Hujo-kiltti, jos olet täällä juuri nyt, voisitko auttaa nyt heti. Olen ihan pulassa. Koneeni ei löydä enää cd/dvd asemaa, en saa sitä lainkaan näkyviin. KOne on toiminut tosi oudosti monta päivää. Pari windows päivitystä on välistä lataamatta, yritin päivittää ne että jos ongelmat johtuu siitä. Päivityksessä tuli virhe koodi 80246001 http://technet.microsoft.com/en-us/library/cc720442.aspx A download manager operation could not be completed because the requested file does not have a URL. Kun laitan cd:n/dvd:n sisään, yleensä avaan tiedoston klikkaamalla "tietokone" ja siitä valitsen cd-aseman, tai ohjelma yleensä avaa itse dvd:n ja sen sisällön selausta varten. Nyt ei tapahdu mitään. Kun klikkaan työpöydän pikakuvaketta CD-asema, tulee herja "Asema tai verkkoyhteys, johon pikakuvake "CD-asema - pikakuvake.ink" viittaa, ei ole käytettävissä. Varmista, että levyke on asetettu asemaan tai verkkoyhteys on käytettävissä, ja yritä uudelleen" Tällaista vikaa ei ole koskaan ennen ollut. Tein äsken taas epätoivoisen yrityksen palaamalla pisteeseen 1.3.09. Tämä piste luotiin combofix-toimien yhtyedessä jotka tein ohjauksessasi mutta ei sekään tähän ongelmaan auta. ao.ketjuista näkee miten kone käyttäytynyt viime aikoina http://keskustelu.afterdawn.com/thread_view.cfm/753515 http://keskustelu.afterdawn.com/thread_view.cfm/753622 http://keskustelu.afterdawn.com/thread_view.cfm/752965 http://keskustelu.afterdawn.com/thread_view.cfm/753047 Mitä neuvoisit tässä tilanteessa tekemään? Olen saanut ohjeita sieltä sun täältä, mutta alkaa näyttää siltä etten hallitse enää tätä. Ohjelmien ajot ja poistot, keskytykset ja uudellen käynnitykset ja palautuspisteiden käyttö on tainneet vaurioittaa joitain perusteellisesti? EN oikeasti haluaisi enää tulla sua vaivaamaan, mutta kun sä olet ainoa jonka puoleen nyt osaan kääntyä ja sä oot täällä lähes aina. Voitko vielä kerran yrittää tässä asiassa? En ole täällä huvikseni vaan nyt on tosi hätä. Työt jää kohta tekemättä. Eilen ajetussa RSIT:ssä oliu tällaista: Koodin aitouden tarkistustoiminto määritti, että tiedoston näköistiedoston hajautusarvo ei ole kelvollinen. Tiedosto voi olla vaurioitunut luvattomien muutosten vuoksi, tai levylaite voi olla viallinen. Tiedostonimi: \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys ja Message: Sisältölähdettä <mapi://{s-1-5-21-1110212224-4022218785-2376424616-1003}/> ei voi käyttää. Palvelimessa on tapahtunut virhe. Tarkista, että palvelin on käytettävissä. Source Name: Microsoft-Windows-Search
Taitaa tulla visva vista uudelleen asennus vaiheeseen. =============== * Lataa random's system information tool (RSIT) by random/random random ja tallenna se työpöydälle * Tuplaklikkaa RSIT.exeä ajaaksesi RSITin. * Klikkaa Continue. * Kun RSIT on valmis, kaksi lokia avautuu muistioon. Lähetä sekä log.txt:n (<-avautuu suurennettuna) että info.txt:n (<-avautuu pienennettynä) sisältö seuraavassa viestissäsi.
Huh, kuinkahan monimutakinen se vistan uudelleen ajo on, mulla ei ole mitään asennuslevyjä, voiko sen ladata netistä? RSIT teki eilen kaksi logia niinkuin pitääkin, mutta tänään tää ei enää suostu sitä info-lokia tekemään lainkaan. Laitan sulle nyt tähän tänään tehdyn RSITlogin ja eilisen RSIT-infolistan. Jos ei nää riitä niin lataan RSITn uudelleen ja yritän ajaa koko ohjelman uudelleen. Olen yrittänyt monta kertaa, mutta tänään se tekee vain yhden login. Ajoin Malwarebytesin tänään, se oli puhdas. TÄSSÄ TÄNÄÄN AJETTU RSIT-LOKI Logfile of random's system information tool 1.05 (written by random/random) Run by xxx at 2009-03-05 13:36:45 Microsoft® Windows Vista™ Home Premium Service Pack 1 System drive C: has 37 GB (51%) free of 71 GB Total RAM: 1789 MB (49% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:36, on 2009-03-05 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Windows\ehome\ehtray.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Windows\ehome\ehmsas.exe C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe C:\Windows\Samsung\PanelMgr\SSMMgr.exe C:\Program Files\Launch Manager\LManager.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\Windows Defender\msascui.exe C:\Users\xxx\Desktop\INSTALLAATItIEDOSTOT\RSIT, varo.exe C:\Program Files\Trend Micro\HijackThis\xxx.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/webhp?sourceid=navclient&hl=fi&ie=UTF-8 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fi.intl.acer.yahoo.com R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file) O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe" O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [Skytel] Skytel.exe O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKCU\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe O4 - HKCU\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe O4 - HKCU\..\Run: [PLFSet] rundll32.exe C:\Windows\PLFSet.dll,PLFDefSetting O4 - HKCU\..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun O4 - HKCU\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe O4 - HKCU\..\Run: [RemoteControl] C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe O4 - HKCU\..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: V&ie Microsoft Exceliin - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O10 - Broken Internet access because of LSP provider 'c:\program files\bonjour\mdnsnsp.dll' missing O13 - Gopher Prefix: O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll O16 - DPF: {3B36B017-7E49-426B-95B0-B5CECD83C2E2} (IfolorUploader Control) - http://fika-web.ifolor.net/OrderingGeneral/LowRes/app_support/ActiveX/IfolorUploader_fika.cab O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: eNetHook.dll O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Oz128 Driver\o2flash.