|
|
|
Keskustelualueet
Keskustelualueet
|
|
|
atapi.sys
|
|
Member
1 tuotearvio
|
8. maaliskuuta 2010 @ 21:00 |
Linkki tähän viestiin
|
Windows 7 home premium
Ati radeon 4800 hd
amd phenom II 955 3.0 GzH
4GB RAM
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:39:12, on 8.3.2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\msa.exe
C:\Program Files\Sonera\Sonera Tietoturva\Common\FSM32.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Users\Sini\AppData\Local\Temp\Qtr.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com?o=15161&l=dis
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: LitmusBHO - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files\Sonera\Sonera Tietoturva\NRS\iescript\baselitmus.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files\Sonera\Sonera Tietoturva\NRS\iescript\baselitmus.dll
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Sonera\Sonera Tietoturva\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Sonera\Sonera Tietoturva\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [TOY5KNQ8OC] C:\Users\Sini\AppData\Local\Temp\Qtr.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Verkkopalvelu')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Verkkopalvelu')
O4 - HKUS\S-1-5-18\..\Run: [cbssreg] C:\Windows\TEMP\nytf.tmp\svchost.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [cbssreg] C:\Windows\TEMP\nytf.tmp\svchost.exe (User 'Default user')
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O13 - Gopher Prefix:
O15 - Trusted Zone: www.corel.com
O15 - Trusted Zone: http://*.corel.com
O15 - Trusted Zone: www.intervideo.com
O15 - Trusted Zone: http://*.intervideo.com
O16 - DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} (System Requirements Lab Class) - http://srtest-cdn.systemrequirementslab....eqlabdetect.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/software...15111/CTPID.cab
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\fsgk32st.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Sonera\Sonera Tietoturva\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Sonera\Sonera Tietoturva\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\Sonera\Sonera Tietoturva\ORSP Client\fsorsp.exe
O23 - Service: iPod-palvelu (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: SupportSoft Sprocket Service (sonera) (sprtsvc_sonera) - SupportSoft, Inc. - C:\Program Files\Sonera\InternetAvustaja\bin\sprtsvc.exe
O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\SupportSoft\bin\ssrc.exe
O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
--
End of file - 7393 bytes
|
Member
1 tuotearvio
|
10. maaliskuuta 2010 @ 15:56 |
Linkki tähän viestiin
|
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-03-10 15:55:05
Windows 6.1.7600
Running: gmer.exe; Driver: C:\Users\Sini\AppData\Local\Temp\kxldypod.sys
---- System - GMER 1.0.15 ----
SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwCreateThread [0x9255EE8C]
SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwCreateThreadEx [0x9255EEA6]
SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwLoadDriver [0x9255F1BC]
SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwMapViewOfSection [0x9255EBCC]
SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwOpenSection [0x9255F5EE]
SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwRenameKey [0x9256088C]
SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwSetSystemInformation [0x9255F43E]
SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwSuspendProcess [0x9255EA4C]
SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwSuspendThread [0x9255EEC0]
SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwSystemDebugControl [0x9255F042]
SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwTerminateProcess [0x9255E9A6]
SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwTerminateThread [0x9255EB06]
SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwWriteVirtualMemory [0x9255EF86]
INT 0x1F \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8322AAF8
INT 0x37 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8322A104
INT 0xC1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8322A3F4
INT 0xD1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 832132D8
INT 0xDF \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8322A1DC
INT 0xE1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8322A958
INT 0xE3 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8322A6F8
INT 0xFD \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8322AF2C
INT 0xFE \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8322B1A8
---- Kernel code sections - GMER 1.0.15 ----
.text ntkrnlpa.exe!ZwSaveKeyEx + 13AD 82E43579 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82E67F52 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text ntkrnlpa.exe!RtlSidHashLookup + 34C 82E6F84C 8 Bytes [8C, EE, 55, 92, A6, EE, 55, ...] {MOV ESI, GS; PUSH EBP; XCHG EDX, EAX; CMPSB ; OUT DX, AL ; PUSH EBP; XCHG EDX, EAX}
.text ntkrnlpa.exe!RtlSidHashLookup + 45C 82E6F95C 4 Bytes [BC, F1, 55, 92]
.text ntkrnlpa.exe!RtlSidHashLookup + 490 82E6F990 4 Bytes [CC, EB, 55, 92] {INT 3 ; JMP 0x58; XCHG EDX, EAX}
.text ntkrnlpa.exe!RtlSidHashLookup + 4F8 82E6F9F8 4 Bytes [EE, F5, 55, 92] {OUT DX, AL ; CMC ; PUSH EBP; XCHG EDX, EAX}
.text ntkrnlpa.exe!RtlSidHashLookup + 678 82E6FB78 4 Bytes [8C, 08, 56, 92] {MOV WORD [EAX], CS; PUSH ESI; XCHG EDX, EAX}
.text ...
? System32\Drivers\spnq.sys Määritettyä polkua ei löydy. !
