|
|
|
Keskustelualueet
Keskustelualueet
|
|
|
Virus/haittaohjelma koneessa????
|
|
|
tortsa
Junior Member
|
24. syyskuuta 2009 @ 10:04 |
Linkki tähän viestiin
|
Nonniin. Omistan HP Pavilion DV7-1270EO (Turion X2 RM-74, 3 Gt, 17", Win Vista Home Premium), kannettavan tietokoneen.
Tilanne on tämä, että tuuletin huutaa mielestäni jatkuvasti täysillä ja suorituskykymittari paukkuu jatkuvalla heittelyllä 20% - 100%. Ensiksi tuli mieleen haittaonhjelma, mutta en sellaista ole löytänyt. Konettani suojaa tällä hetkellä ohjelmat:
* AVG anti-virus
* Advanced system care
* Spybod Search & destroyer
* Koneen oma ohjelma Windows defender
* Koneen oma palomuuri
Lueskelin noita vanhoja keskusteluja ja siellä aika paljon kehoitettu skannaamaan kone ``Hijack this““ ohjelmalla. Itselläni ei ole niin paljoa ymmärrystä että lähtisin säätämään hijackilla mitään. Skannasin ohjelmalla koneeni ja ajattelin tuon raportin laittaa tänne missä joku siitä voisi jotain ymmärtää ja ojentaa auttavan kätensä.
Ihan ekaks ku hijackin avaa ja painaa ``scan and save log file““ paukahtaa ruutuun ilmoitus
``For some reason your system denied write acces to the hosts file. If any hijacked domains are in this file, hijack this may be able to fix this.
If that happens, you need to edit the file yourself. To do this, click start, run and type:
notepad C:\Windows\System32\drivers\etc\hosts
and press Enter. Find the line(s) hijack this reports and delete them. Save the file as `hosts.“ (with quotes), and reboot.
For vista: simbly, exit hijack this, right click on the hijack this icon, choose `Run as administrator`.
Noniin sitten kun tuohon on mahdollista apua saapunut rupeen skannailee. Ei mitään hajuu mitä pitää tehdä ja tällä englannilla ei tuota kylttiä tulkita oikein...:D Pahoittelen mahdollisia kirjoitus virheitä
|
|
tortsa
Junior Member
|
24. syyskuuta 2009 @ 10:44 |
Linkki tähän viestiin
|
Niin tossa toi raportti nyt sitten on.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:20:37, on 12.9.2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal
Running processes:
C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe
C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe
C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Skype\Phone\Skype.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\conime.exe
C:\Program Files\Windows Defender\msascui.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3...avilion&pf=cnnb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://finnish.ircfast.com/fi/index.php?rvs=hompag
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://finnish.ircfast.com/fi/index.php?rvs=hompag
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3...avilion&pf=cnnb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://finnish.ircfast.com/fi/index.php?rvs=hompag
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://finnish.ircfast.com/fi/index.php?rvs=hompag
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - *{57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - (no file)
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: (no name) - *{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - (no file)
F2 - REG:system.ini: UserInit=C:\Windows\system32\ezShellStart.exe
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\IPSBHO.DLL
O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\tbBS_1.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\tbBS_1.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [DVDAgent] "C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe"
O4 - HKLM\..\Run: [TSMAgent] "C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
O4 - HKLM\..\Run: [CLMLServer for HP TouchSmart] "C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Hewlett-Packard\Media\Webcam" update "Software\Hewlett-Packard\Media\Webcam"
O4 - HKLM\..\Run: [SmartMenu] %ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [UpdatePDIRShortCut] "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [Corel Photo Downloader] "C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup
O4 - HKLM\..\Run: [Corel File Shell Monitor] C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
O4 - HKLM\..\Run: [TVAgent] "C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Verkkopalvelu')
O8 - Extra context menu item: &AOL-työkalurivi Haku - C:\ProgramData\AOL\ieToolbar\resources\fi-FI\local\search.html
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: V&ie Microsoft Exceliin - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Lähetä OneNoteen - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Läh&etä OneNoteen - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Control) - https://plugins.valueactive.eu/flashax/iefax.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\aestsrv.exe
O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: ExtraFilm upload service (EFUploadSrv) - Textalk AB - C:\Program Files\ExtraFilm Designer FI\EFUploadSrv.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\STacSV.exe
O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
O23 - Service: TV Task Scheduler (TVTS) (TVSched) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
--
End of file - 14732 bytes
|
Moderator
7 tuotearviota
|
24. syyskuuta 2009 @ 13:19 |
Linkki tähän viestiin
|
|
Lue säännöt. Otsikon tulee olla kuvaava & jos on jotain lisättävää käytetään muokkaa nappia uuden viestin kirjoittamisen sijasta.
|
|
warwas
Suspended permanently
|
25. syyskuuta 2009 @ 00:26 |
Linkki tähän viestiin
|
Jannejt, iha turha whinee tämmösestä, ellet itse halua ottaa lokia, saat kyllä ottaa kun varmaan haluat???
@tortsa
(Windows Vista: Käynnistä -> [kirjoita hakukenttään] Ohjelmat ja toiminnot ja Enter)
Poista seuraava/t:
AskBarDis (mikä vain mikä viittaa ASK-sanaan)
------------------------------------------------------------------
Avaa Windows Defender.
Klikkaa Tools ja General Settings.
Selaa alas ja ota rasti pois Turn on real-time protection (recommended)-kohdasta.
Tämän jälkeen klikkaa Save ja sulje Windows Defender.
---------------------------------------------------------------------
Vistassa kaikki fixit tarvii tehdä järjestelmänvalvojana
Eli hiiren oikealla ja aja järjestelmän valvojana.
-------------------------------------------------------------------
[color=blue]Avaa HJT[/color]
Klikkaa Do a system scan only ja merkkaa seuraavat rivit:
[size=9]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://finnish.ircfast.com/fi/index.php?rvs=hompag
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://finnish.ircfast.com/fi/index.php?rvs=hompag
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://finnish.ircfast.com/fi/index.php?rvs=hompag
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://finnish.ircfast.com/fi/index.php?rvs=hompag
R3 - URLSearchHook: (no name) - *{57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - (no file)
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: (no name) - *{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
[/size]
Sammuta kaikki muut ohjelmat paitsi palomuuri ja virustorjunta ja Klikkaa Fix checked
[color=blue]Sulje HJT[/color]
Lataa Malwarebytes' Anti-Malware työpöydällesi.
Jos linkki ei toimi, voit ladata myös seuraavista linkeistä:
Linkki1
Linkki2
[list][*]Tuplaklikkaa mbam-setup.exe ja seuraa ohjeita asentaaksesi ohjelman.
[*]Lopuksi varmistu, että seuraavat on valittu: Päivitä Malwarebytes' Anti-Malware ja Käynnistä Malwarebytes' Anti-Malware ja sen jälkeen klikkaa Lopeta.
[*]Jos päivitys löytyy, ohjelma lataa ja asentaa uusimman version. Jos päivityksien lataaminen ei onnistu, voit ladata päivitykset tästä. Tuplaklikkaa mbam-rules.exe asentaaksesi päivitykset.
[*]Kun ohjelma on latautunut ja päivitykset tehty, valitse Suorita täysi tarkistus ja klikkaa Tarkista.
[*]Kun tarkistus on valmis, klikkaa OK ja sitten Näytä tulokset nähdäksesi tulokset.
[*]Varmistu, että kaikki on merkitty ja klikkaa Poista valitut.
[*]Tämän jälkeen loki avautuu muistioon. Tallenna se paikkaan, josta löydät sen helposti. Loki löytyy myös täältä: C:\Documents and Settings\Käyttäjänimi\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-päiväys.txt
[*]Lähetä lokin sisältö seuraavassa viestissäsi.[/list]
Huom. Jos Mbam ei pystynyt poistamaan tiedostoa, se pyytää sinua käynnistämään koneesi uudelleen. Käynnistä koneesi silloin uudelleen heti. Mbam voi tehdä muutoksia rekisteriisi osana puhdistusta. Jos käytät suojausohjelmaa, joka havaitsee rekisterin muutokset, salli Mbamin tehdä muutokset.
Sammuta ja käynnisä tietokone
Poista seuraava punaisella merkitty kansio:
C:\Program Files\AskBarDis
------------------------------------------------------------
[list][*]Lataa tästä random's system information tool (RSIT) by ]random/random ja tallenna se työpöydälle
[*]Tuplaklikkaa RSIT.exeä ajaaksesi RSITin.
[*]Klikkaa Continue.
[*]Kun RSIT on valmis, kaksi lokia avautuu muistioon. Lähetä sekä log.txt:n (<<avautuu suurennettuna) että info.txt:n (<<avautuu pienennettynä) sisältö seuraavassa viestissäsi.[/list]
[color=blue]Lähetätkö seuraavat lokit[/color]
Mbam:n log-päiväys.txt
Rsit:n log.txt:n sekä info.txt:n
|
|
Mainos
|
|
|
|
tortsa
Junior Member
|
28. syyskuuta 2009 @ 11:31 |
Linkki tähän viestiin
|
Sori et kesti. Oli muutto. tuossa olisi nyt sitten parit rivit tekstiä :D
OK. Toimenpiteet suoritettu, mutta en löytänyt millään haulla tuota C:\Program Files\AskBarDis kansiota. Tuossa olisi hijack this loki korjausten jälkeen (varmuudeksi).
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:20:37, on 12.9.2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal
Running processes:
C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe
C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe
C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Skype\Phone\Skype.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\conime.exe
C:\Program Files\Windows Defender\msascui.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3...avilion&pf=cnnb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://finnish.ircfast.com/fi/index.php?rvs=hompag
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://finnish.ircfast.com/fi/index.php?rvs=hompag
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3...avilion&pf=cnnb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://finnish.ircfast.com/fi/index.php?rvs=hompag
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://finnish.ircfast.com/fi/index.php?rvs=hompag
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - *{57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - (no file)
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: (no name) - *{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - (no file)
F2 - REG:system.ini: UserInit=C:\Windows\system32\ezShellStart.exe
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\IPSBHO.DLL
O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\tbBS_1.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\tbBS_1.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [DVDAgent] "C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe"
O4 - HKLM\..\Run: [TSMAgent] "C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
O4 - HKLM\..\Run: [CLMLServer for HP TouchSmart] "C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Hewlett-Packard\Media\Webcam" update "Software\Hewlett-Packard\Media\Webcam"
O4 - HKLM\..\Run: [SmartMenu] %ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [UpdatePDIRShortCut] "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [Corel Photo Downloader] "C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup
O4 - HKLM\..\Run: [Corel File Shell Monitor] C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
O4 - HKLM\..\Run: [TVAgent] "C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Verkkopalvelu')
O8 - Extra context menu item: &AOL-työkalurivi Haku - C:\ProgramData\AOL\ieToolbar\resources\fi-FI\local\search.html
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: V&ie Microsoft Exceliin - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Lähetä OneNoteen - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Läh&etä OneNoteen - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Control) - https://plugins.valueactive.eu/flashax/iefax.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\aestsrv.exe
O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: ExtraFilm upload service (EFUploadSrv) - Textalk AB - C:\Program Files\ExtraFilm Designer FI\EFUploadSrv.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\STacSV.exe
O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
O23 - Service: TV Task Scheduler (TVTS) (TVSched) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
--
End of file - 14732 bytes
Ja tuossa on Mbam:n log-päiväys.txt
Malwarebytes' Anti-Malware 1.41
Tietokantaversio: 2866
Windows 6.0.6002 Service Pack 2
28.9.2009 10:39:11
mbam-log-2009-09-28 (10-39-11).txt
Tarkistustyyppi: Täysi tarkistus (C:\|D:\|E:\|)
Tarkistetut kohteet: 373357
Kulunut aika: 3 hour(s), 3 minute(s), 22 second(s)
Saastuneita muistiprosesseja: 0
Saastuneita muistimoduuleja: 0
Saastuneita rekisteriavaimia: 27
Saastuneita rekisteriarvoja: 0
Saastuneita rekisterikohteita: 0
Saastuneita hakemistoja: 7
Saastuneita tiedostoja: 9
Saastuneita muistiprosesseja:
(Haitallisia kohteita ei löydetty)
Saastuneita muistimoduuleja:
(Haitallisia kohteita ei löydetty)
Saastuneita rekisteriavaimia:
HKEY_CLASSES_ROOT\videoegg.activexloader (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{168dc258-1455-4e61-8590-9dac2f27b675} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1a8642f1-dc80-4edc-a39d-0fb62a58b455} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3f91eb90-ef62-44ee-a685-fac29af111cd} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5c29c7e4-5321-4cad-be2e-877666bed5df} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{83dfb6ee-ab18-41b5-86d4-b544a141d67e} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{88d6cf0e-cf70-4c24-bf6e-e4e414bc649c} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8f6a82a2-d7b1-443e-bb9f-f7dc887dd618} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9856e2d8-ffb2-4fe5-8cad-d5ad6a35a804} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a3d06987-c35e-49e4-8fe2-ac67b9fbfb4c} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a58c497b-3ee2-45e7-9594-daca6be2a0d0} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ad0a3058-fd49-4f98-a514-fd055201835e} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ad5915ea-b61a-4dba-b5c8-ef4b2df0a3c7} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{af2e62b6-f9e1-4d4f-a10a-9dc8e6dcbcc0} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{bb187c0d-6f53-4f3e-9590-98fd3a7364a2} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c5041fd9-4819-4dc4-b20e-c950b5b03d2a} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d17726cc-d4dd-4c4a-9671-471d56e413b5} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{db8cce99-59c6-4552-8bfc-058feb38d6ce} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{dc3a04ee-cdd7-4407-915c-a5502f97eecd} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e1a63484-a022-4d42-830a-fbd411514440} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e282c728-189d-419e-8ee2-1601f4b39ba5} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\videoegg.activexloader.1 (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\videoegg (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MozillaPlugins\@videoegg.com/publisher,version=1.5 (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videoegg.com/publisher,version=1.5 (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
Saastuneita rekisteriarvoja:
(Haitallisia kohteita ei löydetty)
Saastuneita rekisterikohteita:
(Haitallisia kohteita ei löydetty)
Saastuneita hakemistoja:
C:\Users\Torski\AppData\Roaming\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\Torski\AppData\Roaming\VideoEgg\Loader (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\Torski\AppData\Roaming\VideoEgg\Loader\4665 (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\Torski\AppData\Roaming\VideoEgg\Publisher (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\Torski\AppData\Roaming\VideoEgg\Publisher\4665 (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\Torski\AppData\Roaming\VideoEgg\Updater (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\Torski\AppData\Roaming\VideoEgg\Updater\4665 (Adware.VideoEgg) -> Quarantined and deleted successfully.
