Tässäpä Hijack lokia

Logfile of HijackThis v1.99.1
Scan saved at 12:56:21, on 18.5.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\WINDOWS\CTHELPER.EXE
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program Files\ULI5289\ALi5289.exe
C:\PROGRA~1\RCrawler\RCrawler.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\APPS\DataSecure\PBBckupUI.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
C:\saab\Toolbar\EPSIBar.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\GRVSA.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Messenger\msmsgs.exe
C:\hi\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.elisa.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O1 - Hosts: AmsServer
O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Elisa Avustaja Plugin - {DB87CDE1-EF9C-44EB-A42F-6D0B3C72C516} - C:\Program Files\Elisa\Avustaja\IEFixItNowPlugin.dll
O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
O4 - HKLM\..\Run: [CTDVDDet] C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [SBDrvDet] C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\\PSDrvCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [Ulead Quick-Drop] "C:\Program Files\Ulead Systems\Ulead DVD MovieFactory 5 Plus\Ulead DVD MovieFactory 5\Quick-Drop.exe" WINDOWCALL
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKLM\..\Run: [ALi5289] C:\Program Files\ULI5289\ALi5289.exe
O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
O4 - HKCU\..\Run: [Data Secure] C:\APPS\DataSecure\PBBckupUI.exe /HIDDEN
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - Startup: HDDlife.lnk = C:\Program Files\BinarySense\HDDlife\HDDlifePro.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: EPSI ToolBar.lnk = C:\saab\Toolbar\EPSIBar.exe
O4 - Global Startup: Windows-työpöytähaku.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O15 - Trusted Zone: http://www.msi.com.tw
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab
O16 - DPF: {2AF5BD25-90C5-4EEC-88C5-B44DC2905D8B} (DownloadManager Control) - http://dlmanager.akamaitools.com.edgesuite.net/dlmanager/versions/activex/dlm-activex-2.0.6.0.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1144329817191
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://tw.msi.com.tw/autobios/LOnline/install.cab
O16 - DPF: {86A88967-7A20-11D2-8EDA-00600818EDB1} (ParallelGraphics Cortona Control) - http://www.parallelgraphics.com/l2/bin/cortvrml.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15028/CTPID.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: Automattinen LiveUpdate-ajastustoiminto - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Norton AntiVirus Auto-Protect -palvelu (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

 

www.virustotal.com

C:\saab\Toolbar\EPSIBar.exe

Skannaa toi tiedosto tuolla ja lähetä tulos tänne

======0

1. Lataa combofix.exe työpöydällesi jommastakummasta linkistä:
http://www.techsupportforum.com/sectools/sUBs/ComboFix.exe
http://download.bleepingcomputer.com/sUBs/ComboFix.exe

2. Tuplaklikkaa combofix.exe tiedostoa ja seuraa ohjeistuksia.
3. Kun työkalu on valmis, se tuottaa lokin. (C:\ComboFix.txt) Lähetä tämä loki viesti ketjuusi.
Huom! Älä klikkaile combofixin ikkunaa käytön aikana. Tämä saattaa aiheuttaa ohjelman jumiutumisen.

 

Totalvirus.com ilmoitti: ei virusta kyseisessä tiedostossa.

juki" - 2007-05-18 14:55:56 Service Pack 2
ComboFix 07-05.17.6.V - Running from: "C:\Documents and Settings\juki\Ty”p”yt„\"


(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\Program Files\install.log
C:\WINDOWS\system32\instsrv.exe
C:\install.log
C:\setup.exe


((((((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))


-------\LEGACY_NM
-------\nm


((((((((((((((((((((((((((((((( Files Created from 2007-04-05 to 2007-05-18 ))))))))))))))))))))))))))))))))))


2007-05-17 14:23 63,663 --------- C:\WINDOWS\system32\drivers\ati1rvxx.sys
2007-05-17 14:23 56,623 --------- C:\WINDOWS\system32\drivers\ati1btxx.sys
2007-05-17 14:23 4,255 --------- C:\WINDOWS\system32\drivers\adv01nt5.dll
2007-05-17 14:23 36,463 --------- C:\WINDOWS\system32\drivers\ati1tuxx.sys
2007-05-17 14:23 34,735 --------- C:\WINDOWS\system32\drivers\ati1xsxx.sys
2007-05-17 14:23 30,671 --------- C:\WINDOWS\system32\drivers\ati1raxx.sys
2007-05-17 14:23 3,967 --------- C:\WINDOWS\system32\drivers\adv02nt5.dll
2007-05-17 14:23 3,775 --------- C:\WINDOWS\system32\drivers\adv11nt5.dll
2007-05-17 14:23 3,711 --------- C:\WINDOWS\system32\drivers\adv09nt5.dll
2007-05-17 14:23 3,647 --------- C:\WINDOWS\system32\drivers\adv07nt5.dll
2007-05-17 14:23 3,615 --------- C:\WINDOWS\system32\drivers\adv05nt5.dll
2007-05-17 14:23 3,135 --------- C:\WINDOWS\system32\drivers\adv08nt5.dll
2007-05-17 14:23 29,455 --------- C:\WINDOWS\system32\drivers\ati1xbxx.sys
2007-05-17 14:23 26,367 --------- C:\WINDOWS\system32\drivers\ati1snxx.sys
2007-05-17 14:23 21,343 --------- C:\WINDOWS\system32\drivers\ati1ttxx.sys
2007-05-17 14:23 12,047 --------- C:\WINDOWS\system32\drivers\ati1pdxx.sys
2007-05-17 14:23 11,615 --------- C:\WINDOWS\system32\drivers\ati1mdxx.sys
2007-05-17 14:22 95,424 --------- C:\WINDOWS\system32\drivers\slnthal.sys
2007-05-17 14:22 870,784 --------- C:\WINDOWS\system32\ati3d1ag.dll
2007-05-17 14:22 86,016 --------- C:\WINDOWS\system32\mdmxsdk.dll
2007-05-17 14:22 78,464 --------- C:\WINDOWS\system32\drivers\usbvideo.sys
2007-05-17 14:22 73,832 --------- C:\WINDOWS\system32\slcoinst.dll
2007-05-17 14:22 73,796 --------- C:\WINDOWS\system32\slserv.exe
2007-05-17 14:22 73,216 --------- C:\WINDOWS\system32\drivers\atintuxx.sys
2007-05-17 14:22 701,440 --------- C:\WINDOWS\system32\drivers\ati2mtag.sys
2007-05-17 14:22 685,056 --------- C:\WINDOWS\system32\drivers\hsfcxts2.sys
2007-05-17 14:22 63,488 --------- C:\WINDOWS\system32\drivers\atinxsxx.sys
2007-05-17 14:22 6,016 --------- C:\WINDOWS\system32\drivers\smbali.sys
2007-05-17 14:22 59,648 --------- C:\WINDOWS\system32\drivers\rfcomm.sys
2007-05-17 14:22 57,856 --------- C:\WINDOWS\system32\drivers\atinbtxx.sys
2007-05-17 14:22 52,224 --------- C:\WINDOWS\system32\drivers\atinraxx.sys
2007-05-17 14:22 516,768 --------- C:\WINDOWS\system32\ativvaxx.dll
2007-05-17 14:22 452,736 --------- C:\WINDOWS\system32\drivers\mtxparhm.sys
2007-05-17 14:22 404,990 --------- C:\WINDOWS\system32\drivers\slntamr.sys
2007-05-17 14:22 397,056 --------- C:\WINDOWS\system32\s3gnb.dll
2007-05-17 14:22 38,016 --------- C:\WINDOWS\system32\drivers\bthmodem.sys
2007-05-17 14:22 377,984 --------- C:\WINDOWS\system32\ati2dvaa.dll
2007-05-17 14:22 35,456 --------- C:\WINDOWS\system32\drivers\bthprint.sys
2007-05-17 14:22 326,912 --------- C:\WINDOWS\system32\drivers\ati2mtaa.sys
2007-05-17 14:22 32,866 --------- C:\WINDOWS\system32\slrundll.exe
2007-05-17 14:22 32,866 --------- C:\WINDOWS\slrundll.exe
2007-05-17 14:22 32,768 --------- C:\WINDOWS\system32\ativtmxx.dll
2007-05-17 14:22 32,285 --------- C:\WINDOWS\system32\hsfcisp2.dll
2007-05-17 14:22 31,744 --------- C:\WINDOWS\system32\drivers\atinxbxx.sys
2007-05-17 14:22 30,080 --------- C:\WINDOWS\system32\drivers\rndismpx.sys
2007-05-17 14:22 3,901 --------- C:\WINDOWS\system32\drivers\siint5.dll
2007-05-17 14:22 286,792 --------- C:\WINDOWS\system32\slextspk.dll
2007-05-17 14:22 28,672 --------- C:\WINDOWS\system32\drivers\atinsnxx.sys
2007-05-17 14:22 274,304 --------- C:\WINDOWS\system32\drivers\bthport.sys
2007-05-17 14:22 25,728 --------- C:\WINDOWS\system32\drivers\hidbth.sys
2007-05-17 14:22 25,471 --------- C:\WINDOWS\system32\drivers\watv10nt.sys
2007-05-17 14:22 25,471 --------- C:\WINDOWS\system32\drivers\atv04nt5.dll
2007-05-17 14:22 229,376 --------- C:\WINDOWS\system32\ati2cqag.dll
2007-05-17 14:22 220,032 --------- C:\WINDOWS\system32\drivers\hsfbs2s2.sys
2007-05-17 14:22 22,271 --------- C:\WINDOWS\system32\drivers\watv06nt.sys
2007-05-17 14:22 21,183 --------- C:\WINDOWS\system32\drivers\atv01nt5.dll
2007-05-17 14:22 201,728 --------- C:\WINDOWS\system32\ati2dvag.dll
2007-05-17 14:22 188,508 --------- C:\WINDOWS\system32\slgen.dll
2007-05-17 14:22 180,360 --------- C:\WINDOWS\system32\drivers\ntmtlfax.sys
2007-05-17 14:22 18,944 --------- C:\WINDOWS\system32\drivers\bthusb.sys
2007-05-17 14:22 17,279 --------- C:\WINDOWS\system32\drivers\atv10nt5.dll
2007-05-17 14:22 17,024 --------- C:\WINDOWS\system32\drivers\bthenum.sys
2007-05-17 14:22 166,912 --------- C:\WINDOWS\system32\drivers\s3gnbm.sys
2007-05-17 14:22 15,423 --------- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
2007-05-17 14:22 15,104 --------- C:\WINDOWS\system32\drivers\hidir.sys
2007-05-17 14:22 14,336 --------- C:\WINDOWS\system32\drivers\atinpdxx.sys
2007-05-17 14:22 14,143 --------- C:\WINDOWS\system32\drivers\atv06nt5.dll
2007-05-17 14:22 13,824 --------- C:\WINDOWS\system32\drivers\atinttxx.sys
2007-05-17 14:22 13,824 --------- C:\WINDOWS\system32\drivers\atinmdxx.sys
2007-05-17 14:22 13,776 --------- C:\WINDOWS\system32\drivers\recagent.sys
2007-05-17 14:22 13,568 --------- C:\WINDOWS\system32\drivers\wacompen.sys
2007-05-17 14:22 13,240 --------- C:\WINDOWS\system32\drivers\slwdmsup.sys
2007-05-17 14:22 129,535 --------- C:\WINDOWS\system32\drivers\slnt7554.sys
2007-05-17 14:22 126,686 --------- C:\WINDOWS\system32\drivers\mtlmnt5.sys
2007-05-17 14:22 12,672 --------- C:\WINDOWS\system32\drivers\usb8023x.sys
2007-05-17 14:22 12,672 --------- C:\WINDOWS\system32\drivers\mutohpen.sys
2007-05-17 14:22 11,935 --------- C:\WINDOWS\system32\drivers\wadv11nt.sys
2007-05-17 14:22 11,871 --------- C:\WINDOWS\system32\drivers\wadv09nt.sys
2007-05-17 14:22 11,868 --------- C:\WINDOWS\system32\drivers\mdmxsdk.sys
2007-05-17 14:22 11,807 --------- C:\WINDOWS\system32\drivers\wadv07nt.sys
2007-05-17 14:22 11,359 --------- C:\WINDOWS\system32\drivers\atv02nt5.dll
2007-05-17 14:22 11,325 --------- C:\WINDOWS\system32\drivers\vchnt5.dll
2007-05-17 14:22 11,295 --------- C:\WINDOWS\system32\drivers\wadv08nt.sys
2007-05-17 14:22 104,960 --------- C:\WINDOWS\system32\drivers\atinrvxx.sys
2007-05-17 14:22 100,992 --------- C:\WINDOWS\system32\drivers\bthpan.sys
2007-05-17 14:22 1,888,992 --------- C:\WINDOWS\system32\ati3duag.dll
2007-05-17 14:22 1,737,856 --------- C:\WINDOWS\system32\mtxparhd.dll
2007-05-17 14:22 1,309,184 --------- C:\WINDOWS\system32\drivers\mtlstrm.sys
2007-05-17 14:22 1,041,536 --------- C:\WINDOWS\system32\drivers\hsfdpsp2.sys
2007-05-17 12:35 7,716,863 --a------ C:\ezcddax10.exe
2007-05-17 11:09 <KANSIO> d-------- C:\8b97477084ac6188e7cb8220
2007-05-17 10:57 15,742,976 --a------ C:\mwav.exe
2007-05-17 10:34 <KANSIO> d-------- C:\rekisteri
2007-05-17 09:33 7,121,880 --a------ C:\Windows-KB890830-V1.29.exe
2007-05-17 09:08 <KANSIO> d-------- C:\Uusi kansio (3)
2007-05-17 08:58 <KANSIO> d-------- C:\DOCUME~1\JRJEST~1.JUK\APPLIC~1\Ipswitch
2007-05-17 08:55 <KANSIO> dr------- C:\DOCUME~1\JRJEST~1.JUK\Omat tiedostot
2007-05-17 08:50 786,432 --ah----- C:\DOCUME~1\JRJEST~1.JUK\NTUSER.DAT
2007-05-17 08:50 <KANSIO> dr------- C:\DOCUME~1\JRJEST~1.JUK\K„ynnist„-valikko
2007-05-17 08:50 <KANSIO> d--h----- C:\DOCUME~1\JRJEST~1.JUK\Verkkoymp„rist”
2007-05-17 08:50 <KANSIO> d--h----- C:\DOCUME~1\JRJEST~1.JUK\Tulostinymp„rist”
2007-05-17 08:50 <KANSIO> d--h----- C:\DOCUME~1\JRJEST~1.JUK\Mallit
2007-05-17 08:50 <KANSIO> d-------- C:\DOCUME~1\JRJEST~1.JUK\Ty”p”yt„
2007-05-17 08:50 <KANSIO> d-------- C:\DOCUME~1\JRJEST~1.JUK\Suosikit
2007-05-16 22:45 2,560 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys
2007-05-16 22:45 2,432 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys
2007-05-16 22:44 129,784 --------- C:\WINDOWS\system32\pxafs.dll
2007-05-16 22:34 <KANSIO> dr-hs---- C:\cmdcons
2007-05-16 22:34 <KANSIO> d-------- C:\WINDOWS\setup.pss
2007-05-16 20:23 <KANSIO> d-------- C:\DOCUME~1\juki\APPLIC~1\Talkback
2007-05-16 20:14 5,807,760 --a------ C:\Firefox Setup 2.0.0.3.exe
2007-05-16 20:14 <KANSIO> d-------- C:\Program Files\RCrawler
2007-05-16 20:12 393,920 --a------ C:\regc.exe
2007-05-16 19:49 6,049,280 --a------ C:\ieframe.dll
2007-05-16 19:44 <KANSIO> d-------- C:\Kaspersky
2007-05-16 19:37 <KANSIO> d-------- C:\Program Files\NoAdware5.0
2007-05-16 16:03 <KANSIO> d-------- C:\WINDOWS\Prefetch
2007-05-16 14:34 89,632 --a------ C:\WINDOWS\system32\GDIPFONTCACHEV1.DAT
2007-05-12 21:45 14,368 --a------ C:\WINDOWS\system32\relog_ap.dll
2007-05-11 20:54 524,288 --a------ C:\WINDOWS\system32\DivXsm.exe
2007-05-11 10:31 <KANSIO> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2007-05-11 07:37 823,296 --a------ C:\WINDOWS\system32\divx_xx0c.dll
2007-05-11 07:37 823,296 --a------ C:\WINDOWS\system32\divx_xx07.dll
2007-05-11 07:37 802,816 --a------ C:\WINDOWS\system32\divx_xx11.dll
2007-05-11 07:37 740,442 --a------ C:\WINDOWS\system32\DivX.dll
2007-05-02 12:37 <KANSIO> d-------- C:\Program Files\Common Files\Skype
2007-04-23 03:02 53,248 --a------ C:\WINDOWS\system32\dpuGUI10.dll
2007-04-23 03:02 344,064 --a------ C:\WINDOWS\system32\dpus11.dll
2007-04-23 03:02 294,912 --a------ C:\WINDOWS\system32\dpu10.dll
2007-04-23 03:02 196,608 --a------ C:\WINDOWS\system32\dtu100.dll
2007-04-23 03:01 124,472 --a------ C:\WINDOWS\system32\DivXCodecUpdateChecker.exe
2007-04-23 03:01 12,288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2007-05-18 12:12:57 80,008 ----a-w C:\WINDOWS\system32\perfc00B.dat
2007-05-18 12:12:57 386,434 ----a-w C:\WINDOWS\system32\perfh00B.dat
2007-05-18 09:52:38 -------- d-----w C:\DOCUME~1\juki\APPLIC~1\Skype
2007-05-17 10:22:14 -------- d-----w C:\Program Files\Common Files\Symantec Shared
2007-05-17 10:09:54 -------- d-----w C:\Program Files\Support Tools
2007-05-17 09:37:51 -------- d-----w C:\Program Files\Easy CD-DA Extractor 10
2007-05-17 06:58:04 -------- d-----w C:\Program Files\Trojan Remover
2007-05-16 19:45:17 -------- d-----w C:\Program Files\DivX
2007-05-16 16:40:19 -------- d-----w C:\Program Files\RevConnect
2007-05-16 13:02:10 -------- d-----w C:\Program Files\Norton Internet Security
2007-05-16 11:22:43 -------- d-----w C:\Program Files\TomTom HOME
2007-05-16 11:20:43 -------- d-----w C:\Program Files\Acronis
2007-05-12 18:45:22 -------- d-----w C:\Program Files\Common Files\Acronis
2007-05-12 18:08:15 -------- d-----w C:\Program Files\DC++
2007-05-02 09:37:35 -------- d-----w C:\Program Files\Skype
2007-04-23 00:15:29 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
2007-04-23 00:15:25 36,624 ------w C:\WINDOWS\system32\drivers\PxHelp20.sys
2007-04-23 00:15:24 118,520 ------w C:\WINDOWS\system32\pxinsi64.exe
2007-04-23 00:15:24 116,472 ------w C:\WINDOWS\system32\pxcpyi64.exe
2007-04-23 00:15:18 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2007-04-23 00:15:18 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2007-04-23 00:02:34 73,728 ----a-w C:\WINDOWS\system32\dpl100.dll
2007-04-23 00:02:31 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
2007-04-23 00:02:31 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
2007-04-23 00:02:31 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
2007-04-14 12:43:47 -------- d-----w C:\Program Files\BitTorrent
2007-04-06 19:05:07 -------- d-----w C:\DOCUME~1\juki\APPLIC~1\BitTorrent
2007-04-06 18:29:12 -------- d-----w C:\Program Files\Symantec
2007-04-06 18:29:10 48,776 ----a-w C:\WINDOWS\system32\S32EVNT1.DLL
2007-04-06 18:29:10 115,000 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.SYS
2007-03-30 19:54:06 -------- d-----w C:\Program Files\WM Recorder 10.2
2007-03-28 15:51:54 538,256 ----a-w C:\WINDOWS\system32\SymNeti.dll
2007-03-28 15:51:52 161,424 ----a-w C:\WINDOWS\system32\SymRedir.dll
2007-03-28 15:51:48 189,584 ----a-w C:\WINDOWS\system32\drivers\symtdi.sys
2007-03-28 15:51:42 24,208 ----a-w C:\WINDOWS\system32\drivers\symredrv.sys
2007-03-28 15:51:36 31,888 ----a-w C:\WINDOWS\system32\drivers\symids.sys
2007-03-28 15:51:32 28,304 ----a-w C:\WINDOWS\system32\drivers\symndis.sys
2007-03-28 15:51:26 97,936 ----a-w C:\WINDOWS\system32\drivers\symfw.sys
2007-03-28 15:51:20 12,944 ----a-w C:\WINDOWS\system32\drivers\symdns.sys
2007-03-17 13:44:51 292,864 ----a-w C:\WINDOWS\system32\winsrv.dll
2007-03-13 09:50:17 -------- d-----w C:\Program Files\Common Files\Ahead
2007-03-13 09:48:50 -------- d-----w C:\Program Files\Nero
2007-03-13 08:03:41 -------- d-----w C:\Program Files\Elisa
2007-03-12 12:17:30 -------- d-----w C:\Program Files\Humax Digital
2007-03-08 15:38:00 578,048 ----a-w C:\WINDOWS\system32\user32.dll
2007-03-08 15:37:59 40,960 ----a-w C:\WINDOWS\system32\mf3216.dll
2007-03-08 15:37:59 281,600 ----a-w C:\WINDOWS\system32\gdi32.dll
2007-03-08 15:34:26 1,843,840 ----a-w C:\WINDOWS\system32\win32k.sys
2007-03-03 15:40:16 8 ----a-w C:\WINDOWS\system32\F73859.bin
2007-03-03 15:38:59 8 ----a-w C:\WINDOWS\system32\e9243f.bin
2007-02-27 13:32:28 822,784 ----a-w C:\WINDOWS\system32\wininet(2)(2).dll
2007-02-27 13:32:23 1,150,464 ----a-w C:\WINDOWS\system32\urlmon(2)(2).dll
2007-02-27 13:32:21 105,984 ----a-w C:\WINDOWS\system32\url(2)(2).dll
2007-02-27 13:31:18 124,928 ----a-w C:\WINDOWS\system32\advpack(2)(2).dll
2007-02-16 21:10:09 98,304 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
2007-02-09 13:33:54 278,528 ------w C:\WINDOWS\Setup1.exe
2007-02-05 20:19:01 185,344 ----a-w C:\WINDOWS\system32\upnphost.dll


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{22BF413B-C6D2-4d91-82A9-A0F997BA588C}=C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL [2007-03-30 13:31]
{2F85D76C-0569-466F-A488-493E6BD0E955}=C:\Program Files\Windows Desktop Search\dsWebAllow.dll [2006-03-26 22:44]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [2007-03-14 03:43]
{9030D464-4C02-4ABF-8ECC-5164760863C6}=C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-04-17 13:32]
{9ECB9560-04F9-4bbc-943D-298DDF1699E1}=C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll [2005-09-24 23:20]
{A8F38D8D-E480-4D52-B7A2-731BB6995FDD}=C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll [2007-04-24 11:20]
{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}=C:\Program Files\Windows Live Toolbar\msntb.dll [2006-10-11 00:26]
{DB87CDE1-EF9C-44EB-A42F-6D0B3C72C516}=C:\Program Files\Elisa\Avustaja\IEFixItNowPlugin.dll [2007-02-20 18:39]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTSysVol"="C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe" [2002-10-29 10:18]
"CTDVDDet"="C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE" [2002-09-30 02:00]
"UpdReg"="C:\WINDOWS\UpdReg.EXE" [2000-05-11 02:00]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43]
"Acronis Scheduler2 Service"="C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe" [2006-10-16 22:13]
"SBDrvDet"="C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe" [2002-12-03 19:06]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe" [2005-09-09 02:18]
"NWEReboot"="" []
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2007-03-01 13:15]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-09-01 16:57]
"PinnacleDriverCheck"="C:\WINDOWS\system32\\PSDrvCheck.exe" [2004-03-11 00:26]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-10-22 13:22]
"nwiz"="nwiz.exe" [2006-10-22 13:22 C:\WINDOWS\system32\nwiz.exe]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2006-11-03 19:20]
"SsAAD.exe"="C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe" [2006-01-07 03:36]
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2005-12-07 22:57]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 16:40]
"LanguageShortcut"="C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" [2006-09-29 22:58]
"Ulead Quick-Drop"="C:\Program Files\Ulead Systems\Ulead DVD MovieFactory 5 Plus\Ulead DVD MovieFactory 5\Quick-Drop.exe" [2006-07-20 03:04]
"TrueImageMonitor.exe"="C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe" [2006-10-17 02:23]
"NvMediaCenter"="NvMCTray.dll" [2006-10-22 13:22 C:\WINDOWS\system32\nvmctray.dll]
"CTHelper"="CTHELPER.EXE" []
"CTxfiHlp"="CTXFIHLP.EXE" [2006-08-11 15:56 C:\WINDOWS\system32\CTXFIHLP.EXE]
"AcronisTimounterMonitor"="C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe" [2006-10-16 22:17]
"ALi5289"="C:\Program Files\ULI5289\ALi5289.exe" [2005-03-10 15:56]
"TomTomHOME.exe"="C:\Program Files\TomTom HOME\TomTomHOME.exe" [2007-01-29 13:07]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-09-14 17:12]
"Creative Detector"="C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" [2004-12-02 19:23]
"Data Secure"="C:\APPS\DataSecure\PBBckupUI.exe" [2005-04-26 12:51]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2007-03-30 13:34]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2006-07-29 19:34]
"AnyDVD"="C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe" [2007-02-01 18:54]
"BitTorrent"="C:\Program Files\BitTorrent\bittorrent.exe" []

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"DWQueuedReporting"="\"C:\\PROGRA~1\\COMMON~1\\MICROS~1\\DW\\dwtrig20.exe\" -t"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"="C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2006-03-13 13:11]


[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages msv1_0 relog_ap
Security Packages kerberos msv1_0 schannel wdigest
Notification Packages scecli

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HTTPFilter HTTPFilter
LocalService Alerter WebClient LmHosts RemoteRegistry upnphost SSDPSRV
NetworkService DnsCache
DcomLaunch DcomLaunch TermService
rpcss RpcSs
imgsvc StiSvc
termsvcs TermService
Usnsvc usnsvc
WudfServiceGroup WUDFSvc

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost *netsvcs*

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3065c6f6-be83-11db-8ae0-00138f4e7632}]
Shell\AutoRun\command E:\setup.exe

*newlycreated* -COMHOST

~ ~ ~ ~ ~ ~ ~ ~ Hijackthis Backups ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~

backup-20060625-234527-920
O16 - DPF: {B64F4A7C-97C9-11DA-8BDE-F66BAD1E3F3A} - http://locator1.cdn.imagesrvr.com/s...ownload/2006/cabs/ErrorSafeFreeInstall_fi.cab
backup-20060620-145923-518
O16 - DPF: {B64F4A7C-97C9-11DA-8BDE-F66BAD1E3F3A} - http://locator1.cdn.imagesrvr.com/s...ownload/2006/cabs/ErrorSafeFreeInstall_fi.cab

Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\ Data Secure for juki.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\MP Scheduled Scan.job
C:\WINDOWS\tasks\Norton AntiVirus - Suorita t„ydellinen j„rjestelm„ntarkistus - juki.job
C:\WINDOWS\tasks\RegCure.job
C:\WINDOWS\tasks\Tarkistetaan Windows Live -ty”kalurivin p„ivitykset.job

********************************************************************

catchme 0.3.660 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-05-18 15:20:51
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0


********************************************************************

Completion time: 2007-05-18 15:27:20 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-05-18 15:27


--- E O F ---
(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\Program Files\install.log
C:\WINDOWS\system32\instsrv.exe
C:\install.log
C:\setup.exe


((((((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))


-------\LEGACY_NM
-------\nm


((((((((((((((((((((((((((((((( Files Created from 18.0-01-07 to 18.05.2007 ))))))))))))))))))))))))))))))))))

 

1,Lataa AVG Anti-Spyware 7.5 ja tallenna ohjelma työpöydällesi. Jos sinulla on jo kyseinen ohjelma siirry suoraan kohtaan 2!

[*]Kun olet ladannut ohjelman, kaksoisklikkaa asennuohjelman pikakuvaketta työpöydälläsi, asennus alkaa.
[*]Asennuksen jälkeen täytyy ohjelma käynnistää ja sen tunnisteet päivittää.

2. [*]Käynnistä AVG eAnti-Spyware.
[*]Klikkaa "Update" kuvaketta päävalikossa. Sen jälkeen klikkaa "Update now" painiketta.
[*]Sitten klikkaa "Start Update" kuvaketta jolloin päivitys alkaa.
[*]Paina hetken kuluttua uudestaan "Start Update" , jos päivitykset eivät heti onnistu
[*]Jos automaattipäivitys ei jostain syystä toimi, niin tunnisteet voi ladata manuaalisesti http://www.ewido.net/en/download/updates/ -linkin takaa.
[*]Kun päivitykset on ladattu, klikkaa "Scanner" kuvaketta ikkunan ylälaidassa. Valitse sitten "Settings" välilehti.
[*]Kun "Settings" valikko on auennut, klikkaa "Recommended actions" ja sitten valitse "Quarantine".
[*]Sitten "Reports" valikon alta:
[*]Laita täppi kohtaan "Automatically generate report after every scan"
[*]Ota täppi pois kohdasta"Only if threats were found"
[*]Sitten klikkaa "Shield" kuvaketta ikkunan ylälaidassa
[*]"Resident shield is", muuta tila active:sta inactive:ksi
[*]Sulje ohjelma, ÄLÄ skannaa vielä.

Käynnistä tietokoneesi vikasietotilaan


HUOM! Älä käytä muita ohjelmia AVG skannauksen aikana, tämä saattaa häiritä skannausta.
[*]Kun vikasietotilassa, käynnistä AVG Anti-Spyware.
[*]Klikkaa "Scanner" kuvaketta ikkunan ylälaidassa ja valitse "Scan" välilehti. Sitten klikkaa "Complete System Scan".
[*]AVG aloittaa nyt tietokoneen skannaamisen, ole kärsivällinen sillä skannaus vie aikaa.
Kun skannaus on valmis:
TÄRKEÄÄ : Älä klikkaa "Save Scan Report" ennen kuin klikkaat "Apply all Actions"
[*]Varmistu, että Set all elements to: näyttää Quarantine (1), jos ei, klikkaa linkkiä ja valitse Quarantine popup-valikosta.
[*]Sinulta kysytään mitä tehdä jos infektioita löytyi, valitse silloin "Apply all actions"

[*]Sitten klikkaa "Reports" kuvaketta ohjelma yläosasta.
[*]Klikkaa "Save report as" painiketta ikkunan vasemmassa alalaidassa ja tallenna raportti työpöydälle.
[*]Sulje ohjelma, käynnistä kone normaalisti ja lähetä AVG:n raportti viestiketjuusi.

 

Tässä raportti. On se kumma ettei Norton antivirus herjaa näista. Tosin en ole ajanut sitä vikasietotilassa.

