip.com/puzzlepirates/miniclipGameLoader.dll O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_44.cab O16 - DPF: {48884C41-EFAC-433D-958A-9FADAC41408E} (EGamesPlugin Class) - https://www.e-games.com.my/com/EGamesPlugin.cab O16 - DPF: {5BDBD95C-1E7F-4FB1-8497-20AF879F8B68} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/fi/filesharingctrl.cab O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1158248595500 O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - http://launch.gamespyarcade.com/software/launch/alaunch.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~2\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~2\MSGRAP~1.DLL O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FileZilla Server FTP server (FileZilla Server) - Unknown owner - h:\Program Files\FileZilla Server\FileZilla Server.exe (file missing) O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Imapi Helper - Alex Feinman - C:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS (file missing) O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
Eli sulla on kaks antivirus ohjelmaa.. avg7 ja avira antivir.. poista toinen ====== Lataa Deckard's System Scanner Työpöydällesi. Huomioi: Sinulla tulee olla Järjestelmänvalvojan oikeudet ajaaksesi ohjelman. [*]Sulje kaikki avoimet ikkunat ja ohjelmat. [*]Tupla Klikkaa Dss.exe tiedostoa ajaaksesi ohjelman, seuraa ohjeita. [*]Kun Scannaus on valmis 2 textitiedostoa pitäisi avautua, Main.txt ja extra.txt [*]Näppäile Kopioi ( CTRL+A -> CTRL + C ) ja liitä ( CTRL + V ) [*]kopioi ja liitä Extra.txt & Main.txt sisältö seuraavaan vastaukseesi.
main Deckard's System Scanner v20070809.63 Run by Omistaja on 2007-08-12 at 19:04:48 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- System Restore -------------------------------------------------------------- Successfully created a Deckard's System Scanner Restore Point. -- Last 5 Restore Point(s) -- 43: 2007-08-12 17:05:26 UTC - RP646 - Deckard's System Scanner Restore Point 42: 2007-08-12 13:59:15 UTC - RP645 - Spybot-S&D Spyware removal 41: 2007-08-11 17:00:49 UTC - RP644 - Järjestelmän tarkistuspiste 40: 2007-08-09 16:53:44 UTC - RP643 - Järjestelmän tarkistuspiste 39: 2007-08-07 12:05:46 UTC - RP642 - Järjestelmän tarkistuspiste -- First Restore Point -- 1: 2007-05-12 07:51:52 UTC - RP604 - Spybot-S&D Spyware removal Backed up registry hives. Performed disk cleanup. -- HijackThis (run as Omistaja.exe) -------------------------------------------- Logfile of HijackThis v1.99.1 Scan saved at 19:08:00, on 12.8.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\windows\system\hpsysdrv.exe C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\ALCXMNTR.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\DOCUME~1\Omistaja\OMATTI~1\HANNAN~1\SONICS~1\SsAAD.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe H:\Valve\Steam\Steam.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEE.EXE C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe C:\APPS\DataSecure\PBBckupUI.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\WINDOWS\system32\svchost.exe C:\Documents and Settings\Omistaja\Työpöytä\dss.exe C:\hjt\Omistaja.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cus...aults/sb/*http://www.yahoo.com/search/ie.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ycomp_wave/defaults/sp/*http://www.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mtv3.fi/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://koti.saunalahti.fi R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ycomp_wave/defaults/su/*http://www.yahoo.com R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: HP-näkymä - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpdtlk02.dll O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_19_0.dll (file missing) O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r O4 - HKLM\..\Run: [Home Theater SchSvr] "C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe" O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [EPSON Stylus DX4200 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEE.EXE /P26 "EPSON Stylus DX4200 Series" /O6 "USB001" /M "Stylus DX4200" O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [SsAAD.exe] C:\DOCUME~1\Omistaja\OMATTI~1\HANNAN~1\SONICS~1\SsAAD.exe O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKCU\..\Run: [BackupNotify] c:\Program Files\Hewlett-Packard\Digital Imaging\bin\backupnotify.exe O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook O4 - HKCU\..\Run: [Steam] "H:\Valve\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [SsAAD.exe] I:\ALEKSI~1\SsAAD.exe O4 - HKCU\..\Run: [EPSON Stylus DX4200 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEE.EXE /P26 "EPSON Stylus DX4200 Series" /M "Stylus DX4200" /EF "HKCU" O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe" O4 - HKCU\..\Run: [Gadwin PrintScreen 3.5] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash O4 - HKCU\..\Run: [Data Secure] C:\APPS\DataSecure\PBBckupUI.exe /HIDDEN O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O14 - IERESET.INF: START_PAGE_URL=http://koti.saunalahti.fi O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F98} - http://www.miniclip.com/puzzlepirates/miniclipGameLoader.dll O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_44.cab O16 - DPF: {48884C41-EFAC-433D-958A-9FADAC41408E} (EGamesPlugin Class) - https://www.e-games.com.my/com/EGamesPlugin.cab O16 - DPF: {5BDBD95C-1E7F-4FB1-8497-20AF879F8B68} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/fi/filesharingctrl.cab O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1158248595500 O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - http://launch.gamespyarcade.com/software/launch/alaunch.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~2\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~2\MSGRAP~1.DLL O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FileZilla Server FTP server (FileZilla Server) - Unknown owner - h:\Program Files\FileZilla Server\FileZilla Server.exe (file missing) O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Imapi Helper - Alex Feinman - C:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS (file missing) O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe -- File Associations ----------------------------------------------------------- .bat - batfile - DefaultIcon - C:\WINDOWS\system32\shell32.dll,71 .ini - inifile - DefaultIcon - C:\WINDOWS\system32\shell32.dll,69 .txt - txtfile - DefaultIcon - C:\WINDOWS\system32\shell32.dll,70 -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- R0 sfdrv01 (StarForce Protection Environment Driver (version 1.x)) - c:\windows\system32\drivers\sfdrv01.sys <Not Verified; Protection Technology; StarForce Protection System> R0 sfhlp02 (StarForce Protection Helper Driver (version 2.x)) - c:\windows\system32\drivers\sfhlp02.sys <Not Verified; Protection Technology; StarForce Protection System> R0 sfsync02 (StarForce Protection Synchronization Driver (version 2.x)) - c:\windows\system32\drivers\sfsync02.sys <Not Verified; Protection Technology; StarForce Protection System> R1 AFS2K - c:\windows\system32\drivers\afs2k.sys <Not Verified; Oak Technology Inc.; AFS> R2 enodpl - c:\windows\system32\drivers\enodpl.sys R2 tandpl - c:\windows\system32\drivers\tandpl.sys R3 pcouffin (VSO Software pcouffin) - c:\windows\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine> R3 pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus(R) ASPI Shell> S3 EagleNT - c:\windows\system32\drivers\eaglent.sys (file missing) S3 ialm - c:\windows\system32\drivers\ialmnt5.sys <Not Verified; Intel Corporation; Intel Graphics Accelerator Drivers for Windows NT(R)> S3 oflpydin - c:\docume~1\omistaja\locals~1\temp\oflpydin.sys (file missing) S3 PcdrNt - c:\windows\system32\drivers\pcdrnt.sys <Not Verified; PC-Doctor Inc.; PC-Doctor NT 3.0> S3 XDva024 - c:\windows\system32\xdva024.sys (file missing) -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- R2 aawservice (Ad-Aware 2007 Service) - "c:\program files\lavasoft\ad-aware 2007\aawservice.exe" <Not Verified; Lavasoft AB; Ad-Aware 2007 Service> R2 Bonjour Service (##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##) - "c:\program files\bonjour\mdnsresponder.exe" <Not Verified; Apple Computer, Inc.; Bonjour> S2 FileZilla Server (FileZilla Server FTP server) - h:\program files\filezilla server\filezilla server.exe (file missing) S3 FLEXnet Licensing Service - "c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe" <Not Verified; Macrovision Europe Ltd.; FLEXnet Publisher (32 bit)> S3 Imapi Helper - "c:\program files\alex feinman\iso recorder\imapihelper.exe" <Not Verified; Alex Feinman; ISO Recorder> -- Device Manager: Disabled ---------------------------------------------------- No disabled devices found. -- Files created between 2007-07-12 and 2007-08-12 ----------------------------- 2007-08-12 16:17:05 0 d-------- C:\hjt 2007-08-06 10:09:55 0 d-------- C:\Program Files\Lavasoft 2007-08-06 10:09:54 0 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft 2007-08-06 10:07:02 0 d-------- C:\Documents and Settings\Omistaja\Application Data\AVG7 2007-08-06 10:06:51 0 d-------- C:\Documents and Settings\LocalService\Application Data\AVG7 2007-08-06 10:06:22 0 d-------- C:\Documents and Settings\All Users\Application Data\avg7 2007-08-06 09:55:06 4468 --a------ C:\WINDOWS\system32\tmp.reg 2007-08-06 09:54:17 288417 --a------ C:\WINDOWS\system32\SrchSTS.exe <Not Verified; S!Ri; SrchSTS> 2007-08-06 09:54:17 53248 --a------ C:\WINDOWS\system32\Process.exe <Not Verified; http://www.beyondlogic.org; Command Line Process Utility> 2007-08-06 09:54:17 51200 --a------ C:\WINDOWS\system32\dumphive.exe 2007-08-02 14:00:17 0 d-------- C:\Documents and Settings\Omistaja\Application Data\ATI 2007-08-02 13:54:25 520192 -----n--- C:\WINDOWS\system32\ati2sgag.exe <Not Verified; ; ATI Smart> 2007-08-02 13:53:00 0 d-------- C:\ATI 2007-08-02 12:00:07 0 d-------- C:\WINDOWS\A1C4EE2BDF144488BC8AF9336D588E97.TMP 2007-07-31 17:13:06 90112 --a------ C:\WINDOWS\unvise32.exe <Not Verified; MindVision Software; Installer VISE> 2007-07-28 12:24:52 17199 --a------ C:\WINDOWS\DIIUnin.dat 2007-07-28 12:24:49 2829 --a------ C:\WINDOWS\DIIUnin.pif 2007-07-28 12:24:49 94208 --a------ C:\WINDOWS\DIIUnin.exe <Not Verified; Blizzard Entertainment; Diablo II Uninstaller> -- Find3M Report --------------------------------------------------------------- 2007-08-12 14:59:20 0 d-------- C:\Program Files\mIRC 2007-08-11 14:26:47 0 d-------- C:\Program Files\AutoIt3 2007-08-09 21:34:48 0 d-------- C:\Documents and Settings\Omistaja\Application Data\uTorrent 2007-08-09 13:26:28 0 d-------- C:\Program Files\SwiftSwitch 2007-08-08 19:00:12 0 d-------- C:\Program Files\Apophysis 2.0 2007-08-08 16:17:18 0 d--h----- C:\Program Files\InstallShield Installation Information 2007-08-07 11:07:30 0 d-------- C:\Program Files\Common Files 2007-08-06 10:09:52 0 d-------- C:\Documents and Settings\Omistaja\Application Data\Lavasoft 2007-08-06 10:08:53 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard 2007-08-02 13:55:17 0 d-------- C:\Program Files\ATI Technologies 2007-07-31 17:13:30 3580 --a------ C:\WINDOWS\system32\d3d9caps.dat 2007-07-31 13:35:06 21840 --a-----t C:\WINDOWS\system32\SIntfNT.dll 2007-07-31 13:35:06 17212 --a-----t C:\WINDOWS\system32\SIntf32.dll 2007-07-31 13:35:06 12067 --a-----t C:\WINDOWS\system32\SIntf16.dll 2007-07-30 19:15:30 0 d-------- C:\Documents and Settings\Omistaja\Application Data\AdobeUM 2007-07-30 19:15:29 0 d-------- C:\Program Files\Common Files\Adobe 2007-07-30 19:13:20 0 d-------- C:\Documents and Settings\Omistaja\Application Data\Real 2007-07-28 14:33:41 43656 --a------ C:\WINDOWS\War3Unin.dat 2007-07-28 14:29:31 2829 --a------ C:\WINDOWS\War3Unin.pif 2007-07-28 14:29:31 126976 --a------ C:\WINDOWS\War3Unin.exe <Not Verified; Blizzard Entertainment; Warcraft III Uninstaller> 2007-07-28 09:50:41 0 d-------- C:\Program Files\Java 2007-07-27 21:12:17 423854 --a------ C:\WINDOWS\system32\perfh00B.dat 2007-07-27 21:12:17 94126 --a------ C:\WINDOWS\system32\perfc00B.dat 2007-07-27 14:36:42 0 d-------- C:\Program Files\Windows Live Safety Center 2007-07-08 22:57:05 0 d-------- C:\Documents and Settings\Omistaja\Application Data\Vso 2007-07-08 22:37:37 0 d-------- C:\Program Files\Webteh 2007-07-08 22:08:56 34 --a------ C:\Documents and Settings\Omistaja\Application Data\pcouffin.log 2007-07-08 22:08:41 47360 --a------ C:\Documents and Settings\Omistaja\Application Data\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine> 2007-07-08 22:08:41 1144 --a------ C:\Documents and Settings\Omistaja\Application Data\pcouffin.inf 2007-07-08 22:08:41 7887 --a------ C:\Documents and Settings\Omistaja\Application Data\pcouffin.cat 2007-07-08 22:08:38 0 d-------- C:\Program Files\VSO 2007-07-06 17:52:24 0 d-------- C:\Program Files\uTorrent 2007-06-30 19:36:54 0 d-------- C:\Program Files\Common Files\Bcgsoft 2007-06-28 14:54:17 0 d-------- C:\Documents and Settings\Omistaja\Application Data\Skype 2007-06-28 09:42:03 0 d-------- C:\Program Files\Winamp 2007-06-28 09:30:56 0 d-------- C:\Documents and Settings\Omistaja\Application Data\Media Player Classic 2007-06-28 09:29:22 0 d-------- C:\Program Files\K-Lite Codec Pack 2007-06-25 11:59:57 0 d-------- C:\Program Files\PHP 2007-06-03 13:31:28 10752 --a------ C:\WINDOWS\system32\ff_vfw.dll 2007-05-31 07:44:56 740442 --a------ C:\WINDOWS\system32\divx.dll <Not Verified; DivX, Inc.; DivX®> 2007-05-28 18:40:06 98304 --a------ C:\WINDOWS\system32\CmdLineExt.dll <Not Verified; Sony DADC Austria AG.; > -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "hpsysdrv"="c:\windows\system\hpsysdrv.exe" [07.05.1998 15:04] "HotKeysCmds"="C:\WINDOWS\System32\hkcmd.exe" [07.04.2003 06:07] "CamMonitor"="c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe" [07.10.2002 06:23] "StorageGuard"="C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" [13.02.2003 07:01] "Home Theater SchSvr"="C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe" [08.08.2003 14:51] "Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [13.09.2002 20:42] "NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [02.05.2003 22:19] "nwiz"="nwiz.exe" [02.05.2003 22:19 C:\WINDOWS\system32\nwiz.exe] "ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [19.07.2003 21:10] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [09.07.2001 09:50] "AlcxMonitor"="ALCXMNTR.EXE" [03.04.2003 19:35 C:\WINDOWS\ALCXMNTR.EXE] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [04.04.2006 18:14] "EPSON Stylus DX4200 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEE.exe" [16.08.2005 17:56] "Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [06.06.2005 22:46] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [12.07.2007 04:00] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [28.07.2007 00:03] "SsAAD.exe"="C:\DOCUME~1\Omistaja\OMATTI~1\HANNAN~1\SONICS~1\SsAAD.exe" [24.01.2005 18:58] "WinampAgent"="C:\Program Files\Winamp\winampa.exe" [20.12.2004 20:41] "KernelFaultCheck"="C:\WINDOWS\system32\dumprep 0 -k" [] "ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [02.01.2006 16:41] "AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [06.08.2007 10:06] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BackupNotify"="c:\Program Files\Hewlett-Packard\Digital Imaging\bin\backupnotify.exe" [22.06.2003 20:25] "NVIEW"="nview.dll,nViewLoadHook" [] "Steam"="H:\Valve\Steam\Steam.exe" [28.06.2007 09:08] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [15.09.2004 01:12] "SsAAD.exe"="I:\ALEKSI~1\SsAAD.exe" [] "EPSON Stylus DX4200 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEE.exe" [16.08.2005 17:56] "CTSyncU.exe"="C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe" [] "Gadwin PrintScreen 3.5"="C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe" [08.07.2006 10:57] "Data Secure"="C:\APPS\DataSecure\PBBckupUI.exe" [26.04.2005 11:51] C:\Documents and Settings\All Users\K„ynnist„-valikko\Ohjelmat\K„ynnistys\ Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [10.9.2006 8:30:33] Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [23.9.2005 21:05:26] HP Digital Imaging Monitor.