PAGE ataport.SYS!DllUnload + 1 8C843AD7 4 Bytes JMP 85D021D9
.text USBPORT.SYS!DllUnload 93848CA0 5 Bytes JMP 876971D8
.text C:\Windows\system32\DRIVERS\atipmdag.sys section is writeable [0x94A2F000, 0x2E6316, 0xE8000020]
.text C:\Windows\system32\DRIVERS\lirsgt.sys section is writeable [0x9B985300, 0x1B7E, 0xE8000020]
.text peauth.sys 9C63DC9D 28 Bytes [0F, 87, 3B, 68, DB, A3, E3, ...]
.text peauth.sys 9C63DCC1 28 Bytes [0F, 87, 3B, 68, DB, A3, E3, ...]
PAGE peauth.sys 9C643B9B 72 Bytes [A7, C7, 21, 18, 6C, EC, 29, ...]
PAGE peauth.sys 9C643BEC 111 Bytes [90, F4, A3, B6, 9A, 13, 23, ...]
PAGE peauth.sys 9C643E20 101 Bytes [E4, 9F, B5, 9C, 35, 8D, 33, ...]
PAGE ...
---- User code sections - GMER 1.0.15 ----
.text C:\Windows\system32\svchost.exe[796] ole32.dll!CoCreateInstance 76DE57FC 5 Bytes JMP 00A2000A
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!UnhookWindowsHookEx 76C2CC7B 5 Bytes JMP 6E3781D8 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!CallNextHookEx 76C2CC8F 5 Bytes JMP 6E359A6C C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!CreateWindowExW 76C30E51 5 Bytes JMP 6E36801F C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!SetWindowsHookExW 76C3210A 5 Bytes JMP 6E3146DB C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!DialogBoxIndirectParamW 76C54AA7 5 Bytes JMP 6E48EDC0 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!DialogBoxParamW 76C5564A 5 Bytes JMP 6E284D5B C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!DialogBoxParamA 76C6CF6A 5 Bytes JMP 6E48ED5D C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!DialogBoxIndirectParamA 76C6D29C 5 Bytes JMP 6E48EE23 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!MessageBoxIndirectA 76C7E8C9 5 Bytes JMP 6E48ECF2 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!MessageBoxIndirectW 76C7E9C3 5 Bytes JMP 6E48EC87 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!MessageBoxExA 76C7EA29 5 Bytes JMP 6E48EC25 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!MessageBoxExW 76C7EA4D 5 Bytes JMP 6E48EBC3 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] ole32.dll!OleLoadFromStream 76D95B88 5 Bytes JMP 6E48F137 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] ole32.dll!CoCreateInstance 76DE57FC 5 Bytes JMP 6E368B0D C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[6060] USER32.dll!CreateWindowExW 76C30E51 5 Bytes JMP 6E36801F C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[6060] USER32.dll!DialogBoxIndirectParamW 76C54AA7 5 Bytes JMP 6E48EDC0 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[6060] USER32.dll!DialogBoxParamW 76C5564A 5 Bytes JMP 6E284D5B C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[6060] USER32.dll!DialogBoxParamA 76C6CF6A 5 Bytes JMP 6E48ED5D C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[6060] USER32.dll!DialogBoxIndirectParamA 76C6D29C 5 Bytes JMP 6E48EE23 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[6060] USER32.dll!MessageBoxIndirectA 76C7E8C9 5 Bytes JMP 6E48ECF2 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[6060] USER32.dll!MessageBoxIndirectW 76C7E9C3 5 Bytes JMP 6E48EC87 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[6060] USER32.dll!MessageBoxExA 76C7EA29 5 Bytes JMP 6E48EC25 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[6060] USER32.dll!MessageBoxExW 76C7EA4D 5 Bytes JMP 6E48EBC3 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
---- User IAT/EAT - GMER 1.0.15 ----
IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [73B92494] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [73B75624] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [73B756E2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [73B9250F] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [73B88573] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [73B84D27] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [73B850CE] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [73B851A3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromHBITMAP] [73B866D0] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [73B882CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [73B88819] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [73B8907A] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [73B8E21D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [73B84C59] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Users\Sini\AppData\Local\Temp\Qtr.exe[1192] @ C:\Windows\system32\WININET.dll [USER32.dll!CreateWindowExW] [00417CE6] C:\Users\Sini\AppData\Local\Temp\Qtr.exe
IAT C:\Users\Sini\AppData\Local\Temp\Qtr.exe[1192] @ C:\Windows\system32\WININET.dll [USER32.dll!SetWindowPos] [00417E12] C:\Users\Sini\AppData\Local\Temp\Qtr.exe
IAT C:\Users\Sini\AppData\Local\Temp\Qtr.exe[1192] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!CreateWindowExA] [00417C6C] C:\Users\Sini\AppData\Local\Temp\Qtr.exe
