hjt-logi

Yksityisviestit

Luo uusi yksityisviesti

Kaikki uudet viestit

Ilman vastauksia olevat viestiketjut

Hae viestejä

lauantai 15.11.2025 / 14:17

Hae keskustelualueilta:

afterdawn.com > keskustelu > yleistä keskustelua tietokoneista > virukset ja haittaohjelmat - hijackthis -logit > hjt-logi

Aiheet

Keskustelualueet

Vastaa

Aloita uusi viestiketju

hjt-logi

Siirry:

Kirjoittaja

Viesti

vlaspa

Newbie

13. marraskuuta 2008 @ 20:24

Linkki tähän viestiin

Moi! Voisko joku vilkaista logia.... kone hidastelee ja jumittaa...
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:14:46, on 13.11.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
C:\Program Files\F-Secure\Common\FSMA32.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
C:\Program Files\F-Secure\BackWeb\7681197\Program\F-Secure Automatic Update.exe
C:\Program Files\F-Secure\Common\FSMB32.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Launch Manager\LaunchAp.exe
C:\Program Files\Launch Manager\PowerKey.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Program Files\Launch Manager\CtrlVol.exe
C:\Program Files\Launch Manager\OSDCtrl.exe
C:\Program Files\F-Secure\Common\FCH32.EXE
C:\Program Files\Launch Manager\Wbutton.exe
C:\Program Files\Arcade\PCMService.exe
C:\Program Files\F-Secure\Common\FSM32.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\RF Wireless Mouse\cm20.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\F-Secure\Common\FAMEH32.EXE
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\TomTom HOME\TomTomHOME.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\F-Secure\Common\FNRB32.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
C:\Program Files\F-Secure\Common\FIH32.EXE
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\acer\eRecovery\Monitor.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\Twain_32\CA561A\SnapDetect.exe
C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\F-Secure\FSGUI\fsguiexe.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\LASZLO\Työpöytä\HiJackThis_v2.0.2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defa...rch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fi\msntb.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe
O4 - HKLM\..\Run: [PowerKey] "C:\Program Files\Launch Manager\PowerKey.exe"
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\HotkeyApp.exe
O4 - HKLM\..\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe
O4 - HKLM\..\Run: [LMgrOSD] C:\Program Files\Launch Manager\OSDCtrl.exe
O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Arcade\PCMService.exe"
O4 - HKLM\..\Run: [eRecoveryService] C:\Windows\System32\Check.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Start RF Wireless Mouse] C:\Program Files\RF Wireless Mouse\cm20.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [Windows Services Manager] svchost.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Paikallinen palve')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Verkkopalve')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone -pikakäynnistys.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: SnapDetect.lnk = ?
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Matkaviestimen suosikkien luominen - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Matkaviestimen suosikkien luominen... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.soneraplaza.fi
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {3D2CB570-D425-11D5-ABD0-00008369C46F} (CSMenu Class) - https://verkkopankki.sampopankki.fi/html/activex/DB/Menu.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Mes...nt.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: F-Secure Automatic Update (BackWeb Plug-in - 7681197) - Unknown owner - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe

--
End of file - 13791 bytes

[ + lainaa]

yaht

Senior Member

4 tuotearviota

14. marraskuuta 2008 @ 11:14

Linkki tähän viestiin

Lataa CCleaner tästä

- Asennuksessa poista merkki/rasti kohdasta "asenna Yahoo! toolbar/työkalupalkki".
- Asennuksen jälkeen aukaise CCleaner.
- Valitse vasemmalta pystyrivistä Options.
- Valitse viereisestä pystyrivistä Settings.
- Language kohtaan valitse Suomi.

- Käynnistä CCleaner.
- Valitse Valinnat.
- Paina Lisäasetukset.
- Ota ruksi pois kohdasta "Poista vain yli 48 tuntia vanhat tiedostot Windowsin tilapäiskansioista".

