Viruksia koneella enkä saa niita pois

Discussion in 'Virukset ja haittaohjelmat - HijackThis -logit' started by kmta82, Sep 4, 2009.

  1. kmta82

    kmta82 Member

    Joined:
    Sep 4, 2009
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    11
    Ongelmanani oli virus näkyi tehtäväpalkissa punaisena pallona jossa oli ruksi ja kun sen kohdalle meni siihen tuli viesti Your computer is infected! windows has detected spyware infection!
    It is recomended to use antispyware tools to pervent data loss. Windows will now download and install the most up-to-date antispyware for you. Click here to protect your computer from spyware. Ja sitten kun sitä klikkas alko tuleen troijalaisia paljon ja yhtäkkiä ei palomuuri ollut enää käytössä. Kaverin avustuksella sain kyseisen pallukan pois ja palomuuri pysyy päällä, mutta viruksia tulee edelleen. miten saan virukset koneelta pois? Tässä ois lokeja niistä ohjelmista mitä olen käyttänyt.

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 18:48:10, on 4.9.2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16876)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\PROGRA~1\AVG\AVG8\avgrsx.exe
    C:\PROGRA~1\AVG\AVG8\avgnsx.exe
    C:\WINDOWS\system32\VTTimer.exe
    C:\WINDOWS\system32\VTtrayp.exe
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd.exe
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    C:\WINDOWS\system32\sys32_nov.exe
    C:\PROGRA~1\AVG\AVG8\avgtray.exe
    C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\WinZip\WZQKPICK.EXE
    C:\WINDOWS\system32\HPZipm12.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
    C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
    C:\WINDOWS\system32\taskmgr.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
    R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
    R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
    O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    O4 - HKLM\..\Run: [sys32_nov] C:\WINDOWS\system32\sys32_nov.exe
    O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
    O4 - HKLM\..\Run: [Regedit32] C:\WINDOWS\system32\regedit.exe
    O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
    O4 - HKCU\..\Run: [sys32_nov] C:\Documents and Settings\Korhoset\sys32_nov.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
    O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {076169AA-8C3D-4CFC-AC23-3ACA88FC21B5} (F-Secure Online Scanner Launcher) - http://download.sp.f-secure.com/ols/f-secure-rtm/resources/fslauncher.cab
    O18 - Protocol: CDS300 - {AD43AA67-6860-4531-AC8A-0E68F9CF023E} - D:\Player\__CDS2.dll (file missing)
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
    O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: iPod-palvelu (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

    --
    End of file - 7091 bytes


    SDFix: Version 1.240
    Run by Korhoset on pe 04.09.2009 at 15:59

    Microsoft Windows XP [versio 5.1.2600]
    Running From: C:\Documents and Settings\Korhoset\Ty”p”yt„\SDFix\SDFix

    Checking Services :


    Restoring Default Security Values
    Restoring Default Hosts File

    Rebooting


    Checking Files :

    Trojan Files Found:

    C:\WINDOWS\system32\braviax.exe - Deleted





    Removing Temp Files

    ADS Check :



    Final Check :

    catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-09-04 16:16:48
    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden services & system hive ...

    scanning hidden registry entries ...

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher]
    "TracesProcessed"=dword:0000005e

    scanning hidden files ...

    scan completed successfully
    hidden processes: 0
    hidden services: 0
    hidden files: 0


    Remaining Services :




    Authorized Application Key Export:

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:mad:xpsp2res.dll,-22019"
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:mad:xpsp3res.dll,-20000"
    "C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
    "C:\\Program Files\\Lavasoft\\Ad-Aware\\Ad-Aware.exe"="C:\\Program Files\\Lavasoft\\Ad-Aware\\Ad-Aware.exe:*:Enabled:Ad-Aware"
    "C:\\Program Files\\AVG\\AVG8\\avgupd.exe"="C:\\Program Files\\AVG\\AVG8\\avgupd.exe:*:Enabled:avgupd.exe"
    "C:\\Program Files\\AVG\\AVG8\\avgnsx.exe"="C:\\Program Files\\AVG\\AVG8\\avgnsx.exe:*:Enabled:avgnsx.exe"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:mad:xpsp2res.dll,-22019"
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:mad:xpsp3res.dll,-20000"

    Remaining Files :


    File Backups: - C:\DOCUME~1\Korhoset\TYPYT~1\SDFix\SDFix\backups\backups.zip

    Files with Hidden Attributes :

    Mon 22 Jan 2007 0 A.SH. --- "C:\WINDOWS\SMINST\HPCD.sys"
    Thu 28 Dec 2006 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
    Thu 28 Dec 2006 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
    Thu 15 May 2003 43,008 ...H. --- "C:\Program Files\Common Files\Adobe\ESD\DLMCleanup.exe"
    Tue 5 Jul 2005 241,664 A..H. --- "C:\Sovellukset\Ajuri\Audio\EXERUN\EXERUN.exe"
    Wed 20 Jul 2005 122,880 A..H. --- "C:\Sovellukset\Ajuri\Audio\EXERUN\Fxdrv.dll"
    Sun 4 Jul 2004 13,440 A..H. --- "C:\Sovellukset\Ajuri\Audio\EXERUN\Fxdrv.sys"
    Mon 27 Sep 2004 62,976 A..H. --- "C:\Sovellukset\Ajuri\Chipset\exerun\DSETUP.dll"
    Sat 23 Jul 2005 241,664 A..H. --- "C:\Sovellukset\Ajuri\Chipset\exerun\EXERUN.exe"
    Wed 20 Jul 2005 122,880 A..H. --- "C:\Sovellukset\Ajuri\Chipset\exerun\Fxdrv.dll"
    Sun 4 Jul 2004 13,440 A..H. --- "C:\Sovellukset\Ajuri\Chipset\exerun\Fxdrv.sys"
    Tue 5 Jul 2005 241,664 A..H. --- "C:\Sovellukset\Ajuri\Lan\EXERUN\EXERUN.exe"
    Wed 20 Jul 2005 122,880 A..H. --- "C:\Sovellukset\Ajuri\Lan\EXERUN\Fxdrv.dll"
    Sun 4 Jul 2004 13,440 A..H. --- "C:\Sovellukset\Ajuri\Lan\EXERUN\Fxdrv.sys"
    Tue 5 Jul 2005 241,664 A..H. --- "C:\Sovellukset\Ajuri\usb20\EXERUN\EXERUN.exe"
    Wed 20 Jul 2005 122,880 A..H. --- "C:\Sovellukset\Ajuri\usb20\EXERUN\Fxdrv.dll"
    Sun 4 Jul 2004 13,440 A..H. --- "C:\Sovellukset\Ajuri\usb20\EXERUN\Fxdrv.sys"
    Tue 5 Jul 2005 241,664 A..H. --- "C:\Sovellukset\Ajuri\VGA\EXERUN\EXERUN.exe"
    Wed 20 Jul 2005 122,880 A..H. --- "C:\Sovellukset\Ajuri\VGA\EXERUN\Fxdrv.dll"
    Sun 4 Jul 2004 13,440 A..H. --- "C:\Sovellukset\Ajuri\VGA\EXERUN\Fxdrv.sys"
    Thu 7 Dec 2006 3,096,576 A..H. --- "C:\Documents and Settings\Korhoset\Application Data\U3\temp\Launchpad Removal.exe"
    Sun 14 May 2006 79,360 A..H. --- "C:\Documents and Settings\Korhoset\Omat tiedostot\Noora\Sekalaista\~WRL0550.tmp"
    Sun 14 May 2006 371,200 A..H. --- "C:\Documents and Settings\Korhoset\Omat tiedostot\Noora\Sekalaista\~WRL2452.tmp"
    Sun 14 May 2006 429,568 A..H. --- "C:\Documents and Settings\Korhoset\Omat tiedostot\Noora\Sekalaista\~WRL2751.tmp"
    Tue 29 Nov 2005 22,016 A..H. --- "C:\Documents and Settings\Korhoset\Omat tiedostot\Noora\Sekalaista\Kouluty”t\9-luokka\~WRL0004.tmp"
    Wed 30 Nov 2005 38,912 A..H. --- "C:\Documents and Settings\Korhoset\Omat tiedostot\Noora\Sekalaista\Kouluty”t\9-luokka\~WRL0162.tmp"
    Wed 30 Nov 2005 37,888 A..H. --- "C:\Documents and Settings\Korhoset\Omat tiedostot\Noora\Sekalaista\Kouluty”t\9-luokka\~WRL0400.tmp"
    Wed 30 Nov 2005 36,352 A..H. --- "C:\Documents and Settings\Korhoset\Omat tiedostot\Noora\Sekalaista\Kouluty”t\9-luokka\~WRL1563.tmp"
    Wed 30 Nov 2005 23,552 A..H. --- "C:\Documents and Settings\Korhoset\Omat tiedostot\Noora\Sekalaista\Kouluty”t\9-luokka\~WRL1654.tmp"
    Wed 30 Nov 2005 28,160 A..H. --- "C:\Documents and Settings\Korhoset\Omat tiedostot\Noora\Sekalaista\Kouluty”t\9-luokka\~WRL2171.tmp"
    Wed 30 Nov 2005 34,304 A..H. --- "C:\Documents and Settings\Korhoset\Omat tiedostot\Noora\Sekalaista\Kouluty”t\9-luokka\~WRL2708.tmp"
    Wed 30 Nov 2005 41,984 A..H. --- "C:\Documents and Settings\Korhoset\Omat tiedostot\Noora\Sekalaista\Kouluty”t\9-luokka\~WRL3673.tmp"
    Wed 30 Nov 2005 41,472 A..H. --- "C:\Documents and Settings\Korhoset\Omat tiedostot\Noora\Sekalaista\Kouluty”t\9-luokka\~WRL3904.tmp"
    Sun 14 May 2006 79,360 A..H. --- "C:\Documents and Settings\Korhoset\Omat tiedostot\Noora\tikku\Uusi kansio\Uusi kansio (2)\Noora\Sekalaista\~WRL0550.tmp"
    Sun 14 May 2006 371,200 A..H. --- "C:\Documents and Settings\Korhoset\Omat tiedostot\Noora\tikku\Uusi kansio\Uusi kansio (2)\Noora\Sekalaista\~WRL2452.tmp"
    Sun 14 May 2006 429,568 A..H. --- "C:\Documents and Settings\Korhoset\Omat tiedostot\Noora\tikku\Uusi kansio\Uusi kansio (2)\Noora\Sekalaista\~WRL2751.tmp"
    Tue 29 Nov 2005 22,016 A..H. --- "C:\Documents and Settings\Korhoset\Omat tiedostot\Noora\tikku\Uusi kansio\Uusi kansio (2)\Noora\Sekalaista\Kouluty”t\9-luokka\~WRL0004.tmp"
    Wed 30 Nov 2005 38,912 A..H. --- "C:\Documents and Settings\Korhoset\Omat tiedostot\Noora\tikku\Uusi kansio\Uusi kansio (2)\Noora\Sekalaista\Kouluty”t\9-luokka\~WRL0162.tmp"
    Wed 30 Nov 2005 37,888 A..H. --- "C:\Documents and Settings\Korhoset\Omat tiedostot\Noora\tikku\Uusi kansio\Uusi kansio (2)\Noora\Sekalaista\Kouluty”t\9-luokka\~WRL0400.tmp"
    Wed 30 Nov 2005 36,352 A..H. --- "C:\Documents and Settings\Korhoset\Omat tiedostot\Noora\tikku\Uusi kansio\Uusi kansio (2)\Noora\Sekalaista\Kouluty”t\9-luokka\~WRL1563.tmp"
    Wed 30 Nov 2005 23,552 A..H. --- "C:\Documents and Settings\Korhoset\Omat tiedostot\Noora\tikku\Uusi kansio\Uusi kansio (2)\Noora\Sekalaista\Kouluty”t\9-luokka\~WRL1654.tmp"
    Wed 30 Nov 2005 28,160 A..H. --- "C:\Documents and Settings\Korhoset\Omat tiedostot\Noora\tikku\Uusi kansio\Uusi kansio (2)\Noora\Sekalaista\Kouluty”t\9-luokka\~WRL2171.tmp"
    Wed 30 Nov 2005 34,304 A..H. --- "C:\Documents and Settings\Korhoset\Omat tiedostot\Noora\tikku\Uusi kansio\Uusi kansio (2)\Noora\Sekalaista\Kouluty”t\9-luokka\~WRL2708.tmp"
    Wed 30 Nov 2005 41,984 A..H. --- "C:\Documents and Settings\Korhoset\Omat tiedostot\Noora\tikku\Uusi kansio\Uusi kansio (2)\Noora\Sekalaista\Kouluty”t\9-luokka\~WRL3673.tmp"
    Wed 30 Nov 2005 41,472 A..H. --- "C:\Documents and Settings\Korhoset\Omat tiedostot\Noora\tikku\Uusi kansio\Uusi kansio (2)\Noora\Sekalaista\Kouluty”t\9-luokka\~WRL3904.tmp"

    Finished!

    catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-09-04 16:16:48
    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden services & system hive ...

    scanning hidden registry entries ...

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher]
    "TracesProcessed"=dword:0000005e

    scanning hidden files ...

    scan completed successfully
    hidden processes: 0
    hidden services: 0
    hidden files: 0


    ComboFix 09-09-03.02 - Korhoset 04.09.2009 15:08.1.1 - NTFSx86
    Microsoft Windows XP Home Edition 5.1.2600.2.1252.358.1035.18.958.462 [GMT 3:00]
    Running from: c:\documents and settings\Korhoset\Omat tiedostot\Lataukset\ComboFix.exe
    AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
    AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Outdated) {00000000-0000-0000-0000-000000000000}
    AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {804FD218-FFA4-00CD-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {804FD408-FFA4-00CD-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {804FD408-FFA4-00F1-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {804FD408-FFA4-0101-0D24-347CA8A3377C}

    WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
    .

    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\documents and settings\Korhoset\delself.bat
    c:\documents and settings\Korhoset\oashdihasidhasuidhiasdhiashdiuasdhasd
    c:\documents and settings\Korhoset\sys32_nov.exe
    c:\recycler\S-1-5-21-415830015-4160492088-947251627-1003
    c:\recycler\S-1-5-21-484745106-1061988527-2154520383-1003
    c:\recycler\S-1-5-21-664411194-1136245016-3893304746-1003
    c:\windows\system32\404Fix.exe
    c:\windows\system32\Agent.OMZ.Fix.exe
    c:\windows\system32\dumphive.exe
    c:\windows\system32\IEDFix.C.exe
    c:\windows\system32\IEDFix.exe
    c:\windows\system32\o4Patch.exe
    c:\windows\system32\Process.exe
    c:\windows\system32\SrchSTS.exe
    c:\windows\system32\tmp.reg
    c:\windows\system32\VACFix.exe
    c:\windows\system32\VCCLSID.exe
    c:\windows\system32\WS2Fix.exe

    .
    ((((((((((((((((((((((((( Files Created from 2009-08-04 to 2009-09-04 )))))))))))))))))))))))))))))))
    .

