spooler subsystem app ja tulosta ei...

Yksityisviestit

Luo uusi yksityisviesti

Kaikki uudet viestit

Ilman vastauksia olevat viestiketjut

Hae viestejä

sunnuntai 20.7.2025 / 11:33

Hae keskustelualueilta:

afterdawn.com > keskustelu > yleistä keskustelua tietokoneista > virukset ja haittaohjelmat - hijackthis -logit > spooler subsystem app ja tulosta ei...

Aiheet

Keskustelualueet

Aloita uusi viestiketju

spooler subsystem app ja tulosta ei...

Siirry:

Kirjoittaja

Viesti

jajutila

Newbie

15. joulukuuta 2006 @ 14:14

Linkki tähän viestiin

Kone jumittelee, ohjauspaneeliin ei pääse,spooler subsystem app astuu kuvaan mukaan ja tulostus ei toimi oikein.... Saiskohan noviisi helppoja vinkkejä??? Dna nettiturva on ->kaikki ok samoin Ad-Aware.
Logfile of HijackThis v1.99.1
Scan saved at 18:42:03, on 15.12.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\HPQ\IAM\bin\asghost.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\DNANET~1\backweb\4653381\Program\SERVIC~1.EXE
C:\Program Files\WIDCOMM\Bluetooth-ohjelmisto\bin\btwdins.exe
C:\Program Files\dna Nettiturva\Anti-Virus\fsgk32st.exe
C:\Program Files\dna Nettiturva\backweb\4653381\program\fsbwsys.exe
C:\Program Files\dna Nettiturva\Anti-Virus\FSGK32.EXE
C:\Program Files\dna Nettiturva\Anti-Virus\fssm32.exe
C:\Program Files\dna Nettiturva\Common\FSMA32.EXE
C:\WINDOWS\system32\IFXSPMGT.exe
C:\Program Files\dna Nettiturva\Common\FSMB32.EXE
C:\WINDOWS\system32\IFXTCS.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\WINDOWS\SMINST\Scheduler.exe
C:\Program Files\dna Nettiturva\Common\FSM32.EXE
C:\Program Files\dna Nettiturva\FSGUI\ispnews.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\WIDCOMM\Bluetooth-ohjelmisto\BTTray.exe
C:\Program Files\dna Nettiturva\backweb\4653381\Program\fspex.exe
C:\Program Files\GPS Pathfinder Office 2.90\conmgr.exe
C:\Program Files\GPS Pathfinder Office 2.90\PfPjChgr.exe
C:\Program Files\dna Nettiturva\Common\FCH32.EXE
C:\PROGRA~1\COMMON~1\Trimble\REMOTE~1\TRDMU.exe
C:\Program Files\dna Nettiturva\Common\FAMEH32.EXE
C:\Program Files\dna Nettiturva\Anti-Virus\fsqh.exe
C:\Program Files\ProtectTools\Embedded Security Software\PSDsrvc.EXE
C:\Program Files\dna Nettiturva\Anti-Virus\fsrw.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\dna Nettiturva\Anti-Virus\fsav32.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\dna Nettiturva\FWES\Program\fsdfwd.exe
C:\Program Files\ProtectTools\Embedded Security Software\PSDrt.exe
C:\PROGRA~1\DNANET~1\ANTI-S~1\fsaw.exe
C:\Program Files\dna Nettiturva\FSGUI\fsguidll.exe
C:\PROGRA~1\HPQ\Shared\HPQTOA~1.EXE
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Järjestelmänvalvoja\Omat tiedostot\JARI\HijackThis_v1.99.1.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mtv3.fi/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: HP Credential Manager for ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\HPQ\IAM\Bin\ItIeAddIN.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [PTHOSTTR] C:\Program Files\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\HPQ\IAM\Bin\AsTsVcc.dll,RegisterModule
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\Sminst\Recguard.exe
O4 - HKLM\..\Run: [Reminder] C:\WINDOWS\Creator\Remind_XP.exe
O4 - HKLM\..\Run: [Scheduler] C:\WINDOWS\SMINST\Scheduler.exe
O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O4 - HKLM\..\Run: [PFO Check Settings] pfochk.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\dna Nettiturva\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\dna Nettiturva\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\dna Nettiturva\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [News Service] "C:\Program Files\dna Nettiturva\FSGUI\ispnews.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: dna Nettiturva.lnk = C:\Program Files\dna Nettiturva\backweb\4653381\Program\fspex.exe
O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O4 - Global Startup: GPS Pathfinder Office Connection Manager.lnk = C:\Program Files\GPS Pathfinder Office 2.90\conmgr.exe
O4 - Global Startup: GPS Pathfinder Office Project Changer.lnk = C:\Program Files\GPS Pathfinder Office 2.90\PfPjChgr.exe
O8 - Extra context menu item: &Estä tämä kohoikkuna - C:\Program Files\dna Nettiturva\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: Lähetä &Bluetooth-laitteeseen - C:\Program Files\WIDCOMM\Bluetooth-ohjelmisto\btsendto_ie_ctx.htm
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: IE-suojaus - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\dna Nettiturva\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: IE-suojaus... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\dna Nettiturva\Anti-Spyware\ieshield.dll
O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O20 - Winlogon Notify: IfxWlxEN - C:\WINDOWS\SYSTEM32\IfxWlxEN.dll
O20 - Winlogon Notify: OneCard - C:\Program Files\HPQ\IAM\Bin\AsWlnPkg.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: dna Nettiturva (BackWeb Plug-in - 4653381) - dna Nettiturva - C:\PROGRA~1\DNANET~1\backweb\4653381\Program\SERVIC~1.EXE
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth-ohjelmisto\bin\btwdins.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\dna Nettiturva\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\dna Nettiturva\backweb\4653381\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\dna Nettiturva\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\dna Nettiturva\Common\FSMA32.EXE
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - C:\WINDOWS\system32\IFXSPMGT.exe
O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - C:\WINDOWS\system32\IFXTCS.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS (file missing)
O23 - Service: PC Angel (PCA) - SoftThinks - C:\WINDOWS\SMINST\PCAngel.exe
O23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Infineon Technologies AG - C:\Program Files\ProtectTools\Embedded Security Software\PSDsrvc.EXE

[ + lainaa]

jajutila

Newbie

15. joulukuuta 2006 @ 17:20

Linkki tähän viestiin

Antakee nyt jottain vinkkiä...kone hyytyy täysin kun koettaa exelistä tulostaa, jotain muuta taas tulostaa ihan kunnollakin. Epämääräinen vaiva... aiemmin tulostimen ajuria asentaessa vinkui kovasti digitaalisesta allekirjoituksesta, mutta kun semmosta ei nyt sattunu oleen niin asennettiin perinteinen... voiko vaiva siitä johtua???

