Miten saan poistettua tiedoston+ hjt-loki

pixies · Jul 14, 2007

"O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe"

Tuon haluan ainakin poistaa,mutta kone ei anna. Asensin ohjelman jatuo tuli yllätyksenä mukana+ 5 troijalaistajotka f-secure torjui.Mitäs muutapitää poistaa.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:23:45, on 14.7.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\F-Secure Internet Security\Common\FSM32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\F-SECU~1\backweb\4476822\Program\SERVIC~1.EXE
C:\Program Files\F-Secure Internet Security\Anti-Virus\fsgk32st.exe
C:\Program Files\F-Secure Internet Security\backweb\4476822\program\fsbwsys.exe
C:\Program Files\F-Secure Internet Security\Anti-Virus\FSGK32.EXE
C:\Program Files\F-Secure Internet Security\Common\FSMA32.EXE
C:\Program Files\F-Secure Internet Security\Anti-Virus\fssm32.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\F-Secure Internet Security\Common\FSMB32.EXE
C:\Program Files\F-Secure Internet Security\backweb\4476822\Program\fspex.exe
C:\Program Files\F-Secure Internet Security\Common\FCH32.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\F-Secure Internet Security\Common\FAMEH32.EXE
C:\Program Files\F-Secure Internet Security\Anti-Virus\fsqh.exe
C:\Program Files\F-Secure Internet Security\Anti-Virus\fsrw.exe
C:\Program Files\F-Secure Internet Security\FSPC\fspc.exe
C:\Program Files\F-Secure Internet Security\FWES\Program\fsdfwd.exe
C:\Program Files\F-Secure Internet Security\Anti-Virus\fsav32.exe
C:\PROGRA~1\F-SECU~1\ANTI-S~1\fsaw.exe
C:\Program Files\F-Secure Internet Security\FSGUI\fsguidll.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure Internet Security\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure Internet Security\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\F-Secure Internet Security\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_07] cmd.exe /c md "%USERPROFILE%\Local Settings\Temp" (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_08] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_09] rundll32 advpack.dll,LaunchINFSection nlite.inf,nLiteReg (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_10] rundll32 advpack.dll,LaunchINFSection nlite.inf,S (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nlpo_07] cmd.exe /c md "%USERPROFILE%\Local Settings\Temp" (User 'NETWORK SERVICE')
O4 - Global Startup: F-Secure 2006.lnk = C:\Program Files\F-Secure Internet Security\backweb\4476822\Program\fspex.exe
O8 - Extra context menu item: &Estä tämä kohoikkuna - C:\Program Files\F-Secure Internet Security\Anti-Spyware\blockpopups.htm
O9 - Extra button: Web-suodatin - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure Internet Security\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\F-Secure Internet Security\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Web-suodatin - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\F-Secure Internet Security\FSPC\fspcmsie.dll
O9 - Extra button: IE-suojaus - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure Internet Security\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: IE-suojaus... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure Internet Security\Anti-Spyware\ieshield.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: F-Secure 2006 (BackWeb Plug-in - 4476822) - F-Secure Internet Security 2005 - C:\PROGRA~1\F-SECU~1\backweb\4476822\Program\SERVIC~1.EXE
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\F-Secure Internet Security\backweb\4476822\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure HTTP Server (fshttps) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\FSPC\fshttps\fshttps.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\Common\FSMA32.EXE
O23 - Service: iPod-palvelu (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

--
End of file - 7087 bytes

Auttaja · Jul 14, 2007

Moi, tuo palvelu on ihan ok. F-secure luultavasti vaan valitti ohjelman mukana tulevasta mainosohjelmasta

=======

Lataa Deckard's System Scanner Työpöydällesi.

Huomioi: Sinulla tulee olla Järjestelmänvalvojan oikeudet ajaaksesi ohjelman.

[*]Sulje kaikki avoimet ikkunat ja ohjelmat.
[*]Tupla Klikkaa Dss.exe tiedostoa ajaaksesi ohjelman, seuraa ohjeita.
[*]Kun Scannaus on valmis 2 textitiedostoa pitäisi avautua, Main.txt ja extra.txt
[*]Näppäile Kopioi ( CTRL+A -> CTRL + C ) ja liitä ( CTRL + V )
[*]kopioi ja liitä Extra.txt & Main.txt sisältö seuraavaan vastaukseesi.

pixies · Jul 15, 2007

Tämmöstä tuli ulos:

Deckard's System Scanner v20070711.54
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: Intel(R) Pentium(R) 4 CPU 2.40GHz
Percentage of Memory in Use: 68%
Physical Memory (total/avail): 511.49 MiB / 160.16 MiB
Pagefile Memory (total/avail): 1249.69 MiB / 934.27 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1960.79 MiB

A: is Removable (No Media)
C: is Fixed (NTFS) - 57.24 GiB total, 41.19 GiB free.
D: is Fixed (NTFS) - 57.25 GiB total, 14.13 GiB free.
E: is CDROM (Unformatted)
F: is CDROM (Unformatted)
Z: is Fixed (Ext2) - 74.9 GiB total, 55.02 GiB free.