IAT C:\Users\Sini\AppData\Local\Temp\Qtr.exe[1192] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!CreateWindowExW] [00417CE6] C:\Users\Sini\AppData\Local\Temp\Qtr.exe
IAT C:\Users\Sini\AppData\Local\Temp\Qtr.exe[1192] @ C:\Windows\system32\ole32.dll [USER32.dll!CreateWindowExW] [00417CE6] C:\Users\Sini\AppData\Local\Temp\Qtr.exe
IAT C:\Users\Sini\AppData\Local\Temp\Qtr.exe[1192] @ C:\Windows\system32\ole32.dll [USER32.dll!ShowWindow] [00417D60] C:\Users\Sini\AppData\Local\Temp\Qtr.exe
IAT C:\Users\Sini\AppData\Local\Temp\Qtr.exe[1192] @ C:\Windows\system32\shell32.dll [USER32.dll!CreateWindowExW] [00417CE6] C:\Users\Sini\AppData\Local\Temp\Qtr.exe
IAT C:\Users\Sini\AppData\Local\Temp\Qtr.exe[1192] @ C:\Windows\system32\shell32.dll [USER32.dll!SetWindowPos] [00417E12] C:\Users\Sini\AppData\Local\Temp\Qtr.exe
IAT C:\Users\Sini\AppData\Local\Temp\Qtr.exe[1192] @ C:\Windows\system32\shell32.dll [USER32.dll!ShowWindow] [00417D60] C:\Users\Sini\AppData\Local\Temp\Qtr.exe
IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\SHELL32.dll [USER32.dll!MessageBoxW] [00418686] C:\Windows\msa.exe
IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\SHELL32.dll [USER32.dll!DialogBoxParamW] [0041867A] C:\Windows\msa.exe
IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\SHELL32.dll [USER32.dll!CreateWindowExW] [004184E8] C:\Windows\msa.exe
IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\SHELL32.dll [USER32.dll!MessageBoxIndirectW] [00418674] C:\Windows\msa.exe
IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\SHELL32.dll [USER32.dll!SetWindowPos] [0041860E] C:\Windows\msa.exe
IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\SHELL32.dll [USER32.dll!ShowWindow] [00418560] C:\Windows\msa.exe
IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!DialogBoxParamW] [0041867A] C:\Windows\msa.exe
IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!DialogBoxParamA] [0041867A] C:\Windows\msa.exe
IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!CreateWindowExA] [00418470] C:\Windows\msa.exe
IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!CreateWindowExW] [004184E8] C:\Windows\msa.exe
IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!MessageBoxW] [00418686] C:\Windows\msa.exe
IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\WININET.dll [USER32.dll!DialogBoxParamW] [0041867A] C:\Windows\msa.exe
IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\WININET.dll [USER32.dll!CreateWindowExW] [004184E8] C:\Windows\msa.exe
IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\WININET.dll [USER32.dll!MessageBoxW] [00418686] C:\Windows\msa.exe
IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\WININET.dll [USER32.dll!SetWindowPos] [0041860E] C:\Windows\msa.exe
IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\ole32.dll [USER32.dll!CreateWindowExW] [004184E8] C:\Windows\msa.exe
IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\ole32.dll [USER32.dll!DialogBoxParamW] [0041867A] C:\Windows\msa.exe
IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\ole32.dll [USER32.dll!MessageBoxW] [00418686] C:\Windows\msa.exe
IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\ole32.dll [USER32.dll!ShowWindow] [00418560] C:\Windows\msa.exe
IAT C:\Windows\System32\rundll32.exe[3524] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [74F95D3D] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
IAT C:\Windows\System32\rundll32.exe[3524] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [74F95D3D] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
IAT C:\Windows\System32\rundll32.exe[3524] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [74F95D3D] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
IAT C:\Windows\System32\rundll32.exe[3524] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [74F95D3D] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
IAT C:\Windows\System32\rundll32.exe[3524] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [74F95D3D] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
IAT C:\Windows\System32\rundll32.exe[3524] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [74F95D3D] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
---- Devices - GMER 1.0.15 ----
Device \FileSystem\Ntfs \Ntfs 85D081F8
Device \FileSystem\fastfat \FatCdrom 889C61F8
Device \Driver\volmgr \Device\VolMgrControl 85D041F8
Device \Driver\usbohci \Device\USBPDO-0 876941F8
Device \Driver\usbehci \Device\USBPDO-1 876A71F8
Device \Driver\usbohci \Device\USBPDO-2 876941F8
Device \Driver\usbehci \Device\USBPDO-3 876A71F8
Device \Driver\volmgr \Device\HarddiskVolume1 85D041F8
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
Device \Driver\volmgr \Device\HarddiskVolume2 85D041F8
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
Device \Driver\cdrom \Device\CdRom0 87451500
Device \Driver\volmgr \Device\HarddiskVolume3 85D041F8
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
Device \Driver\atapi \Device\Ide\IdePort0 85D061F8
Device \Driver\atapi \Device\Ide\IdePort1 85D061F8