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 9863 bytes ======Scheduled tasks folder====== C:\Windows\tasks\AWC Startup.job C:\Windows\tasks\SmartDefrag.job C:\Windows\tasks\User_Feed_Synchronization-{B397B829-38DC-4F82-9C9F-DDC46218E88F}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}] Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2007-12-07 1377576] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}] RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2009-02-08 304736] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}] ShowBarObj Class - C:\Windows\system32\ActiveToolBand.dll [2007-04-12 299008] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-01-16 251504] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}] Adobe PDF Conversion Toolbar Helper - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-22 321120] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [2009-02-13 657904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}] Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll [2009-01-16 522224] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Windows\system32\eDStoolbar.dll [2007-04-12 151552] {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-22 321120] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-01-16 251504] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2009-02-08 185872] "avast!"=C:\Program Files\Alwil Software\Avast4\ashDisp.exe [2009-02-05 81000] "StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-02-03 61440] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952] "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-02-05 81000] "Skytel"=C:\Windows\Skytel.exe [2007-04-14 1822720] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-19 1233920] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-10-07 815104] "eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2007-04-12 457728] "WarReg_PopUp"=C:\Acer\WR_PopUp\WarReg_PopUp.exe [2006-11-05 57344] "PLFSet"=C:\Windows\PLFSet.dll [2007-04-25 45056] "Samsung PanelMgr"=C:\Windows\Samsung\PanelMgr\SSMMgr.exe [2006-12-14 520192] "LManager"=C:\PROGRA~1\LAUNCH~1\LManager.exe [2007-04-04 813840] "RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2007-03-14 71216] "LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2007-02-07 54832] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-02-13 39408] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLS"="eNetHook.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon] C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2008-12-22 356352] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSEXESVC] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PSEXESVC] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdauxservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdcoreservice] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "LogonHoursAction"=2 "DontDisplayLogonHoursWarnings"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDrives"=0 "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDrives"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] ======List of files/folders created in the last 2 months====== 2009-03-04 20:41:46 ----D---- C:\rsit 2009-03-02 14:26:45 ----RHD---- C:\AHCache 2009-03-02 13:58:37 ----D---- C:\ProgramData\DriverScanner 2009-03-02 13:57:33 ----HDC---- C:\ProgramData\{D5ABFFAD-D592-4F98-B02B-587125B4801F} 2009-03-02 13:42:58 ----D---- C:\Users\xxx\AppData\Roaming\Uniblue 2009-03-02 13:42:50 ----D---- C:\Program Files\Uniblue 2009-03-01 10:29:53 ----D---- C:\ComboFix 2009-03-01 10:29:53 ----A---- C:\Windows\system32\CF13474.exe 2009-03-01 10:29:07 ----A---- C:\Windows\system32\CF13281.exe 2009-03-01 10:28:55 ----A---- C:\Windows\system32\swsc.exe 2009-02-28 19:57:44 ----A---- C:\Windows\zip.exe 2009-02-28 19:57:44 ----A---- C:\Windows\VFIND.exe 2009-02-28 19:57:44 ----A---- C:\Windows\SWXCACLS.exe 2009-02-28 19:57:44 ----A---- C:\Windows\SWSC.exe 2009-02-28 19:57:44 ----A---- C:\Windows\SWREG.exe 2009-02-28 19:57:44 ----A---- C:\Windows\sed.exe 2009-02-28 19:57:44 ----A---- C:\Windows\NIRCMD.exe 2009-02-28 19:57:44 ----A---- C:\Windows\grep.exe 2009-02-28 19:57:44 ----A---- C:\Windows\fdsv.exe 2009-02-28 19:30:17 ----D---- C:\Windows\ERDNT 2009-02-28 19:30:17 ----D---- C:\Qoobox 2009-02-27 22:03:04 ----D---- C:\ProgramData\Spybot - Search & Destroy 2009-02-27 22:03:04 ----D---- C:\Program Files\Spybot - Search & Destroy 2009-02-23 17:33:49 ----D---- C:\Program Files\SUPERAntiSpyware 2009-02-23 17:33:00 ----D---- C:\Program Files\Common Files\Wise Installation Wizard 2009-02-22 20:51:32 ----D---- C:\ProgramData\ATI 2009-02-22 20:39:20 ----A---- C:\Windows\system32\Oemdspif.dll 2009-02-22 20:39:19 ----A---- C:\Windows\system32\atioglxx.dll 2009-02-22 20:39:18 ----A---- C:\Windows\system32\atimuixx.dll 2009-02-22 20:39:18 ----A---- C:\Windows\system32\ATIDEMGX.dll 2009-02-22 20:39:18 ----A---- C:\Windows\system32\aticalrt.dll 2009-02-22 20:39:18 ----A---- C:\Windows\system32\aticaldd.dll 2009-02-22 20:39:18 ----A---- C:\Windows\system32\aticalcl.dll 2009-02-22 20:39:18 ----A---- C:\Windows\system32\atiadlxx.dll 2009-02-22 20:39:17 ----A---- C:\Windows\system32\amdpcom32.dll 2009-02-22 20:36:33 ----D---- C:\ATI 2009-02-22 16:06:36 ----D---- C:\Program Files\Spyware Doctor 2009-02-21 22:54:12 ----D---- C:\Users\xxx\AppData\Roaming\PeerNetworking 2009-02-21 12:28:53 ----HD---- C:\ProgramData\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185} 2009-02-20 19:38:22 ----D---- C:\ProgramData\avg8 2009-02-20 17:38:30 ----A---- C:\Windows\system32\aswBoot.exe 2009-02-20 14:06:36 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2009-02-19 14:34:23 ----D---- C:\Program Files\Lavalys 2009-02-19 14:27:15 ----D---- C:\Windows\Internet Logs 2009-02-19 00:25:15 ----D---- C:\Users\xxx\AppData\Roaming\PC Tools 2009-02-16 19:02:32 ----D---- C:\Program Files\Trend Micro 2009-02-16 17:05:27 ----D---- C:\Users\xxx\AppData\Roaming\Malwarebytes 2009-02-16 17:05:21 ----D---- C:\ProgramData\Malwarebytes 2009-02-16 15:56:57 ----D---- C:\ProgramData\SUPERAntiSpyware.com 2009-02-16 15:56:19 ----D---- C:\Users\xxx\AppData\Roaming\SUPERAntiSpyware.com 2009-02-16 14:56:01 ----D---- C:\Users\xxx\AppData\Roaming\IObit 