    2009-09-03 15:42 . 2009-09-03 15:42 -------- d-----w- c:\program files\Trend Micro
    2009-09-03 14:18 . 2009-09-03 14:18 -------- d-----w- c:\program files\CCleaner
    2009-09-03 13:48 . 2004-09-15 12:00 4224 ----a-w- c:\windows\system32\drivers\beep.sys
    2009-09-03 13:48 . 2009-09-04 11:43 -------- d--h--w- C:\$AVG8.VAULT$
    2009-09-03 13:45 . 2009-09-03 13:45 -------- d-----w- c:\documents and settings\Korhoset\Local Settings\Application Data\AVG Security Toolbar
    2009-09-03 13:43 . 2009-09-03 13:43 11952 ----a-w- c:\windows\system32\avgrsstx.dll
    2009-09-03 13:43 . 2009-09-03 13:43 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys
    2009-09-03 13:43 . 2009-09-03 13:43 335240 ----a-w- c:\windows\system32\drivers\avgldx86.sys
    2009-09-03 13:43 . 2009-09-03 13:43 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
    2009-09-03 13:43 . 2009-09-04 10:30 -------- d-----w- c:\windows\system32\drivers\Avg
    2009-09-03 13:43 . 2009-09-03 13:43 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG Security Toolbar
    2009-09-03 13:42 . 2009-09-03 13:42 -------- d-----w- c:\program files\AVG
    2009-09-03 13:42 . 2009-09-03 13:42 -------- d-----w- c:\documents and settings\All Users\Application Data\avg8
    2009-09-03 13:21 . 2009-09-03 13:21 -------- d-----w- c:\documents and settings\Korhoset\Application Data\AVG8
    2009-09-03 13:04 . 2009-09-03 13:04 0 ----a-w- c:\windows\nsreg.dat
    2009-09-03 13:04 . 2009-09-03 13:04 -------- d-----w- c:\documents and settings\Korhoset\Local Settings\Application Data\Mozilla
    2009-09-03 11:53 . 2009-09-03 11:53 -------- d-----w- c:\documents and settings\All Users\Application Data\F-Secure
    2009-09-03 11:06 . 2009-09-03 11:06 -------- d-----w- c:\documents and settings\Korhoset\Application Data\Malwarebytes
    2009-09-03 11:06 . 2009-08-03 10:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2009-09-03 11:06 . 2009-09-03 11:06 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
    2009-09-03 11:06 . 2009-08-03 10:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
    2009-09-03 11:06 . 2009-09-03 11:06 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2009-09-02 20:22 . 2009-09-02 20:22 29216 ----a-w- c:\windows\system32\sys32_nov.exe
    2009-08-31 14:24 . 2009-08-31 14:24 -------- d-----w- C:\SANAPAA
    2009-08-21 13:05 . 2009-08-21 13:05 -------- d-----w- c:\windows\system32\XPSViewer
    2009-08-21 13:05 . 2009-08-21 13:05 -------- d-----w- c:\program files\MSBuild
    2009-08-21 13:05 . 2009-08-21 13:05 -------- d-----w- c:\program files\Reference Assemblies
    2009-08-21 13:05 . 2009-08-21 13:05 -------- d-----w- C:\4e5b926db559ae4c425db690764bc9
    2009-08-21 13:05 . 2008-07-06 12:06 89088 ------w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
    2009-08-21 13:05 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
    2009-08-21 13:05 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\dllcache\xpsshhdr.dll
    2009-08-21 13:05 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
    2009-08-21 13:05 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\dllcache\xpssvcs.dll
    2009-08-21 13:05 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
    2009-08-21 13:05 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
    2009-08-21 13:04 . 2009-08-21 13:16 -------- d-----w- c:\windows\SxsCaPendDel
    2009-08-21 13:01 . 2009-08-21 13:01 -------- d-----w- c:\program files\MSXML 6.0
    2009-08-12 11:56 . 2009-08-12 11:56 -------- d-----w- c:\windows\ServicePackFiles

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2009-09-04 11:42 . 2006-09-01 17:41 94272 ----a-w- c:\windows\system32\drivers\AGP440.SYS
    2009-09-03 13:36 . 2007-01-05 21:35 -------- d-----w- c:\program files\Google
    2009-08-26 19:35 . 2006-12-28 08:28 51544 ----a-w- c:\documents and settings\Korhoset\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
    2009-08-21 13:09 . 2005-12-07 04:26 86928 ----a-w- c:\windows\system32\perfc00B.dat
    2009-08-21 13:09 . 2005-12-07 04:26 420498 ----a-w- c:\windows\system32\perfh00B.dat
    2009-08-05 09:06 . 2006-09-01 17:24 204800 ----a-w- c:\windows\system32\mswebdvd.dll
    2009-07-17 18:57 . 2006-09-01 17:21 58880 ----a-w- c:\windows\system32\atl.dll
    2009-07-13 20:43 . 2005-12-07 04:26 286208 ----a-w- c:\windows\system32\wmpdxm.dll
    2009-07-09 13:45 . 2009-07-07 11:37 -------- d-----w- c:\documents and settings\Korhoset\Application Data\PC Suite
    2009-07-07 11:40 . 2009-07-07 11:40 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
    2009-07-07 11:40 . 2009-07-07 11:40 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_user_01_07_00.Wdf
    2009-07-07 11:39 . 2009-07-07 11:37 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Suite
    2009-07-07 11:39 . 2009-07-07 11:39 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
    2009-07-07 11:39 . 2009-07-07 11:39 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
    2009-07-07 11:38 . 2009-07-07 11:37 -------- d-----w- c:\documents and settings\Korhoset\Application Data\Nokia
    2009-07-07 11:36 . 2009-07-07 11:36 -------- d-----w- c:\program files\DIFX
    2009-07-07 11:36 . 2009-07-07 11:36 -------- d-----w- c:\program files\Common Files\PCSuite
    2009-07-07 11:36 . 2009-07-07 11:36 -------- d-----w- c:\program files\Common Files\Nokia
    2009-07-07 11:36 . 2009-07-07 11:35 -------- d-----w- c:\program files\Nokia
    2009-07-07 11:36 . 2009-07-07 11:36 -------- d-----w- c:\program files\PC Connectivity Solution
    2009-07-07 11:33 . 2009-07-07 11:33 -------- d-----w- c:\documents and settings\All Users\Application Data\Installations
    2009-06-29 15:59 . 2005-12-07 04:26 827392 ----a-w- c:\windows\system32\wininet.dll
    2009-06-29 15:59 . 2006-09-01 17:24 78336 ----a-w- c:\windows\system32\ieencode.dll
    2009-06-29 15:59 . 2006-09-01 17:22 17408 ------w- c:\windows\system32\corpol.dll
    2009-06-25 08:19 . 2006-09-01 17:27 59392 ----a-w- c:\windows\system32\wdigest.dll
    2009-06-25 08:19 . 2006-09-01 17:25 56320 ----a-w- c:\windows\system32\secur32.dll
    2009-06-25 08:19 . 2006-09-01 17:25 168448 ----a-w- c:\windows\system32\schannel.dll
    2009-06-25 08:19 . 2006-09-01 17:24 136192 ----a-w- c:\windows\system32\msv1_0.dll
    2009-06-25 08:19 . 2005-12-07 04:25 730112 ----a-w- c:\windows\system32\lsasrv.dll
    2009-06-25 08:19 . 2005-12-07 04:25 301568 ----a-w- c:\windows\system32\kerberos.dll
    2009-06-22 11:35 . 2006-09-01 17:24 92544 ----a-w- c:\windows\system32\drivers\ksecdd.sys
    2009-06-16 14:54 . 2006-09-01 17:26 119808 ----a-w- c:\windows\system32\t2embed.dll
    2009-06-16 14:54 . 2006-09-01 17:24 82432 ----a-w- c:\windows\system32\fontsub.dll
    2009-06-15 11:33 . 2005-12-07 04:26 76800 ----a-w- c:\windows\system32\telnet.exe
    2009-06-10 14:24 . 2006-09-01 17:21 84992 ----a-w- c:\windows\system32\avifil32.dll
    2009-06-10 06:31 . 2006-09-01 17:27 132096 ----a-w- c:\windows\system32\wkssvc.dll
    2007-01-22 15:17 . 2007-01-22 15:17 0 --sha-w- c:\windows\SMINST\HPCD.sys
    .

    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
    "{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-07-24 1090816]

    [HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-07-24 1090816]

    [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-06-12 1414144]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2002-09-13 212992]
    "RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2005-01-12 32768]
    "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-06-29 286720]
    "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2007-07-10 270648]
    "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-27 136600]
    "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd.exe" [2003-08-04 49152]
    "HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2003-12-22 241664]
    "ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-08-09 221184]
    "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-08-09 81920]
    "Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-07-03 520024]
    "sys32_nov"="c:\windows\system32\sys32_nov.exe" [2009-09-02 29216]
    "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-09-03 2007832]
    "SoundMan"="SOUNDMAN.EXE" - c:\windows\SOUNDMAN.EXE [2005-08-17 90112]
    "VTTimer"="VTTimer.exe" - c:\windows\system32\VTTimer.exe [2005-03-07 53248]
    "VTTrayp"="VTtrayp.exe" - c:\windows\system32\VTTrayp.exe [2005-10-31 163840]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-09-15 15360]

    c:\documents and settings\All Users\K„ynnist„-valikko\Ohjelmat\K„ynnistys\
    Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]
    HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2003-9-16 237568]
    WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2007-1-6 389120]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
    2009-09-03 13:43 11952 ----a-w- c:\windows\system32\avgrsstx.dll

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
    @="Driver"

    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "AntiVirusOverride"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "c:\\Program Files\\iTunes\\iTunes.exe"=
    "c:\\Program Files\\Lavasoft\\Ad-Aware\\Ad-Aware.exe"=
    "c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
    "c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=

    R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [27.3.2009 20:24 64160]
    R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [3.9.2009 16:43 335240]
    R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [3.9.2009 16:43 108552]
    R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [3.9.2009 16:42 297752]
    R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [19.1.2009 0:34 1029456]
    S3 c4df26d8-7766-4482-88be-108b37041946;c4df26d8-7766-4482-88be-108b37041946;\??\d:\player\cds300.dll --> d:\player\cds300.dll [?]
    S3 FXDRV;FXDRV;\??\d:\fxdrv.sys --> d:\Fxdrv.sys [?]
    .
    Contents of the 'Scheduled Tasks' folder

    2009-08-31 c:\windows\Tasks\Ad-Aware Update (Weekly).job
    - c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 16:25]

    2009-08-31 c:\windows\Tasks\AppleSoftwareUpdate.job
    - c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-06-03 10:42]
    .
    - - - - ORPHANS REMOVED - - - -

    HKCU-Run-sys32_nov - c:\documents and settings\Korhoset\sys32_nov.exe
    HKCU-Run-Power2GoExpress - (no file)
    HKLM-Run-DXDllRegExe - dxdllreg.exe


    .
    ------- Supplementary Scan -------
    .
    uStart Page = hxxp://www.google.com
    mStart Page = hxxp://www.google.com
    IE: Vie Microsoft E&xceliin - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    Handler: CDS300 - {AD43AA67-6860-4531-AC8A-0E68F9CF023E} -
    FF - ProfilePath - c:\documents and settings\Korhoset\Application Data\Mozilla\Firefox\Profiles\ngnqoo7o.default\
    FF - prefs.js: browser.search.selectedEngine - Google
    FF - prefs.js: keyword.URL - hxxp://fi.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_fi&p=
    FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
    FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll
    FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
    FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
    FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll
    FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
    .

    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-09-04 15:13
    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------

    [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\�•€|ÿÿÿÿ"•€|þ»Ów*]
    "b049C053C7D38EE4AB9A00CB3B5D2472"="C?\\Program Files\\Common Files\\Microsoft Shared\\Web Folders\\PUBPLACE.HTT"
    .
    Completion time: 2009-09-04 15:15
    ComboFix-quarantined-files.txt 2009-09-04 12:15

    Pre-Run: 116 850 417 664 tavua vapaana
    Post-Run: 117 495 832 576 tavua vapaana

    217 --- E O F --- 2009-09-02 13:00
     
    kmta82, Sep 4, 2009
    #1
  2. kmta82

    kmta82 Member

    Joined:
    Sep 4, 2009
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    11
    Korjausta edelliseen. Punainen pallukka tuli takaisin.. Tässä ois vielä äsken tehdyn tarkastuksen loki

    Malwarebytes' Anti-Malware 1.40
    Tietokantaversio: 2740
    Windows 5.1.2600 Service Pack 2

    4.9.2009 18:58:04
    mbam-log-2009-09-04 (18-58-04).txt

    Tarkistustyyppi: Täysi tarkistus (C:\|)
    Tarkistetut kohteet: 172530
    Kulunut aika: 1 hour(s), 17 minute(s), 28 second(s)

    Saastuneita muistiprosesseja: 0
    Saastuneita muistimoduuleja: 0
    Saastuneita rekisteriavaimia: 0
    Saastuneita rekisteriarvoja: 3
    Saastuneita rekisterikohteita: 0
    Saastuneita hakemistoja: 0
    Saastuneita tiedostoja: 5

    Saastuneita muistiprosesseja:
    (Haitallisia kohteita ei löydetty)

    Saastuneita muistimoduuleja:
    (Haitallisia kohteita ei löydetty)

    Saastuneita rekisteriavaimia:
    (Haitallisia kohteita ei löydetty)

    Saastuneita rekisteriarvoja:
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\braviax (Trojan.Downloader) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\braviax (Trojan.Downloader) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Regedit32 (Trojan.Agent) -> Quarantined and deleted successfully.

    Saastuneita rekisterikohteita:
    (Haitallisia kohteita ei löydetty)

    Saastuneita hakemistoja:
    (Haitallisia kohteita ei löydetty)

    Saastuneita tiedostoja:
    C:\System Volume Information\_restore{7CF27423-F640-4436-92E3-956DAF79690C}\RP908\A0038526.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{7CF27423-F640-4436-92E3-956DAF79690C}\RP908\A0038551.sys (Trojan.KillAV) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Korhoset\Local Settings\Temp\BN3.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Korhoset\Local Settings\Temp\BN7.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Korhoset\oashdihasidhasuidhiasdhiashdiuasdhasd (Malware.Trace) -> Quarantined and deleted successfully.
     
    kmta82, Sep 4, 2009
    #2
  3. kalminen

    kalminen Regular member

    Joined:
    May 4, 2007
    Messages:
    3,915
    Likes Received:
    0
    Trophy Points:
    46
    * Lataa TÄSTÄ random's system information tool (RSIT) by random/random ja tallenna se työpöydälle
    * Tuplaklikkaa RSIT.exeä ajaaksesi RSITin.
    * Klikkaa Continue.
    * Kun RSIT on valmis, kaksi lokia avautuu muistioon. Lähetä sekä
    log.txt:n (<<avautuu suurennettuna) että
    info.txt:n (<<avautuu pienennettynä) sisältö seuraavassa viestissäsi.