-- Security Center -------------------------------------------------------------

AUOptions is set to notify before download.
Windows Internal Firewall is disabled.

FirstRunDisabled is set.

FW: F-Secure Internet Security 2006 6.10 v6.10 (F-Secure Corporation)
AV: F-Secure Internet Security 2006 6.10 v6.10 (F-Secure Corporation)

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabledxpsp2res.dll,-22019"
"C:\\Program Files\\F-Secure Internet Security\\backweb\\4476822\\Program\\fspex.exe"="C:\\Program Files\\F-Secure Internet Security\\backweb\\4476822\\Program\\fspex.exe:*:Enabled:F-Secure 2006"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:MSN Messenger 7.5"

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabledxpsp2res.dll,-22019"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\BitLord\\BitLord.exe"="C:\\Program Files\\BitLord\\BitLord.exe:*:Enabled:BitLord"
"C:\\Program Files\\F-Secure Internet Security\\backweb\\4476822\\Program\\fspex.exe"="C:\\Program Files\\F-Secure Internet Security\\backweb\\4476822\\Program\\fspex.exe:*:Enabled:F-Secure 2006"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:MSN Messenger 7.5"

-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Mikko Itkonen\Application Data
CLASSPATH=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=MIGIMBO
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Mikko Itkonen
LOGONSERVER=\\MIGIMBO
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\Program Files\Mozilla Firefox;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 2 Stepping 7, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0207
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\QuickTime\QTSystem\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\MIKKOI~1\LOCALS~1\Temp
TMP=C:\DOCUME~1\MIKKOI~1\LOCALS~1\Temp
USERDOMAIN=MIGIMBO
USERNAME=Mikko Itkonen
USERPROFILE=C:\Documents and Settings\Mikko Itkonen
windir=C:\WINDOWS

-- User Profiles ---------------------------------------------------------------

Mikko Itkonen (admin)

-- Add/Remove Programs ---------------------------------------------------------

--> "C:\Program Files\F-Secure Internet Security\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Spyware Scanner"
--> "C:\Program Files\F-Secure Internet Security\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Spyware"
--> "C:\Program Files\F-Secure Internet Security\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Virus Client Security Installer"
--> "C:\Program Files\F-Secure Internet Security\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Virus"
--> "C:\Program Files\F-Secure Internet Security\fsuninst.exe" /UninstRegKey:"F-Secure DAAS"
--> "C:\Program Files\F-Secure Internet Security\fsuninst.exe" /UninstRegKey:"F-Secure Diagnostics"
--> "C:\Program Files\F-Secure Internet Security\fsuninst.exe" /UninstRegKey:"F-Secure E-mail Scanning"
--> "C:\Program Files\F-Secure Internet Security\fsuninst.exe" /UninstRegKey:"F-Secure FWES"
--> "C:\Program Files\F-Secure Internet Security\fsuninst.exe" /UninstRegKey:"F-Secure GUI"
--> "C:\Program Files\F-Secure Internet Security\fsuninst.exe" /UninstRegKey:"F-Secure Help"
--> "C:\Program Files\F-Secure Internet Security\fsuninst.exe" /UninstRegKey:"F-Secure Internet Shield"
--> "C:\Program Files\F-Secure Internet Security\fsuninst.exe" /UninstRegKey:"F-Secure Management Agent"
--> "C:\Program Files\F-Secure Internet Security\fsuninst.exe" /UninstRegKey:"F-Secure Spam Control"
--> "C:\Program Files\F-Secure Internet Security\fsuninst.exe" /UninstRegKey:"F-Secure Spam Scanner"
--> "C:\Program Files\F-Secure Internet Security\fsuninst.exe" /UninstRegKey:"F-Secure TNB"
--> "C:\Program Files\F-Secure Internet Security\fsuninst.exe" /UninstRegKey:"F-Secure Web Filter"
--> C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
--> C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
--> C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
--> C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
--> C:\WINDOWS\UNNeroVision.exe /UNINSTALL
--> C:\WINDOWS\UNRecode.exe /UNINSTALL
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.0 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81000000003}
Apple Mobile Device Support -tuki --> MsiExec.exe /I{A43B2A2F-1DB5-47F9-A608-F11A4835D7CB}
Apple Software Update --> MsiExec.exe /I{74EC78BC-B379-4E29-9006-8F161DCAABA6}
Avance AC'97 Audio --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" REMOVE
BitLord 1.1 --> C:\Program Files\BitLord\uninst.exe
CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
DScaler 4.1.15 --> "C:\Program Files\DScaler\unins000.exe"
Ext2 IFS 1.10c for Windows XP --> RunDll32 setupapi.dll,InstallHinfSection DefaultUninstall 130 Ext2Ifs_for_NT501.inf
F-Secure Internet Security 2006 --> C:\PROGRA~1\F-SECU~1\Common\fsbwih.exe /uninstall
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
iTunes --> MsiExec.exe /I{9357AE3A-B2ED-4138-BB9B-0564352C3F0A}
Mozilla Firefox (2.0.0.4) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSN Messenger 7.5 --> MsiExec.exe /I{CEB3A11A-03EA-11DA-BFBD-00065BBDC0B5}
Nero 7 --> MsiExec.exe /X{A20A58C4-6784-4B4B-86CC-94E2E3671033}
neroxml --> MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NVIDIA Drivers --> C:\WINDOWS\system32\nvudisp.exe UninstallGUI
QuickTime --> MsiExec.exe /I{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}
VideoLAN VLC media player 0.8.6c --> C:\Program Files\VideoLAN\VLC\uninstall.exe
Winamp (remove only) --> "C:\Program Files\Winamp\UninstWA.exe"
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
Yahoo! Install Manager --> C:\WINDOWS\system32\regsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~1.DLL
Yahoo! Toolbar --> C:\PROGRA~1\Yahoo!\Common\unyt.exe