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 20:48:16 18.5.2007

+ Scan result:



C:\Documents and Settings\juki\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\FcPred.class-5d184450-610dd9e8.class -> Downloader.Agent.c : Cleaned with backup (quarantined).
H:\vara\Uusi kansi\Uusi kansio\Partition_Magic_Pro_v7[1].0_by_DBC.zip/CrcCheck.exe -> Downloader.Dadobr.bk : Cleaned with backup (quarantined).
C:\Program Files\DC++\Downloads\All Content Activators for Pinnacle Studio 9 Plus(1).rar/All Content Activators for Pinnacle Studio 9 Plus\All Content\Pixie Stuff\keygen.rar/keygen.exe -> Downloader.Zlob.bnv : Cleaned with backup (quarantined).
C:\Program Files\DC++\Downloads\All Content Activators for Pinnacle Studio 9 Plus(1).rar/All Content\Pixie Stuff\keygen.rar/keygen.exe -> Downloader.Zlob.bnv : Cleaned with backup (quarantined).
C:\Program Files\DC++\Downloads\Keygen Pinnacle Studio Plus 9.3.5 Unlocker.rar/Pinnacle - Studio 9 Hollywood FX Activator Allows Old Serial KeyGen If Required.rar/Pinnacle - Studio 9 Hollywood FX Activator Allows Old Serial KeyGen If Required.zip/keygen.exe -> Downloader.Zlob.bnv : Cleaned with backup (quarantined).
C:\Program Files\DC++\Downloads\Tutti i codici di attivazione di effect Pinnacle Studio 9 Plus.rar/All Content\Pixie Stuff\keygen.rar/keygen.exe -> Downloader.Zlob.bnv : Cleaned with backup (quarantined).
C:\nk_files\Pinnacle_Hollywood_FX_Pro_v5[1].1.35_Full_Retail.zip/Pinnacle.Hollywood.FX.Pro.v5.1.35.FULL.RETAIL-ROR/KeyGen/keygen.exe -> Downloader.Zlob.bnv : Cleaned with backup (quarantined).
H:\download\Pinnacle Hollywood FX 5.1 Plus Extras Packs for Studio9.zip/Hollywood FX 5.1/FX 5.1/keygen.exe -> Downloader.Zlob.bnv : Cleaned with backup (quarantined).
C:\Documents and Settings\juki\Omat tiedostot\SP_Dialer_v1[1].29.zip/tsrh-spdialer129_exe.exe -> Heuristic.Win32.Dialer : Cleaned with backup (quarantined).
H:\vara\Uusi kansi\SP_Dialer_v1[1].29.zip/tsrh-spdialer129_exe.exe -> Heuristic.Win32.Dialer : Cleaned with backup (quarantined).
C:\Documents and Settings\Omistaja\Työpöytä\Nero_Burning_ROM_Ultra_Edition_v6[1].3.1.6.zip/Keygen.exe -> Hijacker.Befins.b : Cleaned with backup (quarantined).
C:\nk_files\Nero_Burning_ROM_Ultra_Edition_v6[1].3.1.6.zip/Keygen.exe -> Hijacker.Befins.b : Cleaned with backup (quarantined).
C:\nk_files\File_Scavenger_v2[1].0b.zip/crk_fs20b.exe -> Logger.Banker.zn : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{A64521E4-2447-4F4E-9C58-D61771DC7225}\RP112\A0038599.exe -> Logger.Briss.e : Cleaned with backup (quarantined).
C:\Ohjelmatiedostot\Creative\HU.zip/Hu.exe -> Not-A-Virus.HackTool.Win32.HackersUtility.a : Cleaned with backup (quarantined).
C:\Ohjelmatiedostot\ARPR\_arpr.exe -> Not-A-Virus.PSWTool.Win32.OEPass.b : Cleaned with backup (quarantined).
C:\Documents and Settings\Omistaja\Cookies\omistaja@122.2o7[2].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Omistaja\Cookies\omistaja@2o7[2].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Omistaja\Cookies\omistaja@acronis.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Omistaja\Cookies\omistaja@highbeam.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Omistaja\Cookies\omistaja@microsofteup.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Omistaja\Cookies\omistaja@pinnaclesystems.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.82:C:\Documents and Settings\juki\Application Data\Mozilla\Firefox\Profiles\sjknrume.default\cookies.txt -> TrackingCookie.Adobe : Cleaned.
C:\Documents and Settings\Omistaja\Cookies\omistaja@www.adobe[3].txt -> TrackingCookie.Adobe : Cleaned.
C:\Documents and Settings\Omistaja\Cookies\omistaja@adtech[2].txt -> TrackingCookie.Adtech : Cleaned.
C:\Documents and Settings\Omistaja\Cookies\omistaja@advertising[2].txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\Omistaja\Cookies\omistaja@servedby.advertising[2].txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\juki\Cookies\juki@atdmt[1].txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Omistaja\Cookies\omistaja@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.34:C:\Documents and Settings\juki\Application Data\Mozilla\Firefox\Profiles\sjknrume.default\cookies.txt -> TrackingCookie.Centrport : Cleaned.
:mozilla.35:C:\Documents and Settings\juki\Application Data\Mozilla\Firefox\Profiles\sjknrume.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.36:C:\Documents and Settings\juki\Application Data\Mozilla\Firefox\Profiles\sjknrume.default\cookies.txt -> TrackingCookie.Com : Cleaned.
C:\Documents and Settings\Omistaja\Cookies\omistaja@com[2].txt -> TrackingCookie.Com : Cleaned.
C:\Documents and Settings\Omistaja\Cookies\omistaja@doubleclick[2].txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\Omistaja\Cookies\omistaja@as1.falkag[2].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\Omistaja\Cookies\omistaja@fastclick[1].txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\Omistaja\Cookies\omistaja@media.fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\Omistaja\Cookies\omistaja@ehg-dataviz.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Omistaja\Cookies\omistaja@ehg-salomon.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Omistaja\Cookies\omistaja@ehg-wizardsofthecoast.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Omistaja\Cookies\omistaja@ehg-xxolympicwintergames.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Omistaja\Cookies\omistaja@ehg.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Omistaja\Cookies\omistaja@hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Omistaja\Cookies\omistaja@counter2.hitslink[1].txt -> TrackingCookie.Hitslink : Cleaned.
C:\Documents and Settings\Omistaja\Cookies\omistaja@server.iad.liveperson[1].txt -> TrackingCookie.Liveperson : Cleaned.
C:\Documents and Settings\Omistaja\Cookies\omistaja@ssl-hints.netflame[1].txt -> TrackingCookie.Netflame : Cleaned.
:mozilla.94:C:\Documents and Settings\juki\Application Data\Mozilla\Firefox\Profiles\sjknrume.default\cookies.txt -> TrackingCookie.Paypal : Cleaned.
C:\Documents and Settings\Omistaja\Cookies\omistaja@banner.paypopup[2].txt -> TrackingCookie.Paypopup : Cleaned.
C:\Documents and Settings\Omistaja\Cookies\omistaja@paypopup[2].txt -> TrackingCookie.Paypopup : Cleaned.
:mozilla.66:C:\Documents and Settings\juki\Application Data\Mozilla\Firefox\Profiles\sjknrume.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned.
:mozilla.67:C:\Documents and Settings\juki\Application Data\Mozilla\Firefox\Profiles\sjknrume.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned.
C:\Documents and Settings\Omistaja\Cookies\omistaja@revsci[2].txt -> TrackingCookie.Revsci : Cleaned.
C:\Documents and Settings\juki\Cookies\juki@site.skype[1].txt -> TrackingCookie.Skype : Cleaned.
C:\Documents and Settings\Omistaja\Cookies\omistaja@skype[1].txt -> TrackingCookie.Skype : Cleaned.
C:\Documents and Settings\Omistaja\Cookies\omistaja@spylog[1].txt -> TrackingCookie.Spylog : Cleaned.
C:\Documents and Settings\Omistaja\Cookies\omistaja@statcounter[1].txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.7:C:\Documents and Settings\juki\Application Data\Mozilla\Firefox\Profiles\sjknrume.default\cookies.txt -> TrackingCookie.Statistik-gallup : Cleaned.
C:\Documents and Settings\juki\Cookies\juki@statistik-gallup[1].txt -> TrackingCookie.Statistik-gallup : Cleaned.
C:\Documents and Settings\Omistaja\Cookies\omistaja@statistik-gallup[1].txt -> TrackingCookie.Statistik-gallup : Cleaned.
C:\Documents and Settings\juki\Cookies\juki@statistik-gallup[1].txt -> TrackingCookie.Statistik-gallup : Cleaned.
:mozilla.78:C:\Documents and Settings\juki\Application Data\Mozilla\Firefox\Profiles\sjknrume.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.79:C:\Documents and Settings\juki\Application Data\Mozilla\Firefox\Profiles\sjknrume.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
C:\Documents and Settings\Omistaja\Cookies\omistaja@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned.
C:\Documents and Settings\juki\Cookies\juki@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Cleaned.
C:\Documents and Settings\Omistaja\Cookies\omistaja@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.100:C:\Documents and Settings\juki\Application Data\Mozilla\Firefox\Profiles\sjknrume.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned.
:mozilla.101:C:\Documents and Settings\juki\Application Data\Mozilla\Firefox\Profiles\sjknrume.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned.
C:\Documents and Settings\juki\Cookies\juki@m.webtrends[1].txt -> TrackingCookie.Webtrends : Cleaned.
C:\Documents and Settings\Omistaja\Cookies\omistaja@statse.webtrendslive[1].txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.107:C:\Documents and Settings\juki\Application Data\Mozilla\Firefox\Profiles\sjknrume.default\cookies.txt -> TrackingCookie.Yadro : Cleaned.
C:\Documents and Settings\Omistaja\Cookies\omistaja@yadro[1].txt -> TrackingCookie.Yadro : Cleaned.
C:\Documents and Settings\Omistaja\Cookies\omistaja@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\Omistaja\Cookies\omistaja@zedo[2].txt -> TrackingCookie.Zedo : Cleaned.
C:\Ohjelmatiedostot\RegHance\RegHance.exe_load.exe -> Trojan.Agent : Cleaned with backup (quarantined).
C:\Program Files\DC++\Downloads\Patch.exe -> Trojan.Feutel.av : Cleaned with backup (quarantined).
C:\Program Files\SlySoft\CloneCD\v5.2.1.1 Patch.exe -> Trojan.Feutel.av : Cleaned with backup (quarantined).
C:\nk_files\PaintShopProv8.0FinalTry&BuypatchLasH.zip/Patcher.exe -> Trojan.Feutel.av : Cleaned with backup (quarantined).
C:\nk_files\WinAce_v2[1].6_Beta_3_by_SND.zip/patch.exe -> Trojan.Feutel.av : Cleaned with backup (quarantined).
C:\nk_files\WinRAR_v3[1].00_Final_by_LasH.zip/Patcher.exe -> Trojan.Feutel.av : Cleaned with backup (quarantined).
C:\nk_files\bcp320.zip/crack.exe -> Trojan.Feutel.av : Cleaned with backup (quarantined).
C:\Documents and Settings\juki\Omat tiedostot\Hot_Chix_n_Gear_Stix_v1[1].0_www.crack.cd_.zip/HCGSpatch.exe -> Trojan.Proxcrak.A : Cleaned with backup (quarantined).
C:\nk_files\Hot_Chix_'n'_Gear_Stix_v1[1].0.zip/HCGSpatch.exe -> Trojan.Proxcrak.A : Cleaned with backup (quarantined).
C:\nk_files\UltraISO_v7[1].2.3.901_ME.zip/UltraISO.rar/UltraISO.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\nk_files\WinXP_Manager_v4[1].8.4.zip/WinXP Manager v4841.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\nk_files\n-gen_psp801.zip/PSP 8.01.exe -> Trojan.Small : Cleaned with backup (quarantined).
H:\vara\Uusi kansi\Uusi kansio\Partition_Magic_Pro_v7[1].0_by_AAOCG.zip/PMagic9x_crk.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\Program Files\DC++\Downloads\Windows XP Product Key ID Changer SP2 Service Pack 2\Good Method\XPKeyRecoverer5.12.exe -> Trojan.Small.edz : Cleaned with backup (quarantined).
C:\nk_files\Windows_XP_Activation_and_Reactivation.zip/XPKey.exe -> Trojan.Small.edz : Cleaned with backup (quarantined).


::Report end

 

en kyll ymmärtänyt tuosta alkusepustuksesta oikein mitään

Lataa WinPFind3 http://download.bleepingcomputer.com/oldtimer/winpfind3u.exe työpöydällesi ja tuplaklikkaa exeä purkaaksesi sen. Kansio nimeltä WinPFind3u luodaan työpöydällesi.


* Avaa WinPFind3u-kansio ja tuplaklikkaa WinPFind3U.exe käynnistääksesi ohjelman.

o Files Created Within-kohdassa klikkaa30 days
o Files Modified Within-kohdassa klikkaa30 days
o File String Search -kohdassa klikkaaNon-Microsoft

* Nyt klikkaa Run Scan-nappulaa työkalupalkissa.
* Kun skanni on valmis, raportti avautuu muistioon.
* Klikkaa Muotoile ja varmistu ettei automaattinen rivitys ole valittuna. Jos on, ota valinta pois.


Lähetä loki seuraavassa vastauksessasi. Voit tarvita siihen useita vastauksia, ettei se jää vaillinaiseksi.

 

WinPFind3 logfile created on: 19.5.2007 22:40:50
WinPFind3U by OldTimer - Version 1.0.37 Folder = C:\Documents and Settings\juki\Työpöytä\WinPFind3u\
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600)
Internet Explorer (Version = 7.0.5730.11)

1023,23 Mb Total Physical Memory | 331,07 Mb Available Physical Memory | 32,36% Memory free
2,40 Gb Paging File | 1,89 Gb Available in Paging File | 78,56% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 174,07 Gb Total Space | 64,64 Gb Free Space | 37,14% Space Free
Drive D: | 105,38 Gb Total Space | 30,42 Gb Free Space | 28,86% Space Free
E: Drive not present or media not loaded
F: Drive not present or media not loaded

Computer Name: JUKI-D0E8B3766D
Current User Name: juki
Logged in as Administrator.
Current Boot Mode: Normal


[Processes - Non-Microsoft Only]
ali5289.exe -> %ProgramFiles%\ULI5289\ALi5289.exe -> ALi Corporation [Ver = 6, 0, 0, 2 | Size = 405504 bytes | Modified Date = 10.3.2005 15:56:32 | Attr = ]
aluschedulersvc.exe -> %ProgramFiles%\Symantec\LiveUpdate\ALUSchedulerSvc.exe -> Symantec Corporation [Ver = 3.0.0.171 | Size = 100032 bytes | Modified Date = 3.8.2006 17:58:42 | Attr = ]
anydvd.exe -> %ProgramFiles%\SlySoft\AnyDVD\AnyDVD.exe -> SlySoft, Inc. [Ver = 6.1.0.0 | Size = 503296 bytes | Modified Date = 1.2.2007 18:55:00 | Attr = ]
apdproxy.exe -> %ProgramFiles%\Adobe\Photoshop Elements 4.0\apdproxy.exe -> Adobe Systems Incorporated [Ver = 3.0.0.53237 | Size = 57344 bytes | Modified Date = 9.9.2005 2:18:10 | Attr = ]
ccapp.exe -> %CommonProgramFiles%\Symantec Shared\CCAPP.EXE -> Symantec Corporation [Ver = 104.0.14.2 | Size = 52840 bytes | Modified Date = 1.3.2007 13:15:44 | Attr = ]
ccevtmgr.exe -> %CommonProgramFiles%\Symantec Shared\CCEVTMGR.EXE -> Symantec Corporation [Ver = 104.0.14.2 | Size = 192104 bytes | Modified Date = 1.3.2007 13:15:46 | Attr = ]
ccproxy.exe -> %CommonProgramFiles%\Symantec Shared\CCPROXY.EXE -> Symantec Corporation [Ver = 104.0.13.2 | Size = 202344 bytes | Modified Date = 6.12.2006 12:11:34 | Attr = ]
ccsetmgr.exe -> %CommonProgramFiles%\Symantec Shared\CCSETMGR.EXE -> Symantec Corporation [Ver = 104.0.14.2 | Size = 169576 bytes | Modified Date = 1.3.2007 13:15:48 | Attr = ]
ctdetect.exe -> %ProgramFiles%\Creative\MediaSource\Detector\CTDetect.exe -> Creative Technology Ltd [Ver = 3.0.2.0 | Size = 102400 bytes | Modified Date = 2.12.2004 19:23:34 | Attr = ]
ctdvddet.exe -> %ProgramFiles%\Creative\SBAudigy2\DVDAudio\CTDVDDET.exe -> Creative Technology Ltd [Ver = 1.0.2.0 | Size = 45056 bytes | Modified Date = 30.9.2002 2:00:00 | Attr = ]
cthelper.exe -> %SystemRoot%\CTHELPER.EXE -> Creative Technology Ltd [Ver = 2, 0, 0, 41 | Size = 17920 bytes | Modified Date = 11.8.2006 15:56:02 | Attr = ]
ctsvccda.exe -> %System32%\CTSVCCDA.EXE -> Creative Technology Ltd [Ver = 1.0.1.0 | Size = 44032 bytes | Modified Date = 13.12.1999 4:01:00 | Attr = ]
ctsysvol.exe -> %ProgramFiles%\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe -> Creative Technology Ltd [Ver = 1.1.3.0 | Size = 49152 bytes | Modified Date = 29.10.2002 10:18:24 | Attr = ]
epsibar.exe -> %SystemDrive%\saab\Toolbar\EPSIBar.exe -> Tamara [Ver = 1.01.0002 | Size = 196608 bytes | Modified Date = 7.3.2001 18:15:24 | Attr = ]
grvsa.exe -> %System32%\GRVSA.exe -> GenRad Limited [Ver = 2, 2, 0, 1 | Size = 102400 bytes | Modified Date = 23.10.2000 15:25:08 | Attr = ]
guard.exe -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 47 | Size = 204800 bytes | Modified Date = 28.9.2006 17:13:20 | Attr = ]
jusched.exe -> %ProgramFiles%\Java\jre1.6.0_01\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 6.0.10.6 | Size = 83608 bytes | Modified Date = 14.3.2007 3:43:44 | Attr = ]
navapsvc.exe -> %ProgramFiles%\Norton Internet Security\Norton AntiVirus\NAVAPSVC.EXE -> Symantec Corporation [Ver = 12.7.0.2 | Size = 139888 bytes | Modified Date = 22.3.2007 19:43:12 | Attr = ]
nscsrvce.exe -> %CommonProgramFiles%\Symantec Shared\Security Console\NSCSRVCE.EXE -> Symantec Corporation [Ver = 2006.1.8.2 | Size = 750720 bytes | Modified Date = 15.12.2006 19:41:50 | Attr = ]
nvsvc32.exe -> %System32%\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.10.9371 | Size = 159810 bytes | Modified Date = 22.10.2006 13:22:00 | Attr = ]
pbbckupui.exe -> %SystemDrive%\APPS\DataSecure\PBBckupUI.exe -> Nec Computers International [Ver = 2.0.0.0 | Size = 2257408 bytes | Modified Date = 26.4.2005 12:51:50 | Attr = ]
pdvdserv.exe -> %ProgramFiles%\CyberLink\PowerDVD\PDVDServ.exe -> Cyberlink Corp. [Ver = 5.00.0910 | Size = 30208 bytes | Modified Date = 7.12.2005 22:57:00 | Attr = ]
photoshopelementsfileagent.exe -> %ProgramFiles%\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe -> [Ver = | Size = 102400 bytes | Modified Date = 9.9.2005 4:24:30 | Attr = ]
qttask.exe -> %ProgramFiles%\QuickTime\qttask.exe -> Apple Computer, Inc. [Ver = 7.1.3 | Size = 282624 bytes | Modified Date = 1.9.2006 16:57:48 | Attr = ]
richvideo.exe -> %ProgramFiles%\CyberLink\Shared Files\RichVideo.exe -> [Ver = 1.1.0808 | Size = 167936 bytes | Modified Date = 8.8.2005 13:54:00 | Attr = ]
schedhlp.exe -> %CommonProgramFiles%\Acronis\Schedule2\schedhlp.exe -> Acronis [Ver = 1,0,0,237 | Size = 87584 bytes | Modified Date = 16.10.2006 22:13:32 | Attr = ]
schedul2.exe -> %CommonProgramFiles%\Acronis\Schedule2\schedul2.exe -> Acronis [Ver = 1,0,0,237 | Size = 230944 bytes | Modified Date = 16.10.2006 22:13:28 | Attr = ]
skype.exe -> %ProgramFiles%\Skype\Phone\Skype.exe -> Skype Technologies S.A. [Ver = 3.1.0.152 | Size = 25263144 bytes | Modified Date = 30.3.2007 13:34:08 | Attr = ]
sndsrvc.exe -> %CommonProgramFiles%\Symantec Shared\SNDSrvc.exe -> Symantec Corporation [Ver = 6.0.6.604 | Size = 214672 bytes | Modified Date = 28.3.2007 18:52:18 | Attr = ]
ssaad.exe -> %ProgramFiles%\Sony\SonicStage\SSAAD.exe -> [Ver = 3.4.01.13062 | Size = 81920 bytes | Modified Date = 7.1.2006 3:36:10 | Attr = ]
symlcsvc.exe -> %CommonProgramFiles%\Symantec Shared\CCPD-LC\symlcsvc.exe -> Symantec Corporation [Ver = 1.9.1.1080 | Size = 1174152 bytes | Modified Date = 21.1.2007 10:55:06 | Attr = ]
timountermonitor.exe -> %ProgramFiles%\Acronis\TrueImageHome\TimounterMonitor.exe -> Acronis [Ver = 3.3 build 443 | Size = 1941784 bytes | Modified Date = 16.10.2006 22:17:16 | Attr = ]
tomtomhome.exe -> %ProgramFiles%\TomTom HOME\TomTomHOME.exe -> TomTom [Ver = 1.5.032 | Size = 3718312 bytes | Modified Date = 29.1.2007 13:07:12 | Attr = ]
trueimagemonitor.exe -> %ProgramFiles%\Acronis\TrueImageHome\TrueImageMonitor.exe -> Acronis [Ver = 10,0,0,4871 | Size = 1164912 bytes | Modified Date = 17.10.2006 2:23:04 | Attr = ]
ulcdrsvr.exe -> %CommonProgramFiles%\Ulead Systems\DVD\ULCDRSvr.exe -> Ulead Systems, Inc. [Ver = 1, 0, 0, 4 | Size = 49152 bytes | Modified Date = 31.1.2005 10:45:20 | Attr = R ]
winpfind3u.exe -> %UserDesktop%\WinPFind3u\WinPFind3U.exe -> OldTimer Tools [Ver = 1.0.37.0 | Size = 319488 bytes | Modified Date = 16.5.2007 21:40:18 | Attr = ]
wzqkpick.exe -> %ProgramFiles%\WinZip\WZQKPICK.EXE -> WinZip Computing LP [Ver = 1.0 (32-bit) | Size = 389120 bytes | Modified Date = 21.11.2006 12:00:00 | Attr = ]

[Win32 Services - Non-Microsoft Only]
(AcrSch2Svc) Acronis Scheduler2 Service [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Acronis\Schedule2\schedul2.exe -> Acronis [Ver = 1,0,0,237 | Size = 230944 bytes | Modified Date = 16.10.2006 22:13:28 | Attr = ]
(AdobeActiveFileMonitor4.0) Adobe Active File Monitor V4 [Win32_Own | Auto | Running] -> %ProgramFiles%\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe -> [Ver = | Size = 102400 bytes | Modified Date = 9.9.2005 4:24:30 | Attr = ]
(Automattinen LiveUpdate-ajastustoiminto) Automattinen LiveUpdate-ajastustoiminto [Win32_Own | Auto | Running] -> %ProgramFiles%\Symantec\LiveUpdate\ALUSchedulerSvc.exe -> Symantec Corporation [Ver = 3.0.0.171 | Size = 100032 bytes | Modified Date = 3.8.2006 17:58:42 | Attr = ]
(AVG Anti-Spyware Guard) AVG Anti-Spyware Guard [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 47 | Size = 204800 bytes | Modified Date = 28.9.2006 17:13:20 | Attr = ]
(ccEvtMgr) Symantec Event Manager [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\CCEVTMGR.EXE -> Symantec Corporation [Ver = 104.0.14.2 | Size = 192104 bytes | Modified Date = 1.3.2007 13:15:46 | Attr = ]
(ccISPwdSvc) Symantec Internet Security Password Validation [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Norton Internet Security\CCPWDSVC.EXE -> Symantec Corporation [Ver = 9.1.0.34 | Size = 72328 bytes | Modified Date = 24.3.2006 12:13:32 | Attr = ]
(ccProxy) Symantec Network Proxy [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\CCPROXY.EXE -> Symantec Corporation [Ver = 104.0.13.2 | Size = 202344 bytes | Modified Date = 6.12.2006 12:11:34 | Attr = ]
(ccSetMgr) Symantec Settings Manager [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\CCSETMGR.EXE -> Symantec Corporation [Ver = 104.0.14.2 | Size = 169576 bytes | Modified Date = 1.3.2007 13:15:48 | Attr = ]
(comHost) COM Host [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Norton Internet Security\COMHOST.EXE -> Symantec Corporation [Ver = 9.1.1.7 | Size = 45696 bytes | Modified Date = 1.2.2007 18:20:46 | Attr = ]
(Creative Service for CDROM Access) Creative Service for CDROM Access [Win32_Own | Auto | Running] -> %System32%\CTSVCCDA.EXE -> Creative Technology Ltd [Ver = 1.0.1.0 | Size = 44032 bytes | Modified Date = 13.12.1999 4:01:00 | Attr = ]
(dmadmin) Loogisen levyn hallinnan valvontapalvelu [Win32_Shared | On_Demand | Stopped] -> %System32%\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 14.9.2004 17:12:04 | Attr = ]
(IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\11\Intel 32\IDriverT.exe -> Macrovision Corporation [Ver = 11.00.28844 | Size = 69632 bytes | Modified Date = 4.4.2005 0:41:10 | Attr = ]
(LiveUpdate) LiveUpdate [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Symantec\LiveUpdate\LuComServer_3_0.EXE -> Symantec Corporation [Ver = 3.0.0.171 | Size = 2119360 bytes | Modified Date = 3.8.2006 17:58:42 | Attr = ]
(MSCSPTISRV) MSCSPTISRV [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Sony Shared\AVLib\MSCSPTISRV.exe -> Sony Corporation [Ver = 4.4.00.11241 | Size = 53337 bytes | Modified Date = 24.11.2005 18:03:22 | Attr = ]
(navapsvc) Norton AntiVirus Auto-Protect -palvelu [Win32_Own | Auto | Running] -> %ProgramFiles%\Norton Internet Security\Norton AntiVirus\NAVAPSVC.EXE -> Symantec Corporation [Ver = 12.7.0.2 | Size = 139888 bytes | Modified Date = 22.3.2007 19:43:12 | Attr = ]
(NBService) NBService [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Nero\Nero 7\Nero BackItUp\NBService.exe -> Nero AG [Ver = 2, 7, 3, 2 | Size = 774144 bytes | Modified Date = 15.1.2007 18:14:38 | Attr = ]
(NMIndexingService) NMIndexingService [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Ahead\Lib\NMIndexingService.exe -> Nero AG [Ver = 1, 7, 11, 0 | Size = 266240 bytes | Modified Date = 15.1.2007 17:01:56 | Attr = ]
(NSCService) Norton Protection Center Service [Win32_Own | On_Demand | Running] -> %CommonProgramFiles%\Symantec Shared\Security Console\NSCSRVCE.EXE -> Symantec Corporation [Ver = 2006.1.8.2 | Size = 750720 bytes | Modified Date = 15.12.2006 19:41:50 | Attr = ]
(NVSvc) NVIDIA Display Driver Service [Win32_Own | Auto | Running] -> %System32%\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.10.9371 | Size = 159810 bytes | Modified Date = 22.10.2006 13:22:00 | Attr = ]
(PACSPTISVR) PACSPTISVR [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Sony Shared\AVLib\PACSPTISVR.exe -> Sony Corporation [Ver = 4.4.00.11241 | Size = 53337 bytes | Modified Date = 24.11.2005 16:57:44 | Attr = ]
(RichVideo) Cyberlink RichVideo Service(CRVS) [Win32_Own | Auto | Running] -> %ProgramFiles%\CyberLink\Shared Files\RichVideo.exe -> [Ver = 1.1.0808 | Size = 167936 bytes | Modified Date = 8.8.2005 13:54:00 | Attr = ]
(rpcapd) Remote Packet Capture Protocol v.0 (experimental) [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\WinPcap\rpcapd.exe -> CACE Technologies [Ver = 3, 1, 0, 27 | Size = 86016 bytes | Modified Date = 3.8.2005 0:18:50 | Attr = ]
(SAVScan) Symantec AVScan [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Norton Internet Security\Norton AntiVirus\SAVScan.exe -> Symantec Corporation [Ver = 9.7.0.10 | Size = 198368 bytes | Modified Date = 26.8.2005 16:22:48 | Attr = ]
(SNDSrvc) Symantec Network Drivers Service [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\SNDSrvc.exe -> Symantec Corporation [Ver = 6.0.6.604 | Size = 214672 bytes | Modified Date = 28.3.2007 18:52:18 | Attr = ]
(SPBBCSvc) Symantec SPBBCSvc [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Symantec Shared\SPBBC\SPBBCSvc.exe -> Symantec Corporation [Ver = 2.1.0.4 | Size = 1160848 bytes | Modified Date = 11.5.2006 15:50:20 | Attr = ]
(SPTISRV) Sony SPTI Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Sony Shared\AVLib\SPTISRV.exe -> Sony Corporation [Ver = 4.4.00.11241 | Size = 69718 bytes | Modified Date = 24.11.2005 16:47:30 | Attr = ]
(SSScsiSV) SonicStage SCSI Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Sony Shared\AVLib\SSScsiSV.exe -> Sony Corporation [Ver = 3.4.01.13062 | Size = 69632 bytes | Modified Date = 6.1.2006 23:25:12 | Attr = ]
(Symantec Core LC) Symantec Core LC [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\CCPD-LC\symlcsvc.exe -> Symantec Corporation [Ver = 1.9.1.1080 | Size = 1174152 bytes | Modified Date = 21.1.2007 10:55:06 | Attr = ]
(UleadBurningHelper) Ulead Burning Helper [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Ulead Systems\DVD\ULCDRSvr.exe -> Ulead Systems, Inc. [Ver = 1, 0, 0, 4 | Size = 49152 bytes | Modified Date = 31.1.2005 10:45:20 | Attr = R ]