Puhdistaja

- Valitse vasemmalta pystyrivistä Puhdistaja.
- Paina alhaalta Tutki.
Nyt CCleaner tutkii, mitä voidaan poistaa (tempit, cookiessit jne.).
- Kun tutkiminen on valmis, paina Aja CCleaner.
Nyt CCleaner poistaa löydetyt tempit, cookiessit jne.

Rekisterin virheiden korjaus

- Valitse vasemmalta pystyrivistä Rekisteri.
- Paina alhaalta Etsi rekisterin virheitä.
- Kun etsintä on valmis ja olet varma, että haluat korjata ne rivit jotka ovat merkattuja, niin paina Korjaa valitut rekisterin virheet.
- Sinulta kysytään "haluatko varmuuskopioida muutokset rekisteriin", paina Kyllä. Tallenna varmuuskopio vaikka "Omat tiedostot" -kansioon.
- Klikkaa uudesta aukeavasta ikkunasta Korjaa kaikki valitut virheet.
- Saat vielä varmistus kysymyksen, paina Ok.
- Kun virheet on korjattu, paina Sulje.

Nyt voit suljea CCleanerin painamalla oikealta ylhäältä punaista rastia.

Lataa Malwarebytes' Anti-Malware työpöydällesi.

* Tuplaklikkaa mbam-setup.exe ja seuraa ohjeita asentaaksesi ohjelman.
* Lopuksi varmistu, että seuraavat on valittu: Päivitä Malwarebytes' Anti-Malware ja Käynnistä Malwarebytes' Anti-Malware ja sen jälkeen klikkaa Lopeta.
* Jos päivitys löytyy. ohjelma lataa ja asentaa uusimman version.
* Kun ohjelma on latautunut, valitse Suorita täysi tarkistus ja klikkaa Tarkista.
* Kun skanni on valmis, klikkaa OK ja sitten Näytä tulokset nähdäksesi tulokset.
* Varmistu, että kaikki on merkitty ja klikkaa Poista valitut.
* Tämän jälkeen loki avautuu muistioon. Tallenna se paikkaan, josta löydät sen helposti. Loki löytyy myös
täältä: C:\Documents and Settings\Käyttäjänimi\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-päiväys.txt
* Lähetä lokin sisältö seuraavassa viestissäsi + uusi hjt-loki.

[ + lainaa]

vlaspa

Newbie

15. marraskuuta 2008 @ 12:13

Linkki tähän viestiin

tässä hjt logi ja mbam logi:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:08:42, on 15.11.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
C:\Program Files\F-Secure\Common\FSMA32.EXE
C:\Program Files\F-Secure\Common\FSMB32.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
C:\Program Files\F-Secure\Common\FCH32.EXE
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\F-Secure\Common\FAMEH32.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\F-Secure\Common\FNRB32.EXE
C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
C:\Program Files\F-Secure\Common\FIH32.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Launch Manager\LaunchAp.exe
C:\Program Files\Launch Manager\PowerKey.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Program Files\Launch Manager\CtrlVol.exe
C:\Program Files\Launch Manager\OSDCtrl.exe
C:\Program Files\Launch Manager\Wbutton.exe
C:\Program Files\Arcade\PCMService.exe
C:\Program Files\F-Secure\Common\FSM32.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\RF Wireless Mouse\cm20.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\F-Secure\BackWeb\7681197\Program\F-Secure Automatic Update.exe
C:\Program Files\TomTom HOME\TomTomHOME.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
C:\Program Files\acer\eRecovery\Monitor.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\Twain_32\CA561A\SnapDetect.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\F-Secure\FSGUI\fsguiexe.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Documents and Settings\LASZLO\Työpöytä\HiJackThis_v2.0.2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defa...rch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fi\msntb.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe
O4 - HKLM\..\Run: [PowerKey] "C:\Program Files\Launch Manager\PowerKey.exe"
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\HotkeyApp.exe
O4 - HKLM\..\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe
O4 - HKLM\..\Run: [LMgrOSD] C:\Program Files\Launch Manager\OSDCtrl.exe
O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Arcade\PCMService.exe"
O4 - HKLM\..\Run: [eRecoveryService] C:\Windows\System32\Check.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Start RF Wireless Mouse] C:\Program Files\RF Wireless Mouse\cm20.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [Windows Services Manager] svchost.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Paikallinen palve')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Verkkopalve')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone -pikakäynnistys.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: SnapDetect.lnk = ?
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Matkaviestimen suosikkien luominen - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Matkaviestimen suosikkien luominen... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.soneraplaza.fi
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {3D2CB570-D425-11D5-ABD0-00008369C46F} (CSMenu Class) - https://verkkopankki.sampopankki.fi/html/activex/DB/Menu.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Mes...nt.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: F-Secure Automatic Update (BackWeb Plug-in - 7681197) - Unknown owner - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe

--
End of file - 13825 bytes

Malwarebytes' Anti-Malware 1.30
Tietokantaversio: 1399
Windows 5.1.2600 Service Pack 3

15.11.2008 12:03:29
mbam-log-2008-11-15 (12-03-29).txt

Tarkistustyyppi: Täysi tarkistus (C:\|D:\|)
Tarkistetut kohteet: 140278
Kulunut aika: 1 hour(s), 24 minute(s), 38 second(s)

Saastuneita muistiprosesseja: 0
Saastuneita muistimoduuleja: 0
Saastuneita rekisteriavaimia: 0
Saastuneita rekisteriarvoja: 0
Saastuneita rekisterikohteita: 0
Saastuneita hakemistoja: 0
Saastuneita tiedostoja: 0

Saastuneita muistiprosesseja:
(Haitallisia kohteita ei löydetty)

Saastuneita muistimoduuleja:
(Haitallisia kohteita ei löydetty)

Saastuneita rekisteriavaimia:
(Haitallisia kohteita ei löydetty)

Saastuneita rekisteriarvoja:
(Haitallisia kohteita ei löydetty)

Saastuneita rekisterikohteita:
(Haitallisia kohteita ei löydetty)

Saastuneita hakemistoja:
(Haitallisia kohteita ei löydetty)

Saastuneita tiedostoja:
(Haitallisia kohteita ei löydetty)

[ + lainaa]

yaht

Senior Member

4 tuotearviota

15. marraskuuta 2008 @ 14:27

Linkki tähän viestiin

Lataa SDFix by AndyManchesta ja tallenna se työpöydällesi.

Käynnistä koneesi vikasietotilaan:

sammuta ja käynnistä
käynnistyksen yhteydessä hakkaa F8 nappia
valitse nuolinäppäimellä vikasietotila
paina enter ja enter
valitse käyttäjätilisi
paina kyllä

Jossakin koneissa hakataan F8:sin sijasta F5:tä

" Kun vikasietotilassa, pura tiedoston SDFix.zip sisältö (SDFix kansio) työpöydällesi. Työpöydälle pitäisi ilmestyä kansio nimeltä SDFix.
" Avaa SDFix-kansio ja tuplaklikkaa tiedostoa RunThis.bat käynnistääksesi ohjelman.
" Paina Y käynnistääksesi skriptin.
" Työkalu puhdistaa troijalaisen palvelut ja tekee myös joitakin korjauksia rekisteriin. Lopuksi se pyytää käynnistämään koneen uudelleen, "Press any key to Reboot".
" Paina mitä tahansa näppäintä ja kone käynnistyy uudelleen.
" Käynnistyminen kestää normaalia kauemmin sillä SDFix puhdistaa konetta.
" Kun kone on käynnistynyt ja työpöytä latautunut, SDFix kertoo että puhdistus on suoritettu, "Finished".
" Paina sitten mitä tahansa näppäintä sulkeaksesi skriptin ja ladataksesi pikakuvakkeet työpöydälle.
" Lopuksi avaa SDFix kansio (työpöydällä) ja kopioi & liitä tiedoston Report.txt sisältö viestiketjuusi uuden HijackThis:n lokin kera.