[ + lainaa]

Hujo

Suspended permanently

15. joulukuuta 2006 @ 17:35

Linkki tähän viestiin

1.Lataa combofix.exe http://download.bleepingcomputer.com/sUBs/combofix.exe
tiedosto työpöydällesi.
2. Tuplaklikkaa combofix.exe tiedostoa ja seuraa ohjeistuksia.
3. Kun työkalu on valmis, se tuottaa lokin. Lähetä tämä loki viesti ketjuusi.
Huom! Älä klikkaile combofixin ikkunaa käytön aikana. Tämä saattaa aiheuttaa ohjelman jumiutumisen.

[ + lainaa]

Voiko tietsikka koskaan toimia?

jajutila

Newbie

15. joulukuuta 2006 @ 17:44

Linkki tähän viestiin

tästä lähtee...

J?rjestelm?nvalvoja - 06-12-15 22:38:56,78 Service Pack 2
ComboFix 06.11.27W - Running from: "C:\Documents and Settings\J?rjestelm?nvalvoja\Ty?p?yt?"

((((((((((((((((((((((((((((((( Files Created from 2006-11-15 to 2006-12-15 ))))))))))))))))))))))))))))))))))

2006-12-15 22:29 <KANSIO> d--hs---- C:\Config.Msi
2006-12-15 22:29 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\Adobe
2006-12-15 21:20 <KANSIO> d-------- C:\Downloads
2006-12-15 21:20 <KANSIO> d-------- C:\Bases
2006-12-15 21:18 <KANSIO> d-------- C:\Kaspersky
2006-12-15 17:36 260,588 --a------ C:\dg2xlxpae041125.exe
2006-12-15 17:36 <KANSIO> d-------- C:\Win2K
2006-12-15 16:07 <KANSIO> d-------- C:\Temp
2006-12-15 15:41 <KANSIO> d-------- C:\Program Files\Spybot - Search & Destroy
2006-12-15 15:35 <KANSIO> d-------- C:\Program Files\Lavasoft
2006-12-15 15:35 <KANSIO> d-------- C:\Documents and Settings\J?rjestelm?nvalvoja\Application Data\Lavasoft
2006-12-15 15:33 <KANSIO> d-------- C:\Documents and Settings\J?rjestelm?nvalvoja\Application Data\Macromedia
2006-12-15 13:18 <KANSIO> d-------- C:\Program Files\Microsoft Visual Studio
2006-12-15 13:18 <KANSIO> d-------- C:\Program Files\Common Files\DESIGNER
2006-12-15 11:02 <KANSIO> d-------- C:\spoolerlogs
2006-12-09 10:02 94,208 --a------ C:\WINDOWS\system32\DICoInst.dll
2006-12-09 10:02 <KANSIO> d-------- C:\Program Files\Falcom
2006-12-09 09:55 <KANSIO> d-------- C:\Program Files\Gerulus
2006-12-09 09:52 <KANSIO> d-------- C:\b6fb4b0542df03bcea481e4e8f3484
2006-12-08 10:48 <KANSIO> d-------- C:\Mssql
2006-12-08 10:40 <KANSIO> d-------- C:\domino
2006-12-08 10:34 <KANSIO> d-------- C:\Winprog
2006-12-08 10:28 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2006-12-08 10:14 <KANSIO> d-------- C:\Program Files\Microsoft SQL Server
2006-12-08 10:02 630,784 --a------ C:\Documents and Settings\J?rjestelm?nvalvoja\GoToAssist_chat2way__317_en.exe
2006-12-07 19:35 <KANSIO> d-------- C:\Program Files\Skype
2006-12-07 19:35 <KANSIO> d-------- C:\Documents and Settings\J?rjestelm?nvalvoja\Application Data\Skype
2006-12-06 17:53 <KANSIO> dr------- C:\Documents and Settings\J?rjestelm?nvalvoja\Application Data\Brother
2006-12-06 17:39 <KANSIO> d-------- C:\WINDOWS\system32\NtmsData
2006-12-06 17:32 <KANSIO> d-------- C:\Program Files\Panasonic
2006-12-05 11:12 <KANSIO> d-------- C:\Documents and Settings\J?rjestelm?nvalvoja\Application Data\PEX
2006-12-05 11:12 <KANSIO> d-------- C:\Documents and Settings\J?rjestelm?nvalvoja\Application Data\F-Secure
2006-12-05 10:50 <KANSIO> d-------- C:\Documents and Settings\J?rjestelm?nvalvoja\Application Data\ispnews
2006-12-05 10:47 70,896 --a------ C:\WINDOWS\system32\drivers\fsdfw.sys
2006-12-05 10:47 33,584 --a------ C:\WINDOWS\system32\drivers\fsndis5.sys
2006-12-05 10:47 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\F-Secure
2006-12-05 10:41 118,842 -r------- C:\WINDOWS\bwUnin-6.3.2.116-4653381L.exe
2006-12-05 10:41 <KANSIO> d-------- C:\Program Files\dna Nettiturva
2006-12-04 20:14 98,304 --a------ C:\WINDOWS\system32\LTFIL90N.DLL
2006-12-04 20:14 73,728 --a------ C:\WINDOWS\system32\CRCMDL32.DLL
2006-12-04 20:14 73,216 --a------ C:\WINDOWS\system32\PFXBPD32.DLL
2006-12-04 20:14 68,096 --a------ C:\WINDOWS\system32\CODEC.DLL
2006-12-04 20:14 65,508 --a------ C:\WINDOWS\system32\PFXDPERS.DLL
2006-12-04 20:14 45,568 --a------ C:\WINDOWS\system32\PFXBACG.EXE
2006-12-04 20:14 44,544 --a------ C:\WINDOWS\system32\PFXDIB32.DLL
2006-12-04 20:14 41,015 --a------ C:\WINDOWS\system32\MGCSLM.DLL
2006-12-04 20:14 33,792 --a------ C:\WINDOWS\system32\LFBMP90N.DLL
2006-12-04 20:14 288,256 --a------ C:\WINDOWS\system32\LTKRN90N.DLL
2006-12-04 20:14 27,136 --a------ C:\WINDOWS\system32\PFXTHK32.DLL
2006-12-04 20:14 241,536 --a------ C:\WINDOWS\system32\PFXDPMUI.DLL
2006-12-04 20:14 21,504 --a------ C:\WINDOWS\system32\PFXJBIG.DLL
2006-12-04 20:14 19,112 --a------ C:\WINDOWS\system32\PFXTHK16.DLL
2006-12-04 20:14 155,648 --a------ C:\WINDOWS\system32\PFXDPDLG.DLL
2006-12-04 20:14 14,624 --a------ C:\WINDOWS\system32\PFXGNTHK.DLL
2006-12-04 20:14 10,240 --a------ C:\WINDOWS\system32\RECT2.DLL
2006-12-04 19:29 26,496 --a------ C:\WINDOWS\system32\drivers\USBSTOR.SYS
2006-12-04 17:26 <KANSIO> d-------- C:\Documents and Settings\J?rjestelm?nvalvoja\Application Data\AdobeUM
2006-12-04 17:25 <KANSIO> d-------- C:\Documents and Settings\J?rjestelm?nvalvoja\Application Data\Adobe
2006-12-04 17:24 57,344 --a------ C:\WINDOWS\pfochk.exe
2006-12-04 17:24 <KANSIO> d-------- C:\Pfdata
2006-12-04 17:21 49,152 --a------ C:\WINDOWS\system32\INETWH32.DLL
2006-12-04 17:21 368,912 --a------ C:\WINDOWS\system32\vbar332.dll
2006-12-04 17:21 317,952 --a------ C:\WINDOWS\system32\ROBOEX32.DLL
2006-12-04 17:21 251,664 --a------ C:\WINDOWS\system32\msrd2x35.dll
2006-12-04 17:21 24,336 --a------ C:\WINDOWS\system32\msjter35.dll
2006-12-04 17:21 121,104 --a------ C:\WINDOWS\system32\msjint35.dll
2006-12-04 17:21 1,037,312 --a------ C:\WINDOWS\system32\msjet35.dll
2006-12-04 17:21 <KANSIO> d-------- C:\Program Files\GPS Pathfinder Office 2.90
2006-12-04 17:21 <KANSIO> d-------- C:\Program Files\Common Files\Trimble
2006-12-04 17:18 299,520 --a------ C:\WINDOWS\uninst.exe
2006-12-04 17:17 <KANSIO> d-------- C:\Documents and Settings\J?rjestelm?nvalvoja\WINDOWS
2006-12-04 16:46 630,784 --a------ C:\Documents and Settings\J?rjestelm?nvalvoja\chatlnk.exe
2006-12-04 16:46 <KANSIO> d-------- C:\WINDOWS\Sun
2006-12-04 16:46 <KANSIO> d-------- C:\Documents and Settings\J?rjestelm?nvalvoja\Application Data\Sun
2006-12-01 17:15 <KANSIO> d-------- C:\Documents and Settings\J?rjestelm?nvalvoja\Application Data\OfficeUpdate12
2006-12-01 17:01 24,816 --a------ C:\WINDOWS\system32\mdimon.dll
2006-12-01 16:59 <KANSIO> d-------- C:\WINDOWS\SHELLNEW
2006-12-01 16:59 <KANSIO> d-------- C:\Program Files\Microsoft Works
2006-12-01 16:58 <KANSIO> d-------- C:\Program Files\Microsoft.NET
2006-12-01 16:58 <KANSIO> d-------- C:\Program Files\Microsoft Office
2006-12-01 16:52 <KANSIO> dr-h----- C:\MSOCache
2006-12-01 16:50 0 -rahs---- C:\MSDOS.SYS
2006-12-01 16:50 0 -rahs---- C:\IO.SYS
2006-12-01 16:18 <KANSIO> d-------- C:\WINDOWS\WBEM
2006-12-01 16:18 <KANSIO> d-------- C:\WINDOWS\system32\fi-fi
2006-12-01 16:16 <KANSIO> d--h-c--- C:\WINDOWS\ie7
2006-12-01 16:15 121,856 --------- C:\WINDOWS\system32\xmllite.dll
2006-12-01 16:15 <KANSIO> d-------- C:\WINDOWS\network diagnostic
2006-12-01 16:12 <KANSIO> d-------- C:\Program Files\MSXML 4.0
2006-12-01 16:12 <KANSIO> d-------- C:\7c2c5a2e24ddfaca5b0222ee72
2006-12-01 15:54 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2006-12-01 15:49 <KANSIO> d--hs---- C:\Documents and Settings\J?rjestelm?nvalvoja\UserData
