apuu burster

esko

    moi,minut ohjattiin tänne ja käsjettiin antaa loki,
mä oon tumpelo näissä jos joku auttaisi poistossa,kiitos

Logfile of HijackThis v1.99.1
Scan saved at 9:11:08, on 10.12.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Logitech\QCDriver2\LVCOMS.EXE
C:\Program Files\Logitech\ImageStudio\LogiTray.exe
C:\WINDOWS\kdx\KHost.exe
D:\Program Files\MultiRes\MultiRes.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\WinAntiVirus Pro 2006\dc6_startupmon.exe
C:\Program Files\Common Files\WinAntiVirus Pro 2006\ers_startupmon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
D:\Program Files\Smile Brush\Smile Brush.exe
C:\WINDOWS\system32\E_S00RP1.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAE.EXE
D:\Program Files\WinZip\WZQKPICK.EXE
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\Program Files\Logitech\ImageStudio\LowLight.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\esko.ESKO-N242CG9SVM\Työpöytä\HijackThis_v1.99.1.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.surfnet.fi
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.fi
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer - toimittaja SurfNet
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Shareaza Web Download Hook - {0EEDB912-C5FA-486F-8334-57288578C627} - d:\Program Files\Shareaza\Plugins\RazaWebHook.dll (file missing)
O2 - BHO: (no name) - {35F7813A-AF74-4474-B1DC-7EE6FB6C43C6} - C:\WINDOWS\system32\iyygdanw.dll
O2 - BHO: (no name) - {3F5B41AE-24C0-468A-8D1B-E820831A7C68} - C:\WINDOWS\system32\yabya.dll
O2 - BHO: Idea2 SidebarBrowserMonitor Class - {45AD732C-2CE2-4666-B366-B2214AD57A49} - D:\Program Files\Desktop Sidebar\sbhelp.dll
O2 - BHO: (no name) - {46A4E9D9-B30E-452A-8157-DBBEC8573B03} - C:\Program Files\VSAdd-in\VSAdd-in.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: ohb Class - {5ED7D3DE-6DBE-4516-8712-436325722327} - C:\WINDOWS\system32\SmartShopper\SmartShopper0.dll
O2 - BHO: (no name) - {7411F8BA-29A3-3216-9DE7-024AC0AAB9F6} - C:\WINDOWS\system32\viyjhai.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &VSAdd-in - {74DD705D-6834-439C-A735-A6DBE2677452} - C:\Program Files\VSAdd-in\VSAdd-in.dll
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver2\LVCOMS.EXE
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [kdx] C:\WINDOWS\kdx\KHost.exe
O4 - HKLM\..\Run: [MultiRes] D:\Program Files\MultiRes\MultiRes.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [EPSON Stylus D68 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAE.EXE /P23 "EPSON Stylus D68 Series" /O6 "USB001" /M "Stylus D68"
O4 - HKLM\..\Run: [corn wipe wait log] C:\Documents and Settings\All Users\Application Data\FORK VGA CORN WIPE\Date Meow.exe
O4 - HKLM\..\Run: [DC6_check] "C:\Program Files\Common Files\WinAntiVirus Pro 2006\dc6_startupmon.exe"
O4 - HKLM\..\Run: [ERS_check] "C:\Program Files\Common Files\WinAntiVirus Pro 2006\ers_startupmon.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [SpyHunter] C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter.exe -scan
O4 - HKLM\..\RunServices: [p2pnetwork] p2pnetwork.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Rule About] C:\DOCUME~1\ESKO~1.ESK\APPLIC~1\GPLMAN~1\bend copy pop.exe
O4 - HKCU\..\Run: [Smile Brush] "D:\Program Files\Smile Brush\Smile Brush.exe" a
O4 - HKCU\..\Run: [EPSON Stylus D68 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAE.EXE /P23 "EPSON Stylus D68 Series" /M "Stylus D68" /EF "HKCU"
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: WinZip Quick Pick.lnk = D:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Avaa uuteen etuvälilehteen - res://C:\Program Files\Windows Live Toolbar\Components\fi-fi\msntabres.dll.mui/230?16040d000f6b42829436dd9f2c7e7112
O8 - Extra context menu item: Avaa uuteen taustavälilehteen - res://C:\Program Files\Windows Live Toolbar\Components\fi-fi\msntabres.dll.mui/229?16040d000f6b42829436dd9f2c7e7112
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\npjpi150_09.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\npjpi150_09.dll
O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - D:\Program Files\Desktop Sidebar\sbhelp.dll
O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - D:\Program Files\Desktop Sidebar\sbhelp.dll
O9 - Extra button: Lukutulkki - {B66541E2-E167-4084-8E77-68CA13C4B3B8} - C:\Program Files\NetClickup\Lukutulkki\Lutu.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe (file missing)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE (file missing)
O14 - IERESET.INF: START_PAGE_URL=http://www.surfnet.fi
O16 - DPF: {F54C1137-5E34-4B95-95A5-BA56D4D8D743} (Secure Delivery) - http://www.gamespot.com/KDX22/download/kdx.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~2\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~2\MSGRAP~1.DLL
O18 - Protocol: talkto - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~2\MSGRAP~1.DLL
O20 - Winlogon Notify: wingko32 - wingko32.dll (file missing)
O20 - Winlogon Notify: yabya - C:\WINDOWS\system32\yabya.dll
O21 - SSODL: gloomily - {9cc1c589-4b22-4dae-8e12-4c3b5fa12b3f} - C:\WINDOWS\system32\mlraakb.dll
O23 - Service: EPSON V3 Service2(03) (EPSON_PM_RPCV2_01) - SEIKO EPSON CORPORATION - C:\WINDOWS\system32\E_S00RP1.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: T37FSPSuppEmail - Sandler Consulting - C:\WINDOWS\system32\T37FSPSuppEmail.exe    

9

701

    Vastaukset

    Anonyymi (Kirjaudu / Rekisteröidy)
    5000
    • fix it

      Sielläpä on koko haittaohjelmien kerma koolla..;)

      Tässä nyt alkuun ohjetta:

      Ihan ekana Hjt omaan kansioon, ja nimeä Hijackthis.exe -> skanneri.exe.

      Vissiinkin tuo WinAntiVirusPro ite asennettu, suosittelen ihan ekana poistamaan sen lisää/poista sovelluksesta, on nimittäin ns. kyseenalainen ohjelma.
      Laita vaikka Avast tilalle, on ilmainen ja kevyt virustorjunta: http://www.download.fi/tyopoytaohjelmat/haittaohjelmien_poisto/avast4home.cfm

      Ja Avastin lisäksi vaikka Zonealarm palomuuri:http://www.zonelabs.com/store/content/company/products/trial_zaFamily/trial_zaFamily.jsp?lid=home_freedownloads

      Sitten merkkaa nuo ja paina fix checked:

      O2 - BHO: Shareaza Web Download Hook - {0EEDB912-C5FA-486F-8334-57288578C627} - d:\Program Files\Shareaza\Plugins\RazaWebHook.dll (file missing)
      O2 - BHO: (no name) - {35F7813A-AF74-4474-B1DC-7EE6FB6C43C6} - C:\WINDOWS\system32\iyygdanw.dll
      O2 - BHO: (no name) - {3F5B41AE-24C0-468A-8D1B-E820831A7C68} - C:\WINDOWS\system32\yabya.dll
      O2 - BHO: (no name) - {46A4E9D9-B30E-452A-8157-DBBEC8573B03} - C:\Program Files\VSAdd-in\VSAdd-in.dll
      O2 - BHO: ohb Class - {5ED7D3DE-6DBE-4516-8712-436325722327} - C:\WINDOWS\system32\SmartShopper\SmartShopper0.dll
      O2 - BHO: (no name) - {7411F8BA-29A3-3216-9DE7-024AC0AAB9F6} - C:\WINDOWS\system32\viyjhai.dll
      O3 - Toolbar: &VSAdd-in - {74DD705D-6834-439C-A735-A6DBE2677452} - C:\Program Files\VSAdd-in\VSAdd-in.dll
      O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
      O4 - HKLM\..\Run: [corn wipe wait log] C:\Documents and Settings\All Users\Application Data\FORK VGA CORN WIPE\Date Meow.exe
      O4 - HKLM\..\RunServices: [p2pnetwork] p2pnetwork.exe
      O4 - HKCU\..\Run: [Rule About] C:\DOCUME~1\ESKO~1.ESK\APPLIC~1\GPLMAN~1\bend copy pop.exe

      Poista lisää/poista sovellutuksesta VStoolbar

      Poista lisää/poista sovellutuksesta SmartShopper

      Poista nuo:

      C:\Program Files\---->VSAdd-inSmartShopperp2pnetwork.exe

      • esko

            ei löydy tätä,,logia!!findlop.txt
        jt ei tunnistettu sisäiseksi tai ulkoiseksi komennoksi,suoritettavaksi ohjelmaksi tai komentojonotiedojsi..