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe [13.6.2003 3:08:16] WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE [12.10.2004 18:22:16] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "DisableRegistryTools"=0 (0x0) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoActiveDesktop"=0 (0x0) "ForceActiveDesktopOn"=0 (0x0) [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] "Notification Packages"= :\WINDOWS\syste [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] @="Volume shadow copy" [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] Usnsvc usnsvc -- End of Deckard's System Scanner: finished at 2007-08-12 at 19:10:35 --------- extra Deckard's System Scanner v20070809.63 Extra logfile - please post this as an attachment with your post. -------------------------------------------------------------------------------- -- System Information ---------------------------------------------------------- Microsoft Windows XP Home Edition (build 2600) SP 2.0 Architecture: X86; Language: Other (040B) - see http://preview.tinyurl.com/mhhp6 CPU 0: AMD Athlon(tm) XP 2600+ Percentage of Memory in Use: 57% Physical Memory (total/avail): 511.36 MiB / 218.21 MiB Pagefile Memory (total/avail): 1250.54 MiB / 696.8 MiB Virtual Memory (total/avail): 2047.88 MiB / 1967.15 MiB A: is Removable (No Media) C: is Fixed (NTFS) - 69.59 GiB total, 34.95 GiB free. D: is Fixed (FAT32) - 4.92 GiB total, 0.78 GiB free. E: is CDROM (CDFS) F: is CDROM (No Media) H: is Fixed (NTFS) - 147.62 GiB total, 105.93 GiB free. -- Security Center ------------------------------------------------------------- AUOptions is scheduled to auto-install. Windows Internal Firewall is enabled. AntivirusOverride is set. FW: Sunbelt Personal Firewall v4.5.916 T (Sunbelt) AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH) AV: AVG 7.5.476 v7.5.476 (GRISOFT) AV: avast! antivirus 4.7.1029 [VPS 000764-7] v4.7.1029 (ALWIL Software) [HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.0" "C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)" [HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "I:\\Program Files\\bittorrent.exe"="I:\\Program Files\\bittorrent.exe:*:Enabled:BitTorrent" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000" "I:\\Program Files\\xchat\\xchat.exe"="I:\\Program Files\\xchat\\xchat.exe:*:Enabled:XChat IRC Client" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.0" "C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)" "C:\\Program Files\\SmartFTP Client 2.0\\SmartFTP.exe"="C:\\Program Files\\SmartFTP Client 2.0\\SmartFTP.exe:*:Enabled:SmartFTP Client 2.0" "h:\\Program Files\\BitTorrent\\bittorrent.exe"="h:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent" -- Environment Variables ------------------------------------------------------- ALLUSERSPROFILE=C:\Documents and Settings\All Users APPDATA=C:\Documents and Settings\Omistaja\Application Data CLIENTNAME=Console CommonProgramFiles=C:\Program Files\Common Files COMPUTERNAME=MATILAINEN ComSpec=C:\WINDOWS\system32\cmd.exe FP_NO_HOST_CHECK=NO HOMEDRIVE=C: HOMEPATH=\Documents and Settings\Omistaja LANG=fi LOGONSERVER=\\MATILAINEN NewEnvironment1=C:\Program Files\ATI Technologies\ATI.ACE\ NUMBER_OF_PROCESSORS=1 OS=Windows_NT Path=C:\Program Files\PHP\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;c:\Python22;C:\Program Files\ATI Technologies\ATI Control Panel;i:\Program Files\Common Files\GTK\2.0\bin;C:\Program Files\Microsoft SQL Server\90\Tools\binn\ PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH PHPRC=C:\Program Files\PHP\ PROCESSOR_ARCHITECTURE=x86 PROCESSOR_IDENTIFIER=x86 Family 6 Model 8 Stepping 1, AuthenticAMD PROCESSOR_LEVEL=6 PROCESSOR_REVISION=0801 ProgramFiles=C:\Program Files PROMPT=$P$G SESSIONNAME=Console sourcesdk=c:\program files\valve\steam\steamapps\darkaleksi\sourcesdk SystemDrive=C: SystemRoot=C:\WINDOWS TEMP=C:\DOCUME~1\Omistaja\LOCALS~1\Temp TMP=C:\DOCUME~1\Omistaja\LOCALS~1\Temp USERDOMAIN=MATILAINEN USERNAME=Omistaja USERPROFILE=C:\Documents and Settings\Omistaja VProject=c:\program files\valve\steam\steamapps\darkaleksi\counter-strike source\cstrike windir=C:\WINDOWS -- User Profiles --------------------------------------------------------------- Omistaja (admin) -- Add/Remove Programs --------------------------------------------------------- --> C:\WINDOWS\System32\\MSIEXEC.EXE /I {09DA4F91-2A09-4232-AB8C-6BC740096DE3} REMOVE=UpdateMgrFeature --> c:\WINDOWS\System32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19} --> Dummy --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88E5FCB8-5F25-11D5-B16F-0800460222F0}\setup.exe" -l0x9 UNINSTALL --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D76298C2-E532-4A11-BCFF-76F3F19DA84D}\setup.exe" UNINSTALL --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x9 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{98181885-5B28-4280-9B56-452FF877D5B9}\setup.exe" -l0x9 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{98181885-5B28-4280-9B56-452FF877D5B9}\setup.exe" -l0x9 /remove --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A9BB081B-C020-4D02-A763-D32204D2563D}\setup.exe" -l0x9 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A9BB081B-C020-4D02-A763-D32204D2563D}\setup.exe" -l0x9 /remove --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C029DB0E-C59F-417A-90F8-88FD5B2C4AE7}\setup.exe" -l0x9 --> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf ACDSee for Pentax 2.0 --> MsiExec.exe /I{D8320DD6-FE47-41DE-B116-4158B7AE3F37} Ad-Aware 2007 --> MsiExec.exe /X{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF} Adobe Acrobat 5.0 --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.dll" Adobe Anchor Service CS3 --> MsiExec.exe /I{A4464AC3-D85E-4649-8748-706191063DF6} Adobe Asset Services CS3 --> MsiExec.exe /I{7302810D-7ACF-4339-B27B-57016CAADDCD} Adobe Bridge CS3 --> MsiExec.exe /I{FABA59CC-347B-478B-B2A7-37BF0885CACB} Adobe Bridge Start Meeting --> MsiExec.exe /I{CE52110A-7773-444F-9E5D-4A45E4792DB6} Adobe Camera Raw 4.0 --> MsiExec.exe /I{AED353B9-E6D7-406F-B007-2C55C5265EB3} Adobe CMaps --> MsiExec.exe /I{D8FC8E35-D397-4C16-87AE-141A625221E4} Adobe Default Language CS3 --> MsiExec.exe /I{D446BA40-1F5F-44EB-A794-0AC14F809C79} Adobe Device Central CS3 --> MsiExec.exe /I{265FCC3B-4814-4B2B-89D6-217DFB8AD886} Adobe ExtendScript Toolkit 2 --> MsiExec.exe /I{F36CFE58-47C0-4D75-995B-E0172563FA83} Adobe Flash Player 9 ActiveX --> C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete Adobe Fonts All --> MsiExec.exe /I{162DDD86-C087-4E59-B7A8-0C1D8F884A9A} Adobe Help Viewer 1.1 --> MsiExec.exe /I{F3697BA5-C8D8-4925-ACCA-F486C76BAD33} Adobe Linguistics CS3 --> MsiExec.exe /I{E5C28906-EC86-404E-BB4F-6AB2590451FF} Adobe PDF Library Files --> MsiExec.exe /I{91D829E6-F1D1-433F-861F-0552DFED0EAD} Adobe Photoshop 7.0 --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Adobe\Photoshop 7.0\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop 7.0\Uninst.dll" Adobe Photoshop CS3 --> C:\Program Files\Common Files\Adobe\Installers\8d0dc9390f2c596455e1446b5918a40\Setup.exe Adobe Photoshop CS3 --> MsiExec.exe /I{F32F1F7C-322D-46B9-B69A-5C3EDC88B74C} Adobe Reader 7.0.8 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70800000002} Adobe Setup --> MsiExec.exe /I{CBF7A9A4-C0D4-4BA0-8991-C9B7D90A5298} Adobe Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log Adobe Stock Photos CS3 --> MsiExec.exe /I{73B79E83-490B-460D-B0D6-2C7B73980325} Adobe Type Support --> MsiExec.exe /I{A78A65E4-1D88-477A-83B4-3EC540F6A55A} Adobe Version Cue CS3 Client --> MsiExec.exe /I{BF18C55F-791F-4C17-AB75-E397EE01C14B} Adobe WinSoft Linguistics Plugin --> MsiExec.exe /I{51DC4D9C-F729-48A7-9CE0-BC77529ECCA2} Adobe XMP Panels CS3 --> MsiExec.exe /I{F0CF6455-EDD8-41C6-A96A-223874E660CC} Adobe® Photoshop® Album Starter Edition 3.0 --> MsiExec.exe /I{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B} Amazon Cover Downloader --> "I:\Amazon Cover Downloader\unins000.exe" AMX Mod X Installer 1.76b --> C:\Program Files\AMX Mod X\uninst.exe Apophysis 2.0 --> "C:\Program Files\Apophysis 2.0\uninstall.exe" ArcSoft ShowBiz 2 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{791B20D4-AE59-4DE9-B45F-BA01F3D0A493}\setup.exe" -l0x9 Armed and Dangerous --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{37D422FE-0E44-4595-9ADF-BE4C1B70318F}\Setup.exe" -l0x9 ATI - Software Uninstall Utility --> C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe ATI Catalyst Control Center --> MsiExec.exe /I{EA9FAF16-0E5C-42C4-9742-9AF8D5F6D69B} ATI Control Panel --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe" ATI Display Driver --> rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_classISPLAY -clean µTorrent --> "C:\Program Files\uTorrent\uninstall.exe" AutoIt