Device \Driver\atapi \Device\Ide\IdePort2 85D061F8
Device \Driver\atapi \Device\Ide\IdePort3 85D061F8
Device \Driver\atapi \Device\Ide\IdeDeviceP3T0L0-4 85D061F8
Device \Driver\volmgr \Device\HarddiskVolume4 85D041F8
AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
Device \Driver\volmgr \Device\HarddiskVolume5 85D041F8
AttachedDevice \Driver\volmgr \Device\HarddiskVolume5 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
Device \Driver\NetBT \Device\NetBT_Tcpip_{02C4A9CE-C6F6-4610-AA31-268A8ADBE780} 874321F8
Device \Driver\NetBT \Device\NetBt_Wins_Export 874321F8
Device \Driver\USBSTOR \Device\00000083 879AD500
Device \Driver\USBSTOR \Device\00000084 879AD500
Device \Driver\USBSTOR \Device\00000085 879AD500
Device \Driver\USBSTOR \Device\00000086 879AD500
Device \Driver\USBSTOR \Device\00000087 879AD500
Device \Driver\ACPI_HAL \Device\0000004e halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)
Device \Driver\usbohci \Device\USBFDO-0 876941F8
Device \Driver\usbehci \Device\USBFDO-1 876A71F8
Device \Driver\usbohci \Device\USBFDO-2 876941F8
Device \Driver\usbehci \Device\USBFDO-3 876A71F8
Device \FileSystem\fastfat \Fat 889C61F8
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
Device -> \Driver\atapi \Device\Harddisk0\DR0 86AEF841
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s2 285507792
---- Files - GMER 1.0.15 ----
File C:\Windows\system32\drivers\atapi.sys suspicious modification
---- EOF - GMER 1.0.15 ----
|
Member
1 tuotearvio
|
10. maaliskuuta 2010 @ 15:56 |
Linkki tähän viestiin
|
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-03-10 15:55:05
Windows 6.1.7600
Running: gmer.exe; Driver: C:\Users\Sini\AppData\Local\Temp\kxldypod.sys
---- System - GMER 1.0.15 ----
SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwCreateThread [0x9255EE8C]
SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwCreateThreadEx [0x9255EEA6]
SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwLoadDriver [0x9255F1BC]
SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwMapViewOfSection [0x9255EBCC]
SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwOpenSection [0x9255F5EE]
SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwRenameKey [0x9256088C]
SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwSetSystemInformation [0x9255F43E]
SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwSuspendProcess [0x9255EA4C]
SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwSuspendThread [0x9255EEC0]
SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwSystemDebugControl [0x9255F042]
SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwTerminateProcess [0x9255E9A6]
SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwTerminateThread [0x9255EB06]
SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwWriteVirtualMemory [0x9255EF86]
INT 0x1F \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8322AAF8
INT 0x37 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8322A104
INT 0xC1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8322A3F4
INT 0xD1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 832132D8
INT 0xDF \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8322A1DC
INT 0xE1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8322A958
INT 0xE3 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8322A6F8
INT 0xFD \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8322AF2C
INT 0xFE \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8322B1A8
---- Kernel code sections - GMER 1.0.15 ----
.text ntkrnlpa.exe!ZwSaveKeyEx + 13AD 82E43579 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82E67F52 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text ntkrnlpa.exe!RtlSidHashLookup + 34C 82E6F84C 8 Bytes [8C, EE, 55, 92, A6, EE, 55, ...] {MOV ESI, GS; PUSH EBP; XCHG EDX, EAX; CMPSB ; OUT DX, AL ; PUSH EBP; XCHG EDX, EAX}
.text ntkrnlpa.exe!RtlSidHashLookup + 45C 82E6F95C 4 Bytes [BC, F1, 55, 92]
.text ntkrnlpa.exe!RtlSidHashLookup + 490 82E6F990 4 Bytes [CC, EB, 55, 92] {INT 3 ; JMP 0x58; XCHG EDX, EAX}
.text ntkrnlpa.exe!RtlSidHashLookup + 4F8 82E6F9F8 4 Bytes [EE, F5, 55, 92] {OUT DX, AL ; CMC ; PUSH EBP; XCHG EDX, EAX}
.text ntkrnlpa.exe!RtlSidHashLookup + 678 82E6FB78 4 Bytes [8C, 08, 56, 92] {MOV WORD [EAX], CS; PUSH ESI; XCHG EDX, EAX}
.text ...
? System32\Drivers\spnq.sys Määritettyä polkua ei löydy. !
PAGE ataport.SYS!DllUnload + 1 8C843AD7 4 Bytes JMP 85D021D9
.text USBPORT.SYS!DllUnload 93848CA0 5 Bytes JMP 876971D8
.text C:\Windows\system32\DRIVERS\atipmdag.sys section is writeable [0x94A2F000, 0x2E6316, 0xE8000020]
.text C:\Windows\system32\DRIVERS\lirsgt.sys section is writeable [0x9B985300, 0x1B7E, 0xE8000020]
.text peauth.sys 9C63DC9D 28 Bytes [0F, 87, 3B, 68, DB, A3, E3, ...]
.text peauth.sys 9C63DCC1 28 Bytes [0F, 87, 3B, 68, DB, A3, E3, ...]
PAGE peauth.sys 9C643B9B 72 Bytes [A7, C7, 21, 18, 6C, EC, 29, ...]
PAGE peauth.sys 9C643BEC 111 Bytes [90, F4, A3, B6, 9A, 13, 23, ...]