        Pura työpöydälle ja tuplaklikkaa findlop.bat
        Logi löytyy tuolta C:\findlop.txt !!

        entä nyt


      • esko

            ei löydy tätä,,logia!!findlop.txt
        jt ei tunnistettu sisäiseksi tai ulkoiseksi komennoksi,suoritettavaksi ohjelmaksi tai komentojonotiedojsi..

        Pura työpöydälle ja tuplaklikkaa findlop.bat
        Logi löytyy tuolta C:\findlop.txt !!

        entä nyt


      • esko

        en tiiä tuliko oikein???
        pitikö tämä laittaa sinne???

        Logfile of HijackThis v1.99.1
        Scan saved at 11:17:46, on 14.12.2006
        Platform: Windows XP SP2 (WinNT 5.01.2600)
        MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

        Running processes:
        C:\WINDOWS\System32\smss.exe
        C:\WINDOWS\SYSTEM32\winlogon.exe
        C:\WINDOWS\system32\services.exe
        C:\WINDOWS\system32\lsass.exe
        C:\WINDOWS\system32\svchost.exe
        C:\WINDOWS\System32\svchost.exe
        C:\WINDOWS\system32\spoolsv.exe
        C:\WINDOWS\Explorer.EXE
        C:\Program Files\Common Files\Logitech\QCDriver2\LVCOMS.EXE
        C:\Program Files\Logitech\ImageStudio\LogiTray.exe
        C:\WINDOWS\kdx\KHost.exe
        D:\Program Files\MultiRes\MultiRes.exe
        C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
        C:\WINDOWS\system32\RUNDLL32.EXE
        C:\Program Files\Common Files\WinAntiVirus Pro 2006\dc6_startupmon.exe
        C:\Program Files\Common Files\WinAntiVirus Pro 2006\ers_startupmon.exe
        C:\WINDOWS\system32\ctfmon.exe
        C:\Program Files\MSN Messenger\MsnMsgr.Exe
        D:\Program Files\Smile Brush\Smile Brush.exe
        C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAE.EXE
        D:\Program Files\WinZip\WZQKPICK.EXE
        c:\progra~1\intern~1\iexplore.exe
        C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
        C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
        C:\Program Files\Logitech\ImageStudio\LowLight.exe
        C:\WINDOWS\system32\E_S00RP1.EXE
        C:\Program Files\Internet Explorer\iexplore.exe
        C:\WINDOWS\system32\nvsvc32.exe
        C:\WINDOWS\System32\svchost.exe
        C:\WINDOWS\system32\mqsvc.exe
        C:\WINDOWS\system32\mqtgsvc.exe
        C:\WINDOWS\system32\svchost.exe
        C:\Documents and Settings\esko.ESKO-N242CG9SVM\Työpöytä\VIRUS\HijackThis_v1.99.1.exe

        R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
        R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
        R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/
        R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.surfnet.fi
        R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.fi
        R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
        R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer - toimittaja SurfNet
        R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
        F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
        O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
        O2 - BHO: Idea2 SidebarBrowserMonitor Class - {45AD732C-2CE2-4666-B366-B2214AD57A49} - D:\Program Files\Desktop Sidebar\sbhelp.dll
        O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
        O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
        O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
        O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
        O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
        O2 - BHO: (no name) - {E0C29602-0558-46A0-AFEC-B1C6E0DAB6C1} - C:\WINDOWS\system32\yabya.dll (file missing)
        O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
        O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
        O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
        O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver2\LVCOMS.EXE
        O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
        O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
        O4 - HKLM\..\Run: [kdx] C:\WINDOWS\kdx\KHost.exe
        O4 - HKLM\..\Run: [MultiRes] D:\Program Files\MultiRes\MultiRes.exe
        O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
        O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
        O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
        O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
        O4 - HKLM\..\Run: [EPSON Stylus D68 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAE.EXE /P23 "EPSON Stylus D68 Series" /O6 "USB001" /M "Stylus D68"
        O4 - HKLM\..\Run: [DC6_check] "C:\Program Files\Common Files\WinAntiVirus Pro 2006\dc6_startupmon.exe"
        O4 - HKLM\..\Run: [ERS_check] "C:\Program Files\Common Files\WinAntiVirus Pro 2006\ers_startupmon.exe"
        O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
        O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
        O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
        O4 - HKCU\..\Run: [Smile Brush] "D:\Program Files\Smile Brush\Smile Brush.exe" a
        O4 - HKCU\..\Run: [EPSON Stylus D68 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAE.EXE /P23 "EPSON Stylus D68 Series" /M "Stylus D68" /EF "HKCU"
        O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
        O4 - Global Startup: Adobe Reader Speed Launch.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
        O4 - Global Startup: WinZip Quick Pick.lnk = D:\Program Files\WinZip\WZQKPICK.EXE
        O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
        O8 - Extra context menu item: Avaa uuteen etuvälilehteen - res://C:\Program Files\Windows Live Toolbar\Components\fi-fi\msntabres.dll.mui/230?16040d000f6b42829436dd9f2c7e7112
        O8 - Extra context menu item: Avaa uuteen taustavälilehteen - res://C:\Program Files\Windows Live Toolbar\Components\fi-fi\msntabres.dll.mui/229?16040d000f6b42829436dd9f2c7e7112
        O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\npjpi150_09.dll
        O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\npjpi150_09.dll
        O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - D:\Program Files\Desktop Sidebar\sbhelp.dll
        O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - D:\Program Files\Desktop Sidebar\sbhelp.dll
        O9 - Extra button: Lukutulkki - {B66541E2-E167-4084-8E77-68CA13C4B3B8} - C:\Program Files\NetClickup\Lukutulkki\Lutu.dll
        O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
        O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe (file missing)
        O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe (file missing)
        O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE (file missing)
        O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE (file missing)
        O14 - IERESET.INF: START_PAGE_URL=http://www.surfnet.fi
        O16 - DPF: {F54C1137-5E34-4B95-95A5-BA56D4D8D743} (Secure Delivery) - http://www.gamespot.com/KDX22/download/kdx.cab
        O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~2\MSGRAP~1.DLL
        O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~2\MSGRAP~1.DLL
        O18 - Protocol: talkto - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~2\MSGRAP~1.DLL
        O20 - Winlogon Notify: wingko32 - wingko32.dll (file missing)
        O21 - SSODL: gloomily - {9cc1c589-4b22-4dae-8e12-4c3b5fa12b3f} - C:\WINDOWS\system32\mlraakb.dll
        O23 - Service: EPSON V3 Service2(03) (EPSON_PM_RPCV2_01) - SEIKO EPSON CORPORATION - C:\WINDOWS\system32\E_S00RP1.EXE
        O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
        O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
        O23 - Service: T37FSPSuppEmail - Sandler Consulting - C:\WINDOWS\system32\T37FSPSuppEmail.exe