[Registry - Non-Microsoft Only]
< Run [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
!AVG Anti-Spyware -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\avgas.exe -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 50 | Size = 6266880 bytes | Modified Date = 7.10.2006 15:20:00 | Attr = ]
Acronis Scheduler2 Service -> %CommonProgramFiles%\Acronis\Schedule2\schedhlp.exe -> Acronis [Ver = 1,0,0,237 | Size = 87584 bytes | Modified Date = 16.10.2006 22:13:32 | Attr = ]
AcronisTimounterMonitor -> %ProgramFiles%\Acronis\TrueImageHome\TimounterMonitor.exe -> Acronis [Ver = 3.3 build 443 | Size = 1941784 bytes | Modified Date = 16.10.2006 22:17:16 | Attr = ]
Adobe Photo Downloader -> %ProgramFiles%\Adobe\Photoshop Elements 4.0\apdproxy.exe -> Adobe Systems Incorporated [Ver = 3.0.0.53237 | Size = 57344 bytes | Modified Date = 9.9.2005 2:18:10 | Attr = ]
ALi5289 -> %ProgramFiles%\ULI5289\ALi5289.exe -> ALi Corporation [Ver = 6, 0, 0, 2 | Size = 405504 bytes | Modified Date = 10.3.2005 15:56:32 | Attr = ]
ccApp -> %CommonProgramFiles%\Symantec Shared\CCAPP.EXE -> Symantec Corporation [Ver = 104.0.14.2 | Size = 52840 bytes | Modified Date = 1.3.2007 13:15:44 | Attr = ]
CTDVDDet -> %ProgramFiles%\Creative\SBAudigy2\DVDAudio\CTDVDDET.exe -> Creative Technology Ltd [Ver = 1.0.2.0 | Size = 45056 bytes | Modified Date = 30.9.2002 2:00:00 | Attr = ]
CTHelper -> %SystemRoot%\CTHELPER.EXE -> Creative Technology Ltd [Ver = 2, 0, 0, 41 | Size = 17920 bytes | Modified Date = 11.8.2006 15:56:02 | Attr = ]
CTSysVol -> %ProgramFiles%\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe -> Creative Technology Ltd [Ver = 1.1.3.0 | Size = 49152 bytes | Modified Date = 29.10.2002 10:18:24 | Attr = ]
CTxfiHlp -> %System32%\CTXFIHLP.EXE -> Creative Technology Ltd [Ver = 2, 0, 1, 3 | Size = 18944 bytes | Modified Date = 11.8.2006 15:56:04 | Attr = ]
LanguageShortcut -> %ProgramFiles%\CyberLink\PowerDVD\Language\Language.exe -> [Ver = 1, 0, 2129, 0 | Size = 49152 bytes | Modified Date = 29.9.2006 22:58:20 | Attr = ]
NeroFilterCheck -> %CommonProgramFiles%\Ahead\Lib\NeroCheck.exe -> Nero AG [Ver = 1, 0, 0, 5 | Size = 155648 bytes | Modified Date = 12.1.2006 16:40:44 | Attr = ]
NvCplDaemon -> %System32%\nvcpl.dll [RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup] -> NVIDIA Corporation [Ver = 6.14.10.9371 | Size = 7700480 bytes | Modified Date = 22.10.2006 13:22:00 | Attr = ]
NWEReboot -> -> File not found
nwiz -> %System32%\nwiz.exe -> [Ver = | Size = 1622016 bytes | Modified Date = 22.10.2006 13:22:00 | Attr = ]
NvMediaCenter -> %System32%\nvmctray.dll [RunDLL32.exe NvMCTray.dll,NvTaskbarInit] -> NVIDIA Corporation [Ver = 6.14.10.9371 | Size = 86016 bytes | Modified Date = 22.10.2006 13:22:00 | Attr = ]
PinnacleDriverCheck -> %System32%\PSDrvCheck.exe -> [Ver = 1.0.0.63 | Size = 406016 bytes | Modified Date = 11.3.2004 0:26:10 | Attr = ]
QuickTime Task -> %ProgramFiles%\QuickTime\qttask.exe -> Apple Computer, Inc. [Ver = 7.1.3 | Size = 282624 bytes | Modified Date = 1.9.2006 16:57:48 | Attr = ]
RemoteControl -> %ProgramFiles%\CyberLink\PowerDVD\PDVDServ.exe -> Cyberlink Corp. [Ver = 5.00.0910 | Size = 30208 bytes | Modified Date = 7.12.2005 22:57:00 | Attr = ]
SBDrvDet -> %ProgramFiles%\Creative\SB Drive Det\SBDrvDet.exe -> Creative Technology Ltd [Ver = 1.0.3.0 | Size = 45056 bytes | Modified Date = 3.12.2002 19:06:52 | Attr = ]
SsAAD.exe -> %ProgramFiles%\Sony\SonicStage\SSAAD.exe -> [Ver = 3.4.01.13062 | Size = 81920 bytes | Modified Date = 7.1.2006 3:36:10 | Attr = ]
SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.6.0_01\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 6.0.10.6 | Size = 83608 bytes | Modified Date = 14.3.2007 3:43:44 | Attr = ]
TomTomHOME.exe -> %ProgramFiles%\TomTom HOME\TomTomHOME.exe -> TomTom [Ver = 1.5.032 | Size = 3718312 bytes | Modified Date = 29.1.2007 13:07:12 | Attr = ]
TrueImageMonitor.exe -> %ProgramFiles%\Acronis\TrueImageHome\TrueImageMonitor.exe -> Acronis [Ver = 10,0,0,4871 | Size = 1164912 bytes | Modified Date = 17.10.2006 2:23:04 | Attr = ]
Ulead Quick-Drop -> %ProgramFiles%\Ulead Systems\Ulead DVD MovieFactory 5 Plus\Ulead DVD MovieFactory 5\Quick-Drop.exe -> Ulead Systems, Inc. [Ver = 5.0.0.0 | Size = 118784 bytes | Modified Date = 20.7.2006 3:04:14 | Attr = ]
UpdReg -> %SystemRoot%\Updreg.EXE -> Creative Technology Ltd. [Ver = 1.0.2 | Size = 90112 bytes | Modified Date = 11.5.2000 2:00:00 | Attr = ]
< OptionalComponents [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\
IMAIL -> Installed = 1 ->
MAPI -> Installed = 1 ->
MSFS -> Installed = 1 ->
< Run [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
AnyDVD -> %ProgramFiles%\SlySoft\AnyDVD\AnyDVD.exe -> SlySoft, Inc. [Ver = 6.1.0.0 | Size = 503296 bytes | Modified Date = 1.2.2007 18:55:00 | Attr = ]
BitTorrent -> %ProgramFiles%\BitTorrent\bittorrent.exe -> File not found
Creative Detector -> %ProgramFiles%\Creative\MediaSource\Detector\CTDetect.exe -> Creative Technology Ltd [Ver = 3.0.2.0 | Size = 102400 bytes | Modified Date = 2.12.2004 19:23:34 | Attr = ]
Data Secure -> %SystemDrive%\APPS\DataSecure\PBBckupUI.exe -> Nec Computers International [Ver = 2.0.0.0 | Size = 2257408 bytes | Modified Date = 26.4.2005 12:51:50 | Attr = ]
Skype -> %ProgramFiles%\Skype\Phone\Skype.exe -> Skype Technologies S.A. [Ver = 3.1.0.152 | Size = 25263144 bytes | Modified Date = 30.3.2007 13:34:08 | Attr = ]
< Common Startup > -> C:\Documents and Settings\All Users.WINDOWS\Käynnistä-valikko\Ohjelmat\Käynnistys
%AllUsersStartup%\Adobe Reader Speed Launch.lnk -> %ProgramFiles%\Adobe\Reader 8.0\Reader\reader_sl.exe -> Adobe Systems Incorporated [Ver = 8.0.0.0 | Size = 40048 bytes | Modified Date = 23.10.2006 2:48:20 | Attr = ]
%AllUsersStartup%\Adobe Reader Synchronizer.lnk -> %ProgramFiles%\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe -> [Ver = 8.0.0.0 | Size = 734872 bytes | Modified Date = 23.10.2006 1:01:50 | Attr = ]
%AllUsersStartup%\EPSI ToolBar.lnk -> %SystemDrive%\saab\Toolbar\EPSIBar.exe -> Tamara [Ver = 1.01.0002 | Size = 196608 bytes | Modified Date = 7.3.2001 18:15:24 | Attr = ]
%AllUsersStartup%\WinZip Quick Pick.lnk -> %ProgramFiles%\WinZip\WZQKPICK.EXE -> WinZip Computing LP [Ver = 1.0 (32-bit) | Size = 389120 bytes | Modified Date = 21.11.2006 12:00:00 | Attr = ]
< User Startup > -> C:\Documents and Settings\juki\Käynnistä-valikko\Ohjelmat\Käynnistys
%UserStartup%\HDDlife.lnk -> %ProgramFiles%\BinarySense\HDDlife\HDDlifePro.exe -> File not found
< ShellExecuteHooks [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
{57B86673-276A-48B2-BAE7-C6DBB3020EB8} [HKLM] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [AVG Anti-Spyware 7.5] -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 47 | Size = 73728 bytes | Modified Date = 28.9.2006 17:13:28 | Attr = ]
< SecurityProviders [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders
< Winlogon settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
< Winlogon settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
< CurrentVersion Policy Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\\ScanWithAntiVirus -> 2 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ext\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ext\CLSID\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ext\CLSID\\{17492023-C23A-453E-A040-C7C580BBF700} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 ->
< CurrentVersion Policy Settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Associations\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\DisableRegistryTools -> 0 ->
< Software Policy Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\
HKEY_LOCAL_MACHINE\SOFTWARE\policies\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Adobe\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Adobe\Acrobat Reader\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Adobe\Acrobat Reader\8.0\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Adobe\Acrobat Reader\8.0\FeatureLockdown\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Adobe\Acrobat Reader\8.0\FeatureLockdown\cDefaultExecMenuItems\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Adobe\Acrobat Reader\8.0\FeatureLockdown\cDefaultExecMenuItems\\tWhiteList -> Close|GeneralInfo|Quit|FirstPage|PrevPage|NextPage|LastPage|ActualSize|FitPage|FitWidth|FitHeight|SinglePage|OneColumn|TwoPages|TwoColumns|ZoomViewIn|ZoomViewOut|ShowHideBookmarks|ShowHideThumbnails|Print|GoToPage|ZoomTo|GeneralPrefs|SaveAs|FullScreen|OpenOrganizer|Scan|Web2PDF:OpnURL|AcroSendMail:SendMail|Spelling:Check Spelling|PageSetup|Find|FindSearch|GoBack|GoForward|FitVisible|ShowHideToolbarEditing|ShowHideToolbarCommenting|ShowHideToolbarEdit|ShowHideToolbarFile|ShowHideToolbarFind|ShowHideToolbarForms|ShowHideToolbarMeasuring|ShowHideToolbarData|ShowHideToolbarPageDisplay|ShowHideToolbarNavigation|ShowHideToolbarPrintProduction|ShowHideToolbarRedaction|ShowHideToolbarBasicTools|ShowHideToolbarTasks|ShowHideToolbarTypewriter|PropertyToolbar|ShowHideArticles|ShowHideFileAttachment|ShowHideAnnotManager|ShowHideFields|ShowHideOptCont|ShowHideModelTree|ShowHideSignatures|InsertPages|ExtractPages|ReplacePages|DeletePages|CropPages|RotatePages|AddFileAttachment|FindCurrentBookmark|BookmarkShowLocation ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Adobe\Acrobat Reader\8.0\FeatureLockdown\cDefaultLaunchAttachmentPerms\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Adobe\Acrobat Reader\8.0\FeatureLockdown\cDefaultLaunchAttachmentPerms\\tBuiltInPermList -> version:1|.ade:3|.adp:3|.app:3|.asp:3|.bas:3|.bat:3|.bz:3|.bz2:3|.chm:3|.class:3|.cmd:3|.com:3|.command:3|.cpl:3|.crt:3|.csh:3|.desktop:3|.exe:3|.fxp:3|.gz:3|.hex:3|.hlp:3|.hqx:3|.hta:3|.inf:3|.ini:3|.ins:3|.isp:3|.its:3|.job:3|.js:3|.jse:3|.ksh:3|.lnk:3|.lzh:3|.mad:3|.maf:3|.mag:3|.mam:3|.maq:3|.mar:3|.mas:3|.mat:3|.mau:3|.mav:3|.maw:3|.mda:3|.mde:3|.mdt:3|.mdw:3|.mdz:3|.msc:3|.msi:3|.msp:3|.mst:3|.ocx:3|.ops:3|.pcd:3|.pi:3|.pif:3|.prf:3|.prg:3|.pst:3|.rar:3|.reg:3|.scf:3|.scr:3|.sct:3|.sea:3|.shb:3|.shs:3|.sit:3|.tar:3|.tgz:3|.tmp:3|.url:3|.vb:3|.vbe:3|.vbs:3|.vsmacros:3|.vss:3|.vst:3|.vsw:3|.webloc:3|.ws:3|.wsc:3|.wsf:3|.wsh:3|.zip:3|.zlo:3|.zoo:3|.pdf:2|.fdf:2 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Adobe\Acrobat Reader\8.0\FeatureLockdown\cDefaultLaunchURLPerms\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Adobe\Acrobat Reader\8.0\FeatureLockdown\cDefaultLaunchURLPerms\\tSchemePerms -> version:1|shell:3|hcp:3|ms-help:3|ms-its:3|ms-itss:3|its:3|mk:3|mhtml:3|help:3|disk:3|afp:3|disks:3|telnet:3|ssh:3|javascript:1|vbscript:1|acrobat:2|file:2|mailto:2 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Conferencing\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\MRT\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\RTC\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\RTC\WindowsLiveCall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\RTC\WindowsLiveCall\CertificatePolicy\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\RTC\WindowsLiveCall\PortRange\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\RTC\{A5B45060-354F-4097-A928-5125436C46F1}\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\RTC\{A5B45060-354F-4097-A928-5125436C46F1}\\DisableServerCheck -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\RTC\{A5B45060-354F-4097-A928-5125436C46F1}\\LegacyPresence -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\RTC\{A5B45060-354F-4097-A928-5125436C46F1}\CertificatePolicy\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\RTC\{A5B45060-354F-4097-A928-5125436C46F1}\PortRange\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Installer\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Installer\\EnableAdminTSRemote -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\\ExecutableTypes -> ADE;ADP;BAS;BAT;CHM;CMD;COM;CPL;CRT;EXE;HLP;HTA;INF;INS;ISP;LNK;MDB;MDE;MSC;MSI;MSP;MST;OCX;PCD;PIF;REG;SCR;SHS;URL;VB;WSC; ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\\TransparentEnabled -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\\DefaultLevel -> 262144 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\\AuthenticodeEnabled -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\\PolicyScope -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{349d35ab-37b5-462f-9b89-edd5fbde1328}\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{349d35ab-37b5-462f-9b89-edd5fbde1328}\\Description -> Stop the download of this file ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{349d35ab-37b5-462f-9b89-edd5fbde1328}\\FriendlyName -> Mdac11.cab ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{349d35ab-37b5-462f-9b89-edd5fbde1328}\\SaferFlags -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{349d35ab-37b5-462f-9b89-edd5fbde1328}\\HashAlg -> 32771 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{349d35ab-37b5-462f-9b89-edd5fbde1328}\\ItemData -> ^«0O•zI‰j
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{349d35ab-37b5-462f-9b89-edd5fbde1328}\\LastModified -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{349d35ab-37b5-462f-9b89-edd5fbde1328}\\ItemSize -> ; ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{7fb9cd2e-3076-4df9-a57b-b813f72dbb91}\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{7fb9cd2e-3076-4df9-a57b-b813f72dbb91}\\Description -> Stop the download of this file ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{7fb9cd2e-3076-4df9-a57b-b813f72dbb91}\\FriendlyName -> mdac20.cab ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{7fb9cd2e-3076-4df9-a57b-b813f72dbb91}\\SaferFlags -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{7fb9cd2e-3076-4df9-a57b-b813f72dbb91}\\HashAlg -> 32771 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{7fb9cd2e-3076-4df9-a57b-b813f72dbb91}\\ItemData -> g°Ô‹4:?Ó¼éÜdgó” ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{7fb9cd2e-3076-4df9-a57b-b813f72dbb91}\\LastModified -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{7fb9cd2e-3076-4df9-a57b-b813f72dbb91}\\ItemSize -> ; ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{81d1fe15-dd9d-4762-b16d-7c29ddecae3f}\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{81d1fe15-dd9d-4762-b16d-7c29ddecae3f}\\Description -> Stop the download of this file ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{81d1fe15-dd9d-4762-b16d-7c29ddecae3f}\\FriendlyName -> mdac20_a.cab ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{81d1fe15-dd9d-4762-b16d-7c29ddecae3f}\\SaferFlags -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{81d1fe15-dd9d-4762-b16d-7c29ddecae3f}\\HashAlg -> 32771 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{81d1fe15-dd9d-4762-b16d-7c29ddecae3f}\\ItemData -> 2xÜþøÈ“ÜŠ°Ý„} ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{81d1fe15-dd9d-4762-b16d-7c29ddecae3f}\\LastModified -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{81d1fe15-dd9d-4762-b16d-7c29ddecae3f}\\ItemSize -> –; ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{94e3e076-8f53-42a5-8411-085bcc18a68d}\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{94e3e076-8f53-42a5-8411-085bcc18a68d}\\Description -> Stop the download of this file ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{94e3e076-8f53-42a5-8411-085bcc18a68d}\\FriendlyName -> _msadc10.cab ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{94e3e076-8f53-42a5-8411-085bcc18a68d}\\SaferFlags -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{94e3e076-8f53-42a5-8411-085bcc18a68d}\\HashAlg -> 32771 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{94e3e076-8f53-42a5-8411-085bcc18a68d}\\ItemData -> ½š*ÛBëØV%Mø/g ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{94e3e076-8f53-42a5-8411-085bcc18a68d}\\LastModified -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{94e3e076-8f53-42a5-8411-085bcc18a68d}\\ItemSize -> å; ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{dc971ee5-44eb-4fe4-ae2e-b91490411bfc}\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{dc971ee5-44eb-4fe4-ae2e-b91490411bfc}\\Description -> Stop the download of this file ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{dc971ee5-44eb-4fe4-ae2e-b91490411bfc}\\FriendlyName -> msadc11.cab ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{dc971ee5-44eb-4fe4-ae2e-b91490411bfc}\\SaferFlags -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{dc971ee5-44eb-4fe4-ae2e-b91490411bfc}\\HashAlg -> 32771 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{dc971ee5-44eb-4fe4-ae2e-b91490411bfc}\\ItemData -> 8k_„ìöiÓk•j"À€ ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{dc971ee5-44eb-4fe4-ae2e-b91490411bfc}\\LastModified -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{dc971ee5-44eb-4fe4-ae2e-b91490411bfc}\\ItemSize -> r
; ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Paths\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Paths\{dda3f824-d8cb-441b-834d-be2efd2c1a33}\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Paths\{dda3f824-d8cb-441b-834d-be2efd2c1a33}\\Description -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Paths\{dda3f824-d8cb-441b-834d-be2efd2c1a33}\\SaferFlags -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Paths\{dda3f824-d8cb-441b-834d-be2efd2c1a33}\\ItemData -> %HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Cache%OLK* ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Paths\{dda3f824-d8cb-441b-834d-be2efd2c1a33}\\LastModified -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows NT\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows NT\Terminal Services\ -> ->
< Software Policy Settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\policies\
HKEY_CURRENT_USER\Software\Policies\ -> ->
HKEY_CURRENT_USER\Software\Policies\Microsoft\ -> ->
HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\ -> ->
HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ -> ->
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\ -> ->
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System\ -> ->
< HOSTS File > (27 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts
127.0.0.1 localhost -> ->
< Internet Explorer Settings > ->
HKLM: Default_Page_URL -> http://go.microsoft.com/fwlink/?LinkId=69157 ->
HKLM: Main\\Default_Search_URL -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKLM: Local Page -> %SystemRoot%\system32\blank.htm ->
HKLM: Search Page -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKLM: Start Page -> about:blank ->
HKLM: CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKLM: SearchAssistant -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm ->
HKCU: Local Page -> C:\WINDOWS\system32\blank.htm ->
HKCU: Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch ->
HKCU: Start Page -> http://www.elisa.net/ ->
HKCU: ProxyEnable -> 0 ->
< Trusted Sites > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\
msn.com [ - ] -> ->
< Trusted Sites > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\
www.msi_com.tw [http] -> ->
download.windowsupdate_microsoft.com [https] -> ->
update_microsoft.com [https] -> ->
< BHO's > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> %CommonProgramFiles%\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe PDF Reader -linkkiavustaja] -> Adobe Systems Incorporated [Ver = 8.0.0.2006102200 | Size = 62080 bytes | Modified Date = 23.10.2006 0:08:42 | Attr = ]
{22BF413B-C6D2-4d91-82A9-A0F997BA588C} [HKLM] -> %ProgramFiles%\Skype\Phone\IEPlugin\SkypeIEPlugin.dll [Skype add-on (mastermind)] -> Skype Technologies S.A. [Ver = 2, 2, 0, 78 | Size = 722472 bytes | Modified Date = 30.3.2007 13:31:02 | Attr = ]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_01\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 6.0.10.6 | Size = 501400 bytes | Modified Date = 14.3.2007 3:43:40 | Attr = ]
{9ECB9560-04F9-4bbc-943D-298DDF1699E1} [HKLM] -> %CommonProgramFiles%\Symantec Shared\AdBlocking\NISShExt.dll [CNisExtBho Class] -> Symantec Corporation [Ver = 9.0.0.73 | Size = 94336 bytes | Modified Date = 24.9.2005 23:20:26 | Attr = ]
{A8F38D8D-E480-4D52-B7A2-731BB6995FDD} [HKLM] -> %ProgramFiles%\Norton Internet Security\Norton AntiVirus\NAVSHEXT.DLL [CNavExtBho Class] -> Symantec Corporation [Ver = 12.7.0.2 | Size = 140912 bytes | Modified Date = 24.4.2007 11:20:34 | Attr = ]
{DB87CDE1-EF9C-44EB-A42F-6D0B3C72C516} [HKLM] -> %ProgramFiles%\Elisa\Avustaja\IEFixItNowPlugin.dll [Elisa Avustaja Plugin] -> Elisa [Ver = 1.0.0.1 | Size = 108648 bytes | Modified Date = 20.2.2007 18:39:18 | Attr = ]
< Internet Explorer ToolBars [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar
{0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} [HKLM] -> %CommonProgramFiles%\Symantec Shared\AdBlocking\NISShExt.dll [Norton Internet Security 2006] -> Symantec Corporation [Ver = 9.0.0.73 | Size = 94336 bytes | Modified Date = 24.9.2005 23:20:26 | Attr = ]
{C4069E3A-68F1-403E-B40E-20066696354B} [HKLM] -> %ProgramFiles%\Norton Internet Security\Norton AntiVirus\NAVSHEXT.DLL [Norton AntiVirus] -> Symantec Corporation [Ver = 12.7.0.2 | Size = 140912 bytes | Modified Date = 24.4.2007 11:20:34 | Attr = ]
< Internet Explorer ToolBars [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\
ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
WebBrowser\\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} [HKLM] -> %CommonProgramFiles%\Symantec Shared\AdBlocking\NISShExt.dll [Norton Internet Security 2006] -> Symantec Corporation [Ver = 9.0.0.73 | Size = 94336 bytes | Modified Date = 24.9.2005 23:20:26 | Attr = ]
WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
WebBrowser\\{C4069E3A-68F1-403E-B40E-20066696354B} [HKLM] -> %ProgramFiles%\Norton Internet Security\Norton AntiVirus\NAVSHEXT.DLL [Norton AntiVirus] -> Symantec Corporation [Ver = 12.7.0.2 | Size = 140912 bytes | Modified Date = 24.4.2007 11:20:34 | Attr = ]
< Internet Explorer Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_01\bin\npjpi160_01.dll [MenuText: Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.10.6 | Size = 132760 bytes | Modified Date = 14.3.2007 3:43:42 | Attr = ]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKCU] -> %ProgramFiles%\Java\jre1.6.0_01\bin\ssv.dll [MenuText: Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.10.6 | Size = 501400 bytes | Modified Date = 14.3.2007 3:43:40 | Attr = ]
{77BF5300-1474-4EC7-9980-D32B190E9B07} -> Reg Data - Value does not exist [ButtonText: Skype] -> File not found
{92780B25-18CC-41C8-B9BE-3C9C571A8263} -> Reg Data - Value does not exist [ButtonText: Oheistiedot] -> File not found
{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> Reg Data - Key not found [MenuText: @xpsp3res.dll,-20001] -> File not found
< Internet Explorer Menu Extensions [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\
&Windows Live Search -> %ProgramFiles%\Windows Live Toolbar\msntb.dll\search.htm -> File not found
Vie Microsoft E&xceliin -> -> File not found
< DNS Name Servers [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\
{455A36A4-D3F1-4F89-97C8-5518EEFB5400} -> (1394-verkkosovitin) ->
{47EBE050-386D-45A9-8F37-B81E59057B3D} -> (ULi PCI Fast Ethernet Controller) ->
{EAA5EBCA-151D-4003-9096-3FDD179E2462} -> () ->
< Protocol Handlers [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\
ipp -> Reg Data - Key not found -> File not found
msdaipp -> Reg Data - Key not found -> File not found
skype4com -> %CommonProgramFiles%\Skype\Skype4COM.dll -> Skype Technologies [Ver = 1, 0, 27, 0 | Size = 1828440 bytes | Modified Date = 12.1.2007 12:50:48 | Attr = R ]
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\
{0A5FD7C5-A45C-49FC-ADB5-9952547D5715} -> Creative Software AutoUpdate - CodeBase = http://www.creative.com/su/ocx/15026/CTSUEng.cab ->
{17492023-C23A-453E-A040-C7C580BBF700} -> Windows Genuine Advantage Validation Tool - CodeBase = http://download.microsoft.com/downl...-40e1-a617-af65a72a0465/LegitCheckControl.cab ->
{2AF5BD25-90C5-4EEC-88C5-B44DC2905D8B} -> DownloadManager Control - CodeBase = http://dlmanager.akamaitools.com.edgesuite.net/dlmanager/versions/activex/dlm-activex-2.0.6.0.cab ->
{3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} -> Office Update Installation Engine - CodeBase = http://office.microsoft.com/officeupdate/content/opuc3.cab ->
{6414512B-B978-451D-A0D8-FCFDF33E833C} -> WUWebControl Class - CodeBase = http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1144329817191 ->
{8167C273-DF59-4416-B647-C8BB2C7EE83E} -> WebSDev Control - CodeBase = http://tw.msi.com.tw/autobios/LOnline/install.cab ->
{86A88967-7A20-11D2-8EDA-00600818EDB1} -> ParallelGraphics Cortona Control - CodeBase = http://www.parallelgraphics.com/l2/bin/cortvrml.cab ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} -> Java Plug-in 1.6.0_01 - CodeBase = http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab ->
{B38870E4-7ECB-40DA-8C6A-595F0A5519FF} -> MsnMessengerSetupDownloadControl Class - CodeBase = http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab ->
{C7DB51B4-BCF7-4923-8874-7F1A0DC92277} -> Office Update Installation Engine - CodeBase = http://office.microsoft.com/officeupdate/content/opuc4.cab ->
{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_06 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab ->
{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_09 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab ->
{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_11 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab ->
{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} -> Java Plug-in 1.6.0_01 - CodeBase = http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -> Java Plug-in 1.6.0_01 - CodeBase = http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab ->
{D27CDB6E-AE6D-11CF-96B8-444553540000} -> - CodeBase = http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab ->
{F6ACF75C-C32C-447B-9BEF-46B766368D29} -> Creative Software AutoUpdate Support Package - CodeBase = http://www.creative.com/su/ocx/15028/CTPID.cab ->

