Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:57:16, on 31.7.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0011) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Google\Gmail Notifier\gnotify.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\system32\wscntfy.exe C:\Program Files\WinRAR\WinRAR.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fi/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,,C:\WINDOWS\system32\userinit.exe O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [razertra] C:\Program Files\Razer\razertra.exe O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Paikallinen palve') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Verkkopalve') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - http://support.f-secure.com/ols/fscax.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- End of file - 4372 bytes
Lataa SDFix by AndyManchesta ja tallenna se työpöydällesi. Käynnistä koneesi vikasietotilaan ja valitse tavallinen käyttäjätilisi: " Käynnistä tietokone " Kun kuulet koneen piippaavan, paina F8, kuitenkin ennen Windowsin logon esiintuloa " Seuraavaksi pitäisi ilmestyä valikko " Valitse valikosta vikasietotila. " Kun vikasietotilassa, pura tiedoston SDFix.zip sisältö (SDFix kansio) työpöydällesi. Työpöydälle pitäisi ilmestyä kansio nimeltä SDFix. " Avaa SDFix-kansio ja tuplaklikkaa tiedostoa RunThis.bat käynnistääksesi ohjelman. " Paina Y käynnistääksesi skriptin. " Työkalu puhdistaa troijalaisen palvelut ja tekee myös joitakin korjauksia rekisteriin. Lopuksi se pyytää käynnistämään koneen uudelleen, "Press any key to Reboot". " Paina mitä tahansa näppäintä ja kone käynnistyy uudelleen. " Käynnistyminen kestää normaalia kauemmin sillä SDFix puhdistaa konetta. " Kun kone on käynnistynyt ja työpöytä latautunut, SDFix kertoo että puhdistus on suoritettu, "Finished". " Paina sitten mitä tahansa näppäintä sulkeaksesi skriptin ja ladataksesi pikakuvakkeet työpöydälle. " Lopuksi avaa SDFix kansio (työpöydällä) ja kopioi & liitä tiedoston Report.txt sisältö viestiketjuusi uuden HijackThis:n lokin kera. ====================== Ohje AVG:n Anti-Spyware 7.5:n käyttöön Huom! Tässä ohjeessa sammutetaan tuo reaaliaikasuojaus (Shield). Näin vältetään tilanteet joissa suojaus estäisi esim HijackThis:n työkalun toimintaa. Tallenna nämä ohjeet tekstitiedostoon tai tulosta nämä, muuten et pääse niihin käsiksi vikasietotilasta Lataa AVG:n Anti-Spyware 7.5:n ja tallenna ohjelma työpöydällesi. o Kun olet ladannut ohjelman, kaksoisklikkaa asennuohjelman pikakuvaketta työpöydälläsi, asennus alkaa. o Asennuksen jälkeen täytyy ohjelma käynnistää ja sen tunnisteet päivittää. o Käynnistä AVG:n Anti-Spyware. o Klikkaa "Update" kuvaketta päävalikossa. Sen jälkeen klikkaa "Update now" painiketta. o Sitten klikkaa "Start Update" kuvaketta jolloin päivitys alkaa. o Kun päivitykset on ladattu, klikkaa "Scanner" kuvaketta ikkunan ylälaidassa. Valitse sitten "Settings" välilehti. o Kun "Settings" valikko on auennut, klikkaa "Recommended actions" ja sitten valitse "Quarantine". o Sitten "Reports" valikon alta: o Laita täppi kohtaan "Automatically generate report after every scan" o Ota täppi pois kohdasta"Only if threats were found" o Sitten klikkaa "Shield" kuvaketta ikkunan ylälaidassa o "Resident shield is", muuta tila active:sta inactive:ksi o Sulje ohjelma, ÄLÄ skannaa vielä. Käynnistä koneesi vikasietotilaan, sammuta ja käynnistä käynnistyksen yhteydessä naputtele F8 valitse nuoli näppäimellä vikasietotila paina enter ja enter HUOM! Älä käytä muita ohjelmia AVG:n skannauksen aikana, tämä saattaa häiritä skannausta. o Kun vikasietotilassa, käynnistä AVG:n Anti-Spyware. o Klikkaa "Scanner" kuvaketta ikkunan ylälaidassa ja valitse "Scan" välilehti. Sitten klikkaa "Complete System Scan". o Ewido aloittaa nyt tietokoneen skannaamisen, ole kärsivällinen sillä skannaus vie aikaa. Kun skannaus on valmis: TÄRKEÄÄ : Älä klikkaa "Save Scan Report" ennen kuin klikkaat "Apply all Actions" o Varmistu, että Set all elements to: näyttää Quarantine (1), jos ei, klikkaa linkkiä ja valitse Quarantine popup-valikosta. o Sinulta kysytään mitä tehdä jos infektioita löytyi, valitse silloin "Apply all actions" o Sitten klikkaa "Reports" kuvaketta ohjelma yläosasta. o Klikkaa "Save report as" painiketta ikkunan vasemmassa alalaidassa ja tallenna raportti työpöydälle. o Sulje ohjelma, käynnistä kone normaalisti ja lähetä AVG:n raportti viestikejuusi. =============== Lataa tuolta http://www.ccleaner.com/download/builds.aspx CCleaner v1.41.544 - Basic, ÄLÄ aseenna Yahoo toolbaria! laita asetukset näin: Valinnat --> Lisäasetukset --> Ota ruksi pois kohdasta Poista vain yli 48 tuntia vanhat tilapäistiedostot. aja Puhdistaja > tutki nappi > aja ccleaner nappi oikea alakulma aja Virheet > etsi rekisteri virheitä nappi > Korjaa rekisteri virheet. nappi =============== Javan päivitys ja välimuistin tyhjennys: 1. Klikkaa Käynnistä -> Ohjauspaneeli ja tupla-klikkaa Lisää tai poista sovellus Ohjauspaneelissa. 2. Etsi listasta kaikki entiset Java versiosi. (J2SE Runtime Environment.... ) Niissä pitäisi olla seuraava kuva vieressä: 3. Valitse kaikki entiset Java versiosi ja valitse Poista. 4. Asenna uusin Java päivitys seuraavasta linkistä.. 5. Käynnistä kone uudelleen asennuksen jälkeen: http://java.sun.com/javase/downloads/index.jsp Rullaa alas kohteeseen Java Runtime Environment (JRE) 6u2 Paina Download Ruksaa Accept, ota offline installation, tallenna vaikka työpöydälle ja asenna se. 6. Käynnistyksen jälkeen, mene takaisin Ohjauspaneeliin ja avaa Java asetuksesi (Muita Ohjauspaneelin asetuksia -> Java kahvikuppi). 7. General Settings -osion alla, vedä liukusäädintä (Disk Space) pienemmälle, ja klikkaa Delete Files -nappia. (Jotkut javapohjaiset ohjelmat saattavat tarvita enemmän levytilaa. Jos huomaat säädön pienentämisen jälkeen koneessa hitautta, siirrä liukusäädintä isommalle). 8. Varmista että kaikki kaksi valintaa ovat rastitettuja: *Applications and Applets *Trace and Log Files Ja paina OK -nappia 9. Klikkaa OK "Temporary Files Settings" -ikkunassasi. 10. Klikkaa OK jättääksesi Java asetusikkunasi.
Kiitos kiitos !!!! Minulta puuttui monta Xp-päivitys osaakin, kun ei antanut niitä asentaa. Löytyi muuten apuohjelma siihenkin. Koneen avautuessa "omat tiedostot" kansio avautui ilman syytä, nyt loppui sekin. Kiitos vaan kovasti Teille !!! Oliko tämä muuten nyt sitten se täälläpäin riehunut virus? ------------------------------------------------------------------- SDFix: Version 1.94 Run by TIETOKONE on ke 01.08.2007 at 13:08 Microsoft Windows XP [versio 5.1.2600] Running From: C:\DOCUME~1\TIETOK~1\TYPYT~1\SDFix Safe Mode: Checking Services: Restoring Windows Registry Values Restoring Windows Default Hosts File Restoring Missing Security Center Service Restoring Missing SharedAccess Service Rebooting... Normal Mode: Checking Files: No Trojan Files Found Removing Temp Files... ADS Check: C:\WINDOWS No streams found. C:\WINDOWS\system32 No streams found. C:\WINDOWS\system32\svchost.exe No streams found. C:\WINDOWS\system32\ntoskrnl.exe No streams found. Final Check: Remaining Services: ------------------ Authorized Application Key Export: [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\\Program Files\\EA GAMES\\MOHAA\\moh_spearhead.exe"="C:\\Program Files\\EA GAMES\\MOHAA\\moh_spearhead.exe:*:Enabled:Medal of Honor Allied Assault(tm) Spearhead" "C:\\Program Files\\Empire Interactive\\FlatOut2\\FlatOut2.exe"="C:\\Program Files\\Empire Interactive\\FlatOut2\\FlatOut2.exe:*:Enabled:FlatOut2" "C:\\WINDOWS\\system32\\dpvsetup.exe"="C:\\WINDOWS\\system32\\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test" "C:\\WINDOWS\\system32\\rundll32.exe"="C:\\WINDOWS\\system32\\rundll32.exe:*:Enabled:Suorita DLL sovelluksena" "C:\\WINDOWS\\system32\\sessmgr.exe"="C:\\WINDOWS\\system32\\sessmgr.exe:*isabledxpsp2res.dll,-22019" "C:\\Program Files\\EA GAMES\\MOHAA\\fpupdate.exe"="C:\\Program Files\\EA GAMES\\MOHAA\\fpupdate.exe:*isabled:fpupdate" "C:\\Program Files\\Xfire\\xfire.exe"="C:\\Program Files\\Xfire\\xfire.exe:*:Enabled:Xfire" "C:\\Program Files\\EA GAMES\\MOHAA\\MOHAA.exe"="C:\\Program Files\\EA GAMES\\MOHAA\\MOHAA.exe:*:Enabled:Medal of Honor Allied Assault(tm)" "C:\\Program Files\\Autokick\\Autokick.exe"="C:\\Program Files\\Autokick\\Autokick.exe:*:Enabled:Autokick for MoHAA 1.11" "C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger" "C:\\Program Files\\Valve\\Steam\\SteamApps\\katastrofi\\race\\Race_Steam.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\katastrofi\\race\\Race_Steam.exe:*:Enabled:Race" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe"="C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe:*:Enabled:Kodak Software Updater" "C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Civilization4.exe"="C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Civilization4.exe:*:Enabled:Sid Meier's Civilization 4" "C:\\Program Files\\Soldier of Fortune II - Double Helix GOLD\\SoF2MP.exe"="C:\\Program Files\\Soldier of Fortune II - Double Helix GOLD\\SoF2MP.exe:*:Enabled:SoF2MP" "C:\\Program Files\\EA GAMES\\MOHAA\\moh_spearhead_server.exe"="C:\\Program Files\\EA GAMES\\MOHAA\\moh_spearhead_server.exe:*:Enabled:Medal of Honor Allied Assault(tm) Spearhead" "C:\\Program Files\\Valve\\Steam\\SteamApps\\katastrofi\\half-life 2 deathmatch\\hl2.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\katastrofi\\half-life 2 deathmatch\\hl2.exe:*:Enabled:hl2" "C:\\Program Files\\Sierra\\FEAR\\FEARXP\\FEARXP.exe"="C:\\Program Files\\Sierra\\FEAR\\FEARXP\\FEARXP.exe:*:Enabled:FEARXP" "C:\\Program Files\\Sierra\\FEAR\\fpupdate.exe"="C:\\Program Files\\Sierra\\FEAR\\fpupdate.exe:*:Enabled:fpupdate" "C:\\Program Files\\Sierra\\FEAR\\FEAR.exe"="C:\\Program Files\\Sierra\\FEAR\\FEAR.exe:*:Enabled:FEAR" "C:\\Program Files\\Sierra\\FEAR\\FEARMP.exe"="C:\\Program Files\\Sierra\\FEAR\\FEARMP.exe:*:Enabled:FEAR" "C:\\Program Files\\Codemasters\\DiRT Demo\\DiRTDemo.exe"="C:\\Program Files\\Codemasters\\DiRT Demo\\DiRTDemo.exe:*:EnablediRT Demo Executable" "C:\\Program Files\\UBISOFT\\Ghost Recon Advanced Warfighter 2 Demo\\graw2.exe"="C:\\Program Files\\UBISOFT\\Ghost Recon Advanced Warfighter 2 Demo\\graw2.exe:*:Enabled:Ghost Recon Advanced Warfighter© 2 Demo" "C:\\TournamentDemo\\System\\UnrealTournament.exe"="C:\\TournamentDemo\\System\\UnrealTournament.exe:*:Enabled:UnrealTournament" "C:\\Program Files\\Valve\\Steam\\SteamApps\\katastrofi\\sin episodes emergence\\SinEpisodes.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\katastrofi\\sin episodes emergence\\SinEpisodes.exe:*:Enabled:SinEpisodes" "C:\\Program Files\\Valve\\Steam\\SteamApps\\katastrofi\\sin 1 multiplayer\\sin.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\katastrofi\\sin 1 multiplayer\\sin.exe:*:Enabled:sin" "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabledxpsp2res.dll,-22019" "C:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"="C:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabledxpsp2res.dll,-22019" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" Remaining Files: --------------- Files with Hidden Attributes: C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp C:\WINDOWS\system32\config\default.tmp.LOG C:\WINDOWS\system32\config\software.tmp.LOG C:\WINDOWS\system32\config\system.tmp.LOG Finished ------------------------------------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:20:05, on 1.8.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16473) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\userinit.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Google\Gmail Notifier\gnotify.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fi/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [razertra] C:\Program Files\Razer\razertra.exe O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Paikallinen palve') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Verkkopalve') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - http://support.f-secure.com/ols/fscax.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 -- End of file - 3536 bytes
Jos käytät vain Windowsin omaa palomuuria, niin se ei ole riittävä suoja. Lataa vaikka näistä kolmesta Yksi palomuuri koneellesi ja asenna se. Poista sitten myös windowsin palomuuri käytöstä. Nämä 3 ovat aika suosittuja ja ilmaisia palomuureja: Comodo Kerio Zonealarm ======== Javan päivitys ja välimuistin tyhjennys: 1. Klikkaa Käynnistä -> Ohjauspaneeli ja tupla-klikkaa Lisää tai poista sovellus Ohjauspaneelissa. 2. Etsi listasta kaikki entiset Java versiosi. (J2SE Runtime Environment.... ) Niissä pitäisi olla seuraava kuva vieressä: 3. Valitse kaikki entiset Java versiosi ja valitse Poista. 4. Asenna uusin Java päivitys seuraavasta linkistä.. 5. Käynnistä kone uudelleen asennuksen jälkeen: http://java.sun.com/javase/downloads/index.jsp Rullaa alas kohteeseen Java Runtime Environment (JRE) 6u2 Paina Download Ruksaa Accept, ota offline installation, tallenna vaikka työpöydälle ja asenna se. 6. Käynnistyksen jälkeen, mene takaisin Ohjauspaneeliin ja avaa Java asetuksesi (Muita Ohjauspaneelin asetuksia -> Java kahvikuppi). 7. General Settings -osion alla, vedä liukusäädintä (Disk Space) pienemmälle, ja klikkaa Delete Files -nappia. (Jotkut javapohjaiset ohjelmat saattavat tarvita enemmän levytilaa. Jos hjuomaat säädön pienentämisen jälkeen koneessa hitautta, siirrä liukusäädintä isommalle). 8. Varmista että kaikki kaksi valintaa ovat rastitettuja: *Applications and Applets *Trace and Log Files Ja paina OK -nappia 9. Klikkaa OK "Temporary Files Settings" -ikkunassasi. 10. Klikkaa OK jättääksesi Java asetusikkunasi. ====== Lataa Deckard's System Scanner Työpöydällesi. Huomioi: Sinulla tulee olla Järjestelmänvalvojan oikeudet ajaaksesi ohjelman. [*]Sulje kaikki avoimet ikkunat ja ohjelmat. [*]Tupla Klikkaa Dss.exe tiedostoa ajaaksesi ohjelman, seuraa ohjeita. [*]Kun Scannaus on valmis 2 textitiedostoa pitäisi avautua, Main.txt ja extra.txt [*]Näppäile Kopioi ( CTRL+A -> CTRL + C ) ja liitä ( CTRL + V ) [*]kopioi ja liitä Extra.txt & Main.txt sisältö seuraavaan vastaukseesi.