-- End of Deckard's System Scanner: finished at 2007-07-15 at 11:13:56 ---------

Deckard's System Scanner v20070711.54
Run by Mikko Itkonen on 2007-07-15 at 11:11:52
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.

-- Last 5 Restore Point(s) --
16: 2007-07-15 15:11:56 UTC - RP16 - Deckard's System Scanner Restore Point
15: 2007-07-14 21:13:48 UTC - RP15 - Software Distribution Service 3.0
14: 2007-07-14 20:15:23 UTC - RP14 - Software Distribution Service 3.0
13: 2007-07-14 18:52:09 UTC - RP13 - Installed Nero 7
12: 2007-07-14 18:46:39 UTC - RP12 - Installed DirectX

-- First Restore Point --
1: 2007-07-11 20:50:09 UTC - RP1 - System Checkpoint

Backed up registry hives.

Performed disk cleanup.

-- HijackThis (run as Mikko Itkonen.exe) ---------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:12:34, on 15.7.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\F-Secure Internet Security\Common\FSM32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\F-SECU~1\backweb\4476822\Program\SERVIC~1.EXE
C:\Program Files\F-Secure Internet Security\Anti-Virus\fsgk32st.exe
C:\Program Files\F-Secure Internet Security\backweb\4476822\program\fsbwsys.exe
C:\Program Files\F-Secure Internet Security\Anti-Virus\FSGK32.EXE
C:\Program Files\F-Secure Internet Security\backweb\4476822\Program\fspex.exe
C:\Program Files\F-Secure Internet Security\Common\FSMA32.EXE
C:\Program Files\F-Secure Internet Security\Common\FSMB32.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\F-Secure Internet Security\Anti-Virus\fssm32.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\Program Files\F-Secure Internet Security\Common\FCH32.EXE
C:\Program Files\F-Secure Internet Security\Common\FAMEH32.EXE
C:\Program Files\F-Secure Internet Security\Anti-Virus\fsqh.exe
C:\Program Files\F-Secure Internet Security\Anti-Virus\fsrw.exe
C:\Program Files\F-Secure Internet Security\FSPC\fspc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\F-Secure Internet Security\FWES\Program\fsdfwd.exe
C:\Program Files\F-Secure Internet Security\Anti-Virus\fsav32.exe
C:\PROGRA~1\F-SECU~1\ANTI-S~1\fsaw.exe
C:\Program Files\F-Secure Internet Security\FSGUI\fsguidll.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Mikko Itkonen\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Mikko Itkonen.exe

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure Internet Security\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure Internet Security\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\F-Secure Internet Security\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_07] cmd.exe /c md "%USERPROFILE%\Local Settings\Temp" (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_08] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_09] rundll32 advpack.dll,LaunchINFSection nlite.inf,nLiteReg (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_10] rundll32 advpack.dll,LaunchINFSection nlite.inf,S (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nlpo_07] cmd.exe /c md "%USERPROFILE%\Local Settings\Temp" (User 'NETWORK SERVICE')
O4 - Global Startup: F-Secure 2006.lnk = C:\Program Files\F-Secure Internet Security\backweb\4476822\Program\fspex.exe
O8 - Extra context menu item: &Estä tämä kohoikkuna - C:\Program Files\F-Secure Internet Security\Anti-Spyware\blockpopups.htm
O9 - Extra button: Web-suodatin - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure Internet Security\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\F-Secure Internet Security\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Web-suodatin - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\F-Secure Internet Security\FSPC\fspcmsie.dll
O9 - Extra button: IE-suojaus - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure Internet Security\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: IE-suojaus... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure Internet Security\Anti-Spyware\ieshield.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: F-Secure 2006 (BackWeb Plug-in - 4476822) - F-Secure Internet Security 2005 - C:\PROGRA~1\F-SECU~1\backweb\4476822\Program\SERVIC~1.EXE
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\F-Secure Internet Security\backweb\4476822\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure HTTP Server (fshttps) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\FSPC\fshttps\fshttps.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\Common\FSMA32.EXE
O23 - Service: iPod-palvelu (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

--
End of file - 7247 bytes

-- HijackThis Fixed Entries (C:\PROGRA~1\TRENDM~1\HIJACK~1\backups\) -----------

backup-20070714-172200-457 O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
backup-20070714-172216-920 O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

-- File Associations -----------------------------------------------------------

All associations okay.