      • esko

        ###########################Runnning Processes DATA###########################
        processName = [SYSTEM PROCESS]   File Size = 2703360   File Path = C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter.exe    ModuleMD5 = 74dc526949d1626bdfb62a2ec4fd8539
        processName = SMSS.EXE   File Size = 50688   File Path = \SystemRoot\System32\smss.exe    ModuleMD5 = 978b51bdf65a2eade93cc8cae14909c7
        processName = CSRSS.EXE   File Size = 6144   File Path = \??\C:\WINDOWS\system32\csrss.exe    ModuleMD5 = 4ee3b89ac15bc7c19e67b05fc1b1ed57
        processName = WINLOGON.EXE   File Size = 502784   File Path = \??\C:\WINDOWS\SYSTEM32\winlogon.exe    ModuleMD5 = 5f0714b1447dc0262789c3cc43752418
        processName = SERVICES.EXE   File Size = 108544   File Path = C:\WINDOWS\system32\services.exe    ModuleMD5 = c2f8f8343435fc080c2de25a410e09e8
        processName = LSASS.EXE   File Size = 13312   File Path = C:\WINDOWS\system32\lsass.exe    ModuleMD5 = 39726087f99c7775b2ea1f2990709817
        processName = SVCHOST.EXE   File Size = 14336   File Path = C:\WINDOWS\system32\svchost.exe    ModuleMD5 = 34c8d42b876703b3abf0562307428561
        processName = SVCHOST.EXE   File Size = 14336   File Path = C:\WINDOWS\system32\svchost.exe    ModuleMD5 = 34c8d42b876703b3abf0562307428561
        processName = SVCHOST.EXE   File Size = 14336   File Path = C:\WINDOWS\System32\svchost.exe    ModuleMD5 = 34c8d42b876703b3abf0562307428561
        processName = SVCHOST.EXE   File Size = 14336   File Path = C:\WINDOWS\System32\svchost.exe    ModuleMD5 = 34c8d42b876703b3abf0562307428561
        processName = SVCHOST.EXE   File Size = 14336   File Path = C:\WINDOWS\System32\svchost.exe    ModuleMD5 = 34c8d42b876703b3abf0562307428561
        processName = SPOOLSV.EXE   File Size = 57856   File Path = C:\WINDOWS\system32\spoolsv.exe    ModuleMD5 = da81ec57acd4cdc3d4c51cf3d409af9f
        processName = EXPLORER.EXE   File Size = 1032704   File Path = C:\WINDOWS\Explorer.EXE    ModuleMD5 = 43c0b3d357f319875a51bc111f393147
        processName = LVCOMS.EXE   File Size = 90112   File Path = C:\Program Files\Common Files\Logitech\QCDriver2\LVCOMS.EXE    ModuleMD5 = ae8dda79fb82eb3100852a1df8502551
        processName = LOGITRAY.EXE   File Size = 45056   File Path = C:\Program Files\Logitech\ImageStudio\LogiTray.exe    ModuleMD5 = 5a410b0e8ba5503321aae02931a5f767
        processName = KHOST.EXE   File Size = 1757184   File Path = C:\WINDOWS\kdx\KHost.exe    ModuleMD5 = 3a0b1b2019386767f3e141ee4431224d
        processName = MULTIRES.EXE   File Size = 61952   File Path = D:\Program Files\MultiRes\MultiRes.exe    ModuleMD5 = 277f33b45b278ea42c2daf09d9b17d7c
        processName = JUSCHED.EXE   File Size = 49263   File Path = C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe    ModuleMD5 = 409c45da1cfbc3fc19eec7cbfe9b2786
        processName = RUNDLL32.EXE   File Size = 33280   File Path = C:\WINDOWS\system32\RUNDLL32.EXE    ModuleMD5 = 71eac25aafea6bddcbe5d09a2f218305
        processName = DC6_STARTUPMON.EXE   File Size = 192512   File Path = C:\Program Files\Common Files\WinAntiVirus Pro 2006\dc6_startupmon.exe    ModuleMD5 = 5b829f14ae20676cf139df675d06dab9
        processName = ERS_STARTUPMON.EXE   File Size = 163840   File Path = C:\Program Files\Common Files\WinAntiVirus Pro 2006\ers_startupmon.exe    ModuleMD5 = deba7ccf66e0680e22eec1480f6c7282
        processName = CTFMON.EXE   File Size = 15360   File Path = C:\WINDOWS\system32\ctfmon.exe    ModuleMD5 = e8e7ce0d379630e7b0015e48fa90499b
        processName = MSNMSGR.EXE   File Size = 5354792   File Path = C:\Program Files\MSN Messenger\MsnMsgr.Exe    ModuleMD5 = aad2359e9d610ce4486f6483d57c58e7
        processName = SMILE BRUSH.EXE   File Size = 217088   File Path = D:\Program Files\Smile Brush\Smile Brush.exe    ModuleMD5 = 6e1d467c15a5514e70be31e1636c68d1
        processName = E_S00RP1.EXE   File Size = 65536   File Path = C:\WINDOWS\system32\E_S00RP1.EXE    ModuleMD5 = 9b3ecbf38cc2b378373b7278d36432c6
        processName = E_FATIAAE.EXE   File Size = 98304   File Path = C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAE.EXE    ModuleMD5 = b5bc4300e54ccaf08869e94126d0f829
        processName = WZQKPICK.EXE   File Size = 118784   File Path = D:\Program Files\WinZip\WZQKPICK.EXE    ModuleMD5 = 67b2e7b6ae3b400d832f0456068ea83d
        processName = MSDTC.EXE   File Size = 6144   File Path = C:\WINDOWS\System32\msdtc.exe    ModuleMD5 = 54703de019f1556a098e23a898317583
        processName = IEXPLORE.EXE   File Size = 93184   File Path = c:\progra~1\intern~1\iexplore.exe    ModuleMD5 = 688fd75bb2d56b05f398f37c182b4528
        processName = IEXPLORE.EXE   File Size = 93184   File Path = C:\Program Files\Internet Explorer\iexplore.exe    ModuleMD5 = 688fd75bb2d56b05f398f37c182b4528
        processName = SOFFICE.EXE   File Size = 2334720   File Path = C:\Program Files\OpenOffice.org 2.0\program\soffice.exe    ModuleMD5 = 2b2d6c67b81c0d5b8fc8792c4735f5e1
        processName = SOFFICE.BIN   File Size = 2486272   File Path = C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN    ModuleMD5 = a9021c2492ae3bb6610d531066f4da11
        processName = LOWLIGHT.EXE   File Size = 53248   File Path = C:\Program Files\Logitech\ImageStudio\LowLight.exe    ModuleMD5 = 68eb22615e3312ddd85e62dcaa0e0586
        processName = NVSVC32.EXE   File Size = 131139   File Path = C:\WINDOWS\system32\nvsvc32.exe    ModuleMD5 = 0b24ab7cc5b7ed2aa7f438a4072459f4
        processName = SVCHOST.EXE   File Size = 14336   File Path = C:\WINDOWS\System32\svchost.exe    ModuleMD5 = 34c8d42b876703b3abf0562307428561
        processName = WDFMGR.EXE   File Size = 38912   File Path = C:\WINDOWS\system32\wdfmgr.exe    ModuleMD5 = ab0a7ca90d9e3d6a193905dc1715ded0
        processName = MQSVC.EXE   File Size = 4608   File Path = C:\WINDOWS\system32\mqsvc.exe    ModuleMD5 = 7b2514998abe86476489a0875ecb4b18
        processName = MQTGSVC.EXE   File Size = 117248   File Path = C:\WINDOWS\system32\mqtgsvc.exe    ModuleMD5 = f703ebf0b1c571a44c258197c50b81e3
        processName = ALG.EXE   File Size = 44544   File Path = C:\WINDOWS\System32\alg.exe    ModuleMD5 = 68276e67da0274ca30db2fc0e42c38c5
        processName = SVCHOST.EXE   File Size = 14336   File Path = C:\WINDOWS\system32\svchost.exe    ModuleMD5 = 34c8d42b876703b3abf0562307428561
        processName = FIREFOX.EXE   File Size = 7604331   File Path = C:\PROGRA~1\MOZILL~1\FIREFOX.EXE    ModuleMD5 = cb49c8ae9b44535d2b6fcde74c589ac9
        processName = MSNCALL.EXE   File Size = 1002280   File Path = C:\Program Files\MSN Messenger\msncall.exe    ModuleMD5 = 23fe49906a6749c2c7b69081cf710d35
        processName = E_FAMTAAE.EXE   File Size = 110592   File Path = C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FAMTAAE.EXE    ModuleMD5 = 5a4bd60a6b97b276f7d90f3a36876f2c
        processName = SPYHUNTER.EXE   File Size = 2703360   File Path = C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter.exe    ModuleMD5 = 74dc526949d1626bdfb62a2ec4fd8539
        ###########################REGISTRY MD5 DATA###########################