Saastuneita tiedostoja:
C:\Users\Torski\AppData\Roaming\VideoEgg\Loader\4665\npvideoegg-loader.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\Torski\AppData\Roaming\VideoEgg\Updater\updater.exe (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\Torski\AppData\Roaming\VideoEgg\Updater\VideoEggBroker.exe (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\Torski\AppData\Roaming\VideoEgg\Updater\VideoEggBroker.exe.old (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\Torski\AppData\Roaming\VideoEgg\Uninstall.exe (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\Torski\AppData\Roaming\VideoEgg\Loader\loader.ver (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\Torski\AppData\Roaming\VideoEgg\Updater\updater.ver (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\Torski\AppData\Roaming\VideoEgg\Updater\4665\libcurlve.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\Torski\AppData\Roaming\VideoEgg\Updater\4665\updater.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
Ja tuossa olisi log.txt:n
Logfile of random's system information tool 1.06 (written by random/random)
Run by Torski at 2009-09-28 11:02:26
Microsoft® Windows Vista? Home Premium Service Pack 2
System drive C: has 32 GB (14%) free of 226 GB
Total RAM: 3069 MB (54% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:02:35, on 28.9.2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\System32\notepad.exe
C:\Users\Torski\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Torski.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3...avilion&pf=cnnb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3...avilion&pf=cnnb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://finnish.ircfast.com/fi/index.php?rvs=hompag
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://finnish.ircfast.com/fi/index.php?rvs=hompag
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: Windows Live ID -kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\tbBS_1.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\tbBS_1.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TSMAgent] "C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
O4 - HKLM\..\Run: [CLMLServer for HP TouchSmart] "C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Hewlett-Packard\Media\Webcam" update "Software\Hewlett-Packard\Media\Webcam"
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [UpdatePDIRShortCut] "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [TVAgent] "C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SmartMenu] %ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
O4 - HKLM\..\Run: [DVDAgent] "C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe"
O4 - HKLM\..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Verkkopalvelu')
O8 - Extra context menu item: &AOL-työkalurivi Haku - C:\ProgramData\AOL\ieToolbar\resources\fi-FI\local\search.html
O8 - Extra context menu item: V&ie Microsoft Exceliin - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Lisää tämä blogiin - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Lisää tämä blogiin tuotteessa Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Lähetä OneNoteen - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Läh&etä OneNoteen - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Control) - https://plugins.valueactive.eu/flashax/iefax.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\aestsrv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour-palvelu (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod-palvelu (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\STacSV.exe
O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
O23 - Service: TV Task Scheduler (TVTS) (TVSched) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
--
End of file - 13335 bytes
======Scheduled tasks folder======
C:\Windows\tasks\AWC Startup.job
C:\Windows\tasks\User_Feed_Synchronization-{DF0AEB1C-0834-4F15-85C8-805D8FA1F92E}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-07-30 1111320]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9}]
AOL Toolbar BHO - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll [2008-07-02 1185120]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID -kirjautumisapuohjelma - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
AVG Security Toolbar BHO - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll [2009-07-24 1090816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-08-27 256112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2009-08-27 761840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-08-27 458736]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
BS Player Toolbar - C:\Program Files\BS_Player\tbBS_1.dll [2009-06-14 2094616]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{DE9C389F-3316-41A7-809B-AA305ED9D922} - AOL Toolbar - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll [2008-07-02 1185120]
{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - BS Player Toolbar - C:\Program Files\BS_Player\tbBS_1.dll [2009-06-14 2094616]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll [2009-07-24 1090816]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-08-27 256112]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-08-02 61440]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-03-28 1045800]
"TSMAgent"=C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe [2008-09-26 1152296]
"CLMLServer for HP TouchSmart"=C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [2008-09-26 189736]
"UCam_Menu"=C:\Program Files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe [2008-06-14 210216]
"UpdateLBPShortCut"=C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2008-06-14 210216]
"UpdatePSTShortCut"=C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [2008-09-26 210216]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-08-02 202032]
"UpdateP2GoShortCut"=C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-06-14 210216]
"UpdatePDIRShortCut"=C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [2008-06-14 210216]
"HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-06-16 75008]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2007-05-09 54840]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2008-04-16 488752]
"TVAgent"=C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe [2009-04-22 206120]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-08-22 2007832]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 149280]
"SmartMenu"=C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [2008-09-23 912688]
"DVDAgent"=C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe [2008-09-26 1148200]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2009-07-21 458844]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-09-05 417792]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-09-08 305440]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2009-09-18 288560]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-07-14 39408]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel File Shell Monitor]
C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel Photo Downloader]
C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe -startup []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\MSN Messenger\MsnMsgr.Exe /background []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2008-04-30 22058792]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-07-14 39408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe [2009-04-10 37888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="avgrsstx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{E54729E8-BB3D-4270-9D49-7389EA579090}"=C:\Windows\system32\EZUPBH~1.DLL [2009-05-30 51656]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableLockWorkstation"=0
"DisableTaskMgr"=0
"DisableChangePassword"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"HideFastUserSwitching"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoLogoff"=0
"NoClose"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2009-09-28 11:02:26 ----D---- C:\rsit
2009-09-28 07:32:48 ----D---- C:\Users\Torski\AppData\Roaming\Malwarebytes
2009-09-28 07:32:41 ----D---- C:\ProgramData\Malwarebytes
2009-09-28 07:32:40 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-09-23 08:32:52 ----D---- C:\Program Files\StepMania
2009-09-21 18:37:09 ----D---- C:\Program Files\Windows Live Safety Center
2009-09-18 07:50:18 ----D---- C:\Program Files\iPhone Configuration Utility
2009-09-18 07:34:17 ----D---- C:\Users\Torski\AppData\Roaming\Apple Computer
2009-09-18 07:33:17 ----A---- C:\Windows\system32\GEARAspi.dll
2009-09-18 07:32:12 ----D---- C:\Program Files\iPod
2009-09-18 07:32:09 ----D---- C:\ProgramData\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-09-18 07:32:09 ----D---- C:\Program Files\iTunes
2009-09-18 07:31:39 ----D---- C:\Program Files\Bonjour
2009-09-18 07:30:40 ----D---- C:\Program Files\QuickTime
2009-09-18 07:30:39 ----D---- C:\ProgramData\Apple Computer
2009-09-18 07:29:32 ----SHD---- C:\Config.Msi
2009-09-18 07:24:05 ----D---- C:\Program Files\Common Files\Apple
2009-09-15 16:22:20 ----D---- C:\Program Files\Audacity
2009-09-14 08:42:27 ----D---- C:\Program Files\Microsoft Sync Framework
2009-09-14 08:41:27 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2009-09-14 08:39:51 ----D---- C:\Program Files\Windows Live SkyDrive
2009-09-14 08:39:30 ----D---- C:\Program Files\Windows Live
2009-09-14 08:26:43 ----D---- C:\Program Files\Common Files\Windows Live
2009-09-14 08:26:12 ----D---- C:\Program Files\Microsoft Silverlight
2009-09-14 08:25:35 ----D---- C:\Program Files\Microsoft
2009-09-12 10:20:12 ----D---- C:\Program Files\Trend Micro
2009-09-11 16:10:35 ----D---- C:\Windows\system32\eu-ES
2009-09-11 16:10:35 ----D---- C:\Windows\system32\ca-ES
2009-09-11 16:10:31 ----D---- C:\Windows\system32\vi-VN
2009-09-10 13:36:34 ----A---- C:\Windows\system32\javaws.exe
2009-09-10 13:36:34 ----A---- C:\Windows\system32\javaw.exe
2009-09-10 13:36:34 ----A---- C:\Windows\system32\java.exe
2009-09-10 00:24:46 ----A---- C:\Windows\system32\netiohlp.dll
2009-09-10 00:24:45 ----A---- C:\Windows\system32\TCPSVCS.EXE
2009-09-10 00:24:45 ----A---- C:\Windows\system32\ROUTE.EXE
2009-09-10 00:24:45 ----A---- C:\Windows\system32\NETSTAT.EXE
2009-09-10 00:24:45 ----A---- C:\Windows\system32\MRINFO.EXE
2009-09-10 00:24:45 ----A---- C:\Windows\system32\HOSTNAME.EXE
2009-09-10 00:24:45 ----A---- C:\Windows\system32\finger.exe
2009-09-10 00:24:45 ----A---- C:\Windows\system32\ARP.EXE
2009-09-10 00:24:44 ----A---- C:\Windows\system32\netevent.dll
2009-09-10 00:24:16 ----A---- C:\Windows\system32\wlansvc.dll
2009-09-10 00:24:15 ----A---- C:\Windows\system32\wlansec.dll
2009-09-10 00:24:15 ----A---- C:\Windows\system32\wlanmsm.dll
2009-09-10 00:24:15 ----A---- C:\Windows\system32\wlanhlp.dll
2009-09-10 00:24:15 ----A---- C:\Windows\system32\wlanapi.dll