-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 FSFW (F-Secure Firewall Driver) - c:\windows\system32\drivers\fsdfw.sys <Not Verified; F-Secure Corporation; F-Secure Anti-Virus Internet Shield>
R1 Ext2fs - c:\windows\system32\drivers\ext2fs.sys
R1 IfsDrives - c:\windows\system32\drivers\ifsdrives.sys
R2 F-Secure Filter (F-Secure File System Filter) - c:\program files\f-secure internet security\anti-virus\win2k\fsfilter.sys
R2 F-Secure Gatekeeper - c:\program files\f-secure internet security\anti-virus\win2k\fsgk.sys
R2 F-Secure Recognizer (F-Secure File System Recognizer) - c:\program files\f-secure internet security\anti-virus\win2k\fsrec.sys

S3 DSDrv4 - c:\program files\dscaler\dsdrv4.sys

-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
R2 BackWeb Plug-in - 4476822 (F-Secure 2006) - c:\progra~1\f-secu~1\backweb\4476822\program\servic~1.exe <Not Verified; F-Secure Internet Security 2005; RunnerEXE Application>
R2 fsbwsys - "c:\program files\f-secure internet security\backweb\4476822\program\fsbwsys.exe" <Not Verified; F-Secure Corp.; F-Secure BackWeb>
R2 F-Secure Gatekeeper Handler Starter (FSGKHS) - "c:\program files\f-secure internet security\anti-virus\fsgk32st.exe" <Not Verified; F-Secure Corporation; F-Secure Corp. Startup service>
R2 FSMA - "c:\program files\f-secure internet security\common\fsma32.exe" <Not Verified; F-Secure Corporation; F-Secure Management Agent>
R3 FSDFWD (F-Secure Anti-Virus Firewall Daemon) - "c:\program files\f-secure internet security\fwes\program\fsdfwd.exe" <Not Verified; F-Secure Corporation; F-Secure Anti-Virus Internet Shield>
R3 fshttps (F-Secure HTTP Server) - "c:\program files\f-secure internet security\fspc\fshttps\fshttps.exe" <Not Verified; F-Secure Corporation; F-Secure Parental Control>

S3 NBService - c:\program files\nero\nero 7\nero backitup\nbservice.exe

-- Scheduled Tasks -------------------------------------------------------------

2007-07-15 11:03:58 568 --a------ C:\WINDOWS\Tasks\Scheduled scanning task.job
2007-07-11 17:05:40 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job