PAGE peauth.sys 9C643E20 101 Bytes [E4, 9F, B5, 9C, 35, 8D, 33, ...]
PAGE ...
---- User code sections - GMER 1.0.15 ----
.text C:\Windows\system32\svchost.exe[796] ole32.dll!CoCreateInstance 76DE57FC 5 Bytes JMP 00A2000A
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!UnhookWindowsHookEx 76C2CC7B 5 Bytes JMP 6E3781D8 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!CallNextHookEx 76C2CC8F 5 Bytes JMP 6E359A6C C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!CreateWindowExW 76C30E51 5 Bytes JMP 6E36801F C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!SetWindowsHookExW 76C3210A 5 Bytes JMP 6E3146DB C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!DialogBoxIndirectParamW 76C54AA7 5 Bytes JMP 6E48EDC0 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!DialogBoxParamW 76C5564A 5 Bytes JMP 6E284D5B C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!DialogBoxParamA 76C6CF6A 5 Bytes JMP 6E48ED5D C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!DialogBoxIndirectParamA 76C6D29C 5 Bytes JMP 6E48EE23 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!MessageBoxIndirectA 76C7E8C9 5 Bytes JMP 6E48ECF2 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!MessageBoxIndirectW 76C7E9C3 5 Bytes JMP 6E48EC87 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!MessageBoxExA 76C7EA29 5 Bytes JMP 6E48EC25 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!MessageBoxExW 76C7EA4D 5 Bytes JMP 6E48EBC3 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] ole32.dll!OleLoadFromStream 76D95B88 5 Bytes JMP 6E48F137 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] ole32.dll!CoCreateInstance 76DE57FC 5 Bytes JMP 6E368B0D C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[6060] USER32.dll!CreateWindowExW 76C30E51 5 Bytes JMP 6E36801F C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[6060] USER32.dll!DialogBoxIndirectParamW 76C54AA7 5 Bytes JMP 6E48EDC0 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[6060] USER32.dll!DialogBoxParamW 76C5564A 5 Bytes JMP 6E284D5B C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[6060] USER32.dll!DialogBoxParamA 76C6CF6A 5 Bytes JMP 6E48ED5D C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[6060] USER32.dll!DialogBoxIndirectParamA 76C6D29C 5 Bytes JMP 6E48EE23 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[6060] USER32.dll!MessageBoxIndirectA 76C7E8C9 5 Bytes JMP 6E48ECF2 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[6060] USER32.dll!MessageBoxIndirectW 76C7E9C3 5 Bytes JMP 6E48EC87 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[6060] USER32.dll!MessageBoxExA 76C7EA29 5 Bytes JMP 6E48EC25 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[6060] USER32.dll!MessageBoxExW 76C7EA4D 5 Bytes JMP 6E48EBC3 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
---- User IAT/EAT - GMER 1.0.15 ----
IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [73B92494] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [73B75624] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [73B756E2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [73B9250F] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [73B88573] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [73B84D27] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [73B850CE] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [73B851A3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromHBITMAP] [73B866D0] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [73B882CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [73B88819] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [73B8907A] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [73B8E21D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [73B84C59] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Users\Sini\AppData\Local\Temp\Qtr.exe[1192] @ C:\Windows\system32\WININET.dll [USER32.dll!CreateWindowExW] [00417CE6] C:\Users\Sini\AppData\Local\Temp\Qtr.exe
IAT C:\Users\Sini\AppData\Local\Temp\Qtr.exe[1192] @ C:\Windows\system32\WININET.dll [USER32.dll!SetWindowPos] [00417E12] C:\Users\Sini\AppData\Local\Temp\Qtr.exe
IAT C:\Users\Sini\AppData\Local\Temp\Qtr.exe[1192] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!CreateWindowExA] [00417C6C] C:\Users\Sini\AppData\Local\Temp\Qtr.exe
IAT C:\Users\Sini\AppData\Local\Temp\Qtr.exe[1192] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!CreateWindowExW] [00417CE6] C:\Users\Sini\AppData\Local\Temp\Qtr.exe
IAT C:\Users\Sini\AppData\Local\Temp\Qtr.exe[1192] @ C:\Windows\system32\ole32.dll [USER32.dll!CreateWindowExW] [00417CE6] C:\Users\Sini\AppData\Local\Temp\Qtr.exe
IAT C:\Users\Sini\AppData\Local\Temp\Qtr.exe[1192] @ C:\Windows\system32\ole32.dll [USER32.dll!ShowWindow] [00417D60] C:\Users\Sini\AppData\Local\Temp\Qtr.exe