    Logit löytyy myös C:\RSIT\ kansiosta
    .
     
    kalminen, Sep 4, 2009
    #3
  4. kmta82

    kmta82 Member

    Joined:
    Sep 4, 2009
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    11
    Tässä ois nää lokit..
    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Korhoset at 2009-09-05 14:09:29
    Microsoft Windows XP Home Edition Service Pack 2
    System drive C: has 112 GB (75%) free of 148 GB
    Total RAM: 958 MB (51% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 18:48:10, on 4.9.2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16876)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\PROGRA~1\AVG\AVG8\avgrsx.exe
    C:\PROGRA~1\AVG\AVG8\avgnsx.exe
    C:\WINDOWS\system32\VTTimer.exe
    C:\WINDOWS\system32\VTtrayp.exe
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd.exe
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    C:\WINDOWS\system32\sys32_nov.exe
    C:\PROGRA~1\AVG\AVG8\avgtray.exe
    C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\WinZip\WZQKPICK.EXE
    C:\WINDOWS\system32\HPZipm12.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
    C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
    C:\WINDOWS\system32\taskmgr.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
    R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
    R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
    O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    O4 - HKLM\..\Run: [sys32_nov] C:\WINDOWS\system32\sys32_nov.exe
    O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
    O4 - HKLM\..\Run: [Regedit32] C:\WINDOWS\system32\regedit.exe
    O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
    O4 - HKCU\..\Run: [sys32_nov] C:\Documents and Settings\Korhoset\sys32_nov.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
    O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {076169AA-8C3D-4CFC-AC23-3ACA88FC21B5} (F-Secure Online Scanner Launcher) - http://download.sp.f-secure.com/ols/f-secure-rtm/resources/fslauncher.cab
    O18 - Protocol: CDS300 - {AD43AA67-6860-4531-AC8A-0E68F9CF023E} - D:\Player\__CDS2.dll (file missing)
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
    O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: iPod-palvelu (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

    --
    End of file - 7091 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
    C:\WINDOWS\tasks\AppleSoftwareUpdate.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-06-07 399352]
    {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll [2009-07-24 1090816]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "Recguard"=C:\WINDOWS\SMINST\RECGUARD.EXE [2002-09-13 212992]
    "SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2005-08-17 90112]
    "VTTimer"=C:\WINDOWS\system32\VTTimer.exe [2005-03-07 53248]
    "VTTrayp"=C:\WINDOWS\system32\VTtrayp.exe [2005-10-31 163840]
    "RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2005-01-12 32768]
    "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2007-06-29 286720]
    "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2007-07-10 270648]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-27 136600]
    "HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd.exe [2003-08-04 49152]
    "HP Component Manager"=C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2003-12-22 241664]
    "ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-08-09 221184]
    "ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-08-09 81920]
    "sys32_nov"=C:\WINDOWS\system32\sys32_nov.exe [2009-09-02 29216]
    "AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe [2009-07-03 303376]
    "AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-09-04 2007832]
    "braviax"=C:\WINDOWS\braviax.exe [2009-09-05 11264]
    "Regedit32"=C:\WINDOWS\system32\regedit.exe []

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-06-12 1414144]
    "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-09-15 15360]
    "braviax"= []
    "sys32_nov"=C:\Documents and Settings\Korhoset\sys32_nov.exe []

    C:\Documents and Settings\All Users\Käynnistä-valikko\Ohjelmat\Käynnistys
    Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLS"="cru629.dat"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
    C:\WINDOWS\system32\avgrsstx.dll [2009-09-04 11952]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
    C:\WINDOWS\system32\klogon.dll [2009-07-03 219664]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=323
    "NoDriveAutoRun"=67108863
    "NoDrives"=0
    "ForceClassicControlPanel"=1

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "HonorAutoRunSetting"=
    "NoDriveAutoRun"=
    "NoDriveTypeAutoRun"=
    "NoDrives"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:mad:xpsp2res.dll,-22019"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:mad:xpsp3res.dll,-20000"
    "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
    "C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe"="C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe:*:Enabled:Ad-Aware"
    "C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
    "C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:mad:xpsp2res.dll,-22019"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:mad:xpsp3res.dll,-20000"

    ======List of files/folders created in the last 1 months======

    2009-09-05 14:09:29 ----D---- C:\rsit
    2009-09-04 21:23:05 ----HD---- C:\$AVG8.VAULT$
    2009-09-04 21:20:57 ----A---- C:\WINDOWS\system32\avgrsstx.dll
    2009-09-04 21:20:22 ----D---- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
    2009-09-04 21:20:08 ----D---- C:\Program Files\AVG
    2009-09-04 21:20:08 ----D---- C:\Documents and Settings\All Users\Application Data\avg8
    2009-09-04 21:07:53 ----D---- C:\Documents and Settings\Korhoset\Application Data\AVG8
    2009-09-04 21:03:32 ----A---- C:\WINDOWS\tovy.dll
    2009-09-04 21:03:32 ----A---- C:\WINDOWS\igeco.vbs
    2009-09-04 21:03:32 ----A---- C:\Program Files\Common Files\pihyqujic.exe
    2009-09-04 20:59:44 ----D---- C:\Program Files\Kaspersky Lab
    2009-09-04 20:59:44 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
    2009-09-04 20:56:17 ----A---- C:\WINDOWS\braviax.exe
    2009-09-04 20:51:49 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
    2009-09-04 20:36:00 ----D---- C:\Avenger
    2009-09-04 16:12:37 ----D---- C:\Documents and Settings\Korhoset\Application Data\WinRAR
    2009-09-04 15:55:24 ----D---- C:\WINDOWS\ERUNT
    2009-09-04 15:39:21 ----SHD---- C:\RECYCLER
    2009-09-04 15:15:47 ----D---- C:\WINDOWS\temp
    2009-09-04 15:15:44 ----A---- C:\ComboFix.txt
    2009-09-04 15:06:23 ----A---- C:\WINDOWS\zip.exe
    2009-09-04 15:06:23 ----A---- C:\WINDOWS\SWXCACLS.exe
    2009-09-04 15:06:23 ----A---- C:\WINDOWS\SWSC.exe
    2009-09-04 15:06:23 ----A---- C:\WINDOWS\SWREG.exe
    2009-09-04 15:06:23 ----A---- C:\WINDOWS\sed.exe
    2009-09-04 15:06:23 ----A---- C:\WINDOWS\PEV.exe
    2009-09-04 15:06:23 ----A---- C:\WINDOWS\NIRCMD.exe
    2009-09-04 15:06:23 ----A---- C:\WINDOWS\grep.exe
    2009-09-04 15:06:13 ----SD---- C:\ComboFix
    2009-09-04 15:06:13 ----D---- C:\WINDOWS\ERDNT
    2009-09-04 15:05:37 ----D---- C:\Qoobox
    2009-09-03 18:42:11 ----D---- C:\Program Files\Trend Micro
    2009-09-03 17:18:50 ----D---- C:\Program Files\CCleaner
    2009-09-03 16:04:10 ----D---- C:\Documents and Settings\Korhoset\Application Data\Mozilla
    2009-09-03 16:03:57 ----D---- C:\Program Files\Mozilla Firefox
    2009-09-03 15:50:47 ----A---- C:\WINDOWS\system32\tmp.txt
    2009-09-03 15:50:09 ----A---- C:\rapport.txt
    2009-09-03 14:53:43 ----D---- C:\Documents and Settings\All Users\Application Data\F-Secure
    2009-09-03 14:06:30 ----D---- C:\Documents and Settings\Korhoset\Application Data\Malwarebytes
    2009-09-03 14:06:23 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2009-09-03 14:06:22 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2009-09-02 23:22:36 ----A---- C:\WINDOWS\system32\sys32_nov.exe
    2009-08-31 17:24:23 ----D---- C:\SANAPAA
    2009-08-26 16:00:20 ----HDC---- C:\WINDOWS\$NtUninstallKB970653-v3$
    2009-08-22 16:01:44 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
    2009-08-22 16:01:21 ----HDC---- C:\WINDOWS\$NtUninstallKB925720$
    2009-08-21 16:05:57 ----D---- C:\WINDOWS\system32\XPSViewer
    2009-08-21 16:05:51 ----D---- C:\Program Files\MSBuild
    2009-08-21 16:05:49 ----D---- C:\WINDOWS\system32\en-US
    2009-08-21 16:05:41 ----D---- C:\Program Files\Reference Assemblies
    2009-08-21 16:05:11 ----N---- C:\WINDOWS\system32\xpssvcs.dll
    2009-08-21 16:05:11 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
    2009-08-21 16:05:11 ----N---- C:\WINDOWS\system32\prntvpt.dll
    2009-08-21 16:05:11 ----D---- C:\4e5b926db559ae4c425db690764bc9
    2009-08-21 16:04:55 ----D---- C:\WINDOWS\SxsCaPendDel
    2009-08-21 16:01:23 ----HDC---- C:\WINDOWS\$NtUninstallWIC$
    2009-08-21 16:01:15 ----D---- C:\Program Files\MSXML 6.0
    2009-08-17 22:06:54 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
    2009-08-12 14:59:24 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
    2009-08-12 14:59:16 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
    2009-08-12 14:59:10 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
    2009-08-12 14:59:03 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
    2009-08-12 14:58:52 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9L$
    2009-08-12 14:58:46 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
    2009-08-12 14:58:39 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
    2009-08-12 14:56:25 ----D---- C:\WINDOWS\ServicePackFiles
    2009-08-12 14:56:23 ----HDC---- C:\WINDOWS\$NtUninstallKB958470$
    2009-08-12 14:56:07 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$

    ======List of files/folders modified in the last 1 months======

    2009-09-05 13:53:05 ----D---- C:\WINDOWS\system32\CatRoot2
    2009-09-05 13:45:23 ----D---- C:\WINDOWS\system32
    2009-09-05 13:45:13 ----D---- C:\WINDOWS
    2009-09-05 13:44:52 ----RSHD---- C:\WINDOWS\system32\dllcache
    2009-09-05 13:35:33 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-09-04 21:20:56 ----D---- C:\WINDOWS\system32\drivers
    2009-09-04 21:20:08 ----RD---- C:\Program Files
    2009-09-04 21:19:12 ----SHD---- C:\WINDOWS\Installer
    2009-09-04 21:03:32 ----D---- C:\Program Files\Common Files
    2009-09-04 21:00:36 ----HD---- C:\WINDOWS\inf
    2009-09-04 19:35:14 ----D---- C:\Program Files\Lavasoft
    2009-09-04 19:35:14 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
    2009-09-04 19:34:50 ----DC---- C:\WINDOWS\system32\DRVSTORE
    2009-09-04 16:15:09 ----D---- C:\WINDOWS\Prefetch
    2009-09-04 15:13:52 ----A---- C:\WINDOWS\system.ini
    2009-09-04 15:12:00 ----D---- C:\WINDOWS\AppPatch
    2009-09-03 17:23:42 ----D---- C:\WINDOWS\Debug
    2009-09-03 16:42:32 ----D---- C:\Program Files\Common Files\Microsoft Shared
    2009-09-03 16:42:31 ----D---- C:\WINDOWS\WinSxS
    2009-09-03 16:36:53 ----D---- C:\Program Files\Google
    2009-09-03 14:40:10 ----SD---- C:\WINDOWS\Downloaded Program Files
    2009-09-02 16:31:29 ----D---- C:\WINDOWS\Microsoft.NET
    2009-08-22 16:02:01 ----D---- C:\WINDOWS\system32\CatRoot
    2009-08-22 16:01:43 ----HD---- C:\WINDOWS\$hf_mig$
    2009-08-21 16:24:40 ----RSD---- C:\WINDOWS\assembly
    2009-08-21 16:09:37 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
    2009-08-21 16:05:47 ----RSD---- C:\WINDOWS\Fonts
    2009-08-21 16:05:26 ----D---- C:\WINDOWS\system32\spool
    2009-08-12 14:58:41 ----D---- C:\Program Files\Outlook Express

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2006-12-28 43488]
    R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-09-04 335240]
    R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-09-04 27784]
    R1 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-09-04 108552]
    R1 intelppm;Intel-suoritinohjain; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-09-15 40064]
    R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2009-09-04 296976]
    R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-08-19 3644800]
    R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2006-09-19 15664]
    R3 HidUsb;Microsoft HID -luokkaohjain; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
    R3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-01-05 51056]
    R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-01-05 16496]
    R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-01-05 21488]
    R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2009-05-13 31760]
    R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [2009-05-16 19472]
    R3 mouhid;Hiiren HID-ohjain; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-05 12160]
    R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2005-03-04 74496]
    R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]
    R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
    R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-09-15 57600]
    R3 usbprint;Microsoft USB PRINTER -luokka; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-04 25856]
    R3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
    R3 USBSTOR;USB-massamuistiohjain; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-09-15 26496]
    R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-09-15 20480]
    R3 viagfx;viagfx; C:\WINDOWS\system32\DRIVERS\vtmini.sys [2005-12-27 247040]
    S3 c4df26d8-7766-4482-88be-108b37041946;c4df26d8-7766-4482-88be-108b37041946; \??\D:\Player\cds300.dll []
    S3 catchme;catchme; \??\C:\DOCUME~1\Korhoset\LOCALS~1\Temp\catchme.sys []
    S3 FXDRV;FXDRV; \??\D:\Fxdrv.sys []
    S3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-18 2944]
    S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2009-02-09 17664]
    S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-02-09 22016]
    S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
    S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
    S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-02-09 7808]
    S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2004-08-03 25600]
    S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-02-09 7808]
    S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
    S4 WS2IFSL;Windows Socket 2.0:n tukiympäristö ei-IFS-järjestelmiä varten; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-09-15 12032]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2007-07-09 106496]
    R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-09-04 297752]
    R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-27 152984]
    R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-09-15 14336]
    R3 iPod Service;iPod-palvelu; C:\Program Files\iPod\bin\iPodService.exe [2007-07-10 501048]
    R3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-01-05 65795]
    R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-06-02 637952]
    S2 AVP;Kaspersky Anti-Virus; C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe [2009-07-03 303376]
    S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2004-09-15 268800]
    S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
    S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
    S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
    S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
    S3 WMPNetworkSvc;Windows Media Playerin verkkojakamispalvelu; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-15 913920]
    S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

    -----------------EOF-----------------
    info.txt logfile of random's system information tool 1.06 2009-09-05 14:09:36