-- Files created between 2007-06-15 and 2007-07-15 -----------------------------

2007-07-15 11:08:05 0 d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2007-07-14 17:20:14 0 d-------- C:\Program Files\Trend Micro
2007-07-14 16:56:24 0 dr-h----- C:\Documents and Settings\Mikko Itkonen\Recent
2007-07-14 16:54:08 0 d-------- C:\Program Files\Yahoo!
2007-07-14 16:53:59 0 d-------- C:\Program Files\CCleaner
2007-07-14 16:34:05 0 d-------- C:\Program Files\Alcohol Soft
2007-07-14 16:31:10 639224 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2007-07-14 14:58:57 0 d-------- C:\Documents and Settings\Mikko Itkonen\Application Data\Ahead
2007-07-14 14:57:07 0 d-------- C:\Documents and Settings\All Users\Application Data\Ahead
2007-07-14 14:52:32 0 d-------- C:\Program Files\Nero
2007-07-14 14:52:32 0 d-------- C:\Program Files\Common Files\Ahead
2007-07-14 14:52:32 0 d-------- C:\Documents and Settings\All Users\Application Data\Nero
2007-07-14 14:49:40 0 d-------- C:\WINDOWS\RegisteredPackages
2007-07-14 14:29:41 0 d-------- C:\Program Files\MagicISO
2007-07-14 06:56:10 0 d-------- C:\Program Files\MSN Messenger
2007-07-14 05:33:33 0 d-------- C:\Program Files\Winamp
2007-07-14 05:09:22 0 d-------- C:\Documents and Settings\Mikko Itkonen\Application Data\F-Secure
2007-07-14 05:01:06 33584 --a------ C:\WINDOWS\system32\drivers\fsndis5.sys <Not Verified; F-Secure Corporation; F-Secure Anti-Virus Internet Shield>
2007-07-14 05:01:06 70864 --a------ C:\WINDOWS\system32\drivers\fsdfw.sys <Not Verified; F-Secure Corporation; F-Secure Anti-Virus Internet Shield>
2007-07-14 05:00:59 1691648 --a------ C:\WINDOWS\system32\winsflte.dll <Not Verified; PureSight Inc; PureSight Classification SDK>
2007-07-14 05:00:59 1155072 --a------ C:\WINDOWS\system32\winsflt.dll
2007-07-14 05:00:59 1216512 --a------ C:\WINDOWS\system32\cfgmig32.dll
2007-07-14 05:00:59 0 d-------- C:\WINDOWS\rnapxs
2007-07-14 05:00:57 0 d-------- C:\Documents and Settings\All Users\Application Data\F-Secure
2007-07-14 04:58:54 0 d-------- C:\Program Files\F-Secure Internet Security
2007-07-14 04:56:30 0 d-------- C:\Documents and Settings\All Users\Application Data\Avg7
2007-07-14 04:52:22 0 d-------- C:\Program Files\BitLord
2007-07-14 04:47:04 0 d-------- C:\Documents and Settings\Mikko Itkonen\Application Data\WinRAR
2007-07-12 13:53:27 200704 --a------ C:\WINDOWS\system32\IfsDrives.dll <Not Verified; Stephan Schreiber; IFS for Windows>
2007-07-12 13:53:27 4608 --a------ C:\WINDOWS\system32\drivers\IfsDrives.sys
2007-07-12 13:53:27 132736 --a------ C:\WINDOWS\system32\drivers\ext2fs.sys
2007-07-11 23:43:22 0 d-------- C:\WINDOWS\SoftwareDistribution
2007-07-11 23:43:12 0 d---s---- C:\WINDOWS\system32\Microsoft
2007-07-11 23:43:12 0 d-------- C:\WINDOWS\Prefetch
2007-07-11 23:43:11 229376 --ah----- C:\Documents and Settings\LocalService\NTUSER.DAT
2007-07-11 23:43:11 0 d--h----- C:\Documents and Settings\LocalService\Local Settings
2007-07-11 23:43:11 0 d---s---- C:\Documents and Settings\LocalService\Cookies
2007-07-11 23:43:11 0 d-------- C:\Documents and Settings\LocalService\Application Data
2007-07-11 23:43:11 0 d---s---- C:\Documents and Settings\LocalService\Application Data\Microsoft
2007-07-11 23:43:02 229376 --ah----- C:\Documents and Settings\NetworkService\NTUSER.DAT
2007-07-11 23:43:02 0 d--h----- C:\Documents and Settings\NetworkService\Local Settings
2007-07-11 23:43:02 0 d---s---- C:\Documents and Settings\NetworkService\Cookies
2007-07-11 23:43:02 0 d-------- C:\Documents and Settings\NetworkService\Application Data
2007-07-11 23:43:02 0 d---s---- C:\Documents and Settings\NetworkService\Application Data\Microsoft
2007-07-11 23:38:49 0 d-------- C:\WINDOWS\system32\xircom
2007-07-11 23:38:49 0 d-------- C:\Program Files\microsoft frontpage
2007-07-11 23:38:31 229376 ---h----- C:\Documents and Settings\Default User\NTUSER.DAT
2007-07-11 23:38:23 0 -rahs---- C:\MSDOS.SYS
2007-07-11 23:38:23 0 -rahs---- C:\IO.SYS
2007-07-11 23:38:23 0 --a------ C:\CONFIG.SYS
2007-07-11 23:38:23 0 --a------ C:\AUTOEXEC.BAT
2007-07-11 23:36:53 0 d--hs---- C:\Documents and Settings\All Users\DRM
2007-07-11 23:36:40 0 dr------- C:\WINDOWS\Offline Web Pages
2007-07-11 23:36:39 0 d---s---- C:\WINDOWS\Downloaded Program Files
2007-07-11 23:36:27 0 d--h----- C:\Program Files\WindowsUpdate
2007-07-11 23:36:22 0 d-------- C:\Program Files\Online Services
2007-07-11 23:36:06 0 d-------- C:\WINDOWS\system32\DirectX
2007-07-11 23:35:38 0 d---s---- C:\WINDOWS\Tasks
2007-07-11 23:35:38 0 d-------- C:\Program Files\Common Files\MSSoap
2007-07-11 23:35:35 0 d-------- C:\WINDOWS\srchasst
2007-07-11 23:35:34 0 d-------- C:\WINDOWS\system32\Macromed