[Files/Folders - Created Within 30 days]
23990098.$$$ -> %SystemDrive%\23990098.$$$ -> [Ver = | Size = 96 bytes | Created Date = 16.5.2007 18:52:14 | Attr = ]
8b97477084ac6188e7cb8220 -> %SystemDrive%\8b97477084ac6188e7cb8220 -> [Folder | Created Date = 17.5.2007 10:09:17 | Attr = ]
BOOT.BAK -> %SystemDrive%\BOOT.BAK -> [Ver = | Size = 211 bytes | Created Date = 16.5.2007 21:35:07 | Attr = RHS]
cmdcons -> %SystemDrive%\cmdcons -> [Folder | Created Date = 16.5.2007 21:34:47 | Attr = RHS]
ComboFix -> %SystemDrive%\ComboFix -> [Folder | Created Date = 18.5.2007 13:55:33 | Attr = ]
ezcddax10.exe -> %SystemDrive%\ezcddax10.exe -> [Ver = 7.0.6.1 | Size = 7716863 bytes | Created Date = 17.5.2007 11:35:39 | Attr = ]
@Alternate Data Stream - 26 bytes -> %SystemDrive%\ezcddax10.exe:Zone.Identifier ->
Firefox Setup 2.0.0.3.exe -> %SystemDrive%\Firefox Setup 2.0.0.3.exe -> Mozilla [Ver = 4.42 | Size = 5807760 bytes | Created Date = 16.5.2007 19:14:41 | Attr = ]
@Alternate Data Stream - 26 bytes -> %SystemDrive%\Firefox Setup 2.0.0.3.exe:Zone.Identifier ->
hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 1073008640 bytes | Created Date = 2.1.1601 22:00:00 | Attr = HS]
Kaspersky -> %SystemDrive%\Kaspersky -> [Folder | Created Date = 16.5.2007 18:44:39 | Attr = ]
mwav.exe -> %SystemDrive%\mwav.exe -> [Ver = | Size = 15742976 bytes | Created Date = 17.5.2007 9:57:08 | Attr = ]
@Alternate Data Stream - 26 bytes -> %SystemDrive%\mwav.exe:Zone.Identifier ->
Nokia_N95-1_UG_fi.pdf -> %SystemDrive%\Nokia_N95-1_UG_fi.pdf -> [Ver = | Size = 2443087 bytes | Created Date = 16.5.2007 18:32:54 | Attr = ]
@Alternate Data Stream - 26 bytes -> %SystemDrive%\Nokia_N95-1_UG_fi.pdf:Zone.Identifier ->
QooBox -> %SystemDrive%\QooBox -> [Folder | Created Date = 18.5.2007 14:03:39 | Attr = ]
regc.exe -> %SystemDrive%\regc.exe -> [Ver = | Size = 393920 bytes | Created Date = 16.5.2007 19:12:27 | Attr = ]
@Alternate Data Stream - 26 bytes -> %SystemDrive%\regc.exe:Zone.Identifier ->
RegSeeker.zip -> %SystemDrive%\RegSeeker.zip -> [Ver = | Size = 468541 bytes | Created Date = 17.5.2007 9:34:07 | Attr = ]
@Alternate Data Stream - 26 bytes -> %SystemDrive%\RegSeeker.zip:Zone.Identifier ->
rekisteri -> %SystemDrive%\rekisteri -> [Folder | Created Date = 17.5.2007 9:34:58 | Attr = ]
Uusi kansio (3) -> %SystemDrive%\Uusi kansio (3) -> [Folder | Created Date = 17.5.2007 8:08:17 | Attr = ]
$NtUninstallKB929969$ -> %SystemRoot%\$NtUninstallKB929969$ -> [Folder | Created Date = 15.5.2007 18:54:12 | Attr = H ]
$NtUninstallKB930916$ -> %SystemRoot%\$NtUninstallKB930916$ -> [Folder | Created Date = 12.5.2007 16:30:26 | Attr = H ]
$NtUninstallKB931768$ -> %SystemRoot%\$NtUninstallKB931768$ -> [Folder | Created Date = 15.5.2007 19:18:22 | Attr = H ]
000001_.tmp -> %SystemRoot%\000001_.tmp -> [Ver = | Size = 19528 bytes | Created Date = 17.5.2007 13:10:01 | Attr = ]
catchme.exe -> %SystemRoot%\catchme.exe -> [Ver = | Size = 86528 bytes | Created Date = 18.5.2007 14:27:21 | Attr = ]
erdnt -> %SystemRoot%\erdnt -> [Folder | Created Date = 18.5.2007 14:05:37 | Attr = ]
ie7 -> %SystemRoot%\ie7 -> [Folder | Created Date = 17.5.2007 9:48:51 | Attr = H ]
nircmd.exe -> %SystemRoot%\nircmd.exe -> NirSoft [Ver = 1.85 | Size = 49152 bytes | Created Date = 18.5.2007 14:27:21 | Attr = ]
Prefetch -> %SystemRoot%\Prefetch -> [Folder | Created Date = 16.5.2007 15:03:58 | Attr = ]
setup.pss -> %SystemRoot%\setup.pss -> [Folder | Created Date = 16.5.2007 21:34:45 | Attr = ]
slrundll.exe -> %SystemRoot%\slrundll.exe -> Smart Link [Ver = 3.80.01MC15 | Size = 32866 bytes | Created Date = 17.5.2007 13:22:43 | Attr = ]
ati2cqag.dll -> %System32%\ati2cqag.dll -> ATI Technologies Inc. [Ver = 6.14.10.0233 | Size = 229376 bytes | Created Date = 17.5.2007 13:22:46 | Attr = ]
ati2dvaa.dll -> %System32%\ati2dvaa.dll -> ATI Technologies Inc. [Ver = 6.13.10.5019 | Size = 377984 bytes | Created Date = 17.5.2007 13:22:46 | Attr = ]
ati2dvag.dll -> %System32%\ati2dvag.dll -> ATI Technologies Inc. [Ver = 6.14.10.6462 | Size = 201728 bytes | Created Date = 17.5.2007 13:22:46 | Attr = ]
ati3d1ag.dll -> %System32%\ati3d1ag.dll -> ATI Technologies Inc. [Ver = 6.14.10.4071 | Size = 870784 bytes | Created Date = 17.5.2007 13:22:46 | Attr = ]
ati3duag.dll -> %System32%\ati3duag.dll -> ATI Technologies Inc. [Ver = 6.14.10.0231 | Size = 1888992 bytes | Created Date = 17.5.2007 13:22:45 | Attr = ]
ativdaxx.ax -> %System32%\ativdaxx.ax -> ATI Technologies Inc. [Ver = 6.14.10.6238 | Size = 9728 bytes | Created Date = 17.5.2007 13:22:45 | Attr = ]
ativmvxx.ax -> %System32%\ativmvxx.ax -> ATI Technologies Inc. [Ver = 6.14.10.6238 | Size = 23040 bytes | Created Date = 17.5.2007 13:22:45 | Attr = ]
ativtmxx.dll -> %System32%\ativtmxx.dll -> ATI Technologies Inc. [Ver = 6.14.10.6238 | Size = 32768 bytes | Created Date = 17.5.2007 13:22:45 | Attr = ]
ativvaxx.dll -> %System32%\ativvaxx.dll -> ATI Technologies Inc. [Ver = 6.14.01.0009 | Size = 516768 bytes | Created Date = 17.5.2007 13:22:45 | Attr = ]
DivX.dll -> %System32%\DivX.dll -> DivX, Inc. [Ver = 6.6.1.1 | Size = 740442 bytes | Created Date = 11.5.2007 6:37:15 | Attr = ]
DivXCodecUpdateChecker.exe -> %System32%\DivXCodecUpdateChecker.exe -> DivX, Inc. [Ver = 6, 2, 5, 7 | Size = 124472 bytes | Created Date = 23.4.2007 2:01:46 | Attr = ]
divxdec.ax -> %System32%\divxdec.ax -> DivX, Inc. [Ver = 6.6.1.1 | Size = 638976 bytes | Created Date = 11.5.2007 3:32:25 | Attr = ]
DivXMedia.ax -> %System32%\DivXMedia.ax -> DivXNetworks [Ver = 0.0.0.028 | Size = 352401 bytes | Created Date = 23.4.2007 2:02:12 | Attr = ]
DivXsm.exe -> %System32%\DivXsm.exe -> DivX Inc. [Ver = 6, 6, 1, 1 | Size = 524288 bytes | Created Date = 11.5.2007 19:54:15 | Attr = ]
divxsm.tlb -> %System32%\divxsm.tlb -> [Ver = | Size = 4816 bytes | Created Date = 11.5.2007 19:54:15 | Attr = ]
DivXWMPExtType.dll -> %System32%\DivXWMPExtType.dll -> [Ver = | Size = 12288 bytes | Created Date = 23.4.2007 2:01:47 | Attr = ]
divx_xx07.dll -> %System32%\divx_xx07.dll -> DivX, Inc. [Ver = 6.6.1.1 | Size = 823296 bytes | Created Date = 11.5.2007 6:37:15 | Attr = ]
divx_xx0c.dll -> %System32%\divx_xx0c.dll -> DivX, Inc. [Ver = 6.6.1.1 | Size = 823296 bytes | Created Date = 11.5.2007 6:37:15 | Attr = ]
divx_xx11.dll -> %System32%\divx_xx11.dll -> DivX, Inc. [Ver = 6.6.1.1 | Size = 802816 bytes | Created Date = 11.5.2007 6:37:15 | Attr = ]
dpu10.dll -> %System32%\dpu10.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 294912 bytes | Created Date = 23.4.2007 2:02:31 | Attr = ]
dpuGUI10.dll -> %System32%\dpuGUI10.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 53248 bytes | Created Date = 23.4.2007 2:02:33 | Attr = ]
dpus11.dll -> %System32%\dpus11.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 344064 bytes | Created Date = 23.4.2007 2:02:31 | Attr = ]
dtu100.dll -> %System32%\dtu100.dll -> DivX, Inc. [Ver = 1, 2, 0, 12 | Size = 196608 bytes | Created Date = 23.4.2007 2:02:34 | Attr = ]
GDIPFONTCACHEV1.DAT -> %System32%\GDIPFONTCACHEV1.DAT -> [Ver = | Size = 89632 bytes | Created Date = 16.5.2007 13:34:29 | Attr = ]
hsfcisp2.dll -> %System32%\hsfcisp2.dll -> Conexant Systems, Inc. [Ver = 7.12.09 | Size = 32285 bytes | Created Date = 17.5.2007 13:22:44 | Attr = ]
java.exe -> %System32%\java.exe -> Sun Microsystems, Inc. [Ver = 6.0.10.6 | Size = 135168 bytes | Created Date = 16.5.2007 18:35:58 | Attr = ]
javacpl.cpl -> %System32%\javacpl.cpl -> Sun Microsystems, Inc. [Ver = 6.0.10.6 | Size = 69632 bytes | Created Date = 16.5.2007 18:35:59 | Attr = ]
javaw.exe -> %System32%\javaw.exe -> Sun Microsystems, Inc. [Ver = 6.0.10.6 | Size = 135168 bytes | Created Date = 16.5.2007 18:35:58 | Attr = ]
javaws.exe -> %System32%\javaws.exe -> Sun Microsystems, Inc. [Ver = 6.0.10.6 | Size = 139264 bytes | Created Date = 16.5.2007 18:35:58 | Attr = ]
mdmxsdk.dll -> %System32%\mdmxsdk.dll -> Conexant [Ver = 1.0.2.006 | Size = 86016 bytes | Created Date = 17.5.2007 13:22:44 | Attr = ]
moveex.exe -> %System32%\moveex.exe -> [Ver = | Size = 38400 bytes | Created Date = 18.5.2007 14:27:21 | Attr = ]
mtxparhd.dll -> %System32%\mtxparhd.dll -> Matrox Graphics Inc. [Ver = 6.13.01.1296 | Size = 1737856 bytes | Created Date = 17.5.2007 13:22:44 | Attr = ]
pxafs.dll -> %System32%\pxafs.dll -> Sonic Solutions [Ver = 3.4.46.500 | Size = 129784 bytes | Created Date = 16.5.2007 21:44:56 | Attr = ]
relog_ap.dll -> %System32%\relog_ap.dll -> Acronis [Ver = 1,0,0,10 | Size = 14368 bytes | Created Date = 12.5.2007 20:45:19 | Attr = ]
s3gnb.dll -> %System32%\s3gnb.dll -> S3 Graphics, Inc. [Ver = 6.14.10.0012-13.94.12 | Size = 397056 bytes | Created Date = 17.5.2007 13:22:43 | Attr = ]
slcoinst.dll -> %System32%\slcoinst.dll -> Smart Link [Ver = 3.80.01MC15 | Size = 73832 bytes | Created Date = 17.5.2007 13:22:43 | Attr = ]
slextspk.dll -> %System32%\slextspk.dll -> Smart Link [Ver = 3.80.01MC15 | Size = 286792 bytes | Created Date = 17.5.2007 13:22:43 | Attr = ]
slgen.dll -> %System32%\slgen.dll -> Smart Link [Ver = 3.80.01MC15 | Size = 188508 bytes | Created Date = 17.5.2007 13:22:43 | Attr = ]
slrundll.exe -> %System32%\slrundll.exe -> Smart Link [Ver = 3.80.01MC15 | Size = 32866 bytes | Created Date = 17.5.2007 13:22:43 | Attr = ]
slserv.exe -> %System32%\slserv.exe -> Smart Link [Ver = 3.80.01MC15 | Size = 73796 bytes | Created Date = 17.5.2007 13:22:43 | Attr = ]
swreg.exe -> %System32%\swreg.exe -> SteelWerX [Ver = 2.0.1.6 | Size = 428032 bytes | Created Date = 18.5.2007 14:27:21 | Attr = ]
swsc.exe -> %System32%\swsc.exe -> SteelWerX [Ver = 2.0.0.0 | Size = 370688 bytes | Created Date = 18.5.2007 14:27:21 | Attr = ]
swxcacls.exe -> %System32%\swxcacls.exe -> SteelWerX [Ver = 1.0.1.1 | Size = 212480 bytes | Created Date = 18.5.2007 14:27:21 | Attr = ]
vfind.exe -> %System32%\vfind.exe -> [Ver = | Size = 49152 bytes | Created Date = 18.5.2007 14:27:21 | Attr = ]
adv01nt5.dll -> %System32%\drivers\adv01nt5.dll -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 4255 bytes | Created Date = 17.5.2007 13:23:00 | Attr = ]
adv02nt5.dll -> %System32%\drivers\adv02nt5.dll -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 3967 bytes | Created Date = 17.5.2007 13:23:00 | Attr = ]
adv05nt5.dll -> %System32%\drivers\adv05nt5.dll -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 3615 bytes | Created Date = 17.5.2007 13:23:00 | Attr = ]
adv07nt5.dll -> %System32%\drivers\adv07nt5.dll -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 3647 bytes | Created Date = 17.5.2007 13:23:00 | Attr = ]
adv08nt5.dll -> %System32%\drivers\adv08nt5.dll -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 3135 bytes | Created Date = 17.5.2007 13:23:00 | Attr = ]
adv09nt5.dll -> %System32%\drivers\adv09nt5.dll -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 3711 bytes | Created Date = 17.5.2007 13:23:00 | Attr = ]
adv11nt5.dll -> %System32%\drivers\adv11nt5.dll -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 3775 bytes | Created Date = 17.5.2007 13:23:00 | Attr = ]
ati1btxx.sys -> %System32%\drivers\ati1btxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 56623 bytes | Created Date = 17.5.2007 13:23:00 | Attr = ]
ati1mdxx.sys -> %System32%\drivers\ati1mdxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 11615 bytes | Created Date = 17.5.2007 13:23:00 | Attr = ]
ati1pdxx.sys -> %System32%\drivers\ati1pdxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 12047 bytes | Created Date = 17.5.2007 13:23:00 | Attr = ]
ati1raxx.sys -> %System32%\drivers\ati1raxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 30671 bytes | Created Date = 17.5.2007 13:23:00 | Attr = ]
ati1rvxx.sys -> %System32%\drivers\ati1rvxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 63663 bytes | Created Date = 17.5.2007 13:23:00 | Attr = ]
ati1snxx.sys -> %System32%\drivers\ati1snxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 26367 bytes | Created Date = 17.5.2007 13:23:00 | Attr = ]
ati1ttxx.sys -> %System32%\drivers\ati1ttxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 21343 bytes | Created Date = 17.5.2007 13:23:00 | Attr = ]
ati1tuxx.sys -> %System32%\drivers\ati1tuxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 36463 bytes | Created Date = 17.5.2007 13:23:00 | Attr = ]
ati1xbxx.sys -> %System32%\drivers\ati1xbxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 29455 bytes | Created Date = 17.5.2007 13:23:00 | Attr = ]
ati1xsxx.sys -> %System32%\drivers\ati1xsxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 34735 bytes | Created Date = 17.5.2007 13:23:00 | Attr = ]
ati2mtaa.sys -> %System32%\drivers\ati2mtaa.sys -> ATI Technologies Inc. [Ver = 6.13.10.5019 | Size = 326912 bytes | Created Date = 17.5.2007 13:22:59 | Attr = ]
ati2mtag.sys -> %System32%\drivers\ati2mtag.sys -> ATI Technologies Inc. [Ver = 6.14.10.6462 | Size = 701440 bytes | Created Date = 17.5.2007 13:22:59 | Attr = ]
atinbtxx.sys -> %System32%\drivers\atinbtxx.sys -> ATI Technologies Inc. [Ver = 6.14.10.6238 | Size = 57856 bytes | Created Date = 17.5.2007 13:22:59 | Attr = ]
atinmdxx.sys -> %System32%\drivers\atinmdxx.sys -> ATI Technologies Inc. [Ver = 6.14.10.6238 | Size = 13824 bytes | Created Date = 17.5.2007 13:22:59 | Attr = ]
atinpdxx.sys -> %System32%\drivers\atinpdxx.sys -> ATI Technologies Inc. [Ver = 6.14.10.6238 | Size = 14336 bytes | Created Date = 17.5.2007 13:22:59 | Attr = ]
atinraxx.sys -> %System32%\drivers\atinraxx.sys -> ATI Technologies Inc. [Ver = 6.14.10.6238 | Size = 52224 bytes | Created Date = 17.5.2007 13:22:59 | Attr = ]
atinrvxx.sys -> %System32%\drivers\atinrvxx.sys -> ATI Technologies Inc. [Ver = 6.14.10.6238 | Size = 104960 bytes | Created Date = 17.5.2007 13:22:59 | Attr = ]
atinsnxx.sys -> %System32%\drivers\atinsnxx.sys -> ATI Technologies Inc. [Ver = 6.14.10.6238 | Size = 28672 bytes | Created Date = 17.5.2007 13:22:59 | Attr = ]
atinttxx.sys -> %System32%\drivers\atinttxx.sys -> ATI Technologies Inc. [Ver = 6.14.10.6238 | Size = 13824 bytes | Created Date = 17.5.2007 13:22:59 | Attr = ]
atintuxx.sys -> %System32%\drivers\atintuxx.sys -> ATI Technologies Inc. [Ver = 6.14.10.6238 | Size = 73216 bytes | Created Date = 17.5.2007 13:22:59 | Attr = ]
atinxbxx.sys -> %System32%\drivers\atinxbxx.sys -> ATI Technologies Inc. [Ver = 6.14.10.6238 | Size = 31744 bytes | Created Date = 17.5.2007 13:22:59 | Attr = ]
atinxsxx.sys -> %System32%\drivers\atinxsxx.sys -> ATI Technologies Inc. [Ver = 6.14.10.6238 | Size = 63488 bytes | Created Date = 17.5.2007 13:22:59 | Attr = ]
ativmc20.cod -> %System32%\drivers\ativmc20.cod -> [Ver = | Size = 64352 bytes | Created Date = 17.5.2007 13:22:59 | Attr = ]
atv01nt5.dll -> %System32%\drivers\atv01nt5.dll -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 21183 bytes | Created Date = 17.5.2007 13:22:59 | Attr = ]
atv02nt5.dll -> %System32%\drivers\atv02nt5.dll -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 11359 bytes | Created Date = 17.5.2007 13:22:59 | Attr = ]
atv04nt5.dll -> %System32%\drivers\atv04nt5.dll -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 25471 bytes | Created Date = 17.5.2007 13:22:59 | Attr = ]
atv06nt5.dll -> %System32%\drivers\atv06nt5.dll -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 14143 bytes | Created Date = 17.5.2007 13:22:59 | Attr = ]
atv10nt5.dll -> %System32%\drivers\atv10nt5.dll -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 17279 bytes | Created Date = 17.5.2007 13:22:59 | Attr = ]
AvgAsCln.sys -> %System32%\drivers\AvgAsCln.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 3968 bytes | Created Date = 18.5.2007 15:23:46 | Attr = ]
cdr4_xp.sys -> %System32%\drivers\cdr4_xp.sys -> Sonic Solutions [Ver = 8.0.0.212 | Size = 2432 bytes | Created Date = 16.5.2007 21:45:02 | Attr = ]
cdralw2k.sys -> %System32%\drivers\cdralw2k.sys -> Sonic Solutions [Ver = 8.0.0.212 | Size = 2560 bytes | Created Date = 16.5.2007 21:45:02 | Attr = ]
ch7xxnt5.dll -> %System32%\drivers\ch7xxnt5.dll -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 15423 bytes | Created Date = 17.5.2007 13:22:58 | Attr = ]
cxthsfs2.cty -> %System32%\drivers\cxthsfs2.cty -> [Ver = | Size = 129045 bytes | Created Date = 17.5.2007 13:22:56 | Attr = ]
hsfbs2s2.sys -> %System32%\drivers\hsfbs2s2.sys -> Conexant Systems, Inc. [Ver = 7.12.09 | Size = 220032 bytes | Created Date = 17.5.2007 13:22:55 | Attr = ]
hsfcxts2.sys -> %System32%\drivers\hsfcxts2.sys -> Conexant Systems, Inc. [Ver = 7.12.09 built by: WinDDK | Size = 685056 bytes | Created Date = 17.5.2007 13:22:55 | Attr = ]
hsfdpsp2.sys -> %System32%\drivers\hsfdpsp2.sys -> Conexant Systems, Inc. [Ver = 7.12.09 | Size = 1041536 bytes | Created Date = 17.5.2007 13:22:55 | Attr = ]
mdmxsdk.sys -> %System32%\drivers\mdmxsdk.sys -> Conexant [Ver = 1.0.2.006 | Size = 11868 bytes | Created Date = 17.5.2007 13:22:55 | Attr = ]
mtlmnt5.sys -> %System32%\drivers\mtlmnt5.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 126686 bytes | Created Date = 17.5.2007 13:22:54 | Attr = ]
mtlstrm.sys -> %System32%\drivers\mtlstrm.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 1309184 bytes | Created Date = 17.5.2007 13:22:53 | Attr = ]
mtxparhm.sys -> %System32%\drivers\mtxparhm.sys -> Matrox Graphics Inc. [Ver = 6.13.01.1296 | Size = 452736 bytes | Created Date = 17.5.2007 13:22:53 | Attr = ]
netwlan5.img -> %System32%\drivers\netwlan5.img -> [Ver = | Size = 67866 bytes | Created Date = 17.5.2007 13:22:52 | Attr = ]
ntmtlfax.sys -> %System32%\drivers\ntmtlfax.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 180360 bytes | Created Date = 17.5.2007 13:22:52 | Attr = ]
recagent.sys -> %System32%\drivers\recagent.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 13776 bytes | Created Date = 17.5.2007 13:22:52 | Attr = ]
s3gnbm.sys -> %System32%\drivers\s3gnbm.sys -> S3 Graphics, Inc. [Ver = 6.14.10.0012-13.94.12 | Size = 166912 bytes | Created Date = 17.5.2007 13:22:51 | Attr = ]
siint5.dll -> %System32%\drivers\siint5.dll -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 3901 bytes | Created Date = 17.5.2007 13:22:51 | Attr = ]
slnt7554.sys -> %System32%\drivers\slnt7554.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 129535 bytes | Created Date = 17.5.2007 13:22:51 | Attr = ]
slntamr.sys -> %System32%\drivers\slntamr.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 404990 bytes | Created Date = 17.5.2007 13:22:51 | Attr = ]
slnthal.sys -> %System32%\drivers\slnthal.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 95424 bytes | Created Date = 17.5.2007 13:22:51 | Attr = ]
slwdmsup.sys -> %System32%\drivers\slwdmsup.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 13240 bytes | Created Date = 17.5.2007 13:22:51 | Attr = ]
vchnt5.dll -> %System32%\drivers\vchnt5.dll -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 11325 bytes | Created Date = 17.5.2007 13:22:51 | Attr = ]
wadv07nt.sys -> %System32%\drivers\wadv07nt.sys -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 11807 bytes | Created Date = 17.5.2007 13:22:51 | Attr = ]
wadv08nt.sys -> %System32%\drivers\wadv08nt.sys -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 11295 bytes | Created Date = 17.5.2007 13:22:51 | Attr = ]
wadv09nt.sys -> %System32%\drivers\wadv09nt.sys -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 11871 bytes | Created Date = 17.5.2007 13:22:51 | Attr = ]
wadv11nt.sys -> %System32%\drivers\wadv11nt.sys -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 11935 bytes | Created Date = 17.5.2007 13:22:51 | Attr = ]
watv06nt.sys -> %System32%\drivers\watv06nt.sys -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 22271 bytes | Created Date = 17.5.2007 13:22:51 | Attr = ]
watv10nt.sys -> %System32%\drivers\watv10nt.sys -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 25471 bytes | Created Date = 17.5.2007 13:22:46 | Attr = ]

[Files/Folders - Modified Within 30 days]
23990098.$$$ -> %SystemDrive%\23990098.$$$ -> [Ver = | Size = 96 bytes | Modified Date = 16.5.2007 19:52:16 | Attr = ]
8b97477084ac6188e7cb8220 -> %SystemDrive%\8b97477084ac6188e7cb8220 -> [Folder | Modified Date = 17.5.2007 11:09:20 | Attr = ]
AMMATTI -> %SystemDrive%\AMMATTI -> [Folder | Modified Date = 16.5.2007 14:22:40 | Attr = ]
BOOT.BAK -> %SystemDrive%\BOOT.BAK -> [Ver = | Size = 211 bytes | Modified Date = 17.5.2007 14:28:48 | Attr = RHS]
boot.ini -> %SystemDrive%\boot.ini -> [Ver = | Size = 286 bytes | Modified Date = 16.5.2007 22:35:10 | Attr = RHS]
cmdcons -> %SystemDrive%\cmdcons -> [Folder | Modified Date = 16.5.2007 22:35:10 | Attr = RHS]
ComboFix -> %SystemDrive%\ComboFix -> [Folder | Modified Date = 18.5.2007 15:28:46 | Attr = ]
Config.Msi -> %SystemDrive%\Config.Msi -> [Folder | Modified Date = 16.5.2007 19:50:44 | Attr = ]
Documents and Settings -> %SystemDrive%\Documents and Settings -> [Folder | Modified Date = 17.5.2007 8:50:30 | Attr = ]
epc -> %SystemDrive%\epc -> [Folder | Modified Date = 9.5.2007 19:34:30 | Attr = ]
ezcddax10.exe -> %SystemDrive%\ezcddax10.exe -> [Ver = 7.0.6.1 | Size = 7716863 bytes | Modified Date = 17.5.2007 12:37:44 | Attr = ]
@Alternate Data Stream - 26 bytes -> %SystemDrive%\ezcddax10.exe:Zone.Identifier ->
Firefox Setup 2.0.0.3.exe -> %SystemDrive%\Firefox Setup 2.0.0.3.exe -> Mozilla [Ver = 4.42 | Size = 5807760 bytes | Modified Date = 16.5.2007 20:23:18 | Attr = ]
@Alternate Data Stream - 26 bytes -> %SystemDrive%\Firefox Setup 2.0.0.3.exe:Zone.Identifier ->
hi -> %SystemDrive%\hi -> [Folder | Modified Date = 18.5.2007 12:56:10 | Attr = ]
hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 1073008640 bytes | Modified Date = 19.5.2007 22:34:04 | Attr = HS]
Kaspersky -> %SystemDrive%\Kaspersky -> [Folder | Modified Date = 16.5.2007 19:47:38 | Attr = ]
mwav.exe -> %SystemDrive%\mwav.exe -> [Ver = | Size = 15742976 bytes | Modified Date = 17.5.2007 10:57:18 | Attr = ]
@Alternate Data Stream - 26 bytes -> %SystemDrive%\mwav.exe:Zone.Identifier ->
Nokia_N95-1_UG_fi.pdf -> %SystemDrive%\Nokia_N95-1_UG_fi.pdf -> [Ver = | Size = 2443087 bytes | Modified Date = 16.5.2007 19:33:04 | Attr = ]
@Alternate Data Stream - 26 bytes -> %SystemDrive%\Nokia_N95-1_UG_fi.pdf:Zone.Identifier ->
poltetut -> %SystemDrive%\poltetut -> [Folder | Modified Date = 11.5.2007 22:45:26 | Attr = ]
Program Files -> %ProgramFiles% -> [Folder | Modified Date = 18.5.2007 16:23:40 | Attr = R ]
QooBox -> %SystemDrive%\QooBox -> [Folder | Modified Date = 18.5.2007 15:03:40 | Attr = ]
RECYCLER -> %SystemDrive%\RECYCLER -> [Folder | Modified Date = 17.5.2007 8:55:12 | Attr = HS]
regc.exe -> %SystemDrive%\regc.exe -> [Ver = | Size = 393920 bytes | Modified Date = 16.5.2007 20:14:32 | Attr = ]
@Alternate Data Stream - 26 bytes -> %SystemDrive%\regc.exe:Zone.Identifier ->
RegSeeker.zip -> %SystemDrive%\RegSeeker.zip -> [Ver = | Size = 468541 bytes | Modified Date = 17.5.2007 10:34:34 | Attr = ]
@Alternate Data Stream - 26 bytes -> %SystemDrive%\RegSeeker.zip:Zone.Identifier ->
rekisteri -> %SystemDrive%\rekisteri -> [Folder | Modified Date = 17.5.2007 10:37:52 | Attr = ]
saab -> %SystemDrive%\saab -> [Folder | Modified Date = 30.4.2007 8:49:06 | Attr = ]
sqmdata00.sqm -> %SystemDrive%\sqmdata00.sqm -> [Ver = | Size = 268 bytes | Modified Date = 16.5.2007 23:34:44 | Attr = H ]
sqmdata01.sqm -> %SystemDrive%\sqmdata01.sqm -> [Ver = | Size = 268 bytes | Modified Date = 17.5.2007 10:49:56 | Attr = H ]
sqmdata02.sqm -> %SystemDrive%\sqmdata02.sqm -> [Ver = | Size = 268 bytes | Modified Date = 17.5.2007 11:02:26 | Attr = H ]
sqmdata03.sqm -> %SystemDrive%\sqmdata03.sqm -> [Ver = | Size = 268 bytes | Modified Date = 17.5.2007 12:47:48 | Attr = H ]
sqmdata04.sqm -> %SystemDrive%\sqmdata04.sqm -> [Ver = | Size = 268 bytes | Modified Date = 17.5.2007 13:24:40 | Attr = H ]
sqmdata05.sqm -> %SystemDrive%\sqmdata05.sqm -> [Ver = | Size = 268 bytes | Modified Date = 17.5.2007 13:39:52 | Attr = H ]
sqmdata06.sqm -> %SystemDrive%\sqmdata06.sqm -> [Ver = | Size = 268 bytes | Modified Date = 18.5.2007 12:43:40 | Attr = H ]
sqmdata07.sqm -> %SystemDrive%\sqmdata07.sqm -> [Ver = | Size = 268 bytes | Modified Date = 18.5.2007 22:05:40 | Attr = H ]
sqmdata08.sqm -> %SystemDrive%\sqmdata08.sqm -> [Ver = | Size = 268 bytes | Modified Date = 19.5.2007 8:34:14 | Attr = H ]
sqmdata09.sqm -> %SystemDrive%\sqmdata09.sqm -> [Ver = | Size = 232 bytes | Modified Date = 19.5.2007 8:36:54 | Attr = H ]
sqmdata10.sqm -> %SystemDrive%\sqmdata10.sqm -> [Ver = | Size = 232 bytes | Modified Date = 19.5.2007 8:38:58 | Attr = H ]
sqmdata11.sqm -> %SystemDrive%\sqmdata11.sqm -> [Ver = | Size = 268 bytes | Modified Date = 16.5.2007 15:00:14 | Attr = H ]
sqmdata12.sqm -> %SystemDrive%\sqmdata12.sqm -> [Ver = | Size = 268 bytes | Modified Date = 16.5.2007 16:04:18 | Attr = H ]
sqmdata13.sqm -> %SystemDrive%\sqmdata13.sqm -> [Ver = | Size = 268 bytes | Modified Date = 17.5.2007 0:19:44 | Attr = H ]
sqmdata14.sqm -> %SystemDrive%\sqmdata14.sqm -> [Ver = | Size = 268 bytes | Modified Date = 17.5.2007 8:48:26 | Attr = H ]
sqmdata15.sqm -> %SystemDrive%\sqmdata15.sqm -> [Ver = | Size = 268 bytes | Modified Date = 17.5.2007 9:12:10 | Attr = H ]
sqmdata16.sqm -> %SystemDrive%\sqmdata16.sqm -> [Ver = | Size = 268 bytes | Modified Date = 17.5.2007 10:59:30 | Attr = H ]
sqmdata17.sqm -> %SystemDrive%\sqmdata17.sqm -> [Ver = | Size = 268 bytes | Modified Date = 17.5.2007 12:02:02 | Attr = H ]
sqmdata18.sqm -> %SystemDrive%\sqmdata18.sqm -> [Ver = | Size = 268 bytes | Modified Date = 16.5.2007 19:37:26 | Attr = H ]
sqmdata19.sqm -> %SystemDrive%\sqmdata19.sqm -> [Ver = | Size = 268 bytes | Modified Date = 16.5.2007 20:33:14 | Attr = H ]
sqmnoopt00.sqm -> %SystemDrive%\sqmnoopt00.sqm -> [Ver = | Size = 244 bytes | Modified Date = 16.5.2007 23:34:44 | Attr = H ]
sqmnoopt01.sqm -> %SystemDrive%\sqmnoopt01.sqm -> [Ver = | Size = 244 bytes | Modified Date = 17.5.2007 10:49:56 | Attr = H ]
sqmnoopt02.sqm -> %SystemDrive%\sqmnoopt02.sqm -> [Ver = | Size = 244 bytes | Modified Date = 17.5.2007 11:02:26 | Attr = H ]
sqmnoopt03.sqm -> %SystemDrive%\sqmnoopt03.sqm -> [Ver = | Size = 244 bytes | Modified Date = 17.5.2007 12:47:48 | Attr = H ]
sqmnoopt04.sqm -> %SystemDrive%\sqmnoopt04.sqm -> [Ver = | Size = 244 bytes | Modified Date = 17.5.2007 13:24:40 | Attr = H ]
sqmnoopt05.sqm -> %SystemDrive%\sqmnoopt05.sqm -> [Ver = | Size = 244 bytes | Modified Date = 17.5.2007 13:39:52 | Attr = H ]
sqmnoopt06.sqm -> %SystemDrive%\sqmnoopt06.sqm -> [Ver = | Size = 244 bytes | Modified Date = 18.5.2007 12:43:38 | Attr = H ]
sqmnoopt07.sqm -> %SystemDrive%\sqmnoopt07.sqm -> [Ver = | Size = 244 bytes | Modified Date = 18.5.2007 22:05:40 | Attr = H ]
sqmnoopt08.sqm -> %SystemDrive%\sqmnoopt08.sqm -> [Ver = | Size = 244 bytes | Modified Date = 19.5.2007 8:34:12 | Attr = H ]
sqmnoopt09.sqm -> %SystemDrive%\sqmnoopt09.sqm -> [Ver = | Size = 244 bytes | Modified Date = 19.5.2007 8:36:54 | Attr = H ]
sqmnoopt10.sqm -> %SystemDrive%\sqmnoopt10.sqm -> [Ver = | Size = 244 bytes | Modified Date = 19.5.2007 8:38:58 | Attr = H ]
sqmnoopt11.sqm -> %SystemDrive%\sqmnoopt11.sqm -> [Ver = | Size = 244 bytes | Modified Date = 16.5.2007 15:00:14 | Attr = H ]
sqmnoopt12.sqm -> %SystemDrive%\sqmnoopt12.sqm -> [Ver = | Size = 244 bytes | Modified Date = 16.5.2007 16:04:18 | Attr = H ]
sqmnoopt13.sqm -> %SystemDrive%\sqmnoopt13.sqm -> [Ver = | Size = 244 bytes | Modified Date = 17.5.2007 0:19:44 | Attr = H ]
sqmnoopt14.sqm -> %SystemDrive%\sqmnoopt14.sqm -> [Ver = | Size = 244 bytes | Modified Date = 17.5.2007 8:48:26 | Attr = H ]
sqmnoopt15.sqm -> %SystemDrive%\sqmnoopt15.sqm -> [Ver = | Size = 244 bytes | Modified Date = 17.5.2007 9:12:10 | Attr = H ]
sqmnoopt16.sqm -> %SystemDrive%\sqmnoopt16.sqm -> [Ver = | Size = 244 bytes | Modified Date = 17.5.2007 10:59:30 | Attr = H ]
sqmnoopt17.sqm -> %SystemDrive%\sqmnoopt17.sqm -> [Ver = | Size = 244 bytes | Modified Date = 17.5.2007 12:02:02 | Attr = H ]
sqmnoopt18.sqm -> %SystemDrive%\sqmnoopt18.sqm -> [Ver = | Size = 244 bytes | Modified Date = 16.5.2007 19:37:26 | Attr = H ]
sqmnoopt19.sqm -> %SystemDrive%\sqmnoopt19.sqm -> [Ver = | Size = 244 bytes | Modified Date = 16.5.2007 20:33:14 | Attr = H ]
Uusi kansio (3) -> %SystemDrive%\Uusi kansio (3) -> [Folder | Modified Date = 17.5.2007 9:11:14 | Attr = ]
VIDEO_TS -> %SystemDrive%\VIDEO_TS -> [Folder | Modified Date = 27.4.2007 21:55:54 | Attr = ]
WINDOWS -> %SystemRoot% -> [Folder | Modified Date = 19.5.2007 22:34:58 | Attr = ]
WMR Recordings -> %SystemDrive%\WMR Recordings -> [Folder | Modified Date = 30.4.2007 22:16:18 | Attr = ]
WPLDEMO -> %SystemDrive%\WPLDEMO -> [Folder | Modified Date = 16.5.2007 14:22:06 | Attr = ]
$hf_mig$ -> %SystemRoot%\$hf_mig$ -> [Folder | Modified Date = 18.5.2007 12:46:10 | Attr = H ]
$NtUninstallKB929969$ -> %SystemRoot%\$NtUninstallKB929969$ -> [Folder | Modified Date = 17.5.2007 9:23:12 | Attr = H ]
$NtUninstallKB930916$ -> %SystemRoot%\$NtUninstallKB930916$ -> [Folder | Modified Date = 16.5.2007 15:57:52 | Attr = H ]
$NtUninstallKB931768$ -> %SystemRoot%\$NtUninstallKB931768$ -> [Folder | Modified Date = 17.5.2007 9:31:28 | Attr = H ]
bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 19.5.2007 22:34:06 | Attr = S]
catchme.exe -> %SystemRoot%\catchme.exe -> [Ver = | Size = 86528 bytes | Modified Date = 21.4.2007 3:52:22 | Attr = ]
Debug -> %SystemRoot%\Debug -> [Folder | Modified Date = 11.5.2007 10:29:08 | Attr = ]
Easy CD-DA Extractor -> %SystemRoot%\Easy CD-DA Extractor -> [Folder | Modified Date = 17.5.2007 12:37:48 | Attr = ]
ehome -> %SystemRoot%\ehome -> [Folder | Modified Date = 17.5.2007 14:08:16 | Attr = ]
erdnt -> %SystemRoot%\erdnt -> [Folder | Modified Date = 18.5.2007 15:05:38 | Attr = ]
Fonts -> %SystemRoot%\Fonts -> [Folder | Modified Date = 16.5.2007 19:50:12 | Attr = R S]
Help -> %SystemRoot%\Help -> [Folder | Modified Date = 17.5.2007 13:14:04 | Attr = ]
ie7 -> %SystemRoot%\ie7 -> [Folder | Modified Date = 17.5.2007 10:49:00 | Attr = H ]
ie7updates -> %SystemRoot%\ie7updates -> [Folder | Modified Date = 19.5.2007 8:38:48 | Attr = ]
imsins.BAK -> %SystemRoot%\imsins.BAK -> [Ver = | Size = 1374 bytes | Modified Date = 17.5.2007 13:22:06 | Attr = ]
inf -> %SystemRoot%\inf -> [Folder | Modified Date = 19.5.2007 8:39:54 | Attr = H ]
INFOMAN.INI -> %SystemRoot%\INFOMAN.INI -> [Ver = | Size = 290 bytes | Modified Date = 17.5.2007 12:40:22 | Attr = ]
Installer -> %SystemRoot%\Installer -> [Folder | Modified Date = 16.5.2007 19:50:44 | Attr = HS]
Media -> %SystemRoot%\Media -> [Folder | Modified Date = 17.5.2007 10:49:10 | Attr = ]
Minidump -> %SystemRoot%\Minidump -> [Folder | Modified Date = 10.5.2007 8:45:28 | Attr = ]
NeroDigital.ini -> %SystemRoot%\NeroDigital.ini -> [Ver = | Size = 116 bytes | Modified Date = 18.5.2007 14:51:24 | Attr = ]
network diagnostic -> %SystemRoot%\network diagnostic -> [Folder | Modified Date = 12.5.2007 17:16:54 | Attr = ]
Prefetch -> %SystemRoot%\Prefetch -> [Folder | Modified Date = 19.5.2007 22:40:22 | Attr = ]
Registration -> %SystemRoot%\Registration -> [Folder | Modified Date = 17.5.2007 12:46:32 | Attr = ]
security -> %SystemRoot%\security -> [Folder | Modified Date = 16.5.2007 19:38:16 | Attr = ]
setup.pss -> %SystemRoot%\setup.pss -> [Folder | Modified Date = 16.5.2007 22:34:46 | Attr = ]
system32 -> %System32% -> [Folder | Modified Date = 19.5.2007 22:38:28 | Attr = ]
Tasks -> %SystemRoot%\Tasks -> [Folder | Modified Date = 19.5.2007 22:37:10 | Attr = S]
Temp -> %SystemRoot%\Temp -> [Folder | Modified Date = 19.5.2007 22:35:54 | Attr = ]
VFO.INI -> %SystemRoot%\VFO.INI -> [Ver = | Size = 1289 bytes | Modified Date = 2.5.2007 11:05:24 | Attr = ]
WBEM -> %SystemRoot%\WBEM -> [Folder | Modified Date = 17.5.2007 10:49:12 | Attr = ]
win.ini -> %SystemRoot%\win.ini -> [Ver = | Size = 1050 bytes | Modified Date = 16.5.2007 19:50:36 | Attr = ]
{00000005-00000000-00000006-00001102-00000004-10071102}.BAK -> %SystemRoot%\{00000005-00000000-00000006-00001102-00000004-10071102}.BAK -> [Ver = | Size = 4958588 bytes | Modified Date = 19.5.2007 22:32:16 | Attr = ]
{00000005-00000000-00000006-00001102-00000004-10071102}.CDF -> %SystemRoot%\{00000005-00000000-00000006-00001102-00000004-10071102}.CDF -> [Ver = | Size = 4958588 bytes | Modified Date = 19.5.2007 22:34:44 | Attr = ]
AppleSoftwareUpdate.job -> %SystemRoot%\tasks\AppleSoftwareUpdate.job -> [Ver = | Size = 284 bytes | Modified Date = 12.5.2007 19:17:00 | Attr = ]
MP Scheduled Scan.job -> %SystemRoot%\tasks\MP Scheduled Scan.job -> [Ver = | Size = 330 bytes | Modified Date = 19.5.2007 22:37:12 | Attr = H ]
SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 19.5.2007 22:34:06 | Attr = H ]
Tarkistetaan Windows Live -työkalurivin päivitykset.job -> %SystemRoot%\tasks\Tarkistetaan Windows Live -työkalurivin päivitykset.job -> [Ver = | Size = 252 bytes | Modified Date = 18.5.2007 21:51:02 | Attr = ]
BMXBkpCtrlState-{00000005-00000000-00000006-00001102-00000004-10071102}.rfx -> %System32%\BMXBkpCtrlState-{00000005-00000000-00000006-00001102-00000004-10071102}.rfx -> [Ver = | Size = 30528 bytes | Modified Date = 19.5.2007 22:32:54 | Attr = ]
BMXCtrlState-{00000005-00000000-00000006-00001102-00000004-10071102}.rfx -> %System32%\BMXCtrlState-{00000005-00000000-00000006-00001102-00000004-10071102}.rfx -> [Ver = | Size = 30528 bytes | Modified Date = 19.5.2007 22:32:54 | Attr = ]
BMXState-{00000005-00000000-00000006-00001102-00000004-10071102}.rfx -> %System32%\BMXState-{00000005-00000000-00000006-00001102-00000004-10071102}.rfx -> [Ver = | Size = 31056 bytes | Modified Date = 19.5.2007 22:32:54 | Attr = ]
BMXStateBkp-{00000005-00000000-00000006-00001102-00000004-10071102}.rfx -> %System32%\BMXStateBkp-{00000005-00000000-00000006-00001102-00000004-10071102}.rfx -> [Ver = | Size = 31056 bytes | Modified Date = 19.5.2007 22:32:54 | Attr = ]
CatRoot -> %System32%\CatRoot -> [Folder | Modified Date = 19.5.2007 8:39:42 | Attr = ]
CatRoot2 -> %System32%\CatRoot2 -> [Folder | Modified Date = 19.5.2007 22:37:22 | Attr = ]
config -> %System32%\config -> [Folder | Modified Date = 18.5.2007 15:06:08 | Attr = ]
DivX.dll -> %System32%\DivX.dll -> DivX, Inc. [Ver = 6.6.1.1 | Size = 740442 bytes | Modified Date = 11.5.2007 7:37:16 | Attr = ]
DivXCodecUpdateChecker.exe -> %System32%\DivXCodecUpdateChecker.exe -> DivX, Inc. [Ver = 6, 2, 5, 7 | Size = 124472 bytes | Modified Date = 23.4.2007 3:01:48 | Attr = ]
divxdec.ax -> %System32%\divxdec.ax -> DivX, Inc. [Ver = 6.6.1.1 | Size = 638976 bytes | Modified Date = 11.5.2007 4:32:26 | Attr = ]
DivXMedia.ax -> %System32%\DivXMedia.ax -> DivXNetworks [Ver = 0.0.0.028 | Size = 352401 bytes | Modified Date = 23.4.2007 3:02:14 | Attr = ]
DivXsm.exe -> %System32%\DivXsm.exe -> DivX Inc. [Ver = 6, 6, 1, 1 | Size = 524288 bytes | Modified Date = 11.5.2007 20:54:16 | Attr = ]
divxsm.tlb -> %System32%\divxsm.tlb -> [Ver = | Size = 4816 bytes | Modified Date = 11.5.2007 20:54:16 | Attr = ]
DivXWMPExtType.dll -> %System32%\DivXWMPExtType.dll -> [Ver = | Size = 12288 bytes | Modified Date = 23.4.2007 3:01:48 | Attr = ]
divx_xx07.dll -> %System32%\divx_xx07.dll -> DivX, Inc. [Ver = 6.6.1.1 | Size = 823296 bytes | Modified Date = 11.5.2007 7:37:16 | Attr = ]
divx_xx0c.dll -> %System32%\divx_xx0c.dll -> DivX, Inc. [Ver = 6.6.1.1 | Size = 823296 bytes | Modified Date = 11.5.2007 7:37:16 | Attr = ]
divx_xx11.dll -> %System32%\divx_xx11.dll -> DivX, Inc. [Ver = 6.6.1.1 | Size = 802816 bytes | Modified Date = 11.5.2007 7:37:16 | Attr = ]
dllcache -> %System32%\dllcache -> [Folder | Modified Date = 19.5.2007 8:39:40 | Attr = RHS]
dpl100.dll -> %System32%\dpl100.dll -> DivX, Inc. [Ver = 1, 2, 0, 12 | Size = 73728 bytes | Modified Date = 23.4.2007 3:02:36 | Attr = ]
dpu10.dll -> %System32%\dpu10.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 294912 bytes | Modified Date = 23.4.2007 3:02:32 | Attr = ]
dpu11.dll -> %System32%\dpu11.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 294912 bytes | Modified Date = 23.4.2007 3:02:32 | Attr = ]
dpuGUI10.dll -> %System32%\dpuGUI10.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 53248 bytes | Modified Date = 23.4.2007 3:02:34 | Attr = ]
dpuGUI11.dll -> %System32%\dpuGUI11.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 593920 bytes | Modified Date = 23.4.2007 3:02:32 | Attr = ]
dpus11.dll -> %System32%\dpus11.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 344064 bytes | Modified Date = 23.4.2007 3:02:32 | Attr = ]
dpv11.dll -> %System32%\dpv11.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 57344 bytes | Modified Date = 23.4.2007 3:02:32 | Attr = ]
drivers -> %System32%\drivers -> [Folder | Modified Date = 18.5.2007 16:23:48 | Attr = ]
dtu100.dll -> %System32%\dtu100.dll -> DivX, Inc. [Ver = 1, 2, 0, 12 | Size = 196608 bytes | Modified Date = 23.4.2007 3:02:36 | Attr = ]
DVCState-{00000005-00000000-00000006-00001102-00000004-10071102}.rfx -> %System32%\DVCState-{00000005-00000000-00000006-00001102-00000004-10071102}.rfx -> [Ver = | Size = 11564 bytes | Modified Date = 19.5.2007 22:32:54 | Attr = ]
fi-fi -> %System32%\fi-fi -> [Folder | Modified Date = 19.5.2007 8:39:40 | Attr = ]
FNTCACHE.DAT -> %System32%\FNTCACHE.DAT -> [Ver = | Size = 434168 bytes | Modified Date = 16.5.2007 22:32:18 | Attr = ]
GDIPFONTCACHEV1.DAT -> %System32%\GDIPFONTCACHEV1.DAT -> [Ver = | Size = 89632 bytes | Modified Date = 16.5.2007 22:57:02 | Attr = ]
libdivx.dll -> %System32%\libdivx.dll -> The OpenSSL Project, http://www.openssl.org/ [Ver = 0.9.8b | Size = 1044480 bytes | Modified Date = 23.4.2007 3:15:20 | Attr = ]
nvapps.xml -> %System32%\nvapps.xml -> [Ver = | Size = 88566 bytes | Modified Date = 19.5.2007 22:34:20 | Attr = ]
perfc009.dat -> %System32%\perfc009.dat -> [Ver = | Size = 65458 bytes | Modified Date = 19.5.2007 22:38:28 | Attr = ]
perfc00B.dat -> %System32%\perfc00B.dat -> [Ver = | Size = 80008 bytes | Modified Date = 19.5.2007 22:38:28 | Attr = ]
perfh009.dat -> %System32%\perfh009.dat -> [Ver = | Size = 410360 bytes | Modified Date = 19.5.2007 22:38:28 | Attr = ]
perfh00B.dat -> %System32%\perfh00B.dat -> [Ver = | Size = 386434 bytes | Modified Date = 19.5.2007 22:38:28 | Attr = ]
PerfStringBackup.INI -> %System32%\PerfStringBackup.INI -> [Ver = | Size = 955162 bytes | Modified Date = 19.5.2007 22:38:28 | Attr = ]
px.dll -> %System32%\px.dll -> Sonic Solutions [Ver = 3.4.46.500 | Size = 527096 bytes | Modified Date = 23.4.2007 3:15:26 | Attr = ]
pxafs.dll -> %System32%\pxafs.dll -> Sonic Solutions [Ver = 3.4.46.500 | Size = 129784 bytes | Modified Date = 23.4.2007 3:15:26 | Attr = ]
pxcpya64.exe -> %System32%\pxcpya64.exe -> Sonic Solutions [Ver = 1.00.39a | Size = 64760 bytes | Modified Date = 23.4.2007 3:15:26 | Attr = ]
pxcpyi64.exe -> %System32%\pxcpyi64.exe -> Sonic Solutions [Ver = 1.00.39a | Size = 116472 bytes | Modified Date = 23.4.2007 3:15:26 | Attr = ]
pxdrv.dll -> %System32%\pxdrv.dll -> Sonic Solutions [Ver = 1.02.01a | Size = 502520 bytes | Modified Date = 23.4.2007 3:15:26 | Attr = ]
pxhpinst.exe -> %System32%\pxhpinst.exe -> Sonic Solutions [Ver = 3.00.43J | Size = 72440 bytes | Modified Date = 23.4.2007 3:15:26 | Attr = ]
pxinsa64.exe -> %System32%\pxinsa64.exe -> Sonic Solutions [Ver = 3.00.43J | Size = 64760 bytes | Modified Date = 23.4.2007 3:15:26 | Attr = ]
pxinsi64.exe -> %System32%\pxinsi64.exe -> Sonic Solutions [Ver = 3.00.43J | Size = 118520 bytes | Modified Date = 23.4.2007 3:15:26 | Attr = ]
pxmas.dll -> %System32%\pxmas.dll -> Sonic Solutions [Ver = 3.4.46.500 | Size = 183032 bytes | Modified Date = 23.4.2007 3:15:26 | Attr = ]
pxsfs.dll -> %System32%\pxsfs.dll -> Sonic Solutions [Ver = 3.4.46.500 | Size = 1329912 bytes | Modified Date = 23.4.2007 3:15:26 | Attr = ]
pxwave.dll -> %System32%\pxwave.dll -> Sonic Solutions [Ver = 3.4.46.500 | Size = 379640 bytes | Modified Date = 23.4.2007 3:15:26 | Attr = ]
qt-dx331.dll -> %System32%\qt-dx331.dll -> [Ver = | Size = 3596288 bytes | Modified Date = 23.4.2007 3:15:30 | Attr = ]
Restore -> %System32%\Restore -> [Folder | Modified Date = 16.5.2007 9:25:14 | Attr = ]
settings.sfm -> %System32%\settings.sfm -> [Ver = | Size = 2064 bytes | Modified Date = 19.5.2007 22:32:54 | Attr = ]
settingsbkup.sfm -> %System32%\settingsbkup.sfm -> [Ver = | Size = 2064 bytes | Modified Date = 19.5.2007 22:32:54 | Attr = ]
ssldivx.dll -> %System32%\ssldivx.dll -> The OpenSSL Project, http://www.openssl.org/ [Ver = 0.9.8b | Size = 200704 bytes | Modified Date = 23.4.2007 3:15:20 | Attr = ]
vxblock.dll -> %System32%\vxblock.dll -> Sonic Solutions [Ver = 1.00.74a | Size = 39672 bytes | Modified Date = 23.4.2007 3:15:24 | Attr = ]
wbem -> %System32%\wbem -> [Folder | Modified Date = 16.5.2007 20:05:36 | Attr = ]
wpa.dbl -> %System32%\wpa.dbl -> [Ver = | Size = 12598 bytes | Modified Date = 19.5.2007 22:35:02 | Attr = ]
cdr4_xp.sys -> %System32%\drivers\cdr4_xp.sys -> Sonic Solutions [Ver = 8.0.0.212 | Size = 2432 bytes | Modified Date = 23.4.2007 3:15:26 | Attr = ]
cdralw2k.sys -> %System32%\drivers\cdralw2k.sys -> Sonic Solutions [Ver = 8.0.0.212 | Size = 2560 bytes | Modified Date = 23.4.2007 3:15:26 | Attr = ]
etc -> %System32%\drivers\etc -> [Folder | Modified Date = 18.5.2007 15:20:48 | Attr = ]
PxHelp20.sys -> %System32%\drivers\PxHelp20.sys -> Sonic Solutions [Ver = 3.00.43J | Size = 36624 bytes | Modified Date = 23.4.2007 3:15:26 | Attr = ]