v3.2.4.9 --> C:\Program Files\AutoIt3\Uninstall.exe avast! Antivirus --> rundll32 C:\PROGRA~1\ALWILS~1\Avast4\Setup\setiface.dll,RunSetup AVG 7.5 --> C:\Program Files\Grisoft\AVG7\setup.exe /UNINSTALL AVG Anti-Rootkit Free --> C:\Program Files\GRISOFT\AVG Anti-Rootkit Free\Uninstall.exe AVG Anti-Spyware 7.5 --> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe Banner Maker Pro Version 6 --> "C:\Program Files\Banner Maker Pro 6\unins000.exe" Battlefield 1942 Multiplayer Demo --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5ED20FB0-678F-41EE-9211-DC9C670FD193}\Setup.exe" -l0x9 BSPlayer --> "C:\Program Files\Webteh\BSplayer\uninstall.exe" CCleaner (remove only) --> "I:\CCleaner\uninst.exe" Collab --> I:\FL\Collab\uninstall.exe ConvertXtoDVD 2.2.3.258 --> "C:\Program Files\VSO\ConvertXtoDVD\unins000.exe" Counter-Strike --> "C:\program files\valve\steam\steam.exe" steam://uninstall/10 Counter-Strike: Source --> "C:\Program Files\Valve\Steam\steam.exe" steam://uninstall/240 Creative System Information --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x9 /remove Diablo II --> C:\WINDOWS\DIIUnin.exe C:\WINDOWS\DIIUnin.dat Diablo II --> C:\WINDOWS\DIIUnin.exe C:\WINDOWS\DIIUnin.dat Easy Icon Maker --> I:\PROGRA~1\EASYIC~1\UNWISE.EXE I:\PROGRA~1\EASYIC~1\INSTALL.LOG EPSON-tulostinohjelma --> C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R EPSON Attach To Email --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{20C45B32-5AB6-46A4-94EF-58950CAF05E5} /l1033 ADDREMOVEDLG EPSON Copy Utility 3 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67EDD823-135A-4D59-87BD-950616D6E857}\SETUP.EXE" -l0x9 -UnInstall EPSON Easy Photo Print --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5DA7BC15-18D3-41A0-9F59-838DA3EAEF17}\SETUP.EXE" -l0x9 UNINST EPSON File Manager --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E86BC406-944E-41F6-ADE6-2C136734C96B}\Setup.exe" -l0x9 UNINST EPSON Image Clip Palette --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{314F6D08-A8B7-11D8-8446-0050BA1D384D}\Setup.exe" -l0x9 -u EPSON Scan --> C:\Program Files\epson\escndv\setup\setup.exe /r EPSON Scan Assistant --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}\Setup.exe" -l0x9 -u EPSON Web-To-Page --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}\SETUP.EXE" -l0x9 -anything ESDX4800_4200 Käyttöopas --> C:\Program Files\EPSON\TPMANUAL\ESDX4800_4200\USE_G\DOCUNINS.EXE EVEREST Corporate Edition v4.00 --> "h:\Program Files\Lavalys\EVEREST Corporate Edition\unins000.exe" Expstudio Audio Editor FREE --> C:\WINDOWS\Expstudio Audio Editor FREE Uninstaller.exe FastStone Capture 5.3 --> C:\Program Files\FastStone Capture\uninst.exe FileZilla (remove only) --> "I:\Program Files\FileZilla\uninstall.exe" FileZilla Server (remove only) --> "h:\Program Files\FileZilla Server\uninstall.exe" FL Studio 6 --> I:\FL\uninstall.exe FPS Creator Demo --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E70E9721-A42A-4D7A-8087-AA69614328A0}\Setup.exe" -l0x9 Gadwin PrintScreen --> C:\Program Files\Gadwin Systems\PrintScreen\Uninstall.exe Game Maker 6.1 --> I:\GameMaker\Uninstal.exe GTA2 --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\GTA2\Uninst.isu" GTK+ 2.10.6-1 runtime environment --> "i:\Program Files\Common Files\GTK\2.0\setup\unins000.exe" Guild Wars --> "I:\Program Files\Guild Wars\Gw.exe" -uninstall Guitar Pro 4.0 --> I:\PROGRA~1\GUITAR~1\UNWISE.EXE I:\PROGRA~1\GUITAR~1\INSTALL.LOG Guitar Pro 5.2 --> "I:\Program Files\Guitar Pro 5\unins000.exe" Half-Life --> "C:\program files\valve\steam\steam.exe" steam://uninstall/70 Half-Life 2 --> "C:\Program Files\Valve\Steam\steam.exe" steam://uninstall/220 Half-Life(R) --> MsiExec.exe /I{BACBC990-8681-4D00-9227-F3A32123BB7A} Halloween Harry 2 - Zombie Wars --> "C:\WINDOWS\UNISTB32.EXE" /U "C:\Program Files\PELIKANSIO\PELIT\ZWARS\UNINST0.000" "C:\Program Files\PELIKANSIO\PELIT\ZWARS\UNINST1.000" Halloween Harry 2 - Zombie Wars --> "C:\WINDOWS\UNISTB32.EXE" /U "C:\Program Files\ZWARS\UNINST0.000" "C:\Program Files\ZWARS\UNINST1.000" HijackThis 1.99.1 --> C:\hjt\HijackThis.exe /uninstall Hotfix-päivitys Windows XP:lle (KB914440) --> "C:\WINDOWS\$NtUninstallKB914440$\spuninst\spuninst.exe" HP Deskjet Preloaded Printer Drivers --> MsiExec.exe /X{F419D20A-7719-4639-8E30-C073A040D878} HP Photo & Imaging 3.0 --> C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat HP Photo and Imaging 2.0 - Photosmart Cameras --> MsiExec.exe /X{5D7F0A0E-369E-46C0-9F99-FAB21A064781} HP Software Update --> MsiExec.exe /X{C05E10AC-BD86-4564-9D16-EF11D7314FB2} HPImageZone --> MsiExec.exe /X{11946FA8-329A-4DDF-B867-A32781FED8EE} Hugin 0.6.1 --> "I:\hugin\HUGIN\uninstall.exe" HyperCam 2 --> "i:\program files/hyper cam 2\UnHyCam2.exe" ID3 Lyrics Editor --> C:\WINDOWS\IsUninst.exe -f"i:\aleksin juttuja!\Uninst.isu" InstantUpload --> MsiExec.exe /I{EF8759E0-4756-4261-AFBB-CCF814CB2E65} Intel(R) Extreme Graphics Driver --> RUNDLL32.EXE C:\WINDOWS\System32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_2572 InterActual Player --> C:\Program Files\InterActual\InterActual Player\inuninst.exe InterVideo WinDVD Player --> "C:\Program Files\InstallShield Installation Information\{98E8A2EF-4EAE-43B8-A172-74842B764777}\setup.exe" REMOVEALL InterVideo WinDVRX --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{89AD2814-AFA2-46AF-AE53-C27196D9FBE6}\setup.exe" REMOVEALL ISO Recorder --> MsiExec.exe /I{DFC6573E-124D-4026-BFA4-B433C9D3FF21} J2SE Runtime Environment 5.0 Update 10 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100} J2SE Runtime Environment 5.0 Update 9 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150090} Java 2 Runtime Environment, SE v1.4.1_02 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFCE5837-FC21-11D6-9D24-00010240CE95}\setup.exe" Anytext Java Web Start --> "C:\Program Files\Java Web Start\uninst-javaws.exe" Java(TM) 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020} Java(TM) SE Runtime Environment 6 Update 1 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010} K-Lite Mega Codec Pack 2.1.5 --> "C:\Program Files\K-Lite Codec Pack\unins000.exe" Kaspersky Online Scanner --> C:\WINDOWS\system32\KASPER~1\KASPER~1\kavuninstall.exe KVIrc 3.2.0 "Realia" --> "I:\ALEKSIN JUTTUJA!\KVIrc\unins000.exe" LiveReg (Symantec Corporation) --> C:\Program Files\Common Files\Symantec Shared\LiveReg\VcSetup.exe /REMOVE Max Payne --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{39930321-4C58-4B8B-BCBF-342698C9801D}\setup.exe" uninstall uninstall MDK --> C:\WINDOWS\uninst.exe -fC:\SHINY\MDK\DeIsL1.isu Memories Disc Creator 2.0 --> MsiExec.exe /X{2E132061-C78A-48D4-A899-1D13B9D189FA} Microsoft MSDN 2005 Express Edition - ENU --> I:\Program Files\Microsoft Visual Studio 8\Microsoft MSDN 2005 Express Edition - ENU\install.exe Microsoft Office PowerPoint Viewer 2003 --> MsiExec.exe /X{90AF040B-6000-11D3-8CFE-0150048383C9} Microsoft SQL Server 2005 --> "C:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\ARPWrapper.exe" /Remove Microsoft SQL Server 2005 Express Edition (SQLEXPRESS) --> MsiExec.exe /I{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F} Microsoft SQL Server 2005 Tools Express Edition --> MsiExec.exe /I{2750B389-A2D2-4953-99CA-27C1F2A8E6FD} Microsoft SQL Server Native Client --> MsiExec.exe /I{F9B3DD02-B0B3-42E9-8650-030DFF0D133D} Microsoft SQL Server Setup Support Files (English) --> MsiExec.exe /X{53F5C3EE-05ED-4830-994B-50B2F0D50FCE} Microsoft SQL Server VSS Writer --> MsiExec.exe /I{E9F44C98-B8B6-480F-AF7B-E42A0A46F4E3} Microsoft Visual Basic 2005 Express Edition - ENU --> I:\Program Files\Microsoft Visual Studio 8\Microsoft Visual Basic 2005 Express Edition - ENU\setup.exe Microsoft Visual Basic 2005 Express Edition - ENU --> MsiExec.exe /X{577AD794-8B34-40B4-9E7A-BE4CFFE396E6} Microsoft Word 2002 --> MsiExec.exe /I{911B040B-6000-11D3-8CFE-0050048383C9} Microsoft Works 7.0 --> MsiExec.exe /I{323F6CCF-BBBA-41FB-AF39-62C4FE717CA4} mIRC --> "C:\Program Files\mIRC\mirc.exe" -uninstall Mozilla Firefox (2.0.0.5) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe Mozilla Firefox (2.0.0.6) --> C:\PROGRA~1\Mozilla Firefox\uninstall\helper.exe MSN Messenger 7.5 --> MsiExec.exe /I{9A379B72-03EC-11DA-BFBD-00065BBDC0B5} MSXML 6.0 Parser --> MsiExec.exe /I{A43BF6A5-D5F0-4AAA-BF41-65995063EC44} Nero 6 