2007-07-11 23:35:27 0 d-------- C:\Program Files\Movie Maker
2007-07-11 23:35:21 0 d-------- C:\WINDOWS\system32\Restore
2007-07-11 23:34:37 21640 --a------ C:\WINDOWS\system32\emptyregdb.dat
2007-07-11 23:34:19 0 d-------- C:\WINDOWS\Registration
2007-07-11 23:34:03 0 d-------- C:\Program Files\MSN Gaming Zone
2007-07-11 23:33:40 0 d-------- C:\Program Files\Windows NT
2007-07-11 23:33:37 0 d-------- C:\WINDOWS\system32\MsDtc
2007-07-11 23:33:36 0 d-------- C:\WINDOWS\system32\Com
2007-07-11 19:23:30 0 d--hs---- C:\WINDOWS\Installer
2007-07-11 19:23:29 0 d-------- C:\Program Files\Common Files\ODBC
2007-07-11 19:23:26 0 d-------- C:\Program Files\Common Files\SpeechEngines
2007-07-11 19:23:25 0 dr------- C:\Program Files
2007-07-11 19:23:00 0 d--h----- C:\Documents and Settings\Default User\Templates
2007-07-11 19:23:00 0 dr------- C:\Documents and Settings\Default User\Start Menu
2007-07-11 19:23:00 0 dr-h----- C:\Documents and Settings\Default User\SendTo
2007-07-11 19:23:00 0 d--h----- C:\Documents and Settings\Default User\Recent
2007-07-11 19:23:00 0 d--h----- C:\Documents and Settings\Default User\PrintHood
2007-07-11 19:23:00 0 d--h----- C:\Documents and Settings\Default User\NetHood
2007-07-11 19:23:00 0 d-------- C:\Documents and Settings\Default User\My Documents
2007-07-11 19:23:00 0 dr-h----- C:\Documents and Settings\Default User\Local Settings
2007-07-11 19:23:00 0 d-------- C:\Documents and Settings\Default User\Favorites
2007-07-11 19:23:00 0 d-------- C:\Documents and Settings\Default User\Desktop
2007-07-11 19:23:00 0 d---s---- C:\Documents and Settings\Default User\Cookies
2007-07-11 19:23:00 0 d--h----- C:\Documents and Settings\All Users\Templates
2007-07-11 19:23:00 0 dr------- C:\Documents and Settings\All Users\Start Menu
2007-07-11 19:23:00 0 d-------- C:\Documents and Settings\All Users\Favorites
2007-07-11 19:23:00 0 dr------- C:\Documents and Settings\All Users\Documents
2007-07-11 19:23:00 0 d-------- C:\Documents and Settings\All Users\Desktop
2007-07-11 19:22:46 0 d-------- C:\WINDOWS\system32\CatRoot2
2007-07-11 19:22:46 0 d-------- C:\WINDOWS\system32\CatRoot
2007-07-11 19:22:41 0 dr-h----- C:\Documents and Settings\Default User\Application Data
2007-07-11 19:22:41 0 d---s---- C:\Documents and Settings\Default User\Application Data\Microsoft
2007-07-11 19:22:40 0 dr-h----- C:\Documents and Settings\All Users\Application Data
2007-07-11 19:22:40 0 d---s---- C:\Documents and Settings\All Users\Application Data\Microsoft
2007-07-11 19:22:20 0 d-------- C:\Documents and Settings
2007-07-11 19:22:19 0 d--hs---- C:\System Volume Information
2007-07-11 19:17:49 0 d-------- C:\WINDOWS
2007-07-11 19:17:49 0 d-------- C:\WINDOWS\WinSxS
2007-07-11 19:17:49 0 dr------- C:\WINDOWS\Web
2007-07-11 19:17:49 0 d-------- C:\WINDOWS\twain_32
2007-07-11 19:17:49 0 d-------- C:\WINDOWS\system32
2007-07-11 19:17:49 0 d-------- C:\WINDOWS\system32\wins
2007-07-11 19:17:49 0 d-------- C:\WINDOWS\system32\wbem
2007-07-11 19:17:49 0 d-------- C:\WINDOWS\system32\usmt
2007-07-11 19:17:49 0 d-------- C:\WINDOWS\system32\spool
2007-07-11 19:17:49 0 d-------- C:\WINDOWS\system32\ShellExt
2007-07-11 19:17:49 0 d-------- C:\WINDOWS\system32\Setup
2007-07-11 19:17:49 0 d-------- C:\WINDOWS\system32\ras
2007-07-11 19:17:49 0 d-------- C:\WINDOWS\system32\oobe
2007-07-11 19:17:49 0 d-------- C:\WINDOWS\system32\npp
2007-07-11 19:17:49 0 d-------- C:\WINDOWS\system32\mui
2007-07-11 19:17:49 0 d-------- C:\WINDOWS\system32\inetsrv
2007-07-11 19:17:49 0 d-------- C:\WINDOWS\system32\IME
2007-07-11 19:17:49 0 d-------- C:\WINDOWS\system32\icsxml
2007-07-11 19:17:49 0 d-------- C:\WINDOWS\system32\ias
2007-07-11 19:17:49 0 d-------- C:\WINDOWS\system32\export
2007-07-11 19:17:49 0 d-------- C:\WINDOWS\system32\drivers
2007-07-11 19:17:49 0 d-------- C:\WINDOWS\system32\drivers\etc
2007-07-11 19:17:49 0 d-------- C:\WINDOWS\system32\drivers\disdn
2007-07-11 19:17:49 0 dr-hs--c- C:\WINDOWS\system32\dllcache
2007-07-11 19:17:49 0 d-------- C:\WINDOWS\system32\dhcp
2007-07-11 19:17:49 0 d-------- C:\WINDOWS\system32\config
2007-07-11 19:17:49 0 d-------- C:\WINDOWS\system32\3com_dmi
2007-07-11 19:17:49 0 d-------- C:\WINDOWS\system32\3076
2007-07-11 19:17:49 0 d-------- C:\WINDOWS\system32\2052
2007-07-11 19:17:49 0 d-------- C:\WINDOWS\system32\1054
2007-07-11 19:17:49 0 d-------- C:\WINDOWS\system32\1042
2007-07-11 19:17:49 0 d-------- C:\WINDOWS\system32\1041
2007-07-11 19:17:49 0 d-------- C:\WINDOWS\system32\1037
2007-07-11 19:17:49 0 d-------- C:\WINDOWS\system32\1033
2007-07-11 19:17:49 0 d-------- C:\WINDOWS\system32\1031