2009-02-16 01:25:57 ----A---- C:\Windows\system32\EncDec.dll 2009-02-16 01:25:53 ----A---- C:\Windows\system32\psisdecd.dll 2009-02-11 22:02:14 ----A---- C:\Windows\system32\mshtml.dll 2009-02-11 22:02:12 ----A---- C:\Windows\system32\ieframe.dll 2009-02-11 22:02:10 ----A---- C:\Windows\system32\urlmon.dll 2009-02-11 22:02:09 ----A---- C:\Windows\system32\wininet.dll 2009-02-11 22:02:09 ----A---- C:\Windows\system32\msfeeds.dll 2009-02-11 22:02:08 ----A---- C:\Windows\system32\mstime.dll 2009-02-11 22:02:07 ----A---- C:\Windows\system32\iertutil.dll 2009-02-11 22:02:06 ----A---- C:\Windows\system32\jsproxy.dll 2009-02-08 19:52:17 ----A---- C:\Windows\cdplayer.ini 2009-02-08 19:43:02 ----D---- C:\Program Files\Common Files\xing shared 2009-02-08 19:42:55 ----A---- C:\Windows\system32\rmoc3260.dll 2009-02-08 19:42:49 ----A---- C:\Windows\system32\pndx5032.dll 2009-02-08 19:42:49 ----A---- C:\Windows\system32\pndx5016.dll 2009-02-08 19:42:47 ----D---- C:\Program Files\Real 2009-02-08 19:42:47 ----A---- C:\Windows\system32\pncrt.dll 2009-02-06 22:34:41 ----D---- C:\Users\xxx\AppData\Roaming\Talkback 2009-02-06 22:34:13 ----D---- C:\Users\xxx\AppData\Roaming\Mozilla 2009-02-06 22:34:04 ----D---- C:\Program Files\Mozilla Firefox 2009-02-06 22:33:57 ----D---- C:\ProgramData\Mozilla ======List of files/folders modified in the last 2 months====== 2009-03-05 13:36:36 ----D---- C:\Windows\Temp 2009-03-05 13:31:30 ----D---- C:\Windows\Prefetch 2009-03-05 12:28:18 ----D---- C:\Windows\Microsoft.NET 2009-03-05 12:27:45 ----RSD---- C:\Windows\assembly 2009-03-05 11:45:08 ----SHD---- C:\System Volume Information 2009-03-05 11:42:21 ----SHD---- C:\Windows\Installer 2009-03-05 11:40:19 ----AD---- C:\Windows\System32 2009-03-05 11:40:19 ----A---- C:\Windows\system32\PerfStringBackup.INI 2009-03-05 11:40:18 ----D---- C:\Windows\inf 2009-03-05 11:38:54 ----D---- C:\Program Files\Microsoft SQL Server 2009-03-05 11:38:21 ----D---- C:\Windows\registration 2009-03-05 11:19:21 ----D---- C:\Windows\system32\catroot2 2009-03-05 11:18:10 ----D---- C:\Windows\system32\Msdtc 2009-03-05 11:18:07 ----D---- C:\Windows\system32\wbem 2009-03-05 11:18:07 ----AD---- C:\Windows 2009-03-05 11:13:29 ----D---- C:\Windows\system32\config 2009-03-05 11:12:57 ----D---- C:\Windows\winsxs 2009-03-05 11:12:56 ----D---- C:\Windows\Tasks 2009-03-05 11:12:56 ----D---- C:\Windows\system32\Tasks 2009-03-05 11:12:56 ----D---- C:\Windows\system32\spool 2009-03-05 11:12:56 ----D---- C:\Windows\system32\fi-FI 2009-03-05 11:12:56 ----D---- C:\Windows\system32\CodeIntegrity 2009-03-05 11:12:56 ----AD---- C:\Windows\system32\drivers 2009-03-05 11:12:42 ----HD---- C:\ProgramData 2009-03-05 11:12:42 ----D---- C:\ProgramData\FLEXnet 2009-03-05 11:12:40 ----RD---- C:\Program Files 2009-03-05 11:05:48 ----D---- C:\Users\xxx\AppData\Roaming\Adobe 2009-03-03 16:05:11 ----D---- C:\Program Files\Common Files 2009-03-03 16:05:11 ----AD---- C:\ProgramData\TEMP 2009-03-02 14:40:20 ----D---- C:\Windows\system32\catroot 2009-03-02 13:46:15 ----D---- C:\Windows\system32\LogFiles 2009-03-01 10:33:00 ----D---- C:\Windows\AppPatch 2009-03-01 10:23:09 ----D---- C:\Windows\system32\WDI 2009-03-01 10:21:33 ----D---- C:\Program Files\Microsoft Silverlight 2009-02-28 22:39:57 ----HD---- C:\Windows\system32\GroupPolicyUsers 2009-02-28 22:39:56 ----HD---- C:\Windows\system32\GroupPolicy 2009-02-28 20:01:00 ----A---- C:\Windows\system.ini 2009-02-28 20:00:51 ----AD---- C:\Program Files\AMV Converter 2009-02-28 12:03:17 ----D---- C:\ProgramData\Apple Computer 2009-02-28 12:02:52 ----DC---- C:\Windows\system32\DRVSTORE 2009-02-28 11:18:05 ----D---- C:\Program Files\IObit 2009-02-28 11:12:00 ----SD---- C:\Windows\Downloaded Program Files 2009-02-28 10:46:19 ----D---- C:\ProgramData\Lavasoft 2009-02-23 08:57:34 ----D---- C:\Program Files\ATI 2009-02-22 20:45:56 ----D---- C:\Program Files\ATI Technologies 2009-02-20 16:22:55 ----SD---- C:\ProgramData\Microsoft 2009-02-20 16:22:49 ----SD---- C:\Users\xxx\AppData\Roaming\Microsoft 2009-02-19 17:36:01 ----D---- C:\Program Files\Common Files\Apple 2009-02-19 17:30:38 ----D---- C:\Users\xxx\AppData\Roaming\Yahoo! 2009-02-19 17:30:38 ----D---- C:\ProgramData\Yahoo! 2009-02-19 17:30:26 ----D---- C:\Program Files\Yahoo! 2009-02-19 17:18:19 ----D---- C:\Program Files\QuickTime 2009-02-16 09:12:31 ----D---- C:\Windows\ehome 2009-02-13 22:44:37 ----D---- C:\Windows\Debug 2009-02-13 14:10:14 ----D---- C:\Program Files\Google 2009-02-12 09:52:55 ----D---- C:\ProgramData\Microsoft Help 2009-02-12 09:51:28 ----D---- C:\Program Files\Windows Mail 2009-02-08 19:43:10 ----D---- C:\Users\xxx\AppData\Roaming\Real 2009-02-08 19:42:57 ----D---- C:\Program Files\Common Files\Real 2009-02-07 12:57:54 ----A---- C:\Windows\win.ini 2009-02-07 12:55:45 ----D---- C:\Program Files\Common Files\microsoft shared 2009-02-04 07:00:36 ----A---- C:\Windows\system32\atitmmxx.dll 2009-02-04 07:00:24 ----A---- C:\Windows\system32\atipdlxx.dll 2009-02-04 07:00:01 ----A---- C:\Windows\system32\ati2edxx.dll 2009-02-04 06:59:50 ----A---- C:\Windows\system32\Ati2evxx.dll 2009-02-04 06:58:34 ----A---- C:\Windows\system32\Ati2evxx.exe 2009-02-04 06:43:06 ----A---- C:\Windows\system32\atiumdag.dll 2009-02-04 06:22:03 ----A---- C:\Windows\system32\atiumdva.dll 2009-02-04 01:21:12 ----A---- C:\Windows\system32\mrt.exe 2009-01-26 18:38:48 ----D---- C:\Windows\system32\Macromed 2009-01-16 21:16:10 ----D---- C:\ProgramData\Google 2009-01-07 16:49:21 ----D---- C:\Users\xxx\AppData\Roaming\Skype 2009-01-07 16:09:26 ----D---- C:\Users\xxx\AppData\Roaming\skypePM ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-02-05 23152] R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-02-05 114768] R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-02-05 51376] R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2009-01-15 8944] R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys [2009-01-15 55024] R2 {95808DC4-FA4A-4c74-92FE-5B863F82066B};{95808DC4-FA4A-4c74-92FE-5B863F82066B}; \??