Palomuuria en vielä vaihtanut. Java päivitetty. Deckard's System Scanneria yrittäessäni Avasti ilmoitti troijalaisesta: Tiedosto: http://www.techsupportforum.com/sectools/Deckard/dss.exe Haittaohjelman nimi: Win32:Hupigon-CXG [Trj] Virustunnitevarsio 000763-0, 01.08.2007 En lähtenyt sitä sitten latailemaan. Omituista omituista..... ------------------------------------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:30:17, on 1.8.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16473) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\Google\Gmail Notifier\gnotify.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fi/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [razertra] C:\Program Files\Razer\razertra.exe O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Paikallinen palve') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Verkkopalve') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - http://support.f-secure.com/ols/fscax.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe -- End of file - 4633 bytes
falsepositivea... eikun palautetta avastile... Lataa WinPFind3 http://download.bleepingcomputer.com/oldtimer/winpfind3u.exe työpöydällesi ja tuplaklikkaa exeä purkaaksesi sen. Kansio nimeltä WinPFind3u luodaan työpöydällesi. * Avaa WinPFind3u-kansio ja tuplaklikkaa WinPFind3U.exe käynnistääksesi ohjelman. o Files Created Within-kohdassa klikkaa30 days o Files Modified Within-kohdassa klikkaa30 days o File String Search -kohdassa klikkaaNon-Microsoft * Nyt klikkaa Run Scan-nappulaa työkalupalkissa. * Kun skanni on valmis, raportti avautuu muistioon. * Klikkaa Muotoile ja varmistu ettei automaattinen rivitys ole valittuna. Jos on, ota valinta pois. Lähetä loki seuraavassa vastauksessasi. Voit tarvita siihen useita vastauksia, ettei se jää vaillinaiseksi.
Jep jep! OldTimer lähti päälle vasta, kun tajusin, että kansion saa auki WinRarrilla. Kun pikakuvake olisi vain asentanut ohjelmaa uudestaan ja uudestaan. Että oon tyhmä....olenko minä? No, tuossa tuo kumminkin on. Niin, en ole vielä vaihtanut palomuuria. Tyhmä kun olen, tarvitsen paljon aikaa, selviä vastauksia ja hyviä syy-seuraus juttuja, ennenkuin menen jotain "hyväksi" todettua vaihtamaan. No joo.... --------------------------------------------------------------------- WinPFind3 logfile created on: 2.8.2007 18:31:58 WinPFind3U by OldTimer - Version 1.0.39 Folder = C:\DOCUME~1\TIETOK~1\LOCALS~1\Temp\Rar$EX00.969\WinPFind3u\ Microsoft Windows XP Service Pack 2 (Version = 5.1.2600) Internet Explorer (Version = 7.0.5730.11) 2,00 Gb Total Physical Memory | 1,62 Gb Available Physical Memory | 81,14% Memory free 3,85 Gb Paging File | 3,54 Gb Available in Paging File | 92,13% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092; %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 232,88 Gb Total Space | 153,14 Gb Free Space | 65,76% Space Free D: Drive not present or media not loaded Drive E: | 653,75 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free F: Drive not present or media not loaded Computer Name: TIETOKON-CEBD89 Current User Name: TIETOKONE Logged in as Administrator. Current Boot Mode: Normal [Processes - Non-Microsoft Only] ashdisp.exe -> %ProgramFiles%\Alwil Software\Avast4\ashDisp.exe -> ALWIL Software [Ver = 4, 7, 1029, 0 | Size = 75128 bytes | Modified Date = 28.7.2007 1:03:34 | Attr = ] ashmaisv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashMaiSv.exe -> ALWIL Software [Ver = 4, 7, 1029, 0 | Size = 243064 bytes | Modified Date = 28.7.2007 1:03:08 | Attr = ] ashserv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashServ.exe -> ALWIL Software [Ver = 4, 7, 1029, 0 | Size = 132472 bytes | Modified Date = 28.7.2007 1:03:28 | Attr = ] ashwebsv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashWebSv.exe -> ALWIL Software [Ver = 4, 7, 1029, 0 | Size = 345464 bytes | Modified Date = 28.7.2007 1:02:20 | Attr = ] aswupdsv.exe -> %ProgramFiles%\Alwil Software\Avast4\aswUpdSv.exe -> ALWIL Software [Ver = 4, 7, 1029, 0 | Size = 16248 bytes | Modified Date = 28.7.2007 0:52:46 | Attr = ] avgas.exe -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\avgas.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 43 | Size = 6731312 bytes | Modified Date = 11.6.2007 12:25:42 | Attr = ] gnotify.exe -> %ProgramFiles%\Google\Gmail Notifier\gnotify.exe -> Google Inc. [Ver = 1.0.25.0 | Size = 479232 bytes | Modified Date = 16.7.2005 0:48:34 | Attr = ] guard.exe -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 22 | Size = 312880 bytes | Modified Date = 30.5.2007 15:31:10 | Attr = ] jusched.exe -> %ProgramFiles%\Java\jre1.6.0_02\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 132496 bytes | Modified Date = 12.7.2007 4:00:36 | Attr = ] winpfind3u.exe -> %LocalSettings%\Temp\Rar$EX00.969\WinPFind3u\WinPFind3U.exe -> OldTimer Tools [Ver = 1.0.38.0 | Size = 322048 bytes | Modified Date = 23.6.2007 15:15:54 | Attr = ] [Win32 Services - Non-Microsoft Only] (aswUpdSv) avast! iAVS4 Control Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Alwil Software\Avast4\aswUpdSv.exe -> ALWIL Software [Ver = 4, 7, 1029, 0 | Size = 16248 bytes | Modified Date = 28.7.2007 0:52:46 | Attr = ] (avast! Antivirus) avast! Antivirus [Win32_Own | Auto | Running] -> %ProgramFiles%\Alwil Software\Avast4\ashServ.exe -> ALWIL Software [Ver = 4, 7, 1029, 0 | Size = 132472 bytes | Modified Date = 28.7.2007 1:03:28 | Attr = ] (avast! Mail Scanner) avast! Mail Scanner [Win32_Own | On_Demand | Running] -> %ProgramFiles%\Alwil Software\Avast4\ashMaiSv.exe -> ALWIL Software [Ver = 4, 7, 1029, 0 | Size = 243064 bytes | Modified Date = 28.7.2007 1:03:08 | Attr = ] (avast! Web Scanner) avast! Web Scanner [Win32_Own | On_Demand | Running] -> %ProgramFiles%\Alwil Software\Avast4\ashWebSv.exe -> ALWIL Software [Ver = 4, 7, 1029, 0 | Size = 345464 bytes | Modified Date = 28.7.2007 1:02:20 | Attr = ] (AVG Anti-Spyware Guard) AVG Anti-Spyware Guard [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 22 | Size = 312880 bytes | Modified Date = 30.5.2007 15:31:10 | Attr = ] (dmadmin) Loogisen levyn hallinnan valvontapalvelu [Win32_Shared | On_Demand | Stopped] -> %System32%\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 15.9.2004 15:00:00 | Attr = ] (KodakCCS) Kodak Camera Connection Software [Win32_Own | Disabled | Stopped] -> %System32%\drivers\KodakCCS.exe -> Eastman Kodak Company [Ver = 1.1.5100.4 | Size = 322104 bytes | Modified Date = 24.5.2004 13:35:52 | Attr = ] (NVSvc) NVIDIA Display Driver Service [Win32_Own | Disabled | Stopped] -> %System32%\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.10.9371 | Size = 159810 bytes | Modified Date = 22.10.2006 13:22:00 | Attr = ] (sfrem01) SF FrontLine Drivers Auto Removal (v1) [Win32_Own | Disabled | Stopped] -> %System32%\sfrem01.exe -> Protection Technology (StarForce) [Ver = 1.12 | Size = 353912 bytes | Modified Date = 10.5.2006 12:59:06 | Attr = ] [Registry - Non-Microsoft Only] < Run [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> !AVG Anti-Spyware -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\avgas.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 43 | Size = 6731312 bytes | Modified Date = 11.6.2007 12:25:42 | Attr = ] {0228e555-4f9c-4e35-a3ec-b109a192b4c2} -> %ProgramFiles%\Google\Gmail Notifier\gnotify.exe -> Google Inc. [Ver = 1.0.25.0 | Size = 479232 bytes | Modified Date = 16.7.2005 0:48:34 | Attr = ] avast! -> %ProgramFiles%\Alwil Software\Avast4\ashDisp.exe -> ALWIL Software [Ver = 4, 7, 1029, 0 | Size = 75128 bytes | Modified Date = 28.7.2007 1:03:34 | Attr = ] razertra -> %ProgramFiles%\Razer\razertra.exe -> Razer Inc. [Ver = 4.0.0.3 | Size = 208896 bytes | Modified Date = 10.10.2004 19:21:20 | Attr = ] SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.6.0_02\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 132496 bytes | Modified Date = 12.7.2007 4:00:36 | Attr = ] < ShellExecuteHooks [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks -> {57B86673-276A-48B2-BAE7-C6DBB3020EB8} [HKLM] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [AVG Anti-Spyware 7.5] -> GRISOFT s.r.o. [Ver = 7, 5, 1, 36 | Size = 79408 bytes | Modified Date = 30.5.2007 15:29:58 | Attr = ] < SecurityProviders [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders -> < Winlogon settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon\Notify settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> WgaLogon -> Reg Data - Value does not exist -> File not found < CurrentVersion Policy Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 -> < CurrentVersion Policy Settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools -> 0 -> < HOSTS File > (686 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts -> 127.0.0.1 localhost -> -> < Internet Explorer Settings > -> -> HKLM: Default_Page_URL -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKLM: Main\\Default_Search_URL -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKLM: Local Page -> %SystemRoot%\system32\blank.htm -> HKLM: Search Bar -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm -> HKLM: Search Page -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKLM: Start Page -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKLM: CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> HKLM: SearchAssistant -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm -> HKCU: Local Page -> C:\WINDOWS\system32\blank.htm -> HKCU: Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKCU: Start Page -> http://www.msn.fi/ -> HKCU: ProxyEnable -> 0 -> < Trusted Sites > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> msn.com [ - ] -> -> < BHO's > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> Adobe Systems Incorporated [Ver = 7.0.7.2006011200 | Size = 63128 bytes | Modified Date = 12.1.2006 21:38:22 | Attr = ] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_02\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 501136 bytes | Modified Date = 12.7.2007 4:00:36 | Attr = ] {7E853D72-626A-48EC-A868-BA8D5E23E045} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found < Internet Explorer Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_02\bin\npjpi160_02.dll [MenuText: Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 132496 bytes | Modified Date = 12.7.2007 4:00:36 | Attr = ] {08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKCU] -> %ProgramFiles%\Java\jre1.6.0_02\bin\ssv.dll [MenuText: Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 501136 bytes | Modified Date = 12.7.2007 4:00:36 | Attr = ] {e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> Reg Data - Key not found [MenuText: @xpsp3res.dll,-20001] -> File not found < DNS Name Servers [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {11996132-25B2-4989-81EE-82F116B4F2D1} -> (NVIDIA nForce Networking Controller) -> {451B7031-67B8-4026-BF24-00E4D0510E2A} -> (1394-verkkosovitin) -> {6618495E-50C9-4D12-9B69-745B87628AF9} -> (Marvell Yukon 88E8053 PCI-E Gigabit Ethernet Controller) -> < Protocol Handlers [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ -> ipp -> Reg Data - Key not found -> File not found msdaipp -> Reg Data - Key not found -> File not found < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} -> QuickTime Object - CodeBase = http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab -> {0B79F48A-E8D6-11DB-9283-E25056D89593} -> F-Secure Online Scanner 3.1 - CodeBase = http://support.f-secure.com/ols/fscax.cab -> {17492023-C23A-453E-A040-C7C580BBF700} -> Windows Genuine Advantage Validation Tool - CodeBase = http://go.microsoft.com/fwlink/?linkid=39204 -> {233C1507-6A77-46A4-9443-F871F945D258} -> Shockwave ActiveX Control - CodeBase = http://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab -> {32505657-9980-0010-8000-00AA00389B71} -> - CodeBase = http://download.microsoft.com/download/0/A/9/0A9F8B32-9F8C-4D74-A130-E4CAB36EB01F/wmvadvd.cab -> {8AD9C840-044E-11D1-B3E9-00805F499D93} -> Java Plug-in 1.6.0_02 - CodeBase = http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab -> {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} -> Java Plug-in 1.6.0_02 - CodeBase = http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab -> {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -> Java Plug-in 1.6.0_02 - CodeBase = http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab -> {D27CDB6E-AE6D-11CF-96B8-444553540000} -> - CodeBase = http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab -> [Files/Folders - Created Within 30 days] TournamentDemo -> %SystemDrive%\TournamentDemo -> [Folder | Created Date = 19.7.2007 23:18:13 | Attr = ] $NtUninstallKB873339$ -> %SystemRoot%\$NtUninstallKB873339$ -> [Folder | Created Date = 1.8.2007 10:36:37 | Attr = H ] $NtUninstallKB884020$ -> %SystemRoot%\$NtUninstallKB884020$ -> [Folder | Created Date = 31.7.2007 21:25:03 | Attr = H ] $NtUninstallKB885835$ -> %SystemRoot%\$NtUninstallKB885835$ -> [Folder | Created Date = 1.8.2007 10:36:58 | Attr = H ] $NtUninstallKB885836$ -> %SystemRoot%\$NtUninstallKB885836$ -> [Folder | Created Date = 1.8.2007 10:36:48 | Attr = H ] $NtUninstallKB885894$ -> %SystemRoot%\$NtUninstallKB885894$ -> [Folder | Created Date = 31.7.2007 22:17:47 | Attr = H ] $NtUninstallKB886185$ -> %SystemRoot%\$NtUninstallKB886185$ -> [Folder | Created Date = 1.8.2007 10:36:44 | Attr = H ] $NtUninstallKB888302$ -> %SystemRoot%\$NtUninstallKB888302$ -> [Folder | Created Date = 1.8.2007 10:36:51 | Attr = H ] $NtUninstallKB890046$ -> %SystemRoot%\$NtUninstallKB890046$ -> [Folder | Created Date = 1.8.2007 10:41:24 | Attr = H ] $NtUninstallKB890859$ -> %SystemRoot%\$NtUninstallKB890859$ -> [Folder | Created Date = 1.8.2007 10:37:12 | Attr = H ] $NtUninstallKB891781$ -> %SystemRoot%\$NtUninstallKB891781$ -> [Folder | Created Date = 1.8.2007 10:36:55 | Attr = H ] $NtUninstallKB893756$ -> %SystemRoot%\$NtUninstallKB893756$ -> [Folder | Created Date = 1.8.2007 10:37:23 | Attr = H ] $NtUninstallKB894391$ -> %SystemRoot%\$NtUninstallKB894391$ -> [Folder | Created Date = 1.8.2007 10:37:39 | Attr = H ] $NtUninstallKB896358$ -> %SystemRoot%\$NtUninstallKB896358$ -> [Folder | Created Date = 1.8.2007 10:37:18 | Attr = H ] $NtUninstallKB896423$ -> %SystemRoot%\$NtUninstallKB896423$ -> [Folder | Created Date = 1.8.2007 10:37:35 | Attr = H ] $NtUninstallKB896428$ -> %SystemRoot%\$NtUninstallKB896428$ -> [Folder | Created Date = 1.8.2007 10:37:03 | Attr = H ] $NtUninstallKB899587$ -> %SystemRoot%\$NtUninstallKB899587$ -> [Folder | Created Date = 1.8.2007 10:37:31 | Attr = H ] $NtUninstallKB899591$ -> %SystemRoot%\$NtUninstallKB899591$ -> [Folder | Created Date = 1.8.2007 10:37:27 | Attr = H ] $NtUninstallKB900485$ -> %SystemRoot%\$NtUninstallKB900485$ -> [Folder | Created Date = 1.8.2007 10:38:47 | Attr = H ] $NtUninstallKB900725$ -> %SystemRoot%\$NtUninstallKB900725$ -> [Folder | Created Date = 1.8.2007 10:38:07 | Attr = H ] $NtUninstallKB901017$ -> %SystemRoot%\$NtUninstallKB901017$ -> [Folder | Created Date = 1.8.2007 10:37:53 | Attr = H ] $NtUninstallKB901214$ -> %SystemRoot%\$NtUninstallKB901214$ -> [Folder | Created Date = 1.8.2007 10:37:07 | Attr = H ] $NtUninstallKB902400$ -> %SystemRoot%\$NtUninstallKB902400$ -> [Folder | Created Date = 1.8.2007 10:37:45 | Attr = H ] $NtUninstallKB904706$ -> %SystemRoot%\$NtUninstallKB904706$ -> [Folder | Created Date = 1.8.2007 10:38:17 | Attr = H ] $NtUninstallKB905414$ -> %SystemRoot%\$NtUninstallKB905414$ -> [Folder | Created Date = 1.8.2007 10:37:57 | Attr = H ] $NtUninstallKB905749$ -> %SystemRoot%\$NtUninstallKB905749$ -> [Folder | Created Date = 1.8.2007 10:38:01 | Attr = H ] $NtUninstallKB908519$ -> %SystemRoot%\$NtUninstallKB908519$ -> [Folder | Created Date = 1.8.2007 10:38:21 | Attr = H ] $NtUninstallKB908531$ -> %SystemRoot%\$NtUninstallKB908531$ -> [Folder | Created Date = 1.8.2007 10:38:51 | Attr = H ] $NtUninstallKB910437$ -> %SystemRoot%\$NtUninstallKB910437$ -> [Folder | Created Date = 1.8.2007 10:38:12 | Attr = H ] $NtUninstallKB911280$ -> %SystemRoot%\$NtUninstallKB911280$ -> [Folder | Created Date = 1.8.2007 10:39:22 | Attr = H ] $NtUninstallKB911562$ -> %SystemRoot%\$NtUninstallKB911562$ -> [Folder | Created Date = 1.8.2007 10:38:42 | Attr = H ] $NtUninstallKB911927$ -> %SystemRoot%\$NtUninstallKB911927$ -> [Folder | Created Date = 1.8.2007 10:38:24 | Attr = H ] $NtUninstallKB913580$ -> %SystemRoot%\$NtUninstallKB913580$ -> [Folder | Created Date = 1.8.2007 10:39:14 | Attr = H ] $NtUninstallKB914388$ -> %SystemRoot%\$NtUninstallKB914388$ -> [Folder | Created Date = 1.8.2007 10:39:26 | Attr = H ] $NtUninstallKB914389$ -> %SystemRoot%\$NtUninstallKB914389$ -> [Folder | Created Date = 1.8.2007 10:39:06 | Attr = H ] $NtUninstallKB915865$ -> %SystemRoot%\$NtUninstallKB915865$ -> [Folder | Created Date = 31.7.2007 20:56:30 | Attr = H ] $NtUninstallKB916595$ -> %SystemRoot%\$NtUninstallKB916595$ -> [Folder | Created Date = 1.8.2007 10:39:44 | Attr = H ] $NtUninstallKB917953$ -> %SystemRoot%\$NtUninstallKB917953$ -> [Folder | Created Date = 1.8.2007 10:39:18 | Attr = H ] $NtUninstallKB918118$ -> %SystemRoot%\$NtUninstallKB918118$ -> [Folder | Created Date = 1.8.2007 10:40:53 | Attr = H ] $NtUninstallKB918439$ -> %SystemRoot%\$NtUninstallKB918439$ -> [Folder | Created Date = 1.8.2007 10:39:10 | Attr = H ] $NtUninstallKB919007$ -> %SystemRoot%\$NtUninstallKB919007$ -> [Folder | Created Date = 1.8.2007 10:39:48 | Attr = H ] $NtUninstallKB920213$ -> %SystemRoot%\$NtUninstallKB920213$ -> [Folder | Created Date = 1.8.2007 10:41:28 | Attr = H ] $NtUninstallKB920670$ -> %SystemRoot%\$NtUninstallKB920670$ -> [Folder | Created Date = 1.8.2007 10:39:31 | Attr = H ] $NtUninstallKB920683$ -> %SystemRoot%\$NtUninstallKB920683$ -> [Folder | Created Date = 1.8.2007 10:39:34 | Attr = H ] $NtUninstallKB920685$ -> %SystemRoot%\$NtUninstallKB920685$ -> [Folder | Created Date = 1.8.2007 10:39:52 | Attr = H ] $NtUninstallKB920872$ -> %SystemRoot%\$NtUninstallKB920872$ -> [Folder | Created Date = 1.8.2007 10:39:58 | Attr = H ] $NtUninstallKB922582$ -> %SystemRoot%\$NtUninstallKB922582$ -> [Folder | Created Date = 1.8.2007 10:39:40 | Attr = H ] $NtUninstallKB922819$ -> %SystemRoot%\$NtUninstallKB922819$ -> [Folder | Created Date = 1.8.2007 10:40:14 | Attr = H ] $NtUninstallKB923191$ -> %SystemRoot%\$NtUninstallKB923191$ -> [Folder | Created Date = 1.8.2007 10:40:05 | Attr = H ] $NtUninstallKB923414$ -> %SystemRoot%\$NtUninstallKB923414$ -> [Folder | Created Date = 1.8.2007 10:40:02 | Attr = H ] $NtUninstallKB923689$ -> %SystemRoot%\$NtUninstallKB923689$ -> [Folder | Created Date = 1.8.2007 10:42:08 | Attr = H ] $NtUninstallKB923980$ -> %SystemRoot%\$NtUninstallKB923980$ -> [Folder | Created Date = 1.8.2007 10:40:23 | Attr = H ] $NtUninstallKB924191$ -> %SystemRoot%\$NtUninstallKB924191$ -> [Folder | Created Date = 1.8.2007 10:40:10 | Attr = H ] $NtUninstallKB924270$ -> %SystemRoot%\$NtUninstallKB924270$ -> [Folder | Created Date = 1.8.2007 10:40:19 | Attr = H ] $NtUninstallKB924667$ -> %SystemRoot%\$NtUninstallKB924667$ -> [Folder | Created Date = 1.8.2007 10:40:44 | Attr = H ] $NtUninstallKB925902$ -> %SystemRoot%\$NtUninstallKB925902$ -> [Folder | Created Date = 31.7.2007 21:27:12 | Attr = H ] $NtUninstallKB926255$ -> %SystemRoot%\$NtUninstallKB926255$ -> [Folder | Created Date = 1.8.2007 10:40:27 | Attr = H ] $NtUninstallKB926436$ -> %SystemRoot%\$NtUninstallKB926436$ -> [Folder | Created Date = 1.8.2007 10:40:57 | Attr = H ] $NtUninstallKB927779$ -> %SystemRoot%\$NtUninstallKB927779$ -> [Folder | Created Date = 1.8.2007 10:40:48 | Attr = H ] $NtUninstallKB927802$ -> %SystemRoot%\$NtUninstallKB927802$ -> [Folder | Created Date = 1.8.2007 10:40:40 | Attr = H ] $NtUninstallKB927891$ -> %SystemRoot%\$NtUninstallKB927891$ -> [Folder | Created Date = 31.7.2007 21:25:40 | Attr = H ] $NtUninstallKB928255$ -> %SystemRoot%\$NtUninstallKB928255$ -> [Folder | Created Date = 1.8.2007 10:40:35 | Attr = H ] $NtUninstallKB929123$ -> %SystemRoot%\$NtUninstallKB929123$ -> [Folder | Created Date = 1.8.2007 10:41:50 | Attr = H ] $NtUninstallKB930178$ -> %SystemRoot%\$NtUninstallKB930178$ -> [Folder | Created Date = 1.8.2007 10:41:12 | Attr = H ] $NtUninstallKB930916$ -> %SystemRoot%\$NtUninstallKB930916$ -> [Folder | Created Date = 1.8.2007 10:41:32 | Attr = H ] $NtUninstallKB931261$ -> %SystemRoot%\$NtUninstallKB931261$ -> [Folder | Created Date = 1.8.2007 10:41:16 | Attr = H ] $NtUninstallKB931784$ -> %SystemRoot%\$NtUninstallKB931784$ -> [Folder | Created Date = 1.8.2007 10:41:05 | Attr = H ] $NtUninstallKB931836$ -> %SystemRoot%\$NtUninstallKB931836$ -> [Folder | Created Date = 1.8.2007 10:41:01 | Attr = H ] $NtUninstallKB932168$ -> %SystemRoot%\$NtUninstallKB932168$ -> [Folder | Created Date = 1.8.2007 10:41:20 | Attr = H ] $NtUninstallKB935448$ -> %SystemRoot%\$NtUninstallKB935448$ -> [Folder | Created Date = 31.7.2007 21:24:05 | Attr = H ] $NtUninstallKB935839$ -> %SystemRoot%\$NtUninstallKB935839$ -> [Folder | Created Date = 31.7.2007 21:21:18 | Attr = H ] $NtUninstallKB935840$ -> %SystemRoot%\$NtUninstallKB935840$ -> [Folder | Created Date = 31.7.2007 21:22:52 | Attr = H ] $NtUninstallKB936357$ -> %SystemRoot%\$NtUninstallKB936357$ -> [Folder | Created Date = 31.7.2007 22:28:14 | Attr = H ] ERUNT -> %SystemRoot%\ERUNT -> [Folder | Created Date = 1.8.2007 12:05:12 | Attr = ] Prefetch -> %SystemRoot%\Prefetch -> [Folder | Created Date = 31.7.2007 10:24:50 | Attr = ] QTFont.for -> %SystemRoot%\QTFont.for -> [Ver = | Size = 1409 bytes | Created Date = 23.7.2007 22:20:24 | Attr = ] QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes | Created Date = 23.7.2007 22:20:24 | Attr = H ] SETA6.tmp -> %SystemRoot%\SETA6.tmp -> [Ver = | Size = 1014139 bytes | Created Date = 31.7.2007 10:09:32 | Attr = R ] SETA9.tmp -> %SystemRoot%\SETA9.tmp -> [Ver = | Size = 1086058 bytes | Created Date = 31.7.2007 10:09:33 | Attr = R ] SETB5.tmp -> %SystemRoot%\SETB5.tmp -> [Ver = | Size = 14043 bytes | Created Date = 31.7.2007 10:09:35 | Attr = R ] WindowsShell.Manifest -> %SystemRoot%\WindowsShell.Manifest -> [Ver = | Size = 749 bytes | Created Date = 31.7.2007 10:20:04 | Attr = RH ] User_Feed_Synchronization-{D570E78E-BD09-458B-A229-7FDCF4B65C00}.job -> %SystemRoot%\tasks\User_Feed_Synchronization-{D570E78E-BD09-458B-A229-7FDCF4B65C00}.job -> [Ver = | Size = 430 bytes | Created Date = 31.7.2007 21:17:53 | Attr = H ] AGEIA -> %System32%\AGEIA -> [Folder | Created Date = 4.7.2007 19:23:49 | Attr = ] CatRoot2 -> %System32%\CatRoot2 -> [Folder | Created Date = 1.8.2007 10:35:32 | Attr = ] java.exe -> %System32%\java.exe -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 135168 bytes | Created Date = 1.8.2007 17:37:20 | Attr = ] javacpl.cpl -> %System32%\javacpl.cpl -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 69632 bytes | Created Date = 1.8.2007 17:37:20 | Attr = ] javaw.exe -> %System32%\javaw.exe -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 135168 bytes | Created Date = 1.8.2007 17:37:20 | Attr = ] javaws.exe -> %System32%\javaws.exe -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 139264 bytes | Created Date = 1.8.2007 17:37:20 | Attr = ] logonui.exe.manifest -> %System32%\logonui.exe.manifest -> [Ver = | Size = 488 bytes | Created Date = 31.7.2007 10:20:10 | Attr = RH ] ncpa.cpl.manifest -> %System32%\ncpa.cpl.manifest -> [Ver = | Size = 749 bytes | Created Date = 31.7.2007 10:20:04 | Attr = RH ] Panda Software -> %System32%\Panda Software -> [Folder | Created Date = 13.7.2007 21:37:28 | Attr = ] sapi.cpl.manifest -> %System32%\sapi.cpl.manifest -> [Ver = | Size = 749 bytes | Created Date = 31.7.2007 10:20:04 | Attr = RH ] spxcoins.dll -> %System32%\spxcoins.dll -> Perle Systems Ltd. [Ver = 1.0.0.0007 | Size = 24661 bytes | Created Date = 31.7.2007 10:09:51 | Attr = ] wuaucpl.cpl.manifest -> %System32%\wuaucpl.cpl.manifest -> [Ver = | Size = 749 bytes | Created Date = 31.7.2007 10:20:04 | Attr = RH ] big5.nls -> %System32%\dllcache\big5.nls -> [Ver = | Size = 66728 bytes | Created Date = 31.7.2007 10:21:34 | Attr = ] bopomofo.nls -> %System32%\dllcache\bopomofo.nls -> [Ver = | Size = 82172 bytes | Created Date = 31.7.2007 10:21:34 | Attr = ] cap7146.sys -> %System32%\dllcache\cap7146.sys -> Philips Semiconductors GmbH [Ver = 1.00 (XPClient.010817-1148) | Size = 54528 bytes | Created Date = 31.7.2007 10:21:40 | Attr = ] chtskf.dll -> %System32%\dllcache\chtskf.dll -> [Ver = | Size = 173568 bytes | Created Date = 31.7.2007 10:21:42 | Attr = ] c_10001.nls -> %System32%\dllcache\c_10001.nls -> [Ver = | Size = 162850 bytes | Created Date = 31.7.2007 10:21:34 | Attr = ] c_10002.nls -> %System32%\dllcache\c_10002.nls -> [Ver = | Size = 195618 bytes | Created Date = 31.7.2007 10:21:34 | Attr = ] c_10003.nls -> %System32%\dllcache\c_10003.nls -> [Ver = | Size = 177698 bytes | Created Date = 31.7.2007 10:21:34 | Attr = ] c_10004.nls -> %System32%\dllcache\c_10004.nls -> [Ver = | Size = 66082 bytes | Created Date = 31.7.2007 10:21:34 | Attr = ] c_10005.nls -> %System32%\dllcache\c_10005.nls -> [Ver = | Size = 66082 bytes | Created Date = 31.7.2007 10:21:35 | Attr = ] c_10008.nls -> %System32%\dllcache\c_10008.nls -> [Ver = | Size = 173602 bytes | Created Date = 31.7.2007 10:21:35 | Attr = ] c_10021.nls -> %System32%\dllcache\c_10021.nls -> [Ver = | Size = 66082 bytes | Created Date = 31.7.2007 10:21:35 | Attr = ] c_1047.nls -> %System32%\dllcache\c_1047.nls -> [Ver = | Size = 66082 bytes | Created Date = 31.7.2007 10:21:35 | Attr = ] c_1140.nls -> %System32%\dllcache\c_1140.nls -> [Ver = | Size = 66082 bytes | Created Date = 31.7.2007 10:21:35 | Attr = ] c_1141.nls -> %System32%\dllcache\c_1141.nls -> [Ver = | Size = 66082 bytes | Created Date = 31.7.2007 10:21:35 | Attr = ] c_1142.nls -> %System32%\dllcache\c_1142.nls -> [Ver = | Size = 66082 bytes | Created Date = 31.7.2007 10:21:35 | Attr = ] c_1143.nls -> %System32%\dllcache\c_1143.nls -> [Ver = | Size = 66082 bytes | Created Date = 31.7.2007 10:21:35 | Attr = ] c_1144.nls -> %System32%\dllcache\c_1144.nls -> [Ver = | Size = 66082 bytes | Created Date = 31.7.2007 10:21:35 | Attr = ] c_1145.nls -> %System32%\dllcache\c_1145.nls -> [Ver = | Size = 66082 bytes | Created Date = 31.7.2007 10:21:35 | Attr = ] c_1146.nls -> %System32%\dllcache\c_1146.nls -> [Ver = | Size = 66082 bytes | Created Date = 31.7.2007 10:21:35 | Attr = ] c_1147.nls -> %System32%\dllcache\c_1147.nls -> [Ver = | Size = 66082 bytes | Created Date = 31.7.2007 10:21:35 | Attr = ] c_1148.nls -> %System32%\dllcache\c_1148.nls -> [Ver = | Size = 66082 bytes | Created Date = 31.7.2007 10:21:35 | Attr = ] c_1149.nls -> %System32%\dllcache\c_1149.nls -> [Ver = | Size = 66082 bytes | Created Date = 31.7.2007 10:21:35 | Attr = ] c_1361.nls -> %System32%\dllcache\c_1361.nls -> [Ver = | Size = 189986 bytes | Created Date = 31.7.2007 10:21:36 | Attr = ] c_20000.nls -> %System32%\dllcache\c_20000.nls -> [Ver = | Size = 180258 bytes | Created Date = 31.7.2007 10:21:36 | Attr = ] c_20001.nls -> %System32%\dllcache\c_20001.nls -> [Ver = | Size = 186402 bytes | Created Date = 31.7.2007 10:21:36 | Attr = ] c_20002.nls -> %System32%\dllcache\c_20002.nls -> [Ver = | Size = 173602 bytes | Created Date = 31.7.2007 10:21:36 | Attr = ] c_20003.nls -> %System32%\dllcache\c_20003.nls -> [Ver = | Size = 185378 bytes | Created Date = 31.7.2007 10:21:36 | Attr = ] c_20004.nls -> %System32%\dllcache\c_20004.nls -> [Ver = | Size = 180258 bytes | Created Date = 31.7.2007 10:21:36 | Attr = ] c_20005.nls -> %System32%\dllcache\c_20005.nls -> [Ver = | Size = 187938 bytes | Created Date = 31.7.2007 10:21:36 | Attr = ] c_20105.nls -> %System32%\dllcache\c_20105.nls -> [Ver = | Size = 66082 bytes | Created Date = 31.7.2007 10:21:36 | Attr = ] c_20106.nls -> %System32%\dllcache\c_20106.nls -> [Ver = | Size = 66082 bytes | Created Date = 31.7.2007 10:21:36 | Attr = ] c_20107.nls -> %System32%\dllcache\c_20107.nls -> [Ver = | Size = 66082 bytes | Created Date = 31.7.2007 10:21:36 | Attr = ] c_20108.nls -> %System32%\dllcache\c_20108.nls -> [Ver = | Size = 66082 bytes | Created Date = 31.7.2007 10:21:37 | Attr = ] c_20269.nls -> %System32%\dllcache\c_20269.nls -> [Ver = | Size = 66082 bytes | Created Date = 31.7.2007 10:21:37 | Attr = ] c_20273.nls -> %System32%\dllcache\c_20273.nls -> [Ver = | Size = 66082 bytes | Created Date = 31.7.2007 10:21:37 | Attr = ] c_20277.nls -> %System32%\dllcache\c_20277.nls -> [Ver = | Size = 66082 bytes | Created Date = 31.7.2007 10:21:37 | Attr = ] c_20278.nls -> %System32%\dllcache\c_20278.nls -> [Ver = | Size = 66082 bytes | Created Date = 31.7.2007 10:21:37 | Attr = ] c_20280.nls -> %System32%\dllcache\c_20280.nls -> [Ver = | Size = 66082 bytes | Created Date = 31.7.2007 10:21:37 | Attr = ] c_20284.nls -> %System32%\dllcache\c_20284.nls -> [Ver = | Size = 66082 bytes | Created Date = 31.7.2007 10:21:37 | Attr = ] c_20285.nls -> %System32%\dllcache\c_20285.nls -> [Ver = | Size = 66082 bytes | Created Date = 31.7.2007 10:21:37 | Attr = ] c_20290.nls -> %System32%\dllcache\c_20290.nls -> [Ver = | Size = 66082 bytes | Created Date = 31.7.2007 10:21:37 | Attr = ] c_20297.nls -> %System32%\dllcache\c_20297.nls -> [Ver = | Size = 66082 bytes | Created Date = 31.7.2007 10:21:37 | Attr = ] c_20420.nls -> %System32%\dllcache\c_20420.nls -> [Ver = | Size = 66082 bytes | Created Date = 31.7.2007 10:21:37 | Attr = ] c_20423.nls -> %System32%\dllcache\c_20423.nls -> [Ver = | Size = 66082 bytes | Created Date = 31.7.2007 10:21:37 | Attr = ] c_20424.nls -> %System32%\dllcache\c_20424.nls -> [Ver = | Size = 66082 bytes | Created Date = 31.7.2007 10:21:37 | Attr = ] c_20833.nls -> %System32%\dllcache\c_20833.nls -> [Ver = | Size = 66082 bytes | Created Date = 31.7.2007 10:21:37 | Attr = ] c_20838.nls -> %System32%\dllcache\c_20838.nls -> [Ver = | Size = 66082 bytes | Created Date = 31.7.2007 10:21:37 | Attr = ] c_20871.nls -> %System32%\dllcache\c_20871.nls -> [Ver = | Size = 66082 bytes | Created Date = 31.7.2007 10:21:38 | Attr = ] c_20880.nls -> %System32%\dllcache\c_20880.nls -> [Ver = | Size = 66082 bytes | Created Date = 31.7.2007 10:21:38 | Attr = ] c_20924.nls -> %System32%\dllcache\c_20924.nls -> [Ver = | Size = 66082 bytes | Created Date = 31.7.2007 10:21:38 | Attr = ] c_20932.nls -> %System32%\dllcache\c_20932.nls -> [Ver = | Size = 180770 bytes | Created Date = 31.7.2007 10:21:38 | Attr = ] c_20936.nls -> %System32%\dllcache\c_20936.nls -> [Ver = | Size = 173602 bytes | Created Date = 31.7.2007 10:21:38 | Attr = ] c_20949.nls -> %System32%\dllcache\c_20949.nls -> [Ver = | Size = 177698 bytes | Created Date = 31.7.2007 10:21:38 | Attr = ] c_21025.nls -> %System32%\dllcache\c_21025.nls -> [Ver = | Size = 66082 bytes | Created Date = 31.7.2007 10:21:38 | Attr = ] c_21027.nls -> %System32%\dllcache\c_21027.nls -> [Ver = | Size = 66082 bytes | Created Date = 31.7.2007 10:21:38 | Attr = ] c_28596.nls -> %System32%\dllcache\c_28596.nls -> [Ver = | Size = 66082 bytes | Created Date = 31.7.2007 10:21:38 | Attr = ] c_708.nls -> %System32%\dllcache\c_708.nls -> [Ver = | Size = 66082 bytes | Created Date = 31.7.2007 10:21:38 | Attr = ] c_720.nls -> %System32%\dllcache\c_720.nls -> [Ver = | Size = 66594 bytes | Created Date = 31.7.2007 10:21:38 | Attr = ] c_858.nls -> %System32%\dllcache\c_858.nls -> [Ver = | Size = 66594 bytes | Created Date = 31.7.2007 10:21:39 | Attr = ] c_862.nls -> %System32%\dllcache\c_862.nls -> [Ver = | Size = 66594 bytes | Created Date = 31.7.2007 10:21:39 | Attr = ] c_864.nls -> %System32%\dllcache\c_864.nls -> [Ver = | Size = 66594 bytes | Created Date = 31.7.2007 10:21:39 | Attr = ] c_870.nls -> %System32%\dllcache\c_870.nls -> [Ver = | Size = 66082 bytes | Created Date = 31.7.2007 10:21:39 | Attr = ] esucmd.dll -> %System32%\dllcache\esucmd.dll -> SEIKO EPSON CORP. [Ver = 1.00 | Size = 31744 bytes | Created Date = 31.7.2007 10:21:52 | Attr = ] esuimgd.dll -> %System32%\dllcache\esuimgd.dll -> SEIKO EPSON CORP. [Ver = 1.00 | Size = 57856 bytes | Created Date = 31.7.2007 10:21:52 | Attr = ] esunid.dll -> %System32%\dllcache\esunid.dll -> SEIKO EPSON CORP. [Ver = 1.00 | Size = 45056 bytes | Created Date = 31.7.2007 10:21:52 | Attr = ] FP4.CAT -> %System32%\dllcache\FP4.CAT -> [Ver = | Size = 30983 bytes | Created Date = 31.7.2007 10:09:38 | Attr = ] fpencode.dll -> %System32%\dllcache\fpencode.dll -> [Ver = | Size = 94208 bytes | Created Date = 31.7.2007 10:21:54 | Attr = ] hanja.lex -> %System32%\dllcache\hanja.lex -> [Ver = | Size = 108827 bytes | Created Date = 31.7.2007 10:21:57 | Attr = ] HPCRDP.CAT -> %System32%\dllcache\HPCRDP.CAT -> [Ver = | Size = 13497 bytes | Created Date = 31.7.2007 10:09:38 | Attr = ] hwxjpn.dll -> %System32%\dllcache\hwxjpn.dll -> [Ver = | Size = 13463552 bytes | Created Date = 31.7.2007 10:22:01 | Attr = ] IASNT4.CAT -> %System32%\dllcache\IASNT4.CAT -> [Ver = | Size = 8599 bytes | Created Date = 31.7.2007 10:09:39 | Attr = ] imekr.lex -> %System32%\dllcache\imekr.lex -> [Ver = | Size = 134339 bytes | Created Date = 31.7.2007 10:22:09 | Attr = ] imjpinst.exe -> %System32%\dllcache\imjpinst.exe -> [Ver = | Size = 196665 bytes | Created Date = 31.7.2007 10:22:11 | Attr = ] IMS.CAT -> %System32%\dllcache\IMS.CAT -> [Ver = | Size = 14043 bytes | Created Date = 31.7.2007 10:09:38 | Attr = ] imscinst.exe -> %System32%\dllcache\imscinst.exe -> [Ver = | Size = 59392 bytes | Created Date = 31.7.2007 10:22:11 | Attr = ] korwbrkr.lex -> %System32%\dllcache\korwbrkr.lex -> [Ver = | Size = 1158818 bytes | Created Date = 31.7.2007 10:22:17 | Attr = ] ksc.nls -> %System32%\dllcache\ksc.nls -> [Ver = | Size = 47066 bytes | Created Date = 31.7.2007 10:22:18 | Attr = ] MAPIMIG.CAT -> %System32%\dllcache\MAPIMIG.CAT -> [Ver = | Size = 399670 bytes | Created Date = 31.7.2007 10:09:38 | Attr = ] MSMSGS.CAT -> %System32%\dllcache\MSMSGS.CAT -> [Ver = | Size = 9581 bytes | Created Date = 31.7.2007 10:09:38 | Attr = ] MSTSWEB.CAT -> %System32%\dllcache\MSTSWEB.CAT -> [Ver = | Size = 7245 bytes | Created Date = 31.7.2007 10:09:39 | Attr = ] MW770.CAT -> %System32%\dllcache\MW770.CAT -> [Ver = | Size = 37509 bytes | Created Date = 31.7.2007 10:09:38 | Attr = ] NT5.CAT -> %System32%\dllcache\NT5.CAT -> [Ver = | Size = 1895804 bytes | Created Date = 31.7.2007 10:09:38 | Attr = ] NT5IIS.CAT -> %System32%\dllcache\NT5IIS.CAT -> [Ver = | Size = 809684 bytes | Created Date = 31.7.2007 10:09:38 | Attr = ] NT5INF.CAT -> %System32%\dllcache\NT5INF.CAT -> [Ver = | Size = 523682 bytes | Created Date = 31.7.2007 10:09:38 | Attr = ] NTPRINT.CAT -> %System32%\dllcache\NTPRINT.CAT -> [Ver = | Size = 1086058 bytes | Created Date = 31.7.2007 10:09:38 | Attr = ] OEMBIOS.CAT -> %System32%\dllcache\OEMBIOS.CAT -> [Ver = | Size = 7407 bytes | Created Date = 31.7.2007 10:09:39 | Attr = ] pintlcsa.dll -> %System32%\dllcache\pintlcsa.dll -> [Ver = | Size = 175104 bytes | Created Date = 31.7.2007 10:22:35 | Attr = ] prc.nls -> %System32%\dllcache\prc.nls -> [Ver = | Size = 83748 bytes | Created Date = 31.7.2007 10:22:36 | Attr = ] prcp.nls -> %System32%\dllcache\prcp.nls -> [Ver = | Size = 83748 bytes | Created Date = 31.7.2007 10:22:36 | Attr = ] rw330ext.dll -> %System32%\dllcache\rw330ext.dll -> Ricoh Co., Ltd. [Ver = 5, 0, 2419, 1 | Size = 26624 bytes | Created Date = 31.7.2007 10:22:41 | Attr = ] rwia001.dll -> %System32%\dllcache\rwia001.dll -> Ricoh Co., Ltd. [Ver = 5, 0, 2419, 1 | Size = 79872 bytes | Created Date = 31.7.2007 10:22:41 | Attr = ] rwia330.dll -> %System32%\dllcache\rwia330.dll -> Ricoh Co., Ltd. [Ver = 5, 0, 2419, 1 | Size = 79872 bytes | Created Date = 31.7.2007 10:22:41 | Attr = ] SP2.CAT -> %System32%\dllcache\SP2.CAT -> [Ver = | Size = 1014139 bytes | Created Date = 31.7.2007 10:09:38 | Attr = ] spxcoins.dll -> %System32%\dllcache\spxcoins.dll -> Perle Systems Ltd. [Ver = 1.0.0.0007 | Size = 24661 bytes | Created Date = 31.7.2007 10:09:51 | Attr = ] startoc.cat -> %System32%\dllcache\startoc.cat -> [Ver = | Size = 168806 bytes | Created Date = 31.7.2007 10:09:39 | Attr = ] xjis.nls -> %System32%\dllcache\xjis.nls -> [Ver = | Size = 28288 bytes | Created Date = 31.7.2007 10:23:04 | Attr = ] AvgAsCln.sys -> %System32%\drivers\AvgAsCln.