2007-07-11 19:17:49 0 d-------- C:\WINDOWS\system32\1028
2007-07-11 19:17:49 0 d-------- C:\WINDOWS\system32\1025
2007-07-11 19:17:49 0 d-------- C:\WINDOWS\system
2007-07-11 19:17:49 0 d-------- C:\WINDOWS\security
2007-07-11 19:17:49 0 d-------- C:\WINDOWS\Resources
2007-07-11 19:17:49 0 d-------- C:\WINDOWS\repair
2007-07-11 19:17:49 0 d-------- C:\WINDOWS\Provisioning
2007-07-11 19:17:49 0 d-------- C:\WINDOWS\PeerNet
2007-07-11 19:17:49 0 d-------- C:\WINDOWS\pchealth
2007-07-11 19:17:49 0 d-------- C:\WINDOWS\NLDRV
2007-07-11 19:17:49 0 d-------- C:\WINDOWS\mui
2007-07-11 19:17:49 0 d-------- C:\WINDOWS\msapps
2007-07-11 19:17:49 0 d-------- C:\WINDOWS\msagent
2007-07-11 19:17:49 0 d-------- C:\WINDOWS\Media
2007-07-11 19:17:49 0 d-------- C:\WINDOWS\java
2007-07-11 19:17:49 0 d--h----- C:\WINDOWS\inf
2007-07-11 19:17:49 0 d-------- C:\WINDOWS\ime
2007-07-11 19:17:49 0 d-------- C:\WINDOWS\Help
2007-07-11 19:17:49 0 dr--s---- C:\WINDOWS\Fonts
2007-07-11 19:17:49 0 d-------- C:\WINDOWS\ehome
2007-07-11 19:17:49 0 d-------- C:\WINDOWS\Driver Cache
2007-07-11 19:17:49 0 d-------- C:\WINDOWS\Debug
2007-07-11 19:17:49 0 d-------- C:\WINDOWS\Cursors
2007-07-11 19:17:49 0 d-------- C:\WINDOWS\Connection Wizard
2007-07-11 19:17:49 0 d-------- C:\WINDOWS\Config
2007-07-11 19:17:49 0 d-------- C:\WINDOWS\AppPatch
2007-07-11 19:17:49 0 d-------- C:\WINDOWS\addins
2007-07-11 18:51:28 0 d-------- C:\Program Files\DScaler
2007-07-11 18:41:07 0 d-------- C:\Program Files\VideoLAN
2007-07-11 17:22:16 0 d-------- C:\Program Files\Avance Sound Manager
2007-07-11 17:22:14 0 d-------- C:\Program Files\AvRack
2007-07-11 17:22:13 208896 -----n--- C:\WINDOWS\alcupd.exe <Not Verified; Avance Logic, Inc.; Update Application for Avance AC'97>
2007-07-11 17:22:13 135168 -----n--- C:\WINDOWS\alcrmv.exe <Not Verified; Avance Logic, Inc.; Avance AC'97 Removing Tool for INTEL, VIA, SIS ALI Chipset>
2007-07-11 17:21:38 0 d-------- C:\Program Files\Intel
2007-07-11 17:21:12 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-07-11 17:15:38 0 d-------- C:\WINDOWS\system32\PreInstall
2007-07-11 17:15:36 0 d--h----- C:\WINDOWS\$hf_mig$
2007-07-11 17:12:07 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe
2007-07-11 17:12:00 0 d-------- C:\Program Files\Common Files\Adobe
2007-07-11 17:10:51 1007 --a------ C:\WINDOWS\mozver.dat
2007-07-11 17:10:34 0 d-------- C:\WINDOWS\nview
2007-07-11 17:10:29 0 d-------- C:\WINDOWS\system32\ReinstallBackups
2007-07-11 17:10:14 0 d-------- C:\Program Files\Common Files\InstallShield
2007-07-11 17:10:09 0 d-------- C:\NVIDIA
2007-07-11 17:08:13 0 d-------- C:\Documents and Settings\Mikko Itkonen\Application Data\Macromedia
2007-07-11 17:06:28 0 d-------- C:\Documents and Settings\Mikko Itkonen\Application Data\Apple Computer
2007-07-11 17:06:19 0 d-------- C:\Program Files\iPod
2007-07-11 17:06:17 0 d-------- C:\Program Files\iTunes
2007-07-11 17:05:52 0 d-------- C:\Program Files\QuickTime
2007-07-11 17:05:51 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2007-07-11 17:05:37 0 d-------- C:\Program Files\Apple Software Update
2007-07-11 17:05:31 0 d------c- C:\WINDOWS\system32\DRVSTORE
2007-07-11 17:05:19 0 d-------- C:\Program Files\Common Files\Apple
2007-07-11 17:05:18 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple
2007-07-11 16:54:23 0 --a------ C:\WINDOWS\nsreg.dat
2007-07-11 16:54:20 0 d-------- C:\Documents and Settings\Mikko Itkonen\Application Data\Mozilla
2007-07-11 16:49:30 0 d-------- C:\Documents and Settings\Mikko Itkonen\Application Data\Identities
2007-07-11 16:49:23 0 dr------- C:\Documents and Settings\Mikko Itkonen\Favorites
2007-07-11 16:49:23 0 d-------- C:\Documents and Settings\Mikko Itkonen\Desktop
2007-07-11 16:49:23 0 d---s---- C:\Documents and Settings\Mikko Itkonen\Cookies
2007-07-11 16:49:23 0 dr-h----- C:\Documents and Settings\Mikko Itkonen\Application Data
2007-07-11 16:49:22 0 d--hs---- C:\WINDOWS\CSC
2007-07-11 16:49:22 0 d--h----- C:\Documents and Settings\Mikko Itkonen\Templates
2007-07-11 16:49:22 0 dr------- C:\Documents and Settings\Mikko Itkonen\Start Menu
2007-07-11 16:49:22 0 dr-h----- C:\Documents and Settings\Mikko Itkonen\SendTo
2007-07-11 16:49:22 0 d--h----- C:\Documents and Settings\Mikko Itkonen\PrintHood
2007-07-11 16:49:22 1048576 --ah----- C:\Documents and Settings\Mikko Itkonen\NTUSER.DAT
2007-07-11 16:49:22 0 d--h----- C:\Documents and Settings\Mikko Itkonen\NetHood
2007-07-11 16:49:22 0 dr------- C:\Documents and Settings\Mikko Itkonen\My Documents
2007-07-11 16:49:22 0 d--h----- C:\Documents and Settings\Mikko Itkonen\Local Settings
2007-07-11 16:48:37 0 d-------- C:\WINDOWS\system32\SoftwareDistribution