2009-09-10 00:24:15 ----A---- C:\Windows\system32\L2SecHC.dll
2009-09-10 00:24:08 ----A---- C:\Windows\system32\WMVCORE.DLL
2009-09-10 00:24:07 ----A---- C:\Windows\system32\rrinstaller.exe
2009-09-10 00:24:07 ----A---- C:\Windows\system32\mfps.dll
2009-09-10 00:24:07 ----A---- C:\Windows\system32\mfpmp.exe
2009-09-10 00:24:07 ----A---- C:\Windows\system32\mf.dll
2009-09-10 00:24:06 ----A---- C:\Windows\system32\mferror.dll
2009-09-10 00:23:56 ----A---- C:\Windows\system32\jscript.dll
2009-09-02 23:02:16 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2009-09-02 23:02:16 ----A---- C:\Windows\system32\Apphlpdm.dll
2009-09-01 03:00:52 ----D---- C:\Windows\CheckSur
2009-08-31 14:24:37 ----D---- C:\ProgramData\Office Genuine Advantage
2009-08-31 12:10:38 ----D---- C:\Windows\system32\EventProviders
2009-08-31 12:04:10 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2009-08-31 12:04:00 ----A---- C:\Windows\system32\SLsvc.exe
2009-08-31 12:04:00 ----A---- C:\Windows\system32\SLCExt.dll
2009-08-31 12:03:57 ----A---- C:\Windows\system32\FunctionDiscoveryFolder.dll
2009-08-31 12:03:57 ----A---- C:\Windows\system32\DevicePairingWizard.exe
2009-08-31 12:03:55 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2009-08-31 12:03:51 ----A---- C:\Windows\system32\mssrch.dll
2009-08-31 12:03:48 ----A---- C:\Windows\system32\tquery.dll
2009-08-31 12:03:47 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2009-08-31 12:03:46 ----A---- C:\Windows\system32\RMActivate_isv.exe
2009-08-31 12:03:45 ----A---- C:\Windows\system32\scavenge.dll
2009-08-31 12:03:45 ----A---- C:\Windows\system32\RMActivate.exe
2009-08-31 12:03:44 ----A---- C:\Windows\system32\msi.dll
2009-08-31 12:03:43 ----A---- C:\Windows\system32\imapi2fs.dll
2009-08-31 12:03:41 ----A---- C:\Windows\system32\WscEapPr.dll
2009-08-31 12:03:41 ----A---- C:\Windows\system32\wcnwiz2.dll
2009-08-31 12:03:41 ----A---- C:\Windows\system32\secproc_isv.dll
2009-08-31 12:03:40 ----A---- C:\Windows\system32\sysmain.dll
2009-08-31 12:03:39 ----A---- C:\Windows\system32\icardagt.exe
2009-08-31 12:03:37 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
2009-08-31 12:03:36 ----A---- C:\Windows\system32\EhStorShell.dll
2009-08-31 12:03:33 ----A---- C:\Windows\system32\spreview.exe
2009-08-31 12:03:33 ----A---- C:\Windows\system32\spinstall.exe
2009-08-31 12:03:32 ----A---- C:\Windows\system32\drmv2clt.dll
2009-08-31 12:03:31 ----A---- C:\Windows\system32\spwizui.dll
2009-08-31 12:03:31 ----A---- C:\Windows\system32\secproc.dll
2009-08-31 12:03:31 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2009-08-31 12:03:29 ----A---- C:\Windows\system32\shell32.dll
2009-08-31 12:03:28 ----A---- C:\Windows\system32\p2psvc.dll
2009-08-31 12:03:27 ----A---- C:\Windows\system32\SearchIndexer.exe
2009-08-31 12:03:27 ----A---- C:\Windows\system32\mssvp.dll
2009-08-31 12:03:26 ----A---- C:\Windows\system32\mssphtb.dll
2009-08-31 12:03:26 ----A---- C:\Windows\system32\mssph.dll
2009-08-31 12:03:26 ----A---- C:\Windows\system32\MSMPEG2VDEC.DLL
2009-08-31 12:03:26 ----A---- C:\Windows\system32\mscoree.dll
2009-08-31 12:03:25 ----A---- C:\Windows\system32\imapi2.dll
2009-08-31 12:03:24 ----A---- C:\Windows\system32\sdohlp.dll
2009-08-31 12:03:24 ----A---- C:\Windows\system32\ntkrnlpa.exe
2009-08-31 12:03:24 ----A---- C:\Windows\system32\esent.dll
2009-08-31 12:03:23 ----A---- C:\Windows\system32\sperror.dll
2009-08-31 12:03:23 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2009-08-31 12:03:23 ----A---- C:\Windows\system32\IMJP10K.DLL
2009-08-31 12:03:23 ----A---- C:\Windows\system32\DevicePairing.dll
2009-08-31 12:03:22 ----A---- C:\Windows\system32\wevtsvc.dll
2009-08-31 12:03:22 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2009-08-31 12:03:22 ----A---- C:\Windows\system32\korwbrkr.dll
2009-08-31 12:03:21 ----A---- C:\Windows\system32\SLC.dll
2009-08-31 12:03:21 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2009-08-31 12:03:20 ----A---- C:\Windows\system32\msshsq.dll
2009-08-31 12:03:18 ----A---- C:\Windows\system32\ntoskrnl.exe
2009-08-31 12:03:18 ----A---- C:\Windows\system32\msjet40.dll
2009-08-31 12:03:18 ----A---- C:\Windows\system32\MPSSVC.dll
2009-08-31 12:03:17 ----A---- C:\Windows\system32\msxml6.dll
2009-08-31 12:03:16 ----A---- C:\Windows\system32\Query.dll
2009-08-31 12:03:16 ----A---- C:\Windows\system32\qmgr.dll
2009-08-31 12:03:16 ----A---- C:\Windows\system32\msexch40.dll
2009-08-31 12:03:15 ----A---- C:\Windows\system32\P2PGraph.dll
2009-08-31 12:03:15 ----A---- C:\Windows\system32\ole32.dll
2009-08-31 12:03:15 ----A---- C:\Windows\system32\IasMigReader.exe
2009-08-31 12:03:15 ----A---- C:\Windows\system32\diagperf.dll
2009-08-31 12:03:14 ----A---- C:\Windows\system32\winload.exe
2009-08-31 12:03:14 ----A---- C:\Windows\system32\srchadmin.dll
2009-08-31 12:03:14 ----A---- C:\Windows\system32\ntdll.dll
2009-08-31 12:03:14 ----A---- C:\Windows\system32\msxml3.dll
2009-08-31 12:03:13 ----A---- C:\Windows\system32\uDWM.dll
2009-08-31 12:03:13 ----A---- C:\Windows\system32\mmc.exe
2009-08-31 12:03:13 ----A---- C:\Windows\system32\mblctr.exe
2009-08-31 12:03:13 ----A---- C:\Windows\system32\EncDec.dll
2009-08-31 12:03:13 ----A---- C:\Windows\system32\dfsr.exe
2009-08-31 12:03:12 ----A---- C:\Windows\system32\riched20.dll
2009-08-31 12:03:12 ----A---- C:\Windows\system32\IasMigPlugin.dll
2009-08-31 12:03:12 ----A---- C:\Windows\system32\fdBth.dll
2009-08-31 12:03:11 ----A---- C:\Windows\system32\RacEngn.dll
2009-08-31 12:03:10 ----A---- C:\Windows\system32\kernel32.dll
2009-08-31 12:03:09 ----A---- C:\Windows\system32\spoolss.dll
2009-08-31 12:03:09 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2009-08-31 12:03:09 ----A---- C:\Windows\system32\SearchFilterHost.exe
2009-08-31 12:03:09 ----A---- C:\Windows\system32\schedsvc.dll
2009-08-31 12:03:09 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2009-08-31 12:03:09 ----A---- C:\Windows\system32\milcore.dll
2009-08-31 12:03:09 ----A---- C:\Windows\system32\EhStorAPI.dll
2009-08-31 12:03:09 ----A---- C:\Windows\system32\CertEnroll.dll
2009-08-31 12:03:07 ----A---- C:\Windows\system32\msvcp60.dll
2009-08-31 12:03:07 ----A---- C:\Windows\system32\msjtes40.dll
2009-08-31 12:03:07 ----A---- C:\Windows\system32\infocardapi.dll
2009-08-31 12:03:07 ----A---- C:\Windows\system32\gpedit.dll
2009-08-31 12:03:07 ----A---- C:\Windows\system32\fsquirt.exe
2009-08-31 12:03:07 ----A---- C:\Windows\system32\AuxiliaryDisplayDriverLib.dll
2009-08-31 12:03:05 ----A---- C:\Windows\system32\WinSAT.exe
2009-08-31 12:03:05 ----A---- C:\Windows\system32\es.dll
2009-08-31 12:03:04 ----A---- C:\Windows\system32\PresentationSettings.exe
2009-08-31 12:03:04 ----A---- C:\Windows\system32\mstext40.dll
2009-08-31 12:03:04 ----A---- C:\Windows\system32\Magnify.exe
2009-08-31 12:03:04 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll
2009-08-31 12:03:04 ----A---- C:\Windows\system32\advapi32.dll
2009-08-31 12:03:03 ----A---- C:\Windows\system32\WMPhoto.dll
2009-08-31 12:03:03 ----A---- C:\Windows\system32\WebClnt.dll
2009-08-31 12:03:03 ----A---- C:\Windows\system32\slwmi.dll
2009-08-31 12:03:03 ----A---- C:\Windows\system32\msexcl40.dll
2009-08-31 12:03:02 ----A---- C:\Windows\system32\vssapi.dll
2009-08-31 12:03:02 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeCPL.dll
2009-08-31 12:03:02 ----A---- C:\Windows\system32\msxbde40.dll
2009-08-31 12:03:02 ----A---- C:\Windows\system32\comsvcs.dll
2009-08-31 12:03:01 ----A---- C:\Windows\system32\authui.dll
2009-08-31 12:02:59 ----A---- C:\Windows\system32\NetProjW.dll
2009-08-31 12:02:59 ----A---- C:\Windows\system32\msrepl40.dll
2009-08-31 12:02:58 ----A---- C:\Windows\system32\PresentationHost.exe
2009-08-31 12:02:54 ----A---- C:\Windows\system32\propsys.dll
2009-08-31 12:02:54 ----A---- C:\Windows\system32\newdev.dll
2009-08-31 12:02:53 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-08-31 12:02:53 ----A---- C:\Windows\system32\iasrecst.dll
2009-08-31 12:02:53 ----A---- C:\Windows\system32\gpsvc.dll
2009-08-31 12:02:53 ----A---- C:\Windows\system32\eudcedit.exe
2009-08-31 12:02:53 ----A---- C:\Windows\system32\crypt32.dll
2009-08-31 12:02:53 ----A---- C:\Windows\explorer.exe
2009-08-31 12:02:52 ----A---- C:\Windows\system32\setupapi.dll
2009-08-31 12:02:52 ----A---- C:\Windows\system32\rpcss.dll
2009-08-31 12:02:52 ----A---- C:\Windows\system32\mspbde40.dll
2009-08-31 12:02:51 ----A---- C:\Windows\system32\d3d9.dll
2009-08-31 12:02:50 ----A---- C:\Windows\system32\msltus40.dll
2009-08-31 12:02:50 ----A---- C:\Windows\system32\mfc42.dll
2009-08-31 12:02:50 ----A---- C:\Windows\system32\davclnt.dll
2009-08-31 12:02:49 ----A---- C:\Windows\system32\shlwapi.dll
2009-08-31 12:02:49 ----A---- C:\Windows\system32\msrd3x40.dll
2009-08-31 12:02:49 ----A---- C:\Windows\system32\msdtctm.dll
2009-08-31 12:02:49 ----A---- C:\Windows\system32\EhStorPwdMgr.dll
2009-08-31 12:02:49 ----A---- C:\Windows\system32\EhStorAuthn.dll
2009-08-31 12:02:48 ----A---- C:\Windows\system32\wevtapi.dll
2009-08-31 12:02:48 ----A---- C:\Windows\system32\photowiz.dll
2009-08-31 12:02:48 ----A---- C:\Windows\system32\nlhtml.dll
2009-08-31 12:02:48 ----A---- C:\Windows\system32\browseui.dll
2009-08-31 12:02:45 ----A---- C:\Windows\system32\user32.dll
2009-08-31 12:02:45 ----A---- C:\Windows\system32\samsrv.dll
2009-08-31 12:02:45 ----A---- C:\Windows\system32\quartz.dll
2009-08-31 12:02:45 ----A---- C:\Windows\system32\ci.dll
2009-08-31 12:02:44 ----A---- C:\Windows\system32\win32spl.dll
2009-08-31 12:02:44 ----A---- C:\Windows\system32\WcnNetsh.dll
2009-08-31 12:02:44 ----A---- C:\Windows\system32\SLCommDlg.dll
2009-08-31 12:02:44 ----A---- C:\Windows\system32\oleaut32.dll
2009-08-31 12:02:43 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-08-31 12:02:43 ----A---- C:\Windows\system32\IKEEXT.DLL
2009-08-31 12:02:42 ----A---- C:\Windows\system32\netshell.dll
2009-08-31 12:02:42 ----A---- C:\Windows\system32\compcln.exe
2009-08-31 12:02:42 ----A---- C:\Windows\system32\apds.dll
2009-08-31 12:02:41 ----A---- C:\Windows\system32\winhttp.dll
2009-08-31 12:02:41 ----A---- C:\Windows\system32\mswstr10.dll
2009-08-31 12:02:40 ----A---- C:\Windows\system32\xmlfilter.dll
2009-08-31 12:02:40 ----A---- C:\Windows\system32\emdmgmt.dll
2009-08-31 12:02:40 ----A---- C:\Windows\system32\audiosrv.dll
2009-08-31 12:02:39 ----A---- C:\Windows\system32\msctf.dll
2009-08-31 12:02:38 ----A---- C:\Windows\system32\VSSVC.exe
2009-08-31 12:02:38 ----A---- C:\Windows\system32\QAGENTRT.DLL
2009-08-31 12:02:38 ----A---- C:\Windows\system32\msvcrt.dll
2009-08-31 12:02:38 ----A---- C:\Windows\system32\iphlpsvc.dll
2009-08-31 12:02:38 ----A---- C:\Windows\system32\gdi32.dll
2009-08-31 12:02:37 ----A---- C:\Windows\system32\SLUI.exe
2009-08-31 12:02:37 ----A---- C:\Windows\system32\msrd2x40.dll
2009-08-31 12:02:37 ----A---- C:\Windows\system32\mfc42u.dll
2009-08-31 12:02:37 ----A---- C:\Windows\system32\eapphost.dll