Ultra Edition --> C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL No Escape --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\No Escape\uninst.isu" NRJ Kauppa --> MsiExec.exe /I{4FB972A0-4A5E-457A-8285-E4A8D12FD492} NVIDIA Ethernet Driver --> C:\WINDOWS\System32\nvuenet.exe Uninstall C:\WINDOWS\System32\Nvenet.nvu,NVIDIA Ethernet Driver NVIDIA Gart Driver --> C:\WINDOWS\System32\nvugart.exe Uninstall C:\WINDOWS\System32\Nvgart.nvu,NVIDIA Gart Driver NVIDIA Windows 2000/XP Display Drivers --> rundll32.exe C:\WINDOWS\System32\nvinstnt.dll,NvUninstallNT4 nvhp.inf OpenArena 0.6.0 --> "H:\Program Files\OpenArena\unins000.exe" OpenMG Secure Module 4.6.01 --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1150\INTEL3~1\IDriver.exe /M{3D79DB6E-73DA-46C9-B8FA-DAE52108246F} UNINSTALL Optio 50L Digital Camera Driver --> C:\PROGRA~1\OPTIO5~1\UNWISE.EXE C:\PROGRA~1\OPTIO5~1\INSTALL.LOG Packard Bell Data Secure --> C:\APPS\DataSecure\Uninstall.exe PHP 5.2.3 --> MsiExec.exe /I{F66C0680-EBE5-4A01-BC13-D5F360CFA0EF} PIF DESIGNER --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B90450DF-E781-46FD-B1F1-0C86DA40E443}\SETUP.EXE" -l0x9 anything Pivot Stickfigure Animator --> MsiExec.exe /I{BEAD39CD-901D-4267-8B8B-EAA83CB4B70D} Päivitys Windows XP:lle (KB894391) --> "C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe" Päivitys Windows XP:lle (KB896727) --> "C:\WINDOWS\$NtUninstallKB896727$\spuninst\spuninst.exe" Päivitys Windows XP:lle (KB898461) --> "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe" Päivitys Windows XP:lle (KB900485) --> "C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe" Päivitys Windows XP:lle (KB904942) --> "C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe" Päivitys Windows XP:lle (KB910437) --> "C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe" Päivitys Windows XP:lle (KB916595) --> "C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe" Päivitys Windows XP:lle (KB920872) --> "C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe" Päivitys Windows XP:lle (KB922582) --> "C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe" Päivitys Windows XP:lle (KB927891) --> "C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe" Päivitys Windows XP:lle (KB929338) --> "C:\WINDOWS\$NtUninstallKB929338$\spuninst\spuninst.exe" Päivitys Windows XP:lle (KB930916) --> "C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe" Päivitys Windows XP:lle (KB931836) --> "C:\WINDOWS\$NtUninstallKB931836$\spuninst\spuninst.exe" PristonTale --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B5B4799D-4E8D-4DC6-9C50-060EE5F8AA9C}\Setup.exe" -l0x9 Privacy Mantra 2.04 --> "h:\Program Files\Privacy Mantra 2.04\uninstall.exe" QSwitch 3 (Alpha 2.98 - Compile 2) --> "I:\ALEKSIN JUTTUJA!\QSwitch\unins000.exe" QuickTime --> C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log RecordNow! --> MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19} Red Faction --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{47E6B460-04BA-4215-9F5D-3858BF920D07}\setup.exe" anything Resident Evil 3 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DE15F0C0-108D-11D4-AF73-0000E21444C5}\Setup.exe" RYL2 - Incomplete Union v1.6.7.3 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{81493ECE-6BD4-4972-B7DB-A0134C0A0D3F}\Setup.exe" -l0x9 S3Display --> s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3Display' S3Gamma2 --> s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3Gamma2' S3Info2 --> s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3Info2' S3Overlay --> s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3Overlay' SA21xx Device Manager --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45375017-B0F8-44EA-9D5B-2DCE7C84FFC2}\SA21XX_DM_Setup.exe" -l0x9 -removeonly Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Serious Sam 2 --> h:\Program Files\Serious Sam 2\Bin\Uninstall.exe Serious Sam: The Second Encounter --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5BDAA2F7-8E48-4AFF-AA92-B559D0CDF1AD}\Setup.exe" -l0x9 Skype 2.5 --> "C:\Program Files\Skype\Phone\unins000.exe" SmartFTP Client 2.0 --> MsiExec.exe /I{C169D3BB-9A27-43F5-9979-09A0D65FE95C} SmartFTP Client 2.0 Setup Files (remove only) --> "I:\Program Files\SmartFTP Client 2.0 Setup Files\uninst-sftp.exe" SnagIt 8 --> MsiExec.exe /I{A1C4EE2B-DF14-4488-BC8A-F9336D588E97} Sonic Update Manager --> MsiExec.exe /I{09DA4F91-2A09-4232-AB8C-6BC740096DE3} SonicStage 3.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A0EB195B-5876-48E6-879D-33D4B2102610}\setup.exe" -l0x9 UNINSTALL -removeonly Source SDK Base --> "H:\Valve\Steam\steam.exe" steam://uninstall/215 Spybot - Search & Destroy 1.4 --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe" SpywareBlaster v3.5.1 --> "C:\Program Files\SpywareBlaster\unins000.exe" Standalone irssi for Windows --> "H:\Program Files\irssi\unins000.exe" Steam(TM) --> MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3} Sunbelt Personal Firewall --> MsiExec.exe /X{BFD080F6-3BF0-40E1-9507-9CA969C35870} Suojauspäivitys ohjelmistolle Windows XP (KB923689) --> "C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB890046) --> "C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB893066) --> "C:\WINDOWS\$NtUninstallKB893066$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB893756) --> "C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB896358) --> "C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB896422) --> "C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB896423) --> "C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB896424) --> "C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB896428) --> "C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB896688) --> "C:\WINDOWS\$NtUninstallKB896688$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB899587) --> "C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB899588) --> "C:\WINDOWS\$NtUninstallKB899588$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB899591) --> "C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB900725) --> "C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB901017) --> "C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB901214) --> "C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB902400) --> "C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB904706) --> "C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB905414) --> "C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB905749) --> "C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB905915) --> "C:\WINDOWS\$NtUninstallKB905915$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB908519) --> "C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB908531) --> "C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB911280) --> "C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB911562) --> "C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB911567) --> "C:\WINDOWS\$NtUninstallKB911567$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB911927) --> "C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB912812) --> "C:\WINDOWS\$NtUninstallKB912812$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB912919) --> "C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB913446) --> "C:\WINDOWS\$NtUninstallKB913446$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB913580) --> "C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB914388) --> "C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB914389) --> "C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB916281) --> "C:\WINDOWS\$NtUninstallKB916281$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB917159) --> "C:\WINDOWS\$NtUninstallKB917159$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB917344) --> "C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB917422) --> "C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB917953) --> "C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB918118) --> "C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB918439) --> "C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB918899) --> "C:\WINDOWS\$NtUninstallKB918899$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB919007) --> "C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB920213) --> "C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB920214) --> "C:\