2006-12-01 08:02 <KANSIO> d-------- C:\Documents and Settings\J?rjestelm?nvalvoja\Application Data\Google
2006-12-01 07:44 <KANSIO> d-------- C:\WINDOWS\system32\PreInstall
2006-12-01 07:37 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\Google
2006-12-01 07:06 <KANSIO> d-------- C:\WINDOWS\system32\SoftwareDistribution
2006-12-01 04:26 <KANSIO> dr-hs---- C:\WINDOWS\system32\dllcache
2006-12-01 04:26 <KANSIO> dr-h----- C:\Documents and Settings\J?rjestelm?nvalvoja\SendTo
2006-12-01 04:26 <KANSIO> dr-h----- C:\Documents and Settings\J?rjestelm?nvalvoja\Recent
2006-12-01 04:26 <KANSIO> dr-h----- C:\Documents and Settings\J?rjestelm?nvalvoja\Application Data\.
2006-12-01 04:26 <KANSIO> dr-h----- C:\Documents and Settings\J?rjestelm?nvalvoja\Application Data
2006-12-01 04:26 <KANSIO> dr-h----- C:\Documents and Settings\All Users\Application Data\.
2006-12-01 04:26 <KANSIO> dr-h----- C:\Documents and Settings\All Users\Application Data
2006-12-01 04:26 <KANSIO> dr--s---- C:\WINDOWS\Fonts
2006-12-01 04:26 <KANSIO> dr--s---- C:\WINDOWS\assembly
2006-12-01 04:26 <KANSIO> dr------- C:\WINDOWS\Web
2006-12-01 04:26 <KANSIO> dr------- C:\WINDOWS\Offline Web Pages
2006-12-01 04:26 <KANSIO> dr------- C:\Program Files\Common Files\..
2006-12-01 04:26 <KANSIO> dr------- C:\Program Files\.
2006-12-01 04:26 <KANSIO> dr------- C:\Program Files
2006-12-01 04:26 <KANSIO> dr------- C:\Documents and Settings\J?rjestelm?nvalvoja\Suosikit
2006-12-01 04:26 <KANSIO> dr------- C:\Documents and Settings\J?rjestelm?nvalvoja\Omat tiedostot
2006-12-01 04:26 <KANSIO> dr------- C:\Documents and Settings\J?rjestelm?nvalvoja\K?ynnist?-valikko
2006-12-01 04:26 <KANSIO> dr------- C:\Documents and Settings\All Users\Tiedostot
2006-12-01 04:26 <KANSIO> dr------- C:\Documents and Settings\All Users\K?ynnist?-valikko
2006-12-01 04:26 <KANSIO> d-ahs---- C:\WINDOWS\..
2006-12-01 04:26 <KANSIO> d-ahs---- C:\Program Files\..
2006-12-01 04:26 <KANSIO> d--hs---- C:\WINDOWS\Installer
2006-12-01 04:26 <KANSIO> d--hs---- C:\RECYCLER
2006-12-01 04:26 <KANSIO> d--hs---- C:\Documents and Settings\J?rjestelm?nvalvoja\Cookies
2006-12-01 04:26 <KANSIO> d--hs---- C:\Documents and Settings\All Users\DRM
2006-12-01 04:26 <KANSIO> d--h----- C:\WINDOWS\inf
2006-12-01 04:26 <KANSIO> d--h----- C:\WINDOWS\$hf_mig$
2006-12-01 04:26 <KANSIO> d--h----- C:\Program Files\WindowsUpdate
2006-12-01 04:26 <KANSIO> d--h----- C:\Program Files\Uninstall Information
2006-12-01 04:26 <KANSIO> d--h----- C:\Program Files\InstallShield Installation Information
2006-12-01 04:26 <KANSIO> d--h----- C:\Documents and Settings\J?rjestelm?nvalvoja\Verkkoymp?rist?
2006-12-01 04:26 <KANSIO> d--h----- C:\Documents and Settings\J?rjestelm?nvalvoja\Tulostinymp?rist?
2006-12-01 04:26 <KANSIO> d--h----- C:\Documents and Settings\J?rjestelm?nvalvoja\Mallit
2006-12-01 04:26 <KANSIO> d--h----- C:\Documents and Settings\J?rjestelm?nvalvoja\Local Settings
2006-12-01 04:26 <KANSIO> d--h----- C:\Documents and Settings\All Users\Mallit
2006-12-01 04:26 <KANSIO> d---s---- C:\WINDOWS\Tasks
2006-12-01 04:26 <KANSIO> d---s---- C:\WINDOWS\system32\Microsoft
2006-12-01 04:26 <KANSIO> d---s---- C:\WINDOWS\Downloaded Program Files
2006-12-01 04:26 <KANSIO> d---s---- C:\Documents and Settings\J?rjestelm?nvalvoja\Application Data\Microsoft
2006-12-01 04:26 <KANSIO> d---s---- C:\Documents and Settings\All Users\Application Data\Microsoft
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\WinSxS
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\twain_32
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\Temp
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\system32\xircom
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\system32\wins
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\system32\wbem
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\system32\usmt
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\system32\URTTemp
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\system32\spool
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\system32\ShellExt
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\system32\Setup
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\system32\Restore
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\system32\ReinstallBackups
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\system32\ras
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\system32\oobe
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\system32\npp
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\system32\mui
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\system32\msmq
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\system32\MsDtc
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\system32\Macromed
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\system32\inetsrv
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\system32\IME
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\system32\icsxml
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\system32\ias
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\system32\export
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\system32\DRVSTORE
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\system32\drivers\etc
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\system32\drivers\disdn
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\system32\drivers\..
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\system32\drivers\.
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\system32\drivers
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\system32\DLA
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\system32\DirectX
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\system32\dhcp
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\system32\config
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\system32\Com
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\system32\CatRoot2
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\system32\CatRoot
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\system32\3com_dmi
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\system32\3076
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\system32\2052
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\system32\1054
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\system32\1042
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\system32\1041
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\system32\1037
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\system32\1035
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\system32\1033
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\system32\1031
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\system32\1028
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\system32\1025
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\system32\..
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\system32\.
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\system32
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\system\..
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\system\.
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\system
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\srchasst
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\SoftwareDistribution