[File String Scan - Non-Microsoft Only]
@Alternate Data Stream - 26 bytes -> %SystemDrive%\3x12a_x86_dos_updbios-23.zip:Zone.Identifier ->
@Alternate Data Stream - 26 bytes -> %SystemDrive%\3x12A_x86_dos_updflash-319.ZIP:Zone.Identifier ->
WSUD , -> %SystemDrive%\5510_NokiaAudioManager.exe -> [Ver = | Size = 18815488 bytes | Modified Date = 10.11.2004 9:08:14 | Attr = ]
UPX! , UPX0 , -> %SystemDrive%\ClonyXXL.exe -> [Ver = 2, 0, 1, 5 | Size = 274944 bytes | Modified Date = 29.4.2003 20:46:18 | Attr = ]
UPX! , -> %SystemDrive%\DOOM.exe -> [Ver = | Size = 3985410 bytes | Modified Date = 28.5.2004 18:05:52 | Attr = ]
@Alternate Data Stream - 26 bytes -> %SystemDrive%\ezcddax10.exe:Zone.Identifier ->
UPX! , UPX0 , -> %SystemDrive%\ezcddax10.exe -> [Ver = 7.0.6.1 | Size = 7716863 bytes | Modified Date = 17.5.2007 12:37:44 | Attr = ]
@Alternate Data Stream - 26 bytes -> %SystemDrive%\Firefox Setup 2.0.0.3.exe:Zone.Identifier ->
Thawte Consulting , -> %SystemDrive%\Firefox Setup 2.0.0.3.exe -> Mozilla [Ver = 4.42 | Size = 5807760 bytes | Modified Date = 16.5.2007 20:23:18 | Attr = ]
UPX! , UPX0 , -> %SystemDrive%\flaskmpeg_0594.exe -> [Ver = | Size = 812282 bytes | Modified Date = 28.6.2001 0:07:00 | Attr = ]
@Alternate Data Stream - 88 bytes -> %SystemDrive%\Get_Bin_Laden:SummaryInformation ->
@Alternate Data Stream - 0 bytes -> %SystemDrive%\Get_Bin_Laden:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} ->
@Alternate Data Stream - 0 bytes -> %SystemDrive%\Merry Xmas.exe:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} ->
File scan skipped for file %SystemDrive%\mvinfo.bin -> File size too big (197700722 bytes) ->
@Alternate Data Stream - 26 bytes -> %SystemDrive%\mwav.exe:Zone.Identifier ->
@Alternate Data Stream - 26 bytes -> %SystemDrive%\Nokia_N95-1_UG_fi.pdf:Zone.Identifier ->
@Alternate Data Stream - 26 bytes -> %SystemDrive%\nvidia.rar:Zone.Identifier ->
@Alternate Data Stream - 26 bytes -> %SystemDrive%\overkill (braunschweig '04).mp3:Zone.Identifier ->
PEC2 , -> %SystemDrive%\overkill (braunschweig '04).mp3 -> [Ver = | Size = 8045870 bytes | Modified Date = 2.1.2006 20:41:56 | Attr = ]
@Alternate Data Stream - 88 bytes -> %SystemDrive%\pajatso.swf:SummaryInformation ->
@Alternate Data Stream - 0 bytes -> %SystemDrive%\pajatso.swf:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} ->
@Alternate Data Stream - 26 bytes -> %SystemDrive%\regc.exe:Zone.Identifier ->
@Alternate Data Stream - 26 bytes -> %SystemDrive%\RegSeeker.zip:Zone.Identifier ->
UPX! , UPX0 , -> %SystemDrive%\remselec174.exe -> [Ver = | Size = 126464 bytes | Modified Date = 7.12.2000 15:48:40 | Attr = ]
UPX! , UPX0 , -> %SystemDrive%\Snakies3510.exe -> [Ver = | Size = 36288 bytes | Modified Date = 16.4.2004 21:10:34 | Attr = ]
UPX0 , -> %SystemDrive%\t-n10000.zip -> [Ver = | Size = 4979514 bytes | Modified Date = 27.12.2003 0:51:04 | Attr = ]
@Alternate Data Stream - 0 bytes -> %SystemDrive%\Thumbs.db:encryptable ->
@Alternate Data Stream - 26 bytes -> %SystemDrive%\trjsetup.exe:Zone.Identifier ->
aspack , -> %SystemDrive%\tweak-xp.exe -> [Ver = | Size = 1720026 bytes | Modified Date = 7.3.2002 23:59:50 | Attr = ]
aspack , -> %SystemDrive%\txp-patch.exe -> [Ver = | Size = 1811085 bytes | Modified Date = 23.7.2002 21:57:56 | Attr = ]
UPX! , UPX0 , -> %SystemDrive%\txp4trial.exe -> [Ver = 6.0.1.4 | Size = 5946111 bytes | Modified Date = 30.10.2004 20:07:04 | Attr = ]
File scan skipped for file %SystemDrive%\Untitled.mpg -> File size too big (968608046 bytes) ->
File scan skipped for file %SystemDrive%\Video 1.avi -> File size too big (444432384 bytes) ->
File scan skipped for file %SystemDrive%\Video 2.avi -> File size too big (150272000 bytes) ->
File scan skipped for file %SystemDrive%\Video 3.avi -> File size too big (141717504 bytes) ->
UPX! , -> %SystemDrive%\VIRTPART.DAT -> [Ver = | Size = 27262976 bytes | Modified Date = 25.10.2004 13:29:04 | Attr = ]
File scan skipped for file %SystemRoot%\MEMORY.DMP -> File size too big (1073307648 bytes) ->
@Alternate Data Stream - 0 bytes -> %SystemRoot%\Thumbs.db:encryptable ->
UPX! , UPX0 , -> %System32%\avisynth.dll -> The Public [Ver = 2, 5, 6, 0 | Size = 308224 bytes | Modified Date = 28.10.2005 19:44:12 | Attr = ]
PEC2 , -> %System32%\CO2C40EN.DLL -> [Ver = 4.6.1.106 | Size = 748160 bytes | Modified Date = 31.5.1998 | Attr = ]
PEC2 , -> %System32%\dfrg.msc -> [Ver = | Size = 41113 bytes | Modified Date = 9.10.2001 15:00:00 | Attr = ]
PEC2 , PECompact2 , -> %System32%\DivX.dll -> DivX, Inc. [Ver = 6.6.1.1 | Size = 740442 bytes | Modified Date = 11.5.2007 7:37:16 | Attr = ]
@Alternate Data Stream - 26 bytes -> %System32%\navcancl:Zone.Identifier ->
PEC2 , -> %System32%\Syysteema2005.scr -> [Ver = | Size = 3351040 bytes | Modified Date = 27.12.2005 11:48:06 | Attr = ]
winsync , -> %System32%\wbdbase.deu -> [Ver = | Size = 1309184 bytes | Modified Date = 9.10.2001 15:00:00 | Attr = ]
PTech , -> %System32%\drivers\mtlstrm.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 1309184 bytes | Modified Date = 3.8.2004 22:41:38 | Attr = ]

< End of report >

 

WinPFind3 logfile created on: 19.5.2007 22:40:50
WinPFind3U by OldTimer - Version 1.0.37 Folder = C:\Documents and Settings\juki\Työpöytä\WinPFind3u\
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600)
Internet Explorer (Version = 7.0.5730.11)

1023,23 Mb Total Physical Memory | 331,07 Mb Available Physical Memory | 32,36% Memory free
2,40 Gb Paging File | 1,89 Gb Available in Paging File | 78,56% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 174,07 Gb Total Space | 64,64 Gb Free Space | 37,14% Space Free
Drive D: | 105,38 Gb Total Space | 30,42 Gb Free Space | 28,86% Space Free
E: Drive not present or media not loaded
F: Drive not present or media not loaded

Computer Name: JUKI-D0E8B3766D
Current User Name: juki
Logged in as Administrator.
Current Boot Mode: Normal


[Processes - Non-Microsoft Only]
ali5289.exe -> %ProgramFiles%\ULI5289\ALi5289.exe -> ALi Corporation [Ver = 6, 0, 0, 2 | Size = 405504 bytes | Modified Date = 10.3.2005 15:56:32 | Attr = ]
aluschedulersvc.exe -> %ProgramFiles%\Symantec\LiveUpdate\ALUSchedulerSvc.exe -> Symantec Corporation [Ver = 3.0.0.171 | Size = 100032 bytes | Modified Date = 3.8.2006 17:58:42 | Attr = ]
anydvd.exe -> %ProgramFiles%\SlySoft\AnyDVD\AnyDVD.exe -> SlySoft, Inc. [Ver = 6.1.0.0 | Size = 503296 bytes | Modified Date = 1.2.2007 18:55:00 | Attr = ]
apdproxy.exe -> %ProgramFiles%\Adobe\Photoshop Elements 4.0\apdproxy.exe -> Adobe Systems Incorporated [Ver = 3.0.0.53237 | Size = 57344 bytes | Modified Date = 9.9.2005 2:18:10 | Attr = ]
ccapp.exe -> %CommonProgramFiles%\Symantec Shared\CCAPP.EXE -> Symantec Corporation [Ver = 104.0.14.2 | Size = 52840 bytes | Modified Date = 1.3.2007 13:15:44 | Attr = ]
ccevtmgr.exe -> %CommonProgramFiles%\Symantec Shared\CCEVTMGR.EXE -> Symantec Corporation [Ver = 104.0.14.2 | Size = 192104 bytes | Modified Date = 1.3.2007 13:15:46 | Attr = ]
ccproxy.exe -> %CommonProgramFiles%\Symantec Shared\CCPROXY.EXE -> Symantec Corporation [Ver = 104.0.13.2 | Size = 202344 bytes | Modified Date = 6.12.2006 12:11:34 | Attr = ]
ccsetmgr.exe -> %CommonProgramFiles%\Symantec Shared\CCSETMGR.EXE -> Symantec Corporation [Ver = 104.0.14.2 | Size = 169576 bytes | Modified Date = 1.3.2007 13:15:48 | Attr = ]
ctdetect.exe -> %ProgramFiles%\Creative\MediaSource\Detector\CTDetect.exe -> Creative Technology Ltd [Ver = 3.0.2.0 | Size = 102400 bytes | Modified Date = 2.12.2004 19:23:34 | Attr = ]
ctdvddet.exe -> %ProgramFiles%\Creative\SBAudigy2\DVDAudio\CTDVDDET.exe -> Creative Technology Ltd [Ver = 1.0.2.0 | Size = 45056 bytes | Modified Date = 30.9.2002 2:00:00 | Attr = ]
cthelper.exe -> %SystemRoot%\CTHELPER.EXE -> Creative Technology Ltd [Ver = 2, 0, 0, 41 | Size = 17920 bytes | Modified Date = 11.8.2006 15:56:02 | Attr = ]
ctsvccda.exe -> %System32%\CTSVCCDA.EXE -> Creative Technology Ltd [Ver = 1.0.1.0 | Size = 44032 bytes | Modified Date = 13.12.1999 4:01:00 | Attr = ]
ctsysvol.exe -> %ProgramFiles%\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe -> Creative Technology Ltd [Ver = 1.1.3.0 | Size = 49152 bytes | Modified Date = 29.10.2002 10:18:24 | Attr = ]
epsibar.exe -> %SystemDrive%\saab\Toolbar\EPSIBar.exe -> Tamara [Ver = 1.01.0002 | Size = 196608 bytes | Modified Date = 7.3.2001 18:15:24 | Attr = ]
grvsa.exe -> %System32%\GRVSA.exe -> GenRad Limited [Ver = 2, 2, 0, 1 | Size = 102400 bytes | Modified Date = 23.10.2000 15:25:08 | Attr = ]
guard.exe -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 47 | Size = 204800 bytes | Modified Date = 28.9.2006 17:13:20 | Attr = ]
jusched.exe -> %ProgramFiles%\Java\jre1.6.0_01\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 6.0.10.6 | Size = 83608 bytes | Modified Date = 14.3.2007 3:43:44 | Attr = ]
navapsvc.exe -> %ProgramFiles%\Norton Internet Security\Norton AntiVirus\NAVAPSVC.EXE -> Symantec Corporation [Ver = 12.7.0.2 | Size = 139888 bytes | Modified Date = 22.3.2007 19:43:12 | Attr = ]
nscsrvce.exe -> %CommonProgramFiles%\Symantec Shared\Security Console\NSCSRVCE.EXE -> Symantec Corporation [Ver = 2006.1.8.2 | Size = 750720 bytes | Modified Date = 15.12.2006 19:41:50 | Attr = ]
nvsvc32.exe -> %System32%\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.10.9371 | Size = 159810 bytes | Modified Date = 22.10.2006 13:22:00 | Attr = ]
pbbckupui.exe -> %SystemDrive%\APPS\DataSecure\PBBckupUI.exe -> Nec Computers International [Ver = 2.0.0.0 | Size = 2257408 bytes | Modified Date = 26.4.2005 12:51:50 | Attr = ]
pdvdserv.exe -> %ProgramFiles%\CyberLink\PowerDVD\PDVDServ.exe -> Cyberlink Corp. [Ver = 5.00.0910 | Size = 30208 bytes | Modified Date = 7.12.2005 22:57:00 | Attr = ]
photoshopelementsfileagent.exe -> %ProgramFiles%\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe -> [Ver = | Size = 102400 bytes | Modified Date = 9.9.2005 4:24:30 | Attr = ]
qttask.exe -> %ProgramFiles%\QuickTime\qttask.exe -> Apple Computer, Inc. [Ver = 7.1.3 | Size = 282624 bytes | Modified Date = 1.9.2006 16:57:48 | Attr = ]
richvideo.exe -> %ProgramFiles%\CyberLink\Shared Files\RichVideo.exe -> [Ver = 1.1.0808 | Size = 167936 bytes | Modified Date = 8.8.2005 13:54:00 | Attr = ]
schedhlp.exe -> %CommonProgramFiles%\Acronis\Schedule2\schedhlp.exe -> Acronis [Ver = 1,0,0,237 | Size = 87584 bytes | Modified Date = 16.10.2006 22:13:32 | Attr = ]
schedul2.exe -> %CommonProgramFiles%\Acronis\Schedule2\schedul2.exe -> Acronis [Ver = 1,0,0,237 | Size = 230944 bytes | Modified Date = 16.10.2006 22:13:28 | Attr = ]
skype.exe -> %ProgramFiles%\Skype\Phone\Skype.exe -> Skype Technologies S.A. [Ver = 3.1.0.152 | Size = 25263144 bytes | Modified Date = 30.3.2007 13:34:08 | Attr = ]
sndsrvc.exe -> %CommonProgramFiles%\Symantec Shared\SNDSrvc.exe -> Symantec Corporation [Ver = 6.0.6.604 | Size = 214672 bytes | Modified Date = 28.3.2007 18:52:18 | Attr = ]
ssaad.exe -> %ProgramFiles%\Sony\SonicStage\SSAAD.exe -> [Ver = 3.4.01.13062 | Size = 81920 bytes | Modified Date = 7.1.2006 3:36:10 | Attr = ]
symlcsvc.exe -> %CommonProgramFiles%\Symantec Shared\CCPD-LC\symlcsvc.exe -> Symantec Corporation [Ver = 1.9.1.1080 | Size = 1174152 bytes | Modified Date = 21.1.2007 10:55:06 | Attr = ]
timountermonitor.exe -> %ProgramFiles%\Acronis\TrueImageHome\TimounterMonitor.exe -> Acronis [Ver = 3.3 build 443 | Size = 1941784 bytes | Modified Date = 16.10.2006 22:17:16 | Attr = ]
tomtomhome.exe -> %ProgramFiles%\TomTom HOME\TomTomHOME.exe -> TomTom [Ver = 1.5.032 | Size = 3718312 bytes | Modified Date = 29.1.2007 13:07:12 | Attr = ]
trueimagemonitor.exe -> %ProgramFiles%\Acronis\TrueImageHome\TrueImageMonitor.exe -> Acronis [Ver = 10,0,0,4871 | Size = 1164912 bytes | Modified Date = 17.10.2006 2:23:04 | Attr = ]
ulcdrsvr.exe -> %CommonProgramFiles%\Ulead Systems\DVD\ULCDRSvr.exe -> Ulead Systems, Inc. [Ver = 1, 0, 0, 4 | Size = 49152 bytes | Modified Date = 31.1.2005 10:45:20 | Attr = R ]
winpfind3u.exe -> %UserDesktop%\WinPFind3u\WinPFind3U.exe -> OldTimer Tools [Ver = 1.0.37.0 | Size = 319488 bytes | Modified Date = 16.5.2007 21:40:18 | Attr = ]
wzqkpick.exe -> %ProgramFiles%\WinZip\WZQKPICK.EXE -> WinZip Computing LP [Ver = 1.0 (32-bit) | Size = 389120 bytes | Modified Date = 21.11.2006 12:00:00 | Attr = ]