2009-08-31 12:02:36 ----A---- C:\Windows\system32\sqlsrv32.dll
2009-08-31 12:02:34 ----A---- C:\Windows\system32\winresume.exe
2009-08-31 12:02:34 ----A---- C:\Windows\system32\propdefs.dll
2009-08-31 12:02:34 ----A---- C:\Windows\system32\odbc32.dll
2009-08-31 12:02:33 ----A---- C:\Windows\system32\shdocvw.dll
2009-08-31 12:02:33 ----A---- C:\Windows\system32\dbgeng.dll
2009-08-31 12:02:32 ----A---- C:\Windows\system32\wevtutil.exe
2009-08-31 12:02:32 ----A---- C:\Windows\system32\mssitlb.dll
2009-08-31 12:02:31 ----A---- C:\Windows\system32\WsmSvc.dll
2009-08-31 12:02:30 ----A---- C:\Windows\system32\swprv.dll
2009-08-31 12:02:30 ----A---- C:\Windows\system32\mmcndmgr.dll
2009-08-31 12:02:28 ----A---- C:\Windows\system32\vds.exe
2009-08-31 12:02:28 ----A---- C:\Windows\system32\usp10.dll
2009-08-31 12:02:27 ----A---- C:\Windows\system32\netlogon.dll
2009-08-31 12:02:27 ----A---- C:\Windows\system32\msctfp.dll
2009-08-31 12:02:27 ----A---- C:\Windows\system32\fdBthProxy.dll
2009-08-31 12:02:27 ----A---- C:\Windows\system32\drvinst.exe
2009-08-31 12:02:27 ----A---- C:\Windows\system32\devmgr.dll
2009-08-31 12:02:26 ----A---- C:\Windows\system32\msscb.dll
2009-08-31 12:02:26 ----A---- C:\Windows\system32\DevicePairingProxy.dll
2009-08-31 12:02:26 ----A---- C:\Windows\system32\BFE.DLL
2009-08-31 12:02:26 ----A---- C:\Windows\system32\adsldpc.dll
2009-08-31 12:02:25 ----A---- C:\Windows\system32\wcnwiz.dll
2009-08-31 12:02:25 ----A---- C:\Windows\system32\evr.dll
2009-08-31 12:02:24 ----A---- C:\Windows\system32\Wldap32.dll
2009-08-31 12:02:23 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2009-08-31 12:02:21 ----A---- C:\Windows\system32\WSDApi.dll
2009-08-31 12:02:21 ----A---- C:\Windows\system32\WMVSDECD.DLL
2009-08-31 12:02:20 ----A---- C:\Windows\system32\WindowsCodecs.dll
2009-08-31 12:02:18 ----A---- C:\Windows\system32\wercon.exe
2009-08-31 12:02:18 ----A---- C:\Windows\system32\services.exe
2009-08-31 12:02:17 ----A---- C:\Windows\system32\wcncsvc.dll
2009-08-31 12:02:17 ----A---- C:\Windows\system32\mimefilt.dll
2009-08-31 12:02:17 ----A---- C:\Windows\system32\comdlg32.dll
2009-08-31 12:02:17 ----A---- C:\Windows\system32\adtschema.dll
2009-08-31 12:02:16 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2009-08-31 12:02:16 ----A---- C:\Windows\system32\msdtcprx.dll
2009-08-31 12:02:16 ----A---- C:\Windows\system32\msdrm.dll
2009-08-31 12:02:16 ----A---- C:\Windows\system32\certcli.dll
2009-08-31 12:02:15 ----A---- C:\Windows\system32\taskeng.exe
2009-08-31 12:02:15 ----A---- C:\Windows\system32\rtffilt.dll
2009-08-31 12:02:15 ----A---- C:\Windows\system32\reg.exe
2009-08-31 12:02:15 ----A---- C:\Windows\system32\mswdat10.dll
2009-08-31 12:02:15 ----A---- C:\Windows\system32\msjter40.dll
2009-08-31 12:02:15 ----A---- C:\Windows\system32\ipsmsnap.dll
2009-08-31 12:02:14 ----A---- C:\Windows\system32\umpnpmgr.dll
2009-08-31 12:02:14 ----A---- C:\Windows\system32\dnsapi.dll
2009-08-31 12:02:14 ----A---- C:\Windows\system32\certutil.exe
2009-08-31 12:02:13 ----A---- C:\Windows\system32\WMNetMgr.dll
2009-08-31 12:02:13 ----A---- C:\Windows\system32\w32time.dll
2009-08-31 12:02:12 ----A---- C:\Windows\system32\IPSECSVC.DLL
2009-08-31 12:02:12 ----A---- C:\Windows\system32\bcrypt.dll
2009-08-31 12:02:11 ----A---- C:\Windows\system32\rsaenh.dll
2009-08-31 12:02:11 ----A---- C:\Windows\system32\msshooks.dll
2009-08-31 12:02:11 ----A---- C:\Windows\system32\msscntrs.dll
2009-08-31 12:02:11 ----A---- C:\Windows\system32\bthserv.dll
2009-08-31 12:02:10 ----A---- C:\Windows\system32\TsWpfWrp.exe
2009-08-31 12:02:10 ----A---- C:\Windows\system32\msstrc.dll
2009-08-31 12:02:10 ----A---- C:\Windows\system32\msihnd.dll
2009-08-31 12:02:10 ----A---- C:\Windows\system32\MMDevAPI.dll
2009-08-31 12:02:08 ----A---- C:\Windows\system32\netapi32.dll
2009-08-31 12:02:08 ----A---- C:\Windows\system32\mtxclu.dll
2009-08-31 12:02:08 ----A---- C:\Windows\system32\inetpp.dll
2009-08-31 12:02:08 ----A---- C:\Windows\system32\inetcomm.dll
2009-08-31 12:02:08 ----A---- C:\Windows\system32\dfshim.dll
2009-08-31 12:02:08 ----A---- C:\Windows\system32\cryptsvc.dll
2009-08-31 12:02:07 ----A---- C:\Windows\system32\mscories.dll
2009-08-31 12:02:07 ----A---- C:\Windows\system32\hidserv.dll
2009-08-31 12:02:07 ----A---- C:\Windows\system32\fundisc.dll
2009-08-31 12:02:07 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2009-08-31 12:02:06 ----A---- C:\Windows\system32\wmicmiplugin.dll
2009-08-31 12:02:06 ----A---- C:\Windows\system32\termsrv.dll
2009-08-31 12:02:06 ----A---- C:\Windows\system32\profsvc.dll
2009-08-31 12:02:05 ----A---- C:\Windows\system32\imapi.dll
2009-08-31 12:02:04 ----A---- C:\Windows\system32\wdc.dll
2009-08-31 12:02:04 ----A---- C:\Windows\system32\shsvcs.dll
2009-08-31 12:02:04 ----A---- C:\Windows\system32\msiexec.exe
2009-08-31 12:02:04 ----A---- C:\Windows\system32\chsbrkr.dll
2009-08-31 12:02:03 ----A---- C:\Windows\system32\iassdo.dll
2009-08-31 12:02:02 ----A---- C:\Windows\system32\spoolsv.exe
2009-08-31 12:02:02 ----A---- C:\Windows\system32\rasmans.dll
2009-08-31 12:02:02 ----A---- C:\Windows\system32\pnidui.dll
2009-08-31 12:02:02 ----A---- C:\Windows\system32\icardres.dll
2009-08-31 12:02:02 ----A---- C:\Windows\system32\autofmt.exe
2009-08-31 12:02:01 ----A---- C:\Windows\system32\wersvc.dll
2009-08-31 12:02:01 ----A---- C:\Windows\system32\slmgr.vbs
2009-08-31 12:02:01 ----A---- C:\Windows\system32\scrrun.dll
2009-08-31 12:02:01 ----A---- C:\Windows\system32\PSHED.DLL
2009-08-31 12:02:01 ----A---- C:\Windows\system32\pdh.dll
2009-08-31 12:02:01 ----A---- C:\Windows\system32\dhcpcsvc.dll
2009-08-31 12:02:01 ----A---- C:\Windows\system32\azroles.dll
2009-08-31 12:02:00 ----A---- C:\Windows\system32\pidgenx.dll
2009-08-31 12:02:00 ----A---- C:\Windows\system32\CertEnrollUI.dll
2009-08-31 12:01:58 ----A---- C:\Windows\system32\wmpmde.dll
2009-08-31 12:01:54 ----A---- C:\Windows\system32\winlogon.exe
2009-08-31 12:01:54 ----A---- C:\Windows\system32\SyncCenter.dll
2009-08-31 12:01:53 ----A---- C:\Windows\system32\SLUINotify.dll
2009-08-31 12:01:53 ----A---- C:\Windows\system32\msjetoledb40.dll
2009-08-31 12:01:53 ----A---- C:\Windows\system32\comuid.dll
2009-08-31 12:01:52 ----A---- C:\Windows\system32\sethc.exe
2009-08-31 12:01:52 ----A---- C:\Windows\system32\ncrypt.dll
2009-08-31 12:01:52 ----A---- C:\Windows\system32\kd1394.dll
2009-08-31 12:01:52 ----A---- C:\Windows\system32\certmgr.dll
2009-08-31 12:01:51 ----A---- C:\Windows\system32\wisptis.exe
2009-08-31 12:01:51 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2009-08-31 12:01:51 ----A---- C:\Windows\system32\untfs.dll
2009-08-31 12:01:51 ----A---- C:\Windows\system32\spp.dll
2009-08-31 12:01:51 ----A---- C:\Windows\system32\scrobj.dll
2009-08-31 12:01:51 ----A---- C:\Windows\system32\rtutils.dll
2009-08-31 12:01:51 ----A---- C:\Windows\system32\iassam.dll
2009-08-31 12:01:50 ----A---- C:\Windows\system32\taskcomp.dll
2009-08-31 12:01:50 ----A---- C:\Windows\system32\dwm.exe
2009-08-31 12:01:49 ----A---- C:\Windows\system32\printui.dll
2009-08-31 12:01:49 ----A---- C:\Windows\system32\iasnap.dll
2009-08-31 12:01:49 ----A---- C:\Windows\system32\autoconv.exe
2009-08-31 12:01:49 ----A---- C:\Windows\system32\autochk.exe
2009-08-31 12:01:48 ----A---- C:\Windows\system32\winsrv.dll
2009-08-31 12:01:47 ----A---- C:\Windows\system32\onex.dll
2009-08-31 12:01:47 ----A---- C:\Windows\system32\kdcom.dll
2009-08-31 12:01:47 ----A---- C:\Windows\system32\cscript.exe
2009-08-31 12:01:47 ----A---- C:\Windows\system32\basecsp.dll
2009-08-31 12:01:46 ----A---- C:\Windows\system32\wow32.dll
2009-08-31 12:01:46 ----A---- C:\Windows\system32\userenv.dll
2009-08-31 12:01:46 ----A---- C:\Windows\system32\osk.exe
2009-08-31 12:01:46 ----A---- C:\Windows\system32\mswsock.dll
2009-08-31 12:01:46 ----A---- C:\Windows\system32\audiodg.exe
2009-08-31 12:01:44 ----A---- C:\Windows\system32\WinSCard.dll
2009-08-31 12:01:44 ----A---- C:\Windows\system32\winmm.dll
2009-08-31 12:01:44 ----A---- C:\Windows\system32\WerFaultSecure.exe
2009-08-31 12:01:44 ----A---- C:\Windows\system32\spcmsg.dll
2009-08-31 12:01:44 ----A---- C:\Windows\system32\RelMon.dll
2009-08-31 12:01:44 ----A---- C:\Windows\system32\rdpencom.dll
2009-08-31 12:01:44 ----A---- C:\Windows\system32\msftedit.dll
2009-08-31 12:01:44 ----A---- C:\Windows\system32\kdusb.dll
2009-08-31 12:01:43 ----A---- C:\Windows\system32\offfilt.dll
2009-08-31 12:01:43 ----A---- C:\Windows\system32\dnsrslvr.dll
2009-08-31 12:01:42 ----A---- C:\Windows\system32\Utilman.exe
2009-08-31 12:01:41 ----A---- C:\Windows\system32\WerFault.exe
2009-08-31 12:01:40 ----A---- C:\Windows\system32\wsepno.dll
2009-08-31 12:01:40 ----A---- C:\Windows\system32\stobject.dll
2009-08-31 12:01:40 ----A---- C:\Windows\system32\SndVol.exe
2009-08-31 12:01:40 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2009-08-31 12:01:40 ----A---- C:\Windows\system32\secproc_ssp.dll
2009-08-31 12:01:40 ----A---- C:\Windows\system32\mfplat.dll
2009-08-31 12:01:40 ----A---- C:\Windows\system32\diskraid.exe
2009-08-31 12:01:40 ----A---- C:\Windows\system32\apphelp.dll
2009-08-31 12:01:39 ----A---- C:\Windows\system32\wiaservc.dll
2009-08-31 12:01:39 ----A---- C:\Windows\system32\sysclass.dll
2009-08-31 12:01:39 ----A---- C:\Windows\system32\prnntfy.dll
2009-08-31 12:01:39 ----A---- C:\Windows\system32\msnetobj.dll
2009-08-31 12:01:39 ----A---- C:\Windows\system32\mscms.dll
2009-08-31 12:01:39 ----A---- C:\Windows\system32\mcmde.dll
2009-08-31 12:01:39 ----A---- C:\Windows\system32\adsmsext.dll
2009-08-31 12:01:38 ----A---- C:\Windows\system32\wscript.exe
2009-08-31 12:01:38 ----A---- C:\Windows\system32\ulib.dll
2009-08-31 12:01:38 ----A---- C:\Windows\system32\odbccp32.dll
2009-08-31 12:01:38 ----A---- C:\Windows\system32\iasdatastore.dll
2009-08-31 12:01:37 ----A---- C:\Windows\system32\wscntfy.dll
2009-08-31 12:01:37 ----A---- C:\Windows\system32\rastapi.dll
2009-08-31 12:01:37 ----A---- C:\Windows\system32\pnpsetup.dll
2009-08-31 12:01:37 ----A---- C:\Windows\system32\ipsecsnp.dll
2009-08-31 12:01:37 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2009-08-31 12:01:37 ----A---- C:\Windows\system32\fdProxy.dll
2009-08-31 12:01:37 ----A---- C:\Windows\system32\dsound.dll
2009-08-31 12:01:37 ----A---- C:\Windows\system32\cryptui.dll
2009-08-31 12:01:36 ----A---- C:\Windows\system32\wscsvc.dll
2009-08-31 12:01:36 ----A---- C:\Windows\system32\wlangpui.dll
2009-08-31 12:01:36 ----A---- C:\Windows\system32\vdsdyn.dll
2009-08-31 12:01:36 ----A---- C:\Windows\system32\rastls.dll
2009-08-31 12:01:36 ----A---- C:\Windows\system32\iashlpr.dll
2009-08-31 12:01:36 ----A---- C:\Windows\system32\gpapi.dll
2009-08-31 12:01:36 ----A---- C:\Windows\system32\diskpart.exe
2009-08-31 12:01:36 ----A---- C:\Windows\system32\brcpl.dll
2009-08-31 12:01:35 ----A---- C:\Windows\system32\WMVENCOD.DLL