[ + lainaa]

Mainos

vlaspa

Newbie

19. marraskuuta 2008 @ 15:01

Linkki tähän viestiin

SDFix report ja hjt-logi

SDFix: Version 1.240
Run by LASZLO on ke 19.11.2008 at 14:29

Microsoft Windows XP [versio 5.1.2600]
Running From: C:\Documents and Settings\LASZLO\Työpöytä\SDFix\SDFix

Checking Services :

Restoring Default Security Values
Restoring Default Hosts File

Rebooting

Checking Files :

No Trojan Files Found

Removing Temp Files

ADS Check :

Final Check :

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-19 14:48:49
Windows 5.1.2600 Service Pack 3 FAT NTAPI

scanning hidden processes ...

scanning hidden services ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0

Remaining Services :

Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\F-Secure\\BackWeb\\7681197\\program\\F-Secure Automatic Update.exe"="C:\\Program Files\\F-Secure\\BackWeb\\7681197\\program\\F-Secure Automatic Update.exe:*:Enabled:F-Secure Automatic Update"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:*:Enabled:ActiveSync Connection Manager"
"C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:*:Enabled:ActiveSync Application"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Google\\Google Talk\\googletalk.exe"="C:\\Program Files\\Google\\Google Talk\\googletalk.exe:*:Enabled:Google Talk"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\Winamp Remote\\bin\\Orb.exe"="C:\\Program Files\\Winamp Remote\\bin\\Orb.exe:*:Enabled:Orb"
"C:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"="C:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe:*:Enabled:OrbTray"
"C:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"="C:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe:*:Enabled:Orb Stream Client"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

Remaining Files :

Files with Hidden Attributes :