IAT C:\Users\Sini\AppData\Local\Temp\Qtr.exe[1192] @ C:\Windows\system32\shell32.dll [USER32.dll!CreateWindowExW] [00417CE6] C:\Users\Sini\AppData\Local\Temp\Qtr.exe
IAT C:\Users\Sini\AppData\Local\Temp\Qtr.exe[1192] @ C:\Windows\system32\shell32.dll [USER32.dll!SetWindowPos] [00417E12] C:\Users\Sini\AppData\Local\Temp\Qtr.exe
IAT C:\Users\Sini\AppData\Local\Temp\Qtr.exe[1192] @ C:\Windows\system32\shell32.dll [USER32.dll!ShowWindow] [00417D60] C:\Users\Sini\AppData\Local\Temp\Qtr.exe
IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\SHELL32.dll [USER32.dll!MessageBoxW] [00418686] C:\Windows\msa.exe
IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\SHELL32.dll [USER32.dll!DialogBoxParamW] [0041867A] C:\Windows\msa.exe
IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\SHELL32.dll [USER32.dll!CreateWindowExW] [004184E8] C:\Windows\msa.exe
IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\SHELL32.dll [USER32.dll!MessageBoxIndirectW] [00418674] C:\Windows\msa.exe
IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\SHELL32.dll [USER32.dll!SetWindowPos] [0041860E] C:\Windows\msa.exe
IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\SHELL32.dll [USER32.dll!ShowWindow] [00418560] C:\Windows\msa.exe
IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!DialogBoxParamW] [0041867A] C:\Windows\msa.exe
IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!DialogBoxParamA] [0041867A] C:\Windows\msa.exe
IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!CreateWindowExA] [00418470] C:\Windows\msa.exe
IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!CreateWindowExW] [004184E8] C:\Windows\msa.exe
IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!MessageBoxW] [00418686] C:\Windows\msa.exe
IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\WININET.dll [USER32.dll!DialogBoxParamW] [0041867A] C:\Windows\msa.exe
IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\WININET.dll [USER32.dll!CreateWindowExW] [004184E8] C:\Windows\msa.exe
IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\WININET.dll [USER32.dll!MessageBoxW] [00418686] C:\Windows\msa.exe
IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\WININET.dll [USER32.dll!SetWindowPos] [0041860E] C:\Windows\msa.exe
IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\ole32.dll [USER32.dll!CreateWindowExW] [004184E8] C:\Windows\msa.exe
IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\ole32.dll [USER32.dll!DialogBoxParamW] [0041867A] C:\Windows\msa.exe
IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\ole32.dll [USER32.dll!MessageBoxW] [00418686] C:\Windows\msa.exe
IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\ole32.dll [USER32.dll!ShowWindow] [00418560] C:\Windows\msa.exe
IAT C:\Windows\System32\rundll32.exe[3524] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [74F95D3D] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
IAT C:\Windows\System32\rundll32.exe[3524] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [74F95D3D] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
IAT C:\Windows\System32\rundll32.exe[3524] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [74F95D3D] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
IAT C:\Windows\System32\rundll32.exe[3524] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [74F95D3D] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
IAT C:\Windows\System32\rundll32.exe[3524] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [74F95D3D] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
IAT C:\Windows\System32\rundll32.exe[3524] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [74F95D3D] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
---- Devices - GMER 1.0.15 ----
Device \FileSystem\Ntfs \Ntfs 85D081F8
Device \FileSystem\fastfat \FatCdrom 889C61F8
Device \Driver\volmgr \Device\VolMgrControl 85D041F8
Device \Driver\usbohci \Device\USBPDO-0 876941F8
Device \Driver\usbehci \Device\USBPDO-1 876A71F8
Device \Driver\usbohci \Device\USBPDO-2 876941F8
Device \Driver\usbehci \Device\USBPDO-3 876A71F8
Device \Driver\volmgr \Device\HarddiskVolume1 85D041F8
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
Device \Driver\volmgr \Device\HarddiskVolume2 85D041F8
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
Device \Driver\cdrom \Device\CdRom0 87451500
Device \Driver\volmgr \Device\HarddiskVolume3 85D041F8
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
Device \Driver\atapi \Device\Ide\IdePort0 85D061F8
Device \Driver\atapi \Device\Ide\IdePort1 85D061F8
Device \Driver\atapi \Device\Ide\IdePort2 85D061F8
Device \Driver\atapi \Device\Ide\IdePort3 85D061F8
Device \Driver\atapi \Device\Ide\IdeDeviceP3T0L0-4 85D061F8
Device \Driver\volmgr \Device\HarddiskVolume4 85D041F8
AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
Device \Driver\volmgr \Device\HarddiskVolume5 85D041F8
AttachedDevice \Driver\volmgr \Device\HarddiskVolume5 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
Device \Driver\NetBT \Device\NetBT_Tcpip_{02C4A9CE-C6F6-4610-AA31-268A8ADBE780} 874321F8
Device \Driver\NetBT \Device\NetBt_Wins_Export 874321F8
Device \Driver\USBSTOR \Device\00000083 879AD500
Device \Driver\USBSTOR \Device\00000084 879AD500
Device \Driver\USBSTOR \Device\00000085 879AD500
Device \Driver\USBSTOR \Device\00000086 879AD500
Device \Driver\USBSTOR \Device\00000087 879AD500
Device \Driver\ACPI_HAL \Device\0000004e halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)
Device \Driver\usbohci \Device\USBFDO-0 876941F8
Device \Driver\usbehci \Device\USBFDO-1 876A71F8
Device \Driver\usbohci \Device\USBFDO-2 876941F8
Device \Driver\usbehci \Device\USBFDO-3 876A71F8
Device \FileSystem\fastfat \Fat 889C61F8
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
Device -> \Driver\atapi \Device\Harddisk0\DR0 86AEF841
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s2 285507792
---- Files - GMER 1.0.15 ----
File C:\Windows\system32\drivers\atapi.sys suspicious modification
---- EOF - GMER 1.0.15 ----
|
Member
1 tuotearvio
|
10. maaliskuuta 2010 @ 15:57 |
Linkki tähän viestiin
|
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-03-10 15:55:05
Windows 6.1.7600
Running: gmer.exe; Driver: C:\Users\Sini\AppData\Local\Temp\kxldypod.sys
---- System - GMER 1.0.15 ----
SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwCreateThread [0x9255EE8C]
SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwCreateThreadEx [0x9255EEA6]
SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwLoadDriver [0x9255F1BC]
SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwMapViewOfSection [0x9255EBCC]
SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwOpenSection [0x9255F5EE]
SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwRenameKey [0x9256088C]
SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwSetSystemInformation [0x9255F43E]
SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwSuspendProcess [0x9255EA4C]
SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwSuspendThread [0x9255EEC0]
SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwSystemDebugControl [0x9255F042]
SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwTerminateProcess [0x9255E9A6]
SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwTerminateThread [0x9255EB06]
SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwWriteVirtualMemory [0x9255EF86]
INT 0x1F \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8322AAF8
INT 0x37 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8322A104
INT 0xC1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8322A3F4
INT 0xD1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 832132D8
INT 0xDF \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8322A1DC
INT 0xE1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8322A958
INT 0xE3 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8322A6F8
INT 0xFD \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8322AF2C
INT 0xFE \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8322B1A8
---- Kernel code sections - GMER 1.0.15 ----
.text ntkrnlpa.exe!ZwSaveKeyEx + 13AD 82E43579 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82E67F52 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text ntkrnlpa.exe!RtlSidHashLookup + 34C 82E6F84C 8 Bytes [8C, EE, 55, 92, A6, EE, 55, ...] {MOV ESI, GS; PUSH EBP; XCHG EDX, EAX; CMPSB ; OUT DX, AL ; PUSH EBP; XCHG EDX, EAX}
.text ntkrnlpa.exe!RtlSidHashLookup + 45C 82E6F95C 4 Bytes [BC, F1, 55, 92]
.text ntkrnlpa.exe!RtlSidHashLookup + 490 82E6F990 4 Bytes [CC, EB, 55, 92] {INT 3 ; JMP 0x58; XCHG EDX, EAX}
.text ntkrnlpa.exe!RtlSidHashLookup + 4F8 82E6F9F8 4 Bytes [EE, F5, 55, 92] {OUT DX, AL ; CMC ; PUSH EBP; XCHG EDX, EAX}
.text ntkrnlpa.exe!RtlSidHashLookup + 678 82E6FB78 4 Bytes [8C, 08, 56, 92] {MOV WORD [EAX], CS; PUSH ESI; XCHG EDX, EAX}
.text ...
? System32\Drivers\spnq.sys Määritettyä polkua ei löydy. !
PAGE ataport.SYS!DllUnload + 1 8C843AD7 4 Bytes JMP 85D021D9
.text USBPORT.SYS!DllUnload 93848CA0 5 Bytes JMP 876971D8
.text C:\Windows\system32\DRIVERS\atipmdag.sys section is writeable [0x94A2F000, 0x2E6316, 0xE8000020]
.text C:\Windows\system32\DRIVERS\lirsgt.sys section is writeable [0x9B985300, 0x1B7E, 0xE8000020]
.text peauth.sys 9C63DC9D 28 Bytes [0F, 87, 3B, 68, DB, A3, E3, ...]
.text peauth.sys 9C63DCC1 28 Bytes [0F, 87, 3B, 68, DB, A3, E3, ...]
PAGE peauth.sys 9C643B9B 72 Bytes [A7, C7, 21, 18, 6C, EC, 29, ...]
PAGE peauth.sys 9C643BEC 111 Bytes [90, F4, A3, B6, 9A, 13, 23, ...]
PAGE peauth.sys 9C643E20 101 Bytes [E4, 9F, B5, 9C, 35, 8D, 33, ...]
PAGE ...