        Name=LVCOMS   Data=C:\Program Files\Common Files\Logitech\QCDriver2\LVCOMS.EXE   FileSize = 90112   MD5=ae8dda79fb82eb3100852a1df8502551
        Name=LogitechGalleryRepair   Data=C:\Program Files\Logitech\ImageStudio\ISStart.exe   FileSize = 155648   MD5=948cac717567ba865304846268d281b9
        Name=LogitechImageStudioTray   Data=C:\Program Files\Logitech\ImageStudio\LogiTray.exe   FileSize = 45056   MD5=5a410b0e8ba5503321aae02931a5f767
        Name=kdx   Data=C:\WINDOWS\kdx\KHost.exe   FileSize = 1757184   MD5=3a0b1b2019386767f3e141ee4431224d
        Name=MultiRes   Data=D:\Program Files\MultiRes\MultiRes.exe   FileSize = 61952   MD5=277f33b45b278ea42c2daf09d9b17d7c
        Name=SunJavaUpdateSched   Data="C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"   FileSize = 49263   MD5=409c45da1cfbc3fc19eec7cbfe9b2786
        Name=UserFaultCheck   Data=%systemroot%\system32\dumprep 0 -u   FileSize =    MD5=
        Name=NvCplDaemon   Data=RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup   FileSize = 7286784   MD5=c9d985299655b1a4c80bec4d60828f98
        Name=nwiz   Data=nwiz.exe /install   FileSize = 1519616   MD5=
        Name=NvMediaCenter   Data=RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit   FileSize = 86016   MD5=ad26d98c35ca98de4b3388afa158fa54
        Name=EPSON Stylus D68 Series   Data=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAE.EXE /P23 "EPSON Stylus D68 Series" /O6 "USB001" /M "Stylus D68"   FileSize = 98304   MD5=b5bc4300e54ccaf08869e94126d0f829
        Name=corn wipe wait log   Data=C:\Documents and Settings\All Users\Application Data\FORK VGA CORN WIPE\Date Meow.exe   FileSize = 564736   MD5=97e2f64722e8d761bc868aab6dc74e62
        Name=DC6_check   Data="C:\Program Files\Common Files\WinAntiVirus Pro 2006\dc6_startupmon.exe"   FileSize = 192512   MD5=5b829f14ae20676cf139df675d06dab9
        Name=ERS_check   Data="C:\Program Files\Common Files\WinAntiVirus Pro 2006\ers_startupmon.exe"   FileSize = 163840   MD5=deba7ccf66e0680e22eec1480f6c7282
        Name=SpywareTerminator   Data="C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"   FileSize =    MD5=********************************
        Name=SpyHunter   Data=C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter.exe -scan
           FileSize = 2703360   MD5=74dc526949d1626bdfb62a2ec4fd8539

        Name=CTFMON.EXE   Data=C:\WINDOWS\system32\ctfmon.exe   FileSize = 15360   MD5=e8e7ce0d379630e7b0015e48fa90499b
        Name=msnmsgr   Data="C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background   FileSize = 5354792   MD5=aad2359e9d610ce4486f6483d57c58e7
        Name=Rule About   Data=C:\DOCUME~1\ESKO~1.ESK\APPLIC~1\GPLMAN~1\bend copy pop.exe   FileSize = 408576   MD5=5ddb2a05c27221451eda4551ad4bad1d
        Name=Smile Brush   Data="D:\Program Files\Smile Brush\Smile Brush.exe" a   FileSize = 217088   MD5=6e1d467c15a5514e70be31e1636c68d1
        Name=EPSON Stylus D68 Series   Data=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAE.EXE /P23 "EPSON Stylus D68 Series" /M "Stylus D68" /EF "HKCU"
           FileSize = 98304   MD5=b5bc4300e54ccaf08869e94126d0f829

        Name=CTFMON.EXE   Data=C:\WINDOWS\System32\CTFMON.EXE
           FileSize = 15360   MD5=e8e7ce0d379630e7b0015e48fa90499b