2009-08-31 12:01:35 ----A---- C:\Windows\system32\logman.exe
2009-08-31 12:01:34 ----A---- C:\Windows\system32\regsvc.dll
2009-08-31 12:01:34 ----A---- C:\Windows\system32\rasapi32.dll
2009-08-31 12:01:34 ----A---- C:\Windows\system32\ntprint.dll
2009-08-31 12:01:32 ----A---- C:\Windows\system32\wusa.exe
2009-08-31 12:01:32 ----A---- C:\Windows\system32\mscorier.dll
2009-08-31 12:01:31 ----A---- C:\Windows\system32\zipfldr.dll
2009-08-31 12:01:31 ----A---- C:\Windows\system32\wshext.dll
2009-08-31 12:01:31 ----A---- C:\Windows\system32\wpccpl.dll
2009-08-31 12:01:31 ----A---- C:\Windows\system32\iasrad.dll
2009-08-31 12:01:31 ----A---- C:\Windows\system32\findstr.exe
2009-08-31 12:01:30 ----A---- C:\Windows\system32\wsnmp32.dll
2009-08-31 12:01:30 ----A---- C:\Windows\system32\wer.dll
2009-08-31 12:01:30 ----A---- C:\Windows\system32\rasdlg.dll
2009-08-31 12:01:30 ----A---- C:\Windows\system32\netcenter.dll
2009-08-31 12:01:30 ----A---- C:\Windows\system32\iassvcs.dll
2009-08-31 12:01:29 ----A---- C:\Windows\system32\themecpl.dll
2009-08-31 12:01:27 ----A---- C:\Windows\system32\uxsms.dll
2009-08-31 12:01:27 ----A---- C:\Windows\system32\tsbyuv.dll
2009-08-31 12:01:27 ----A---- C:\Windows\system32\srvsvc.dll
2009-08-31 12:01:27 ----A---- C:\Windows\system32\scansetting.dll
2009-08-31 12:01:27 ----A---- C:\Windows\system32\ntmarta.dll
2009-08-31 12:01:27 ----A---- C:\Windows\system32\mssprxy.dll
2009-08-31 12:01:27 ----A---- C:\Windows\system32\iasads.dll
2009-08-31 12:01:26 ----A---- C:\Windows\system32\slcc.dll
2009-08-31 12:01:26 ----A---- C:\Windows\system32\powrprof.dll
2009-08-31 12:01:26 ----A---- C:\Windows\system32\msutb.dll
2009-08-31 12:01:26 ----A---- C:\Windows\system32\mstsc.exe
2009-08-31 12:01:26 ----A---- C:\Windows\system32\mstlsapi.dll
2009-08-31 12:01:25 ----A---- C:\Windows\system32\powercpl.dll
2009-08-31 12:01:25 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2009-08-31 12:01:25 ----A---- C:\Windows\system32\networkmap.dll
2009-08-31 12:01:25 ----A---- C:\Windows\system32\iasacct.dll
2009-08-31 12:01:24 ----A---- C:\Windows\system32\systemcpl.dll
2009-08-31 12:01:24 ----A---- C:\Windows\system32\sud.dll
2009-08-31 12:01:24 ----A---- C:\Windows\system32\newdev.exe
2009-08-31 12:01:24 ----A---- C:\Windows\system32\dot3svc.dll
2009-08-31 12:01:24 ----A---- C:\Windows\system32\connect.dll
2009-08-31 12:01:24 ----A---- C:\Windows\system32\authz.dll
2009-08-31 12:01:23 ----A---- C:\Windows\system32\themeui.dll
2009-08-31 12:01:23 ----A---- C:\Windows\system32\samlib.dll
2009-08-31 12:01:23 ----A---- C:\Windows\system32\pcaui.dll
2009-08-31 12:01:23 ----A---- C:\Windows\system32\mmci.dll
2009-08-31 12:01:23 ----A---- C:\Windows\system32\accessibilitycpl.dll
2009-08-31 12:01:21 ----A---- C:\Windows\system32\usercpl.dll
2009-08-31 12:01:21 ----A---- C:\Windows\system32\qdvd.dll
2009-08-31 12:01:21 ----A---- C:\Windows\system32\autoplay.dll
2009-08-31 12:01:20 ----A---- C:\Windows\system32\wpcao.dll
2009-08-31 12:01:20 ----A---- C:\Windows\system32\wlanpref.dll
2009-08-31 12:01:20 ----A---- C:\Windows\system32\vdsutil.dll
2009-08-31 12:01:20 ----A---- C:\Windows\system32\rpchttp.dll
2009-08-31 12:01:20 ----A---- C:\Windows\system32\regapi.dll
2009-08-31 12:01:20 ----A---- C:\Windows\system32\msinfo32.exe
2009-08-31 12:01:19 ----A---- C:\Windows\system32\tapisrv.dll
2009-08-31 12:01:19 ----A---- C:\Windows\system32\scksp.dll
2009-08-31 12:01:19 ----A---- C:\Windows\system32\scesrv.dll
2009-08-31 12:01:19 ----A---- C:\Windows\system32\psisdecd.dll
2009-08-31 12:01:19 ----A---- C:\Windows\system32\oleprn.dll
2009-08-31 12:01:19 ----A---- C:\Windows\system32\mpr.dll
2009-08-31 12:01:19 ----A---- C:\Windows\system32\feclient.dll
2009-08-31 12:01:19 ----A---- C:\Windows\system32\AudioSes.dll
2009-08-31 12:01:18 ----A---- C:\Windows\system32\wscisvif.dll
2009-08-31 12:01:18 ----A---- C:\Windows\system32\rekeywiz.exe
2009-08-31 12:01:18 ----A---- C:\Windows\system32\imm32.dll
2009-08-31 12:01:18 ----A---- C:\Windows\system32\iaspolcy.dll
2009-08-31 12:01:18 ----A---- C:\Windows\system32\Faultrep.dll
2009-08-31 12:01:18 ----A---- C:\Windows\system32\dot3msm.dll
2009-08-31 12:01:18 ----A---- C:\Windows\system32\DeviceEject.exe
2009-08-31 12:01:17 ----A---- C:\Windows\system32\sdclt.exe
2009-08-31 12:01:17 ----A---- C:\Windows\system32\rasgcw.dll
2009-08-31 12:01:17 ----A---- C:\Windows\system32\qedit.dll
2009-08-31 12:01:17 ----A---- C:\Windows\system32\pnpui.dll
2009-08-31 12:01:17 ----A---- C:\Windows\system32\perfdisk.dll
2009-08-31 12:01:17 ----A---- C:\Windows\system32\ncryptui.dll
2009-08-31 12:01:17 ----A---- C:\Windows\system32\hdwwiz.exe
2009-08-31 12:01:17 ----A---- C:\Windows\system32\dpapimig.exe
2009-08-31 12:01:17 ----A---- C:\Windows\system32\certreq.exe
2009-08-31 12:01:16 ----A---- C:\Windows\system32\TSTheme.exe
2009-08-31 12:01:16 ----A---- C:\Windows\system32\spwinsat.dll
2009-08-31 12:01:16 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2009-08-31 12:01:16 ----A---- C:\Windows\system32\scecli.dll
2009-08-31 12:01:16 ----A---- C:\Windows\system32\rasplap.dll
2009-08-31 12:01:16 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2009-08-31 12:01:15 ----A---- C:\Windows\system32\tcpmon.dll
2009-08-31 12:01:15 ----A---- C:\Windows\system32\tcpipcfg.dll
2009-08-31 12:01:15 ----A---- C:\Windows\system32\PnPUnattend.exe
2009-08-31 12:01:15 ----A---- C:\Windows\system32\fdWSD.dll
2009-08-31 12:01:15 ----A---- C:\Windows\system32\cmmon32.exe
2009-08-31 12:01:14 ----A---- C:\Windows\system32\whealogr.dll
2009-08-31 12:01:14 ----A---- C:\Windows\system32\srcore.dll
2009-08-31 12:01:14 ----A---- C:\Windows\system32\conime.exe
2009-08-31 12:01:14 ----A---- C:\Windows\system32\cmdial32.dll
2009-08-31 12:01:13 ----A---- C:\Windows\system32\SnippingTool.exe
2009-08-31 12:01:13 ----A---- C:\Windows\system32\SCardSvr.dll
2009-08-31 12:01:13 ----A---- C:\Windows\system32\raschap.dll
2009-08-31 12:01:10 ----A---- C:\Windows\system32\WMVXENCD.DLL
2009-08-31 12:01:10 ----A---- C:\Windows\system32\wlanui.dll
2009-08-31 12:01:10 ----A---- C:\Windows\system32\wiaaut.dll
2009-08-31 12:01:10 ----A---- C:\Windows\system32\MSVidCtl.dll
2009-08-31 12:01:10 ----A---- C:\Windows\system32\fontext.dll
2009-08-31 12:01:09 ----A---- C:\Windows\system32\shwebsvc.dll
2009-08-31 12:01:09 ----A---- C:\Windows\system32\rasppp.dll
2009-08-31 12:01:09 ----A---- C:\Windows\system32\PnPutil.exe
2009-08-31 12:01:09 ----A---- C:\Windows\system32\dsprop.dll
2009-08-31 12:01:08 ----A---- C:\Windows\system32\shsetup.dll
2009-08-31 12:01:08 ----A---- C:\Windows\system32\oobefldr.dll
2009-08-31 12:01:08 ----A---- C:\Windows\system32\dimsroam.dll
2009-08-31 12:01:07 ----A---- C:\Windows\system32\rasmontr.dll
2009-08-31 12:01:07 ----A---- C:\Windows\system32\mscandui.dll
2009-08-31 12:01:07 ----A---- C:\Windows\system32\modemui.dll
2009-08-31 12:01:06 ----A---- C:\Windows\system32\wmdrmsdk.dll
2009-08-31 12:01:06 ----A---- C:\Windows\system32\chtbrkr.dll
2009-08-31 12:01:05 ----A---- C:\Windows\system32\wlgpclnt.dll
2009-08-31 12:01:05 ----A---- C:\Windows\system32\rdpwsx.dll
2009-08-31 12:01:05 ----A---- C:\Windows\system32\dataclen.dll
2009-08-31 12:01:05 ----A---- C:\Windows\system32\blackbox.dll
2009-08-31 12:01:04 ----A---- C:\Windows\system32\WSDMon.dll
2009-08-31 12:01:04 ----A---- C:\Windows\system32\wmpeffects.dll
2009-08-31 12:01:04 ----A---- C:\Windows\system32\smss.exe
2009-08-31 12:01:04 ----A---- C:\Windows\system32\netplwiz.dll
2009-08-31 12:01:04 ----A---- C:\Windows\system32\credui.dll
2009-08-31 12:01:03 ----A---- C:\Windows\system32\certprop.dll
2009-08-31 12:01:02 ----A---- C:\Windows\system32\wpcsvc.dll
2009-08-31 12:01:02 ----A---- C:\Windows\system32\networkexplorer.dll
2009-08-31 12:01:02 ----A---- C:\Windows\system32\msscp.dll
2009-08-31 12:01:02 ----A---- C:\Windows\system32\logagent.exe
2009-08-31 12:01:02 ----A---- C:\Windows\system32\InkEd.dll
2009-08-31 12:01:02 ----A---- C:\Windows\system32\ifmon.dll
2009-08-31 12:01:02 ----A---- C:\Windows\system32\cipher.exe
2009-08-31 12:01:01 ----A---- C:\Windows\system32\wscapi.dll
2009-08-31 12:01:01 ----A---- C:\Windows\system32\thawbrkr.dll
2009-08-31 12:01:01 ----A---- C:\Windows\system32\msimtf.dll
2009-08-31 12:01:01 ----A---- C:\Windows\system32\gpresult.exe
2009-08-31 12:01:00 ----A---- C:\Windows\system32\softkbd.dll
2009-08-31 12:01:00 ----A---- C:\Windows\system32\sendmail.dll
2009-08-31 12:00:59 ----A---- C:\Windows\system32\msctfui.dll
2009-08-31 12:00:59 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2009-08-31 12:00:58 ----A---- C:\Windows\system32\puiapi.dll
2009-08-31 12:00:58 ----A---- C:\Windows\system32\olepro32.dll
2009-08-31 12:00:58 ----A---- C:\Windows\system32\drmmgrtn.dll
2009-08-31 12:00:58 ----A---- C:\Windows\system32\dmsynth.dll
2009-08-31 12:00:58 ----A---- C:\Windows\system32\cdd.dll
2009-08-31 12:00:57 ----A---- C:\Windows\system32\wshbth.dll
2009-08-31 12:00:57 ----A---- C:\Windows\system32\version.dll
2009-08-31 12:00:57 ----A---- C:\Windows\system32\SLLUA.exe
2009-08-31 12:00:57 ----A---- C:\Windows\system32\msisip.dll
2009-08-31 12:00:57 ----A---- C:\Windows\system32\mprapi.dll
2009-08-31 12:00:57 ----A---- C:\Windows\system32\input.dll
2009-08-31 12:00:57 ----A---- C:\Windows\system32\ExplorerFrame.dll
2009-08-31 12:00:56 ----A---- C:\Windows\system32\fc.exe
2009-08-31 12:00:55 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-08-31 12:00:55 ----A---- C:\Windows\system32\msjint40.dll
2009-08-31 12:00:55 ----A---- C:\Windows\system32\MsCtfMonitor.dll
2009-08-31 12:00:55 ----A---- C:\Windows\system32\l2nacp.dll
2009-08-31 12:00:55 ----A---- C:\Windows\system32\ftp.exe
2009-08-31 12:00:55 ----A---- C:\Windows\system32\fdSSDP.dll
2009-08-31 12:00:55 ----A---- C:\Windows\system32\eapp3hst.dll
2009-08-31 12:00:55 ----A---- C:\Windows\system32\dmusic.dll
2009-08-31 12:00:55 ----A---- C:\Windows\system32\cscapi.dll
2009-08-31 12:00:54 ----A---- C:\Windows\system32\wsdchngr.dll
2009-08-31 12:00:54 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2009-08-31 12:00:54 ----A---- C:\Windows\system32\cscdll.dll
2009-08-31 12:00:53 ----A---- C:\Windows\system32\SMBHelperClass.dll
2009-08-31 12:00:51 ----A---- C:\Windows\system32\Storprop.dll
2009-08-31 12:00:51 ----A---- C:\Windows\system32\rasdial.exe
2009-08-31 12:00:51 ----A---- C:\Windows\system32\rasdiag.dll
2009-08-31 12:00:51 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2009-08-31 12:00:51 ----A---- C:\Windows\system32\fdWCN.dll
2009-08-31 12:00:51 ----A---- C:\Windows\system32\dot3cfg.dll
2009-08-31 12:00:51 ----A---- C:\Windows\system32\bthudtask.exe
2009-08-31 12:00:51 ----A---- C:\Windows\system32\bthci.dll
2009-08-31 12:00:50 ----A---- C:\Windows\system32\tscupgrd.exe
2009-08-31 12:00:50 ----A---- C:\Windows\system32\ipconfig.exe
2009-08-31 12:00:50 ----A---- C:\Windows\system32\eappcfg.dll
2009-08-31 12:00:50 ----A---- C:\Windows\system32\CHxReadingStringIME.dll