Wed 13 Apr 2005 1,024 ...HR --- "C:\WINDOWS\system32\NTICDMK7.dll"
Wed 13 Apr 2005 1,024 ...HR --- "C:\WINDOWS\system32\NTIMPEG2.dll"
Wed 13 Apr 2005 1,024 ...HR --- "C:\WINDOWS\system32\NTIMP3.dll"
Wed 13 Apr 2005 1,024 ...HR --- "C:\WINDOWS\system32\NTIFCD3.dll"
Wed 13 Apr 2005 1,024 ...HR --- "C:\WINDOWS\system32\NTIBUN4.dll"
Wed 3 May 2006 163,328 ..SHR --- "C:\WINDOWS\system32\flvDX.dll"
Tue 30 May 2006 4,348 ..SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Sun 21 Jan 2007 72,704 ..SHR --- "C:\Program Files\eRightSoft\SUPER\Setup.exe"
Sun 26 Jun 2005 616,448 ..SHR --- "C:\Program Files\eRightSoft\SUPER\cygwin1.dll"
Tue 21 Jun 2005 45,568 ..SHR --- "C:\Program Files\eRightSoft\SUPER\cygz.dll"
Fri 27 Oct 2006 16,384 A.SHR --- "C:\Program Files\eRightSoft\SUPER\_Setup.dll"
Fri 29 Feb 2008 6,656 A..H. --- "C:\System Volume Information\_restore{4CA1FCC9-8A05-421B-B5B7-50DAE9EC9BAF}\RP273\A0097074.exe"
Thu 7 Aug 2008 1,024 A..H. --- "C:\System Volume Information\_restore{4CA1FCC9-8A05-421B-B5B7-50DAE9EC9BAF}\RP273\A0097075.sys"
Sun 18 Nov 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Sat 1 Dec 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv02.tmp"
Tue 4 Jun 2002 84,992 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\14_43260.dll"
Tue 4 Jun 2002 44,032 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\28_83260.dll"
Tue 10 Dec 2002 73,766 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\atrc3260.dll"
Tue 10 Dec 2002 65,575 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\cook3260.dll"
Sun 9 Jun 2002 36,864 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\ddnt3260.dll"
Tue 4 Jun 2002 20,480 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\dnet3260.dll"
Tue 10 Dec 2002 102,437 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv13260.dll"
Tue 10 Dec 2002 176,165 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv23260.dll"
Tue 10 Dec 2002 208,935 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv33260.dll"
Tue 10 Dec 2002 217,127 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv43260.dll"
Sun 9 Jun 2002 40,448 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\dspr3260.dll"
Sun 4 Nov 2001 225,280 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\ivvideo.dll"
Tue 10 Apr 2001 225,280 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\qtmlClient.dll"
Fri 20 Feb 2004 232,960 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\raac.dll"
Sun 9 Jun 2002 525,824 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rnco3260.dll"
Tue 10 Dec 2002 245,805 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rnlt3260.dll"
Tue 10 Dec 2002 45,093 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv103260.dll"
Tue 10 Dec 2002 98,341 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv203260.dll"
Tue 10 Dec 2002 94,247 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv303260.dll"
Tue 10 Dec 2002 90,151 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv403260.dll"
Tue 10 Dec 2002 102,439 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\sipr3260.dll"
Sun 9 Jun 2002 49,152 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\tokr3260.dll"
Sat 23 Apr 2005 511,424 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_18\40Comupd.exe"
Sat 23 Apr 2005 168,448 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_18\Setup.exe"
Sat 23 Apr 2005 118,784 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_18\autorun.exe"
Sat 23 Apr 2005 511,424 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_17\40Comupd.exe"
Sat 23 Apr 2005 168,448 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_17\Setup.exe"
Sat 23 Apr 2005 118,784 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_17\autorun.exe"
Sat 23 Apr 2005 1,162,240 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_16\Setup.exe"
Sat 23 Apr 2005 1,162,240 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_16\Setup_original.exe"
Sat 23 Apr 2005 28,672 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_16\USBPort.dll"
Sat 23 Apr 2005 511,424 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_15\40Comupd.exe"
Sat 23 Apr 2005 168,448 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_15\Setup.exe"
Sat 23 Apr 2005 118,784 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_15\autorun.exe"
Sat 23 Apr 2005 511,424 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_14\40Comupd.exe"
Sat 23 Apr 2005 168,448 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_14\Setup.exe"
Sat 23 Apr 2005 118,784 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_14\autorun.exe"
Sat 23 Apr 2005 511,424 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_9\40Comupd.exe"
Sat 23 Apr 2005 168,448 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_9\Setup.exe"
Sat 23 Apr 2005 118,784 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_9\autorun.exe"
Sat 23 Apr 2005 511,424 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_8\40Comupd.exe"
Sat 23 Apr 2005 168,448 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_8\Setup.exe"
Sat 23 Apr 2005 118,784 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_8\autorun.exe"
Sat 23 Apr 2005 511,424 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_7\40Comupd.exe"
Sat 23 Apr 2005 168,448 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_7\Setup.exe"
Sat 23 Apr 2005 118,784 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_7\autorun.exe"
Sat 23 Apr 2005 511,424 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_6\40Comupd.exe"
Sat 23 Apr 2005 168,448 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_6\Setup.exe"