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 10872 bytes | Created Date = 1.8.2007 17:45:19 | Attr = ] [Files/Folders - Modified Within 30 days] boot.ini -> %SystemDrive%\boot.ini -> [Ver = | Size = 211 bytes | Modified Date = 1.8.2007 13:36:38 | Attr = HS] Config.Msi -> %SystemDrive%\Config.Msi -> [Folder | Modified Date = 2.8.2007 18:19:34 | Attr = HS] Fraps -> %SystemDrive%\Fraps -> [Folder | Modified Date = 22.7.2007 20:58:44 | Attr = ] GIF -> %SystemDrive%\GIF -> [Folder | Modified Date = 31.7.2007 22:57:18 | Attr = ] GTR2Demo -> %SystemDrive%\GTR2Demo -> [Folder | Modified Date = 31.7.2007 22:55:00 | Attr = ] Program Files -> %ProgramFiles% -> [Folder | Modified Date = 1.8.2007 18:45:18 | Attr = R ] System Volume Information -> %SystemDrive%\System Volume Information -> [Folder | Modified Date = 31.7.2007 11:26:28 | Attr = HS] TournamentDemo -> %SystemDrive%\TournamentDemo -> [Folder | Modified Date = 20.7.2007 0:21:52 | Attr = ] WINDOWS -> %SystemRoot% -> [Folder | Modified Date = 2.8.2007 18:19:56 | Attr = ] $hf_mig$ -> %SystemRoot%\$hf_mig$ -> [Folder | Modified Date = 31.7.2007 23:28:14 | Attr = H ] $MSI31Uninstall_KB893803v2$ -> %SystemRoot%\$MSI31Uninstall_KB893803v2$ -> [Folder | Modified Date = 31.7.2007 18:16:08 | Attr = H ] $NtUninstallKB873339$ -> %SystemRoot%\$NtUninstallKB873339$ -> [Folder | Modified Date = 1.8.2007 11:36:40 | Attr = H ] $NtUninstallKB884020$ -> %SystemRoot%\$NtUninstallKB884020$ -> [Folder | Modified Date = 31.7.2007 22:25:04 | Attr = H ] $NtUninstallKB885835$ -> %SystemRoot%\$NtUninstallKB885835$ -> [Folder | Modified Date = 1.8.2007 11:37:00 | Attr = H ] $NtUninstallKB885836$ -> %SystemRoot%\$NtUninstallKB885836$ -> [Folder | Modified Date = 1.8.2007 11:36:50 | Attr = H ] $NtUninstallKB885894$ -> %SystemRoot%\$NtUninstallKB885894$ -> [Folder | Modified Date = 31.7.2007 23:17:48 | Attr = H ] $NtUninstallKB886185$ -> %SystemRoot%\$NtUninstallKB886185$ -> [Folder | Modified Date = 1.8.2007 11:36:46 | Attr = H ] $NtUninstallKB888302$ -> %SystemRoot%\$NtUninstallKB888302$ -> [Folder | Modified Date = 1.8.2007 11:36:52 | Attr = H ] $NtUninstallKB890046$ -> %SystemRoot%\$NtUninstallKB890046$ -> [Folder | Modified Date = 1.8.2007 11:41:26 | Attr = H ] $NtUninstallKB890859$ -> %SystemRoot%\$NtUninstallKB890859$ -> [Folder | Modified Date = 1.8.2007 11:37:14 | Attr = H ] $NtUninstallKB891781$ -> %SystemRoot%\$NtUninstallKB891781$ -> [Folder | Modified Date = 1.8.2007 11:36:56 | Attr = H ] $NtUninstallKB893756$ -> %SystemRoot%\$NtUninstallKB893756$ -> [Folder | Modified Date = 1.8.2007 11:37:26 | Attr = H ] $NtUninstallKB894391$ -> %SystemRoot%\$NtUninstallKB894391$ -> [Folder | Modified Date = 1.8.2007 11:37:42 | Attr = H ] $NtUninstallKB896358$ -> %SystemRoot%\$NtUninstallKB896358$ -> [Folder | Modified Date = 1.8.2007 11:37:20 | Attr = H ] $NtUninstallKB896423$ -> %SystemRoot%\$NtUninstallKB896423$ -> [Folder | Modified Date = 1.8.2007 11:37:38 | Attr = H ] $NtUninstallKB896428$ -> %SystemRoot%\$NtUninstallKB896428$ -> [Folder | Modified Date = 1.8.2007 11:37:06 | Attr = H ] $NtUninstallKB899587$ -> %SystemRoot%\$NtUninstallKB899587$ -> [Folder | Modified Date = 1.8.2007 11:37:34 | Attr = H ] $NtUninstallKB899591$ -> %SystemRoot%\$NtUninstallKB899591$ -> [Folder | Modified Date = 1.8.2007 11:37:30 | Attr = H ] $NtUninstallKB900485$ -> %SystemRoot%\$NtUninstallKB900485$ -> [Folder | Modified Date = 1.8.2007 11:38:50 | Attr = H ] $NtUninstallKB900725$ -> %SystemRoot%\$NtUninstallKB900725$ -> [Folder | Modified Date = 1.8.2007 11:38:10 | Attr = H ] $NtUninstallKB901017$ -> %SystemRoot%\$NtUninstallKB901017$ -> [Folder | Modified Date = 1.8.2007 11:37:56 | Attr = H ] $NtUninstallKB901214$ -> %SystemRoot%\$NtUninstallKB901214$ -> [Folder | Modified Date = 1.8.2007 11:37:10 | Attr = H ] $NtUninstallKB902400$ -> %SystemRoot%\$NtUninstallKB902400$ -> [Folder | Modified Date = 1.8.2007 11:37:48 | Attr = H ] $NtUninstallKB904706$ -> %SystemRoot%\$NtUninstallKB904706$ -> [Folder | Modified Date = 1.8.2007 11:38:20 | Attr = H ] $NtUninstallKB905414$ -> %SystemRoot%\$NtUninstallKB905414$ -> [Folder | Modified Date = 1.8.2007 11:38:00 | Attr = H ] $NtUninstallKB905749$ -> %SystemRoot%\$NtUninstallKB905749$ -> [Folder | Modified Date = 1.8.2007 11:38:04 | Attr = H ] $NtUninstallKB908519$ -> %SystemRoot%\$NtUninstallKB908519$ -> [Folder | Modified Date = 1.8.2007 11:38:24 | Attr = H ] $NtUninstallKB908531$ -> %SystemRoot%\$NtUninstallKB908531$ -> [Folder | Modified Date = 1.8.2007 11:38:54 | Attr = H ] $NtUninstallKB910437$ -> %SystemRoot%\$NtUninstallKB910437$ -> [Folder | Modified Date = 1.8.2007 11:38:16 | Attr = H ] $NtUninstallKB911280$ -> %SystemRoot%\$NtUninstallKB911280$ -> [Folder | Modified Date = 1.8.2007 11:39:24 | Attr = H ] $NtUninstallKB911562$ -> %SystemRoot%\$NtUninstallKB911562$ -> [Folder | Modified Date = 1.8.2007 11:38:46 | Attr = H ] $NtUninstallKB911927$ -> %SystemRoot%\$NtUninstallKB911927$ -> [Folder | Modified Date = 1.8.2007 11:38:28 | Attr = H ] $NtUninstallKB913580$ -> %SystemRoot%\$NtUninstallKB913580$ -> [Folder | Modified Date = 1.8.2007 11:39:16 | Attr = H ] $NtUninstallKB914388$ -> %SystemRoot%\$NtUninstallKB914388$ -> [Folder | Modified Date = 1.8.2007 11:39:28 | Attr = H ] $NtUninstallKB914389$ -> %SystemRoot%\$NtUninstallKB914389$ -> [Folder | Modified Date = 1.8.2007 11:39:08 | Attr = H ] $NtUninstallKB915865$ -> %SystemRoot%\$NtUninstallKB915865$ -> [Folder | Modified Date = 31.7.2007 21:56:34 | Attr = H ] $NtUninstallKB916595$ -> %SystemRoot%\$NtUninstallKB916595$ -> [Folder | Modified Date = 1.8.2007 11:39:46 | Attr = H ] $NtUninstallKB917953$ -> %SystemRoot%\$NtUninstallKB917953$ -> [Folder | Modified Date = 1.8.2007 11:39:20 | Attr = H ] $NtUninstallKB918118$ -> %SystemRoot%\$NtUninstallKB918118$ -> [Folder | Modified Date = 1.8.2007 11:40:56 | Attr = H ] $NtUninstallKB918439$ -> %SystemRoot%\$NtUninstallKB918439$ -> [Folder | Modified Date = 1.8.2007 11:39:12 | Attr = H ] $NtUninstallKB919007$ -> %SystemRoot%\$NtUninstallKB919007$ -> [Folder | Modified Date = 1.8.2007 11:39:50 | Attr = H ] $NtUninstallKB920213$ -> %SystemRoot%\$NtUninstallKB920213$ -> [Folder | Modified Date = 1.8.2007 11:41:30 | Attr = H ] $NtUninstallKB920670$ -> %SystemRoot%\$NtUninstallKB920670$ -> [Folder | Modified Date = 1.8.2007 11:39:34 | Attr = H ] $NtUninstallKB920683$ -> %SystemRoot%\$NtUninstallKB920683$ -> [Folder | Modified Date = 1.8.2007 11:39:38 | Attr = H ] $NtUninstallKB920685$ -> %SystemRoot%\$NtUninstallKB920685$ -> [Folder | Modified Date = 1.8.2007 11:39:54 | Attr = H ] $NtUninstallKB920872$ -> %SystemRoot%\$NtUninstallKB920872$ -> [Folder | Modified Date = 1.8.2007 11:40:00 | Attr = H ] $NtUninstallKB922582$ -> %SystemRoot%\$NtUninstallKB922582$ -> [Folder | Modified Date = 1.8.2007 11:39:42 | Attr = H ] $NtUninstallKB922819$ -> %SystemRoot%\$NtUninstallKB922819$ -> [Folder | Modified Date = 1.8.2007 11:40:16 | Attr = H ] $NtUninstallKB923191$ -> %SystemRoot%\$NtUninstallKB923191$ -> [Folder | Modified Date = 1.8.2007 11:40:06 | Attr = H ] $NtUninstallKB923414$ -> %SystemRoot%\$NtUninstallKB923414$ -> [Folder | Modified Date = 1.8.2007 11:40:04 | Attr = H ] $NtUninstallKB923689$ -> %SystemRoot%\$NtUninstallKB923689$ -> [Folder | Modified Date = 1.8.2007 11:42:10 | Attr = H ] $NtUninstallKB923980$ -> %SystemRoot%\$NtUninstallKB923980$ -> [Folder | Modified Date = 1.8.2007 11:40:26 | Attr = H ] $NtUninstallKB924191$ -> %SystemRoot%\$NtUninstallKB924191$ -> [Folder | Modified Date = 1.8.2007 11:40:12 | Attr = H ] $NtUninstallKB924270$ -> %SystemRoot%\$NtUninstallKB924270$ -> [Folder | Modified Date = 1.8.2007 11:40:22 | Attr = H ] $NtUninstallKB924667$ -> %SystemRoot%\$NtUninstallKB924667$ -> [Folder | Modified Date = 1.8.2007 11:40:46 | Attr = H ] $NtUninstallKB925902$ -> %SystemRoot%\$NtUninstallKB925902$ -> [Folder | Modified Date = 31.7.2007 22:27:14 | Attr = H ] $NtUninstallKB926255$ -> %SystemRoot%\$NtUninstallKB926255$ -> [Folder | Modified Date = 1.8.2007 11:40:30 | Attr = H ] $NtUninstallKB926436$ -> %SystemRoot%\$NtUninstallKB926436$ -> [Folder | Modified Date = 1.8.2007 11:41:00 | Attr = H ] $NtUninstallKB927779$ -> %SystemRoot%\$NtUninstallKB927779$ -> [Folder | Modified Date = 1.8.2007 11:40:50 | Attr = H ] $NtUninstallKB927802$ -> %SystemRoot%\$NtUninstallKB927802$ -> [Folder | Modified Date = 1.8.2007 11:40:44 | Attr = H ] $NtUninstallKB927891$ -> %SystemRoot%\$NtUninstallKB927891$ -> [Folder | Modified Date = 31.7.2007 22:25:42 | Attr = H ] $NtUninstallKB928255$ -> %SystemRoot%\$NtUninstallKB928255$ -> [Folder | Modified Date = 1.8.2007 11:40:38 | Attr = H ] $NtUninstallKB929123$ -> %SystemRoot%\$NtUninstallKB929123$ -> [Folder | Modified Date = 1.8.2007 11:41:52 | Attr = H ] $NtUninstallKB930178$ -> %SystemRoot%\$NtUninstallKB930178$ -> [Folder | Modified Date = 1.8.2007 11:41:14 | Attr = H ] $NtUninstallKB930916$ -> %SystemRoot%\$NtUninstallKB930916$ -> [Folder | Modified Date = 1.8.2007 11:41:34 | Attr = H ] $NtUninstallKB931261$ -> %SystemRoot%\$NtUninstallKB931261$ -> [Folder | Modified Date = 1.8.2007 11:41:18 | Attr = H ] $NtUninstallKB931784$ -> %SystemRoot%\$NtUninstallKB931784$ -> [Folder | Modified Date = 1.8.2007 11:41:08 | Attr = H ] $NtUninstallKB931836$ -> %SystemRoot%\$NtUninstallKB931836$ -> [Folder | Modified Date = 1.8.2007 11:41:04 | Attr = H ] $NtUninstallKB932168$ -> %SystemRoot%\$NtUninstallKB932168$ -> [Folder | Modified Date = 1.8.2007 11:41:22 | Attr = H ] $NtUninstallKB935448$ -> %SystemRoot%\$NtUninstallKB935448$ -> [Folder | Modified Date = 31.7.2007 22:24:08 | Attr = H ] $NtUninstallKB935839$ -> %SystemRoot%\$NtUninstallKB935839$ -> [Folder | Modified Date = 31.7.2007 22:21:22 | Attr = H ] $NtUninstallKB935840$ -> %SystemRoot%\$NtUninstallKB935840$ -> [Folder | Modified Date = 31.7.2007 22:22:56 | Attr = H ] $NtUninstallKB936357$ -> %SystemRoot%\$NtUninstallKB936357$ -> [Folder | Modified Date = 31.7.2007 23:28:16 | Attr = H ] AppPatch -> %SystemRoot%\AppPatch -> [Folder | Modified Date = 31.7.2007 23:29:22 | Attr = ] bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 2.8.2007 18:19:36 | Attr = S] Debug -> %SystemRoot%\Debug -> [Folder | Modified Date = 1.8.2007 18:43:24 | Attr = ] Downloaded Program Files -> %SystemRoot%\Downloaded Program Files -> [Folder | Modified Date = 31.7.2007 21:50:16 | Attr = S] Driver Cache -> %SystemRoot%\Driver Cache -> [Folder | Modified Date = 31.7.2007 14:01:40 | Attr = ] ERUNT -> %SystemRoot%\ERUNT -> [Folder | Modified Date = 1.8.2007 13:05:14 | Attr = ] Fonts -> %SystemRoot%\Fonts -> [Folder | Modified Date = 31.7.2007 14:06:50 | Attr = R S] Help -> %SystemRoot%\Help -> [Folder | Modified Date = 31.7.2007 21:58:52 | Attr = ] ie7 -> %SystemRoot%\ie7 -> [Folder | Modified Date = 31.7.2007 21:57:18 | Attr = H ] ime -> %SystemRoot%\ime -> [Folder | Modified Date = 31.7.2007 14:06:52 | Attr = ] inf -> %SystemRoot%\inf -> [Folder | Modified Date = 1.8.2007 13:17:14 | Attr = H ] Installer -> %SystemRoot%\Installer -> [Folder | Modified Date = 1.8.2007 18:37:30 | Attr = HS] Media -> %SystemRoot%\Media -> [Folder | Modified Date = 31.7.2007 14:06:50 | Attr = ] Minidump -> %SystemRoot%\Minidump -> [Folder | Modified Date = 31.7.2007 18:27:20 | Attr = ] mozver.dat -> %SystemRoot%\mozver.dat -> [Ver = | Size = 6013 bytes | Modified Date = 13.7.2007 22:37:30 | Attr = ] msagent -> %SystemRoot%\msagent -> [Folder | Modified Date = 1.8.2007 11:43:50 | Attr = ] nview -> %SystemRoot%\nview -> [Folder | Modified Date = 31.7.2007 11:24:14 | Attr = ] ODBCINST.INI -> %SystemRoot%\ODBCINST.INI -> [Ver = | Size = 4381 bytes | Modified Date = 31.7.2007 11:21:00 | Attr = ] PeerNet -> %SystemRoot%\PeerNet -> [Folder | Modified Date = 31.7.2007 14:06:38 | Attr = ] Prefetch -> %SystemRoot%\Prefetch -> [Folder | Modified Date = 2.8.2007 18:31:56 | Attr = ] pss -> %SystemRoot%\pss -> [Folder | Modified Date = 31.7.2007 18:19:40 | Attr = ] QTFont.for -> %SystemRoot%\QTFont.for -> [Ver = | Size = 1409 bytes | Modified Date = 23.7.2007 23:20:26 | Attr = ] QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes | Modified Date = 28.7.2007 22:52:04 | Attr = H ] Registration -> %SystemRoot%\Registration -> [Folder | Modified Date = 31.7.2007 11:34:38 | Attr = ] security -> %SystemRoot%\security -> [Folder | Modified Date = 31.7.2007 18:16:36 | Attr = ] SoftwareDistribution -> %SystemRoot%\SoftwareDistribution -> [Folder | Modified Date = 31.7.2007 14:44:42 | Attr = ] system -> %SystemRoot%\system -> [Folder | Modified Date = 31.7.2007 14:07:12 | Attr = ] system.ini -> %SystemRoot%\system.ini -> [Ver = | Size = 227 bytes | Modified Date = 1.8.2007 13:36:38 | Attr = ] system32 -> %System32% -> [Folder | Modified Date = 1.8.2007 18:37:22 | Attr = ] Tasks -> %SystemRoot%\Tasks -> [Folder | Modified Date = 31.7.2007 22:17:54 | Attr = S] Temp -> %SystemRoot%\Temp -> [Folder | Modified Date = 2.8.2007 18:21:00 | Attr = ] twain_32 -> %SystemRoot%\twain_32 -> [Folder | Modified Date = 31.7.2007 14:03:42 | Attr = ] Web -> %SystemRoot%\Web -> [Folder | Modified Date = 31.7.2007 11:20:14 | Attr = R ] win.ini -> %SystemRoot%\win.ini -> [Ver = | Size = 785 bytes | Modified Date = 1.8.2007 13:36:38 | Attr = ] Winamp.ini -> %SystemRoot%\Winamp.ini -> [Ver = | Size = 192 bytes | Modified Date = 8.7.2007 20:08:04 | Attr = ] WindowsShell.Manifest -> %SystemRoot%\WindowsShell.Manifest -> [Ver = | Size = 749 bytes | Modified Date = 31.7.2007 11:20:06 | Attr = RH ] WinSxS -> %SystemRoot%\WinSxS -> [Folder | Modified Date = 31.7.2007 14:01:40 | Attr = ] WMSysPr9.prx -> %SystemRoot%\WMSysPr9.prx -> [Ver = | Size = 316640 bytes | Modified Date = 31.7.2007 11:21:12 | Attr = ] SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 2.8.2007 18:19:40 | Attr = H ] User_Feed_Synchronization-{D570E78E-BD09-458B-A229-7FDCF4B65C00}.job -> %SystemRoot%\tasks\User_Feed_Synchronization-{D570E78E-BD09-458B-A229-7FDCF4B65C00}.job -> [Ver = | Size = 430 bytes | Modified Date = 1.8.2007 22:17:18 | Attr = H ] $winnt$.inf -> %System32%\$winnt$.inf -> [Ver = | Size = 288 bytes | Modified Date = 31.7.2007 11:23:20 | Attr = ] 1033 -> %System32%\1033 -> [Folder | Modified Date = 31.7.2007 14:02:32 | Attr = ] 1035 -> %System32%\1035 -> [Folder | Modified Date = 31.7.2007 14:03:56 | Attr = ] AGEIA -> %System32%\AGEIA -> [Folder | Modified Date = 4.7.2007 20:23:50 | Attr = ] amcompat.tlb -> %System32%\amcompat.tlb -> [Ver = | Size = 16832 bytes | Modified Date = 31.7.2007 11:21:10 | Attr = ] aswBoot.exe -> %System32%\aswBoot.exe -> ALWIL Software [Ver = 4, 7, 1029, 0 | Size = 783224 bytes | Modified Date = 28.7.2007 1:07:22 | Attr = ] AVASTSS.scr -> %System32%\AVASTSS.scr -> ALWIL Software [Ver = 4, 7, 1029, 0 | Size = 95608 bytes | Modified Date = 28.7.2007 0:57:50 | Attr = ] CatRoot -> %System32%\CatRoot -> [Folder | Modified Date = 1.8.2007 11:35:42 | Attr = ] CatRoot2 -> %System32%\CatRoot2 -> [Folder | Modified Date = 1.8.2007 18:12:34 | Attr = ] cdplayer.exe.manifest -> %System32%\cdplayer.exe.manifest -> [Ver = | Size = 749 bytes | Modified Date = 31.7.2007 11:20:06 | Attr = RH ] Com -> %System32%\Com -> [Folder | Modified Date = 1.8.2007 11:37:52 | Attr = ] config -> %System32%\config -> [Folder | Modified Date = 31.7.2007 11:24:14 | Attr = ] CONFIG.NT -> %System32%\CONFIG.NT -> [Ver = | Size = 2567 bytes | Modified Date = 29.7.2007 8:37:04 | Attr = ] DirectX -> %System32%\DirectX -> [Folder | Modified Date = 4.7.2007 20:24:16 | Attr = ] dllcache -> %System32%\dllcache -> [Folder | Modified Date = 1.8.2007 11:43:50 | Attr = RHS] drivers -> %System32%\drivers -> [Folder | Modified Date = 1.8.2007 18:45:20 | Attr = ] DRVSTORE -> %System32%\DRVSTORE -> [Folder | Modified Date = 4.7.2007 20:23:58 | Attr = ] emptyregdb.dat -> %System32%\emptyregdb.dat -> [Ver = | Size = 22720 bytes | Modified Date = 31.7.2007 11:19:32 | Attr = ] FNTCACHE.DAT -> %System32%\FNTCACHE.DAT -> [Ver = | Size = 101440 bytes | Modified Date = 31.7.2007 22:31:38 | Attr = ] ias -> %System32%\ias -> [Folder | Modified Date = 31.7.2007 14:02:36 | Attr = ] icsxml -> %System32%\icsxml -> [Folder | Modified Date = 31.7.2007 14:02:58 | Attr = ] java.exe -> %System32%\java.exe -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 135168 bytes | Modified Date = 12.7.2007 1:22:00 | Attr = ] javacpl.cpl -> %System32%\javacpl.cpl -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 69632 bytes | Modified Date = 12.7.2007 2:22:36 | Attr = ] javaw.exe -> %System32%\javaw.exe -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 135168 bytes | Modified Date = 12.7.2007 1:22:04 | Attr = ] javaws.exe -> %System32%\javaws.exe -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 139264 bytes | Modified Date = 12.7.2007 2:22:38 | Attr = ] logonui.exe.manifest -> %System32%\logonui.exe.manifest -> [Ver = | Size = 488 bytes | Modified Date = 31.7.2007 11:20:12 | Attr = RH ] ncpa.cpl.manifest -> %System32%\ncpa.cpl.manifest -> [Ver = | Size = 749 bytes | Modified Date = 31.7.2007 11:20:06 | Attr = RH ] npp -> %System32%\npp -> [Folder | Modified Date = 31.7.2007 14:06:28 | Attr = ] nscompat.tlb -> %System32%\nscompat.tlb -> [Ver = | Size = 23392 bytes | Modified Date = 31.7.2007 11:21:10 | Attr = ] nvapps.xml -> %System32%\nvapps.xml -> [Ver = | Size = 88309 bytes | Modified Date = 31.7.2007 18:18:10 | Attr = ] nwc.cpl.manifest -> %System32%\nwc.cpl.manifest -> [Ver = | Size = 749 bytes | Modified Date = 31.7.2007 11:20:06 | Attr = RH ] oobe -> %System32%\oobe -> [Folder | Modified Date = 31.7.2007 11:19:50 | Attr = ] Panda Software -> %System32%\Panda Software -> [Folder | Modified Date = 13.7.2007 22:37:30 | Attr = ] perfc009.dat -> %System32%\perfc009.dat -> [Ver = | Size = 40128 bytes | Modified Date = 1.8.2007 11:46:32 | Attr = ] perfc00B.dat -> %System32%\perfc00B.dat -> [Ver = | Size = 48660 bytes | Modified Date = 1.8.2007 11:46:32 | Attr = ] perfh009.dat -> %System32%\perfh009.dat -> [Ver = | Size = 311740 bytes | Modified Date = 1.8.2007 11:46:32 | Attr = ] perfh00B.dat -> %System32%\perfh00B.dat -> [Ver = | Size = 283356 bytes | Modified Date = 1.8.2007 11:46:32 | Attr = ] PerfStringBackup.INI -> %System32%\PerfStringBackup.INI -> [Ver = | Size = 690512 bytes | Modified Date = 1.8.2007 11:46:32 | Attr = ] Restore -> %System32%\Restore -> [Folder | Modified Date = 31.7.2007 11:26:28 | Attr = ] sapi.cpl.manifest -> %System32%\sapi.cpl.manifest -> [Ver = | Size = 749 bytes | Modified Date = 31.7.2007 11:20:06 | Attr = RH ] Setup -> %System32%\Setup -> [Folder | Modified Date = 31.7.2007 14:07:12 | Attr = ] usmt -> %System32%\usmt -> [Folder | Modified Date = 31.7.2007 14:07:02 | Attr = ] wbem -> %System32%\wbem -> [Folder | Modified Date = 31.7.2007 14:06:48 | Attr = ] WindowsLogon.manifest -> %System32%\WindowsLogon.manifest -> [Ver = | Size = 488 bytes | Modified Date = 31.7.2007 11:20:12 | Attr = RH ] wpa.dbl -> %System32%\wpa.dbl -> [Ver = | Size = 13646 bytes | Modified Date = 2.8.2007 18:19:36 | Attr = ] wuaucpl.cpl.manifest -> %System32%\wuaucpl.cpl.manifest -> [Ver = | Size = 749 bytes | Modified Date = 31.7.2007 11:20:06 | Attr = RH ] aavmker4.sys -> %System32%\drivers\aavmker4.sys -> ALWIL Software [Ver = 4.7.1029.0 | Size = 26624 bytes | Modified Date = 28.7.2007 0:58:36 | Attr = ] aswmon.sys -> %System32%\drivers\aswmon.sys -> ALWIL Software [Ver = 4.7.1029.0 | Size = 92848 bytes | Modified Date = 28.7.2007 1:02:50 | Attr = ] aswmon2.sys -> %System32%\drivers\aswmon2.sys -> ALWIL Software [Ver = 4.7.1029.0 | Size = 94416 bytes | Modified Date = 28.7.2007 1:02:34 | Attr = ] aswRdr.sys -> %System32%\drivers\aswRdr.sys -> ALWIL Software [Ver = 4.7.1029.0 | Size = 23152 bytes | Modified Date = 28.7.2007 1:00:40 | Attr = ] aswTdi.sys -> %System32%\drivers\aswTdi.sys -> ALWIL Software [Ver = 4.7.1029.0 | Size = 42912 bytes | Modified Date = 28.7.2007 0:59:58 | Attr = ] etc -> %System32%\drivers\etc -> [Folder | Modified Date = 1.8.2007 13:08:20 | Attr = ] secdrv.sys -> %System32%\drivers\secdrv.sys -> Macrovision Europe Ltd [Ver = 3.17.000 | Size = 12464 bytes | Modified Date = 1.8.2007 20:41:46 | Attr = ] [File String Scan - Non-Microsoft Only] WSUD , -> %System32%\ALSNDMGR.CPL -> Realtek Semiconductor Corp. [Ver = 2, 2, 0, 48 | Size = 18771968 bytes | Modified Date = 17.8.2005 13:25:20 | Attr = R ] UPX! , UPX0 , -> %System32%\aswBoot.exe -> ALWIL Software [Ver = 4, 7, 1029, 0 | Size = 783224 bytes | Modified Date = 28.7.2007 1:07:22 | Attr = ] PEC2 , -> %System32%\dfrg.msc -> [Ver = | Size = 41113 bytes | Modified Date = 15.9.2004 15:00:00 | Attr = ] Thawte Consulting , -> %System32%\rmoc3260.dll -> RealNetworks, Inc. [Ver = 6.0.9.2568 | Size = 185952 bytes | Modified Date = 18.3.2007 1:48:20 | Attr = ] winsync , -> %System32%\wbdbase.deu -> [Ver = | Size = 1309184 bytes | Modified Date = 15.9.2004 15:00:00 | Attr = ] WSUD , UPX0 , -> %System32%\dllcache\hwxjpn.dll -> [Ver = | Size = 13463552 bytes | Modified Date = 15.9.2004 15:00:00 | Attr = ] < End of report >
Sain ladattua tuon Deckard's System Scannerin. Logit tässä... --------------------------------------------------------------- Deckard's System Scanner v20070729.57 Run by TIETOKONE on 2007-08-02 at 22:55:15 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- HijackThis (run as TIETOKONE.exe) ------------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:55:16, on 2.8.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16473) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\notepad.exe C:\Documents and Settings\TIETOKONE\Työpöytä\Deckard's System Scanner.exe C:\PROGRA~1\TRENDM~1\HIJACK~1\TIETOK~1.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fi/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [razertra] C:\Program Files\Razer\razertra.exe O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Paikallinen palve') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Verkkopalve') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - http://support.f-secure.com/ols/fscax.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe -- End of file - 4597 bytes -- Files created between 2007-07-02 and 2007-08-02 ----------------------------- 2007-08-01 18:45:25 0 d-------- C:\Documents and Settings\TIETOKONE\Application Data\Grisoft 2007-08-01 18:45:17 0 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft 2007-08-01 18:43:53 0 dr-h----- C:\Documents and Settings\TIETOKONE\Recent 2007-08-01 18:42:45 0 d-------- C:\Program Files\CCleaner 2007-08-01 18:37:22 0 d-------- C:\Program Files\Sun 2007-08-01 18:35:59 0 d-------- C:\Program Files\Common Files\Java 2007-08-01 13:05:12 0 d-------- C:\WINDOWS\ERUNT 2007-08-01 11:35:32 0 d-------- C:\WINDOWS\system32\CatRoot2 2007-07-31 22:55:05 0 d-------- C:\Program Files\Trend Micro 2007-07-31 11:24:50 0 d-------- C:\WINDOWS\Prefetch 2007-07-30 00:13:52 0 d-------- C:\Program Files\Resource Kit 2007-07-20 00:18:13 0 d-------- C:\TournamentDemo 2007-07-13 22:37:28 0 d-------- C:\WINDOWS\system32\Panda Software 2007-07-04 20:23:49 0 d-------- C:\WINDOWS\system32\AGEIA 2007-07-04 20:23:48 0 d-------- C:\Program Files\AGEIA Technologies 2007-07-04 20:21:30 0 d-------- C:\Program Files\UBISOFT -- Find3M Report --------------------------------------------------------------- 2007-08-01 18:37:20 0 d-------- C:\Program Files\Java 2007-08-01 18:35:59 0 d-------- C:\Program Files\Common Files 2007-08-01 11:46:30 283356 --a------ C:\WINDOWS\system32\perfh00B.dat 2007-08-01 11:46:30 48660 --a------ C:\WINDOWS\system32\perfc00B.dat 2007-07-31 18:27:19 0 d---s---- C:\Program Files\Xfire 2007-07-31 11:19:30 22720 --a------ C:\WINDOWS\system32\emptyregdb.dat 2007-07-29 23:52:22 0 d-------- C:\Documents and Settings\TIETOKONE\Application Data\Xfire 2007-07-29 18:01:30 0 d-------- C:\Program Files\EA GAMES 2007-07-29 18:01:30 0 d-------- C:\Documents and Settings\TIETOKONE\Application Data\gtk-2.0 2007-07-23 23:16:19 0 d-------- C:\Documents and Settings\TIETOKONE\Application Data\OpenOffice.org2 2007-07-15 13:22:06 0 d-------- C:\Program Files\Winamp 2007-07-13 22:37:28 6013 --a------ C:\WINDOWS\mozver.dat 2007-07-04 20:23:29 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard 2007-07-04 20:21:29 0 d--h----- C:\Program Files\InstallShield Installation Information 2007-07-03 23:51:14 0 d-------- C:\Program Files\GameShadow 2007-06-23 20:19:45 0 d-------- C:\Program Files\SpywareBlaster 2007-06-18 22:46:32 0 d-------- C:\Program Files\2 Pic 2007-06-16 22:17:43 0 dr-h----- C:\Documents and Settings\TIETOKONE\Application Data\SecuROM 2007-06-16 22:05:51 0 d-------- C:\Program Files\Sierra 2007-06-09 16:27:37 0 d-------- C:\Program Files\El Matador Demo -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [28.07.2007 01:03] "razertra"="C:\Program Files\Razer\razertra.exe" [10.10.2004 19:21] "{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="C:\Program Files\Google\Gmail Notifier\gnotify.exe" [16.07.2005 00:48] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [12.07.2007 04:00] "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [11.06.2007 12:25] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [15.09.2004 15:00] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "DisableRegistryTools"=0 (0x0) [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] "Notification Packages"= scecli [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Käynnistä-valikko^Ohjelmat^Käynnistys^Adobe Reader Speed Launch.lnk] path=C:\Documents and Settings\All Users\Käynnistä-valikko\Ohjelmat\Käynnistys\Adobe Reader Speed Launch.lnk backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Käynnistä-valikko^Ohjelmat^Käynnistys^Kodak EasyShare software.lnk] path=C:\Documents and Settings\All Users\Käynnistä-valikko\Ohjelmat\Käynnistys\Kodak EasyShare software.lnk backup=C:\WINDOWS\pss\Kodak EasyShare software.