    ======Uninstall list======

    -->MsiExec.exe /I{901C0409-6000-11D3-8CFE-0150048383C9}
    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    Adobe Download Manager 1.2 (Poista ainoastaan)-->"C:\Program Files\Common Files\Adobe\ESD\uninst.exe"
    Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Reader 7.0 - Suomi-->MsiExec.exe /I{AC76BA86-7AD7-1035-7B44-A70000000000}
    Adobe Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
    Apple Mobile Device Support -tuki-->MsiExec.exe /I{A43B2A2F-1DB5-47F9-A608-F11A4835D7CB}
    Apple Software Update-->MsiExec.exe /I{74EC78BC-B379-4E29-9006-8F161DCAABA6}
    Arkhimedes 2.7v3-->"C:\Program Files\Arkhimedes2\unins000.exe"
    Arkhimedes 3.0 (4)-->"C:\Program Files\Arkhimedes3\unins000.exe"
    AVG Free 8.5-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
    CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
    Econet Palkanlaskenta-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{3B0D319B-86C0-4217-85F6-0E31C4F375EA}
    Econet Pro-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{0A06737F-2646-488F-872E-2610C4A17603} /l1035
    HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
    Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
    Hotfix for Windows XP (KB915865)-->"C:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst.exe"
    Hotfix for Windows XP (KB926239)-->"C:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe"
    Hotfix-korjauspäivitys Windows Media Player 11:lle (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
    Hotfix-päivitys Windows Internet Explorer 7:lle (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
    Hotfix-päivitys Windows XP:lle (KB893357)-->"C:\WINDOWS\$NtUninstallKB893357$\spuninst\spuninst.exe"
    Hotfix-päivitys Windows XP:lle (KB895953)-->"C:\WINDOWS\$NtUninstallKB895953$\spuninst\spuninst.exe"
    Hotfix-päivitys Windows XP:lle (KB896256)-->"C:\WINDOWS\$NtUninstallKB896256$\spuninst\spuninst.exe"
    Hotfix-päivitys Windows XP:lle (KB906569)-->"C:\WINDOWS\$NtUninstallKB906569$\spuninst\spuninst.exe"
    Hotfix-päivitys Windows XP:lle (KB910728)-->"C:\WINDOWS\$NtUninstallKB910728$\spuninst\spuninst.exe"
    Hotfix-päivitys Windows XP:lle (KB914440)-->"C:\WINDOWS\$NtUninstallKB914440$\spuninst\spuninst.exe"
    Hotfix-päivitys Windows XP:lle (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
    Hotfix-päivitys Windows XP:lle (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
    Hotfix-päivitys Windows XP:lle (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
    HP Image Zone 3.5-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
    HP PSC & OfficeJet 3.5-->"C:\Program Files\HP\Digital Imaging\{0FABD3D7-3036-4e78-B29D-58957ADB0A12}\setup\hpzscr01.exe" -datfile hposcr03.dat
    HP Software Update-->MsiExec.exe /X{34957B51-9676-41CE-9E52-44AE91B73F1C}
    iTunes-->MsiExec.exe /I{9357AE3A-B2ED-4138-BB9B-0564352C3F0A}
    Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
    Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
    Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
    Kaspersky Anti-Virus 2010-->MsiExec.exe /I{943B6738-4801-4982-90EC-0442EF7AEB16}
    Kaspersky Anti-Virus 2010-->MsiExec.exe /I{943B6738-4801-4982-90EC-0442EF7AEB16}
    Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
    Memories Disc Creator 2.0-->MsiExec.exe /X{2E132061-C78A-48D4-A899-1D13B9D189FA}
    Microsoft .NET Framework 1.1 Finnish Language Pack-->MsiExec.exe /X{4538A1AF-6894-4F10-ABDA-6CB9E6ACF8B6}
    Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
    Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
    Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
    Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
    Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
    Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
    Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.7-->"C:\WINDOWS\$NtUninstallWdf01007$\spuninst\spuninst.exe"
    Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
    Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040B-6000-11D3-8CFE-0150048383C9}
    Microsoft User-Mode Driver Framework Feature Pack 1.7-->"C:\WINDOWS\$NtUninstallWudf01007$\spuninst\spuninst.exe"
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    Microsoft Works-->MsiExec.exe /I{6495D83E-3A5B-4674-A17F-3A6DDCDC0F89}
    Microsoft Zoo Tycoon-->"C:\Program Files\Microsoft Games\Zoo Tycoon\UNINSTAL.EXE" /runtemp /addremove
    Mozilla Firefox (3.5.2)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    MSVC80_x86-->MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}
    MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
    MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
    MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    MSXML 6 Service Pack 2 (KB954459)-->MsiExec.exe /I{1A528690-6A2D-4BC5-B143-8C4AE8D19D96}
    Nokia Connectivity Cable Driver-->MsiExec.exe /I{52D02A2B-03D2-4E34-A358-DC5D951FD296}
    Nokia PC Suite-->C:\Documents and Settings\All Users\Application Data\Installations\{55495E65-7C5B-48E4-BC7D-DE54F3DE5ED6}\Nokia_PC_Suite_7_1_30_8_fin_web.exe
    Nokia PC Suite-->MsiExec.exe /I{55495E65-7C5B-48E4-BC7D-DE54F3DE5ED6}
    OCA Client history tool install-->"C:\WINDOWS\$UninstallOCA-X86Fre-ENU$\spuninst\spuninst.exe"
    PC Connectivity Solution-->MsiExec.exe /I{0C973594-7DDF-4BD0-84ED-3517F7622037}
    Power2Go 4.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" -uninstall
    PowerDVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
    Päivitys Windows XP:lle (KB894391)-->"C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
    Päivitys Windows XP:lle (KB896727)-->"C:\WINDOWS\$NtUninstallKB896727$\spuninst\spuninst.exe"
    Päivitys Windows XP:lle (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
    Päivitys Windows XP:lle (KB900485)-->"C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
    Päivitys Windows XP:lle (KB904942)-->"C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe"
    Päivitys Windows XP:lle (KB910437)-->"C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
    Päivitys Windows XP:lle (KB912945)-->"C:\WINDOWS\$NtUninstallKB912945$\spuninst\spuninst.exe"
    Päivitys Windows XP:lle (KB916595)-->"C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
    Päivitys Windows XP:lle (KB920872)-->"C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
    Päivitys Windows XP:lle (KB922582)-->"C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
    Päivitys Windows XP:lle (KB925720)-->"C:\WINDOWS\$NtUninstallKB925720$\spuninst\spuninst.exe"
    Päivitys Windows XP:lle (KB927891)-->"C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe"
    Päivitys Windows XP:lle (KB929338)-->"C:\WINDOWS\$NtUninstallKB929338$\spuninst\spuninst.exe"
    Päivitys Windows XP:lle (KB930916)-->"C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe"
    Päivitys Windows XP:lle (KB931836)-->"C:\WINDOWS\$NtUninstallKB931836$\spuninst\spuninst.exe"
    Päivitys Windows XP:lle (KB932823-v3)-->"C:\WINDOWS\$NtUninstallKB932823-v3$\spuninst\spuninst.exe"
    Päivitys Windows XP:lle (KB933360)-->"C:\WINDOWS\$NtUninstallKB933360$\spuninst\spuninst.exe"
    Päivitys Windows XP:lle (KB936357)-->"C:\WINDOWS\$NtUninstallKB936357$\spuninst\spuninst.exe"
    Päivitys Windows XP:lle (KB938828)-->"C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe"
    Päivitys Windows XP:lle (KB942763)-->"C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"
    Päivitys Windows XP:lle (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
    Päivitys Windows XP:lle (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
    Päivitys Windows XP:lle (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
    Päivitys Windows XP:lle (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
    Päivitys Windows XP:lle (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
    QuickTime-->MsiExec.exe /I{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}
    Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\Setup.exe" -l0xb -removeonly
    REALTEK Gigabit and Fast Ethernet NIC Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{94FB906A-CF42-4128-A509-D353026A607E}\Setup.exe" -l0xb REMOVE
    Suojauspäivitys ohjelmistolle Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
    Suojauspäivitys Windows Internet Explorer 7:lle (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
    Suojauspäivitys Windows Internet Explorer 7:lle (KB929969)-->"C:\WINDOWS\ie7updates\KB929969\spuninst\spuninst.exe"
    Suojauspäivitys Windows Internet Explorer 7:lle (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"
    Suojauspäivitys Windows Internet Explorer 7:lle (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
    Suojauspäivitys Windows Internet Explorer 7:lle (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
    Suojauspäivitys Windows Internet Explorer 7:lle (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
    Suojauspäivitys Windows Internet Explorer 7:lle (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
    Suojauspäivitys Windows Internet Explorer 7:lle (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
    Suojauspäivitys Windows Internet Explorer 7:lle (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
    Suojauspäivitys Windows Internet Explorer 7:lle (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
    Suojauspäivitys Windows Internet Explorer 7:lle (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
    Suojauspäivitys Windows Internet Explorer 7:lle (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
    Suojauspäivitys Windows Internet Explorer 7:lle (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
    Suojauspäivitys Windows Internet Explorer 7:lle (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
    Suojauspäivitys Windows Internet Explorer 7:lle (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
    Suojauspäivitys Windows Internet Explorer 7:lle (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
    Suojauspäivitys Windows Internet Explorer 7:lle (KB969897)-->"C:\WINDOWS\ie7updates\KB969897-IE7\spuninst\spuninst.exe"
    Suojauspäivitys Windows Internet Explorer 7:lle (KB972260)-->"C:\WINDOWS\ie7updates\KB972260-IE7\spuninst\spuninst.exe"
    Suojauspäivitys Windows Media Player 10:lle (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
    Suojauspäivitys Windows Media Player 10:lle (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
    Suojauspäivitys Windows Media Player 11:lle (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
    Suojauspäivitys Windows Media Player 11:lle (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
    Suojauspäivitys Windows Media Player 6.4:lle (KB925398)-->"C:\WINDOWS\$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe"
    Suojauspäivitys Windows Media Playerille (KB911564)-->"C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe"
    Suojauspäivitys Windows Media Playerille (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
    Suojauspäivitys Windows Media Playerille (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9L$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB883939)-->"C:\WINDOWS\$NtUninstallKB883939$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB890046)-->"C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB893756)-->"C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB896358)-->"C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB896422)-->"C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB896423)-->"C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB896424)-->"C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB896428)-->"C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB896688)-->"C:\WINDOWS\$NtUninstallKB896688$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB899587)-->"C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB899588)-->"C:\WINDOWS\$NtUninstallKB899588$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB899589)-->"C:\WINDOWS\$NtUninstallKB899589$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB899591)-->"C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB900725)-->"C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB901017)-->"C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB901190)-->"C:\WINDOWS\$NtUninstallKB901190$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB901214)-->"C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB902400)-->"C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB903235)-->"C:\WINDOWS\$NtUninstallKB903235$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB904706)-->"C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB905414)-->"C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB905749)-->"C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB908519)-->"C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB908531)-->"C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB911280)-->"C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB911562)-->"C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB911567)-->"C:\WINDOWS\$NtUninstallKB911567$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB911927)-->"C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB912812)-->"C:\WINDOWS\$NtUninstallKB912812$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB912919)-->"C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB913433)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB913433.inf
    Suojauspäivitys Windows XP:lle (KB913446)-->"C:\WINDOWS\$NtUninstallKB913446$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB913580)-->"C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB914388)-->"C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB914389)-->"C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB916281)-->"C:\WINDOWS\$NtUninstallKB916281$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB917159)-->"C:\WINDOWS\$NtUninstallKB917159$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB917344)-->"C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB917422)-->"C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB917537)-->"C:\WINDOWS\$NtUninstallKB917537$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB917953)-->"C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB918118)-->"C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB918439)-->"C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB918899)-->"C:\WINDOWS\$NtUninstallKB918899$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB919007)-->"C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB920213)-->"C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB920214)-->"C:\WINDOWS\$NtUninstallKB920214$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB920670)-->"C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB920683)-->"C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB920685)-->"C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB921398)-->"C:\WINDOWS\$NtUninstallKB921398$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB921503)-->"C:\WINDOWS\$NtUninstallKB921503$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB921883)-->"C:\WINDOWS\$NtUninstallKB921883$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB922616)-->"C:\WINDOWS\$NtUninstallKB922616$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB922819)-->"C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB923191)-->"C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB923414)-->"C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB923694)-->"C:\WINDOWS\$NtUninstallKB923694$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB923980)-->"C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB924191)-->"C:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB924270)-->"C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB924667)-->"C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB925454)-->"C:\WINDOWS\$NtUninstallKB925454$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB925486)-->"C:\WINDOWS\$NtUninstallKB925486$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB925902)-->"C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB926255)-->"C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB926436)-->"C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB927779)-->"C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB927802)-->"C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB928255)-->"C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB928843)-->"C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB929123)-->"C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB930178)-->"C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB931261)-->"C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB931784)-->"C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB932168)-->"C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB933729)-->"C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB935839)-->"C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB935840)-->"C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB936021)-->"C:\WINDOWS\$NtUninstallKB936021$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB938829)-->"C:\WINDOWS\$NtUninstallKB938829$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB941202)-->"C:\WINDOWS\$NtUninstallKB941202$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB941568)-->"C:\WINDOWS\$NtUninstallKB941568$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB941644)-->"C:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB941693)-->"C:\WINDOWS\$NtUninstallKB941693$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB943055)-->"C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB943460)-->"C:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB943485)-->"C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB944653)-->"C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB945553)-->"C:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB946026)-->"C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB948590)-->"C:\WINDOWS\$NtUninstallKB948590$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB948881)-->"C:\WINDOWS\$NtUninstallKB948881$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB950749)-->"C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB958470)-->"C:\WINDOWS\$NtUninstallKB958470$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
    The Compressorizer! Version 1.01-->C:\Program Files\The Compressorizer\Uninstall.exe
    The Sims 2-->C:\Program Files\EA GAMES\The Sims 2\EAUninstall.exe
    Tärkeä päivitys Windows Media Player 11:lle (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
    VIA/S3G Display Driver-->C:\PROGRA~1\S3\UChromeP\s3minset.exe /u UChromeP.uns
    Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
    Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803$\spuninst\spuninst.exe"
    Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
    Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"
    Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
    Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
    Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
    Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
    Windows XP Hotfix - KB834707-->C:\WINDOWS\$NtUninstallKB834707$\spuninst\spuninst.exe
    Windows XP Hotfix - KB867282-->C:\WINDOWS\$NtUninstallKB867282$\spuninst\spuninst.exe
    Windows XP Hotfix - KB873333-->C:\WINDOWS\$NtUninstallKB873333$\spuninst\spuninst.exe
    Windows XP Hotfix - KB873339-->C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
    Windows XP Hotfix - KB885250-->C:\WINDOWS\$NtUninstallKB885250$\spuninst\spuninst.exe
    Windows XP Hotfix - KB885835-->C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
    Windows XP Hotfix - KB885836-->C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
    Windows XP Hotfix - KB885884-->C:\WINDOWS\$NtUninstallKB885884$\spuninst\spuninst.exe
    Windows XP Hotfix - KB886185-->C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
    Windows XP Hotfix - KB887472-->C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
    Windows XP Hotfix - KB888113-->C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe
    Windows XP Hotfix - KB888302-->C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
    Windows XP Hotfix - KB890047-->C:\WINDOWS\$NtUninstallKB890047$\spuninst\spuninst.exe
    Windows XP Hotfix - KB890175-->C:\WINDOWS\$NtUninstallKB890175$\spuninst\spuninst.exe
    Windows XP Hotfix - KB890859-->"C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
    Windows XP Hotfix - KB890923-->"C:\WINDOWS\$NtUninstallKB890923$\spuninst\spuninst.exe"
    Windows XP Hotfix - KB891781-->C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
    Windows XP Hotfix - KB893066-->"C:\WINDOWS\$NtUninstallKB893066$\spuninst\spuninst.exe"
    Windows XP Hotfix - KB893086-->"C:\WINDOWS\$NtUninstallKB893086$\spuninst\spuninst.exe"
    Windowsin ohjainpaketti - Nokia Modem (06/01/2009 4.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokia_blue_C08496D7A0050438DFE13C55799AE2D4157A8E7A\nokia_bluetooth.inf
    Windowsin ohjainpaketti - Nokia Modem (06/01/2009 7.01.0.3)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_9C48E34C57B7D4AAE5FFF5FB9B476B538394FD30\nokbtmdm.inf
    Windowsin ohjainpaketti - Nokia pccsmcfd (08/22/2008 7.0.0.0)-->C:\PROGRA~1\DIFX\B4723E9A0713E5B1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.inf
    WinRAR-pakkausohjelma-->C:\Program Files\WinRAR\uninstall.exe
    WinZip-->"C:\Program Files\WinZip\WINZIP32.EXE" /uninstall
    Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
    Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\WINDOWS\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
    Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\unyt.exe