Sat 23 Apr 2005 118,784 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_6\autorun.exe"
Sat 23 Apr 2005 511,424 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_5\40Comupd.exe"
Sat 23 Apr 2005 168,448 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_5\Setup.exe"
Sat 23 Apr 2005 118,784 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_5\autorun.exe"
Sat 23 Apr 2005 511,424 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_4\40Comupd.exe"
Sat 23 Apr 2005 168,448 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_4\Setup.exe"
Sat 23 Apr 2005 118,784 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_4\autorun.exe"
Sat 23 Apr 2005 511,424 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_3\40Comupd.exe"
Sat 23 Apr 2005 168,448 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_3\Setup.exe"
Sat 23 Apr 2005 118,784 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_3\autorun.exe"
Sat 23 Apr 2005 511,424 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_2\40Comupd.exe"
Sat 23 Apr 2005 168,448 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_2\Setup.exe"
Sat 23 Apr 2005 118,784 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_2\autorun.exe"
Sat 23 Apr 2005 511,424 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_13\40Comupd.exe"
Sat 23 Apr 2005 168,448 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_13\Setup.exe"
Sat 23 Apr 2005 118,784 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_13\autorun.exe"
Sat 23 Apr 2005 511,424 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_12\40Comupd.exe"
Sat 23 Apr 2005 168,448 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_12\Setup.exe"
Sat 23 Apr 2005 118,784 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_12\autorun.exe"
Sat 23 Apr 2005 511,424 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_11\40Comupd.exe"
Sat 23 Apr 2005 168,448 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_11\Setup.exe"
Sat 23 Apr 2005 118,784 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_11\autorun.exe"
Sat 23 Apr 2005 417,792 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_18\Spanish\MapSource_Lang.dll"
Sat 23 Apr 2005 421,888 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_18\Italian\MapSource_Lang.dll"
Sat 23 Apr 2005 421,888 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_18\German\MapSource_Lang.dll"
Sat 23 Apr 2005 421,888 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_18\French\MapSource_Lang.dll"
Sat 23 Apr 2005 397,312 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_18\English\MapSource_Lang.dll"
Sat 23 Apr 2005 417,792 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_17\Spanish\MapSource_Lang.dll"
Sat 23 Apr 2005 421,888 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_17\Italian\MapSource_Lang.dll"
Sat 23 Apr 2005 421,888 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_17\German\MapSource_Lang.dll"
Sat 23 Apr 2005 421,888 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_17\French\MapSource_Lang.dll"
Sat 23 Apr 2005 397,312 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_17\English\MapSource_Lang.dll"
Sat 23 Apr 2005 511,424 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_16\GPS_AT\40Comupd.exe"
Sat 23 Apr 2005 168,448 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_16\GPS_AT\Setup.exe"
Sat 23 Apr 2005 118,784 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_16\GPS_AT\autorun.exe"
Sat 23 Apr 2005 417,792 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_15\Spanish\MapSource_Lang.dll"
Sat 23 Apr 2005 421,888 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_15\Italian\MapSource_Lang.dll"
Sat 23 Apr 2005 421,888 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_15\German\MapSource_Lang.dll"
Sat 23 Apr 2005 421,888 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_15\French\MapSource_Lang.dll"
Sat 23 Apr 2005 397,312 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_15\English\MapSource_Lang.dll"
Sat 23 Apr 2005 417,792 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_14\Spanish\MapSource_Lang.dll"
Sat 23 Apr 2005 421,888 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_14\Italian\MapSource_Lang.dll"
Sat 23 Apr 2005 421,888 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_14\German\MapSource_Lang.dll"
Sat 23 Apr 2005 421,888 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_14\French\MapSource_Lang.dll"
Sat 23 Apr 2005 397,312 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_14\English\MapSource_Lang.dll"
Sat 23 Apr 2005 417,792 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_9\Spanish\MapSource_Lang.dll"
Sat 23 Apr 2005 421,888 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_9\Italian\MapSource_Lang.dll"
Sat 23 Apr 2005 421,888 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_9\German\MapSource_Lang.dll"
Sat 23 Apr 2005 421,888 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_9\French\MapSource_Lang.dll"
Sat 23 Apr 2005 397,312 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_9\English\MapSource_Lang.dll"
Sat 23 Apr 2005 417,792 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_8\Spanish\MapSource_Lang.dll"
Sat 23 Apr 2005 421,888 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_8\Italian\MapSource_Lang.dll"
Sat 23 Apr 2005 421,888 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_8\German\MapSource_Lang.dll"
Sat 23 Apr 2005 421,888 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_8\French\MapSource_Lang.dll"