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\SMINST
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\security
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\Resources
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\repair
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\Registration
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\RegisteredPackages
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\Provisioning
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\PeerNet
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\pchealth
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\mui
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\msapps
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\msagent
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\Microsoft.NET
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\Media
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\java
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\ime
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\Help
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\ehome
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\Driver Cache
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\Debug
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\Cursors
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\CREATOR
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\Connection Wizard
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\Config
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\AppPatch
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\addins
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS\.
2006-12-01 04:26 <KANSIO> d-------- C:\WINDOWS
2006-12-01 04:26 <KANSIO> d-------- C:\Program Files\xerox
2006-12-01 04:26 <KANSIO> d-------- C:\Program Files\Windows NT
2006-12-01 04:26 <KANSIO> d-------- C:\Program Files\Windows Media Player
2006-12-01 04:26 <KANSIO> d-------- C:\Program Files\Windows Media Connect
2006-12-01 04:26 <KANSIO> d-------- C:\Program Files\Synaptics
2006-12-01 04:26 <KANSIO> d-------- C:\Program Files\Sonic
2006-12-01 04:26 <KANSIO> d-------- C:\Program Files\Outlook Express
2006-12-01 04:26 <KANSIO> d-------- C:\Program Files\Online Services
2006-12-01 04:26 <KANSIO> d-------- C:\Program Files\NetMeeting
2006-12-01 04:26 <KANSIO> d-------- C:\Program Files\MSN Gaming Zone
2006-12-01 04:26 <KANSIO> d-------- C:\Program Files\Movie Maker
2006-12-01 04:26 <KANSIO> d-------- C:\Program Files\microsoft frontpage
2006-12-01 04:26 <KANSIO> d-------- C:\Program Files\Messenger
2006-12-01 04:26 <KANSIO> d-------- C:\Program Files\Java
2006-12-01 04:26 <KANSIO> d-------- C:\Program Files\Internet Explorer
2006-12-01 04:26 <KANSIO> d-------- C:\Program Files\HPQ
2006-12-01 04:26 <KANSIO> d-------- C:\Program Files\Hp
2006-12-01 04:26 <KANSIO> d-------- C:\Program Files\Hewlett-Packard
2006-12-01 04:26 <KANSIO> d-------- C:\Program Files\Fingerprint Sensor
2006-12-01 04:26 <KANSIO> d-------- C:\Program Files\DIFX
2006-12-01 04:26 <KANSIO> d-------- C:\Program Files\CONEXANT
2006-12-01 04:26 <KANSIO> d-------- C:\Program Files\ComPlus Applications
2006-12-01 04:26 <KANSIO> d-------- C:\Program Files\Common Files\TiVo Shared
2006-12-01 04:26 <KANSIO> d-------- C:\Program Files\Common Files\System
2006-12-01 04:26 <KANSIO> d-------- C:\Program Files\Common Files\Symantec Shared
2006-12-01 04:26 <KANSIO> d-------- C:\Program Files\Common Files\SureThing Shared
2006-12-01 04:26 <KANSIO> d-------- C:\Program Files\Common Files\SpeechEngines
2006-12-01 04:26 <KANSIO> d-------- C:\Program Files\Common Files\Sonic Shared
2006-12-01 04:26 <KANSIO> d-------- C:\Program Files\Common Files\Services
2006-12-01 04:26 <KANSIO> d-------- C:\Program Files\Common Files\ODBC
2006-12-01 04:26 <KANSIO> d-------- C:\Program Files\Common Files\MSSoap
2006-12-01 04:26 <KANSIO> d-------- C:\Program Files\Common Files\Microsoft Shared
2006-12-01 04:26 <KANSIO> d-------- C:\Program Files\Common Files\LightScribe
2006-12-01 04:26 <KANSIO> d-------- C:\Program Files\Common Files\Java
2006-12-01 04:26 <KANSIO> d-------- C:\Program Files\Common Files\InstallShield
2006-12-01 04:26 <KANSIO> d-------- C:\Program Files\Common Files\Adobe
2006-12-01 04:26 <KANSIO> d-------- C:\Program Files\Common Files\.
2006-12-01 04:26 <KANSIO> d-------- C:\Program Files\Common Files
2006-12-01 04:26 <KANSIO> d-------- C:\Program Files\ATI Technologies
2006-12-01 04:26 <KANSIO> d-------- C:\Program Files\Analog Devices
2006-12-01 04:26 <KANSIO> d-------- C:\Program Files\Adobe
2006-12-01 04:26 <KANSIO> d-------- C:\I386
2006-12-01 04:26 <KANSIO> d-------- C:\Documents and Settings\J?rjestelm?nvalvoja\Ty?p?yt?
2006-12-01 04:26 <KANSIO> d-------- C:\Documents and Settings\J?rjestelm?nvalvoja\Application Data\SampleView
2006-12-01 04:26 <KANSIO> d-------- C:\Documents and Settings\J?rjestelm?nvalvoja\Application Data\Identities
2006-12-01 04:26 <KANSIO> d-------- C:\Documents and Settings\J?rjestelm?nvalvoja\Application Data\ATI
2006-12-01 04:26 <KANSIO> d-------- C:\Documents and Settings\J?rjestelm?nvalvoja\Application Data\..
2006-12-01 04:26 <KANSIO> d-------- C:\Documents and Settings\J?rjestelm?nvalvoja\..
2006-12-01 04:26 <KANSIO> d-------- C:\Documents and Settings\J?rjestelm?nvalvoja\.
2006-12-01 04:26 <KANSIO> d-------- C:\Documents and Settings\All Users\Ty?p?yt?
2006-12-01 04:26 <KANSIO> d-------- C:\Documents and Settings\All Users\Suosikit
2006-12-01 04:26 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\Symantec
2006-12-01 04:26 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\InstallShield
2006-12-01 04:26 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\hpqLog
2006-12-01 04:26 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\..
2006-12-01 04:26 <KANSIO> d-------- C:\Documents and Settings\All Users\..
2006-12-01 04:26 <KANSIO> d-------- C:\Documents and Settings\All Users\.
2006-12-01 04:26 <KANSIO> d-------- C:\Documents and Settings
2006-12-01 03:40 <KANSIO> d--hs---- C:\System Recovery
2006-11-30 19:02 <KANSIO> d-------- C:\Documents and Settings\J?rjestelm?nvalvoja\Bluetooth Software
2006-11-30 19:01 <KANSIO> d-------- C:\Program Files\WIDCOMM
2006-11-30 19:01 <KANSIO> d-------- C:\Program Files\Google
2006-11-30 19:01 <KANSIO> d-------- C:\Documents and Settings\J?rjestelm?nvalvoja\Application Data\Infineon
2006-11-30 19:01 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\Infineon
2006-11-30 19:00 <KANSIO> d-------- C:\Program Files\ProtectTools
2006-11-30 18:59 204,800 --a------ C:\WINDOWS\system32\IVIresizeW7.dll
2006-11-30 18:59 200,704 --a------ C:\WINDOWS\system32\IVIresizeA6.dll
2006-11-30 18:59 20,480 --a------ C:\WINDOWS\system32\IVIresize.dll
2006-11-30 18:59 192,512 --a------ C:\WINDOWS\system32\IVIresizeP6.dll
2006-11-30 18:59 192,512 --a------ C:\WINDOWS\system32\IVIresizeM6.dll
2006-11-30 18:59 188,416 --a------ C:\WINDOWS\system32\IVIresizePX.dll
2006-11-30 18:59 <KANSIO> d-------- C:\WINDOWS\tiinst
2006-11-30 18:58 <KANSIO> d-------- C:\Program Files\InterVideo
2006-11-30 18:51 <KANSIO> d-------- C:\Program Files\AuthenTec
2006-11-30 18:34 <KANSIO> d-------- C:\Program Files\Sovellusten pikakuvakkeet
2006-11-30 18:32 <KANSIO> d-------- C:\WINDOWS\Prefetch