\C:\Program Files\CyberLink\PowerDVD\000.fcl [2006-11-02 13560] R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560] R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-02-05 51792] R2 int15;int15; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys [2006-12-07 76584] R2 irda;IrDA Protocol; C:\Windows\system32\DRIVERS\irda.sys [2008-01-19 95744] R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-20 12672] R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2006-12-08 5120] R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2006-08-05 8192] R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-02-04 4303360] R3 BCM43XX;Broadcom 802.11 -verkkosovittimen ohjain; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-12-19 534016] R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208] R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2006-11-03 21264] R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2006-11-09 986624] R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2006-11-09 206848] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-04-24 1769952] R3 NSCIRDA;NSC-infrapunalaiteohjain; C:\Windows\system32\DRIVERS\nscirda.sys [2008-01-19 30720] R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2007-06-15 6144] R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2007-06-12 1729152] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2006-10-07 179256] R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2006-11-09 659968] R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-19 11264] R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2007-12-06 298496] S2 DgiVecp;DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [2006-12-08 41984] S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2006-11-02 467456] S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-12-19 534016] S3 catchme;catchme; \??\C:\ComboFix\catchme.sys [] S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632] S3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [] S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520] S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704] S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-10-19 1380864] S3 IKFileSec;File Security Driver; C:\Windows\system32\drivers\ikfilesec.sys [2008-08-25 40840] S3 IKSysFlt;System Filter Driver; C:\Windows\system32\drivers\iksysflt.sys [2008-08-25 66952] S3 IKSysSec;System Security Driver; C:\Windows\system32\drivers\iksyssec.sys [2008-08-25 81288] S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192] S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888] S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016] S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\nmwcd.sys [2007-06-28 137216] S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\nmwcdc.sys [2007-06-28 8320] S3 nmwcdcj;Nokia USB Port; C:\Windows\system32\drivers\nmwcdcj.sys [2007-06-28 12288] S3 nmwcdcm;Nokia USB Modem; C:\Windows\system32\drivers\nmwcdcm.sys [2007-06-28 12288] S3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2006-11-02 44544] S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS [2009-01-15 7408] S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328] S3 usbvideo;USB-videolaite (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2006-11-02 132352] S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-19 39936] S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328] S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2006-11-02 82432] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-02-05 18752] R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2009-02-04 729088] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-02-05 138680] R2 BcmSqlStartupSvc;Business Contact Managerin SQL Server -käynnistyspalvelu; C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2008-01-16 30312] R2 eDataSecurity Service;eDSService.exe; C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe [2007-04-12 457512] R2 eLockService;eLock Service; C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe [2007-03-14 24576] R2 eNet Service;eNet Service; C:\Acer\Empowering Technology\eNet\eNet Service.exe [2007-04-17 131072] R2 eRecoveryService;eRecovery Service; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [2007-07-03 53248] R2 eSettingsService;eSettings Service; C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [2007-06-28 24576] R2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2008-01-19 21504] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440] R2 MobilityService;MobilityService; C:\Acer\Mobility Center\MobilityService.exe [2006-11-24 107008] R2 o2flash;O2Micro Flash Memory Card Service; C:\Program Files\O2Micro Oz128 Driver\o2flash.exe [2007-02-13 65536] R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-04-03 272024] R2 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-11-24 239968] R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-24 87904] R2 WMIService;ePower Service; C:\Acer\Empowering Technology\ePower\ePowerSvc.exe [2007-06-13 167936] R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2006-08-05 386560] R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-02-05 254040] R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-02-05 352920] S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2007-11-08 72704] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2007-11-15 654848] S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-02-13 137200] S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2008-11-24 29263712] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 sdAuxService;PC Tools Auxiliary Service; C:\Program Files\Spyware Doctor\pctsAuxs.exe [2008-06-13 356920] S3 sdCoreService;PC Tools Security Service; C:\Program Files\Spyware Doctor\pctsSvc.exe [2008-10-09 1079176] S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2008-11-24 