    ======Hosts File======

    127.0.0.1 localhost

    ======Security center information======

    AV: Avira AntiVir PersonalEdition Classic
    AV: Avira AntiVir PersonalEdition Classic
    AV: AVG Anti-Virus Free
    AV: Avira AntiVir PersonalEdition Classic (outdated)
    AV: Avira AntiVir PersonalEdition Classic
    AV: Avira AntiVir PersonalEdition Classic

    ======System event log======

    Computer Name: KORHONEN
    Event Code: 1000
    Message: Tietokoneen IP-osoite 213.216.227.247 ei ole enää voimassa verkkokortille, jonka
    verkko-osoite on 0015586CE10A.

    Record Number: 38327
    Source Name: Dhcp
    Time Written: 20090809092633.000000+180
    Event Type: error
    User:

    Computer Name: KORHONEN
    Event Code: 1003
    Message: Verkon DHCP-palvelin ei voinut uusia IP-osoitetta tietokoneen
    verkkokortille, jonka verkko-osoite on 0015586CE10A.
    Virhe:
    Semaforin aikakatkaisun määräaika on lopussa.
    .
    Tietokone jatkaa osoitteen pyytämistä verkon DHCP-palvelimelta.


    Record Number: 38326
    Source Name: Dhcp
    Time Written: 20090809092633.000000+180
    Event Type: warning
    User:

    Computer Name: KORHONEN
    Event Code: 1000
    Message: Tietokoneen IP-osoite 213.216.227.247 ei ole enää voimassa verkkokortille, jonka
    verkko-osoite on 0015586CE10A.

    Record Number: 38315
    Source Name: Dhcp
    Time Written: 20090808204022.000000+180
    Event Type: error
    User:

    Computer Name: KORHONEN
    Event Code: 1003
    Message: Verkon DHCP-palvelin ei voinut uusia IP-osoitetta tietokoneen
    verkkokortille, jonka verkko-osoite on 0015586CE10A.
    Virhe:
    Semaforin aikakatkaisun määräaika on lopussa.
    .
    Tietokone jatkaa osoitteen pyytämistä verkon DHCP-palvelimelta.


    Record Number: 38314
    Source Name: Dhcp
    Time Written: 20090808204022.000000+180
    Event Type: warning
    User:

    Computer Name: KORHONEN
    Event Code: 18
    Message:
    Record Number: 38313
    Source Name: avgntflt
    Time Written: 20090808204022.000000+180
    Event Type: warning
    User:

    =====Application event log=====

    Computer Name: KORHONEN
    Event Code: 4113
    Message:
    Record Number: 8516
    Source Name: Avira AntiVir
    Time Written: 20090903141332.000000+180
    Event Type: warning
    User: NT-HALLINTA\SYSTEM

    Computer Name: KORHONEN
    Event Code: 4113
    Message:
    Record Number: 8515
    Source Name: Avira AntiVir
    Time Written: 20090903141331.000000+180
    Event Type: warning
    User: NT-HALLINTA\SYSTEM

    Computer Name: KORHONEN
    Event Code: 4113
    Message:
    Record Number: 8514
    Source Name: Avira AntiVir
    Time Written: 20090903141325.000000+180
    Event Type: warning
    User: NT-HALLINTA\SYSTEM

    Computer Name: KORHONEN
    Event Code: 4113
    Message:
    Record Number: 8513
    Source Name: Avira AntiVir
    Time Written: 20090903141324.000000+180
    Event Type: warning
    User: NT-HALLINTA\SYSTEM

    Computer Name: KORHONEN
    Event Code: 4113
    Message:
    Record Number: 8511
    Source Name: Avira AntiVir
    Time Written: 20090903140306.000000+180
    Event Type: warning
    User: NT-HALLINTA\SYSTEM

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\PC Connectivity Solution;C:\Program Files\QuickTime\QTSystem
    "windir"=%SystemRoot%
    "FP_NO_HOST_CHECK"=NO
    "OS"=Windows_NT
    "PROCESSOR_ARCHITECTURE"=x86
    "PROCESSOR_LEVEL"=15
    "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 6 Stepping 4, GenuineIntel
    "PROCESSOR_REVISION"=0604
    "NUMBER_OF_PROCESSORS"=1
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
    "QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip

    -----------------EOF-----------------
     
    kmta82, Sep 5, 2009
    #4
  5. kmta82

    kmta82 Member

    Joined:
    Sep 4, 2009
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    11
    tässä ois nää tiedostot

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Korhoset at 2009-09-05 14:09:29
    Microsoft Windows XP Home Edition Service Pack 2
    System drive C: has 112 GB (75%) free of 148 GB
    Total RAM: 958 MB (51% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 18:48:10, on 4.9.2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16876)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\PROGRA~1\AVG\AVG8\avgrsx.exe
    C:\PROGRA~1\AVG\AVG8\avgnsx.exe
    C:\WINDOWS\system32\VTTimer.exe
    C:\WINDOWS\system32\VTtrayp.exe
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd.exe
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    C:\WINDOWS\system32\sys32_nov.exe
    C:\PROGRA~1\AVG\AVG8\avgtray.exe
    C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\WinZip\WZQKPICK.EXE
    C:\WINDOWS\system32\HPZipm12.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
    C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
    C:\WINDOWS\system32\taskmgr.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
    R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
    R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
    O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    O4 - HKLM\..\Run: [sys32_nov] C:\WINDOWS\system32\sys32_nov.exe
    O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
    O4 - HKLM\..\Run: [Regedit32] C:\WINDOWS\system32\regedit.exe
    O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
    O4 - HKCU\..\Run: [sys32_nov] C:\Documents and Settings\Korhoset\sys32_nov.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
    O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {076169AA-8C3D-4CFC-AC23-3ACA88FC21B5} (F-Secure Online Scanner Launcher) - http://download.sp.f-secure.com/ols/f-secure-rtm/resources/fslauncher.cab
    O18 - Protocol: CDS300 - {AD43AA67-6860-4531-AC8A-0E68F9CF023E} - D:\Player\__CDS2.dll (file missing)
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
    O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: iPod-palvelu (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

    --
    End of file - 7091 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
    C:\WINDOWS\tasks\AppleSoftwareUpdate.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-06-07 399352]
    {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll [2009-07-24 1090816]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "Recguard"=C:\WINDOWS\SMINST\RECGUARD.EXE [2002-09-13 212992]
    "SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2005-08-17 90112]
    "VTTimer"=C:\WINDOWS\system32\VTTimer.exe [2005-03-07 53248]
    "VTTrayp"=C:\WINDOWS\system32\VTtrayp.exe [2005-10-31 163840]
    "RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2005-01-12 32768]
    "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2007-06-29 286720]
    "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2007-07-10 270648]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-27 136600]
    "HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd.exe [2003-08-04 49152]
    "HP Component Manager"=C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2003-12-22 241664]
    "ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-08-09 221184]
    "ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-08-09 81920]
    "sys32_nov"=C:\WINDOWS\system32\sys32_nov.exe [2009-09-02 29216]
    "AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe [2009-07-03 303376]
    "AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-09-04 2007832]
    "braviax"=C:\WINDOWS\braviax.exe [2009-09-05 11264]
    "Regedit32"=C:\WINDOWS\system32\regedit.exe []

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-06-12 1414144]
    "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-09-15 15360]
    "braviax"= []
    "sys32_nov"=C:\Documents and Settings\Korhoset\sys32_nov.exe []

    C:\Documents and Settings\All Users\Käynnistä-valikko\Ohjelmat\Käynnistys
    Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLS"="cru629.dat"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
    C:\WINDOWS\system32\avgrsstx.dll [2009-09-04 11952]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
    C:\WINDOWS\system32\klogon.dll [2009-07-03 219664]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=323
    "NoDriveAutoRun"=67108863
    "NoDrives"=0
    "ForceClassicControlPanel"=1

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "HonorAutoRunSetting"=
    "NoDriveAutoRun"=
    "NoDriveTypeAutoRun"=
    "NoDrives"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:mad:xpsp2res.dll,-22019"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:mad:xpsp3res.dll,-20000"
    "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
    "C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe"="C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe:*:Enabled:Ad-Aware"
    "C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
    "C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:mad:xpsp2res.dll,-22019"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:mad:xpsp3res.dll,-20000"

    ======List of files/folders created in the last 1 months======

    2009-09-05 14:09:29 ----D---- C:\rsit
    2009-09-04 21:23:05 ----HD---- C:\$AVG8.VAULT$
    2009-09-04 21:20:57 ----A---- C:\WINDOWS\system32\avgrsstx.dll
    2009-09-04 21:20:22 ----D---- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
    2009-09-04 21:20:08 ----D---- C:\Program Files\AVG
    2009-09-04 21:20:08 ----D---- C:\Documents and Settings\All Users\Application Data\avg8
    2009-09-04 21:07:53 ----D---- C:\Documents and Settings\Korhoset\Application Data\AVG8
    2009-09-04 21:03:32 ----A---- C:\WINDOWS\tovy.dll
    2009-09-04 21:03:32 ----A---- C:\WINDOWS\igeco.vbs
    2009-09-04 21:03:32 ----A---- C:\Program Files\Common Files\pihyqujic.exe
    2009-09-04 20:59:44 ----D---- C:\Program Files\Kaspersky Lab
    2009-09-04 20:59:44 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
    2009-09-04 20:56:17 ----A---- C:\WINDOWS\braviax.exe
    2009-09-04 20:51:49 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
    2009-09-04 20:36:00 ----D---- C:\Avenger
    2009-09-04 16:12:37 ----D---- C:\Documents and Settings\Korhoset\Application Data\WinRAR
    2009-09-04 15:55:24 ----D---- C:\WINDOWS\ERUNT
    2009-09-04 15:39:21 ----SHD---- C:\RECYCLER
    2009-09-04 15:15:47 ----D---- C:\WINDOWS\temp
    2009-09-04 15:15:44 ----A---- C:\ComboFix.txt
    2009-09-04 15:06:23 ----A---- C:\WINDOWS\zip.exe
    2009-09-04 15:06:23 ----A---- C:\WINDOWS\SWXCACLS.exe
    2009-09-04 15:06:23 ----A---- C:\WINDOWS\SWSC.exe
    2009-09-04 15:06:23 ----A---- C:\WINDOWS\SWREG.exe
    2009-09-04 15:06:23 ----A---- C:\WINDOWS\sed.exe
    2009-09-04 15:06:23 ----A---- C:\WINDOWS\PEV.exe
    2009-09-04 15:06:23 ----A---- C:\WINDOWS\NIRCMD.exe
    2009-09-04 15:06:23 ----A---- C:\WINDOWS\grep.exe
    2009-09-04 15:06:13 ----SD---- C:\ComboFix
    2009-09-04 15:06:13 ----D---- C:\WINDOWS\ERDNT
    2009-09-04 15:05:37 ----D---- C:\Qoobox
    2009-09-03 18:42:11 ----D---- C:\Program Files\Trend Micro
    2009-09-03 17:18:50 ----D---- C:\Program Files\CCleaner
    2009-09-03 16:04:10 ----D---- C:\Documents and Settings\Korhoset\Application Data\Mozilla
    2009-09-03 16:03:57 ----D---- C:\Program Files\Mozilla Firefox
    2009-09-03 15:50:47 ----A---- C:\WINDOWS\system32\tmp.txt
    2009-09-03 15:50:09 ----A---- C:\rapport.txt
    2009-09-03 14:53:43 ----D---- C:\Documents and Settings\All Users\Application Data\F-Secure
    2009-09-03 14:06:30 ----D---- C:\Documents and Settings\Korhoset\Application Data\Malwarebytes
    2009-09-03 14:06:23 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2009-09-03 14:06:22 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2009-09-02 23:22:36 ----A---- C:\WINDOWS\system32\sys32_nov.exe
    2009-08-31 17:24:23 ----D---- C:\SANAPAA
    2009-08-26 16:00:20 ----HDC---- C:\WINDOWS\$NtUninstallKB970653-v3$
    2009-08-22 16:01:44 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
    2009-08-22 16:01:21 ----HDC---- C:\WINDOWS\$NtUninstallKB925720$
    2009-08-21 16:05:57 ----D---- C:\WINDOWS\system32\XPSViewer
    2009-08-21 16:05:51 ----D---- C:\Program Files\MSBuild
    2009-08-21 16:05:49 ----D---- C:\WINDOWS\system32\en-US
    2009-08-21 16:05:41 ----D---- C:\Program Files\Reference Assemblies
    2009-08-21 16:05:11 ----N---- C:\WINDOWS\system32\xpssvcs.dll
    2009-08-21 16:05:11 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
    2009-08-21 16:05:11 ----N---- C:\WINDOWS\system32\prntvpt.dll
    2009-08-21 16:05:11 ----D---- C:\4e5b926db559ae4c425db690764bc9
    2009-08-21 16:04:55 ----D---- C:\WINDOWS\SxsCaPendDel
    2009-08-21 16:01:23 ----HDC---- C:\WINDOWS\$NtUninstallWIC$
    2009-08-21 16:01:15 ----D---- C:\Program Files\MSXML 6.0
    2009-08-17 22:06:54 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
    2009-08-12 14:59:24 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
    2009-08-12 14:59:16 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
    2009-08-12 14:59:10 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
    2009-08-12 14:59:03 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
    2009-08-12 14:58:52 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9L$
    2009-08-12 14:58:46 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
    2009-08-12 14:58:39 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
    2009-08-12 14:56:25 ----D---- C:\WINDOWS\ServicePackFiles
    2009-08-12 14:56:23 ----HDC---- C:\WINDOWS\$NtUninstallKB958470$
    2009-08-12 14:56:07 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$