[Win32 Services - Non-Microsoft Only]
(AcrSch2Svc) Acronis Scheduler2 Service [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Acronis\Schedule2\schedul2.exe -> Acronis [Ver = 1,0,0,237 | Size = 230944 bytes | Modified Date = 16.10.2006 22:13:28 | Attr = ]
(AdobeActiveFileMonitor4.0) Adobe Active File Monitor V4 [Win32_Own | Auto | Running] -> %ProgramFiles%\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe -> [Ver = | Size = 102400 bytes | Modified Date = 9.9.2005 4:24:30 | Attr = ]
(Automattinen LiveUpdate-ajastustoiminto) Automattinen LiveUpdate-ajastustoiminto [Win32_Own | Auto | Running] -> %ProgramFiles%\Symantec\LiveUpdate\ALUSchedulerSvc.exe -> Symantec Corporation [Ver = 3.0.0.171 | Size = 100032 bytes | Modified Date = 3.8.2006 17:58:42 | Attr = ]
(AVG Anti-Spyware Guard) AVG Anti-Spyware Guard [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 47 | Size = 204800 bytes | Modified Date = 28.9.2006 17:13:20 | Attr = ]
(ccEvtMgr) Symantec Event Manager [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\CCEVTMGR.EXE -> Symantec Corporation [Ver = 104.0.14.2 | Size = 192104 bytes | Modified Date = 1.3.2007 13:15:46 | Attr = ]
(ccISPwdSvc) Symantec Internet Security Password Validation [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Norton Internet Security\CCPWDSVC.EXE -> Symantec Corporation [Ver = 9.1.0.34 | Size = 72328 bytes | Modified Date = 24.3.2006 12:13:32 | Attr = ]
(ccProxy) Symantec Network Proxy [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\CCPROXY.EXE -> Symantec Corporation [Ver = 104.0.13.2 | Size = 202344 bytes | Modified Date = 6.12.2006 12:11:34 | Attr = ]
(ccSetMgr) Symantec Settings Manager [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\CCSETMGR.EXE -> Symantec Corporation [Ver = 104.0.14.2 | Size = 169576 bytes | Modified Date = 1.3.2007 13:15:48 | Attr = ]
(comHost) COM Host [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Norton Internet Security\COMHOST.EXE -> Symantec Corporation [Ver = 9.1.1.7 | Size = 45696 bytes | Modified Date = 1.2.2007 18:20:46 | Attr = ]
(Creative Service for CDROM Access) Creative Service for CDROM Access [Win32_Own | Auto | Running] -> %System32%\CTSVCCDA.EXE -> Creative Technology Ltd [Ver = 1.0.1.0 | Size = 44032 bytes | Modified Date = 13.12.1999 4:01:00 | Attr = ]
(dmadmin) Loogisen levyn hallinnan valvontapalvelu [Win32_Shared | On_Demand | Stopped] -> %System32%\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 14.9.2004 17:12:04 | Attr = ]
(IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\11\Intel 32\IDriverT.exe -> Macrovision Corporation [Ver = 11.00.28844 | Size = 69632 bytes | Modified Date = 4.4.2005 0:41:10 | Attr = ]
(LiveUpdate) LiveUpdate [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Symantec\LiveUpdate\LuComServer_3_0.EXE -> Symantec Corporation [Ver = 3.0.0.171 | Size = 2119360 bytes | Modified Date = 3.8.2006 17:58:42 | Attr = ]
(MSCSPTISRV) MSCSPTISRV [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Sony Shared\AVLib\MSCSPTISRV.exe -> Sony Corporation [Ver = 4.4.00.11241 | Size = 53337 bytes | Modified Date = 24.11.2005 18:03:22 | Attr = ]
(navapsvc) Norton AntiVirus Auto-Protect -palvelu [Win32_Own | Auto | Running] -> %ProgramFiles%\Norton Internet Security\Norton AntiVirus\NAVAPSVC.EXE -> Symantec Corporation [Ver = 12.7.0.2 | Size = 139888 bytes | Modified Date = 22.3.2007 19:43:12 | Attr = ]
(NBService) NBService [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Nero\Nero 7\Nero BackItUp\NBService.exe -> Nero AG [Ver = 2, 7, 3, 2 | Size = 774144 bytes | Modified Date = 15.1.2007 18:14:38 | Attr = ]
(NMIndexingService) NMIndexingService [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Ahead\Lib\NMIndexingService.exe -> Nero AG [Ver = 1, 7, 11, 0 | Size = 266240 bytes | Modified Date = 15.1.2007 17:01:56 | Attr = ]
(NSCService) Norton Protection Center Service [Win32_Own | On_Demand | Running] -> %CommonProgramFiles%\Symantec Shared\Security Console\NSCSRVCE.EXE -> Symantec Corporation [Ver = 2006.1.8.2 | Size = 750720 bytes | Modified Date = 15.12.2006 19:41:50 | Attr = ]
(NVSvc) NVIDIA Display Driver Service [Win32_Own | Auto | Running] -> %System32%\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.10.9371 | Size = 159810 bytes | Modified Date = 22.10.2006 13:22:00 | Attr = ]
(PACSPTISVR) PACSPTISVR [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Sony Shared\AVLib\PACSPTISVR.exe -> Sony Corporation [Ver = 4.4.00.11241 | Size = 53337 bytes | Modified Date = 24.11.2005 16:57:44 | Attr = ]
(RichVideo) Cyberlink RichVideo Service(CRVS) [Win32_Own | Auto | Running] -> %ProgramFiles%\CyberLink\Shared Files\RichVideo.exe -> [Ver = 1.1.0808 | Size = 167936 bytes | Modified Date = 8.8.2005 13:54:00 | Attr = ]
(rpcapd) Remote Packet Capture Protocol v.0 (experimental) [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\WinPcap\rpcapd.exe -> CACE Technologies [Ver = 3, 1, 0, 27 | Size = 86016 bytes | Modified Date = 3.8.2005 0:18:50 | Attr = ]
(SAVScan) Symantec AVScan [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Norton Internet Security\Norton AntiVirus\SAVScan.exe -> Symantec Corporation [Ver = 9.7.0.10 | Size = 198368 bytes | Modified Date = 26.8.2005 16:22:48 | Attr = ]
(SNDSrvc) Symantec Network Drivers Service [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\SNDSrvc.exe -> Symantec Corporation [Ver = 6.0.6.604 | Size = 214672 bytes | Modified Date = 28.3.2007 18:52:18 | Attr = ]
(SPBBCSvc) Symantec SPBBCSvc [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Symantec Shared\SPBBC\SPBBCSvc.exe -> Symantec Corporation [Ver = 2.1.0.4 | Size = 1160848 bytes | Modified Date = 11.5.2006 15:50:20 | Attr = ]
(SPTISRV) Sony SPTI Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Sony Shared\AVLib\SPTISRV.exe -> Sony Corporation [Ver = 4.4.00.11241 | Size = 69718 bytes | Modified Date = 24.11.2005 16:47:30 | Attr = ]
(SSScsiSV) SonicStage SCSI Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Sony Shared\AVLib\SSScsiSV.exe -> Sony Corporation [Ver = 3.4.01.13062 | Size = 69632 bytes | Modified Date = 6.1.2006 23:25:12 | Attr = ]
(Symantec Core LC) Symantec Core LC [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\CCPD-LC\symlcsvc.exe -> Symantec Corporation [Ver = 1.9.1.1080 | Size = 1174152 bytes | Modified Date = 21.1.2007 10:55:06 | Attr = ]
(UleadBurningHelper) Ulead Burning Helper [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Ulead Systems\DVD\ULCDRSvr.exe -> Ulead Systems, Inc. [Ver = 1, 0, 0, 4 | Size = 49152 bytes | Modified Date = 31.1.2005 10:45:20 | Attr = R ]

[Registry - Non-Microsoft Only]
< Run [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
!AVG Anti-Spyware -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\avgas.exe -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 50 | Size = 6266880 bytes | Modified Date = 7.10.2006 15:20:00 | Attr = ]
Acronis Scheduler2 Service -> %CommonProgramFiles%\Acronis\Schedule2\schedhlp.exe -> Acronis [Ver = 1,0,0,237 | Size = 87584 bytes | Modified Date = 16.10.2006 22:13:32 | Attr = ]
AcronisTimounterMonitor -> %ProgramFiles%\Acronis\TrueImageHome\TimounterMonitor.exe -> Acronis [Ver = 3.3 build 443 | Size = 1941784 bytes | Modified Date = 16.10.2006 22:17:16 | Attr = ]
Adobe Photo Downloader -> %ProgramFiles%\Adobe\Photoshop Elements 4.0\apdproxy.exe -> Adobe Systems Incorporated [Ver = 3.0.0.53237 | Size = 57344 bytes | Modified Date = 9.9.2005 2:18:10 | Attr = ]
ALi5289 -> %ProgramFiles%\ULI5289\ALi5289.exe -> ALi Corporation [Ver = 6, 0, 0, 2 | Size = 405504 bytes | Modified Date = 10.3.2005 15:56:32 | Attr = ]
ccApp -> %CommonProgramFiles%\Symantec Shared\CCAPP.EXE -> Symantec Corporation [Ver = 104.0.14.2 | Size = 52840 bytes | Modified Date = 1.3.2007 13:15:44 | Attr = ]
CTDVDDet -> %ProgramFiles%\Creative\SBAudigy2\DVDAudio\CTDVDDET.exe -> Creative Technology Ltd [Ver = 1.0.2.0 | Size = 45056 bytes | Modified Date = 30.9.2002 2:00:00 | Attr = ]
CTHelper -> %SystemRoot%\CTHELPER.EXE -> Creative Technology Ltd [Ver = 2, 0, 0, 41 | Size = 17920 bytes | Modified Date = 11.8.2006 15:56:02 | Attr = ]
CTSysVol -> %ProgramFiles%\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe -> Creative Technology Ltd [Ver = 1.1.3.0 | Size = 49152 bytes | Modified Date = 29.10.2002 10:18:24 | Attr = ]
CTxfiHlp -> %System32%\CTXFIHLP.EXE -> Creative Technology Ltd [Ver = 2, 0, 1, 3 | Size = 18944 bytes | Modified Date = 11.8.2006 15:56:04 | Attr = ]
LanguageShortcut -> %ProgramFiles%\CyberLink\PowerDVD\Language\Language.exe -> [Ver = 1, 0, 2129, 0 | Size = 49152 bytes | Modified Date = 29.9.2006 22:58:20 | Attr = ]
NeroFilterCheck -> %CommonProgramFiles%\Ahead\Lib\NeroCheck.exe -> Nero AG [Ver = 1, 0, 0, 5 | Size = 155648 bytes | Modified Date = 12.1.2006 16:40:44 | Attr = ]
NvCplDaemon -> %System32%\nvcpl.dll [RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup] -> NVIDIA Corporation [Ver = 6.14.10.9371 | Size = 7700480 bytes | Modified Date = 22.10.2006 13:22:00 | Attr = ]
NWEReboot -> -> File not found
nwiz -> %System32%\nwiz.exe -> [Ver = | Size = 1622016 bytes | Modified Date = 22.10.2006 13:22:00 | Attr = ]
NvMediaCenter -> %System32%\nvmctray.dll [RunDLL32.exe NvMCTray.dll,NvTaskbarInit] -> NVIDIA Corporation [Ver = 6.14.10.9371 | Size = 86016 bytes | Modified Date = 22.10.2006 13:22:00 | Attr = ]
PinnacleDriverCheck -> %System32%\PSDrvCheck.exe -> [Ver = 1.0.0.63 | Size = 406016 bytes | Modified Date = 11.3.2004 0:26:10 | Attr = ]
QuickTime Task -> %ProgramFiles%\QuickTime\qttask.exe -> Apple Computer, Inc. [Ver = 7.1.3 | Size = 282624 bytes | Modified Date = 1.9.2006 16:57:48 | Attr = ]
RemoteControl -> %ProgramFiles%\CyberLink\PowerDVD\PDVDServ.exe -> Cyberlink Corp. [Ver = 5.00.0910 | Size = 30208 bytes | Modified Date = 7.12.2005 22:57:00 | Attr = ]
SBDrvDet -> %ProgramFiles%\Creative\SB Drive Det\SBDrvDet.exe -> Creative Technology Ltd [Ver = 1.0.3.0 | Size = 45056 bytes | Modified Date = 3.12.2002 19:06:52 | Attr = ]
SsAAD.exe -> %ProgramFiles%\Sony\SonicStage\SSAAD.exe -> [Ver = 3.4.01.13062 | Size = 81920 bytes | Modified Date = 7.1.2006 3:36:10 | Attr = ]
SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.6.0_01\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 6.0.10.6 | Size = 83608 bytes | Modified Date = 14.3.2007 3:43:44 | Attr = ]
TomTomHOME.exe -> %ProgramFiles%\TomTom HOME\TomTomHOME.exe -> TomTom [Ver = 1.5.032 | Size = 3718312 bytes | Modified Date = 29.1.2007 13:07:12 | Attr = ]
TrueImageMonitor.exe -> %ProgramFiles%\Acronis\TrueImageHome\TrueImageMonitor.exe -> Acronis [Ver = 10,0,0,4871 | Size = 1164912 bytes | Modified Date = 17.10.2006 2:23:04 | Attr = ]
Ulead Quick-Drop -> %ProgramFiles%\Ulead Systems\Ulead DVD MovieFactory 5 Plus\Ulead DVD MovieFactory 5\Quick-Drop.exe -> Ulead Systems, Inc. [Ver = 5.0.0.0 | Size = 118784 bytes | Modified Date = 20.7.2006 3:04:14 | Attr = ]
UpdReg -> %SystemRoot%\Updreg.EXE -> Creative Technology Ltd. [Ver = 1.0.2 | Size = 90112 bytes | Modified Date = 11.5.2000 2:00:00 | Attr = ]
< OptionalComponents [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\
IMAIL -> Installed = 1 ->
MAPI -> Installed = 1 ->
MSFS -> Installed = 1 ->
< Run [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
AnyDVD -> %ProgramFiles%\SlySoft\AnyDVD\AnyDVD.exe -> SlySoft, Inc. [Ver = 6.1.0.0 | Size = 503296 bytes | Modified Date = 1.2.2007 18:55:00 | Attr = ]
BitTorrent -> %ProgramFiles%\BitTorrent\bittorrent.exe -> File not found
Creative Detector -> %ProgramFiles%\Creative\MediaSource\Detector\CTDetect.exe -> Creative Technology Ltd [Ver = 3.0.2.0 | Size = 102400 bytes | Modified Date = 2.12.2004 19:23:34 | Attr = ]
Data Secure -> %SystemDrive%\APPS\DataSecure\PBBckupUI.exe -> Nec Computers International [Ver = 2.0.0.0 | Size = 2257408 bytes | Modified Date = 26.4.2005 12:51:50 | Attr = ]
Skype -> %ProgramFiles%\Skype\Phone\Skype.exe -> Skype Technologies S.A. [Ver = 3.1.0.152 | Size = 25263144 bytes | Modified Date = 30.3.2007 13:34:08 | Attr = ]
< Common Startup > -> C:\Documents and Settings\All Users.WINDOWS\Käynnistä-valikko\Ohjelmat\Käynnistys
%AllUsersStartup%\Adobe Reader Speed Launch.lnk -> %ProgramFiles%\Adobe\Reader 8.0\Reader\reader_sl.exe -> Adobe Systems Incorporated [Ver = 8.0.0.0 | Size = 40048 bytes | Modified Date = 23.10.2006 2:48:20 | Attr = ]
%AllUsersStartup%\Adobe Reader Synchronizer.lnk -> %ProgramFiles%\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe -> [Ver = 8.0.0.0 | Size = 734872 bytes | Modified Date = 23.10.2006 1:01:50 | Attr = ]
%AllUsersStartup%\EPSI ToolBar.lnk -> %SystemDrive%\saab\Toolbar\EPSIBar.exe -> Tamara [Ver = 1.01.0002 | Size = 196608 bytes | Modified Date = 7.3.2001 18:15:24 | Attr = ]
%AllUsersStartup%\WinZip Quick Pick.lnk -> %ProgramFiles%\WinZip\WZQKPICK.EXE -> WinZip Computing LP [Ver = 1.0 (32-bit) | Size = 389120 bytes | Modified Date = 21.11.2006 12:00:00 | Attr = ]
< User Startup > -> C:\Documents and Settings\juki\Käynnistä-valikko\Ohjelmat\Käynnistys
%UserStartup%\HDDlife.lnk -> %ProgramFiles%\BinarySense\HDDlife\HDDlifePro.exe -> File not found
< ShellExecuteHooks [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
{57B86673-276A-48B2-BAE7-C6DBB3020EB8} [HKLM] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [AVG Anti-Spyware 7.5] -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 47 | Size = 73728 bytes | Modified Date = 28.9.2006 17:13:28 | Attr = ]
< SecurityProviders [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders
< Winlogon settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
< Winlogon settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
< CurrentVersion Policy Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\\ScanWithAntiVirus -> 2 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ext\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ext\CLSID\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ext\CLSID\\{17492023-C23A-453E-A040-C7C580BBF700} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 ->
< CurrentVersion Policy Settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Associations\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\DisableRegistryTools -> 0 ->
< Software Policy Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\
HKEY_LOCAL_MACHINE\SOFTWARE\policies\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Adobe\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Adobe\Acrobat Reader\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Adobe\Acrobat Reader\8.0\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Adobe\Acrobat Reader\8.0\FeatureLockdown\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Adobe\Acrobat Reader\8.0\FeatureLockdown\cDefaultExecMenuItems\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Adobe\Acrobat Reader\8.0\FeatureLockdown\cDefaultExecMenuItems\\tWhiteList -> Close|GeneralInfo|Quit|FirstPage|PrevPage|NextPage|LastPage|ActualSize|FitPage|FitWidth|FitHeight|SinglePage|OneColumn|TwoPages|TwoColumns|ZoomViewIn|ZoomViewOut|ShowHideBookmarks|ShowHideThumbnails|Print|GoToPage|ZoomTo|GeneralPrefs|SaveAs|FullScreen|OpenOrganizer|Scan|Web2PDF:OpnURL|AcroSendMail:SendMail|Spelling:Check Spelling|PageSetup|Find|FindSearch|GoBack|GoForward|FitVisible|ShowHideToolbarEditing|ShowHideToolbarCommenting|ShowHideToolbarEdit|ShowHideToolbarFile|ShowHideToolbarFind|ShowHideToolbarForms|ShowHideToolbarMeasuring|ShowHideToolbarData|ShowHideToolbarPageDisplay|ShowHideToolbarNavigation|ShowHideToolbarPrintProduction|ShowHideToolbarRedaction|ShowHideToolbarBasicTools|ShowHideToolbarTasks|ShowHideToolbarTypewriter|PropertyToolbar|ShowHideArticles|ShowHideFileAttachment|ShowHideAnnotManager|ShowHideFields|ShowHideOptCont|ShowHideModelTree|ShowHideSignatures|InsertPages|ExtractPages|ReplacePages|DeletePages|CropPages|RotatePages|AddFileAttachment|FindCurrentBookmark|BookmarkShowLocation ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Adobe\Acrobat Reader\8.0\FeatureLockdown\cDefaultLaunchAttachmentPerms\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Adobe\Acrobat Reader\8.0\FeatureLockdown\cDefaultLaunchAttachmentPerms\\tBuiltInPermList -> version:1|.ade:3|.adp:3|.app:3|.asp:3|.bas:3|.bat:3|.bz:3|.bz2:3|.chm:3|.class:3|.cmd:3|.com:3|.command:3|.cpl:3|.crt:3|.csh:3|.desktop:3|.exe:3|.fxp:3|.gz:3|.hex:3|.hlp:3|.hqx:3|.hta:3|.inf:3|.ini:3|.ins:3|.isp:3|.its:3|.job:3|.js:3|.jse:3|.ksh:3|.lnk:3|.lzh:3|.mad:3|.maf:3|.mag:3|.mam:3|.maq:3|.mar:3|.mas:3|.mat:3|.mau:3|.mav:3|.maw:3|.mda:3|.mde:3|.mdt:3|.mdw:3|.mdz:3|.msc:3|.msi:3|.msp:3|.mst:3|.ocx:3|.ops:3|.pcd:3|.pi:3|.pif:3|.prf:3|.prg:3|.pst:3|.rar:3|.reg:3|.scf:3|.scr:3|.sct:3|.sea:3|.shb:3|.shs:3|.sit:3|.tar:3|.tgz:3|.tmp:3|.url:3|.vb:3|.vbe:3|.vbs:3|.vsmacros:3|.vss:3|.vst:3|.vsw:3|.webloc:3|.ws:3|.wsc:3|.wsf:3|.wsh:3|.zip:3|.zlo:3|.zoo:3|.pdf:2|.fdf:2 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Adobe\Acrobat Reader\8.0\FeatureLockdown\cDefaultLaunchURLPerms\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Adobe\Acrobat Reader\8.0\FeatureLockdown\cDefaultLaunchURLPerms\\tSchemePerms -> version:1|shell:3|hcp:3|ms-help:3|ms-its:3|ms-itss:3|its:3|mk:3|mhtml:3|help:3|disk:3|afp:3|disks:3|telnet:3|ssh:3|javascript:1|vbscript:1|acrobat:2|file:2|mailto:2 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Conferencing\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\MRT\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\RTC\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\RTC\WindowsLiveCall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\RTC\WindowsLiveCall\CertificatePolicy\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\RTC\WindowsLiveCall\PortRange\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\RTC\{A5B45060-354F-4097-A928-5125436C46F1}\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\RTC\{A5B45060-354F-4097-A928-5125436C46F1}\\DisableServerCheck -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\RTC\{A5B45060-354F-4097-A928-5125436C46F1}\\LegacyPresence -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\RTC\{A5B45060-354F-4097-A928-5125436C46F1}\CertificatePolicy\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\RTC\{A5B45060-354F-4097-A928-5125436C46F1}\PortRange\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Installer\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Installer\\EnableAdminTSRemote -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\\ExecutableTypes -> ADE;ADP;BAS;BAT;CHM;CMD;COM;CPL;CRT;EXE;HLP;HTA;INF;INS;ISP;LNK;MDB;MDE;MSC;MSI;MSP;MST;OCX;PCD;PIF;REG;SCR;SHS;URL;VB;WSC; ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\\TransparentEnabled -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\\DefaultLevel -> 262144 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\\AuthenticodeEnabled -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\\PolicyScope -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{349d35ab-37b5-462f-9b89-edd5fbde1328}\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{349d35ab-37b5-462f-9b89-edd5fbde1328}\\Description -> Stop the download of this file ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{349d35ab-37b5-462f-9b89-edd5fbde1328}\\FriendlyName -> Mdac11.cab ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{349d35ab-37b5-462f-9b89-edd5fbde1328}\\SaferFlags -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{349d35ab-37b5-462f-9b89-edd5fbde1328}\\HashAlg -> 32771 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{349d35ab-37b5-462f-9b89-edd5fbde1328}\\ItemData -> ^«0O•zI‰j
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{349d35ab-37b5-462f-9b89-edd5fbde1328}\\LastModified -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{349d35ab-37b5-462f-9b89-edd5fbde1328}\\ItemSize -> ; ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{7fb9cd2e-3076-4df9-a57b-b813f72dbb91}\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{7fb9cd2e-3076-4df9-a57b-b813f72dbb91}\\Description -> Stop the download of this file ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{7fb9cd2e-3076-4df9-a57b-b813f72dbb91}\\FriendlyName -> mdac20.cab ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{7fb9cd2e-3076-4df9-a57b-b813f72dbb91}\\SaferFlags -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{7fb9cd2e-3076-4df9-a57b-b813f72dbb91}\\HashAlg -> 32771 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{7fb9cd2e-3076-4df9-a57b-b813f72dbb91}\\ItemData -> g°Ô‹4:?Ó¼éÜdgó” ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{7fb9cd2e-3076-4df9-a57b-b813f72dbb91}\\LastModified -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{7fb9cd2e-3076-4df9-a57b-b813f72dbb91}\\ItemSize -> ; ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{81d1fe15-dd9d-4762-b16d-7c29ddecae3f}\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{81d1fe15-dd9d-4762-b16d-7c29ddecae3f}\\Description -> Stop the download of this file ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{81d1fe15-dd9d-4762-b16d-7c29ddecae3f}\\FriendlyName -> mdac20_a.cab ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{81d1fe15-dd9d-4762-b16d-7c29ddecae3f}\\SaferFlags -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{81d1fe15-dd9d-4762-b16d-7c29ddecae3f}\\HashAlg -> 32771 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{81d1fe15-dd9d-4762-b16d-7c29ddecae3f}\\ItemData -> 2xÜþøÈ“ÜŠ°Ý„} ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{81d1fe15-dd9d-4762-b16d-7c29ddecae3f}\\LastModified -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{81d1fe15-dd9d-4762-b16d-7c29ddecae3f}\\ItemSize -> –; ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{94e3e076-8f53-42a5-8411-085bcc18a68d}\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{94e3e076-8f53-42a5-8411-085bcc18a68d}\\Description -> Stop the download of this file ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{94e3e076-8f53-42a5-8411-085bcc18a68d}\\FriendlyName -> _msadc10.cab ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{94e3e076-8f53-42a5-8411-085bcc18a68d}\\SaferFlags -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{94e3e076-8f53-42a5-8411-085bcc18a68d}\\HashAlg -> 32771 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{94e3e076-8f53-42a5-8411-085bcc18a68d}\\ItemData -> ½š*ÛBëØV%Mø/g ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{94e3e076-8f53-42a5-8411-085bcc18a68d}\\LastModified -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{94e3e076-8f53-42a5-8411-085bcc18a68d}\\ItemSize -> å; ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{dc971ee5-44eb-4fe4-ae2e-b91490411bfc}\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{dc971ee5-44eb-4fe4-ae2e-b91490411bfc}\\Description -> Stop the download of this file ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{dc971ee5-44eb-4fe4-ae2e-b91490411bfc}\\FriendlyName -> msadc11.cab ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{dc971ee5-44eb-4fe4-ae2e-b91490411bfc}\\SaferFlags -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{dc971ee5-44eb-4fe4-ae2e-b91490411bfc}\\HashAlg -> 32771 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{dc971ee5-44eb-4fe4-ae2e-b91490411bfc}\\ItemData -> 8k_„ìöiÓk•j"À€ ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{dc971ee5-44eb-4fe4-ae2e-b91490411bfc}\\LastModified -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{dc971ee5-44eb-4fe4-ae2e-b91490411bfc}\\ItemSize -> r
; ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Paths\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Paths\{dda3f824-d8cb-441b-834d-be2efd2c1a33}\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Paths\{dda3f824-d8cb-441b-834d-be2efd2c1a33}\\Description -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Paths\{dda3f824-d8cb-441b-834d-be2efd2c1a33}\\SaferFlags -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Paths\{dda3f824-d8cb-441b-834d-be2efd2c1a33}\\ItemData -> %HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Cache%OLK* ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Paths\{dda3f824-d8cb-441b-834d-be2efd2c1a33}\\LastModified -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows NT\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows NT\Terminal Services\ -> ->
< Software Policy Settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\policies\
HKEY_CURRENT_USER\Software\Policies\ -> ->
HKEY_CURRENT_USER\Software\Policies\Microsoft\ -> ->
HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\ -> ->
HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ -> ->
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\ -> ->
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System\ -> ->
< HOSTS File > (27 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts
127.0.0.1 localhost -> ->
< Internet Explorer Settings > ->
HKLM: Default_Page_URL -> http://go.microsoft.com/fwlink/?LinkId=69157 ->
HKLM: Main\\Default_Search_URL -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKLM: Local Page -> %SystemRoot%\system32\blank.htm ->
HKLM: Search Page -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKLM: Start Page -> about:blank ->
HKLM: CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKLM: SearchAssistant -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm ->
HKCU: Local Page -> C:\WINDOWS\system32\blank.htm ->
HKCU: Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch ->
HKCU: Start Page -> http://www.elisa.net/ ->
HKCU: ProxyEnable -> 0 ->
< Trusted Sites > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\
msn.com [ - ] -> ->
< Trusted Sites > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\
www.msi_com.tw [http] -> ->
download.windowsupdate_microsoft.com [https] -> ->
update_microsoft.com [https] -> ->
< BHO's > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> %CommonProgramFiles%\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe PDF Reader -linkkiavustaja] -> Adobe Systems Incorporated [Ver = 8.0.0.2006102200 | Size = 62080 bytes | Modified Date = 23.10.2006 0:08:42 | Attr = ]
{22BF413B-C6D2-4d91-82A9-A0F997BA588C} [HKLM] -> %ProgramFiles%\Skype\Phone\IEPlugin\SkypeIEPlugin.dll [Skype add-on (mastermind)] -> Skype Technologies S.A. [Ver = 2, 2, 0, 78 | Size = 722472 bytes | Modified Date = 30.3.2007 13:31:02 | Attr = ]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_01\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 6.0.10.6 | Size = 501400 bytes | Modified Date = 14.3.2007 3:43:40 | Attr = ]
{9ECB9560-04F9-4bbc-943D-298DDF1699E1} [HKLM] -> %CommonProgramFiles%\Symantec Shared\AdBlocking\NISShExt.dll [CNisExtBho Class] -> Symantec Corporation [Ver = 9.0.0.73 | Size = 94336 bytes | Modified Date = 24.9.2005 23:20:26 | Attr = ]
{A8F38D8D-E480-4D52-B7A2-731BB6995FDD} [HKLM] -> %ProgramFiles%\Norton Internet Security\Norton AntiVirus\NAVSHEXT.DLL [CNavExtBho Class] -> Symantec Corporation [Ver = 12.7.0.2 | Size = 140912 bytes | Modified Date = 24.4.2007 11:20:34 | Attr = ]
{DB87CDE1-EF9C-44EB-A42F-6D0B3C72C516} [HKLM] -> %ProgramFiles%\Elisa\Avustaja\IEFixItNowPlugin.dll [Elisa Avustaja Plugin] -> Elisa [Ver = 1.0.0.1 | Size = 108648 bytes | Modified Date = 20.2.2007 18:39:18 | Attr = ]
< Internet Explorer ToolBars [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar
{0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} [HKLM] -> %CommonProgramFiles%\Symantec Shared\AdBlocking\NISShExt.dll [Norton Internet Security 2006] -> Symantec Corporation [Ver = 9.0.0.73 | Size = 94336 bytes | Modified Date = 24.9.2005 23:20:26 | Attr = ]
{C4069E3A-68F1-403E-B40E-20066696354B} [HKLM] -> %ProgramFiles%\Norton Internet Security\Norton AntiVirus\NAVSHEXT.DLL [Norton AntiVirus] -> Symantec Corporation [Ver = 12.7.0.2 | Size = 140912 bytes | Modified Date = 24.4.2007 11:20:34 | Attr = ]
< Internet Explorer ToolBars [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\
ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
WebBrowser\\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} [HKLM] -> %CommonProgramFiles%\Symantec Shared\AdBlocking\NISShExt.dll [Norton Internet Security 2006] -> Symantec Corporation [Ver = 9.0.0.73 | Size = 94336 bytes | Modified Date = 24.9.2005 23:20:26 | Attr = ]
WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
WebBrowser\\{C4069E3A-68F1-403E-B40E-20066696354B} [HKLM] -> %ProgramFiles%\Norton Internet Security\Norton AntiVirus\NAVSHEXT.DLL [Norton AntiVirus] -> Symantec Corporation [Ver = 12.7.0.2 | Size = 140912 bytes | Modified Date = 24.4.2007 11:20:34 | Attr = ]
< Internet Explorer Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_01\bin\npjpi160_01.dll [MenuText: Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.10.6 | Size = 132760 bytes | Modified Date = 14.3.2007 3:43:42 | Attr = ]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKCU] -> %ProgramFiles%\Java\jre1.6.0_01\bin\ssv.dll [MenuText: Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.10.6 | Size = 501400 bytes | Modified Date = 14.3.2007 3:43:40 | Attr = ]
{77BF5300-1474-4EC7-9980-D32B190E9B07} -> Reg Data - Value does not exist [ButtonText: Skype] -> File not found
{92780B25-18CC-41C8-B9BE-3C9C571A8263} -> Reg Data - Value does not exist [ButtonText: Oheistiedot] -> File not found
{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> Reg Data - Key not found [MenuText: @xpsp3res.dll,-20001] -> File not found
< Internet Explorer Menu Extensions [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\
&Windows Live Search -> %ProgramFiles%\Windows Live Toolbar\msntb.dll\search.htm -> File not found
Vie Microsoft E&xceliin -> -> File not found
< DNS Name Servers [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\
{455A36A4-D3F1-4F89-97C8-5518EEFB5400} -> (1394-verkkosovitin) ->
{47EBE050-386D-45A9-8F37-B81E59057B3D} -> (ULi PCI Fast Ethernet Controller) ->
{EAA5EBCA-151D-4003-9096-3FDD179E2462} -> () ->
< Protocol Handlers [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\
ipp -> Reg Data - Key not found -> File not found
msdaipp -> Reg Data - Key not found -> File not found
skype4com -> %CommonProgramFiles%\Skype\Skype4COM.dll -> Skype Technologies [Ver = 1, 0, 27, 0 | Size = 1828440 bytes | Modified Date = 12.1.2007 12:50:48 | Attr = R ]
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\
{0A5FD7C5-A45C-49FC-ADB5-9952547D5715} -> Creative Software AutoUpdate - CodeBase = http://www.creative.com/su/ocx/15026/CTSUEng.cab ->
{17492023-C23A-453E-A040-C7C580BBF700} -> Windows Genuine Advantage Validation Tool - CodeBase = http://download.microsoft.com/downl...-40e1-a617-af65a72a0465/LegitCheckControl.cab ->
{2AF5BD25-90C5-4EEC-88C5-B44DC2905D8B} -> DownloadManager Control - CodeBase = http://dlmanager.akamaitools.com.edgesuite.net/dlmanager/versions/activex/dlm-activex-2.0.6.0.cab ->
{3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} -> Office Update Installation Engine - CodeBase = http://office.microsoft.com/officeupdate/content/opuc3.cab ->
{6414512B-B978-451D-A0D8-FCFDF33E833C} -> WUWebControl Class - CodeBase = http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1144329817191 ->
{8167C273-DF59-4416-B647-C8BB2C7EE83E} -> WebSDev Control - CodeBase = http://tw.msi.com.tw/autobios/LOnline/install.cab ->
{86A88967-7A20-11D2-8EDA-00600818EDB1} -> ParallelGraphics Cortona Control - CodeBase = http://www.parallelgraphics.com/l2/bin/cortvrml.cab ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} -> Java Plug-in 1.6.0_01 - CodeBase = http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab ->
{B38870E4-7ECB-40DA-8C6A-595F0A5519FF} -> MsnMessengerSetupDownloadControl Class - CodeBase = http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab ->
{C7DB51B4-BCF7-4923-8874-7F1A0DC92277} -> Office Update Installation Engine - CodeBase = http://office.microsoft.com/officeupdate/content/opuc4.cab ->
{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_06 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab ->
{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_09 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab ->
{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_11 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab ->
{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} -> Java Plug-in 1.6.0_01 - CodeBase = http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -> Java Plug-in 1.6.0_01 - CodeBase = http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab ->
{D27CDB6E-AE6D-11CF-96B8-444553540000} -> - CodeBase = http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab ->
{F6ACF75C-C32C-447B-9BEF-46B766368D29} -> Creative Software AutoUpdate Support Package - CodeBase = http://www.creative.com/su/ocx/15028/CTPID.cab ->