WINDOWS\$NtUninstallKB920214$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB920670) --> "C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB920683) --> "C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB920685) --> "C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB921398) --> "C:\WINDOWS\$NtUninstallKB921398$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB921883) --> "C:\WINDOWS\$NtUninstallKB921883$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB922616) --> "C:\WINDOWS\$NtUninstallKB922616$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB922760) --> "C:\WINDOWS\$NtUninstallKB922760$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB922819) --> "C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB923191) --> "C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB923414) --> "C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB923694) --> "C:\WINDOWS\$NtUninstallKB923694$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB923980) --> "C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB924191) --> "C:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB924270) --> "C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB924496) --> "C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB924667) --> "C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB925454) --> "C:\WINDOWS\$NtUninstallKB925454$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB925486) --> "C:\WINDOWS\$NtUninstallKB925486$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB925902) --> "C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB926255) --> "C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB926436) --> "C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB927779) --> "C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB927802) --> "C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB928090) --> "C:\WINDOWS\$NtUninstallKB928090$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB928255) --> "C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB928843) --> "C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB929123) --> "C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB929969) --> "C:\WINDOWS\$NtUninstallKB929969$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB930178) --> "C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB931261) --> "C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB931768) --> "C:\WINDOWS\$NtUninstallKB931768$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB931784) --> "C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB932168) --> "C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB933566) --> "C:\WINDOWS\$NtUninstallKB933566$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB935839) --> "C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB935840) --> "C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe" SwiftSwitch --> C:\Program Files\SwiftSwitch\Uninstal.exe TeamSpeak 2 RC2 --> "C:\Program Files\Teamspeak2_RC2\unins000.exe" TeamSpeak 2 Server RC2 --> "I:\Program Files\Teamspeak2_RC2\unins000.exe" The GIMP 2.2.13 --> "i:\Program Files\GIMP-2.0\unins000.exe" The Sims 2 --> C:\Program Files\EA GAMES\The Sims 2\EAUninstall.exe The Sims 2 - Kauppa auki --> C:\Program Files\EA GAMES\The Sims 2 - Kauppa auki\EAUninstall.exe The Sims 2 Yöelämää --> C:\Program Files\EA GAMES\The Sims 2 Yöelämää\EAUninstall.exe The Sims 2 Yliopisto --> C:\Program Files\EA GAMES\The Sims 2 Yliopisto\EAUninstall.exe The Sims™ 2 Lemmikkielämää --> C:\Program Files\EA GAMES\The Sims 2 Lemmikkielämää\EAUninstall.exe Ulead iPhoto Express 1.1 --> C:\WINDOWS\ULEAD.DAT\ULuninst.exe /f:ipe11f.inf Valve Hammer Editor --> C:\PROGRA~1\VALVEH~1\UNWISE.EXE C:\PROGRA~1\VALVEH~1\INSTALL.LOG Warcraft III --> C:\WINDOWS\War3Unin.exe C:\WINDOWS\War3Unin.dat WarRock --> C:\Program Files\InstallShield Installation Information\{00D15456-F679-4AD4-8BD2-56450D4C3F72}\setup.exe -runfromtemp -l0x0009 -removeonly Ventrilo Client --> MsiExec.exe /I{789289CA-F73A-4A16-A331-54D498CE069F} Winamp (remove only) --> "C:\Program Files\Winamp\UninstWA.exe" Windows Live Messenger --> MsiExec.exe /I{57319C68-AC4B-43DB-B516-349FE09E6774} Windows Live OneCare safety scanner --> RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT WinRAR archiver --> I:\Program Files\WinRAR\uninstall.exe WinZip --> "C:\Program Files\WinZip\WINZIP32.EXE" /uninstall Wolfenstein - Enemy Territory --> I:\PROGRA~1\WOLFEN~1\Uninstall\Unwise.exe /u I:\PROGRA~1\WOLFEN~1\Uninstall\Install.log Worms Armageddon --> C:\WINDOWS\IsUninst.exe -f"c:\Team17\Worms Armageddon\Uninst.isu" XChat 2 (remove only) --> "I:\Program Files\xchat\uninstall.exe" Yahoo! Companion --> rundll32.exe C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\YCOMP5~1.DLL,DllCommand ui ZENcast Organizer --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C029DB0E-C59F-417A-90F8-88FD5B2C4AE7}\setup.exe" -l0x9 /remove ZIP 2 Secure EXE --> "C:\Program Files\Chilkat Software Inc\ZIP 2 Secure EXE\ChilkatZipSE.exe" /uninstall ZyXEL USB ADSL Modem --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5BE3BF62-D432-4D47-A712-CD4DF91CABFB}\setup.exe" -l0x9 -- Application Event Log ------------------------------------------------------- Event ID #13327: Success Event Submitted/Written: 08/12/2007 01:01:49 PM Event Source: usnsvc Event Description: The Messenger Sharing USN Journal Reader service started successfully. Event ID #13300: Warning Event Submitted/Written: 08/12/2007 11:47:42 AM Event Source: SQLBrowser Event Description: The configuration of the AdminConnection\TCP protocol in the SQL instance SQLEXPRESS is not valid. Event ID #13283: Warning Event Submitted/Written: 08/11/2007 07:18:29 PM Event Source: MsiInstaller Event Description: Tuotteen {D8320DD6-FE47-41DE-B116-4158B7AE3F37} toiminnon ACDSee tunnistaminen epäonnistui pyydettäessä komponenttia {FB8D5AA7-91F2-44B3-9C19-9053D58A28F1} Event ID #13282: Warning Event Submitted/Written: 08/11/2007 07:18:29 PM Event Source: MsiInstaller Event Description: Tuotteen {D8320DD6-FE47-41DE-B116-4158B7AE3F37} toiminnon ACDSee komponentin {5EB3BD5D-A6FA-4800-BDBF-F056FB5F2CEA} tunnistaminen ei onnistunut. Resurssia HKEY_LOCAL_MACHINE\Software\ACD Systems\PlugIns\V2\EL ei ole. Event ID #13279: Warning Event Submitted/Written: 08/11/2007 05:25:25 PM Event Source: MsiInstaller Event Description: Tuotteen {D8320DD6-FE47-41DE-B116-4158B7AE3F37} toiminnon ACDSee tunnistaminen epäonnistui pyydettäessä komponenttia {FB8D5AA7-91F2-44B3-9C19-9053D58A28F1} -- Security Event Log ---------------------------------------------------------- No Errors/Warnings found. -- System Event Log ------------------------------------------------------------ Event ID #2783: Error Event Submitted/Written: 08/12/2007 11:52:50 AM Event Source: Service Control Manager Event Description: Palvelu Tietokoneiden selaus lopetettiin virheen takia. Virhe: %%1460 Event ID #2756: Error Event Submitted/Written: 08/12/2007 11:48:35 AM Event Source: Service Control Manager Event Description: Palvelua FileZilla Server FTP server ei voi käynnistää. Virhekoodi on %%2 Event ID #2744: Warning Event Submitted/Written: 08/11/2007 07:19:18 PM / 08/11/2007 07:19:19 PM Event Source: Ftdisk Event Description: Järjestelmä ei voinut siirtää dataa lokiin. Tietohävikki saattaa tapahtua. Event ID #2738: Error Event Submitted/Written: 08/11/2007 11:18:18 AM Event Source: Service Control Manager Event Description: Palvelu Tietokoneiden selaus lopetettiin virheen takia. Virhe: %%1460 Event ID #2714: Error Event Submitted/Written: 08/11/2007 11:13:51 AM Event Source: Service Control Manager Event Description: Palvelua FileZilla Server FTP server ei voi käynnistää. Virhekoodi on %%2 -- End of Deckard's System Scanner: finished at 2007-08-12 at 19:10:35 ---------
Eli mun moka.. Sinulla on siis AVAST JA AVG7. Jotta kone toimisi normaalisti poista toinen ======= 1. Lataa combofix.exe työpöydällesi jommastakummasta linkistä: http://www.techsupportforum.com/sectools/sUBs/ComboFix.exe http://download.bleepingcomputer.com/sUBs/ComboFix.exe 2. Tuplaklikkaa combofix.exe tiedostoa ja seuraa ohjeistuksia. 3. Kun työkalu on valmis, se tuottaa lokin. (C:\ComboFix.txt) Lähetä tämä loki viesti ketjuusi. Huom! Älä klikkaile combofixin ikkunaa käytön aikana. Tämä saattaa aiheuttaa ohjelman jumiutumisen.