2009-08-31 12:00:49 ----A---- C:\Windows\system32\slcinst.dll
2009-08-31 12:00:49 ----A---- C:\Windows\system32\nslookup.exe
2009-08-31 12:00:49 ----A---- C:\Windows\system32\networkitemfactory.dll
2009-08-31 12:00:49 ----A---- C:\Windows\system32\eappgnui.dll
2009-08-31 12:00:48 ----A---- C:\Windows\system32\ocsetup.exe
2009-08-31 12:00:48 ----A---- C:\Windows\system32\mmcico.dll
2009-08-31 12:00:48 ----A---- C:\Windows\system32\hbaapi.dll
2009-08-31 12:00:48 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2009-08-31 12:00:48 ----A---- C:\Windows\system32\fdeploy.dll
2009-08-31 12:00:47 ----A---- C:\Windows\system32\PNPXAssoc.dll
2009-08-31 12:00:47 ----A---- C:\Windows\system32\gpupdate.exe
2009-08-31 12:00:46 ----A---- C:\Windows\system32\csrstub.exe
2009-08-31 12:00:46 ----A---- C:\Windows\system32\cbsra.exe
2009-08-31 12:00:45 ----A---- C:\Windows\system32\winrnr.dll
2009-08-31 12:00:45 ----A---- C:\Windows\system32\vdmdbg.dll
2009-08-31 12:00:45 ----A---- C:\Windows\system32\slwga.dll
2009-08-31 12:00:45 ----A---- C:\Windows\system32\odbcconf.dll
2009-08-31 12:00:45 ----A---- C:\Windows\system32\NcdProp.dll
2009-08-31 12:00:45 ----A---- C:\Windows\system32\iscsilog.dll
2009-08-31 12:00:45 ----A---- C:\Windows\system32\inetppui.dll
2009-08-31 12:00:45 ----A---- C:\Windows\system32\bitsigd.dll
2009-08-31 12:00:44 ----A---- C:\Windows\system32\midimap.dll
2009-08-31 12:00:37 ----A---- C:\Windows\system32\msimsg.dll
2009-08-31 12:00:37 ----A---- C:\Windows\system32\f3ahvoas.dll
2009-08-31 11:59:05 ----A---- C:\Windows\system32\SmiEngine.dll
2009-08-31 11:58:41 ----A---- C:\Windows\system32\wdscore.dll
2009-08-31 11:58:41 ----A---- C:\Windows\system32\PkgMgr.exe
2009-08-31 11:57:29 ----A---- C:\Windows\system32\drvstore.dll
2009-08-31 10:02:55 ----D---- C:\ProgramData\Spybot - Search & Destroy
2009-08-31 10:02:55 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-08-31 09:38:39 ----D---- C:\Users\Torski\AppData\Roaming\IObit
2009-08-31 09:38:39 ----D---- C:\Program Files\IObit
======List of files/folders modified in the last 1 months======
2009-09-28 11:02:35 ----D---- C:\Windows\Prefetch
2009-09-28 11:02:07 ----D---- C:\Windows\Temp
2009-09-28 10:57:21 ----SHD---- C:\System Volume Information
2009-09-28 10:53:46 ----D---- C:\Users\Torski\AppData\Roaming\uTorrent
2009-09-28 10:48:04 ----D---- C:\Windows\System32
2009-09-28 10:48:04 ----D---- C:\Windows\inf
2009-09-28 10:48:04 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-09-28 07:32:42 ----D---- C:\Windows\system32\drivers
2009-09-28 07:32:41 ----HD---- C:\ProgramData
2009-09-28 07:32:40 ----D---- C:\Program Files
2009-09-28 07:18:20 ----D---- C:\Users\Torski\AppData\Roaming\Skype
2009-09-28 04:42:26 ----HD---- C:\$AVG8.VAULT$
2009-09-28 00:06:49 ----D---- C:\Users\Torski\AppData\Roaming\skypePM
2009-09-23 08:36:21 ----SD---- C:\Users\Torski\AppData\Roaming\Microsoft
2009-09-22 12:29:09 ----D---- C:\Windows
2009-09-21 19:26:17 ----SD---- C:\ProgramData\Microsoft
2009-09-21 18:39:45 ----SHD---- C:\Windows\Installer
2009-09-18 07:33:18 ----D---- C:\Windows\system32\catroot
2009-09-18 07:33:17 ----DC---- C:\Windows\system32\DRVSTORE
2009-09-18 07:24:05 ----D---- C:\Program Files\Common Files
2009-09-14 08:46:17 ----D---- C:\Windows\Microsoft.NET
2009-09-14 08:45:05 ----RSD---- C:\Windows\assembly
2009-09-14 08:42:37 ----D---- C:\Windows\winsxs
2009-09-14 08:25:41 ----D---- C:\Program Files\Common Files\microsoft shared
2009-09-14 08:23:49 ----D---- C:\Windows\system32\catroot2
2009-09-12 12:04:25 ----D---- C:\Windows\system32\spool
2009-09-12 11:57:18 ----D---- C:\ProgramData\Norton
2009-09-12 11:53:40 ----D---- C:\Windows\system32\winevt
2009-09-12 11:53:40 ----D---- C:\Windows\system32\WDI
2009-09-12 11:53:40 ----D---- C:\Windows\system32\WCN
2009-09-12 11:53:40 ----D---- C:\Windows\system32\sysprep
2009-09-12 11:53:39 ----D---- C:\Windows\system32\SMI
2009-09-12 11:53:39 ----D---- C:\Windows\system32\setup
2009-09-12 11:53:39 ----D---- C:\Windows\system32\oobe
2009-09-12 11:53:38 ----D---- C:\Windows\system32\MUI
2009-09-12 11:53:38 ----D---- C:\Windows\system32\Macromed
2009-09-12 11:53:25 ----D---- C:\Windows\system32\config
2009-09-12 11:53:25 ----D---- C:\Windows\system32\com
2009-09-12 11:53:24 ----D---- C:\Users\Torski\AppData\Roaming\Corel
2009-09-12 11:53:24 ----D---- C:\ProgramData\Corel
2009-09-12 11:53:14 ----D---- C:\Program Files\Corel
2009-09-11 16:51:36 ----D---- C:\Windows\rescache
2009-09-11 16:31:30 ----SHD---- C:\boot
2009-09-11 16:15:53 ----D---- C:\Program Files\Windows Calendar
2009-09-11 16:15:52 ----D---- C:\Program Files\Windows Mail
2009-09-11 16:15:52 ----D---- C:\Program Files\Movie Maker
2009-09-11 16:15:47 ----D---- C:\Program Files\Windows Sidebar
2009-09-11 16:15:46 ----D---- C:\Program Files\Windows Media Player
2009-09-11 16:15:46 ----D---- C:\Program Files\Internet Explorer
2009-09-11 16:15:45 ----D---- C:\Program Files\Windows Journal
2009-09-11 16:15:45 ----D---- C:\Program Files\Windows Collaboration
2009-09-11 16:15:39 ----D---- C:\Program Files\Windows Photo Gallery
2009-09-11 16:15:39 ----D---- C:\Program Files\Common Files\System
2009-09-11 16:15:19 ----D---- C:\Program Files\Windows Defender
2009-09-11 16:15:18 ----D---- C:\Windows\servicing
2009-09-11 16:15:18 ----D---- C:\Windows\ehome
2009-09-11 16:14:09 ----D---- C:\Windows\IME
2009-09-11 16:14:08 ----D---- C:\Windows\system32\XPSViewer
2009-09-11 16:14:08 ----D---- C:\Windows\system32\lv-LV
2009-09-11 16:14:08 ----D---- C:\Windows\system32\da-DK
2009-09-11 16:14:07 ----D---- C:\Windows\system32\sk-SK
2009-09-11 16:14:07 ----D---- C:\Windows\system32\ko-KR
2009-09-11 16:14:07 ----D---- C:\Windows\system32\hr-HR
2009-09-11 16:14:07 ----D---- C:\Windows\system32\et-EE
2009-09-11 16:14:07 ----D---- C:\Windows\system32\en-US
2009-09-11 16:14:07 ----D---- C:\Windows\system32\de-DE
2009-09-11 16:14:06 ----D---- C:\Windows\system32\it-IT
2009-09-11 16:14:06 ----D---- C:\Windows\system32\el-GR
2009-09-11 16:14:05 ----D---- C:\Windows\system32\migration
2009-09-11 16:13:55 ----D---- C:\Windows\system32\AdvancedInstallers
2009-09-11 16:13:54 ----D---- C:\Windows\system32\sv-SE
2009-09-11 16:13:54 ----D---- C:\Windows\system32\ru-RU
2009-09-11 16:13:54 ----D---- C:\Windows\system32\fr-FR
2009-09-11 16:13:53 ----D---- C:\Windows\system32\he-IL
2009-09-11 16:13:52 ----D---- C:\Windows\system32\fi-FI
2009-09-11 16:13:52 ----D---- C:\Windows\system32\fi
2009-09-11 16:13:51 ----D---- C:\Windows\system32\SLUI
2009-09-11 16:13:51 ----D---- C:\Windows\system32\pt-PT
2009-09-11 16:13:51 ----D---- C:\Windows\system32\hu-HU
2009-09-11 16:13:51 ----D---- C:\Windows\system32\cs-CZ
2009-09-11 16:13:50 ----D---- C:\Windows\system32\zh-TW
2009-09-11 16:13:50 ----D---- C:\Windows\system32\zh-CN
2009-09-11 16:13:50 ----D---- C:\Windows\system32\uk-UA
2009-09-11 16:13:50 ----D---- C:\Windows\system32\sr-Latn-CS
2009-09-11 16:13:50 ----D---- C:\Windows\system32\sl-SI
2009-09-11 16:13:50 ----D---- C:\Windows\system32\pl-PL
2009-09-11 16:13:50 ----D---- C:\Windows\system32\manifeststore
2009-09-11 16:13:50 ----D---- C:\Windows\system32\ja-JP
2009-09-11 16:13:50 ----D---- C:\Windows\system32\es-ES
2009-09-11 16:13:50 ----D---- C:\Windows\system32\bg-BG
2009-09-11 16:13:49 ----D---- C:\Windows\system32\ro-RO
2009-09-11 16:13:47 ----D---- C:\Windows\system32\th-TH
2009-09-11 16:13:47 ----D---- C:\Windows\system32\sv
2009-09-11 16:13:44 ----D---- C:\Windows\system32\wbem
2009-09-11 16:13:44 ----D---- C:\Windows\system32\tr-TR
2009-09-11 16:13:39 ----D---- C:\Windows\system32\nb-NO
2009-09-11 16:13:38 ----D---- C:\Windows\system32\nl-NL
2009-09-11 16:13:38 ----D---- C:\Windows\system32\lt-LT
2009-09-11 16:13:37 ----D---- C:\Windows\system32\ar-SA
2009-09-11 16:13:34 ----D---- C:\Windows\system32\migwiz
2009-09-11 16:13:32 ----D---- C:\Windows\system32\pt-BR
2009-09-11 16:13:32 ----D---- C:\Windows\system32\da
2009-09-11 16:10:46 ----RSD---- C:\Windows\Fonts
2009-09-11 16:10:46 ----D---- C:\Windows\AppPatch
2009-09-11 16:10:31 ----D---- C:\Windows\system32\Boot
2009-09-10 13:36:32 ----D---- C:\Program Files\Java
2009-09-08 13:58:39 ----D---- C:\Users\Torski\AppData\Roaming\BSplayer
2009-08-31 11:05:12 ----D---- C:\Windows\system32\zh-HK
2009-08-31 09:38:57 ----D---- C:\Windows\Tasks
2009-08-31 09:38:57 ----D---- C:\Windows\system32\Tasks
2009-08-31 09:38:55 ----D---- C:\Program Files\Mozilla Firefox
2009-08-29 00:38:20 ----A---- C:\Windows\system32\mrt.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\Windows\System32\Drivers\avgldx86.sys [2009-07-30 335240]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\Windows\System32\Drivers\avgmfx86.sys [2009-07-30 27784]
R1 AvgTdiX;AVG Free8 Network Redirector; C:\Windows\System32\Drivers\avgtdix.sys [2009-07-30 108552]
R2 {55662437-DA8C-40c0-AADA-2C816A897A49};{55662437-DA8C-40c0-AADA-2C816A897A49}; \??\C:\Program Files\Hewlett-Packard\Media\DVD\000.fcl [2008-09-26 59376]
R3 Accelerometer;HP Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys [2008-03-27 34664]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2008-04-27 909824]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-09-29 3930112]
R3 AVerAF15;HP DVB-T TV Tuner; C:\Windows\System32\Drivers\AVerAF15.sys [2008-06-10 280320]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2008-01-24 52736]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio -palvelu; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-19 16768]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-02-14 118784]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt.sys [2009-07-21 409088]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-03-28 199472]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2008-05-28 22072]
R3 usbvideo;USB-videolaite (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
S3 BthEnum;Bluetooth-luettelointipalvelu; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
S3 BthPan;Bluetooth-laite (henkilökohtainen lähiverkko); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BTHPORT;Bluetooth-porttiohjain; C:\Windows\System32\Drivers\BTHport.sys [2009-04-11 507904]
S3 BTHUSB;Bluetooth-radion USB-ohjain; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-11 29696]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2009-08-05 54632]
S3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2008-07-21 100184]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NETw3v32;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2008-01-21 2225664]
S3 RFCOMM;Bluetooth-laite (RFCOMM-protokollan TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-21 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-02 194048]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\aestsrv.exe [2009-03-02 81920]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-09-29 704512]
R2 avg8emc;AVG Free8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2009-07-30 908056]