45408] -----------------EOF----------------- JA EILINEN INFO-LISTA info.txt logfile of random's system information tool 1.05 2009-03-04 20:42:12 ======Uninstall list====== -->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-040B-0000-0000000FF1CE} /uninstall {E2697EE8-D953-4482-8A30-D6A4D07DE5FB} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040B-0000-0000000FF1CE} /uninstall {E2697EE8-D953-4482-8A30-D6A4D07DE5FB} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040B-0000-0000000FF1CE} /uninstall {E2697EE8-D953-4482-8A30-D6A4D07DE5FB} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-040B-0000-0000000FF1CE} /uninstall {E2697EE8-D953-4482-8A30-D6A4D07DE5FB} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-040B-0000-0000000FF1CE} /uninstall {E2697EE8-D953-4482-8A30-D6A4D07DE5FB} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040B-0000-0000000FF1CE} /uninstall {E2697EE8-D953-4482-8A30-D6A4D07DE5FB} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040B-0000-0000000FF1CE} /uninstall {F14C929B-E0E6-4EB5-8BFD-FC71AAC7D39C} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-041D-0000-0000000FF1CE} /uninstall {A8626CEF-CB0A-4BC2-8F51-210A43B6158D} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040B-0000-0000000FF1CE} /uninstall {E8865B68-C2A1-4B9D-BBA7-782E8FC2E52F} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419} ABBYY FineReader 6.0 Sprint-->MsiExec.exe /I{ACF60000-22B9-4CE9-98D6-2CCF359BAC07} Acer Crystal Eye webcam-->C:\Program Files\InstallShield Installation Information\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}\setup.exe -runfromtemp -l0x000b -removeonly -u Acer Crystal Eye webcam-->C:\Program Files\InstallShield Installation Information\{AA047D7C-5E7C-4878-B75C-77589151B563}\setup.exe -runfromtemp -l0x0009 -removeonly Acer eDataSecurity Management-->C:\Acer\Empowering Technology\eDataSecurity\eDSnstHelper.exe -Operation UNINSTALL Acer eLock Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}\setup.exe" -l0x9 -removeonly Acer Empowering Technology-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB6097D9-D722-4987-BD9E-A076E2848EE2}\setup.exe" -l0xb -removeonly Acer eNet Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C06554A1-2C1E-4D20-B613-EE62C79927CC}\setup.exe" -l0x9 -removeonly Acer ePower Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{58E5844B-7CE2-413D-83D1-99294BF6C74F}\setup.exe" -l0xb -removeonly Acer ePresentation Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BF839132-BD43-4056-ACBF-4377F4A88E2A}\setup.exe" -l0x9 -removeonly Acer eSettings Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CE65A9A0-9686-45C6-9098-3C9543A412F0}\setup.exe" -l0xb -removeonly Acer Mobility Center Plug-In-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{11316260-6666-467B-AC34-183FCB5D4335}\setup.exe" -l0x9 -removeonly Acer ScreenSaver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}\setup.exe" -l0x9 -removeonly Acer Tour-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{94389919-B0AA-4882-9BE8-9F0B004ECA35}\setup.exe" -l0x9 -removeonly Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE Add or Remove Adobe Creative Suite 3 Design Premium-->C:\Program Files\Common Files\Adobe\Installers\c14ac4070fd9614ffe63f4bb533db2c\Setup.exe Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95} Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61} Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394} Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23} Adobe BridgeTalk Plugin CS3-->MsiExec.exe /I{B7F560B3-6EFF-4026-A982-843895A41149} Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C} Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C} Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E} Adobe Color Common Settings-->MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9} Adobe Color EU Extra Settings-->MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8} Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029} Adobe Color NA Recommended Settings-->MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5} Adobe Creative Suite 3 Design Premium-->MsiExec.exe /I{D1C18EDD-571A-4BDD-BE7B-1DD86027D7FF} Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D} Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD} Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2} Adobe Extension Manager CS3-->MsiExec.exe /I{BE5F3842-8309-4754-92D5-83E02E6077A3} Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 9 Plugin-->MsiExec.exe /X{88D422DB-E9C7-4E16-9D80-2999F4FD6AD9} Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B} Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245} Adobe Illustrator CS3-->MsiExec.exe /I{F08E8D2E-F132-4742-9C87-D5FF223A016A} Adobe InDesign CS2-->msiexec /I{7F4C8163-F259-49A0-A018-2857A90578BC} Adobe InDesign CS3 Icon Handler-->MsiExec.exe /I{EA7B3CC4-366D-4CF6-8350-FD7A7034116E} Adobe InDesign CS3-->MsiExec.exe /I{CB3F8375-B600-4B9F-83C9-238ED1E583FD} Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078} Adobe MotionPicture Color Files-->MsiExec.exe /I{6B708481-748A-4EB4-97C1-CD386244FF77} Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C} Adobe Photoshop CS3-->MsiExec.exe /I{0046FA01-C5B9-4985-BACB-398DC480FC05} Adobe Reader 7.0-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70000000000} Adobe Setup-->MsiExec.exe /I{09E2111C-16B1-4DDF-BF0D-F994C9A12350} Adobe SING CS3-->MsiExec.exe /I{B671CBFD-4109-4D35-9252-3062D3CCB7B2} Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183} Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312} Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8} Adobe WAS CS3-->MsiExec.exe /I{C5BD220A-EFE8-48A5-B70E-9503D535FACE} Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5} Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6} Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923} AHV content for Acrobat and Flash-->MsiExec.exe /I{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD} avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup AVN Audio Recorder 2.0-->"C:\Program Files\AVN Products\Audio Record\unins000.exe" Catalyst Control Center - Branding-->MsiExec.exe /I{D3B1C799-CB73-42DE-BA0F-2344793A095C} CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe" EPSON-tulostinohjelma-->C:\Windows\system32\spool\DRIVERS\W32X86\EPUPDATE.EXE /r e-Sword-->MsiExec.exe /I{9B5E4454-52A7-4F8F-8BBB-862E8DCA6E6D} EVEREST Ultimate Edition v4.50-->"C:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe" Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_0531C63A913CC9D1.exe" /uninstall HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Microsoft Office 2003 Web-komponentit-->MsiExec.exe /I{90A4040B-6000-11D3-8CFE-0150048383C9} Microsoft Office 2007 Primary Interop Assemblies-->MsiExec.exe /X{50120000-1105-0000-0000-0000000FF1CE} Microsoft Office Access MUI (Finnish) 2007-->MsiExec.exe /X{90120000-0015-040B-0000-0000000FF1CE} Microsoft Office Excel MUI (Finnish) 2007-->MsiExec.exe /X{90120000-0016-040B-0000-0000000FF1CE} Microsoft Office Outlook MUI (Finnish) 2007-->MsiExec.exe /X{90120000-001A-040B-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (Finnish) 2007-->MsiExec.exe /X{90120000-0018-040B-0000-0000000FF1CE} Microsoft Office Professional Hybrid 2007-->MsiExec.exe /X{91120000-0031-0000-0000-0000000FF1CE} Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (Finnish) 2007-->MsiExec.exe /X{90120000-001F-040B-0000-0000000FF1CE} Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE} Microsoft Office Proof (Swedish) 2007-->MsiExec.exe /X{90120000-001F-041D-0000-0000000FF1CE} Microsoft Office Proofing (Finnish) 2007-->MsiExec.exe /X{90120000-002C-040B-0000-0000000FF1CE} Microsoft Office Publisher MUI (Finnish) 2007-->MsiExec.exe /X{90120000-0019-040B-0000-0000000FF1CE} Microsoft Office Shared MUI (Finnish) 2007-->MsiExec.exe /X{90120000-006E-040B-0000-0000000FF1CE} Microsoft Office Small Business -yhteysosat-->MsiExec.exe /X{A939D341-5A04-4E0A-BB55-3E65B386432D} Microsoft Office Word MUI (Finnish) 2007-->MsiExec.exe /X{90120000-001B-040B-0000-0000000FF1CE} Microsoft Reader-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B6F7DBE7-2FE2-458F-A738-B10832746036}\Setup.exe" -L0x9 Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs-->MsiExec.exe /X{90120000-00B2-0409-0000-0000000FF1CE} Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)-->MsiExec.exe /I{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F} Microsoft SQL Server 2005-->"C:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\ARPWrapper.exe" /Remove Microsoft SQL Server Native Client-->MsiExec.exe /I{50A0893D-47D8-48E0-A7E8-44BCD7E4422E} Microsoft SQL Server Setup Support Files (English)-->MsiExec.exe /X{53F5C3EE-05ED-4830-994B-50B2F0D50FCE} Microsoft SQL Server VSS Writer-->MsiExec.exe /I{C0D2F614-5CE5-4DCB-8678-E5C9AF7044F8} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7} Mozilla Firefox (2.0.0.7)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} Nokia Connectivity Cable Driver-->RUNDLL32.EXE nsesetup.dll,DoNTUninst NTI Backup NOW! 4.7-->"C:\Program Files\InstallShield Installation Information\{67ADE9AF-5CD9-4089-8825-55DE4B366799}\setup.exe" -removeonly NTI CD & DVD-Maker-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2} /l1033 CDM7 NTI Shadow-->"C:\Program Files\InstallShield Installation Information\{6F7EA6CA-79F4-44A0-A370-8E82BB16534A}\setup.exe" -removeonly O2Micro Flash Memory Card Reader Driver Installer(x86)-->MsiExec.exe /X{78764173-3805-4916-B3CE-B433702B8870} Outlook 2007 Business Contact Manager SP1-->"C:\Program Files\Microsoft Small Business\Business Contact Manager\SetupBootstrap\Setup.exe" /remove {51842608-e42c-496f-8b88-f967694a26bb} Outlook 2007 Business Contact Manager SP1-->MsiExec.exe /X{51842608-E42C-496F-8B88-F967694A26BB} PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5} PowerDVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB} Readiris Pro 10-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{14D08502-FEE4-40E5-90D3-8A967A1D8BA2}\setup.exe" -l0x9 RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 Realtek High Definition Audio Driver-->RtlUpd.exe -r -m Samsung SCX-4200 Series-->C:\Program Files\Samsung\Samsung SCX-4200 Series\Install\Setup.exe /R Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85} Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7} Security Update for 2007 Microsoft Office System (KB958439)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {6491B8AA-D11C-4648-A461-6234B31EB7E2} Security Update for Microsoft Office Excel 2007 (KB958437)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {648FC016-2D6B-4A16-8D87-404533642F4B} Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77} Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85} Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F} Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC} Security Update for Microsoft Office Word 2007 (KB956358)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C} Skype™ 3.6-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82} Smart Defrag 1.11-->"C:\Program Files\IObit\IObit SmartDefrag\unins000.exe" SmarThru 4-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{90F1943D-EA4A-4460-B59F-30023F3BA69A}\Setup.exe" -l0x9 uninstall -l0009 SUPERAntiSpyware Free Edition-->MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA} Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall Uniblue RegistryBooster 2009-->"C:\ProgramData\{92E7A367-8E12-4830-AA70-29C32E331A81}\Uniblue RegistryBooster.exe" REMOVE=TRUE MODIFY=FALSE Uniblue RegistryBooster 2009-->C:\ProgramData\{92E7A367-8E12-4830-AA70-29C32E331A81}\Uniblue RegistryBooster.exe Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756} Update for Office 2007 (KB946691)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278} Update for Outlook 2007 Junk Email Filter (kb959634)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {50C77E2F-5C1C-467D-9BC8-3CA07D28C9F2} World