ComboFix 07-08-09.3 - "Omistaja" 2007-08-12 19:29:35.1 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1035.18.149 [GMT 2:00] * Created a new restore point ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) C:\DOCUME~1\Omistaja\TYPYT~1.\internet explorer.lnk D:\Autorun.inf ((((((((((((((((((((((((( Files Created from 2007-07-12 to 2007-08-12 ))))))))))))))))))))))))))))))) 2007-08-12 19:28 51,200 --a------ C:\WINDOWS\nircmd.exe 2007-08-12 19:04 <KANSIO> d-------- C:\Deckard 2007-08-12 16:17 <KANSIO> d-------- C:\hjt 2007-08-06 10:09 <KANSIO> d-------- C:\Program Files\Lavasoft 2007-08-06 10:09 <KANSIO> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft 2007-08-06 09:55 4,468 --a------ C:\WINDOWS\system32\tmp.reg 2007-08-06 09:54 53,248 --a------ C:\WINDOWS\system32\Process.exe 2007-08-06 09:54 51,200 --a------ C:\WINDOWS\system32\dumphive.exe 2007-08-06 09:54 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe 2007-08-02 14:00 <KANSIO> d-------- C:\DOCUME~1\Omistaja\APPLIC~1\ATI 2007-08-02 13:54 520,192 --------- C:\WINDOWS\system32\ati2sgag.exe 2007-08-02 13:53 <KANSIO> d-------- C:\ATI 2007-08-02 12:00 <KANSIO> d-------- C:\WINDOWS\A1C4EE2BDF144488BC8AF9336D588E97.TMP 2007-07-31 17:13 90,112 --a------ C:\WINDOWS\unvise32.exe 2007-07-28 12:24 94,208 --a------ C:\WINDOWS\DIIUnin.exe 2007-07-28 12:24 2,829 --a------ C:\WINDOWS\DIIUnin.pif 2007-07-28 12:24 17,199 --a------ C:\WINDOWS\DIIUnin.dat (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-08-12 14:59 --------- d-------- C:\Program Files\mIRC 2007-08-11 14:26 --------- d-------- C:\Program Files\AutoIt3 2007-08-09 21:34 --------- d-------- C:\DOCUME~1\Omistaja\APPLIC~1\uTorrent 2007-08-09 13:26 --------- d-------- C:\Program Files\SwiftSwitch 2007-08-08 19:00 --------- d-------- C:\Program Files\Apophysis 2.0 2007-08-08 16:17 --------- d--h----- C:\Program Files\InstallShield Installation Information 2007-08-08 14:04 97239 --a------ C:\WINDOWS\system32\drivers\fwdrv.err 2007-08-06 10:09 --------- d-------- C:\DOCUME~1\Omistaja\APPLIC~1\Lavasoft 2007-08-06 10:08 --------- d-------- C:\Program Files\Common Files\Wise Installation Wizard 2007-08-02 13:55 --------- d-------- C:\Program Files\ATI Technologies 2007-07-31 17:13 3580 --a------ C:\WINDOWS\system32\d3d9caps.dat 2007-07-31 13:35 21840 --a----t- C:\WINDOWS\system32\SIntfNT.dll 2007-07-31 13:35 17212 --a----t- C:\WINDOWS\system32\SIntf32.dll 2007-07-31 13:35 12067 --a----t- C:\WINDOWS\system32\SIntf16.dll 2007-07-30 19:15 --------- d-------- C:\DOCUME~1\Omistaja\APPLIC~1\AdobeUM 2007-07-30 19:13 --------- d-------- C:\DOCUME~1\Omistaja\APPLIC~1\Real 2007-07-28 14:33 43656 --a------ C:\WINDOWS\War3Unin.dat 2007-07-28 14:29 2829 --a------ C:\WINDOWS\War3Unin.pif 2007-07-28 14:29 126976 --a------ C:\WINDOWS\War3Unin.exe 2007-07-28 00:07 783224 --a------ C:\WINDOWS\system32\aswBoot.exe 2007-07-28 00:02 94416 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys 2007-07-28 00:02 92848 --a------ C:\WINDOWS\system32\drivers\aswmon.sys 2007-07-28 00:00 23152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys 2007-07-27 23:59 42912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys 2007-07-27 23:58 26624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys 2007-07-27 23:57 95608 --a------ C:\WINDOWS\system32\AVASTSS.scr 2007-07-27 21:12 94126 --a------ C:\WINDOWS\system32\perfc00B.dat 2007-07-27 21:12 423854 --a------ C:\WINDOWS\system32\perfh00B.dat 2007-07-27 14:36 --------- d-------- C:\Program Files\Windows Live Safety Center 2007-07-08 22:57 --------- d-------- C:\DOCUME~1\Omistaja\APPLIC~1\Vso 2007-07-08 22:37 --------- d-------- C:\Program Files\Webteh 2007-07-08 22:08 87608 --a------ C:\DOCUME~1\Omistaja\APPLIC~1\inst.exe 2007-07-08 22:08 47360 --a------ C:\WINDOWS\system32\drivers\pcouffin.sys 2007-07-08 22:08 47360 --a------ C:\DOCUME~1\Omistaja\APPLIC~1\pcouffin.sys 2007-07-08 22:08 --------- d-------- C:\Program Files\VSO 2007-07-06 17:52 --------- d-------- C:\Program Files\uTorrent 2007-06-30 19:36 --------- d-------- C:\Program Files\Common Files\Bcgsoft 2007-06-28 14:54 --------- d-------- C:\DOCUME~1\Omistaja\APPLIC~1\Skype 2007-06-28 09:42 --------- d-------- C:\Program Files\Winamp 2007-06-28 09:30 --------- d-------- C:\DOCUME~1\Omistaja\APPLIC~1\Media Player Classic 2007-06-28 09:29 --------- d-------- C:\Program Files\K-Lite Codec Pack 2007-06-25 11:59 --------- d-------- C:\Program Files\PHP 2007-06-03 13:31 10752 --a------ C:\WINDOWS\system32\ff_vfw.dll 2007-05-31 07:44 740442 --a------ C:\WINDOWS\system32\divx.dll 2007-05-28 18:40 98304 --a------ C:\WINDOWS\system32\CmdLineExt.dll 2007-05-16 17:14 86528 -----c--- C:\WINDOWS\system32\dllcache\directdb.dll 2007-05-16 17:14 85504 -----c--- C:\WINDOWS\system32\dllcache\wabimp.dll 2007-05-16 17:14 683520 --a------ C:\WINDOWS\system32\inetcomm.dll 2007-05-16 17:14 683520 -----c--- C:\WINDOWS\system32\dllcache\inetcomm.dll 2007-05-16 17:14 510976 -----c--- C:\WINDOWS\system32\dllcache\wab32.dll 2007-05-16 17:14 1314816 -----c--- C:\WINDOWS\system32\dllcache\msoe.dll 2007-05-07 08:44 58536 --a------ C:\DOCUME~1\Omistaja\APPLIC~1\GDIPFONTCACHEV1.DAT 2005-02-22 09:50 2908768 --a------ C:\Program Files\ppview97.exe ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 15:04] "HotKeysCmds"="C:\WINDOWS\System32\hkcmd.exe" [2003-04-07 06:07] "CamMonitor"="c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe" [2002-10-07 06:23] "StorageGuard"="C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-02-13 07:01] "Home Theater SchSvr"="C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe" [2003-08-08 14:51] "Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2002-09-13 20:42] "NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [2003-05-02 22:19] "nwiz"="nwiz.exe" [2003-05-02 22:19 C:\WINDOWS\system32\nwiz.exe] "ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2003-07-19 21:10] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 09:50] "AlcxMonitor"="ALCXMNTR.EXE" [2003-04-03 19:35 C:\WINDOWS\ALCXMNTR.EXE] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-04-04 18:14] "EPSON Stylus DX4200 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEE.exe" [2005-08-16 17:56] "Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-06 22:46] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-07-28 00:03] "SsAAD.exe"="C:\DOCUME~1\Omistaja\OMATTI~1\HANNAN~1\SONICS~1\SsAAD.exe" [2005-01-24 18:58] "WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2004-12-20 20:41] "ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 16:41] "AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2007-08-06 10:06] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BackupNotify"="c:\Program Files\Hewlett-Packard\Digital Imaging\bin\backupnotify.exe" [2003-06-22 20:25] "NVIEW"="nview.dll,nViewLoadHook" [] "Steam"="H:\Valve\Steam\Steam.exe" [2007-06-28 09:08] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-09-15 01:12] "SsAAD.exe"="I:\ALEKSI~1\SsAAD.exe" [] "EPSON Stylus DX4200 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEE.exe" [2005-08-16 17:56] "CTSyncU.exe"="C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe" [] "Gadwin PrintScreen 3.5"="C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe" [2006-07-08 10:57] "Data Secure"="C:\APPS\DataSecure\PBBckupUI.exe" [2005-04-26 11:51] C:\Documents and Settings\All Users\K„ynnist„-valikko\Ohjelmat\K„ynnistys\ Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2006-09-10 08:30:33] Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 21:05:26] HP Digital Imaging Monitor.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe [2003-06-13 03:08:16] WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE [2004-10-12 18:22:16] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] "Notification Packages"= :\WINDOWS\syste R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x);C:\WINDOWS\system32\drivers\sfsync02.sys R1 fwdrv;Firewall Driver;C:\WINDOWS\system32\drivers\fwdrv.sys R1 khips;Kerio HIPS Driver;C:\WINDOWS\system32\drivers\khips.sys R2 enodpl;enodpl;C:\WINDOWS\system32\drivers\enodpl.sys R2 SPF4;Sunbelt Personal Firewall 4;"C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe" R2 SQLBrowser;SQL Server Browser;"C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe" R2 SQLWriter;SQL Server VSS Writer;"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe" R2 tandpl;tandpl;C:\WINDOWS\system32\drivers\tandpl.sys R3 BridgeMP;MAC Bridge Miniport;C:\WINDOWS\system32\DRIVERS\bridge.sys R3 NVENET;NVIDIA nForce MCP Networking Controller Driver;C:\WINDOWS\system32\DRIVERS\NVENET.sys R3 Ps2;PS2;C:\WINDOWS\system32\DRIVERS\PS2.sys R3 USB_RNDIS;USB Remote NDIS Network Device Driver;C:\WINDOWS\system32\DRIVERS\usb8023k.sys S1 wceusbsh;Windows CE USB Serial Host Driver;C:\WINDOWS\system32\DRIVERS\wceusbsh.sys S3 Bridge;MAC-silta;C:\WINDOWS\system32\DRIVERS\bridge.sys S3 EagleNT;EagleNT;\??\C:\WINDOWS\system32\drivers\EagleNT.sys S3 Imapi Helper;Imapi Helper;"C:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe" S3 oflpydin;oflpydin;\??\C:\DOCUME~1\Omistaja\LOCALS~1\Temp\oflpydin.sys S3 PcdrNt;PcdrNt;C:\WINDOWS\system32\drivers\PcdrNt.sys S3 PentaxUsb;PENTAX Optio 50L on USB;C:\WINDOWS\system32\DRIVERS\CoachUsb.sys S3 PentaxVc;PENTAX Optio 50L Video Capture;C:\WINDOWS\system32\DRIVERS\CoachVc.sys S3 XDva024;XDva024;\??\C:\WINDOWS\system32\XDva024.sys [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] Usnsvc usnsvc ************************************************************************** catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-08-12 19:35:18 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... ? [2312] scanning hidden registry entries ... [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\\x00ffc\xd3w\2] "b049C053C7D38EE4AB9A00CB3B5D2472"="C?\Program Files\Common Files\Microsoft Shared\Web Folders\PUBPLACE.HTT" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher] "TracesProcessed"=dword:000005bb scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** Completion time: 2007-08-12 19:37:36 C:\ComboFix-quarantined-files.txt ... 2007-08-12 19:37 --- E O F ---