R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-07-30 297752]
R2 Bonjour Service;Bonjour-palvelu; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-06-16 94208]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2008-03-19 19456]
R2 Recovery Service for Windows;Recovery Service for Windows; C:\Program Files\SMINST\BLService.exe [2008-10-06 365952]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2008-06-30 241734]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\STacSV.exe [2009-07-21 221266]
R2 TVCapSvc;TV Background Capture Service (TVBCS); C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe [2009-04-22 296320]
R2 TVSched;TV Task Scheduler (TVTS); C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe [2009-04-22 116104]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe [2008-04-16 165192]
R3 iPod Service;iPod-palvelu; C:\Program Files\iPod\bin\iPodService.exe [2009-09-08 545568]
S3 fsssvc;Windows Live -perheturvapalvelu; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 EFUploadSrv;ExtraFilm upload service; C:\Program Files\ExtraFilm Designer FI\EFUploadSrv.exe [2008-11-27 1712128]
S4 GameConsoleService;GameConsoleService; C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe [2009-07-17 250616]
S4 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-14 182768]
-----------------EOF-----------------
Ja viimeinen info.txt:n
info.txt logfile of random's system information tool 1.06 2009-09-28 11:02:39
======Uninstall list======
-->"C:\Program Files\HP Games\Agatha Christie - Death on the Nile\Uninstall.exe"
-->"C:\Program Files\HP Games\Bejeweled 2 Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\Blasterball 3\Uninstall.exe"
-->"C:\Program Files\HP Games\Build-a-lot 2\Uninstall.exe"
-->"C:\Program Files\HP Games\Chuzzle Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\Crystal Maze\Uninstall.exe"
-->"C:\Program Files\HP Games\Diner Dash 2 Restaurant Rescue\Uninstall.exe"
-->"C:\Program Files\HP Games\Diner Dash\Uninstall.exe"
-->"C:\Program Files\HP Games\Escape the Museum\Uninstall.exe"
-->"C:\Program Files\HP Games\FATE\Uninstall.exe"
-->"C:\Program Files\HP Games\Gem Shop\Uninstall.exe"
-->"C:\Program Files\HP Games\Granny in Paradise\Uninstall.exe"
-->"C:\Program Files\HP Games\Insaniquarium Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\Magic Academy\Uninstall.exe"
-->"C:\Program Files\HP Games\Mah Jong Quest\Uninstall.exe"
-->"C:\Program Files\HP Games\Mahjongg Artifacts\Uninstall.exe"
-->"C:\Program Files\HP Games\My HP Game Console\Uninstall.exe"
-->"C:\Program Files\HP Games\Peggle\Uninstall.exe"
-->"C:\Program Files\HP Games\Penguins!\Uninstall.exe"
-->"C:\Program Files\HP Games\Polar Bowler\Uninstall.exe"
-->"C:\Program Files\HP Games\Polar Golfer Pineapple Cup\Uninstall.exe"
-->"C:\Program Files\HP Games\Polar Golfer\Uninstall.exe"
-->"C:\Program Files\HP Games\Polar Pool\Uninstall.exe"
-->"C:\Program Files\HP Games\Slingo Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\Snowy - Treasure Hunter 2\Uninstall.exe"
-->"C:\Program Files\HP Games\SPORE Creature Creator Trial Edition\Uninstall.exe"
-->"C:\Program Files\HP Games\Tradewinds Legends\Uninstall.exe"
-->"C:\Program Files\HP Games\Tradewinds\Uninstall.exe"
-->"C:\Program Files\HP Games\Virtual Villagers - A New Home\Uninstall.exe"
-->"C:\Program Files\HP Games\Virtual Villagers - The Secret City\Uninstall.exe"
-->"C:\Program Files\HP Games\Zuma Deluxe\Uninstall.exe"
µTorrent-->"C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9.1.3 - Suomi-->MsiExec.exe /I{AC76BA86-7AD7-1035-7B44-A91000000001}
Adobe Shockwave Player-->MsiExec.exe /X{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}
Advanced SystemCare 3-->"C:\Program Files\IObit\Advanced SystemCare 3\unins000.exe"
AMD USB Audio Driver Filter-->MsiExec.exe /X{A3AB35FA-943E-4799-99DC-46EFD59E998F}
AOL Toolbar 5.0-->"C:\Program Files\AOL\AOL Toolbar 5.0\uninstall.exe"
Apple Application Support-->MsiExec.exe /I{0C34B801-6AEC-4667-B053-03A67E2D0415}
Apple Mobile Device Support-->MsiExec.exe /I{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Atheros Driver Installation Program-->C:\Program Files\InstallShield Installation Information\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}\setup.exe -runfromtemp -l0x0009
AVerMedia A309 (MiniCard, DVB-T) 1.0.0.45-->C:\Program Files\AVerMedia\AVerMedia A309 (MiniCard, DVB-T)\uninst.exe
AVG Free 8.5-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
BS.Player FREE-->"C:\Program Files\Webteh\BSplayer\uninstall.exe"
BS_Player Toolbar-->C:\PROGRA~1\BS_PLA~1\UNWISE.EXE /U C:\PROGRA~1\BS_PLA~1\INSTALL.LOG
Catalyst Control Center - Branding-->MsiExec.exe /I{558FF444-F562-4E4C-98BD-7B20EE184D2E}
Cisco EAP-FAST Module-->MsiExec.exe /I{415B2719-AD3A-4944-B404-C472DB6085B3}
Cisco LEAP Module-->MsiExec.exe /I{83770D14-21B9-44B3-8689-F7B523F94560}
Cisco PEAP Module-->MsiExec.exe /I{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}
Combined Community Codec Pack 2008-09-21 16:18-->"C:\Program Files\Combined Community Codec Pack\unins000.exe"
CyberLink DVD Suite-->"C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall
CyberLink DVD Suite-->"C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall
DC++ 0.699-->"C:\Program Files\DC++\uninstall.exe"
Duke Nukem 3D HRP 2005-11-01-->C:\Program Files\duke3d\uninst.exe
ESU for Microsoft Vista-->MsiExec.exe /I{3877C901-7B90-4727-A639-B6ED2DD59D43}
ExtraFilm Designer FI-->C:\Program Files\ExtraFilm Designer FI\Uninstall.exe
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_E582EA556D8DE101.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Hewlett-Packard Active Check for Health Check-->MsiExec.exe /X{254C37AA-6B72-4300-84F6-98A82419187E}
Hewlett-Packard Asset Agent for Health Check-->MsiExec.exe /X{669D4A35-146B-4314-89F1-1AC3D7B88367}
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
HP Active Support Library-->C:\Program Files\InstallShield Installation Information\{5DAA9C36-8F8B-462F-8CCA-E205BC3751F5}\setup.exe -runfromtemp -l0x0409
HP Customer Experience Enhancements-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{11C3DB90-D872-49F4-A428-40B13E7745CD}\setup.exe" -l0x9 -removeonly
HP Doc Viewer-->MsiExec.exe /I{082702D5-5DD8-4600-BCE5-48B15174687F}
HP Easy Setup - Frontend-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4C6A8BA7-06F9-4F4E-8D58-4419767A0CD2}\setup.exe" -l0x9 -removeonly
HP Help and Support-->MsiExec.exe /I{0054A0F6-00C9-4498-B821-B5C9578F433E}
HP MediaSmart DVD-->"C:\Program Files\InstallShield Installation Information\{DCCAD079-F92C-44DA-B258-624FC6517A5A}\setup.exe" /z-uninstall
HP MediaSmart DVD-->"C:\Program Files\InstallShield Installation Information\{DCCAD079-F92C-44DA-B258-624FC6517A5A}\setup.exe" /z-uninstall
HP MediaSmart Music/Photo/Video-->"C:\Program Files\InstallShield Installation Information\{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}\setup.exe" /z-uninstall
HP MediaSmart Music/Photo/Video-->"C:\Program Files\InstallShield Installation Information\{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}\setup.exe" /z-uninstall /zMS
HP MediaSmart SmartMenu-->MsiExec.exe /I{EFC5939F-470F-454E-B3DA-F51FDD83F6CE}
HP MediaSmart TV-->"C:\Program Files\InstallShield Installation Information\{67626E09-5366-4480-8F1E-93FADF50CA15}\Setup.exe" /z-uninstall
HP MediaSmart TV-->"C:\Program Files\InstallShield Installation Information\{67626E09-5366-4480-8F1E-93FADF50CA15}\Setup.exe" /z-uninstall
HP MediaSmart Webcam-->"C:\Program Files\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
HP MediaSmart Webcam-->"C:\Program Files\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
HP Quick Launch Buttons 6.40 H2-->C:\Program Files\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe -runfromtemp -l0x0009 uninst
HP Update-->MsiExec.exe /X{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}
HP User Guides 0129-->MsiExec.exe /X{149BBCB8-674F-48D2-969C-9D0EA88DA7D6}
HP Wireless Assistant-->MsiExec.exe /I{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}
HPNetworkAssistant-->MsiExec.exe /I{228C6B46-64E2-404E-898A-EF0830603EF4}
IDT Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}\setup.exe" -l0x9 -remove -removeonly
iPhone Configuration Utility-->MsiExec.exe /I{FA54AFB1-5745-4389-B8C1-9F7509672ED1}
iTunes-->MsiExec.exe /I{EC2A8F27-4FBF-4E41-B27B-FE822511B761}
Java(TM) 6 Update 15-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
JMicron JMB38X Flash Media Controller-->"C:\Program Files\InstallShield Installation Information\{26604C7E-A313-4D12-867F-7C6E7820BE4C}\setup.exe" delpkg
Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
LabelPrint-->"C:\Program Files\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall
LabelPrint-->"C:\Program Files\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall
LADSPA_plugins-win-0.4.15-->"C:\Program Files\Audacity\Plug-Ins\unins000.exe"
Magic Desktop-->C:\Windows\system32\ezMDUninstall.exe
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 3.5 Language Pack SP1 - fin-->MsiExec.exe /I{E369A040-E812-37B3-A5B9-311E5579FAC3}
Microsoft .NET Framework 3.5 SP1:n kielitukipaketti - FI-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fin\setup.exe
Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040B-0000-0000000FF1CE} /uninstall {DCB679BA-7B0C-4D8C-B443-79701F6FA01C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040B-0000-0000000FF1CE} /uninstall {DCB679BA-7B0C-4D8C-B443-79701F6FA01C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040B-0000-0000000FF1CE} /uninstall {DCB679BA-7B0C-4D8C-B443-79701F6FA01C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040B-0000-0000000FF1CE} /uninstall {06921DF8-773B-45F8-9464-6BB1C56FEF21}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-040B-0000-0000000FF1CE} /uninstall {DCB679BA-7B0C-4D8C-B443-79701F6FA01C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office Excel MUI (Finnish) 2007-->MsiExec.exe /X{90120000-0016-040B-0000-0000000FF1CE}
Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office Live Add-in 1.4-->MsiExec.exe /I{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}
Microsoft Office OneNote MUI (Finnish) 2007-->MsiExec.exe /X{90120000-00A1-040B-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Finnish) 2007-->MsiExec.exe /X{90120000-0018-040B-0000-0000000FF1CE}
Microsoft Office PowerPoint Viewer 2007 (Finnish)-->MsiExec.exe /X{95120000-00AF-040B-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (Finnish) 2007-->MsiExec.exe /X{90120000-001F-040B-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Swedish) 2007-->MsiExec.exe /X{90120000-001F-041D-0000-0000000FF1CE}
Microsoft Office Proofing (Finnish) 2007-->MsiExec.exe /X{90120000-002C-040B-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040B-0000-0000000FF1CE} /uninstall {8C00DF3E-E8BD-4C6A-B86F-0135E11DAF1C}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-041D-0000-0000000FF1CE} /uninstall {43722AA8-ACEA-4F54-9B83-2467D376EF8A}