of Warcraft FREE Trial-->MsiExec.exe /X{02EBDBB9-4600-41D3-B566-40CB861511D2} Yahoo! Messenger-->C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG =====HijackThis Backups===== O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file) O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file) ======Security center information====== AS: Windows Defender (disabled) AS: SUPERAntiSpyware (disabled) System event log Computer Name: xxx Event Code: 6013 Message: Järjestelmän toiminta-aika on 19 sekuntia. Record Number: 191325 Source Name: EventLog Time Written: 20090103234352.000000-000 Event Type: Tietoja User: Computer Name: xxx Event Code: 83 Message: Port A is down Record Number: 191326 Source Name: yukonwlh Time Written: 20090103234345.011280-000 Event Type: Tietoja User: Computer Name: xxx Event Code: 121 Message: Port A is up with 100 Mbps Record Number: 191327 Source Name: yukonwlh Time Written: 20090104095037.047261-000 Event Type: Tietoja User: Computer Name: xxx Event Code: 128 Message: Duplex State is Full Duplex Record Number: 191328 Source Name: yukonwlh Time Written: 20090104095037.047261-000 Event Type: Tietoja User: Computer Name: xxx Event Code: 131 Message: Pause Function is Off Record Number: 191329 Source Name: yukonwlh Time Written: 20090104095037.047261-000 Event Type: Tietoja User: Application event log Computer Name: xxx Event Code: 3036 Message: Sisältölähdettä <mapi://{s-1-5-21-1110212224-4022218785-2376424616-1003}/> ei voi käyttää. Konteksti: Sovellus , luettelo SystemIndex Lisätietoja: Palvelimessa on tapahtunut virhe. Tarkista, että palvelin on käytettävissä. (0x80041206) Record Number: 104800 Source Name: Microsoft-Windows-Search Time Written: 20090304154122.000000-000 Event Type: Varoitus User: Computer Name: xxx Event Code: 3036 Message: Sisältölähdettä <mapi://{s-1-5-21-1110212224-4022218785-2376424616-1003}/> ei voi käyttää. Konteksti: Sovellus , luettelo SystemIndex Lisätietoja: Palvelimessa on tapahtunut virhe. Tarkista, että palvelin on käytettävissä. (0x80041206) Record Number: 104801 Source Name: Microsoft-Windows-Search Time Written: 20090304154333.000000-000 Event Type: Varoitus User: Computer Name: xxx Event Code: 32 Message: Säilö C:\Users\xxx\AppData\Local\Microsoft\Outlook\Outlook.pst on havainnut luettelon tarkistuspisteen. Record Number: 104802 Source Name: Outlook Time Written: 20090304155047.000000-000 Event Type: Tietoja User: Computer Name: xxx Event Code: 3036 Message: Sisältölähdettä <mapi://{s-1-5-21-1110212224-4022218785-2376424616-1003}/> ei voi käyttää. Konteksti: Sovellus , luettelo SystemIndex Lisätietoja: Palvelimessa on tapahtunut virhe. Tarkista, että palvelin on käytettävissä. (0x80041206) Record Number: 104803 Source Name: Microsoft-Windows-Search Time Written: 20090304155303.000000-000 Event Type: Varoitus User: Computer Name: xxx Event Code: 5 Message: Unsupported service control request (see data below) Record Number: 104804 Source Name: LightScribeService Time Written: 20090304184210.000000-000 Event Type: Tietoja User: Security event log Computer Name: xxx Event Code: 5038 Message: Koodin aitouden tarkistustoiminto määritti, että tiedoston näköistiedoston hajautusarvo ei ole kelvollinen. Tiedosto voi olla vaurioitunut luvattomien muutosten vuoksi, tai levylaite voi olla viallinen. Tiedostonimi: \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys Record Number: 75782 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090304184205.492337-000 Event Type: Valvontavirhe User: Computer Name: xxx Event Code: 5038 Message: Koodin aitouden tarkistustoiminto määritti, että tiedoston näköistiedoston hajautusarvo ei ole kelvollinen. Tiedosto voi olla vaurioitunut luvattomien muutosten vuoksi, tai levylaite voi olla viallinen. Tiedostonimi: \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys Record Number: 75783 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090304184205.539137-000 Event Type: Valvontavirhe User: Computer Name: xxx Event Code: 5038 Message: Koodin aitouden tarkistustoiminto määritti, että tiedoston näköistiedoston hajautusarvo ei ole kelvollinen. Tiedosto voi olla vaurioitunut luvattomien muutosten vuoksi, tai levylaite voi olla viallinen. Tiedostonimi: \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys Record Number: 75784 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090304184205.585937-000 Event Type: Valvontavirhe User: Computer Name: xxx Event Code: 5038 Message: Koodin aitouden tarkistustoiminto määritti, että tiedoston näköistiedoston hajautusarvo ei ole kelvollinen. Tiedosto voi olla vaurioitunut luvattomien muutosten vuoksi, tai levylaite voi olla viallinen. Tiedostonimi: \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys Record Number: 75785 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090304184205.632737-000 Event Type: Valvontavirhe User: Computer Name: xxx Event Code: 5038 Message: Koodin aitouden tarkistustoiminto määritti, että tiedoston näköistiedoston hajautusarvo ei ole kelvollinen. Tiedosto voi olla vaurioitunut luvattomien muutosten vuoksi, tai levylaite voi olla viallinen. Tiedostonimi: \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys Record Number: 75786 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090304184205.679537-000 Event Type: Valvontavirhe User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\Microsoft SQL Server\90\Tools\binn;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\QuickTime\QTSystem "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=x86 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% "PROCESSOR_LEVEL"=15 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 104 Stepping 1, AuthenticAMD "PROCESSOR_REVISION"=6801 "NUMBER_OF_PROCESSORS"=2 "CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip -----------------EOF----------------- Ja huom, nää on otettu sen jälkeen kun palautin koneen 1.3. palautuspisteeseen.