        #############################FILE MD5 DATA#############################

        File Path = C:\Documents and Settings\esko.ESKO-N242CG9SVM\Käynnistä-valikko\desktop.ini   File Size = 4096   md5=87f8888e1d77d9cef69e901a97d40d73
        File Path = C:\Documents and Settings\esko.ESKO-N242CG9SVM\Käynnistä-valikko\Ohjelmat\desktop.ini   File Size = 4096   md5=9e270a487a2c3195985074244e0fbfb4
        File Path = C:\Documents and Settings\esko.ESKO-N242CG9SVM\Käynnistä-valikko\Ohjelmat\Etätuki.lnk   File Size = 4096   md5=0c14f6baf66d3ee7478d582bb4ef1eb1
        File Path = C:\Documents and Settings\esko.ESKO-N242CG9SVM\Käynnistä-valikko\Ohjelmat\Internet Explorer.lnk   File Size = 4096   md5=17cb4d0ff23de6525d211e10ba88dca7
        File Path = C:\Documents and Settings\esko.ESKO-N242CG9SVM\Käynnistä-valikko\Ohjelmat\Outlook Express.lnk   File Size = 4096   md5=2997122d14135cbaa64b28a3f85a8aab
        File Path = C:\Documents and Settings\esko.ESKO-N242CG9SVM\Käynnistä-valikko\Ohjelmat\Windows Media Player.lnk   File Size = 4096   md5=0b4020dad516d962817f0b272329068c
        File Path = C:\Documents and Settings\esko.ESKO-N242CG9SVM\Käynnistä-valikko\Ohjelmat\Apuohjelmat\desktop.ini   File Size = 4096   md5=48535bef58fb1af2e7faacf420dc713a
        File Path = C:\Documents and Settings\esko.ESKO-N242CG9SVM\Käynnistä-valikko\Ohjelmat\Apuohjelmat\Komentorivi.lnk   File Size = 4096   md5=bdc42001d1cb6ea027121b8a223ce586
        File Path = C:\Documents and Settings\esko.ESKO-N242CG9SVM\Käynnistä-valikko\Ohjelmat\Apuohjelmat\Muistio.lnk   File Size = 4096   md5=3c9e716169b1e91e1c94f8633bc3f7f7
        File Path = C:\Documents and Settings\esko.ESKO-N242CG9SVM\Käynnistä-valikko\Ohjelmat\Apuohjelmat\Ohjattu sovelluksen yhteensopivuustoiminto.lnk   File Size = 4096   md5=ea85ff47ea2d49c46f10d85aa3594b00
        File Path = C:\Documents and Settings\esko.ESKO-N242CG9SVM\Käynnistä-valikko\Ohjelmat\Apuohjelmat\Osoitteisto.lnk   File Size = 4096   md5=d0f19da4040a3e0e326a520b3479751e
        File Path = C:\Documents and Settings\esko.ESKO-N242CG9SVM\Käynnistä-valikko\Ohjelmat\Apuohjelmat\Synkronoi.lnk   File Size = 4096   md5=2ab469bebeda975858625095b38e8e66
        File Path = C:\Documents and Settings\esko.ESKO-N242CG9SVM\Käynnistä-valikko\Ohjelmat\Apuohjelmat\Windows Resurssienhallinta.lnk   File Size = 4096   md5=15e52492ac328507c53210232a493037
        File Path = C:\Documents and Settings\esko.ESKO-N242CG9SVM\Käynnistä-valikko\Ohjelmat\Apuohjelmat\Windows XP -esittely.lnk   File Size = 4096   md5=1983033022efbab3563fea791c22c884
        File Path = C:\Documents and Settings\esko.ESKO-N242CG9SVM\Käynnistä-valikko\Ohjelmat\Käynnistys\desktop.ini   File Size = 4096   md5=d6a6856702e3f0953e7246a9b4a9fe35
        File Path = C:\Documents and Settings\esko.ESKO-N242CG9SVM\Käynnistä-valikko\Ohjelmat\Käynnistys\OpenOffice.org 2.0.lnk   File Size = 4096   md5=959121c855e616bc7782ab66c14f7f6e
        File Path = C:\Documents and Settings\esko.ESKO-N242CG9SVM\Käynnistä-valikko\Ohjelmat\LimeWire\LimeWire 4.12.6.lnk   File Size = 4096   md5=7eb1cf4128179a8ca431f3326ac27f19
        File Path = C:\Documents and Settings\esko.ESKO-N242CG9SVM\Käynnistä-valikko\Ohjelmat\LimeWire\Uninstall.lnk   File Size = 4096   md5=34ae33e88e6d98fb70244104aca8b595
        File Path = C:\Documents and Settings\esko.ESKO-N242CG9SVM\Käynnistä-valikko\Ohjelmat\OpenOffice.org 2.0\Desktop.ini   File Size = 4096   md5=6beb0726e16a65415805eeb22eba4ecd
        File Path = C:\Documents and Settings\esko.ESKO-N242CG9SVM\Käynnistä-valikko\Ohjelmat\OpenOffice.org 2.0\OpenOffice.org Base.lnk   File Size = 8192   md5=4001ec2259894533d5df599169a26868
        File Path = C:\Documents and Settings\esko.ESKO-N242CG9SVM\Käynnistä-valikko\Ohjelmat\OpenOffice.org 2.0\OpenOffice.org Calc.lnk   File Size = 8192   md5=889dab5ba7102249f7137010d55b0e7f
        File Path = C:\Documents and Settings\esko.ESKO-N242CG9SVM\Käynnistä-valikko\Ohjelmat\OpenOffice.org 2.0\OpenOffice.org Draw.lnk   File Size = 8192   md5=a465ff74cd8421f500a8abdb82fc2762
        File Path = C:\Documents and Settings\esko.ESKO-N242CG9SVM\Käynnistä-valikko\Ohjelmat\OpenOffice.org 2.0\OpenOffice.org Impress.lnk   File Size = 8192   md5=c7357910a91315221a7f3acf478d95be
        File Path = C:\Documents and Settings\esko.ESKO-N242CG9SVM\Käynnistä-valikko\Ohjelmat\OpenOffice.org 2.0\OpenOffice.org Math.lnk   File Size = 8192   md5=0a51f9cf2734b94a286d9c7b5e5f1e7f
        File Path = C:\Documents and Settings\esko.ESKO-N242CG9SVM\Käynnistä-valikko\Ohjelmat\OpenOffice.org 2.0\OpenOffice.org Writer.lnk   File Size = 8192   md5=e7c2a8939ae6a9e57cc825c7896c6c6d
        File Path = C:\Documents and Settings\esko.ESKO-N242CG9SVM\Käynnistä-valikko\Ohjelmat\Warcraft III\Technical Support Web Site.url   File Size = 4096   md5=34bc109df6c355914ef79b29312ce7af
        File Path = C:\Documents and Settings\esko.ESKO-N242CG9SVM\Käynnistä-valikko\Ohjelmat\Warcraft III\Warcraft III Readme.lnk   File Size = 4096   md5=47e5eb9dc35ddd4dbd0d7296f6ada155
        File Path = C:\Documents and Settings\esko.ESKO-N242CG9SVM\Käynnistä-valikko\Ohjelmat\Warcraft III\Warcraft III Registration.url   File Size = 4096   md5=995c0ba85d65e26fb21fa9d67d8e552c
        File Path = C:\Documents and Settings\esko.ESKO-N242CG9SVM\Käynnistä-valikko\Ohjelmat\Warcraft III\Warcraft III Uninstall.lnk   File Size = 4096   md5=f58b131bafdc2b24061ac2abfaec20ef
        File Path = C:\Documents and Settings\esko.ESKO-N242CG9SVM\Käynnistä-valikko\Ohjelmat\Warcraft III\Warcraft III World Editor.lnk   File Size = 4096   md5=8e832996075db9478960c26e19d7063b
        File Path = C:\Documents and Settings\esko.ESKO-N242CG9SVM\Käynnistä-valikko\Ohjelmat\Warcraft III\Warcraft III.lnk   File Size = 4096   md5=fb443614ab268324a6261e0c2afbe163
        File Path = C:\Documents and Settings\esko.ESKO-N242CG9SVM\Käynnistä-valikko\Ohjelmat\Apuohjelmat\Helppokäyttötoiminnot\desktop.ini   File Size = 4096   md5=f8c444ce8a6e06a5a0e0e3bc6a119b97
        File Path = C:\Documents and Settings\esko.ESKO-N242CG9SVM\Käynnistä-valikko\Ohjelmat\Apuohjelmat\Helppokäyttötoiminnot\OnScreen-näppäimistö.lnk   File Size = 4096   md5=3259b428a3fbeabcf353dbf4e219ac19
        File Path = C:\Documents and Settings\esko.ESKO-N242CG9SVM\Käynnistä-valikko\Ohjelmat\Apuohjelmat\Helppokäyttötoiminnot\Suurennuslasi.lnk   File Size = 4096   md5=bcc0d5f02cb63934f301ac3640442f7b
        File Path = C:\Documents and Settings\esko.ESKO-N242CG9SVM\Käynnistä-valikko\Ohjelmat\Apuohjelmat\Helppokäyttötoiminnot\Toimintojen hallinta.lnk   File Size = 4096   md5=f388534e378bbf00d941a69b3c516ab9
        File Path = C:\Documents and Settings\esko.ESKO-N242CG9SVM\Käynnistä-valikko\Ohjelmat\Apuohjelmat\Viihde\desktop.ini   File Size = 4096   md5=9406fb6347ae3c0a373aba7ece378702
        File Path = C:\Documents and Settings\esko.ESKO-N242CG9SVM\Käynnistä-valikko\Ohjelmat\Apuohjelmat\Viihde\Windows Media Player.lnk   File Size = 4096   md5=0d27f14482c2966d4cc6cba298ae521b
        #############################SERVICES DATA#############################
        Service Name = ALG   Service Display Name = Sovelluskerroksen yhdyskäytäväpalvelu   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 16   Service Start Type = 3   Service Error Control = 1   Service Binary Path = C:\WINDOWS\System32\alg.exe   Binary Size = 44544   Binary MD5 = 68276e67da0274ca30db2fc0e42c38c5   
        Service Name = AudioSrv   Service Display Name = Windows Audio   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 2   Service Error Control = 1   Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs   Binary Size = 0   Binary MD5 =    
        Service Name = Browser   Service Display Name = Tietokoneiden selaus   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 2   Service Error Control = 1   Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs   Binary Size = 0   Binary MD5 =    
        Service Name = CryptSvc   Service Display Name = Salauspalvelut   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 2   Service Error Control = 1   Service Binary Path = C:\WINDOWS\system32\svchost.exe -k netsvcs   Binary Size = 0   Binary MD5 =    
        Service Name = DcomLaunch   Service Display Name = DCOM-palvelinprosessin käynnistys   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 2   Service Error Control = 1   Service Binary Path = C:\WINDOWS\system32\svchost -k DcomLaunch   Binary Size = 0   Binary MD5 =    
        Service Name = Dhcp   Service Display Name = DHCP-asiakas   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 2   Service Error Control = 1   Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs   Binary Size = 0   Binary MD5 =    
        Service Name = dmserver   Service Display Name = Loogisen levyn hallinta   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 2   Service Error Control = 1   Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs   Binary Size = 0   Binary MD5 =    
        Service Name = Dnscache   Service Display Name = DNS-asiakas   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 2   Service Error Control = 1   Service Binary Path = C:\WINDOWS\System32\svchost.exe -k NetworkService   Binary Size = 0   Binary MD5 =    
        Service Name = EPSON_PM_RPCV2_01   Service Display Name = EPSON V3 Service2(03)   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 16   Service Start Type = 2   Service Error Control = 1   Service Binary Path = C:\WINDOWS\system32\E_S00RP1.EXE   Binary Size = 65536   Binary MD5 = 9b3ecbf38cc2b378373b7278d36432c6   
        Service Name = ERSvc   Service Display Name = Virheraportointipalvelut   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 2   Service Error Control = 0   Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs   Binary Size = 0   Binary MD5 =    
        Service Name = Eventlog   Service Display Name = Tapahtumaloki   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 2   Service Error Control = 1   Service Binary Path = C:\WINDOWS\system32\services.exe   Binary Size = 108544   Binary MD5 = c2f8f8343435fc080c2de25a410e09e8   
        Service Name = EventSystem   Service Display Name = COM -tapahtumajärjestelmä   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 3   Service Error Control = 1   Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs   Binary Size = 0   Binary MD5 =    
        Service Name = FastUserSwitchingCompatibility   Service Display Name = Nopean käyttäjän vaihdon yhteensopivuus   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 3   Service Error Control = 1   Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs   Binary Size = 0   Binary MD5 =    
        Service Name = helpsvc   Service Display Name = Ohjeet ja tuotetuki   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 2   Service Error Control = 1   Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs   Binary Size = 0   Binary MD5 =    
        Service Name = HidServ   Service Display Name = HID Input Service   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 2   Service Error Control = 1   Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs   Binary Size = 0   Binary MD5 =    
        Service Name = lanmanserver   Service Display Name = Palvelin   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 2   Service Error Control = 1   Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs   Binary Size = 0   Binary MD5 =    
        Service Name = lanmanworkstation   Service Display Name = Työasema   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 2   Service Error Control = 1   Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs   Binary Size = 0   Binary MD5 =    
        Service Name = LmHosts   Service Display Name = TCP/IP NetBIOS Helper   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 2   Service Error Control = 1   Service Binary Path = C:\WINDOWS\System32\svchost.exe -k LocalService   Binary Size = 0   Binary MD5 =    
        Service Name = MSDTC   Service Display Name = Distributed Transaction Coordinator   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 16   Service Start Type = 3   Service Error Control = 1   Service Binary Path = C:\WINDOWS\System32\msdtc.exe   Binary Size = 6144   Binary MD5 = 54703de019f1556a098e23a898317583   
        Service Name = MSMQ   Service Display Name = Message Queuing   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 16   Service Start Type = 2   Service Error Control = 1   Service Binary Path = C:\WINDOWS\system32\mqsvc.exe   Binary Size = 4608   Binary MD5 = 7b2514998abe86476489a0875ecb4b18   
        Service Name = MSMQTriggers   Service Display Name = Message Queuing Triggers   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 16   Service Start Type = 2   Service Error Control = 1   Service Binary Path = C:\WINDOWS\system32\mqtgsvc.exe   Binary Size = 117248   Binary MD5 = f703ebf0b1c571a44c258197c50b81e3   
        Service Name = Netman   Service Display Name = Verkkoyhteydet   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 288   Service Start Type = 3   Service Error Control = 1   Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs   Binary Size = 0   Binary MD5 =    
        Service Name = Nla   Service Display Name = NLA-nimiavaruus (Network Location Awareness)   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 3   Service Error Control = 1   Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs   Binary Size = 0   Binary MD5 =    
        Service Name = NtLmSsp   Service Display Name = NT LM -suojaustuen toimittaja   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 3   Service Error Control = 1   Service Binary Path = C:\WINDOWS\System32\lsass.exe   Binary Size = 13312   Binary MD5 = 39726087f99c7775b2ea1f2990709817   
        Service Name = NVSvc   Service Display Name = NVIDIA Display Driver Service   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 16   Service Start Type = 2   Service Error Control = 1   Service Binary Path = C:\WINDOWS\system32\nvsvc32.exe   Binary Size = 131139   Binary MD5 = 0b24ab7cc5b7ed2aa7f438a4072459f4   
        Service Name = PlugPlay   Service Display Name = Plug and Play   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 2   Service Error Control = 1   Service Binary Path = C:\WINDOWS\system32\services.exe   Binary Size = 108544   Binary MD5 = c2f8f8343435fc080c2de25a410e09e8   
        Service Name = PolicyAgent   Service Display Name = IPSEC-palvelut   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 2   Service Error Control = 1   Service Binary Path = C:\WINDOWS\System32\lsass.exe   Binary Size = 13312   Binary MD5 = 39726087f99c7775b2ea1f2990709817   
        Service Name = ProtectedStorage   Service Display Name = Suojattu tallennuspaikka   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 288   Service Start Type = 2   Service Error Control = 1   Service Binary Path = C:\WINDOWS\system32\lsass.exe   Binary Size = 13312   Binary MD5 = 39726087f99c7775b2ea1f2990709817   
        Service Name = RasMan   Service Display Name = Etäkäytön (RAS) yhteyksienhallinta   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 3   Service Error Control = 1   Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs   Binary Size = 0   Binary MD5 =    
        Service Name = RemoteRegistry   Service Display Name = Etärekisteri   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 2   Service Error Control = 1   Service Binary Path = C:\WINDOWS\system32\svchost.exe -k LocalService   Binary Size = 0   Binary MD5 =    
        Service Name = RpcSs   Service Display Name = Etäproseduurikutsu (RPC)   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 2   Service Error Control = 1   Service Binary Path = C:\WINDOWS\system32\svchost -k rpcss   Binary Size = 0   Binary MD5 =    
        Service Name = SamSs   Service Display Name = Käyttöoikeustilien hallinta   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 2   Service Error Control = 1   Service Binary Path = C:\WINDOWS\system32\lsass.exe   Binary Size = 13312   Binary MD5 = 39726087f99c7775b2ea1f2990709817   
        Service Name = Schedule   Service Display Name = Tehtävien ajoitus   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 288   Service Start Type = 2   Service Error Control = 1   Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs   Binary Size = 0   Binary MD5 =    
        Service Name = seclogon   Service Display Name = Toissijainen kirjautuminen   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 288   Service Start Type = 2   Service Error Control = 0   Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs   Binary Size = 0   Binary MD5 =    
        Service Name = SENS   Service Display Name = Järjestelmätapahtuman ilmoitus   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 2   Service Error Control = 1   Service Binary Path = C:\WINDOWS\system32\svchost.exe -k netsvcs   Binary Size = 0   Binary MD5 =    
        Service Name = SharedAccess   Service Display Name = Windowsin palomuuri / Internet-yhteyden jakaminen (ICS)   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 2   Service Error Control = 1   Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs   Binary Size = 0   Binary MD5 =    
        Service Name = ShellHWDetection   Service Display Name = Käyttöliittymän laitteistotunnistus   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 2   Service Error Control = 0   Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs   Binary Size = 0   Binary MD5 =    
        Service Name = Spooler   Service Display Name = Taustatulostusohjain   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 272   Service Start Type = 2   Service Error Control = 1   Service Binary Path = C:\WINDOWS\system32\spoolsv.exe   Binary Size = 57856   Binary MD5 = da81ec57acd4cdc3d4c51cf3d409af9f   
        Service Name = srservice   Service Display Name = Järjestelmän palauttaminen -palvelu   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 2   Service Error Control = 1   Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs   Binary Size = 0   Binary MD5 =    
        Service Name = SSDPSRV   Service Display Name = SSDP-palvelu (Simple Service Discovery Protocol)   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 3   Service Error Control = 1   Service Binary Path = C:\WINDOWS\System32\svchost.exe -k LocalService   Binary Size = 0   Binary MD5 =    
        Service Name = stisvc   Service Display Name = WIA (Windows Image Acquisition)   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 2   Service Error Control = 1   Service Binary Path = C:\WINDOWS\System32\svchost.exe -k imgsvc   Binary Size = 0   Binary MD5 =    
        Service Name = TapiSrv   Service Display Name = Puhelin   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 3   Service Error Control = 1   Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs   Binary Size = 0   Binary MD5 =    
        Service Name = TermService   Service Display Name = Päätepalvelut   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 3   Service Error Control = 1   Service Binary Path = C:\WINDOWS\System32\svchost -k DComLaunch   Binary Size = 0   Binary MD5 =    
        Service Name = Themes   Service Display Name = Teemat   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 2   Service Error Control = 1   Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs   Binary Size = 0   Binary MD5 =    
        Service Name = TrkWks   Service Display Name = Tiedostolinkkijäljityksen asiakas   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 2   Service Error Control = 1   Service Binary Path = C:\WINDOWS\system32\svchost.exe -k netsvcs   Binary Size = 0   Binary MD5 =    
        Service Name = UMWdf   Service Display Name = Windows User Mode Driver Framework   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 16   Service Start Type = 2   Service Error Control = 1   Service Binary Path = C:\WINDOWS\system32\wdfmgr.exe   Binary Size = 38912   Binary MD5 = ab0a7ca90d9e3d6a193905dc1715ded0   
        Service Name = usnsvc   Service Display Name = Messengerin jaettavien kansioiden USN-muutoslokin lukupalvelu   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 16   Service Start Type = 3   Service Error Control = 1   Service Binary Path = C:\WINDOWS\system32\svchost.exe -k usnsvc   Binary Size = 0   Binary MD5 =    
        Service Name = W32Time   Service Display Name = Windows Time   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 2   Service Error Control = 1   Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs   Binary Size = 0   Binary MD5 =    
        Service Name = WebClient   Service Display Name = WebClient   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 2   Service Error Control = 1   Service Binary Path = C:\WINDOWS\System32\svchost.exe -k LocalService   Binary Size = 0   Binary MD5 =    
        Service Name = winmgmt   Service Display Name = WMI-palvelu (Windows Management Instrumentation)   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 2   Service Error Control = 0   Service Binary Path = C:\WINDOWS\system32\svchost.exe -k netsvcs   Binary Size = 0   Binary MD5 =    
        Service Name = wuauserv   Service Display Name = Automaattiset päivitykset   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 2   Service Error Control = 1   Service Binary Path = C:\WINDOWS\system32\svchost.exe -k netsvcs   Binary Size = 0   Binary MD5 =    
        #############################WINLOGON DATA#############################

        Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain    Filepath = C:\WINDOWS\system32\crypt32.dll    File Size = 599040    File MD5 = 3a0fabbee8831842ab67ee3006abf2ec   
        Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet    Filepath = C:\WINDOWS\system32\cryptnet.dll    File Size = 63488    File MD5 = 4d6369888f1ff00f6514bcd06789e0bd   
        Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll    Filepath = C:\WINDOWS\system32\cscdll.dll    File Size = 102400    File MD5 = 5e4a1a97eeb1299d60062a23f50731e8   
        Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp    Filepath = C:\WINDOWS\system32\wlnotify.dll    File Size = 92672    File MD5 = de9679c0d533b41ea58b21aaf8831679   
        Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule    Filepath = C:\WINDOWS\system32\wlnotify.dll    File Size = 92672    File MD5 = de9679c0d533b41ea58b21aaf8831679   
        Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy    Filepath = C:\WINDOWS\system32\sclgntfy.dll    File Size = 21504    File MD5 = e39fff1ae1d9134b9d5c34cce87d2039   
        Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn    Filepath = C:\WINDOWS\system32\WlNotify.dll    File Size = 92672    File MD5 = de9679c0d533b41ea58b21aaf8831679   
        Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv    Filepath = C:\WINDOWS\system32\wlnotify.dll    File Size = 92672    File MD5 = de9679c0d533b41ea58b21aaf8831679   
        Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wingko32    Filepath =     File Size = 92672    File MD5 = de9679c0d533b41ea58b21aaf8831679   
        Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon    Filepath = C:\WINDOWS\system32\wlnotify.dll    File Size = 92672    File MD5 = de9679c0d533b41ea58b21aaf8831679   
        Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\yabya    Filepath = C:\WINDOWS\system32\yabya.dll    File Size = 276532    File MD5 = fe8180576cfbc0fd994335f2eac74ee9   
        ##########################BROWSER ADD-ON DATA##########################