    ======List of files/folders modified in the last 1 months======

    2009-09-05 13:53:05 ----D---- C:\WINDOWS\system32\CatRoot2
    2009-09-05 13:45:23 ----D---- C:\WINDOWS\system32
    2009-09-05 13:45:13 ----D---- C:\WINDOWS
    2009-09-05 13:44:52 ----RSHD---- C:\WINDOWS\system32\dllcache
    2009-09-05 13:35:33 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-09-04 21:20:56 ----D---- C:\WINDOWS\system32\drivers
    2009-09-04 21:20:08 ----RD---- C:\Program Files
    2009-09-04 21:19:12 ----SHD---- C:\WINDOWS\Installer
    2009-09-04 21:03:32 ----D---- C:\Program Files\Common Files
    2009-09-04 21:00:36 ----HD---- C:\WINDOWS\inf
    2009-09-04 19:35:14 ----D---- C:\Program Files\Lavasoft
    2009-09-04 19:35:14 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
    2009-09-04 19:34:50 ----DC---- C:\WINDOWS\system32\DRVSTORE
    2009-09-04 16:15:09 ----D---- C:\WINDOWS\Prefetch
    2009-09-04 15:13:52 ----A---- C:\WINDOWS\system.ini
    2009-09-04 15:12:00 ----D---- C:\WINDOWS\AppPatch
    2009-09-03 17:23:42 ----D---- C:\WINDOWS\Debug
    2009-09-03 16:42:32 ----D---- C:\Program Files\Common Files\Microsoft Shared
    2009-09-03 16:42:31 ----D---- C:\WINDOWS\WinSxS
    2009-09-03 16:36:53 ----D---- C:\Program Files\Google
    2009-09-03 14:40:10 ----SD---- C:\WINDOWS\Downloaded Program Files
    2009-09-02 16:31:29 ----D---- C:\WINDOWS\Microsoft.NET
    2009-08-22 16:02:01 ----D---- C:\WINDOWS\system32\CatRoot
    2009-08-22 16:01:43 ----HD---- C:\WINDOWS\$hf_mig$
    2009-08-21 16:24:40 ----RSD---- C:\WINDOWS\assembly
    2009-08-21 16:09:37 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
    2009-08-21 16:05:47 ----RSD---- C:\WINDOWS\Fonts
    2009-08-21 16:05:26 ----D---- C:\WINDOWS\system32\spool
    2009-08-12 14:58:41 ----D---- C:\Program Files\Outlook Express

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2006-12-28 43488]
    R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-09-04 335240]
    R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-09-04 27784]
    R1 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-09-04 108552]
    R1 intelppm;Intel-suoritinohjain; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-09-15 40064]
    R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2009-09-04 296976]
    R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-08-19 3644800]
    R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2006-09-19 15664]
    R3 HidUsb;Microsoft HID -luokkaohjain; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
    R3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-01-05 51056]
    R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-01-05 16496]
    R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-01-05 21488]
    R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2009-05-13 31760]
    R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [2009-05-16 19472]
    R3 mouhid;Hiiren HID-ohjain; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-05 12160]
    R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2005-03-04 74496]
    R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]
    R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
    R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-09-15 57600]
    R3 usbprint;Microsoft USB PRINTER -luokka; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-04 25856]
    R3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
    R3 USBSTOR;USB-massamuistiohjain; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-09-15 26496]
    R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-09-15 20480]
    R3 viagfx;viagfx; C:\WINDOWS\system32\DRIVERS\vtmini.sys [2005-12-27 247040]
    S3 c4df26d8-7766-4482-88be-108b37041946;c4df26d8-7766-4482-88be-108b37041946; \??\D:\Player\cds300.dll []
    S3 catchme;catchme; \??\C:\DOCUME~1\Korhoset\LOCALS~1\Temp\catchme.sys []
    S3 FXDRV;FXDRV; \??\D:\Fxdrv.sys []
    S3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-18 2944]
    S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2009-02-09 17664]
    S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-02-09 22016]
    S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
    S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
    S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-02-09 7808]
    S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2004-08-03 25600]
    S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-02-09 7808]
    S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
    S4 WS2IFSL;Windows Socket 2.0:n tukiympäristö ei-IFS-järjestelmiä varten; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-09-15 12032]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2007-07-09 106496]
    R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-09-04 297752]
    R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-27 152984]
    R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-09-15 14336]
    R3 iPod Service;iPod-palvelu; C:\Program Files\iPod\bin\iPodService.exe [2007-07-10 501048]
    R3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-01-05 65795]
    R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-06-02 637952]
    S2 AVP;Kaspersky Anti-Virus; C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe [2009-07-03 303376]
    S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2004-09-15 268800]
    S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
    S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
    S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
    S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
    S3 WMPNetworkSvc;Windows Media Playerin verkkojakamispalvelu; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-15 913920]
    S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

    -----------------EOF-----------------
     
    kmta82, Sep 5, 2009
    #5
  6. kmta82

    kmta82 Member

    Joined:
    Sep 4, 2009
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    11
    tässä ois nää tiedostot
    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Korhoset at 2009-09-05 14:09:29
    Microsoft Windows XP Home Edition Service Pack 2
    System drive C: has 112 GB (75%) free of 148 GB
    Total RAM: 958 MB (51% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 18:48:10, on 4.9.2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16876)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\PROGRA~1\AVG\AVG8\avgrsx.exe
    C:\PROGRA~1\AVG\AVG8\avgnsx.exe
    C:\WINDOWS\system32\VTTimer.exe
    C:\WINDOWS\system32\VTtrayp.exe
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd.exe
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    C:\WINDOWS\system32\sys32_nov.exe
    C:\PROGRA~1\AVG\AVG8\avgtray.exe
    C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\WinZip\WZQKPICK.EXE
    C:\WINDOWS\system32\HPZipm12.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
    C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
    C:\WINDOWS\system32\taskmgr.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
    R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
    R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
    O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    O4 - HKLM\..\Run: [sys32_nov] C:\WINDOWS\system32\sys32_nov.exe
    O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
    O4 - HKLM\..\Run: [Regedit32] C:\WINDOWS\system32\regedit.exe
    O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
    O4 - HKCU\..\Run: [sys32_nov] C:\Documents and Settings\Korhoset\sys32_nov.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
    O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {076169AA-8C3D-4CFC-AC23-3ACA88FC21B5} (F-Secure Online Scanner Launcher) - http://download.sp.f-secure.com/ols/f-secure-rtm/resources/fslauncher.cab
    O18 - Protocol: CDS300 - {AD43AA67-6860-4531-AC8A-0E68F9CF023E} - D:\Player\__CDS2.dll (file missing)
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
    O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: iPod-palvelu (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

    --
    End of file - 7091 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
    C:\WINDOWS\tasks\AppleSoftwareUpdate.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-06-07 399352]
    {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll [2009-07-24 1090816]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "Recguard"=C:\WINDOWS\SMINST\RECGUARD.EXE [2002-09-13 212992]
    "SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2005-08-17 90112]
    "VTTimer"=C:\WINDOWS\system32\VTTimer.exe [2005-03-07 53248]
    "VTTrayp"=C:\WINDOWS\system32\VTtrayp.exe [2005-10-31 163840]
    "RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2005-01-12 32768]
    "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2007-06-29 286720]
    "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2007-07-10 270648]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-27 136600]
    "HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd.exe [2003-08-04 49152]
    "HP Component Manager"=C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2003-12-22 241664]
    "ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-08-09 221184]
    "ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-08-09 81920]
    "sys32_nov"=C:\WINDOWS\system32\sys32_nov.exe [2009-09-02 29216]
    "AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe [2009-07-03 303376]
    "AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-09-04 2007832]
    "braviax"=C:\WINDOWS\braviax.exe [2009-09-05 11264]
    "Regedit32"=C:\WINDOWS\system32\regedit.exe []

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-06-12 1414144]
    "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-09-15 15360]
    "braviax"= []
    "sys32_nov"=C:\Documents and Settings\Korhoset\sys32_nov.exe []

    C:\Documents and Settings\All Users\Käynnistä-valikko\Ohjelmat\Käynnistys
    Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLS"="cru629.dat"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
    C:\WINDOWS\system32\avgrsstx.dll [2009-09-04 11952]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
    C:\WINDOWS\system32\klogon.dll [2009-07-03 219664]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=323
    "NoDriveAutoRun"=67108863
    "NoDrives"=0
    "ForceClassicControlPanel"=1

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "HonorAutoRunSetting"=
    "NoDriveAutoRun"=
    "NoDriveTypeAutoRun"=
    "NoDrives"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:mad:xpsp2res.dll,-22019"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:mad:xpsp3res.dll,-20000"
    "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
    "C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe"="C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe:*:Enabled:Ad-Aware"
    "C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
    "C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:mad:xpsp2res.dll,-22019"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:mad:xpsp3res.dll,-20000"

    ======List of files/folders created in the last 1 months======

    2009-09-05 14:09:29 ----D---- C:\rsit
    2009-09-04 21:23:05 ----HD---- C:\$AVG8.VAULT$
    2009-09-04 21:20:57 ----A---- C:\WINDOWS\system32\avgrsstx.dll
    2009-09-04 21:20:22 ----D---- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
    2009-09-04 21:20:08 ----D---- C:\Program Files\AVG
    2009-09-04 21:20:08 ----D---- C:\Documents and Settings\All Users\Application Data\avg8
    2009-09-04 21:07:53 ----D---- C:\Documents and Settings\Korhoset\Application Data\AVG8
    2009-09-04 21:03:32 ----A---- C:\WINDOWS\tovy.dll
    2009-09-04 21:03:32 ----A---- C:\WINDOWS\igeco.vbs
    2009-09-04 21:03:32 ----A---- C:\Program Files\Common Files\pihyqujic.exe
    2009-09-04 20:59:44 ----D---- C:\Program Files\Kaspersky Lab
    2009-09-04 20:59:44 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
    2009-09-04 20:56:17 ----A---- C:\WINDOWS\braviax.exe
    2009-09-04 20:51:49 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
    2009-09-04 20:36:00 ----D---- C:\Avenger
    2009-09-04 16:12:37 ----D---- C:\Documents and Settings\Korhoset\Application Data\WinRAR
    2009-09-04 15:55:24 ----D---- C:\WINDOWS\ERUNT
    2009-09-04 15:39:21 ----SHD---- C:\RECYCLER
    2009-09-04 15:15:47 ----D---- C:\WINDOWS\temp
    2009-09-04 15:15:44 ----A---- C:\ComboFix.txt
    2009-09-04 15:06:23 ----A---- C:\WINDOWS\zip.exe
    2009-09-04 15:06:23 ----A---- C:\WINDOWS\SWXCACLS.exe
    2009-09-04 15:06:23 ----A---- C:\WINDOWS\SWSC.exe
    2009-09-04 15:06:23 ----A---- C:\WINDOWS\SWREG.exe
    2009-09-04 15:06:23 ----A---- C:\WINDOWS\sed.exe
    2009-09-04 15:06:23 ----A---- C:\WINDOWS\PEV.exe
    2009-09-04 15:06:23 ----A---- C:\WINDOWS\NIRCMD.exe
    2009-09-04 15:06:23 ----A---- C:\WINDOWS\grep.exe
    2009-09-04 15:06:13 ----SD---- C:\ComboFix
    2009-09-04 15:06:13 ----D---- C:\WINDOWS\ERDNT
    2009-09-04 15:05:37 ----D---- C:\Qoobox
    2009-09-03 18:42:11 ----D---- C:\Program Files\Trend Micro
    2009-09-03 17:18:50 ----D---- C:\Program Files\CCleaner
    2009-09-03 16:04:10 ----D---- C:\Documents and Settings\Korhoset\Application Data\Mozilla
    2009-09-03 16:03:57 ----D---- C:\Program Files\Mozilla Firefox
    2009-09-03 15:50:47 ----A---- C:\WINDOWS\system32\tmp.txt
    2009-09-03 15:50:09 ----A---- C:\rapport.txt
    2009-09-03 14:53:43 ----D---- C:\Documents and Settings\All Users\Application Data\F-Secure
    2009-09-03 14:06:30 ----D---- C:\Documents and Settings\Korhoset\Application Data\Malwarebytes
    2009-09-03 14:06:23 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2009-09-03 14:06:22 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2009-09-02 23:22:36 ----A---- C:\WINDOWS\system32\sys32_nov.exe
    2009-08-31 17:24:23 ----D---- C:\SANAPAA
    2009-08-26 16:00:20 ----HDC---- C:\WINDOWS\$NtUninstallKB970653-v3$
    2009-08-22 16:01:44 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
    2009-08-22 16:01:21 ----HDC---- C:\WINDOWS\$NtUninstallKB925720$
    2009-08-21 16:05:57 ----D---- C:\WINDOWS\system32\XPSViewer
    2009-08-21 16:05:51 ----D---- C:\Program Files\MSBuild
    2009-08-21 16:05:49 ----D---- C:\WINDOWS\system32\en-US
    2009-08-21 16:05:41 ----D---- C:\Program Files\Reference Assemblies
    2009-08-21 16:05:11 ----N---- C:\WINDOWS\system32\xpssvcs.dll
    2009-08-21 16:05:11 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
    2009-08-21 16:05:11 ----N---- C:\WINDOWS\system32\prntvpt.dll
    2009-08-21 16:05:11 ----D---- C:\4e5b926db559ae4c425db690764bc9
    2009-08-21 16:04:55 ----D---- C:\WINDOWS\SxsCaPendDel
    2009-08-21 16:01:23 ----HDC---- C:\WINDOWS\$NtUninstallWIC$
    2009-08-21 16:01:15 ----D---- C:\Program Files\MSXML 6.0
    2009-08-17 22:06:54 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
    2009-08-12 14:59:24 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
    2009-08-12 14:59:16 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
    2009-08-12 14:59:10 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
    2009-08-12 14:59:03 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
    2009-08-12 14:58:52 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9L$
    2009-08-12 14:58:46 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
    2009-08-12 14:58:39 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
    2009-08-12 14:56:25 ----D---- C:\WINDOWS\ServicePackFiles
    2009-08-12 14:56:23 ----HDC---- C:\WINDOWS\$NtUninstallKB958470$
    2009-08-12 14:56:07 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$