-- Find3M Report ---------------------------------------------------------------

2007-07-11 19:23:00 62 --ahs---- C:\Documents and Settings\Mikko Itkonen\Application Data\desktop.ini

-- Registry Dump ---------------------------------------------------------------

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{02478D38-C3F9-4EFB-9B51-7695ECA05670} C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\QTTask.exe\" -atboottime"
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"nwiz"="nwiz.exe /install"
"NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit"
"Adobe Reader Speed Launcher"="\"C:\\Program Files\\Adobe\\Reader 8.0\\Reader\\Reader_sl.exe\""
"SoundMan"="SOUNDMAN.EXE"
"F-Secure Manager"="\"C:\\Program Files\\F-Secure Internet Security\\Common\\FSM32.EXE\" /splash"
"F-Secure TNB"="\"C:\\Program Files\\F-Secure Internet Security\\TNB\\TNBUtil.exe\" /CHECKALL /WAITFORSW"
"F-Secure Startup Wizard"="\"C:\\Program Files\\F-Secure Internet Security\\FSGUI\\FSSW.EXE\" /reboot"
"NeroFilterCheck"="C:\\Program Files\\Common Files\\Ahead\\Lib\\NeroCheck.exe"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"MsnMsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background"
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="\"C:\\Program Files\\Common Files\\Ahead\\Lib\\NMBgMonitor.exe\""

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"=dword:00000001
"LinkResolveIgnoreLinkInfo"=dword:00000001
"NoResolveSearch"=dword:00000001
"NoLowDiskSpaceChecks"=dword:00000001

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"=dword:00000001
"LinkResolveIgnoreLinkInfo"=dword:00000001
"NoResolveSearch"=dword:00000001
"NoLowDiskSpaceChecks"=dword:00000001

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa
Authentication Packages REG_MULTI_SZ msv1_0\0\0
Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0wdigest\0\0
Notification Packages REG_MULTI_SZ scecli\0\0

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0

-- End of Deckard's System Scanner: finished at 2007-07-15 at 11:13:56 ---------

Auttaja · Jul 15, 2007

kopioi seuraavat rivit esim notepad:in

@echo off
sc stop StarWindService
sc delete StarWindService

Click to expand...

Tallenna nimellä FIX.BAT työpöydälle muotoon kaikki tiedostot

tuplaklikka hiirellä FIX.BAT :a

poista kansio C:\Program Files\Alcohol Soft\, jos välttämättä haluat tuosta rivistä eroon.

Log in or Sign up

Miten saan poistettua tiedoston+ hjt-loki

pixies Regular member

Auttaja Guest

pixies Regular member

Auttaja Guest

Share This Page

Log in or Sign up

Miten saan poistettua tiedoston+ hjt-loki

pixies Regular member

Auttaja Guest

pixies Regular member

Auttaja Guest

Share This Page

Useful Searches