(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))

(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries are not shown

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
"swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.2.908.5008\\GoogleToolbarNotifier.exe"
"Skype"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /nosplash /minimized"
"updateMgr"="\"C:\\Program Files\\Adobe\\Acrobat 7.0\\Reader\\AdobeUpdateManager.exe\" AcRdB7_0_7 -reboot 1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"MsmqIntCert"="regsvr32 /s mqrt.dll"
"SoundMAXPnP"="C:\\Program Files\\Analog Devices\\Core\\smax4pnp.exe"
"SoundMAX"="C:\\Program Files\\Analog Devices\\SoundMAX\\Smax4.exe /tray"
"SunJavaUpdateSched"="C:\\Program Files\\Java\\jre1.5.0_06\\bin\\jusched.exe"
"ATICCC"="\"C:\\Program Files\\ATI Technologies\\ATI.ACE\\CLIStart.exe\""
"PTHOSTTR"="C:\\Program Files\\HPQ\\HP ProtectTools Security Manager\\PTHOSTTR.EXE /Start"
"HP Software Update"="c:\\Program Files\\Hp\\HP Software Update\\HPWuSchd2.exe"
"DLA"="C:\\WINDOWS\\System32\\DLA\\DLACTRLW.EXE"
"SynTPEnh"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe"
"hpWirelessAssistant"="C:\\Program Files\\hpq\\HP Wireless Assistant\\HP Wireless Assistant.exe"
"CognizanceTS"="rundll32.exe C:\\PROGRA~1\\HPQ\\IAM\\Bin\\AsTsVcc.dll,RegisterModule"
"QlbCtrl"=hex(2):25,50,72,6f,67,72,61,6d,46,69,6c,65,73,25,5c,48,65,77,6c,65,\
74,74,2d,50,61,63,6b,61,72,64,5c,48,50,20,51,75,69,63,6b,20,4c,61,75,6e,63,\
68,20,42,75,74,74,6f,6e,73,5c,51,6c,62,43,74,72,6c,2e,65,78,65,20,2f,53,74,\
61,72,74,00
"Cpqset"="C:\\Program Files\\Hewlett-Packard\\Default Settings\\cpqset.exe"
"Recguard"="C:\\WINDOWS\\Sminst\\Recguard.exe"
"Reminder"="C:\\WINDOWS\\Creator\\Remind_XP.exe"
"Scheduler"="C:\\WINDOWS\\SMINST\\Scheduler.exe"
"WatchDog"="C:\\Program Files\\InterVideo\\DVD Check\\DVDCheck.exe"
"PFO Check Settings"="pfochk.exe"
"F-Secure Manager"="\"C:\\Program Files\\dna Nettiturva\\Common\\FSM32.EXE\" /splash"
"F-Secure TNB"="\"C:\\Program Files\\dna Nettiturva\\TNB\\TNBUtil.exe\" /CHECKALL /WAITFORSW"
"F-Secure Startup Wizard"="\"C:\\Program Files\\dna Nettiturva\\FSGUI\\FSSW.EXE\" /reboot"
"News Service"="\"C:\\Program Files\\dna Nettiturva\\FSGUI\\ispnews.exe\""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000001

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Nykyinen kotisivu"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,00,01,00,00,00,00,00,00,00,04,00,00,de,03,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\
00,00,01,00,00,00

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\IfxWlxEN
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OneCard

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\back.job
C:\WINDOWS\tasks\Scheduled scanning task.job