[Files/Folders - Created Within 30 days]
23990098.$$$ -> %SystemDrive%\23990098.$$$ -> [Ver = | Size = 96 bytes | Created Date = 16.5.2007 18:52:14 | Attr = ]
8b97477084ac6188e7cb8220 -> %SystemDrive%\8b97477084ac6188e7cb8220 -> [Folder | Created Date = 17.5.2007 10:09:17 | Attr = ]
BOOT.BAK -> %SystemDrive%\BOOT.BAK -> [Ver = | Size = 211 bytes | Created Date = 16.5.2007 21:35:07 | Attr = RHS]
cmdcons -> %SystemDrive%\cmdcons -> [Folder | Created Date = 16.5.2007 21:34:47 | Attr = RHS]
ComboFix -> %SystemDrive%\ComboFix -> [Folder | Created Date = 18.5.2007 13:55:33 | Attr = ]
ezcddax10.exe -> %SystemDrive%\ezcddax10.exe -> [Ver = 7.0.6.1 | Size = 7716863 bytes | Created Date = 17.5.2007 11:35:39 | Attr = ]
@Alternate Data Stream - 26 bytes -> %SystemDrive%\ezcddax10.exe:Zone.Identifier ->
Firefox Setup 2.0.0.3.exe -> %SystemDrive%\Firefox Setup 2.0.0.3.exe -> Mozilla [Ver = 4.42 | Size = 5807760 bytes | Created Date = 16.5.2007 19:14:41 | Attr = ]
@Alternate Data Stream - 26 bytes -> %SystemDrive%\Firefox Setup 2.0.0.3.exe:Zone.Identifier ->
hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 1073008640 bytes | Created Date = 2.1.1601 22:00:00 | Attr = HS]
Kaspersky -> %SystemDrive%\Kaspersky -> [Folder | Created Date = 16.5.2007 18:44:39 | Attr = ]
mwav.exe -> %SystemDrive%\mwav.exe -> [Ver = | Size = 15742976 bytes | Created Date = 17.5.2007 9:57:08 | Attr = ]
@Alternate Data Stream - 26 bytes -> %SystemDrive%\mwav.exe:Zone.Identifier ->
Nokia_N95-1_UG_fi.pdf -> %SystemDrive%\Nokia_N95-1_UG_fi.pdf -> [Ver = | Size = 2443087 bytes | Created Date = 16.5.2007 18:32:54 | Attr = ]
@Alternate Data Stream - 26 bytes -> %SystemDrive%\Nokia_N95-1_UG_fi.pdf:Zone.Identifier ->
QooBox -> %SystemDrive%\QooBox -> [Folder | Created Date = 18.5.2007 14:03:39 | Attr = ]
regc.exe -> %SystemDrive%\regc.exe -> [Ver = | Size = 393920 bytes | Created Date = 16.5.2007 19:12:27 | Attr = ]
@Alternate Data Stream - 26 bytes -> %SystemDrive%\regc.exe:Zone.Identifier ->
RegSeeker.zip -> %SystemDrive%\RegSeeker.zip -> [Ver = | Size = 468541 bytes | Created Date = 17.5.2007 9:34:07 | Attr = ]
@Alternate Data Stream - 26 bytes -> %SystemDrive%\RegSeeker.zip:Zone.Identifier ->
rekisteri -> %SystemDrive%\rekisteri -> [Folder | Created Date = 17.5.2007 9:34:58 | Attr = ]
Uusi kansio (3) -> %SystemDrive%\Uusi kansio (3) -> [Folder | Created Date = 17.5.2007 8:08:17 | Attr = ]
$NtUninstallKB929969$ -> %SystemRoot%\$NtUninstallKB929969$ -> [Folder | Created Date = 15.5.2007 18:54:12 | Attr = H ]
$NtUninstallKB930916$ -> %SystemRoot%\$NtUninstallKB930916$ -> [Folder | Created Date = 12.5.2007 16:30:26 | Attr = H ]
$NtUninstallKB931768$ -> %SystemRoot%\$NtUninstallKB931768$ -> [Folder | Created Date = 15.5.2007 19:18:22 | Attr = H ]
000001_.tmp -> %SystemRoot%\000001_.tmp -> [Ver = | Size = 19528 bytes | Created Date = 17.5.2007 13:10:01 | Attr = ]
catchme.exe -> %SystemRoot%\catchme.exe -> [Ver = | Size = 86528 bytes | Created Date = 18.5.2007 14:27:21 | Attr = ]
erdnt -> %SystemRoot%\erdnt -> [Folder | Created Date = 18.5.2007 14:05:37 | Attr = ]
ie7 -> %SystemRoot%\ie7 -> [Folder | Created Date = 17.5.2007 9:48:51 | Attr = H ]
nircmd.exe -> %SystemRoot%\nircmd.exe -> NirSoft [Ver = 1.85 | Size = 49152 bytes | Created Date = 18.5.2007 14:27:21 | Attr = ]
Prefetch -> %SystemRoot%\Prefetch -> [Folder | Created Date = 16.5.2007 15:03:58 | Attr = ]
setup.pss -> %SystemRoot%\setup.pss -> [Folder | Created Date = 16.5.2007 21:34:45 | Attr = ]
slrundll.exe -> %SystemRoot%\slrundll.exe -> Smart Link [Ver = 3.80.01MC15 | Size = 32866 bytes | Created Date = 17.5.2007 13:22:43 | Attr = ]
ati2cqag.dll -> %System32%\ati2cqag.dll -> ATI Technologies Inc. [Ver = 6.14.10.0233 | Size = 229376 bytes | Created Date = 17.5.2007 13:22:46 | Attr = ]
ati2dvaa.dll -> %System32%\ati2dvaa.dll -> ATI Technologies Inc. [Ver = 6.13.10.5019 | Size = 377984 bytes | Created Date = 17.5.2007 13:22:46 | Attr = ]
ati2dvag.dll -> %System32%\ati2dvag.dll -> ATI Technologies Inc. [Ver = 6.14.10.6462 | Size = 201728 bytes | Created Date = 17.5.2007 13:22:46 | Attr = ]
ati3d1ag.dll -> %System32%\ati3d1ag.dll -> ATI Technologies Inc. [Ver = 6.14.10.4071 | Size = 870784 bytes | Created Date = 17.5.2007 13:22:46 | Attr = ]
ati3duag.dll -> %System32%\ati3duag.dll -> ATI Technologies Inc. [Ver = 6.14.10.0231 | Size = 1888992 bytes | Created Date = 17.5.2007 13:22:45 | Attr = ]
ativdaxx.ax -> %System32%\ativdaxx.ax -> ATI Technologies Inc. [Ver = 6.14.10.6238 | Size = 9728 bytes | Created Date = 17.5.2007 13:22:45 | Attr = ]
ativmvxx.ax -> %System32%\ativmvxx.ax -> ATI Technologies Inc. [Ver = 6.14.10.6238 | Size = 23040 bytes | Created Date = 17.5.2007 13:22:45 | Attr = ]
ativtmxx.dll -> %System32%\ativtmxx.dll -> ATI Technologies Inc. [Ver = 6.14.10.6238 | Size = 32768 bytes | Created Date = 17.5.2007 13:22:45 | Attr = ]
ativvaxx.dll -> %System32%\ativvaxx.dll -> ATI Technologies Inc. [Ver = 6.14.01.0009 | Size = 516768 bytes | Created Date = 17.5.2007 13:22:45 | Attr = ]
DivX.dll -> %System32%\DivX.dll -> DivX, Inc. [Ver = 6.6.1.1 | Size = 740442 bytes | Created Date = 11.5.2007 6:37:15 | Attr = ]
DivXCodecUpdateChecker.exe -> %System32%\DivXCodecUpdateChecker.exe -> DivX, Inc. [Ver = 6, 2, 5, 7 | Size = 124472 bytes | Created Date = 23.4.2007 2:01:46 | Attr = ]
divxdec.ax -> %System32%\divxdec.ax -> DivX, Inc. [Ver = 6.6.1.1 | Size = 638976 bytes | Created Date = 11.5.2007 3:32:25 | Attr = ]
DivXMedia.ax -> %System32%\DivXMedia.ax -> DivXNetworks [Ver = 0.0.0.028 | Size = 352401 bytes | Created Date = 23.4.2007 2:02:12 | Attr = ]
DivXsm.exe -> %System32%\DivXsm.exe -> DivX Inc. [Ver = 6, 6, 1, 1 | Size = 524288 bytes | Created Date = 11.5.2007 19:54:15 | Attr = ]
divxsm.tlb -> %System32%\divxsm.tlb -> [Ver = | Size = 4816 bytes | Created Date = 11.5.2007 19:54:15 | Attr = ]
DivXWMPExtType.dll -> %System32%\DivXWMPExtType.dll -> [Ver = | Size = 12288 bytes | Created Date = 23.4.2007 2:01:47 | Attr = ]
divx_xx07.dll -> %System32%\divx_xx07.dll -> DivX, Inc. [Ver = 6.6.1.1 | Size = 823296 bytes | Created Date = 11.5.2007 6:37:15 | Attr = ]
divx_xx0c.dll -> %System32%\divx_xx0c.dll -> DivX, Inc. [Ver = 6.6.1.1 | Size = 823296 bytes | Created Date = 11.5.2007 6:37:15 | Attr = ]
divx_xx11.dll -> %System32%\divx_xx11.dll -> DivX, Inc. [Ver = 6.6.1.1 | Size = 802816 bytes | Created Date = 11.5.2007 6:37:15 | Attr = ]
dpu10.dll -> %System32%\dpu10.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 294912 bytes | Created Date = 23.4.2007 2:02:31 | Attr = ]
dpuGUI10.dll -> %System32%\dpuGUI10.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 53248 bytes | Created Date = 23.4.2007 2:02:33 | Attr = ]
dpus11.dll -> %System32%\dpus11.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 344064 bytes | Created Date = 23.4.2007 2:02:31 | Attr = ]
dtu100.dll -> %System32%\dtu100.dll -> DivX, Inc. [Ver = 1, 2, 0, 12 | Size = 196608 bytes | Created Date = 23.4.2007 2:02:34 | Attr = ]
GDIPFONTCACHEV1.DAT -> %System32%\GDIPFONTCACHEV1.DAT -> [Ver = | Size = 89632 bytes | Created Date = 16.5.2007 13:34:29 | Attr = ]
hsfcisp2.dll -> %System32%\hsfcisp2.dll -> Conexant Systems, Inc. [Ver = 7.12.09 | Size = 32285 bytes | Created Date = 17.5.2007 13:22:44 | Attr = ]
java.exe -> %System32%\java.exe -> Sun Microsystems, Inc. [Ver = 6.0.10.6 | Size = 135168 bytes | Created Date = 16.5.2007 18:35:58 | Attr = ]
javacpl.cpl -> %System32%\javacpl.cpl -> Sun Microsystems, Inc. [Ver = 6.0.10.6 | Size = 69632 bytes | Created Date = 16.5.2007 18:35:59 | Attr = ]
javaw.exe -> %System32%\javaw.exe -> Sun Microsystems, Inc. [Ver = 6.0.10.6 | Size = 135168 bytes | Created Date = 16.5.2007 18:35:58 | Attr = ]
javaws.exe -> %System32%\javaws.exe -> Sun Microsystems, Inc. [Ver = 6.0.10.6 | Size = 139264 bytes | Created Date = 16.5.2007 18:35:58 | Attr = ]
mdmxsdk.dll -> %System32%\mdmxsdk.dll -> Conexant [Ver = 1.0.2.006 | Size = 86016 bytes | Created Date = 17.5.2007 13:22:44 | Attr = ]
moveex.exe -> %System32%\moveex.exe -> [Ver = | Size = 38400 bytes | Created Date = 18.5.2007 14:27:21 | Attr = ]
mtxparhd.dll -> %System32%\mtxparhd.dll -> Matrox Graphics Inc. [Ver = 6.13.01.1296 | Size = 1737856 bytes | Created Date = 17.5.2007 13:22:44 | Attr = ]
pxafs.dll -> %System32%\pxafs.dll -> Sonic Solutions [Ver = 3.4.46.500 | Size = 129784 bytes | Created Date = 16.5.2007 21:44:56 | Attr = ]
relog_ap.dll -> %System32%\relog_ap.dll -> Acronis [Ver = 1,0,0,10 | Size = 14368 bytes | Created Date = 12.5.2007 20:45:19 | Attr = ]
s3gnb.dll -> %System32%\s3gnb.dll -> S3 Graphics, Inc. [Ver = 6.14.10.0012-13.94.12 | Size = 397056 bytes | Created Date = 17.5.2007 13:22:43 | Attr = ]
slcoinst.dll -> %System32%\slcoinst.dll -> Smart Link [Ver = 3.80.01MC15 | Size = 73832 bytes | Created Date = 17.5.2007 13:22:43 | Attr = ]
slextspk.dll -> %System32%\slextspk.dll -> Smart Link [Ver = 3.80.01MC15 | Size = 286792 bytes | Created Date = 17.5.2007 13:22:43 | Attr = ]
slgen.dll -> %System32%\slgen.dll -> Smart Link [Ver = 3.80.01MC15 | Size = 188508 bytes | Created Date = 17.5.2007 13:22:43 | Attr = ]
slrundll.exe -> %System32%\slrundll.exe -> Smart Link [Ver = 3.80.01MC15 | Size = 32866 bytes | Created Date = 17.5.2007 13:22:43 | Attr = ]
slserv.exe -> %System32%\slserv.exe -> Smart Link [Ver = 3.80.01MC15 | Size = 73796 bytes | Created Date = 17.5.2007 13:22:43 | Attr = ]
swreg.exe -> %System32%\swreg.exe -> SteelWerX [Ver = 2.0.1.6 | Size = 428032 bytes | Created Date = 18.5.2007 14:27:21 | Attr = ]
swsc.exe -> %System32%\swsc.exe -> SteelWerX [Ver = 2.0.0.0 | Size = 370688 bytes | Created Date = 18.5.2007 14:27:21 | Attr = ]
swxcacls.exe -> %System32%\swxcacls.exe -> SteelWerX [Ver = 1.0.1.1 | Size = 212480 bytes | Created Date = 18.5.2007 14:27:21 | Attr = ]
vfind.exe -> %System32%\vfind.exe -> [Ver = | Size = 49152 bytes | Created Date = 18.5.2007 14:27:21 | Attr = ]
adv01nt5.dll -> %System32%\drivers\adv01nt5.dll -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 4255 bytes | Created Date = 17.5.2007 13:23:00 | Attr = ]
adv02nt5.dll -> %System32%\drivers\adv02nt5.dll -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 3967 bytes | Created Date = 17.5.2007 13:23:00 | Attr = ]
adv05nt5.dll -> %System32%\drivers\adv05nt5.dll -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 3615 bytes | Created Date = 17.5.2007 13:23:00 | Attr = ]
adv07nt5.dll -> %System32%\drivers\adv07nt5.dll -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 3647 bytes | Created Date = 17.5.2007 13:23:00 | Attr = ]
adv08nt5.dll -> %System32%\drivers\adv08nt5.dll -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 3135 bytes | Created Date = 17.5.2007 13:23:00 | Attr = ]
adv09nt5.dll -> %System32%\drivers\adv09nt5.dll -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 3711 bytes | Created Date = 17.5.2007 13:23:00 | Attr = ]
adv11nt5.dll -> %System32%\drivers\adv11nt5.dll -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 3775 bytes | Created Date = 17.5.2007 13:23:00 | Attr = ]
ati1btxx.sys -> %System32%\drivers\ati1btxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 56623 bytes | Created Date = 17.5.2007 13:23:00 | Attr = ]
ati1mdxx.sys -> %System32%\drivers\ati1mdxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 11615 bytes | Created Date = 17.5.2007 13:23:00 | Attr = ]
ati1pdxx.sys -> %System32%\drivers\ati1pdxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 12047 bytes | Created Date = 17.5.2007 13:23:00 | Attr = ]
ati1raxx.sys -> %System32%\drivers\ati1raxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 30671 bytes | Created Date = 17.5.2007 13:23:00 | Attr = ]
ati1rvxx.sys -> %System32%\drivers\ati1rvxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 63663 bytes | Created Date = 17.5.2007 13:23:00 | Attr = ]
ati1snxx.sys -> %System32%\drivers\ati1snxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 26367 bytes | Created Date = 17.5.2007 13:23:00 | Attr = ]
ati1ttxx.sys -> %System32%\drivers\ati1ttxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 21343 bytes | Created Date = 17.5.2007 13:23:00 | Attr = ]
ati1tuxx.sys -> %System32%\drivers\ati1tuxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 36463 bytes | Created Date = 17.5.2007 13:23:00 | Attr = ]
ati1xbxx.sys -> %System32%\drivers\ati1xbxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 29455 bytes | Created Date = 17.5.2007 13:23:00 | Attr = ]
ati1xsxx.sys -> %System32%\drivers\ati1xsxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 34735 bytes | Created Date = 17.5.2007 13:23:00 | Attr = ]
ati2mtaa.sys -> %System32%\drivers\ati2mtaa.sys -> ATI Technologies Inc. [Ver = 6.13.10.5019 | Size = 326912 bytes | Created Date = 17.5.2007 13:22:59 | Attr = ]
ati2mtag.sys -> %System32%\drivers\ati2mtag.sys -> ATI Technologies Inc. [Ver = 6.14.10.6462 | Size = 701440 bytes | Created Date = 17.5.2007 13:22:59 | Attr = ]
atinbtxx.sys -> %System32%\drivers\atinbtxx.sys -> ATI Technologies Inc. [Ver = 6.14.10.6238 | Size = 57856 bytes | Created Date = 17.5.2007 13:22:59 | Attr = ]
atinmdxx.sys -> %System32%\drivers\atinmdxx.sys -> ATI Technologies Inc. [Ver = 6.14.10.6238 | Size = 13824 bytes | Created Date = 17.5.2007 13:22:59 | Attr = ]
atinpdxx.sys -> %System32%\drivers\atinpdxx.sys -> ATI Technologies Inc. [Ver = 6.14.10.6238 | Size = 14336 bytes | Created Date = 17.5.2007 13:22:59 | Attr = ]
atinraxx.sys -> %System32%\drivers\atinraxx.sys -> ATI Technologies Inc. [Ver = 6.14.10.6238 | Size = 52224 bytes | Created Date = 17.5.2007 13:22:59 | Attr = ]
atinrvxx.sys -> %System32%\drivers\atinrvxx.sys -> ATI Technologies Inc. [Ver = 6.14.10.6238 | Size = 104960 bytes | Created Date = 17.5.2007 13:22:59 | Attr = ]
atinsnxx.sys -> %System32%\drivers\atinsnxx.sys -> ATI Technologies Inc. [Ver = 6.14.10.6238 | Size = 28672 bytes | Created Date = 17.5.2007 13:22:59 | Attr = ]
atinttxx.sys -> %System32%\drivers\atinttxx.sys -> ATI Technologies Inc. [Ver = 6.14.10.6238 | Size = 13824 bytes | Created Date = 17.5.2007 13:22:59 | Attr = ]
atintuxx.sys -> %System32%\drivers\atintuxx.sys -> ATI Technologies Inc. [Ver = 6.14.10.6238 | Size = 73216 bytes | Created Date = 17.5.2007 13:22:59 | Attr = ]
atinxbxx.sys -> %System32%\drivers\atinxbxx.sys -> ATI Technologies Inc. [Ver = 6.14.10.6238 | Size = 31744 bytes | Created Date = 17.5.2007 13:22:59 | Attr = ]
atinxsxx.sys -> %System32%\drivers\atinxsxx.sys -> ATI Technologies Inc. [Ver = 6.14.10.6238 | Size = 63488 bytes | Created Date = 17.5.2007 13:22:59 | Attr = ]
ativmc20.cod -> %System32%\drivers\ativmc20.cod -> [Ver = | Size = 64352 bytes | Created Date = 17.5.2007 13:22:59 | Attr = ]
atv01nt5.dll -> %System32%\drivers\atv01nt5.dll -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 21183 bytes | Created Date = 17.5.2007 13:22:59 | Attr = ]
atv02nt5.dll -> %System32%\drivers\atv02nt5.dll -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 11359 bytes | Created Date = 17.5.2007 13:22:59 | Attr = ]
atv04nt5.dll -> %System32%\drivers\atv04nt5.dll -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 25471 bytes | Created Date = 17.5.2007 13:22:59 | Attr = ]
atv06nt5.dll -> %System32%\drivers\atv06nt5.dll -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 14143 bytes | Created Date = 17.5.2007 13:22:59 | Attr = ]
atv10nt5.dll -> %System32%\drivers\atv10nt5.dll -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 17279 bytes | Created Date = 17.5.2007 13:22:59 | Attr = ]
AvgAsCln.sys -> %System32%\drivers\AvgAsCln.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 3968 bytes | Created Date = 18.5.2007 15:23:46 | Attr = ]
cdr4_xp.sys -> %System32%\drivers\cdr4_xp.sys -> Sonic Solutions [Ver = 8.0.0.212 | Size = 2432 bytes | Created Date = 16.5.2007 21:45:02 | Attr = ]
cdralw2k.sys -> %System32%\drivers\cdralw2k.sys -> Sonic Solutions [Ver = 8.0.0.212 | Size = 2560 bytes | Created Date = 16.5.2007 21:45:02 | Attr = ]
ch7xxnt5.dll -> %System32%\drivers\ch7xxnt5.dll -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 15423 bytes | Created Date = 17.5.2007 13:22:58 | Attr = ]
cxthsfs2.cty -> %System32%\drivers\cxthsfs2.cty -> [Ver = | Size = 129045 bytes | Created Date = 17.5.2007 13:22:56 | Attr = ]
hsfbs2s2.sys -> %System32%\drivers\hsfbs2s2.sys -> Conexant Systems, Inc. [Ver = 7.12.09 | Size = 220032 bytes | Created Date = 17.5.2007 13:22:55 | Attr = ]
hsfcxts2.sys -> %System32%\drivers\hsfcxts2.sys -> Conexant Systems, Inc. [Ver = 7.12.09 built by: WinDDK | Size = 685056 bytes | Created Date = 17.5.2007 13:22:55 | Attr = ]
hsfdpsp2.sys -> %System32%\drivers\hsfdpsp2.sys -> Conexant Systems, Inc. [Ver = 7.12.09 | Size = 1041536 bytes | Created Date = 17.5.2007 13:22:55 | Attr = ]
mdmxsdk.sys -> %System32%\drivers\mdmxsdk.sys -> Conexant [Ver = 1.0.2.006 | Size = 11868 bytes | Created Date = 17.5.2007 13:22:55 | Attr = ]
mtlmnt5.sys -> %System32%\drivers\mtlmnt5.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 126686 bytes | Created Date = 17.5.2007 13:22:54 | Attr = ]
mtlstrm.sys -> %System32%\drivers\mtlstrm.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 1309184 bytes | Created Date = 17.5.2007 13:22:53 | Attr = ]
mtxparhm.sys -> %System32%\drivers\mtxparhm.sys -> Matrox Graphics Inc. [Ver = 6.13.01.1296 | Size = 452736 bytes | Created Date = 17.5.2007 13:22:53 | Attr = ]
netwlan5.img -> %System32%\drivers\netwlan5.img -> [Ver = | Size = 67866 bytes | Created Date = 17.5.2007 13:22:52 | Attr = ]
ntmtlfax.sys -> %System32%\drivers\ntmtlfax.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 180360 bytes | Created Date = 17.5.2007 13:22:52 | Attr = ]
recagent.sys -> %System32%\drivers\recagent.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 13776 bytes | Created Date = 17.5.2007 13:22:52 | Attr = ]
s3gnbm.sys -> %System32%\drivers\s3gnbm.sys -> S3 Graphics, Inc. [Ver = 6.14.10.0012-13.94.12 | Size = 166912 bytes | Created Date = 17.5.2007 13:22:51 | Attr = ]
siint5.dll -> %System32%\drivers\siint5.dll -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 3901 bytes | Created Date = 17.5.2007 13:22:51 | Attr = ]
slnt7554.sys -> %System32%\drivers\slnt7554.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 129535 bytes | Created Date = 17.5.2007 13:22:51 | Attr = ]
slntamr.sys -> %System32%\drivers\slntamr.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 404990 bytes | Created Date = 17.5.2007 13:22:51 | Attr = ]
slnthal.sys -> %System32%\drivers\slnthal.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 95424 bytes | Created Date = 17.5.2007 13:22:51 | Attr = ]
slwdmsup.sys -> %System32%\drivers\slwdmsup.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 13240 bytes | Created Date = 17.5.2007 13:22:51 | Attr = ]
vchnt5.dll -> %System32%\drivers\vchnt5.dll -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 11325 bytes | Created Date = 17.5.2007 13:22:51 | Attr = ]
wadv07nt.sys -> %System32%\drivers\wadv07nt.sys -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 11807 bytes | Created Date = 17.5.2007 13:22:51 | Attr = ]
wadv08nt.sys -> %System32%\drivers\wadv08nt.sys -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 11295 bytes | Created Date = 17.5.2007 13:22:51 | Attr = ]
wadv09nt.sys -> %System32%\drivers\wadv09nt.sys -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 11871 bytes | Created Date = 17.5.2007 13:22:51 | Attr = ]
wadv11nt.sys -> %System32%\drivers\wadv11nt.sys -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 11935 bytes | Created Date = 17.5.2007 13:22:51 | Attr = ]
watv06nt.sys -> %System32%\drivers\watv06nt.sys -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 22271 bytes | Created Date = 17.5.2007 13:22:51 | Attr = ]
watv10nt.sys -> %System32%\drivers\watv10nt.sys -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 25471 bytes | Created Date = 17.5.2007 13:22:46 | Attr = ]