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Käynnistä-valikko^Ohjelmat^Käynnistys^Kodak software updater.lnk] path=C:\Documents and Settings\All Users\Käynnistä-valikko\Ohjelmat\Käynnistys\Kodak software updater.lnk backup=C:\WINDOWS\pss\Kodak software updater.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Käynnistä-valikko^Ohjelmat^Käynnistys^WinZip Quick Pick.lnk] path=C:\Documents and Settings\All Users\Käynnistä-valikko\Ohjelmat\Käynnistys\WinZip Quick Pick.lnk backup=C:\WINDOWS\pss\WinZip Quick Pick.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^TIETOKONE^Käynnistä-valikko^Ohjelmat^Käynnistys^OpenOffice.org 2.0.lnk] path=C:\Documents and Settings\TIETOKONE\Käynnistä-valikko\Ohjelmat\Käynnistys\OpenOffice.org 2.0.lnk backup=C:\WINDOWS\pss\OpenOffice.org 2.0.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^TIETOKONE^Käynnistä-valikko^Ohjelmat^Käynnistys^Registration Ghost Recon Advanced Warfighter® 2 Demo.LNK] path=C:\Documents and Settings\TIETOKONE\Käynnistä-valikko\Ohjelmat\Käynnistys\Registration Ghost Recon Advanced Warfighter® 2 Demo.LNK backup=C:\WINDOWS\pss\Registration Ghost Recon Advanced Warfighter® 2 Demo.LNKStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] nwiz.exe /install [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan] SOUNDMAN.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam] C:\Program Files\Valve\Steam\\Steam.exe -silent [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1 [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "sfrem01"=2 (0x2) "NVSvc"=2 (0x2) "usnjsvc"=3 (0x3) "Themes"=2 (0x2) "WMPNetworkSvc"=3 (0x3) "KodakCCS"=2 (0x2) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe *Newly Created Service* - AVGASCLN -- End of Deckard's System Scanner: finished at 2007-08-02 at 22:55:33 --------- XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX Deckard's System Scanner v20070729.57 Extra logfile - please post this as an attachment with your post. -------------------------------------------------------------------------------- -- System Information ---------------------------------------------------------- Microsoft Windows XP Home Edition (build 2600) SP 2.0 Architecture: X86; Language: Other (040B) - see http://preview.tinyurl.com/mhhp6 CPU 0: AMD Athlon(tm) 64 Processor 3700+ Percentage of Memory in Use: 18% Physical Memory (total/avail): 2047.23 MiB / 1668.41 MiB Pagefile Memory (total/avail): 3939.82 MiB / 3657.88 MiB Virtual Memory (total/avail): 2047.88 MiB / 1971.95 MiB A: is Removable (Unformatted) C: is Fixed (NTFS) - 232.88 GiB total, 153.04 GiB free. D: is CDROM (No Media) E: is CDROM (CDFS) -- Security Center ------------------------------------------------------------- AUOptions is scheduled to auto-install. Windows Internal Firewall is enabled. FirstRunDisabled is set. AV: avast! antivirus 4.7.1029 [VPS 000763-3] v4.7.1029 (ALWIL Software) Disabled [HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabledxpsp2res.dll,-22019" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" [HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\\Program Files\\EA GAMES\\MOHAA\\moh_spearhead.exe"="C:\\Program Files\\EA GAMES\\MOHAA\\moh_spearhead.exe:*:Enabled:Medal of Honor Allied Assault(tm) Spearhead" "C:\\Program Files\\Empire Interactive\\FlatOut2\\FlatOut2.exe"="C:\\Program Files\\Empire Interactive\\FlatOut2\\FlatOut2.exe:*:Enabled:FlatOut2" "C:\\WINDOWS\\system32\\dpvsetup.exe"="C:\\WINDOWS\\system32\\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test" "C:\\WINDOWS\\system32\\rundll32.exe"="C:\\WINDOWS\\system32\\rundll32.exe:*:Enabled:Suorita DLL sovelluksena" "C:\\WINDOWS\\system32\\sessmgr.exe"="C:\\WINDOWS\\system32\\sessmgr.exe:*isabledxpsp2res.dll,-22019" "C:\\Program Files\\EA GAMES\\MOHAA\\fpupdate.exe"="C:\\Program Files\\EA GAMES\\MOHAA\\fpupdate.exe:*isabled:fpupdate" "C:\\Program Files\\Xfire\\xfire.exe"="C:\\Program Files\\Xfire\\xfire.exe:*:Enabled:Xfire" "C:\\Program Files\\EA GAMES\\MOHAA\\MOHAA.exe"="C:\\Program Files\\EA GAMES\\MOHAA\\MOHAA.exe:*:Enabled:Medal of Honor Allied Assault(tm)" "C:\\Program Files\\Autokick\\Autokick.exe"="C:\\Program Files\\Autokick\\Autokick.exe:*:Enabled:Autokick for MoHAA 1.11" "C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger" "C:\\Program Files\\Valve\\Steam\\SteamApps\\katastrofi\\race\\Race_Steam.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\katastrofi\\race\\Race_Steam.exe:*:Enabled:Race" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe"="C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe:*:Enabled:Kodak Software Updater" "C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Civilization4.exe"="C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Civilization4.exe:*:Enabled:Sid Meier's Civilization 4" "C:\\Program Files\\Soldier of Fortune II - Double Helix GOLD\\SoF2MP.exe"="C:\\Program Files\\Soldier of Fortune II - Double Helix GOLD\\SoF2MP.exe:*:Enabled:SoF2MP" "C:\\Program Files\\EA GAMES\\MOHAA\\moh_spearhead_server.exe"="C:\\Program Files\\EA GAMES\\MOHAA\\moh_spearhead_server.exe:*:Enabled:Medal of Honor Allied Assault(tm) Spearhead" "C:\\Program Files\\Valve\\Steam\\SteamApps\\katastrofi\\half-life 2 deathmatch\\hl2.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\katastrofi\\half-life 2 deathmatch\\hl2.exe:*:Enabled:hl2" "C:\\Program Files\\Sierra\\FEAR\\FEARXP\\FEARXP.exe"="C:\\Program Files\\Sierra\\FEAR\\FEARXP\\FEARXP.exe:*:Enabled:FEARXP" "C:\\Program Files\\Sierra\\FEAR\\fpupdate.exe"="C:\\Program Files\\Sierra\\FEAR\\fpupdate.exe:*:Enabled:fpupdate" "C:\\Program Files\\Sierra\\FEAR\\FEAR.exe"="C:\\Program Files\\Sierra\\FEAR\\FEAR.exe:*:Enabled:FEAR" "C:\\Program Files\\Sierra\\FEAR\\FEARMP.exe"="C:\\Program Files\\Sierra\\FEAR\\FEARMP.exe:*:Enabled:FEAR" "C:\\Program Files\\Codemasters\\DiRT Demo\\DiRTDemo.exe"="C:\\Program Files\\Codemasters\\DiRT Demo\\DiRTDemo.exe:*:EnablediRT Demo Executable" "C:\\Program Files\\UBISOFT\\Ghost Recon Advanced Warfighter 2 Demo\\graw2.exe"="C:\\Program Files\\UBISOFT\\Ghost Recon Advanced Warfighter 2 Demo\\graw2.exe:*:Enabled:Ghost Recon Advanced Warfighter® 2 Demo" "C:\\TournamentDemo\\System\\UnrealTournament.exe"="C:\\TournamentDemo\\System\\UnrealTournament.exe:*:Enabled:UnrealTournament" "C:\\Program Files\\Valve\\Steam\\SteamApps\\katastrofi\\sin episodes emergence\\SinEpisodes.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\katastrofi\\sin episodes emergence\\SinEpisodes.exe:*:Enabled:SinEpisodes" "C:\\Program Files\\Valve\\Steam\\SteamApps\\katastrofi\\sin 1 multiplayer\\sin.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\katastrofi\\sin 1 multiplayer\\sin.exe:*:Enabled:sin" "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabledxpsp2res.dll,-22019" "C:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"="C:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000" -- Environment Variables ------------------------------------------------------- ALLUSERSPROFILE=C:\Documents and Settings\All Users APPDATA=C:\Documents and Settings\TIETOKONE\Application Data CLASSPATH=.;C:\Program Files\Java\jre1.5.0_10\lib\ext\QTJava.zip CLIENTNAME=Console CommonProgramFiles=C:\Program Files\Common Files COMPUTERNAME=TIETOKON-CEBD89 ComSpec=C:\WINDOWS\system32\cmd.exe FP_NO_HOST_CHECK=NO HOMEDRIVE=C: HOMEPATH=\Documents and Settings\TIETOKONE LOGONSERVER=\\TIETOKON-CEBD89 NUMBER_OF_PROCESSORS=1 OS=Windows_NT Path=C:\Program Files\Internet Explorer;;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\WBEM;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Common Files\GTK\2.0\bin PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH PROCESSOR_ARCHITECTURE=x86 PROCESSOR_IDENTIFIER=x86 Family 15 Model 55 Stepping 2, AuthenticAMD PROCESSOR_LEVEL=15 PROCESSOR_REVISION=3702 ProgramFiles=C:\Program Files PROMPT=$P$G QTJAVA=C:\Program Files\Java\jre1.5.0_10\lib\ext\QTJava.zip SESSIONNAME=Console SystemDrive=C: SystemRoot=C:\WINDOWS TEMP=C:\DOCUME~1\TIETOK~1\LOCALS~1\Temp TMP=C:\DOCUME~1\TIETOK~1\LOCALS~1\Temp USERDOMAIN=TIETOKON-CEBD89 USERNAME=TIETOKONE USERPROFILE=C:\Documents and Settings\TIETOKONE windir=C:\WINDOWS -- User Profiles --------------------------------------------------------------- TIETOKONE (admin) -- Add/Remove Programs --------------------------------------------------------- --> C:\PROGRA~1\SOLDIE~1\Uninstall\Unwise.exe /u C:\PROGRA~1\SOLDIE~1\Uninstall\install.log --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 --> MsiExec /X{27DC856A-0916-4988-8198-8714DDD3183D} --> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf 2 Pic --> C:\Program Files\2 Pic\Uninstal.exe 7-Zip 4.42 --> MsiExec.exe /I{23170F69-40C1-2701-0442-000001000000} Ad-Aware SE Personal --> C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG Adobe Flash Player 9 ActiveX --> C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete Adobe Reader 7.0.8 - Suomi --> MsiExec.exe /I{AC76BA86-7AD7-1035-7B44-A70800000002} Adobe Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log AGEIA PhysX v7.05.17 --> MsiExec.exe /X{27DC856A-0916-4988-8198-8714DDD3183D} avast! Antivirus --> rundll32 C:\PROGRA~1\ALWILS~1\Avast4\Setup\setiface.dll,RunSetup AVG Anti-Spyware 7.5 --> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe CardRd81 --> MsiExec.exe /I{54C8FE84-89C4-40E8-976C-439EB0729BD6} CCHelp --> MsiExec.exe /I{9D1CF8B6-17B3-4832-B062-2C2DD0B57B04} CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe" CCScore --> MsiExec.exe /I{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992} CR2 --> MsiExec.exe /I{432C3720-37BF-4BD7-8E49-F38E090246D0} Crow King's Autokick 1.2 Beta --> C:\WINDOWS\st6unst.exe -n "C:\Program Files\Autokick\ST6UNST.LOG" Crow King's Autokick 1.2 Beta (C:\Program Files\Autokick\) --> C:\WINDOWS\st6unst.exe -n "C:\Program Files\Autokick\ST6UNST.000" DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN EasyCleaner --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F5346614-B7C4-4E94-826A-E2363155233D}\setup.exe" -l0x9 -removeonly El Matador Demo --> "C:\Program Files\El Matador Demo\unins000.exe" ESSAdpt --> MsiExec.exe /I{D15E9DB5-6BEB-4534-901E-80C0A29BAB97} ESSANUP --> MsiExec.exe /I{A6F18A67-B771-4191-8A33-36D2E742D6D9} ESSBrwr --> MsiExec.exe /I{643EAE81-920C-4931-9F0B-4B343B225CA6} ESSCAM --> MsiExec.exe /I{469730CC-78DF-4CD3-B286-562D459EA619} ESSCDBK --> MsiExec.exe /I{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD} ESScore --> MsiExec.exe /I{9D8FEE90-0377-49A9-AEFB-525BDE549BA4} ESSCT --> MsiExec.exe /I{8BB4B58A-A402-4DE8-8FCD-287E60B88DD8} ESSEMAIL --> MsiExec.exe /I{FEDE2483-87B7-44C1-A5BB-D75AEB8B6340} ESSgui --> MsiExec.exe /I{91517631-A9F3-4B7C-B482-43E0068FD55A} ESShelp --> MsiExec.exe /I{87843A41-7808-4F2E-B13F-25C1E67CF2FD} ESSini --> MsiExec.exe /I{8E92D746-CD9F-4B90-9668-42B74C14F765} ESSPCD --> MsiExec.exe /I{14D4ED84-6A9A-45A0-96F6-1753768C3CB5} ESSPDock --> MsiExec.exe /I{FCDB1C92-03C6-4C76-8625-371224256091} ESSSONIC --> MsiExec.exe /I{4F677FC7-7AA8-412B-A957-F13CBE1C7331} ESSTUTOR --> MsiExec.exe /I{CA60320D-6A16-49C8-A34F-84EEF4799567} ESSvpaht --> MsiExec.exe /I{A5B3EB8A-4071-42F0-8E8E-7A8342AA8E69} ESSvpot --> MsiExec.exe /I{48C82F7A-F100-4DAB-A310-8E18BF2159E1} FEAR --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2B653229-9854-4989-B780-D978F5F13EAB}\setup.exe" -l0x9 /zU -removeonly FEAR Extraction Point --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{909BBDB7-BABE-434C-9124-863A9F8D1CF8}\setup.exe" -l0x9 -removeonly FlatOut2 --> MsiExec.exe /I{C884B05A-F5D9-4AE4-9D84-E6BD9F6E7890} Fraps --> "C:\Fraps\uninstall.exe" GameShadow --> MsiExec.exe /I{B8602676-42A2-4815-A556-C23750EF5A47} Geiss2 for Winamp 2x (remove only) --> "C:\Program Files\Winamp\uninst-vis_geiss2.dll.exe" Gold Miner Joe --> "C:\Program Files\Gold Miner Joe\unins000.exe" Google Gmail Notifier --> "C:\Program Files\Google\Gmail Notifier\UninstallGmail.exe" GTA San Andreas --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}\setup.exe" -l0x9 -removeonly GTK+ 2.10.6-1 runtime environment --> "C:\Program Files\Common