Completion time: 06-12-15 22:39:48.12
C:\ComboFix.txt ... 06-12-15 22:39

[ + lainaa]

Hujo

Suspended permanently

15. joulukuuta 2006 @ 17:49

Linkki tähän viestiin

laita uusi HjT loki

[ + lainaa]

Voiko tietsikka koskaan toimia?

jajutila

Newbie

15. joulukuuta 2006 @ 17:56

Linkki tähän viestiin

tässä

Logfile of HijackThis v1.99.1
Scan saved at 22:55:21, on 15.12.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\DNANET~1\backweb\4653381\Program\SERVIC~1.EXE
C:\Program Files\WIDCOMM\Bluetooth-ohjelmisto\bin\btwdins.exe
C:\Program Files\dna Nettiturva\Anti-Virus\fsgk32st.exe
C:\Program Files\dna Nettiturva\Anti-Virus\FSGK32.EXE
C:\Program Files\dna Nettiturva\backweb\4653381\program\fsbwsys.exe
C:\Program Files\dna Nettiturva\Anti-Virus\fssm32.exe
C:\Program Files\dna Nettiturva\Common\FSMA32.EXE
C:\WINDOWS\system32\IFXSPMGT.exe
C:\Program Files\dna Nettiturva\Common\FSMB32.EXE
C:\WINDOWS\system32\IFXTCS.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\dna Nettiturva\Common\FCH32.EXE
C:\Program Files\dna Nettiturva\Common\FAMEH32.EXE
C:\Program Files\dna Nettiturva\Anti-Virus\fsqh.exe
C:\Program Files\dna Nettiturva\Anti-Virus\fsrw.exe
C:\Program Files\ProtectTools\Embedded Security Software\PSDsrvc.EXE
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\dna Nettiturva\Anti-Virus\fsav32.exe
C:\Program Files\dna Nettiturva\FWES\Program\fsdfwd.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ProtectTools\Embedded Security Software\PSDrt.exe
C:\Program Files\HPQ\IAM\bin\asghost.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\WINDOWS\SMINST\Scheduler.exe
C:\Program Files\dna Nettiturva\Common\FSM32.EXE
C:\Program Files\dna Nettiturva\FSGUI\ispnews.exe
C:\PROGRA~1\DNANET~1\ANTI-S~1\fsaw.exe
C:\Program Files\dna Nettiturva\FSGUI\fsguidll.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\PROGRA~1\HPQ\Shared\HPQTOA~1.EXE
C:\Program Files\WIDCOMM\Bluetooth-ohjelmisto\BTTray.exe
C:\Program Files\dna Nettiturva\backweb\4653381\Program\fspex.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\GPS Pathfinder Office 2.90\conmgr.exe
C:\Program Files\GPS Pathfinder Office 2.90\PfPjChgr.exe
C:\PROGRA~1\COMMON~1\Trimble\REMOTE~1\TRDMU.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Documents and Settings\Järjestelmänvalvoja\Työpöytä\HijackThis_v1.99.1.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mtv3.fi/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: HP Credential Manager for ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\HPQ\IAM\Bin\ItIeAddIN.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [PTHOSTTR] C:\Program Files\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\HPQ\IAM\Bin\AsTsVcc.dll,RegisterModule
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\Sminst\Recguard.exe
O4 - HKLM\..\Run: [Reminder] C:\WINDOWS\Creator\Remind_XP.exe
O4 - HKLM\..\Run: [Scheduler] C:\WINDOWS\SMINST\Scheduler.exe
O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O4 - HKLM\..\Run: [PFO Check Settings] pfochk.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\dna Nettiturva\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\dna Nettiturva\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\dna Nettiturva\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [News Service] "C:\Program Files\dna Nettiturva\FSGUI\ispnews.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: dna Nettiturva.lnk = C:\Program Files\dna Nettiturva\backweb\4653381\Program\fspex.exe
O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O4 - Global Startup: GPS Pathfinder Office Connection Manager.lnk = C:\Program Files\GPS Pathfinder Office 2.90\conmgr.exe
O4 - Global Startup: GPS Pathfinder Office Project Changer.lnk = C:\Program Files\GPS Pathfinder Office 2.90\PfPjChgr.exe
O8 - Extra context menu item: &Estä tämä kohoikkuna - C:\Program Files\dna Nettiturva\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: Lähetä &Bluetooth-laitteeseen - C:\Program Files\WIDCOMM\Bluetooth-ohjelmisto\btsendto_ie_ctx.htm
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: IE-suojaus - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\dna Nettiturva\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: IE-suojaus... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\dna Nettiturva\Anti-Spyware\ieshield.dll
O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O20 - Winlogon Notify: IfxWlxEN - C:\WINDOWS\SYSTEM32\IfxWlxEN.dll
O20 - Winlogon Notify: OneCard - C:\Program Files\HPQ\IAM\Bin\AsWlnPkg.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: dna Nettiturva (BackWeb Plug-in - 4653381) - dna Nettiturva - C:\PROGRA~1\DNANET~1\backweb\4653381\Program\SERVIC~1.EXE
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth-ohjelmisto\bin\btwdins.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\dna Nettiturva\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\dna Nettiturva\backweb\4653381\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\dna Nettiturva\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\dna Nettiturva\Common\FSMA32.EXE
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - C:\WINDOWS\system32\IFXSPMGT.exe
O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - C:\WINDOWS\system32\IFXTCS.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS (file missing)
O23 - Service: PC Angel (PCA) - SoftThinks - C:\WINDOWS\SMINST\PCAngel.exe
O23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Infineon Technologies AG - C:\Program Files\ProtectTools\Embedded Security Software\PSDsrvc.EXE

[ + lainaa]

Hujo

Suspended permanently

15. joulukuuta 2006 @ 18:06

Linkki tähän viestiin

Lataa SmitfraudFix (c) S!Ri http://siri.urz.free.fr/Fix/SmitfraudFix.zip
Pura sisältö (kansio nimeltä SmitfraudFix) työpöydällesi:

Avaa SmitfraudFix kansio ja tupla-klikkaa smitfraudfix.cmd
Valitse optio #1 - Search kirjoittamalla 1 ja painamalla "Enter"; tekstitiedosto avautuu, joka listaa tarttuneet tiedostot (jos olemassa).
Postita tämän tekstitiedoston sisältö viestiketjuusi.

Huomaa : process.exe filun tunnistaa jotkut Anti-virus ohjelmat (AntiVir, Dr.Web, Kaspersky) "Haittakaluna"; se ei ole virus, vaan ohjelma joka pysäyttää prosesseja. A/V ohjelmat eivät pysty tunnistamaan hyvän ja pahan käytön tälläisten ohjelmian väliltä, silloin ne saattavat varoittaa käyttäjää.

[ + lainaa]

Voiko tietsikka koskaan toimia?

jajutila

Newbie

15. joulukuuta 2006 @ 18:18

Linkki tähän viestiin

dodii..