    ======List of files/folders modified in the last 1 months======

    2009-09-05 13:53:05 ----D---- C:\WINDOWS\system32\CatRoot2
    2009-09-05 13:45:23 ----D---- C:\WINDOWS\system32
    2009-09-05 13:45:13 ----D---- C:\WINDOWS
    2009-09-05 13:44:52 ----RSHD---- C:\WINDOWS\system32\dllcache
    2009-09-05 13:35:33 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-09-04 21:20:56 ----D---- C:\WINDOWS\system32\drivers
    2009-09-04 21:20:08 ----RD---- C:\Program Files
    2009-09-04 21:19:12 ----SHD---- C:\WINDOWS\Installer
    2009-09-04 21:03:32 ----D---- C:\Program Files\Common Files
    2009-09-04 21:00:36 ----HD---- C:\WINDOWS\inf
    2009-09-04 19:35:14 ----D---- C:\Program Files\Lavasoft
    2009-09-04 19:35:14 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
    2009-09-04 19:34:50 ----DC---- C:\WINDOWS\system32\DRVSTORE
    2009-09-04 16:15:09 ----D---- C:\WINDOWS\Prefetch
    2009-09-04 15:13:52 ----A---- C:\WINDOWS\system.ini
    2009-09-04 15:12:00 ----D---- C:\WINDOWS\AppPatch
    2009-09-03 17:23:42 ----D---- C:\WINDOWS\Debug
    2009-09-03 16:42:32 ----D---- C:\Program Files\Common Files\Microsoft Shared
    2009-09-03 16:42:31 ----D---- C:\WINDOWS\WinSxS
    2009-09-03 16:36:53 ----D---- C:\Program Files\Google
    2009-09-03 14:40:10 ----SD---- C:\WINDOWS\Downloaded Program Files
    2009-09-02 16:31:29 ----D---- C:\WINDOWS\Microsoft.NET
    2009-08-22 16:02:01 ----D---- C:\WINDOWS\system32\CatRoot
    2009-08-22 16:01:43 ----HD---- C:\WINDOWS\$hf_mig$
    2009-08-21 16:24:40 ----RSD---- C:\WINDOWS\assembly
    2009-08-21 16:09:37 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
    2009-08-21 16:05:47 ----RSD---- C:\WINDOWS\Fonts
    2009-08-21 16:05:26 ----D---- C:\WINDOWS\system32\spool
    2009-08-12 14:58:41 ----D---- C:\Program Files\Outlook Express

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2006-12-28 43488]
    R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-09-04 335240]
    R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-09-04 27784]
    R1 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-09-04 108552]
    R1 intelppm;Intel-suoritinohjain; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-09-15 40064]
    R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2009-09-04 296976]
    R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-08-19 3644800]
    R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2006-09-19 15664]
    R3 HidUsb;Microsoft HID -luokkaohjain; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
    R3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-01-05 51056]
    R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-01-05 16496]
    R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-01-05 21488]
    R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2009-05-13 31760]
    R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [2009-05-16 19472]
    R3 mouhid;Hiiren HID-ohjain; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-05 12160]
    R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2005-03-04 74496]
    R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]
    R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
    R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-09-15 57600]
    R3 usbprint;Microsoft USB PRINTER -luokka; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-04 25856]
    R3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
    R3 USBSTOR;USB-massamuistiohjain; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-09-15 26496]
    R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-09-15 20480]
    R3 viagfx;viagfx; C:\WINDOWS\system32\DRIVERS\vtmini.sys [2005-12-27 247040]
    S3 c4df26d8-7766-4482-88be-108b37041946;c4df26d8-7766-4482-88be-108b37041946; \??\D:\Player\cds300.dll []
    S3 catchme;catchme; \??\C:\DOCUME~1\Korhoset\LOCALS~1\Temp\catchme.sys []
    S3 FXDRV;FXDRV; \??\D:\Fxdrv.sys []
    S3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-18 2944]
    S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2009-02-09 17664]
    S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-02-09 22016]
    S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
    S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
    S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-02-09 7808]
    S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2004-08-03 25600]
    S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-02-09 7808]
    S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
    S4 WS2IFSL;Windows Socket 2.0:n tukiympäristö ei-IFS-järjestelmiä varten; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-09-15 12032]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2007-07-09 106496]
    R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-09-04 297752]
    R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-27 152984]
    R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-09-15 14336]
    R3 iPod Service;iPod-palvelu; C:\Program Files\iPod\bin\iPodService.exe [2007-07-10 501048]
    R3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-01-05 65795]
    R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-06-02 637952]
    S2 AVP;Kaspersky Anti-Virus; C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe [2009-07-03 303376]
    S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2004-09-15 268800]
    S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
    S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
    S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
    S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
    S3 WMPNetworkSvc;Windows Media Playerin verkkojakamispalvelu; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-15 913920]
    S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

    -----------------EOF-----------------
    info.txt logfile of random's system information tool 1.06 2009-09-05 14:09:36

    ======Uninstall list======

    -->MsiExec.exe /I{901C0409-6000-11D3-8CFE-0150048383C9}
    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    Adobe Download Manager 1.2 (Poista ainoastaan)-->"C:\Program Files\Common Files\Adobe\ESD\uninst.exe"
    Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Reader 7.0 - Suomi-->MsiExec.exe /I{AC76BA86-7AD7-1035-7B44-A70000000000}
    Adobe Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
    Apple Mobile Device Support -tuki-->MsiExec.exe /I{A43B2A2F-1DB5-47F9-A608-F11A4835D7CB}
    Apple Software Update-->MsiExec.exe /I{74EC78BC-B379-4E29-9006-8F161DCAABA6}
    Arkhimedes 2.7v3-->"C:\Program Files\Arkhimedes2\unins000.exe"
    Arkhimedes 3.0 (4)-->"C:\Program Files\Arkhimedes3\unins000.exe"
    AVG Free 8.5-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
    CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
    Econet Palkanlaskenta-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{3B0D319B-86C0-4217-85F6-0E31C4F375EA}
    Econet Pro-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{0A06737F-2646-488F-872E-2610C4A17603} /l1035
    HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
    Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
    Hotfix for Windows XP (KB915865)-->"C:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst.exe"
    Hotfix for Windows XP (KB926239)-->"C:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe"
    Hotfix-korjauspäivitys Windows Media Player 11:lle (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
    Hotfix-päivitys Windows Internet Explorer 7:lle (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
    Hotfix-päivitys Windows XP:lle (KB893357)-->"C:\WINDOWS\$NtUninstallKB893357$\spuninst\spuninst.exe"
    Hotfix-päivitys Windows XP:lle (KB895953)-->"C:\WINDOWS\$NtUninstallKB895953$\spuninst\spuninst.exe"
    Hotfix-päivitys Windows XP:lle (KB896256)-->"C:\WINDOWS\$NtUninstallKB896256$\spuninst\spuninst.exe"
    Hotfix-päivitys Windows XP:lle (KB906569)-->"C:\WINDOWS\$NtUninstallKB906569$\spuninst\spuninst.exe"
    Hotfix-päivitys Windows XP:lle (KB910728)-->"C:\WINDOWS\$NtUninstallKB910728$\spuninst\spuninst.exe"
    Hotfix-päivitys Windows XP:lle (KB914440)-->"C:\WINDOWS\$NtUninstallKB914440$\spuninst\spuninst.exe"
    Hotfix-päivitys Windows XP:lle (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
    Hotfix-päivitys Windows XP:lle (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
    Hotfix-päivitys Windows XP:lle (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
    HP Image Zone 3.5-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
    HP PSC & OfficeJet 3.5-->"C:\Program Files\HP\Digital Imaging\{0FABD3D7-3036-4e78-B29D-58957ADB0A12}\setup\hpzscr01.exe" -datfile hposcr03.dat
    HP Software Update-->MsiExec.exe /X{34957B51-9676-41CE-9E52-44AE91B73F1C}
    iTunes-->MsiExec.exe /I{9357AE3A-B2ED-4138-BB9B-0564352C3F0A}
    Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
    Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
    Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
    Kaspersky Anti-Virus 2010-->MsiExec.exe /I{943B6738-4801-4982-90EC-0442EF7AEB16}
    Kaspersky Anti-Virus 2010-->MsiExec.exe /I{943B6738-4801-4982-90EC-0442EF7AEB16}
    Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
    Memories Disc Creator 2.0-->MsiExec.exe /X{2E132061-C78A-48D4-A899-1D13B9D189FA}
    Microsoft .NET Framework 1.1 Finnish Language Pack-->MsiExec.exe /X{4538A1AF-6894-4F10-ABDA-6CB9E6ACF8B6}
    Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
    Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
    Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
    Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
    Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
    Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
    Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.7-->"C:\WINDOWS\$NtUninstallWdf01007$\spuninst\spuninst.exe"
    Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
    Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040B-6000-11D3-8CFE-0150048383C9}
    Microsoft User-Mode Driver Framework Feature Pack 1.7-->"C:\WINDOWS\$NtUninstallWudf01007$\spuninst\spuninst.exe"
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    Microsoft Works-->MsiExec.exe /I{6495D83E-3A5B-4674-A17F-3A6DDCDC0F89}
    Microsoft Zoo Tycoon-->"C:\Program Files\Microsoft Games\Zoo Tycoon\UNINSTAL.EXE" /runtemp /addremove
    Mozilla Firefox (3.5.2)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    MSVC80_x86-->MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}
    MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
    MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
    MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    MSXML 6 Service Pack 2 (KB954459)-->MsiExec.exe /I{1A528690-6A2D-4BC5-B143-8C4AE8D19D96}
    Nokia Connectivity Cable Driver-->MsiExec.exe /I{52D02A2B-03D2-4E34-A358-DC5D951FD296}
    Nokia PC Suite-->C:\Documents and Settings\All Users\Application Data\Installations\{55495E65-7C5B-48E4-BC7D-DE54F3DE5ED6}\Nokia_PC_Suite_7_1_30_8_fin_web.exe
    Nokia PC Suite-->MsiExec.exe /I{55495E65-7C5B-48E4-BC7D-DE54F3DE5ED6}
    OCA Client history tool install-->"C:\WINDOWS\$UninstallOCA-X86Fre-ENU$\spuninst\spuninst.exe"
    PC Connectivity Solution-->MsiExec.exe /I{0C973594-7DDF-4BD0-84ED-3517F7622037}
    Power2Go 4.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" -uninstall
    PowerDVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
    Päivitys Windows XP:lle (KB894391)-->"C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
    Päivitys Windows XP:lle (KB896727)-->"C:\WINDOWS\$NtUninstallKB896727$\spuninst\spuninst.exe"
    Päivitys Windows XP:lle (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
    Päivitys Windows XP:lle (KB900485)-->"C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
    Päivitys Windows XP:lle (KB904942)-->"C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe"
    Päivitys Windows XP:lle (KB910437)-->"C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
    Päivitys Windows XP:lle (KB912945)-->"C:\WINDOWS\$NtUninstallKB912945$\spuninst\spuninst.exe"
    Päivitys Windows XP:lle (KB916595)-->"C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
    Päivitys Windows XP:lle (KB920872)-->"C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
    Päivitys Windows XP:lle (KB922582)-->"C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
    Päivitys Windows XP:lle (KB925720)-->"C:\WINDOWS\$NtUninstallKB925720$\spuninst\spuninst.exe"
    Päivitys Windows XP:lle (KB927891)-->"C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe"
    Päivitys Windows XP:lle (KB929338)-->"C:\WINDOWS\$NtUninstallKB929338$\spuninst\spuninst.exe"
    Päivitys Windows XP:lle (KB930916)-->"C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe"
    Päivitys Windows XP:lle (KB931836)-->"C:\WINDOWS\$NtUninstallKB931836$\spuninst\spuninst.exe"
    Päivitys Windows XP:lle (KB932823-v3)-->"C:\WINDOWS\$NtUninstallKB932823-v3$\spuninst\spuninst.exe"
    Päivitys Windows XP:lle (KB933360)-->"C:\WINDOWS\$NtUninstallKB933360$\spuninst\spuninst.exe"
    Päivitys Windows XP:lle (KB936357)-->"C:\WINDOWS\$NtUninstallKB936357$\spuninst\spuninst.exe"
    Päivitys Windows XP:lle (KB938828)-->"C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe"
    Päivitys Windows XP:lle (KB942763)-->"C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"
    Päivitys Windows XP:lle (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
    Päivitys Windows XP:lle (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
    Päivitys Windows XP:lle (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
    Päivitys Windows XP:lle (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
    Päivitys Windows XP:lle (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
    QuickTime-->MsiExec.exe /I{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}
    Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\Setup.exe" -l0xb -removeonly
    REALTEK Gigabit and Fast Ethernet NIC Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{94FB906A-CF42-4128-A509-D353026A607E}\Setup.exe" -l0xb REMOVE
    Suojauspäivitys ohjelmistolle Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
    Suojauspäivitys Windows Internet Explorer 7:lle (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
    Suojauspäivitys Windows Internet Explorer 7:lle (KB929969)-->"C:\WINDOWS\ie7updates\KB929969\spuninst\spuninst.exe"
    Suojauspäivitys Windows Internet Explorer 7:lle (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"
    Suojauspäivitys Windows Internet Explorer 7:lle (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
    Suojauspäivitys Windows Internet Explorer 7:lle (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
    Suojauspäivitys Windows Internet Explorer 7:lle (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
    Suojauspäivitys Windows Internet Explorer 7:lle (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
    Suojauspäivitys Windows Internet Explorer 7:lle (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
    Suojauspäivitys Windows Internet Explorer 7:lle (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
    Suojauspäivitys Windows Internet Explorer 7:lle (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
    Suojauspäivitys Windows Internet Explorer 7:lle (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
    Suojauspäivitys Windows Internet Explorer 7:lle (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
    Suojauspäivitys Windows Internet Explorer 7:lle (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
    Suojauspäivitys Windows Internet Explorer 7:lle (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
    Suojauspäivitys Windows Internet Explorer 7:lle (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
    Suojauspäivitys Windows Internet Explorer 7:lle (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
    Suojauspäivitys Windows Internet Explorer 7:lle (KB969897)-->"C:\WINDOWS\ie7updates\KB969897-IE7\spuninst\spuninst.exe"
    Suojauspäivitys Windows Internet Explorer 7:lle (KB972260)-->"C:\WINDOWS\ie7updates\KB972260-IE7\spuninst\spuninst.exe"
    Suojauspäivitys Windows Media Player 10:lle (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
    Suojauspäivitys Windows Media Player 10:lle (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
    Suojauspäivitys Windows Media Player 11:lle (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
    Suojauspäivitys Windows Media Player 11:lle (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
    Suojauspäivitys Windows Media Player 6.4:lle (KB925398)-->"C:\WINDOWS\$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe"
    Suojauspäivitys Windows Media Playerille (KB911564)-->"C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe"
    Suojauspäivitys Windows Media Playerille (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
    Suojauspäivitys Windows Media Playerille (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9L$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB883939)-->"C:\WINDOWS\$NtUninstallKB883939$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB890046)-->"C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB893756)-->"C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB896358)-->"C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB896422)-->"C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB896423)-->"C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB896424)-->"C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB896428)-->"C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB896688)-->"C:\WINDOWS\$NtUninstallKB896688$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB899587)-->"C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB899588)-->"C:\WINDOWS\$NtUninstallKB899588$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB899589)-->"C:\WINDOWS\$NtUninstallKB899589$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB899591)-->"C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB900725)-->"C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB901017)-->"C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB901190)-->"C:\WINDOWS\$NtUninstallKB901190$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB901214)-->"C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB902400)-->"C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB903235)-->"C:\WINDOWS\$NtUninstallKB903235$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB904706)-->"C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB905414)-->"C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB905749)-->"C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB908519)-->"C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB908531)-->"C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB911280)-->"C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB911562)-->"C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB911567)-->"C:\WINDOWS\$NtUninstallKB911567$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB911927)-->"C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB912812)-->"C:\WINDOWS\$NtUninstallKB912812$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB912919)-->"C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB913433)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB913433.inf
    Suojauspäivitys Windows XP:lle (KB913446)-->"C:\WINDOWS\$NtUninstallKB913446$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB913580)-->"C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB914388)-->"C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB914389)-->"C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB916281)-->"C:\WINDOWS\$NtUninstallKB916281$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB917159)-->"C:\WINDOWS\$NtUninstallKB917159$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB917344)-->"C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB917422)-->"C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB917537)-->"C:\WINDOWS\$NtUninstallKB917537$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB917953)-->"C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB918118)-->"C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB918439)-->"C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB918899)-->"C:\WINDOWS\$NtUninstallKB918899$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB919007)-->"C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB920213)-->"C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB920214)-->"C:\WINDOWS\$NtUninstallKB920214$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB920670)-->"C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB920683)-->"C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB920685)-->"C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB921398)-->"C:\WINDOWS\$NtUninstallKB921398$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB921503)-->"C:\WINDOWS\$NtUninstallKB921503$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB921883)-->"C:\WINDOWS\$NtUninstallKB921883$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB922616)-->"C:\WINDOWS\$NtUninstallKB922616$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB922819)-->"C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB923191)-->"C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB923414)-->"C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB923694)-->"C:\WINDOWS\$NtUninstallKB923694$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB923980)-->"C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB924191)-->"C:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB924270)-->"C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB924667)-->"C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB925454)-->"C:\WINDOWS\$NtUninstallKB925454$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB925486)-->"C:\WINDOWS\$NtUninstallKB925486$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB925902)-->"C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB926255)-->"C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB926436)-->"C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB927779)-->"C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB927802)-->"C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB928255)-->"C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB928843)-->"C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB929123)-->"C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB930178)-->"C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB931261)-->"C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB931784)-->"C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB932168)-->"C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB933729)-->"C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB935839)-->"C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB935840)-->"C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB936021)-->"C:\WINDOWS\$NtUninstallKB936021$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB938829)-->"C:\WINDOWS\$NtUninstallKB938829$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB941202)-->"C:\WINDOWS\$NtUninstallKB941202$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB941568)-->"C:\WINDOWS\$NtUninstallKB941568$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB941644)-->"C:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB941693)-->"C:\WINDOWS\$NtUninstallKB941693$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB943055)-->"C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB943460)-->"C:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB943485)-->"C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB944653)-->"C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB945553)-->"C:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB946026)-->"C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB948590)-->"C:\WINDOWS\$NtUninstallKB948590$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB948881)-->"C:\WINDOWS\$NtUninstallKB948881$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB950749)-->"C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB958470)-->"C:\WINDOWS\$NtUninstallKB958470$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
    Suojauspäivitys Windows XP:lle (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
    The Compressorizer! Version 1.01-->C:\Program Files\The Compressorizer\Uninstall.exe
    The Sims 2-->C:\Program Files\EA GAMES\The Sims 2\EAUninstall.exe
    Tärkeä päivitys Windows Media Player 11:lle (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
    VIA/S3G Display Driver-->C:\PROGRA~1\S3\UChromeP\s3minset.exe /u UChromeP.uns
    Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
    Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803$\spuninst\spuninst.exe"
    Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
    Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"
    Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
    Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
    Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
    Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
    Windows XP Hotfix - KB834707-->C:\WINDOWS\$NtUninstallKB834707$\spuninst\spuninst.exe
    Windows XP Hotfix - KB867282-->C:\WINDOWS\$NtUninstallKB867282$\spuninst\spuninst.exe
    Windows XP Hotfix - KB873333-->C:\WINDOWS\$NtUninstallKB873333$\spuninst\spuninst.exe
    Windows XP Hotfix - KB873339-->C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
    Windows XP Hotfix - KB885250-->C:\WINDOWS\$NtUninstallKB885250$\spuninst\spuninst.exe
    Windows XP Hotfix - KB885835-->C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
    Windows XP Hotfix - KB885836-->C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
    Windows XP Hotfix - KB885884-->C:\WINDOWS\$NtUninstallKB885884$\spuninst\spuninst.exe
    Windows XP Hotfix - KB886185-->C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
    Windows XP Hotfix - KB887472-->C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
    Windows XP Hotfix - KB888113-->C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe
    Windows XP Hotfix - KB888302-->C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
    Windows XP Hotfix - KB890047-->C:\WINDOWS\$NtUninstallKB890047$\spuninst\spuninst.exe
    Windows XP Hotfix - KB890175-->C:\WINDOWS\$NtUninstallKB890175$\spuninst\spuninst.exe
    Windows XP Hotfix - KB890859-->"C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
    Windows XP Hotfix - KB890923-->"C:\WINDOWS\$NtUninstallKB890923$\spuninst\spuninst.exe"
    Windows XP Hotfix - KB891781-->C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
    Windows XP Hotfix - KB893066-->"C:\WINDOWS\$NtUninstallKB893066$\spuninst\spuninst.exe"
    Windows XP Hotfix - KB893086-->"C:\WINDOWS\$NtUninstallKB893086$\spuninst\spuninst.exe"
    Windowsin ohjainpaketti - Nokia Modem (06/01/2009 4.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokia_blue_C08496D7A0050438DFE13C55799AE2D4157A8E7A\nokia_bluetooth.inf
    Windowsin ohjainpaketti - Nokia Modem (06/01/2009 7.01.0.3)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_9C48E34C57B7D4AAE5FFF5FB9B476B538394FD30\nokbtmdm.inf
    Windowsin ohjainpaketti - Nokia pccsmcfd (08/22/2008 7.0.0.0)-->C:\PROGRA~1\DIFX\B4723E9A0713E5B1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.inf
    WinRAR-pakkausohjelma-->C:\Program Files\WinRAR\uninstall.exe
    WinZip-->"C:\Program Files\WinZip\WINZIP32.EXE" /uninstall
    Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
    Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\WINDOWS\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
    Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\unyt.exe