Sat 23 Apr 2005 397,312 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_8\English\MapSource_Lang.dll"
Sat 23 Apr 2005 385,024 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_7\Spanish\MapSource_Lang.dll"
Sat 23 Apr 2005 393,216 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_7\Italian\MapSource_Lang.dll"
Sat 23 Apr 2005 393,216 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_7\German\MapSource_Lang.dll"
Sat 23 Apr 2005 389,120 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_7\French\MapSource_Lang.dll"
Sat 23 Apr 2005 372,736 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_7\English\MapSource_Lang.dll"
Sat 23 Apr 2005 385,024 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_6\Spanish\MapSource_Lang.dll"
Sat 23 Apr 2005 393,216 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_6\Italian\MapSource_Lang.dll"
Sat 23 Apr 2005 393,216 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_6\German\MapSource_Lang.dll"
Sat 23 Apr 2005 389,120 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_6\French\MapSource_Lang.dll"
Sat 23 Apr 2005 372,736 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_6\English\MapSource_Lang.dll"
Sat 23 Apr 2005 385,024 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_5\Spanish\MapSource_Lang.dll"
Sat 23 Apr 2005 393,216 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_5\Italian\MapSource_Lang.dll"
Sat 23 Apr 2005 393,216 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_5\German\MapSource_Lang.dll"
Sat 23 Apr 2005 389,120 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_5\French\MapSource_Lang.dll"
Sat 23 Apr 2005 372,736 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_5\English\MapSource_Lang.dll"
Sat 23 Apr 2005 385,024 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_4\Spanish\MapSource_Lang.dll"
Sat 23 Apr 2005 393,216 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_4\Italian\MapSource_Lang.dll"
Sat 23 Apr 2005 393,216 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_4\German\MapSource_Lang.dll"
Sat 23 Apr 2005 389,120 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_4\French\MapSource_Lang.dll"
Sat 23 Apr 2005 372,736 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_4\English\MapSource_Lang.dll"
Sat 23 Apr 2005 385,024 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_3\Spanish\MapSource_Lang.dll"
Sat 23 Apr 2005 393,216 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_3\Italian\MapSource_Lang.dll"
Sat 23 Apr 2005 393,216 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_3\German\MapSource_Lang.dll"
Sat 23 Apr 2005 389,120 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_3\French\MapSource_Lang.dll"
Sat 23 Apr 2005 372,736 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_3\English\MapSource_Lang.dll"
Sat 23 Apr 2005 385,024 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_2\Spanish\MapSource_Lang.dll"
Sat 23 Apr 2005 393,216 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_2\Italian\MapSource_Lang.dll"
Sat 23 Apr 2005 393,216 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_2\German\MapSource_Lang.dll"
Sat 23 Apr 2005 389,120 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_2\French\MapSource_Lang.dll"
Sat 23 Apr 2005 372,736 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_2\English\MapSource_Lang.dll"
Sat 23 Apr 2005 417,792 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_13\Spanish\MapSource_Lang.dll"
Sat 23 Apr 2005 421,888 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_13\Italian\MapSource_Lang.dll"
Sat 23 Apr 2005 421,888 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_13\German\MapSource_Lang.dll"
Sat 23 Apr 2005 421,888 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_13\French\MapSource_Lang.dll"
Sat 23 Apr 2005 397,312 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_13\English\MapSource_Lang.dll"
Sat 23 Apr 2005 417,792 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_12\Spanish\MapSource_Lang.dll"
Sat 23 Apr 2005 421,888 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_12\Italian\MapSource_Lang.dll"
Sat 23 Apr 2005 421,888 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_12\German\MapSource_Lang.dll"
Sat 23 Apr 2005 421,888 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_12\French\MapSource_Lang.dll"
Sat 23 Apr 2005 397,312 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_12\English\MapSource_Lang.dll"
Sat 23 Apr 2005 417,792 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_11\Spanish\MapSource_Lang.dll"
Sat 23 Apr 2005 421,888 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_11\Italian\MapSource_Lang.dll"
Sat 23 Apr 2005 421,888 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_11\German\MapSource_Lang.dll"
Sat 23 Apr 2005 421,888 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_11\French\MapSource_Lang.dll"
Sat 23 Apr 2005 397,312 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_11\English\MapSource_Lang.dll"
Sat 23 Apr 2005 417,792 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_16\GPS_AT\Spanish\MapSource_Lang.dll"
Sat 23 Apr 2005 421,888 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_16\GPS_AT\Italian\MapSource_Lang.dll"
Sat 23 Apr 2005 421,888 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_16\GPS_AT\German\MapSource_Lang.dll"
Sat 23 Apr 2005 421,888 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_16\GPS_AT\French\MapSource_Lang.dll"
Sat 23 Apr 2005 397,312 A..H. --- "C:\Documents and Settings\LASZLO\Ty?p?yt?\Garmin_Mapsource_Finland_Topo-kartat\Garmin_Mapsource_Finland_Topo-kartat\Topo_cd_16\GPS_AT\English\MapSource_Lang.dll"