Microsoft Office Shared MUI (Finnish) 2007-->MsiExec.exe /X{90120000-006E-040B-0000-0000000FF1CE}
Microsoft Office Word MUI (Finnish) 2007-->MsiExec.exe /X{90120000-001B-040B-0000-0000000FF1CE}
Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729-->MsiExec.exe /X{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}
Microsoft Works-->MsiExec.exe /I{7D9EF8C1-1B76-44AF-A918-86CBA6FD24C8}
Mozilla Firefox (3.0.12)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
My HP Games-->"C:\Program Files\HP Games\Uninstall.exe"
Norton Internet Security-->MsiExec.exe /I{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}
OGA Notifier 2.0.0048.0-->MsiExec.exe /I{B2544A03-10D0-4E5E-BA69-0362FFC20D18}
Ohjelman Microsoft Office Excel 2007 Help päivitys (KB963678)-->msiexec /package {90120000-0016-040B-0000-0000000FF1CE} /uninstall {2C35886E-A67C-494A-8E1C-C6B4E415BBDD}
Ohjelman Microsoft Office Powerpoint 2007 Help päivitys (KB963669)-->msiexec /package {90120000-0018-040B-0000-0000000FF1CE} /uninstall {BD88D384-046E-4E6F-A48B-BC3757C01BA5}
Ohjelman Microsoft Office Word 2007 Help päivitys (KB963665)-->msiexec /package {90120000-001B-040B-0000-0000000FF1CE} /uninstall {3D728445-D30E-4E78-BCC6-722FE68CB22B}
Paf Diamond Poker-->C:\PROGRA~1\PAFDIA~1\UNWISE.EXE C:\PROGRA~1\PAFDIA~1\INSTALL.LOG
PhotoNow!-->"C:\Program Files\InstallShield Installation Information\{D36DD326-7280-11D8-97C8-000129760CBE}\Setup.exe" /z-uninstall
PhotoNow!-->"C:\Program Files\InstallShield Installation Information\{D36DD326-7280-11D8-97C8-000129760CBE}\Setup.exe" /z-uninstall
Power2Go-->"C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
Power2Go-->"C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
PowerDirector-->"C:\Program Files\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\Setup.exe" /z-uninstall
PowerDirector-->"C:\Program Files\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\Setup.exe" /z-uninstall
ProtectSmart Hard Drive Protection-->MsiExec.exe /X{AAD72731-807A-4B79-AE05-9190B7002B7B}
QuickTime-->MsiExec.exe /I{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}
Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista-->C:\Program Files\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -l0x0009 -removeonly
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB969679)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C66E4A6C-6E07-4C63-8CCD-2493B5087C73}
Security Update for Microsoft Office Excel 2007 (KB969682)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C03803BD-745A-46F8-8557-817DED578780}
Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
Security Update for Microsoft Office Word 2007 (KB969604)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {CF3D6499-709C-43D0-8908-BC5652656050}
Skype? 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
SPORE Creature Creator Trial Edition-->"C:\Program Files\HP Games\SPORE Creature Creator Trial Edition\Uninstall.exe"
Spotify-->"C:\Program Files\Spotify\uninstall.exe"
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Tales of Monkey Island - Launch of the Screaming Narwhal-->C:\Program Files\Telltale Games\Tales of Monkey Island\UNINSTALL_MonkeyIsland101.exe
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
Windows Live Call-->MsiExec.exe /I{9C87F6BB-75E4-4F35-8353-F5E295264E98}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live ID -kirjautumisavustaja-->MsiExec.exe /X{10A44844-4465-456E-8C97-80BDD4F68845}
Windows Live Messenger-->MsiExec.exe /X{85EB1E72-4FAA-40E4-A511-DF3A9A0A4CA8}
Windows Live OneCare safety scanner-->"C:\Program Files\Windows Live Safety Center\UnInstall.exe"
Windows Live OneCare safety scanner-->MsiExec.exe /X{FE0646A7-19D0-41B4-A2BB-2C35D644270D}
Windows Live -perheturva-->MsiExec.exe /X{401DD2B7-5024-459D-AF49-65D66756E143}
Windows Live Sync-->MsiExec.exe /X{3B27F4EF-23C4-4D9F-871C-B284E8CDA97A}
Windows Live Toolbar-->MsiExec.exe /X{F5A0AA6B-8FCA-4F18-91A7-C4C6FC45FBEC}
Windows Live Writer-->MsiExec.exe /X{32DC3E9F-76CC-4867-83F1-4D039B247F91}
Windows Liven asennustyökalu-->C:\Program Files\Windows Live\Installer\wlarp.exe
Windows Liven asennustyökalu-->MsiExec.exe /I{AA2BCB44-B44F-445A-A80C-E6C50218940C}
Windows Liven elokuvatyökalu-->MsiExec.exe /X{E470E30E-A289-470F-A6A2-19D43E56E8FD}
Windows Liven lataustyökalu-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Windows Liven sähköposti-->MsiExec.exe /I{3C1007F9-8AC4-4053-ACCA-A162D62888CE}
Windows Liven valokuvavalikoima-->MsiExec.exe /X{AC499BEE-256D-46F5-9B3B-458B65DFDD03}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
Xvid 1.1.3 final uninstall-->"C:\Program Files\Xvid\unins000.exe"
======Hosts File======
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
======Security center information======
AS: Spybot - Search and Destroy (outdated)
AS: Windows Defender
======System event log======
Computer Name: Torski-PC
Event Code: 4386
Message: Windows Servicing edellytti uudelleenkäynnistystä, jotta päivitys 948609-1434_neutral_GDR (paketista KB948609(Update)) voitiin asettaa tilaan Selvitetään(Resolving)
Record Number: 9161
Source Name: Microsoft-Windows-Servicing
Time Written: 20090531184704.000000-000
Event Type: Tietoja
User: Torski-PC\Torski
Computer Name: Torski-PC
Event Code: 4386
Message: Windows Servicing edellytti uudelleenkäynnistystä, jotta päivitys 948609-1433_neutral_LDR (paketista KB948609(Update)) voitiin asettaa tilaan Selvitetään(Resolving)
Record Number: 9160
Source Name: Microsoft-Windows-Servicing
Time Written: 20090531184704.000000-000
Event Type: Tietoja
User: Torski-PC\Torski
Computer Name: Torski-PC
Event Code: 4386
Message: Windows Servicing edellytti uudelleenkäynnistystä, jotta päivitys 948609-1432_neutral_GDR (paketista KB948609(Update)) voitiin asettaa tilaan Selvitetään(Resolving)
Record Number: 9159
Source Name: Microsoft-Windows-Servicing
Time Written: 20090531184704.000000-000
Event Type: Tietoja
User: Torski-PC\Torski
Computer Name: Torski-PC
Event Code: 4386
Message: Windows Servicing edellytti uudelleenkäynnistystä, jotta päivitys 948609-1431_neutral_LDR (paketista KB948609(Update)) voitiin asettaa tilaan Selvitetään(Resolving)
Record Number: 9158
Source Name: Microsoft-Windows-Servicing
Time Written: 20090531184704.000000-000
Event Type: Tietoja
User: Torski-PC\Torski
Computer Name: Torski-PC
Event Code: 4386
Message: Windows Servicing edellytti uudelleenkäynnistystä, jotta päivitys 948609-1430_neutral_GDR (paketista KB948609(Update)) voitiin asettaa tilaan Selvitetään(Resolving)
Record Number: 9157
Source Name: Microsoft-Windows-Servicing
Time Written: 20090531184704.000000-000
Event Type: Tietoja
User: Torski-PC\Torski
=====Application event log=====
Computer Name: Torski-PC
Event Code: 223
Message: WinMail (3732) WindowsMail0: Starting the backup of log files (range C:\Users\Torski\AppData\Local\Microsoft\Windows Mail\edb00001.log - C:\Users\Torski\AppData\Local\Microsoft\Windows Mail\edb00001.log).
Record Number: 565
Source Name: ESENT
Time Written: 20090529194056.000000-000
Event Type: Tietoja
User:
Computer Name: Torski-PC
Event Code: 221
Message: WinMail (3732) WindowsMail0: Ending the backup of the file C:\Users\Torski\AppData\Local\Microsoft\Windows Mail\WindowsMail.MSMessageStore.
Record Number: 564
Source Name: ESENT
Time Written: 20090529194056.000000-000
Event Type: Tietoja
User:
Computer Name: Torski-PC
Event Code: 220
Message: WinMail (3732) WindowsMail0: Beginning the backup of the file C:\Users\Torski\AppData\Local\Microsoft\Windows Mail\WindowsMail.MSMessageStore (size 2 Mb).
Record Number: 563
Source Name: ESENT
Time Written: 20090529194056.000000-000
Event Type: Tietoja
User:
Computer Name: Torski-PC
Event Code: 210
Message: WinMail (3732) WindowsMail0: A full backup is starting.
Record Number: 562
Source Name: ESENT
Time Written: 20090529194056.000000-000
Event Type: Tietoja
User:
Computer Name: Torski-PC
Event Code: 102
Message: WinMail (3732) WindowsMail0: The database engine (6.00.6001.0000) started a new instance (0).
Record Number: 561
Source Name: ESENT
Time Written: 20090529194054.000000-000
Event Type: Tietoja
User:
=====Security event log=====
Computer Name: Torski-PC
Event Code: 1100
Message: Tapahtumalokipalvelu lopetettiin.
Record Number: 624
Source Name: Microsoft-Windows-Eventlog
Time Written: 20090530070951.467200-000
Event Type: Onnistunut valvonta
User:
Computer Name: Torski-PC
Event Code: 4647
Message: Käyttäjä aloitti uloskirjautumisen:
Aihe:
Suojaustunnus: S-1-5-21-4256096021-833300153-4095595867-1000
Tilin nimi: Torski
Tilin toimialue: Torski-PC
Kirjautumistunnus: 0x609ed
Tämä tapahtuma luodaan, kun uloskirjautuminen aloitetaan, mutta tunnussanomaviittausten määrä ei ole nolla eikä kirjautumistuntoa voida tuhota. Muita käyttäjän aloittamia toimia ei voi ilmetä. Tämä tapahtuma voidaan tulkita uloskirjautumistapahtumaksi.
Record Number: 623
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090530070945.913600-000
Event Type: Onnistunut valvonta
User:
Computer Name: Torski-PC
Event Code: 4905
Message: Suojaustapahtuman lähteen rekisteröintiä yritettiin poistaa.
Aihe
Suojaustunnus: S-1-5-18
Tilin nimi: TORSKI-PC$
Tilin toimialue: WORKGROUP
Kirjautumistunnus: 0x3e7
Prosessi:
Prosessitunnus: 0xfb8
Prosessin nimi: C:\Windows\System32\VSSVC.exe
Tapahtuman lähde:
Lähdenimi: VSSAudit
Tapahtuman lähteen tunnus: 0x2f153d
Record Number: 622
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090529193127.039522-000
Event Type: Onnistunut valvonta
User:
Computer Name: Torski-PC
Event Code: 4904
Message: Suojaustapahtuman lähteen rekisteröintiä yritettiin.
Aihe:
Suojaustunnus: S-1-5-18
Tilin nimi: TORSKI-PC$
Tilin toimialue: WORKGROUP
Kirjautumistunnus: 0x3e7
Prosessi:
Prosessitunnus: 0xfb8
Prosessin nimi: C:\Windows\System32\VSSVC.exe
Tapahtuman lähde:
Lähdenimi: VSSAudit
Tapahtuman lähteen tunnus: 0x2f153d
Record Number: 621
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090529193127.039522-000
Event Type: Onnistunut valvonta
User:
Computer Name: Torski-PC
Event Code: 1102
Message: Valvontaloki tyhjennettiin.
Aihe:
Suojaustunnus: S-1-5-21-4256096021-833300153-4095595867-1000
Tilin nimi: Torski
Toimialueen nimi: Torski-PC
Kirjaustunnus: 0x609cd
Record Number: 620
Source Name: Microsoft-Windows-Eventlog
Time Written: 20090529193111.626722-000
Event Type: Onnistunut valvonta
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%CommonProgramFiles%\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\CyberLink\Power2Go;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=17
"PROCESSOR_IDENTIFIER"=x86 Family 17 Model 3 Stepping 1, AuthenticAMD
"PROCESSOR_REVISION"=0301
"NUMBER_OF_PROCESSORS"=2
"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat
"DFSTRACINGON"=FALSE
"OnlineServices"=Online Services
"Platform"=MCD
"PCBRAND"=Pavilion
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip
-----------------EOF-----------------
|
|