SmitFraudFix v2.130

Scan done at 23:15:35,81, pe 15.12.2006
Run from C:\Documents and Settings\J?rjestelm?nvalvoja\Ty?p?yt?\SmitfraudFix
OS: Microsoft Windows XP [versio 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in normal mode

»»»»»»»»»»»»»»»»»»»»»»»» C:\

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\J?rjestelm?nvalvoja

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\J?rjestelm?nvalvoja\Application Data

»»»»»»»»»»»»»»»»»»»»»»»» Start Menu

»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\JRJEST~1\Suosikit

»»»»»»»»»»»»»»»»»»»»»»»» Desktop

»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files

»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys

»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Nykyinen kotisivu"

»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""

»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""

»»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32

»»»»»»»»»»»»»»»»»»»»»»»» Scanning wininet.dll infection

»»»»»»»»»»»»»»»»»»»»»»»» End

[ + lainaa]

Hujo

Suspended permanently

15. joulukuuta 2006 @ 19:57

Linkki tähän viestiin

Escan

Ohjeet tuolla sivulla.
http://koti.mbnet.fi/pattaya1/escanmwav.htm
lataa tuosta
http://www.spywareinfo.dk/download/mwav.exe
päivitä tuosta
http://koti.mbnet.fi/pattaya1/lataus/Mwav.bat
laita täpit merkkauksien mukaan
http://koti.mbnet.fi/pattaya1/eScan6.jpg

scannaa

jos ala luukkuun tulee jotain niin kopioi se näin:
Käytä komentoa Ctrl+A.
Kopioi rivit komennolla Ctrl+C.
Liitä rivit komennolla Ctrl+V.

Laita virus log tänne.

[ + lainaa]

Voiko tietsikka koskaan toimia?

jajutila

Newbie

16. joulukuuta 2006 @ 04:20

Linkki tähän viestiin

Logfile of HijackThis v1.99.1
Scan saved at 9:17:57, on 16.12.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\DNANET~1\backweb\4653381\Program\SERVIC~1.EXE
C:\Program Files\WIDCOMM\Bluetooth-ohjelmisto\bin\btwdins.exe
C:\Program Files\dna Nettiturva\Anti-Virus\fsgk32st.exe
C:\Program Files\dna Nettiturva\Anti-Virus\FSGK32.EXE
C:\Program Files\dna Nettiturva\backweb\4653381\program\fsbwsys.exe
C:\Program Files\dna Nettiturva\Anti-Virus\fssm32.exe
C:\Program Files\dna Nettiturva\Common\FSMA32.EXE
C:\WINDOWS\system32\IFXSPMGT.exe
C:\Program Files\dna Nettiturva\Common\FSMB32.EXE
C:\WINDOWS\system32\IFXTCS.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\dna Nettiturva\Common\FCH32.EXE
C:\Program Files\dna Nettiturva\Common\FAMEH32.EXE
C:\Program Files\dna Nettiturva\Anti-Virus\fsqh.exe
C:\Program Files\dna Nettiturva\Anti-Virus\fsrw.exe
C:\Program Files\ProtectTools\Embedded Security Software\PSDsrvc.EXE
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\dna Nettiturva\Anti-Virus\fsav32.exe
C:\Program Files\dna Nettiturva\FWES\Program\fsdfwd.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\HPQ\IAM\bin\asghost.exe
C:\Program Files\ProtectTools\Embedded Security Software\PSDrt.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe
C:\Program Files\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\WINDOWS\SMINST\Scheduler.exe
C:\Program Files\dna Nettiturva\Common\FSM32.EXE
C:\Program Files\dna Nettiturva\FSGUI\ispnews.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\DNANET~1\ANTI-S~1\fsaw.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Program Files\dna Nettiturva\FSGUI\fsguidll.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\PROGRA~1\HPQ\Shared\HPQTOA~1.EXE
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\WIDCOMM\Bluetooth-ohjelmisto\BTTray.exe
C:\Program Files\dna Nettiturva\backweb\4653381\Program\fspex.exe
C:\Program Files\GPS Pathfinder Office 2.90\conmgr.exe
C:\Program Files\GPS Pathfinder Office 2.90\PfPjChgr.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\PROGRA~1\COMMON~1\Trimble\REMOTE~1\TRDMU.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Järjestelmänvalvoja\Työpöytä\HijackThis_v1.99.1.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mtv3.fi/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: HP Credential Manager for ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\HPQ\IAM\Bin\ItIeAddIN.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [PTHOSTTR] C:\Program Files\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\HPQ\IAM\Bin\AsTsVcc.dll,RegisterModule
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\Sminst\Recguard.exe
O4 - HKLM\..\Run: [Reminder] C:\WINDOWS\Creator\Remind_XP.exe
O4 - HKLM\..\Run: [Scheduler] C:\WINDOWS\SMINST\Scheduler.exe
O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O4 - HKLM\..\Run: [PFO Check Settings] pfochk.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\dna Nettiturva\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\dna Nettiturva\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\dna Nettiturva\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [News Service] "C:\Program Files\dna Nettiturva\FSGUI\ispnews.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: dna Nettiturva.lnk = C:\Program Files\dna Nettiturva\backweb\4653381\Program\fspex.exe
O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O4 - Global Startup: GPS Pathfinder Office Connection Manager.lnk = C:\Program Files\GPS Pathfinder Office 2.90\conmgr.exe
O4 - Global Startup: GPS Pathfinder Office Project Changer.lnk = C:\Program Files\GPS Pathfinder Office 2.90\PfPjChgr.exe
O8 - Extra context menu item: &Estä tämä kohoikkuna - C:\Program Files\dna Nettiturva\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: Lähetä &Bluetooth-laitteeseen - C:\Program Files\WIDCOMM\Bluetooth-ohjelmisto\btsendto_ie_ctx.htm
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: IE-suojaus - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\dna Nettiturva\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: IE-suojaus... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\dna Nettiturva\Anti-Spyware\ieshield.dll
O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O20 - Winlogon Notify: IfxWlxEN - C:\WINDOWS\SYSTEM32\IfxWlxEN.dll
O20 - Winlogon Notify: OneCard - C:\Program Files\HPQ\IAM\Bin\AsWlnPkg.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: dna Nettiturva (BackWeb Plug-in - 4653381) - dna Nettiturva - C:\PROGRA~1\DNANET~1\backweb\4653381\Program\SERVIC~1.EXE
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth-ohjelmisto\bin\btwdins.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\dna Nettiturva\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\dna Nettiturva\backweb\4653381\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\dna Nettiturva\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\dna Nettiturva\Common\FSMA32.EXE
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - C:\WINDOWS\system32\IFXSPMGT.exe
O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - C:\WINDOWS\system32\IFXTCS.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS (file missing)
O23 - Service: PC Angel (PCA) - SoftThinks - C:\WINDOWS\SMINST\PCAngel.exe
O23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Infineon Technologies AG - C:\Program Files\ProtectTools\Embedded Security Software\PSDsrvc.EXE

[ + lainaa]

jajutila

Newbie

16. joulukuuta 2006 @ 05:24

Linkki tähän viestiin

tulostusongelma alkaa aina office ympäristössä. Tänäänkin alkuun kaikki toimi hyvin, jopa uudempia exel-tiedostoja pystyi tulostamaan, mut sitte yks vanha lomakepohja ei toimi lainkaan, näyttöön ilmoitus "käsky osoitteessa "0x01fa5000" viittasi muistiin osoitteessa "0x01fa5000". Muisti ei voi olla "written" ja sen jälkeen ei tulosta wordistakaan, väittää että tulostinta ei asennettu. Sen jälkeen ohjauspaneelin kautta ei pääse tulostimen asetuksiin, kommenttina on "tulostimen ominaisuuksia ei voi näyttää. Taustatulostuspalvelu ei ole käytössä." edellinen HjT kun kaikki vielä toimi, nyt laitan vielä uuden.