Hups noi tuli ensin kahteen kertaan, kun nettisivu jumiutui jäi vain tiimalasi pyörimään ja luulin ettei ne tullu ollenkaan läpi Tänään oon yritt monta kertaa mutta ei tee info-logia. CD-aseman vieressä näkyy kysymysmerkki. Asema ei tunnista cd:tä eikä dvd:tä. Luulen että ongelmat meni tähän malliin kun Microsoft.NET Frameworkpäivitysjuttu jumiutui ja jouduin buuttaa koneen. Mikä hitsi se on ja apua hermot menee... Sano reilusti, jos alkaa näyttää siltä, että web-ohjaus ei enää riitä niin alan sitten huutaa apua jostain muualta. Mutta yritetään nyt vielä. Yritin ladata pari päivää sitten Unibluen SpeedUp-ohjelman, kun se lupaa että koneen toiminta nopeutuu. Ohjelma herätti luottamusta, koska sivuilla on Microsoftin logo ja Microsoft Gold Certified Partner-mainonta. Päätin kokeilla. Ennenkuin se alkoi ladata itse ohjelmaa, tuli teksti että kestää muutaman minuutin ,kun ensin täytyy ladata Mikrosoft.NET Framework uudempaan versioon. Mutta koko homma jämähti totaalisesti kesken ja jouduin buuttamaan koneen kesken latauksen, kun ei antanut peruuttaakaan toimintoa. Kun avasin koneen ja valitsin Windowsin normaali käynnistys, ruutu pimeni hetkeksi kokonaan ja vas. yläruutuun tuli joku tekstipätkä ja juokseva numerosarja tyyliin 385/976... Pelästyin että nyt koko kone hajos. Lopulta kone käynnistyi normaalisti ja kovalevylle oli ilmestynyt kaksi outoa kansiota ihan täynnä jotain sälää kts kuva. http://www.aijaa.com/v.php?i=3723582.jpg Heitin ne vaan roskikseen ja onhan tää toiminut jotenkuten. Voisko tuo Mikrosoft.NET Frameworkin päivitys auttaa asiaa? Joku neuvoi: Mitä mä uskallan tehdä? EI AUTTANUT vAIKKA LATASIN RSIT-OHJELMAN UUDELLEEN, ei tee edelleenkään kuin yhden lokin..
Aloitas semmonen poisto operaatio Poista lisää poista sovelutuksesta Spybot - Search & Destroy SUPERAntiSpyware Poista kansiot C:\ComboFix C:\ProgramData\Spybot - Search & Destroy C:\Program Files\SUPERAntiSpyware C:\Qoobox C:\rsit C:\Program Files\Spyware Doctor C:\ProgramData\avg8 C:\ProgramData\SUPERAntiSpyware.com C:\Users\xxx\AppData\Roaming\SUPERAntiSpyware.com
Hei Hujo, sain cd-aseman näkyviin, Tukis neuvoi siihen äsken toimivan keinon. Kriitisin ongelma ohi siis toistaiseksi, mutta aika näyttää onko ongelmat ohi. Windows myös onnistui myös päivittämään illalla Microsoft.NET Frameworkin HIPPII Ajoin SUperantispywaren ennen poistamista, se löysi Adware-tracking-cookien, jonka heitin karanteeniin. Poistin noita ohjelmia joita neuvoit. Mutta onko tuo Qoobox Conbofixin karanteeni? Siel on sisällä tiedosto tcpip-reksiterimerkintä, joka luotu 28.2.09. En heittänyt sitä vielä roskiin, kun haluan varmistaa, ettei mene mitään tärkeää? RSIT sanoi eilen: Juuri tcpip-ongelmaan sain ohjetta jossain muualla näin, tää on vielä kokeilematta mutta saattais toimia?
Pistä pois se C:\Qoobox Nii tuo onkin aika kivasssa jemmassa MsiExec.exe /X{02EBDBB9-4600-41D3-B566-40CB861511D2} Onkos toi X nimi mikä on editoitu =========== sitten sulla on tommoset kuin DriverScanner ja Uniblue RegistryBooster C:\ProgramData\{92E7A367-8E12-4830-AA70-29C32E331A81}\Uniblue RegistryBooster.exe
Ok, Qoobox on mappi ööössä. MsiExec.exe /X{02EBDBB9-4600-41D3-B566-40CB861511D2} X ei ole edioitu (en ole koskenut logeissa mihinkään muuhun kuin käyttäjänimeen, joka korvattu xxx) http://www.aijaa.com/v.php?i=3741315.jpg http://www.aijaa.com/v.php?i=3741327.jpg > kts kuva: hakukohdassa tää näyttää että se on windowsin ohjelma! Joo. Uniblue Registry Booster löytyy, Driver Scannerin olen tainnut jo heittää pois, tai sitten se lähti jonkun palautuspisteen ladattuani joku päivä sitten. Ainiin, tässä oli se, että ilmaisversio korjasi vain 15 ongelmaa, nyt se näyttää että 505 on jäljellä, mutta pitäisi ostaa että korjais. Tuosta listasta tietysti löytää kaikki viat ja jos osaa, voi korjata manuaalisesti? http://www.aijaa.com/v.php?i=3741430.jpg Näköjään MsiExec.exe-asiaa on puitu muuallakin, löysin mm: http://keskustelu.afterdawn.com/thread_view.cfm/453235
Uniblue Registry Booster poista se koneelta. käypi vain xp:hen saakka. toi vistan sp1 lataus koneelle ja uudelleen asennus.
Niin näyttää olevan mut euroja se vaatii kuitenkin Katos löytyykö tuolta se unistaaleri C:\Program Files\Uniblue Registry Booster Kun en viitis ladata mokomaa ohjelmaa et näkis kuinka sen saa teilattua jos ei lisää poista sovelutuksesta lähde
teilaus onnistuu lisää/poista sovellutuksesta. heitetään sitten mäkeen mokoma kapistus, kun löytää niin paljon ongelmiakin, pöh... aloin jo katsella sp1:n asentamista, palaan asiaan alkuviikosta