Tässäpä tämä. Logfile of HijackThis v1.99.1 Scan saved at 19:54:49, on 12.8.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\windows\system\hpsysdrv.exe C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\ALCXMNTR.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\DOCUME~1\Omistaja\OMATTI~1\HANNAN~1\SONICS~1\SsAAD.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe H:\Valve\Steam\Steam.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEE.EXE C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe C:\APPS\DataSecure\PBBckupUI.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\notepad.exe C:\hjt\Scanner.exe.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mtv3.fi/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://koti.saunalahti.fi R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ycomp_wave/defaults/su/*http://www.yahoo.com R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: HP-näkymä - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpdtlk02.dll O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_19_0.dll (file missing) O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r O4 - HKLM\..\Run: [Home Theater SchSvr] "C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe" O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [EPSON Stylus DX4200 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEE.EXE /P26 "EPSON Stylus DX4200 Series" /O6 "USB001" /M "Stylus DX4200" O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [SsAAD.exe] C:\DOCUME~1\Omistaja\OMATTI~1\HANNAN~1\SONICS~1\SsAAD.exe O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKCU\..\Run: [BackupNotify] c:\Program Files\Hewlett-Packard\Digital Imaging\bin\backupnotify.exe O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook O4 - HKCU\..\Run: [Steam] "H:\Valve\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [SsAAD.exe] I:\ALEKSI~1\SsAAD.exe O4 - HKCU\..\Run: [EPSON Stylus DX4200 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEE.EXE /P26 "EPSON Stylus DX4200 Series" /M "Stylus DX4200" /EF "HKCU" O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe" O4 - HKCU\..\Run: [Gadwin PrintScreen 3.5] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash O4 - HKCU\..\Run: [Data Secure] C:\APPS\DataSecure\PBBckupUI.exe /HIDDEN O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O14 - IERESET.INF: START_PAGE_URL=http://koti.saunalahti.fi O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F98} - http://www.miniclip.com/puzzlepirates/miniclipGameLoader.dll O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_44.cab O16 - DPF: {48884C41-EFAC-433D-958A-9FADAC41408E} (EGamesPlugin Class) - https://www.e-games.com.my/com/EGamesPlugin.cab O16 - DPF: {5BDBD95C-1E7F-4FB1-8497-20AF879F8B68} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/fi/filesharingctrl.cab O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1158248595500 O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - http://launch.gamespyarcade.com/software/launch/alaunch.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~2\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~2\MSGRAP~1.DLL O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FileZilla Server FTP server (FileZilla Server) - Unknown owner - h:\Program Files\FileZilla Server\FileZilla Server.exe (file missing) O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Imapi Helper - Alex Feinman - C:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS (file missing) O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
Riittääks jos se ei ole käytössä? Ja onko toi ALCXMNTR.EXE mitenkään haitallinen? Ku katoin jostai netistä, mut en saanu oikein selvää vastausta.
joo.. oisit heti vaa voinu sanoo Ajetaanpas blacklightia. Lataa ja tallenna Blacklight työpöydällesi; Tupla-klikkaa fsbl.exe, hyväksy sopimus, klikkaa -> Scan, sitten -> Next Näet listan kaikesta mitä löytyi. Työpöydällesi myös ilmestyy loki jonka nimi on fsbl.xxxxxxx.log (xxxxxxx;n tilalla on luultavimmin numeroita). Kopioi ja liitä tämä loki seuraavaan vastaukseesi. Älä valitse "Rename" optiota vielä! Haluamme nähdä login ensin, koska hyviä tiedostoja saattaa olla mukana, kuten "wbemtest.exe".
Pitäiskö sen näyttää tältä? 08/12/07 20:16:37 [Info]: BlackLight Engine 1.0.64 initialized 08/12/07 20:16:37 [Info]: OS: 5.1 build 2600 (Service Pack 2) 08/12/07 20:16:38 [Note]: 7019 4 08/12/07 20:16:38 [Note]: 7005 0 08/12/07 20:16:48 [Note]: 7006 0 08/12/07 20:16:48 [Note]: 7011 172 08/12/07 20:16:48 [Note]: 7026 0 08/12/07 20:16:48 [Note]: 7026 0 08/12/07 20:16:52 [Note]: FSRAW library version 1.7.1022 08/12/07 20:30:41 [Note]: 2000 1012 08/12/07 20:30:41 [Note]: 2000 1012 08/12/07 20:30:41 [Note]: 2000 1012 08/12/07 20:30:42 [Note]: 2000 1012 08/12/07 20:30:42 [Note]: 2000 1012 08/12/07 20:30:42 [Note]: 2000 1012 08/12/07 20:30:42 [Note]: 2000 1012 08/12/07 20:30:42 [Note]: 2000 1012 08/12/07 20:30:42 [Note]: 2000 1012 08/12/07 20:30:42 [Note]: 2000 1012 08/12/07 20:30:42 [Note]: 2000 1012 08/12/07 20:30:42 [Note]: 2000 1012 08/12/07 20:30:42 [Note]: 2000 1012 08/12/07 20:30:42 [Note]: 2000 1012 08/12/07 20:30:42 [Note]: 2000 1012 08/12/07 20:30:42 [Note]: 2000 1012 08/12/07 20:30:42 [Note]: 2000 1012 08/12/07 20:30:42 [Note]: 2000 1012 08/12/07 20:30:42 [Note]: 2000 1012 08/12/07 20:30:42 [Note]: 2000 1012 08/12/07 20:30:42 [Note]: 2000 1012 08/12/07 20:30:42 [Note]: 2000 1012 08/12/07 20:30:42 [Note]: 2000 1012 08/12/07 20:30:42 [Note]: 2000 1012 08/12/07 20:30:42 [Note]: 2000 1012 08/12/07 20:30:42 [Note]: 2000 1012 08/12/07 20:30:42 [Note]: 2000 1012 08/12/07 20:30:42 [Note]: 2000 1012 08/12/07 20:30:42 [Note]: 2000 1012 08/12/07 20:30:42 [Note]: 2000 1012 08/12/07 20:30:42 [Note]: 2000 1012 08/12/07 20:30:42 [Note]: 2000 1012 08/12/07 20:30:42 [Note]: 2000 1012 08/12/07 20:30:42 [Note]: 2000 1012 08/12/07 20:30:42 [Note]: 2000 1012 08/12/07 20:30:42 [Note]: 2000 1012 08/12/07 20:30:42 [Note]: 2000 1012 08/12/07 20:30:42 [Note]: 2000 1012 08/12/07 20:30:42 [Note]: 2000 1012 08/12/07 20:30:42 [Note]: 2000 1012 08/12/07 20:32:23 [Note]: 7007 0
kurkataa viel täll Kaspersky online-skanneri Skannaa koneesi Kaspersky Online Skannerilla Sinulta kysytään sallitko ActiveX -komponentin asentamisen Kasperskyltä, klikkaa Kyllä. [*] Ohjelma käynnistyy ja aloittaa viimeisimpien tunnistetiedostojen lataamisen. [*] Kun skanneri on asennettu ja tunnistetiedot ladattu, klikkaa Next. [*] Klikkaa nyt asetuksia, Scan Settings [*] Tarkista asetuksista, että seuraavat ovat valittuina: o Scan using the following Anti-Virus database: + Extended (Jos valittavissa, muuten valitse Standard) o Scan Options: + Scan Archives + Scan Mail Bases [*] Klikkaa OK [*] Nyt valitse "select a target to scan" otsikon alta Oma Tietokone, My Computer [*] Skannaus vie aikaa, joten ole kärsivällinen. Kun skannaus on valmis saat ilmoituksen, jos koneesi on saastunut. [*] Klikkaa nyt Save as Text-painiketta. [*] Tallenna tiedosto työpöydällesi. [*] Kopioi ja Liitä tiedoston sisältö seuraavaan vastaukseesi.
kyllä noi servicet tuolla virustorjunnassa taistelee keskenään viskaa vain se toinen pois Myös käynnistyvissä kunpikin virustorjunta nahistelee keskenään. ja kone hidas kun sitä mälvää. ja fixsaa tuokin pois älä sitä säästele se on spywarea O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE ================== Lisäksi tuolla on vanhoja javoja poista noi lisää poista sovelutuksesta J2SE Runtime Environment 5.0 Update 10 J2SE Runtime Environment 5.0 Update 9 Java 2 Runtime Environment, SE v1.4.1_02 Java(TM) SE Runtime Environment 6 Update 1 ================ uuusi hjt:n loki sen jälkeen