[Files/Folders - Modified Within 30 days]
23990098.$$$ -> %SystemDrive%\23990098.$$$ -> [Ver = | Size = 96 bytes | Modified Date = 16.5.2007 19:52:16 | Attr = ]
8b97477084ac6188e7cb8220 -> %SystemDrive%\8b97477084ac6188e7cb8220 -> [Folder | Modified Date = 17.5.2007 11:09:20 | Attr = ]
AMMATTI -> %SystemDrive%\AMMATTI -> [Folder | Modified Date = 16.5.2007 14:22:40 | Attr = ]
BOOT.BAK -> %SystemDrive%\BOOT.BAK -> [Ver = | Size = 211 bytes | Modified Date = 17.5.2007 14:28:48 | Attr = RHS]
boot.ini -> %SystemDrive%\boot.ini -> [Ver = | Size = 286 bytes | Modified Date = 16.5.2007 22:35:10 | Attr = RHS]
cmdcons -> %SystemDrive%\cmdcons -> [Folder | Modified Date = 16.5.2007 22:35:10 | Attr = RHS]
ComboFix -> %SystemDrive%\ComboFix -> [Folder | Modified Date = 18.5.2007 15:28:46 | Attr = ]
Config.Msi -> %SystemDrive%\Config.Msi -> [Folder | Modified Date = 16.5.2007 19:50:44 | Attr = ]
Documents and Settings -> %SystemDrive%\Documents and Settings -> [Folder | Modified Date = 17.5.2007 8:50:30 | Attr = ]
epc -> %SystemDrive%\epc -> [Folder | Modified Date = 9.5.2007 19:34:30 | Attr = ]
ezcddax10.exe -> %SystemDrive%\ezcddax10.exe -> [Ver = 7.0.6.1 | Size = 7716863 bytes | Modified Date = 17.5.2007 12:37:44 | Attr = ]
@Alternate Data Stream - 26 bytes -> %SystemDrive%\ezcddax10.exe:Zone.Identifier ->
Firefox Setup 2.0.0.3.exe -> %SystemDrive%\Firefox Setup 2.0.0.3.exe -> Mozilla [Ver = 4.42 | Size = 5807760 bytes | Modified Date = 16.5.2007 20:23:18 | Attr = ]
@Alternate Data Stream - 26 bytes -> %SystemDrive%\Firefox Setup 2.0.0.3.exe:Zone.Identifier ->
hi -> %SystemDrive%\hi -> [Folder | Modified Date = 18.5.2007 12:56:10 | Attr = ]
hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 1073008640 bytes | Modified Date = 19.5.2007 22:34:04 | Attr = HS]
Kaspersky -> %SystemDrive%\Kaspersky -> [Folder | Modified Date = 16.5.2007 19:47:38 | Attr = ]
mwav.exe -> %SystemDrive%\mwav.exe -> [Ver = | Size = 15742976 bytes | Modified Date = 17.5.2007 10:57:18 | Attr = ]
@Alternate Data Stream - 26 bytes -> %SystemDrive%\mwav.exe:Zone.Identifier ->
Nokia_N95-1_UG_fi.pdf -> %SystemDrive%\Nokia_N95-1_UG_fi.pdf -> [Ver = | Size = 2443087 bytes | Modified Date = 16.5.2007 19:33:04 | Attr = ]
@Alternate Data Stream - 26 bytes -> %SystemDrive%\Nokia_N95-1_UG_fi.pdf:Zone.Identifier ->
poltetut -> %SystemDrive%\poltetut -> [Folder | Modified Date = 11.5.2007 22:45:26 | Attr = ]
Program Files -> %ProgramFiles% -> [Folder | Modified Date = 18.5.2007 16:23:40 | Attr = R ]
QooBox -> %SystemDrive%\QooBox -> [Folder | Modified Date = 18.5.2007 15:03:40 | Attr = ]
RECYCLER -> %SystemDrive%\RECYCLER -> [Folder | Modified Date = 17.5.2007 8:55:12 | Attr = HS]
regc.exe -> %SystemDrive%\regc.exe -> [Ver = | Size = 393920 bytes | Modified Date = 16.5.2007 20:14:32 | Attr = ]
@Alternate Data Stream - 26 bytes -> %SystemDrive%\regc.exe:Zone.Identifier ->
RegSeeker.zip -> %SystemDrive%\RegSeeker.zip -> [Ver = | Size = 468541 bytes | Modified Date = 17.5.2007 10:34:34 | Attr = ]
@Alternate Data Stream - 26 bytes -> %SystemDrive%\RegSeeker.zip:Zone.Identifier ->
rekisteri -> %SystemDrive%\rekisteri -> [Folder | Modified Date = 17.5.2007 10:37:52 | Attr = ]
saab -> %SystemDrive%\saab -> [Folder | Modified Date = 30.4.2007 8:49:06 | Attr = ]
sqmdata00.sqm -> %SystemDrive%\sqmdata00.sqm -> [Ver = | Size = 268 bytes | Modified Date = 16.5.2007 23:34:44 | Attr = H ]
sqmdata01.sqm -> %SystemDrive%\sqmdata01.sqm -> [Ver = | Size = 268 bytes | Modified Date = 17.5.2007 10:49:56 | Attr = H ]
sqmdata02.sqm -> %SystemDrive%\sqmdata02.sqm -> [Ver = | Size = 268 bytes | Modified Date = 17.5.2007 11:02:26 | Attr = H ]
sqmdata03.sqm -> %SystemDrive%\sqmdata03.sqm -> [Ver = | Size = 268 bytes | Modified Date = 17.5.2007 12:47:48 | Attr = H ]
sqmdata04.sqm -> %SystemDrive%\sqmdata04.sqm -> [Ver = | Size = 268 bytes | Modified Date = 17.5.2007 13:24:40 | Attr = H ]
sqmdata05.sqm -> %SystemDrive%\sqmdata05.sqm -> [Ver = | Size = 268 bytes | Modified Date = 17.5.2007 13:39:52 | Attr = H ]
sqmdata06.sqm -> %SystemDrive%\sqmdata06.sqm -> [Ver = | Size = 268 bytes | Modified Date = 18.5.2007 12:43:40 | Attr = H ]
sqmdata07.sqm -> %SystemDrive%\sqmdata07.sqm -> [Ver = | Size = 268 bytes | Modified Date = 18.5.2007 22:05:40 | Attr = H ]
sqmdata08.sqm -> %SystemDrive%\sqmdata08.sqm -> [Ver = | Size = 268 bytes | Modified Date = 19.5.2007 8:34:14 | Attr = H ]
sqmdata09.sqm -> %SystemDrive%\sqmdata09.sqm -> [Ver = | Size = 232 bytes | Modified Date = 19.5.2007 8:36:54 | Attr = H ]
sqmdata10.sqm -> %SystemDrive%\sqmdata10.sqm -> [Ver = | Size = 232 bytes | Modified Date = 19.5.2007 8:38:58 | Attr = H ]
sqmdata11.sqm -> %SystemDrive%\sqmdata11.sqm -> [Ver = | Size = 268 bytes | Modified Date = 16.5.2007 15:00:14 | Attr = H ]
sqmdata12.sqm -> %SystemDrive%\sqmdata12.sqm -> [Ver = | Size = 268 bytes | Modified Date = 16.5.2007 16:04:18 | Attr = H ]
sqmdata13.sqm -> %SystemDrive%\sqmdata13.sqm -> [Ver = | Size = 268 bytes | Modified Date = 17.5.2007 0:19:44 | Attr = H ]
sqmdata14.sqm -> %SystemDrive%\sqmdata14.sqm -> [Ver = | Size = 268 bytes | Modified Date = 17.5.2007 8:48:26 | Attr = H ]
sqmdata15.sqm -> %SystemDrive%\sqmdata15.sqm -> [Ver = | Size = 268 bytes | Modified Date = 17.5.2007 9:12:10 | Attr = H ]
sqmdata16.sqm -> %SystemDrive%\sqmdata16.sqm -> [Ver = | Size = 268 bytes | Modified Date = 17.5.2007 10:59:30 | Attr = H ]
sqmdata17.sqm -> %SystemDrive%\sqmdata17.sqm -> [Ver = | Size = 268 bytes | Modified Date = 17.5.2007 12:02:02 | Attr = H ]
sqmdata18.sqm -> %SystemDrive%\sqmdata18.sqm -> [Ver = | Size = 268 bytes | Modified Date = 16.5.2007 19:37:26 | Attr = H ]
sqmdata19.sqm -> %SystemDrive%\sqmdata19.sqm -> [Ver = | Size = 268 bytes | Modified Date = 16.5.2007 20:33:14 | Attr = H ]
sqmnoopt00.sqm -> %SystemDrive%\sqmnoopt00.sqm -> [Ver = | Size = 244 bytes | Modified Date = 16.5.2007 23:34:44 | Attr = H ]
sqmnoopt01.sqm -> %SystemDrive%\sqmnoopt01.sqm -> [Ver = | Size = 244 bytes | Modified Date = 17.5.2007 10:49:56 | Attr = H ]
sqmnoopt02.sqm -> %SystemDrive%\sqmnoopt02.sqm -> [Ver = | Size = 244 bytes | Modified Date = 17.5.2007 11:02:26 | Attr = H ]
sqmnoopt03.sqm -> %SystemDrive%\sqmnoopt03.sqm -> [Ver = | Size = 244 bytes | Modified Date = 17.5.2007 12:47:48 | Attr = H ]
sqmnoopt04.sqm -> %SystemDrive%\sqmnoopt04.sqm -> [Ver = | Size = 244 bytes | Modified Date = 17.5.2007 13:24:40 | Attr = H ]
sqmnoopt05.sqm -> %SystemDrive%\sqmnoopt05.sqm -> [Ver = | Size = 244 bytes | Modified Date = 17.5.2007 13:39:52 | Attr = H ]
sqmnoopt06.sqm -> %SystemDrive%\sqmnoopt06.sqm -> [Ver = | Size = 244 bytes | Modified Date = 18.5.2007 12:43:38 | Attr = H ]
sqmnoopt07.sqm -> %SystemDrive%\sqmnoopt07.sqm -> [Ver = | Size = 244 bytes | Modified Date = 18.5.2007 22:05:40 | Attr = H ]
sqmnoopt08.sqm -> %SystemDrive%\sqmnoopt08.sqm -> [Ver = | Size = 244 bytes | Modified Date = 19.5.2007 8:34:12 | Attr = H ]
sqmnoopt09.sqm -> %SystemDrive%\sqmnoopt09.sqm -> [Ver = | Size = 244 bytes | Modified Date = 19.5.2007 8:36:54 | Attr = H ]
sqmnoopt10.sqm -> %SystemDrive%\sqmnoopt10.sqm -> [Ver = | Size = 244 bytes | Modified Date = 19.5.2007 8:38:58 | Attr = H ]
sqmnoopt11.sqm -> %SystemDrive%\sqmnoopt11.sqm -> [Ver = | Size = 244 bytes | Modified Date = 16.5.2007 15:00:14 | Attr = H ]
sqmnoopt12.sqm -> %SystemDrive%\sqmnoopt12.sqm -> [Ver = | Size = 244 bytes | Modified Date = 16.5.2007 16:04:18 | Attr = H ]
sqmnoopt13.sqm -> %SystemDrive%\sqmnoopt13.sqm -> [Ver = | Size = 244 bytes | Modified Date = 17.5.2007 0:19:44 | Attr = H ]
sqmnoopt14.sqm -> %SystemDrive%\sqmnoopt14.sqm -> [Ver = | Size = 244 bytes | Modified Date = 17.5.2007 8:48:26 | Attr = H ]
sqmnoopt15.sqm -> %SystemDrive%\sqmnoopt15.sqm -> [Ver = | Size = 244 bytes | Modified Date = 17.5.2007 9:12:10 | Attr = H ]
sqmnoopt16.sqm -> %SystemDrive%\sqmnoopt16.sqm -> [Ver = | Size = 244 bytes | Modified Date = 17.5.2007 10:59:30 | Attr = H ]
sqmnoopt17.sqm -> %SystemDrive%\sqmnoopt17.sqm -> [Ver = | Size = 244 bytes | Modified Date = 17.5.2007 12:02:02 | Attr = H ]
sqmnoopt18.sqm -> %SystemDrive%\sqmnoopt18.sqm -> [Ver = | Size = 244 bytes | Modified Date = 16.5.2007 19:37:26 | Attr = H ]
sqmnoopt19.sqm -> %SystemDrive%\sqmnoopt19.sqm -> [Ver = | Size = 244 bytes | Modified Date = 16.5.2007 20:33:14 | Attr = H ]
Uusi kansio (3) -> %SystemDrive%\Uusi kansio (3) -> [Folder | Modified Date = 17.5.2007 9:11:14 | Attr = ]
VIDEO_TS -> %SystemDrive%\VIDEO_TS -> [Folder | Modified Date = 27.4.2007 21:55:54 | Attr = ]
WINDOWS -> %SystemRoot% -> [Folder | Modified Date = 19.5.2007 22:34:58 | Attr = ]
WMR Recordings -> %SystemDrive%\WMR Recordings -> [Folder | Modified Date = 30.4.2007 22:16:18 | Attr = ]
WPLDEMO -> %SystemDrive%\WPLDEMO -> [Folder | Modified Date = 16.5.2007 14:22:06 | Attr = ]
$hf_mig$ -> %SystemRoot%\$hf_mig$ -> [Folder | Modified Date = 18.5.2007 12:46:10 | Attr = H ]
$NtUninstallKB929969$ -> %SystemRoot%\$NtUninstallKB929969$ -> [Folder | Modified Date = 17.5.2007 9:23:12 | Attr = H ]
$NtUninstallKB930916$ -> %SystemRoot%\$NtUninstallKB930916$ -> [Folder | Modified Date = 16.5.2007 15:57:52 | Attr = H ]
$NtUninstallKB931768$ -> %SystemRoot%\$NtUninstallKB931768$ -> [Folder | Modified Date = 17.5.2007 9:31:28 | Attr = H ]
bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 19.5.2007 22:34:06 | Attr = S]
catchme.exe -> %SystemRoot%\catchme.exe -> [Ver = | Size = 86528 bytes | Modified Date = 21.4.2007 3:52:22 | Attr = ]
Debug -> %SystemRoot%\Debug -> [Folder | Modified Date = 11.5.2007 10:29:08 | Attr = ]
Easy CD-DA Extractor -> %SystemRoot%\Easy CD-DA Extractor -> [Folder | Modified Date = 17.5.2007 12:37:48 | Attr = ]
ehome -> %SystemRoot%\ehome -> [Folder | Modified Date = 17.5.2007 14:08:16 | Attr = ]
erdnt -> %SystemRoot%\erdnt -> [Folder | Modified Date = 18.5.2007 15:05:38 | Attr = ]
Fonts -> %SystemRoot%\Fonts -> [Folder | Modified Date = 16.5.2007 19:50:12 | Attr = R S]
Help -> %SystemRoot%\Help -> [Folder | Modified Date = 17.5.2007 13:14:04 | Attr = ]
ie7 -> %SystemRoot%\ie7 -> [Folder | Modified Date = 17.5.2007 10:49:00 | Attr = H ]
ie7updates -> %SystemRoot%\ie7updates -> [Folder | Modified Date = 19.5.2007 8:38:48 | Attr = ]
imsins.BAK -> %SystemRoot%\imsins.BAK -> [Ver = | Size = 1374 bytes | Modified Date = 17.5.2007 13:22:06 | Attr = ]
inf -> %SystemRoot%\inf -> [Folder | Modified Date = 19.5.2007 8:39:54 | Attr = H ]
INFOMAN.INI -> %SystemRoot%\INFOMAN.INI -> [Ver = | Size = 290 bytes | Modified Date = 17.5.2007 12:40:22 | Attr = ]
Installer -> %SystemRoot%\Installer -> [Folder | Modified Date = 16.5.2007 19:50:44 | Attr = HS]
Media -> %SystemRoot%\Media -> [Folder | Modified Date = 17.5.2007 10:49:10 | Attr = ]
Minidump -> %SystemRoot%\Minidump -> [Folder | Modified Date = 10.5.2007 8:45:28 | Attr = ]
NeroDigital.ini -> %SystemRoot%\NeroDigital.ini -> [Ver = | Size = 116 bytes | Modified Date = 18.5.2007 14:51:24 | Attr = ]
network diagnostic -> %SystemRoot%\network diagnostic -> [Folder | Modified Date = 12.5.2007 17:16:54 | Attr = ]
Prefetch -> %SystemRoot%\Prefetch -> [Folder | Modified Date = 19.5.2007 22:40:22 | Attr = ]
Registration -> %SystemRoot%\Registration -> [Folder | Modified Date = 17.5.2007 12:46:32 | Attr = ]
security -> %SystemRoot%\security -> [Folder | Modified Date = 16.5.2007 19:38:16 | Attr = ]
setup.pss -> %SystemRoot%\setup.pss -> [Folder | Modified Date = 16.5.2007 22:34:46 | Attr = ]
system32 -> %System32% -> [Folder | Modified Date = 19.5.2007 22:38:28 | Attr = ]
Tasks -> %SystemRoot%\Tasks -> [Folder | Modified Date = 19.5.2007 22:37:10 | Attr = S]
Temp -> %SystemRoot%\Temp -> [Folder | Modified Date = 19.5.2007 22:35:54 | Attr = ]
VFO.INI -> %SystemRoot%\VFO.INI -> [Ver = | Size = 1289 bytes | Modified Date = 2.5.2007 11:05:24 | Attr = ]
WBEM -> %SystemRoot%\WBEM -> [Folder | Modified Date = 17.5.2007 10:49:12 | Attr = ]
win.ini -> %SystemRoot%\win.ini -> [Ver = | Size = 1050 bytes | Modified Date = 16.5.2007 19:50:36 | Attr = ]
{00000005-00000000-00000006-00001102-00000004-10071102}.BAK -> %SystemRoot%\{00000005-00000000-00000006-00001102-00000004-10071102}.BAK -> [Ver = | Size = 4958588 bytes | Modified Date = 19.5.2007 22:32:16 | Attr = ]
{00000005-00000000-00000006-00001102-00000004-10071102}.CDF -> %SystemRoot%\{00000005-00000000-00000006-00001102-00000004-10071102}.CDF -> [Ver = | Size = 4958588 bytes | Modified Date = 19.5.2007 22:34:44 | Attr = ]
AppleSoftwareUpdate.job -> %SystemRoot%\tasks\AppleSoftwareUpdate.job -> [Ver = | Size = 284 bytes | Modified Date = 12.5.2007 19:17:00 | Attr = ]
MP Scheduled Scan.job -> %SystemRoot%\tasks\MP Scheduled Scan.job -> [Ver = | Size = 330 bytes | Modified Date = 19.5.2007 22:37:12 | Attr = H ]
SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 19.5.2007 22:34:06 | Attr = H ]
Tarkistetaan Windows Live -työkalurivin päivitykset.job -> %SystemRoot%\tasks\Tarkistetaan Windows Live -työkalurivin päivitykset.job -> [Ver = | Size = 252 bytes | Modified Date = 18.5.2007 21:51:02 | Attr = ]
BMXBkpCtrlState-{00000005-00000000-00000006-00001102-00000004-10071102}.rfx -> %System32%\BMXBkpCtrlState-{00000005-00000000-00000006-00001102-00000004-10071102}.rfx -> [Ver = | Size = 30528 bytes | Modified Date = 19.5.2007 22:32:54 | Attr = ]
BMXCtrlState-{00000005-00000000-00000006-00001102-00000004-10071102}.rfx -> %System32%\BMXCtrlState-{00000005-00000000-00000006-00001102-00000004-10071102}.rfx -> [Ver = | Size = 30528 bytes | Modified Date = 19.5.2007 22:32:54 | Attr = ]
BMXState-{00000005-00000000-00000006-00001102-00000004-10071102}.rfx -> %System32%\BMXState-{00000005-00000000-00000006-00001102-00000004-10071102}.rfx -> [Ver = | Size = 31056 bytes | Modified Date = 19.5.2007 22:32:54 | Attr = ]
BMXStateBkp-{00000005-00000000-00000006-00001102-00000004-10071102}.rfx -> %System32%\BMXStateBkp-{00000005-00000000-00000006-00001102-00000004-10071102}.rfx -> [Ver = | Size = 31056 bytes | Modified Date = 19.5.2007 22:32:54 | Attr = ]
CatRoot -> %System32%\CatRoot -> [Folder | Modified Date = 19.5.2007 8:39:42 | Attr = ]
CatRoot2 -> %System32%\CatRoot2 -> [Folder | Modified Date = 19.5.2007 22:37:22 | Attr = ]
config -> %System32%\config -> [Folder | Modified Date = 18.5.2007 15:06:08 | Attr = ]
DivX.dll -> %System32%\DivX.dll -> DivX, Inc. [Ver = 6.6.1.1 | Size = 740442 bytes | Modified Date = 11.5.2007 7:37:16 | Attr = ]
DivXCodecUpdateChecker.exe -> %System32%\DivXCodecUpdateChecker.exe -> DivX, Inc. [Ver = 6, 2, 5, 7 | Size = 124472 bytes | Modified Date = 23.4.2007 3:01:48 | Attr = ]
divxdec.ax -> %System32%\divxdec.ax -> DivX, Inc. [Ver = 6.6.1.1 | Size = 638976 bytes | Modified Date = 11.5.2007 4:32:26 | Attr = ]
DivXMedia.ax -> %System32%\DivXMedia.ax -> DivXNetworks [Ver = 0.0.0.028 | Size = 352401 bytes | Modified Date = 23.4.2007 3:02:14 | Attr = ]
DivXsm.exe -> %System32%\DivXsm.exe -> DivX Inc. [Ver = 6, 6, 1, 1 | Size = 524288 bytes | Modified Date = 11.5.2007 20:54:16 | Attr = ]
divxsm.tlb -> %System32%\divxsm.tlb -> [Ver = | Size = 4816 bytes | Modified Date = 11.5.2007 20:54:16 | Attr = ]
DivXWMPExtType.dll -> %System32%\DivXWMPExtType.dll -> [Ver = | Size = 12288 bytes | Modified Date = 23.4.2007 3:01:48 | Attr = ]
divx_xx07.dll -> %System32%\divx_xx07.dll -> DivX, Inc. [Ver = 6.6.1.1 | Size = 823296 bytes | Modified Date = 11.5.2007 7:37:16 | Attr = ]
divx_xx0c.dll -> %System32%\divx_xx0c.dll -> DivX, Inc. [Ver = 6.6.1.1 | Size = 823296 bytes | Modified Date = 11.5.2007 7:37:16 | Attr = ]
divx_xx11.dll -> %System32%\divx_xx11.dll -> DivX, Inc. [Ver = 6.6.1.1 | Size = 802816 bytes | Modified Date = 11.5.2007 7:37:16 | Attr = ]
dllcache -> %System32%\dllcache -> [Folder | Modified Date = 19.5.2007 8:39:40 | Attr = RHS]
dpl100.dll -> %System32%\dpl100.dll -> DivX, Inc. [Ver = 1, 2, 0, 12 | Size = 73728 bytes | Modified Date = 23.4.2007 3:02:36 | Attr = ]
dpu10.dll -> %System32%\dpu10.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 294912 bytes | Modified Date = 23.4.2007 3:02:32 | Attr = ]
dpu11.dll -> %System32%\dpu11.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 294912 bytes | Modified Date = 23.4.2007 3:02:32 | Attr = ]
dpuGUI10.dll -> %System32%\dpuGUI10.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 53248 bytes | Modified Date = 23.4.2007 3:02:34 | Attr = ]
dpuGUI11.dll -> %System32%\dpuGUI11.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 593920 bytes | Modified Date = 23.4.2007 3:02:32 | Attr = ]
dpus11.dll -> %System32%\dpus11.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 344064 bytes | Modified Date = 23.4.2007 3:02:32 | Attr = ]
dpv11.dll -> %System32%\dpv11.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 57344 bytes | Modified Date = 23.4.2007 3:02:32 | Attr = ]
drivers -> %System32%\drivers -> [Folder | Modified Date = 18.5.2007 16:23:48 | Attr = ]
dtu100.dll -> %System32%\dtu100.dll -> DivX, Inc. [Ver = 1, 2, 0, 12 | Size = 196608 bytes | Modified Date = 23.4.2007 3:02:36 | Attr = ]
DVCState-{00000005-00000000-00000006-00001102-00000004-10071102}.rfx -> %System32%\DVCState-{00000005-00000000-00000006-00001102-00000004-10071102}.rfx -> [Ver = | Size = 11564 bytes | Modified Date = 19.5.2007 22:32:54 | Attr = ]
fi-fi -> %System32%\fi-fi -> [Folder | Modified Date = 19.5.2007 8:39:40 | Attr = ]
FNTCACHE.DAT -> %System32%\FNTCACHE.DAT -> [Ver = | Size = 434168 bytes | Modified Date = 16.5.2007 22:32:18 | Attr = ]
GDIPFONTCACHEV1.DAT -> %System32%\GDIPFONTCACHEV1.DAT -> [Ver = | Size = 89632 bytes | Modified Date = 16.5.2007 22:57:02 | Attr = ]
libdivx.dll -> %System32%\libdivx.dll -> The OpenSSL Project, http://www.openssl.org/ [Ver = 0.9.8b | Size = 1044480 bytes | Modified Date = 23.4.2007 3:15:20 | Attr = ]
nvapps.xml -> %System32%\nvapps.xml -> [Ver = | Size = 88566 bytes | Modified Date = 19.5.2007 22:34:20 | Attr = ]
perfc009.dat -> %System32%\perfc009.dat -> [Ver = | Size = 65458 bytes | Modified Date = 19.5.2007 22:38:28 | Attr = ]
perfc00B.dat -> %System32%\perfc00B.dat -> [Ver = | Size = 80008 bytes | Modified Date = 19.5.2007 22:38:28 | Attr = ]
perfh009.dat -> %System32%\perfh009.dat -> [Ver = | Size = 410360 bytes | Modified Date = 19.5.2007 22:38:28 | Attr = ]
perfh00B.dat -> %System32%\perfh00B.dat -> [Ver = | Size = 386434 bytes | Modified Date = 19.5.2007 22:38:28 | Attr = ]
PerfStringBackup.INI -> %System32%\PerfStringBackup.INI -> [Ver = | Size = 955162 bytes | Modified Date = 19.5.2007 22:38:28 | Attr = ]
px.dll -> %System32%\px.dll -> Sonic Solutions [Ver = 3.4.46.500 | Size = 527096 bytes | Modified Date = 23.4.2007 3:15:26 | Attr = ]
pxafs.dll -> %System32%\pxafs.dll -> Sonic Solutions [Ver = 3.4.46.500 | Size = 129784 bytes | Modified Date = 23.4.2007 3:15:26 | Attr = ]
pxcpya64.exe -> %System32%\pxcpya64.exe -> Sonic Solutions [Ver = 1.00.39a | Size = 64760 bytes | Modified Date = 23.4.2007 3:15:26 | Attr = ]
pxcpyi64.exe -> %System32%\pxcpyi64.exe -> Sonic Solutions [Ver = 1.00.39a | Size = 116472 bytes | Modified Date = 23.4.2007 3:15:26 | Attr = ]
pxdrv.dll -> %System32%\pxdrv.dll -> Sonic Solutions [Ver = 1.02.01a | Size = 502520 bytes | Modified Date = 23.4.2007 3:15:26 | Attr = ]
pxhpinst.exe -> %System32%\pxhpinst.exe -> Sonic Solutions [Ver = 3.00.43J | Size = 72440 bytes | Modified Date = 23.4.2007 3:15:26 | Attr = ]
pxinsa64.exe -> %System32%\pxinsa64.exe -> Sonic Solutions [Ver = 3.00.43J | Size = 64760 bytes | Modified Date = 23.4.2007 3:15:26 | Attr = ]
pxinsi64.exe -> %System32%\pxinsi64.exe -> Sonic Solutions [Ver = 3.00.43J | Size = 118520 bytes | Modified Date = 23.4.2007 3:15:26 | Attr = ]
pxmas.dll -> %System32%\pxmas.dll -> Sonic Solutions [Ver = 3.4.46.500 | Size = 183032 bytes | Modified Date = 23.4.2007 3:15:26 | Attr = ]
pxsfs.dll -> %System32%\pxsfs.dll -> Sonic Solutions [Ver = 3.4.46.500 | Size = 1329912 bytes | Modified Date = 23.4.2007 3:15:26 | Attr = ]
pxwave.dll -> %System32%\pxwave.dll -> Sonic Solutions [Ver = 3.4.46.500 | Size = 379640 bytes | Modified Date = 23.4.2007 3:15:26 | Attr = ]
qt-dx331.dll -> %System32%\qt-dx331.dll -> [Ver = | Size = 3596288 bytes | Modified Date = 23.4.2007 3:15:30 | Attr = ]
Restore -> %System32%\Restore -> [Folder | Modified Date = 16.5.2007 9:25:14 | Attr = ]
settings.sfm -> %System32%\settings.sfm -> [Ver = | Size = 2064 bytes | Modified Date = 19.5.2007 22:32:54 | Attr = ]
settingsbkup.sfm -> %System32%\settingsbkup.sfm -> [Ver = | Size = 2064 bytes | Modified Date = 19.5.2007 22:32:54 | Attr = ]
ssldivx.dll -> %System32%\ssldivx.dll -> The OpenSSL Project, http://www.openssl.org/ [Ver = 0.9.8b | Size = 200704 bytes | Modified Date = 23.4.2007 3:15:20 | Attr = ]
vxblock.dll -> %System32%\vxblock.dll -> Sonic Solutions [Ver = 1.00.74a | Size = 39672 bytes | Modified Date = 23.4.2007 3:15:24 | Attr = ]
wbem -> %System32%\wbem -> [Folder | Modified Date = 16.5.2007 20:05:36 | Attr = ]
wpa.dbl -> %System32%\wpa.dbl -> [Ver = | Size = 12598 bytes | Modified Date = 19.5.2007 22:35:02 | Attr = ]
cdr4_xp.sys -> %System32%\drivers\cdr4_xp.sys -> Sonic Solutions [Ver = 8.0.0.212 | Size = 2432 bytes | Modified Date = 23.4.2007 3:15:26 | Attr = ]
cdralw2k.sys -> %System32%\drivers\cdralw2k.sys -> Sonic Solutions [Ver = 8.0.0.212 | Size = 2560 bytes | Modified Date = 23.4.2007 3:15:26 | Attr = ]
etc -> %System32%\drivers\etc -> [Folder | Modified Date = 18.5.2007 15:20:48 | Attr = ]
PxHelp20.sys -> %System32%\drivers\PxHelp20.sys -> Sonic Solutions [Ver = 3.00.43J | Size = 36624 bytes | Modified Date = 23.4.2007 3:15:26 | Attr = ]

[File String Scan - Non-Microsoft Only]
@Alternate Data Stream - 26 bytes -> %SystemDrive%\3x12a_x86_dos_updbios-23.zip:Zone.Identifier ->
@Alternate Data Stream - 26 bytes -> %SystemDrive%\3x12A_x86_dos_updflash-319.ZIP:Zone.Identifier ->
WSUD , -> %SystemDrive%\5510_NokiaAudioManager.exe -> [Ver = | Size = 18815488 bytes | Modified Date = 10.11.2004 9:08:14 | Attr = ]
UPX! , UPX0 , -> %SystemDrive%\ClonyXXL.exe -> [Ver = 2, 0, 1, 5 | Size = 274944 bytes | Modified Date = 29.4.2003 20:46:18 | Attr = ]
UPX! , -> %SystemDrive%\DOOM.exe -> [Ver = | Size = 3985410 bytes | Modified Date = 28.5.2004 18:05:52 | Attr = ]
@Alternate Data Stream - 26 bytes -> %SystemDrive%\ezcddax10.exe:Zone.Identifier ->
UPX! , UPX0 , -> %SystemDrive%\ezcddax10.exe -> [Ver = 7.0.6.1 | Size = 7716863 bytes | Modified Date = 17.5.2007 12:37:44 | Attr = ]
@Alternate Data Stream - 26 bytes -> %SystemDrive%\Firefox Setup 2.0.0.3.exe:Zone.Identifier ->
Thawte Consulting , -> %SystemDrive%\Firefox Setup 2.0.0.3.exe -> Mozilla [Ver = 4.42 | Size = 5807760 bytes | Modified Date = 16.5.2007 20:23:18 | Attr = ]
UPX! , UPX0 , -> %SystemDrive%\flaskmpeg_0594.exe -> [Ver = | Size = 812282 bytes | Modified Date = 28.6.2001 0:07:00 | Attr = ]
@Alternate Data Stream - 88 bytes -> %SystemDrive%\Get_Bin_Laden:SummaryInformation ->
@Alternate Data Stream - 0 bytes -> %SystemDrive%\Get_Bin_Laden:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} ->
@Alternate Data Stream - 0 bytes -> %SystemDrive%\Merry Xmas.exe:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} ->
File scan skipped for file %SystemDrive%\mvinfo.bin -> File size too big (197700722 bytes) ->
@Alternate Data Stream - 26 bytes -> %SystemDrive%\mwav.exe:Zone.Identifier ->
@Alternate Data Stream - 26 bytes -> %SystemDrive%\Nokia_N95-1_UG_fi.pdf:Zone.Identifier ->
@Alternate Data Stream - 26 bytes -> %SystemDrive%\nvidia.rar:Zone.Identifier ->
@Alternate Data Stream - 26 bytes -> %SystemDrive%\overkill (braunschweig '04).mp3:Zone.Identifier ->
PEC2 , -> %SystemDrive%\overkill (braunschweig '04).mp3 -> [Ver = | Size = 8045870 bytes | Modified Date = 2.1.2006 20:41:56 | Attr = ]
@Alternate Data Stream - 88 bytes -> %SystemDrive%\pajatso.swf:SummaryInformation ->
@Alternate Data Stream - 0 bytes -> %SystemDrive%\pajatso.swf:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} ->
@Alternate Data Stream - 26 bytes -> %SystemDrive%\regc.exe:Zone.Identifier ->
@Alternate Data Stream - 26 bytes -> %SystemDrive%\RegSeeker.zip:Zone.Identifier ->
UPX! , UPX0 , -> %SystemDrive%\remselec174.exe -> [Ver = | Size = 126464 bytes | Modified Date = 7.12.2000 15:48:40 | Attr = ]
UPX! , UPX0 , -> %SystemDrive%\Snakies3510.exe -> [Ver = | Size = 36288 bytes | Modified Date = 16.4.2004 21:10:34 | Attr = ]
UPX0 , -> %SystemDrive%\t-n10000.zip -> [Ver = | Size = 4979514 bytes | Modified Date = 27.12.2003 0:51:04 | Attr = ]
@Alternate Data Stream - 0 bytes -> %SystemDrive%\Thumbs.db:encryptable ->
@Alternate Data Stream - 26 bytes -> %SystemDrive%\trjsetup.exe:Zone.Identifier ->
aspack , -> %SystemDrive%\tweak-xp.exe -> [Ver = | Size = 1720026 bytes | Modified Date = 7.3.2002 23:59:50 | Attr = ]
aspack , -> %SystemDrive%\txp-patch.exe -> [Ver = | Size = 1811085 bytes | Modified Date = 23.7.2002 21:57:56 | Attr = ]
UPX! , UPX0 , -> %SystemDrive%\txp4trial.exe -> [Ver = 6.0.1.4 | Size = 5946111 bytes | Modified Date = 30.10.2004 20:07:04 | Attr = ]
File scan skipped for file %SystemDrive%\Untitled.mpg -> File size too big (968608046 bytes) ->
File scan skipped for file %SystemDrive%\Video 1.avi -> File size too big (444432384 bytes) ->
File scan skipped for file %SystemDrive%\Video 2.avi -> File size too big (150272000 bytes) ->
File scan skipped for file %SystemDrive%\Video 3.avi -> File size too big (141717504 bytes) ->
UPX! , -> %SystemDrive%\VIRTPART.DAT -> [Ver = | Size = 27262976 bytes | Modified Date = 25.10.2004 13:29:04 | Attr = ]
File scan skipped for file %SystemRoot%\MEMORY.DMP -> File size too big (1073307648 bytes) ->
@Alternate Data Stream - 0 bytes -> %SystemRoot%\Thumbs.db:encryptable ->
UPX! , UPX0 , -> %System32%\avisynth.dll -> The Public [Ver = 2, 5, 6, 0 | Size = 308224 bytes | Modified Date = 28.10.2005 19:44:12 | Attr = ]
PEC2 , -> %System32%\CO2C40EN.DLL -> [Ver = 4.6.1.106 | Size = 748160 bytes | Modified Date = 31.5.1998 | Attr = ]
PEC2 , -> %System32%\dfrg.msc -> [Ver = | Size = 41113 bytes | Modified Date = 9.10.2001 15:00:00 | Attr = ]
PEC2 , PECompact2 , -> %System32%\DivX.dll -> DivX, Inc. [Ver = 6.6.1.1 | Size = 740442 bytes | Modified Date = 11.5.2007 7:37:16 | Attr = ]
@Alternate Data Stream - 26 bytes -> %System32%\navcancl:Zone.Identifier ->
PEC2 , -> %System32%\Syysteema2005.scr -> [Ver = | Size = 3351040 bytes | Modified Date = 27.12.2005 11:48:06 | Attr = ]
winsync , -> %System32%\wbdbase.deu -> [Ver = | Size = 1309184 bytes | Modified Date = 9.10.2001 15:00:00 | Attr = ]
PTech , -> %System32%\drivers\mtlstrm.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 1309184 bytes | Modified Date = 3.8.2004 22:41:38 | Attr = ]

< End of report >

 

onks viel ongelmia?

 

Nyt tuntuu toimivan Ok. Paljon kiitoksia avusta!

 

Pysy puhtaana

-> Tyhjennä järjestelmänpalautus Ohjeet
Tyhjennä järjestelmänpalautuskansio ja luo uusi palautuspiste. Tämä puhdistaa palautuskansion mahdollisista haittaohjelmajäännöksistä.

-> Käytä CCleaneria -> CCleaner
Lataa ja asenna CCleaner. Puhdista väliaikaistiedostot ja -kansiot ohjelmalla säännöllisesti.

-> Asenna SpywareBlaster -> SpywareBlaster
SpywareBlaster estää haittaohjelmia asentumasta koneellesi. Ei kuluta muistia!
Opas saatavilla suomeksi! Nimimerkki Ad-Awaren opas

-> Asenna MVPS Hosts tiedosto -> MVPS Hosts
Estää koneesi yhteyden haitallisiin sivustoihin.
Opas saatavilla suomeksi! Nimimerkki Axelin opas

-> Vaihda selaimesi Firefoxiin -> Firefox
Firefox on nopeampi, turvallisempi ja parempi selain kuin Internet Explorer.

-> Pidä järjestelmäsi ajantasalla. -> Windows Update
Vieraile Windows Updatessa säännöllisesti.

-> Pidä palomuuri ja virustorjunta ajantasalla
Päivitä ja skannaa koneesi säännöllisesti virustorjuntaohjelmallasi.
ja hyvä myös escan http://koti.mbnet.fi/pattaya1/escanmwav.htm

->Pidä ohjelmistosi ajantasalla. -> Secunia Software Inspector
Secunia Software Inspector tutkii sinun järjestälmäsi ja ohjelmistosi puuttuvien turvallisuuspäivityksien osalta. Tavallinen tutkinta kestää normaalisti 5-40 sekuntia, kun läpikotainen (thorough system inspection) voi kestää useita minuutteja.

->Seuraa säännöllisesti viestintäviraston tietoja uusista haavoittuvuuksista -> CERT-FI