    ======Hosts File======

    127.0.0.1 localhost

    ======Security center information======

    AV: Avira AntiVir PersonalEdition Classic
    AV: Avira AntiVir PersonalEdition Classic
    AV: AVG Anti-Virus Free
    AV: Avira AntiVir PersonalEdition Classic (outdated)
    AV: Avira AntiVir PersonalEdition Classic
    AV: Avira AntiVir PersonalEdition Classic

    ======System event log======

    Computer Name: KORHONEN
    Event Code: 1000
    Message: Tietokoneen IP-osoite 213.216.227.247 ei ole enää voimassa verkkokortille, jonka
    verkko-osoite on 0015586CE10A.

    Record Number: 38327
    Source Name: Dhcp
    Time Written: 20090809092633.000000+180
    Event Type: error
    User:

    Computer Name: KORHONEN
    Event Code: 1003
    Message: Verkon DHCP-palvelin ei voinut uusia IP-osoitetta tietokoneen
    verkkokortille, jonka verkko-osoite on 0015586CE10A.
    Virhe:
    Semaforin aikakatkaisun määräaika on lopussa.
    .
    Tietokone jatkaa osoitteen pyytämistä verkon DHCP-palvelimelta.


    Record Number: 38326
    Source Name: Dhcp
    Time Written: 20090809092633.000000+180
    Event Type: warning
    User:

    Computer Name: KORHONEN
    Event Code: 1000
    Message: Tietokoneen IP-osoite 213.216.227.247 ei ole enää voimassa verkkokortille, jonka
    verkko-osoite on 0015586CE10A.

    Record Number: 38315
    Source Name: Dhcp
    Time Written: 20090808204022.000000+180
    Event Type: error
    User:

    Computer Name: KORHONEN
    Event Code: 1003
    Message: Verkon DHCP-palvelin ei voinut uusia IP-osoitetta tietokoneen
    verkkokortille, jonka verkko-osoite on 0015586CE10A.
    Virhe:
    Semaforin aikakatkaisun määräaika on lopussa.
    .
    Tietokone jatkaa osoitteen pyytämistä verkon DHCP-palvelimelta.


    Record Number: 38314
    Source Name: Dhcp
    Time Written: 20090808204022.000000+180
    Event Type: warning
    User:

    Computer Name: KORHONEN
    Event Code: 18
    Message:
    Record Number: 38313
    Source Name: avgntflt
    Time Written: 20090808204022.000000+180
    Event Type: warning
    User:

    =====Application event log=====

    Computer Name: KORHONEN
    Event Code: 4113
    Message:
    Record Number: 8516
    Source Name: Avira AntiVir
    Time Written: 20090903141332.000000+180
    Event Type: warning
    User: NT-HALLINTA\SYSTEM

    Computer Name: KORHONEN
    Event Code: 4113
    Message:
    Record Number: 8515
    Source Name: Avira AntiVir
    Time Written: 20090903141331.000000+180
    Event Type: warning
    User: NT-HALLINTA\SYSTEM

    Computer Name: KORHONEN
    Event Code: 4113
    Message:
    Record Number: 8514
    Source Name: Avira AntiVir
    Time Written: 20090903141325.000000+180
    Event Type: warning
    User: NT-HALLINTA\SYSTEM

    Computer Name: KORHONEN
    Event Code: 4113
    Message:
    Record Number: 8513
    Source Name: Avira AntiVir
    Time Written: 20090903141324.000000+180
    Event Type: warning
    User: NT-HALLINTA\SYSTEM

    Computer Name: KORHONEN
    Event Code: 4113
    Message:
    Record Number: 8511
    Source Name: Avira AntiVir
    Time Written: 20090903140306.000000+180
    Event Type: warning
    User: NT-HALLINTA\SYSTEM

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\PC Connectivity Solution;C:\Program Files\QuickTime\QTSystem
    "windir"=%SystemRoot%
    "FP_NO_HOST_CHECK"=NO
    "OS"=Windows_NT
    "PROCESSOR_ARCHITECTURE"=x86
    "PROCESSOR_LEVEL"=15
    "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 6 Stepping 4, GenuineIntel
    "PROCESSOR_REVISION"=0604
    "NUMBER_OF_PROCESSORS"=1
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
    "QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip

    -----------------EOF-----------------
     
    kmta82, Sep 5, 2009
    #6
  7. kmta82

    kmta82 Member

    Joined:
    Sep 4, 2009
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    11
    Hups! Tuli lähetettyä toiseen kertaan toinen tiedosto, kun en tiennyt et se lähetti ton ensimmäisen. kone tökkii pahasti..
     
    kmta82, Sep 5, 2009
    #7
  8. kalminen

    kalminen Regular member

    Joined:
    May 4, 2007
    Messages:
    3,915
    Likes Received:
    0
    Trophy Points:
    46
    * Lataa OTM by OldTimer.
    * Tallenna se työpöydällesi.
    * Tuplaklikkaa OTM.exe käynnistääksesi sen.
    * Kopioi (CTRL+C) alla olevasta laatikosta kaikki teksti.
    Code:
    :files
C:\WINDOWS\system32\sys32_nov.exe
C:\Documents and Settings\Korhoset\sys32_nov.exe
C:\Program Files\Common Files\pihyqujic.exe
C:\WINDOWS\igeco.vbs
C:\WINDOWS\tovy.dll
C:\Avenger
C:\ComboFix
C:\Qoobox 
D:\Player\__CDS2.dll

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] 
"braviax"=-
"Regedit32"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"sys32_nov"=-
"braviax"=- 
:commands 
[emptytemp]
    * Palaa takaisin OtmoveIt3, paina oikeanpuoleista hiiren nappia Paste Instructions for Items to be Move-ikkunassa (Keltaisen palkin alla) ja paina Liitä.
    * Paina punaista MoveIt! -nappia.
    * Kopioi (CTRL+C) ja liitä (CTRL+V) Results-ikkunaan (Vihreän palkin alla) tullut teksti seuraavaan viestiisi.
    * Sulje OTM.

    Jos jotain tiedostoa/kansiota ei voitu siirtää heti, ohjelma ehdottaa koneen uudelleenkäynnistystä. Vastaa ehdotukseen Yes, jolloin OtMoveIt käynnistää koneesi uudelleen.

    *********************************************************

    Poista ne rivit jotka ovat vielä jäljellä:

    Sammuta selain ja muut ohjelmat Fixin ajaksi. (ei virustorjuntaa)
    Käynnistä HijackThis:ja Scan ja ruksaa seuraavat punaisella listatut tiedostot
    (HJT sammuttaa ohjelman ei poista)

    R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
    O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [sys32_nov] C:\WINDOWS\system32\sys32_nov.exe
    O4 - HKLM\..\Run: [Regedit32] C:\WINDOWS\system32\regedit.exe
    O4 - HKCU\..\Run: [sys32_nov] C:\Documents and Settings\Korhoset\sys32_nov.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
    O18 - Protocol: CDS300 - {AD43AA67-6860-4531-AC8A-0E68F9CF023E} - D:\Player\__CDS2.dll (file missing)

    sekä sammuta ne.(fix Chekked) napista.

    Tyhjennä roskakori ja käynnistä koneesi uudelleen.

    Postita tänne seuraavat lokit:
    * Tuore HijackThis loki (Otetaan viimeisenä ennen postitusta)
    * OTMoveIt logi. raportti
    *
    * Kerro mikä on tilanne ???
    *
     
    kalminen, Sep 5, 2009
    #8
  9. kmta82

    kmta82 Member

    Joined:
    Sep 4, 2009
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    11
    Moi. otm:n latauksen pystyn tekemään mut HijackThis:llä en pysty tekemään mitään koska en saa sitä käynnistymään enää, enkä poistamaan tai asentamaan uudelleen. Mitä teen? =(
     
    kmta82, Sep 6, 2009
    #9
  10. kalminen

    kalminen Regular member

    Joined:
    May 4, 2007
    Messages:
    3,915
    Likes Received:
    0
    Trophy Points:
    46
    Käynnistä kone vikasietotilaan => OHJE

    Laita piilotiedostot näkyviin => OHJE

    Toimiiko täällä Mikään ???

    ***********************'

    Saitko OTM login ???? => lähetä
    .
     
    kalminen, Sep 6, 2009
    #10

Share This Page