Logfile of HijackThis v1.99.1
Scan saved at 10:23:23, on 16.12.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\DNANET~1\backweb\4653381\Program\SERVIC~1.EXE
C:\Program Files\WIDCOMM\Bluetooth-ohjelmisto\bin\btwdins.exe
C:\Program Files\dna Nettiturva\Anti-Virus\fsgk32st.exe
C:\Program Files\dna Nettiturva\Anti-Virus\FSGK32.EXE
C:\Program Files\dna Nettiturva\backweb\4653381\program\fsbwsys.exe
C:\Program Files\dna Nettiturva\Anti-Virus\fssm32.exe
C:\Program Files\dna Nettiturva\Common\FSMA32.EXE
C:\WINDOWS\system32\IFXSPMGT.exe
C:\Program Files\dna Nettiturva\Common\FSMB32.EXE
C:\WINDOWS\system32\IFXTCS.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\dna Nettiturva\Common\FCH32.EXE
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ProtectTools\Embedded Security Software\PSDsrvc.EXE
C:\Program Files\dna Nettiturva\Anti-Virus\fsqh.exe
C:\Program Files\dna Nettiturva\Common\FAMEH32.EXE
C:\Program Files\dna Nettiturva\Anti-Virus\fsrw.exe
C:\Program Files\HPQ\IAM\bin\asghost.exe
C:\Program Files\dna Nettiturva\Anti-Virus\fsav32.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\dna Nettiturva\FWES\Program\fsdfwd.exe
C:\WINDOWS\SMINST\Scheduler.exe
C:\Program Files\ProtectTools\Embedded Security Software\PSDrt.exe
C:\Program Files\dna Nettiturva\Common\FSM32.EXE
C:\Program Files\dna Nettiturva\FSGUI\ispnews.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\PROGRA~1\DNANET~1\ANTI-S~1\fsaw.exe
C:\PROGRA~1\HPQ\Shared\HPQTOA~1.EXE
C:\Program Files\dna Nettiturva\FSGUI\fsguidll.exe
C:\Program Files\WIDCOMM\Bluetooth-ohjelmisto\BTTray.exe
C:\Program Files\dna Nettiturva\backweb\4653381\Program\fspex.exe
C:\Program Files\GPS Pathfinder Office 2.90\conmgr.exe
C:\Program Files\GPS Pathfinder Office 2.90\PfPjChgr.exe
C:\PROGRA~1\COMMON~1\Trimble\REMOTE~1\TRDMU.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Documents and Settings\Järjestelmänvalvoja\Työpöytä\HijackThis_v1.99.1.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mtv3.fi/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: HP Credential Manager for ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\HPQ\IAM\Bin\ItIeAddIN.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [PTHOSTTR] C:\Program Files\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\HPQ\IAM\Bin\AsTsVcc.dll,RegisterModule
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\Sminst\Recguard.exe
O4 - HKLM\..\Run: [Reminder] C:\WINDOWS\Creator\Remind_XP.exe
O4 - HKLM\..\Run: [Scheduler] C:\WINDOWS\SMINST\Scheduler.exe
O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O4 - HKLM\..\Run: [PFO Check Settings] pfochk.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\dna Nettiturva\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\dna Nettiturva\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\dna Nettiturva\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [News Service] "C:\Program Files\dna Nettiturva\FSGUI\ispnews.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: dna Nettiturva.lnk = C:\Program Files\dna Nettiturva\backweb\4653381\Program\fspex.exe
O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O4 - Global Startup: GPS Pathfinder Office Connection Manager.lnk = C:\Program Files\GPS Pathfinder Office 2.90\conmgr.exe
O4 - Global Startup: GPS Pathfinder Office Project Changer.lnk = C:\Program Files\GPS Pathfinder Office 2.90\PfPjChgr.exe
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O8 - Extra context menu item: &Estä tämä kohoikkuna - C:\Program Files\dna Nettiturva\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: Lähetä &Bluetooth-laitteeseen - C:\Program Files\WIDCOMM\Bluetooth-ohjelmisto\btsendto_ie_ctx.htm
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: IE-suojaus - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\dna Nettiturva\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: IE-suojaus... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\dna Nettiturva\Anti-Spyware\ieshield.dll
O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O20 - Winlogon Notify: IfxWlxEN - C:\WINDOWS\SYSTEM32\IfxWlxEN.dll
O20 - Winlogon Notify: OneCard - C:\Program Files\HPQ\IAM\Bin\AsWlnPkg.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: dna Nettiturva (BackWeb Plug-in - 4653381) - dna Nettiturva - C:\PROGRA~1\DNANET~1\backweb\4653381\Program\SERVIC~1.EXE
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth-ohjelmisto\bin\btwdins.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\dna Nettiturva\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\dna Nettiturva\backweb\4653381\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\dna Nettiturva\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\dna Nettiturva\Common\FSMA32.EXE
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - C:\WINDOWS\system32\IFXSPMGT.exe
O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - C:\WINDOWS\system32\IFXTCS.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MSSQL$MICROSOFTSMLBIZ - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe" -sMICROSOFTSMLBIZ (file missing)
O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS (file missing)
O23 - Service: PC Angel (PCA) - SoftThinks - C:\WINDOWS\SMINST\PCAngel.exe
O23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Infineon Technologies AG - C:\Program Files\ProtectTools\Embedded Security Software\PSDsrvc.EXE
O23 - Service: SQLAgent$MICROSOFTSMLBIZ - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlagent.EXE" -i MICROSOFTSMLBIZ (file missing)

[ + lainaa]

Mainos

jajutila

Newbie

17. joulukuuta 2006 @ 05:10

Linkki tähän viestiin

ei tullu escanilla mitään alaluukkuun...

[ + lainaa]

Viestiketju on suljettu. Uusien viestien lähettäminen ei ole mahdollista.

Aloita uusi viestiketju

afterdawn.com > keskustelu > yleistä keskustelua tietokoneista > virukset ja haittaohjelmat - hijackthis -logit > spooler subsystem app ja tulosta ei...


		Käyttäjä	Salasana

		Puuttuuko tunnus? Liity jäseneksi nyt!. Salasana hukassa? Klikkaa tästä.