Finished!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:55:02, on 19.11.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
C:\Program Files\F-Secure\Common\FSMA32.EXE
C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
C:\Program Files\F-Secure\Common\FSMB32.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\F-Secure\Common\FCH32.EXE
C:\Program Files\F-Secure\Common\FAMEH32.EXE
C:\Program Files\F-Secure\Common\FNRB32.EXE
C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
C:\Program Files\F-Secure\Common\FIH32.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\F-Secure\BackWeb\7681197\Program\F-Secure Automatic Update.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Launch Manager\LaunchAp.exe
C:\Program Files\Launch Manager\PowerKey.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Program Files\Launch Manager\CtrlVol.exe
C:\Program Files\Launch Manager\OSDCtrl.exe
C:\Program Files\Launch Manager\Wbutton.exe
C:\Program Files\Arcade\PCMService.exe
C:\Program Files\F-Secure\Common\FSM32.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\RF Wireless Mouse\cm20.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\acer\eRecovery\Monitor.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\TomTom HOME\TomTomHOME.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\F-Secure\FSGUI\fsguiexe.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\Twain_32\CA561A\SnapDetect.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Documents and Settings\LASZLO\Työpöytä\HiJackThis_v2.0.2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defa...rch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fi\msntb.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe
O4 - HKLM\..\Run: [PowerKey] "C:\Program Files\Launch Manager\PowerKey.exe"
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\HotkeyApp.exe
O4 - HKLM\..\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe
O4 - HKLM\..\Run: [LMgrOSD] C:\Program Files\Launch Manager\OSDCtrl.exe
O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Arcade\PCMService.exe"
O4 - HKLM\..\Run: [eRecoveryService] C:\Windows\System32\Check.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Start RF Wireless Mouse] C:\Program Files\RF Wireless Mouse\cm20.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [Windows Services Manager] svchost.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Paikallinen palve')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Verkkopalve')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone -pikakäynnistys.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: SnapDetect.lnk = ?
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Matkaviestimen suosikkien luominen - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Matkaviestimen suosikkien luominen... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.soneraplaza.fi
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {3D2CB570-D425-11D5-ABD0-00008369C46F} (CSMenu Class) - https://verkkopankki.sampopankki.fi/html/activex/DB/Menu.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Mes...nt.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: F-Secure Automatic Update (BackWeb Plug-in - 7681197) - Unknown owner - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe

--
End of file - 13794 bytes

[ + lainaa]

Vastaa

Aloita uusi viestiketju

afterdawn.com > keskustelu > yleistä keskustelua tietokoneista > virukset ja haittaohjelmat - hijackthis -logit > hjt-logi


		Käyttäjä	Salasana

		Puuttuuko tunnus? Liity jäseneksi nyt!. Salasana hukassa? Klikkaa tästä.