Files\GTK\2.0\setup\unins000.exe" GTR 2 Demo --> "C:\GTR2Demo\Support\unins000.exe" Half-Life 2: Deathmatch --> "C:\Program Files\Valve\Steam\steam.exe" steam://uninstall/320 Half-Life 2: Episode One --> "C:\Program Files\Valve\Steam\steam.exe" steam://uninstall/380 Half-Life Deathmatch: Source --> "C:\Program Files\Valve\Steam\steam.exe" steam://uninstall/360 Half-Life(R) 2 --> MsiExec.exe /I{D45EC259-4A19-4656-B588-C2C360DD18EA} HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall HLPCCTR --> MsiExec.exe /I{F2D0C1B1-80FF-46F9-BA61-33B01A07FAFC} HLPIndex --> MsiExec.exe /I{38441BE7-79B0-42B8-8297-833704F949FE} HLPPDOCK --> MsiExec.exe /I{154508C0-07C5-4659-A7A0-E49968750D21} HLPSFO --> MsiExec.exe /I{8DD94CA3-BCD2-49C0-B537-F3B5D95FF0C8} Hotfix-päivitys Windows XP:lle (KB935448) --> "C:\WINDOWS\$NtUninstallKB935448$\spuninst\spuninst.exe" Java DB 10.2.2.0 --> MsiExec.exe /X{0ECB59D5-A3FC-4D61-AD3B-6CE679B3F852} Java(TM) 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020} Java(TM) SE Development Kit 6 Update 2 --> MsiExec.exe /I{32A3A4F4-B792-11D6-A78A-00B0D0160020} Kodak EasyShare software --> C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\$SETUP_9_145e002\Setup.exe /APR-REMOVE KSU --> MsiExec.exe /I{B997C2A0-4383-41BF-B76E-9B8B7ECFB267} Language pack for Ad-Aware SE --> C:\PROGRA~1\Lavasoft\AD-AWA~1\Plugins\Langs\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\Plugins\Langs\INSTALL.LOG Marvell Miniport Driver --> MsiExec.exe /X{C950420B-4182-49EA-850A-A6A2ABF06C6B} Medal of Honor Allied Assault --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0DEA94ED-915A-4834-A87E-388D012C8E02}\Setup.exe" -l0x9 Medal of Honor Allied Assault(tm) Breakthrough --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{823A68CC-3049-4A6B-8F63-7DC85E4BB1C9}\Setup.exe" -l0x9 Medal of Honor Allied Assault(tm) Breakthrough Patch v2.40 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DF9046D6-5F1F-40B6-9782-3DC2D902D391}\Setup.exe" -l0x9 Medal of Honor Allied Assault(tm) Spearhead --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7914BE1E-F186-4790-B8F4-9F63C52A41C1}\Setup.exe" -l0x9 Medal of Honor Allied Assault(tm) Spearhead --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BE699EDC-9E58-4671-A23E-9CDF7F6F42F2}\Setup.exe" -l0x9 Medal of Honor Allied Assault(tm) Spearhead Patch 2.15 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{18EF2DEE-DCB0-466A-ABA5-4C73E508530A}\Setup.exe" -l0x9 Microsoft Tool Web PackageRIVERS.EXE --> MsiExec.exe /X{5596BB05-751A-42D1-BE14-282E96D37815} Mojo Master Winamp Visualizer for Winamp (remove only) --> "C:\Program Files\Winamp\uninst-vis_MojoMaster.dll.exe" Mozilla Firefox (2.0.0.6) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe Notifier --> MsiExec.exe /I{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2} NVIDIA Drivers --> C:\WINDOWS\system32\nvudisp.exe UninstallGUI OfotoXMI --> MsiExec.exe /I{B162D0A6-9A1D-4B7C-91A5-88FB48113C45} OpenOffice.org 2.0 --> MsiExec.exe /I{3175E3A0-0A11-4B3C-8B68-70D095875113} Opera 9.20 --> MsiExec.exe /X{FC0C72DD-A491-43FF-B377-67273E4D94D7} OTtBP --> MsiExec.exe /I{F71760CD-0F8B-4DCC-B7B7-6B223CC3843C} OTtBPSDK --> MsiExec.exe /I{3CA39B0C-BA85-4D42-AC0F-1FF5F60C3353} Panda NanoScan --> C:\WINDOWS\system32\Panda Software\NanoScan\nanounst.exe PCDLNCH --> MsiExec.exe /I{69BD6399-3D8F-45B7-81D9-819361F5101D} Päivitys Windows XP:lle (KB894391) --> "C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe" Päivitys Windows XP:lle (KB900485) --> "C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe" Päivitys Windows XP:lle (KB908531) --> "C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe" Päivitys Windows XP:lle (KB910437) --> "C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe" Päivitys Windows XP:lle (KB911280) --> "C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe" Päivitys Windows XP:lle (KB916595) --> "C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe" Päivitys Windows XP:lle (KB920872) --> "C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe" Päivitys Windows XP:lle (KB922582) --> "C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe" Päivitys Windows XP:lle (KB927891) --> "C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe" Päivitys Windows XP:lle (KB930916) --> "C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe" Päivitys Windows XP:lle (KB931836) --> "C:\WINDOWS\$NtUninstallKB931836$\spuninst\spuninst.exe" Päivitys Windows XP:lle (KB936357) --> "C:\WINDOWS\$NtUninstallKB936357$\spuninst\spuninst.exe" QuickTime --> MsiExec.exe /I{F07B861C-72B9-40A4-8B1A-AAED4C06A7E8} Razer --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{85C6CE1E-2A22-4C5A-A8A1-9DBFBEA81DE1}\Setup.exe" -l0x9 RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 Realtek AC'97 Audio --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0xb -removeonly RedOrchestra --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{69997863-7239-4E5C-833C-EAC2F0116EB3}\setup.exe" -l0x9 -removeonly RunAlyzer --> "C:\Program Files\Safer Networking\RunAlyzer\unins000.exe" SFR --> MsiExec.exe /I{C354C9B6-A4E0-4BB0-A368-6DC6BCA0E314} SFR2 --> MsiExec.exe /I{A0AF08BA-3630-4505-BFB2-A41F3837B0D0} Sid Meier's Civilization 4 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}\setup.exe" -l0x9 -removeonly SiN 1 --> "C:\PROGRA~1\Valve\Steam\steam.exe" steam://uninstall/1313 SiN 1 Multiplayer --> "C:\PROGRA~1\Valve\Steam\steam.exe" steam://uninstall/1309 SiN Episodes: Emergence --> "C:\PROGRA~1\Valve\Steam\steam.exe" steam://uninstall/1300 SiN Episodes: Emergence --> MsiExec.exe /I{A1FF0CC8-1501-4A43-9475-F94D17DE0D7A} Soldier of Fortune II - Double Helix GOLD --> C:\PROGRA~1\SOLDIE~1\UNINST~1\UNWISE.EXE C:\PROGRA~1\SOLDIE~1\UNINST~1\INSTALL.LOG Spybot - Search & Destroy 1.4 --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe" SpywareBlaster v3.5.1 --> "C:\Program Files\SpywareBlaster\unins000.exe" Steam(TM) --> MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3} Suojauspäivitys ohjelmistolle Windows XP (KB923689) --> "C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB890046) --> "C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB893756) --> "C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB896358) --> "C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB896423) --> "C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB896428) --> "C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB899587) --> "C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB899591) --> "C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB900725) --> "C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB901017) --> "C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB901214) --> "C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB902400) --> "C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB904706) --> "C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB905414) --> "C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB905749) --> "C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB908519) --> "C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB911562) --> "C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB911927) --> "C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB913580) --> "C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB914388) --> "C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB914389) --> "C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB917953) --> "C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB918118) --> "C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB918439) --> "C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB919007) --> "C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB920213) --> "C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB920670) --> "C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB920683) --> "C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB920685) --> "C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB922819) --> "C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB923191) --> "C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB923414) --> "C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB923980) --> "C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB924191) --> "C:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB924270) --> "C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB924667) --> "C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB925902) --> "C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB926255) --> "C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB926436) --> "C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB927779) --> "C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB927802) --> "C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB928255) --> "C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB929123) --> "C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB930178) --> "C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB931261) --> "C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB931784) --> "C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB932168) --> "C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB935839) --> "C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe" Suojauspäivitys Windows XP:lle (KB935840) --> "C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe" Supreme Commander Demo --> C:\Program Files\InstallShield Installation Information\{25A1E6A4-2DBD-4AC0-8650-8EA9A45B1848}\setup.exe -runfromtemp -l0x0009 -removeonly System Requirements Lab --> C:\Program Files\SystemRequirementsLab\Uninstall.exe TeamSpeak 2 RC2 --> "C:\Program Files\Teamspeak2_RC2\unins000.exe" The GIMP 2.2.13 --> "C:\Program Files\GIMP-2.0\unins000.exe" Tom Clancy's Ghost Recon Advanced Warfighter® 2 DEMO --> "C:\Program Files\InstallShield Installation Information\{D8D1D630-C8E5-4B8D-82AB-A376B6C9A9E8}\Setup.exe" -runfromtemp -l0x0009 -removeonly Unreal Tournament Demo --> C:\TournamentDemo\System\Setup.exe uninstall "Unreal Tournament Demo" VCAMCEN --> MsiExec.exe /I{10E98E14-832C-4AF7-A4D1-6A9EF83B282E} Ventrilo Client --> MsiExec.exe /I{789289CA-F73A-4A16-A331-54D498CE069F} Winamp (remove only) --> "C:\Program Files\Winamp\UninstWA.exe" Winamp Goes 3D v1.51 (Light) --> MsiExec.exe /X{AB9354BD-E732-4501-AFBD-6D8EA97F9E58} Windows Live Messenger --> MsiExec.exe /I{DF6FEB75-A0D1-44E5-A754-0072D4967734} Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" WinRAR-pakkausohjelma --> C:\Program Files\WinRAR\uninstall.exe VPRINTOL --> MsiExec.exe /I{999D43F4-9709-4887-9B1A-83EBB15A8370} Xfire (remove only) --> "C:\Program Files\Xfire\uninst.exe" -- End of Deckard's System Scanner: finished at 2007-08-02 at 22:54:34 ---------
Pysy puhtaana -> Tyhjennä järjestelmänpalautus Ohjeet Tyhjennä järjestelmänpalautuskansio ja luo uusi palautuspiste. Tämä puhdistaa palautuskansion mahdollisista haittaohjelmajäännöksistä. -> Käytä CCleaneria -> CCleaner Lataa ja asenna CCleaner. Puhdista väliaikaistiedostot ja -kansiot ohjelmalla säännöllisesti. -> Asenna SpywareBlaster -> SpywareBlaster SpywareBlaster estää haittaohjelmia asentumasta koneellesi. Ei kuluta muistia! Opas saatavilla suomeksi! Nimimerkki Ad-Awaren opas -> Asenna MVPS Hosts tiedosto -> MVPS Hosts Estää koneesi yhteyden haitallisiin sivustoihin. Opas saatavilla suomeksi! Nimimerkki Axelin opas -> Vaihda selaimesi Firefoxiin -> Firefox Firefox on nopeampi, turvallisempi ja parempi selain kuin Internet Explorer. -> Pidä järjestelmäsi ajantasalla. -> Windows Update Vieraile Windows Updatessa säännöllisesti. -> Pidä palomuuri ja virustorjunta ajantasalla Päivitä ja skannaa koneesi säännöllisesti virustorjuntaohjelmallasi. ja hyvä myös escan http://koti.mbnet.fi/pattaya1/escanmwav.htm ->Pidä ohjelmistosi ajantasalla. -> Secunia Software Inspector Secunia Software Inspector tutkii sinun järjestälmäsi ja ohjelmistosi puuttuvien turvallisuuspäivityksien osalta. Tavallinen tutkinta kestää normaalisti 5-40 sekuntia, kun läpikotainen (thorough system inspection) voi kestää useita minuutteja. ->Seuraa säännöllisesti viestintäviraston tietoja uusista haavoittuvuuksista -> CERT-FI Jos tulevaisuudessa tulee haittaohjelmien kanssa ongelmia, älä epäröi laittaa Hijackthis-logia tarkistettavaksi!