        CLSID = {2318C2B1-4965-11d4-9B18-009027A5CD4F}   FilePath = c:\program files\google\googletoolbar3.dll   File Size = 2108480   File MD5 = 4cb9cc5e19f70337bfe200a4dad58025   Description = 0
        CLSID = {EF99BD32-C1FB-11D2-892F-0090271D4F88}   FilePath = C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll   File Size = 343112   File MD5 = 5e2f2db01f934243b74440f534880d19   Description = 0
        CLSID = {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}   FilePath = C:\Program Files\Windows Live Toolbar\msntb.dll   File Size = 544032   File MD5 = d638afc241fcc42d15886cd26a3f1461   Description = 0
        CLSID = {74DD705D-6834-439C-A735-A6DBE2677452}   FilePath = C:\Program Files\VSAdd-in\VSAdd-in.dll   File Size = 68864   File MD5 = 77dec505a2d0f6efc2dd5c2f1e8a5cd2   Description = 0

        CLSID = {36EAA060-9A43-4F68-A191-AFE7E8CD79C0}   FilePath = C:\Program Files\NetClickup\Lukutulkki\Lutu.dll   File Size = 217088   File MD5 = 346201d8d96941e183489d0114a8d1e3   
        CLSID = {4D5C8C25-D075-11d0-B416-00C04FB90376}   FilePath = C:\WINDOWS\System32\shdocvw.dll   File Size = 1493504   File MD5 = 740cf70c9041589ea4dfa2d2ca338702   

        CLSID = {32683183-48a0-441b-a342-7c2a440a9478}   FilePath =    File Size = 0   File MD5 =    

        CLSID = {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}   FilePath = D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll   File Size = 63128   File MD5 = f17b2b264072b921fc66a0be16626bab   
        CLSID = {0EEDB912-C5FA-486F-8334-57288578C627}   FilePath = d:\Program Files\Shareaza\Plugins\RazaWebHook.dll   File Size = 0   File MD5 =    
        CLSID = {35F7813A-AF74-4474-B1DC-7EE6FB6C43C6}   FilePath = C:\WINDOWS\system32\iyygdanw.dll   File Size = 42516   File MD5 = e35064a0c437d56cf957e6c917982781   
        CLSID = {3F5B41AE-24C0-468A-8D1B-E820831A7C68}   FilePath = C:\WINDOWS\system32\yabya.dll   File Size = 276532   File MD5 = fe8180576cfbc0fd994335f2eac74ee9   
        CLSID = {45AD732C-2CE2-4666-B366-B2214AD57A49}   FilePath = D:\Program Files\Desktop Sidebar\sbhelp.dll   File Size = 233472   File MD5 = 45545aa56620007f54c00a583643c9e1   
        CLSID = {46A4E9D9-B30E-452A-8157-DBBEC8573B03}   FilePath = C:\Program Files\VSAdd-in\VSAdd-in.dll   File Size = 68864   File MD5 = 77dec505a2d0f6efc2dd5c2f1e8a5cd2   
        CLSID = {53707962-6F74-2D53-2644-206D7942484F}   FilePath = D:\PROGRA~1\SPYBOT~1\SDHelper.dll   File Size = 744960   File MD5 = abf5ba518c6a5ed104496ff42d19ad88   
        CLSID = {7411F8BA-29A3-3216-9DE7-024AC0AAB9F6}   FilePath = C:\WINDOWS\system32\viyjhai.dll   File Size = 71680   File MD5 = bbc4c45aa921116b01785d2a64386a38   
        CLSID = {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}   FilePath = C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll   File Size = 184423   File MD5 = f01726f7ca8538fdd4663c9db8feaedc   
        CLSID = {9030D464-4C02-4ABF-8ECC-5164760863C6}   FilePath = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll   File Size = 323904   File MD5 = 4d834364b09155778a3330a67ebd4621   
        CLSID = {AA58ED58-01DD-4d91-8333-CF10577473F7}   FilePath = c:\program files\google\googletoolbar3.dll   File Size = 2108480   File MD5 = 4cb9cc5e19f70337bfe200a4dad58025   
        CLSID = {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}   FilePath = C:\Program Files\Windows Live Toolbar\msntb.dll   File Size = 544032   File MD5 = d638afc241fcc42d15886cd26a3f1461   
        ##########################LSP CHAIN DATA##########################

        Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001    Filepath = C:\WINDOWS\system32\mswsock.dll    File Size = 246784    File MD5 = 5981be8b1c04a740662d088a82e11f4a   
        Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002    Filepath = C:\WINDOWS\system32\mswsock.dll    File Size = 246784    File MD5 = 5981be8b1c04a740662d088a82e11f4a   
        Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003    Filepath = C:\WINDOWS\system32\mswsock.dll    File Size = 246784    File MD5 = 5981be8b1c04a740662d088a82e11f4a   
        Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000004    Filepath = C:\WINDOWS\system32\rsvpsp.dll    File Size = 90112    File MD5 = 3b13fbeae31f4fdd6a862c9b2d4c47f3   
        Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000005    Filepath = C:\WINDOWS\system32\rsvpsp.dll    File Size = 90112    File MD5 = 3b13fbeae31f4fdd6a862c9b2d4c47f3   
        Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000006    Filepath = C:\WINDOWS\system32\mswsock.dll    File Size = 246784    File MD5 = 5981be8b1c04a740662d088a82e11f4a   
        Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000007    Filepath = C:\WINDOWS\system32\mswsock.dll    File Size = 246784    File MD5 = 5981be8b1c04a740662d088a82e11f4a   
        Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000008    Filepath = C:\WINDOWS\system32\mswsock.dll    File Size = 246784    File MD5 = 5981be8b1c04a740662d088a82e11f4a   
        Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000009    Filepath = C:\WINDOWS\system32\mswsock.dll    File Size = 246784    File MD5 = 5981be8b1c04a740662d088a82e11f4a   
        Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000010    Filepath = C:\WINDOWS\system32\mswsock.dll    File Size = 246784    File MD5 = 5981be8b1c04a740662d088a82e11f4a   
        Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000011    Filepath = C:\WINDOWS\system32\mswsock.dll    File Size = 246784    File MD5 = 5981be8b1c04a740662d088a82e11f4a   
        Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000012    Filepath = C:\WINDOWS\system32\mswsock.dll    File Size = 246784    File MD5 = 5981be8b1c04a740662d088a82e11f4a   
        Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000013    Filepath = C:\WINDOWS\system32\mswsock.dll    File Size = 246784    File MD5 = 5981be8b1c04a740662d088a82e11f4a   
        Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000014    Filepath = C:\WINDOWS\system32\mswsock.dll    File Size = 246784    File MD5 = 5981be8b1c04a740662d088a82e11f4a   
        Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000015    Filepath = C:\WINDOWS\system32\mswsock.dll    File Size = 246784    File MD5 = 5981be8b1c04a740662d088a82e11f4a   
        Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000016    Filepath = C:\WINDOWS\system32\mswsock.dll    File Size = 246784    File MD5 = 5981be8b1c04a740662d088a82e11f4a   
        Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000017    Filepath = C:\WINDOWS\system32\mswsock.dll    File Size = 246784    File MD5 = 5981be8b1c04a740662d088a82e11f4a   


    • esko

      mun pitää hakea kaveri tekee tämä en ole mikään hyvä näissä asioissa,,eli oottele,,

      • ----

        SpywareTerminatoria ei kannata käyttää.


      • esko

        ei löydy tätä,,logia!!findlop.txt
        jt ei tunnistettu sisäiseksi tai ulkoiseksi komennoksi,suoritettavaksi ohjelmaksi tai komentojonotiedojsi..

        Pura työpöydälle ja tuplaklikkaa findlop.bat
        Logi löytyy tuolta C:\findlop.txt !!

        entä nyt


      • fix it
        esko kirjoitti:

        ei löydy tätä,,logia!!findlop.txt
        jt ei tunnistettu sisäiseksi tai ulkoiseksi komennoksi,suoritettavaksi ohjelmaksi tai komentojonotiedojsi..

        Pura työpöydälle ja tuplaklikkaa findlop.bat
        Logi löytyy tuolta C:\findlop.txt !!

        entä nyt

        Suorita nuo muut jutut ja lähetä niiden logit niin katotaan sit myöhemmin tuo findlop.


    Ketjusta on poistettu 0 sääntöjenvastaista viestiä.

    Luetuimmat keskustelut

    1. Hoitajalakko peruuntuu, tilalle joukkoirtisanoutumiset

      "Tehyn ja Superin hallitukset kokoontuivat tänään toteamaan, että tilanne edellyttää järeämpiä työtaistelutoimia." https://www.hs.fi/politiikka/art-2
      Maailman menoa
      739
      9126
    2. Johan tuli oikea aivopieru Britti Lordilta

      Emeritusprofessori Lordi Robert Skidelsky sanoi Suomen rikkovan YYA sopimusta joka on tehty Neuvostoliiton kanssaa 1948. Mitä pir
      Maailman menoa
      373
      7846
    3. Tehyn Rytkösellä tallessa tekstiviestit A-studiokohussa

      https://www.mtvuutiset.fi/artikkeli/a-studiosta-kohu-tehyn-rytkosen-mukaan-ministeri-linden-sai-paattaa-osallistujat-ohjelma-kiistaa-vaitteen/8407068
      Maailman menoa
      160
      5503
    4. William ja Sonja Aiello ERO

      Hyvä Sonja! Nyt etsit uudet kaverit ja jätät nuo huume- ja rahanpesu porukat haisemaan taaksesi!
      Kotimaiset julkkisjuorut
      54
      2316
    5. Oho! Seurapiirikaunotar, ex-missi Sabina Särkkä yllättää tällä harvinaisella kyvyllä: "Mulla on..."

      Sabina Särkkä on nähty monissa tv-reality-sarjoissa. Mutta tiesitkö, että Särkällä on valokuvamuisti? https://www.suomi24.fi/viihde/oho-seurapiirikaun
      Kotimaiset julkkisjuorut
      6
      2076
    6. Se siitä sitten

      Kirjoitan tänne kun en sulle voi. En vaivaa sua enää koskaan. En ikinä tarkoittanut olla ahdistava tai takertuva. Tunteet heräsi enkä osannut olla tyy
      Ikävä
      82
      1717
    7. Ohhoh! Rita Niemi-Manninen otti ison tatuoinnin - Herätti somekansan: "Täydellinen paikka!"

      Rita Niemi-Mannisen suuri, uusi tatuointi on saanut somekansan heräämään talvihorroksesta. Niemi-Manninen otti tatskan rakkauslomalla Aki-miehensä kan
      Kotimaiset julkkisjuorut
      19
      1659
    8. Ihastumisesta kertominen

      Olen päättänyt kertoa tunteistani ihastukseni kohteelle. Erityisen vaikeaksi tilanteeni tekee se, että kyseessä on ns. kielletty rakkaus. Olen jo toi
      Ihastuminen
      92
      1396
    9. Taas Venäjän tiedoittaja akka Varoitti Suomea ja Ruotsia liittymästä Natoon

      Juuri sopivasti julkaistu varoitus, kun Suomen eduskunta alkaa klo 13:50 käsitellä asiaa suorassa TV 1:n lähetyksessä. ILtasanomat.
      Maailman menoa
      439
      1332
    10. Stefusika räkättää

      kun on viikon ollut kuivilla ja poliisi puhalluttaa just silloin. Muutoin olis jääny kiinni. Ja sekös sikamiestä hirnuttaa. Ällö ukko ja vielä ällömmä
      Kotimaiset julkkisjuorut
      80
      1199
    Aihe