---- User code sections - GMER 1.0.15 ----
.text C:\Windows\system32\svchost.exe[796] ole32.dll!CoCreateInstance 76DE57FC 5 Bytes JMP 00A2000A
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!UnhookWindowsHookEx 76C2CC7B 5 Bytes JMP 6E3781D8 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!CallNextHookEx 76C2CC8F 5 Bytes JMP 6E359A6C C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!CreateWindowExW 76C30E51 5 Bytes JMP 6E36801F C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!SetWindowsHookExW 76C3210A 5 Bytes JMP 6E3146DB C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!DialogBoxIndirectParamW 76C54AA7 5 Bytes JMP 6E48EDC0 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!DialogBoxParamW 76C5564A 5 Bytes JMP 6E284D5B C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!DialogBoxParamA 76C6CF6A 5 Bytes JMP 6E48ED5D C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!DialogBoxIndirectParamA 76C6D29C 5 Bytes JMP 6E48EE23 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!MessageBoxIndirectA 76C7E8C9 5 Bytes JMP 6E48ECF2 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!MessageBoxIndirectW 76C7E9C3 5 Bytes JMP 6E48EC87 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!MessageBoxExA 76C7EA29 5 Bytes JMP 6E48EC25 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!MessageBoxExW 76C7EA4D 5 Bytes JMP 6E48EBC3 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] ole32.dll!OleLoadFromStream 76D95B88 5 Bytes JMP 6E48F137 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] ole32.dll!CoCreateInstance 76DE57FC 5 Bytes JMP 6E368B0D C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[6060] USER32.dll!CreateWindowExW 76C30E51 5 Bytes JMP 6E36801F C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[6060] USER32.dll!DialogBoxIndirectParamW 76C54AA7 5 Bytes JMP 6E48EDC0 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[6060] USER32.dll!DialogBoxParamW 76C5564A 5 Bytes JMP 6E284D5B C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[6060] USER32.dll!DialogBoxParamA 76C6CF6A 5 Bytes JMP 6E48ED5D C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[6060] USER32.dll!DialogBoxIndirectParamA 76C6D29C 5 Bytes JMP 6E48EE23 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[6060] USER32.dll!MessageBoxIndirectA 76C7E8C9 5 Bytes JMP 6E48ECF2 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[6060] USER32.dll!MessageBoxIndirectW 76C7E9C3 5 Bytes JMP 6E48EC87 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[6060] USER32.dll!MessageBoxExA 76C7EA29 5 Bytes JMP 6E48EC25 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[6060] USER32.dll!MessageBoxExW 76C7EA4D 5 Bytes JMP 6E48EBC3 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
---- User IAT/EAT - GMER 1.0.15 ----
IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [73B92494] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [73B75624] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [73B756E2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [73B9250F] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [73B88573] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [73B84D27] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [73B850CE] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [73B851A3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromHBITMAP] [73B866D0] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [73B882CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [73B88819] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [73B8907A] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [73B8E21D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [73B84C59] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Users\Sini\AppData\Local\Temp\Qtr.exe[1192] @ C:\Windows\system32\WININET.dll [USER32.dll!CreateWindowExW] [00417CE6] C:\Users\Sini\AppData\Local\Temp\Qtr.exe
IAT C:\Users\Sini\AppData\Local\Temp\Qtr.exe[1192] @ C:\Windows\system32\WININET.dll [USER32.dll!SetWindowPos] [00417E12] C:\Users\Sini\AppData\Local\Temp\Qtr.exe
IAT C:\Users\Sini\AppData\Local\Temp\Qtr.exe[1192] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!CreateWindowExA] [00417C6C] C:\Users\Sini\AppData\Local\Temp\Qtr.exe
IAT C:\Users\Sini\AppData\Local\Temp\Qtr.exe[1192] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!CreateWindowExW] [00417CE6] C:\Users\Sini\AppData\Local\Temp\Qtr.exe
IAT C:\Users\Sini\AppData\Local\Temp\Qtr.exe[1192] @ C:\Windows\system32\ole32.dll [USER32.dll!CreateWindowExW] [00417CE6] C:\Users\Sini\AppData\Local\Temp\Qtr.exe
IAT C:\Users\Sini\AppData\Local\Temp\Qtr.exe[1192] @ C:\Windows\system32\ole32.dll [USER32.dll!ShowWindow] [00417D60] C:\Users\Sini\AppData\Local\Temp\Qtr.exe
IAT C:\Users\Sini\AppData\Local\Temp\Qtr.exe[1192] @ C:\Windows\system32\shell32.dll [USER32.dll!CreateWindowExW] [00417CE6] C:\Users\Sini\AppData\Local\Temp\Qtr.exe
IAT C:\Users\Sini\AppData\Local\Temp\Qtr.exe[1192] @ C:\Windows\system32\shell32.dll [USER32.dll!SetWindowPos] [00417E12] C:\Users\Sini\AppData\Local\Temp\Qtr.exe
IAT C:\Users\Sini\AppData\Local\Temp\Qtr.exe[1192] @ C:\Windows\system32\shell32.dll [USER32.dll!ShowWindow] [00417D60] C:\Users\Sini\AppData\Local\Temp\Qtr.exe
IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\SHELL32.dll [USER32.dll!MessageBoxW] [00418686] C:\Windows\msa.exe
IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\SHELL32.dll [USER32.dll!DialogBoxParamW] [0041867A] C:\Windows\msa.exe
IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\SHELL32.dll [USER32.dll!CreateWindowExW] [004184E8] C:\Windows\msa.exe
IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\SHELL32.dll [USER32.dll!MessageBoxIndirectW] [00418674] C:\Windows\msa.exe
IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\SHELL32.dll [USER32.dll!SetWindowPos] [0041860E] C:\Windows\msa.exe
IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\SHELL32.dll [USER32.dll!ShowWindow] [00418560] C:\Windows\msa.exe
IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!DialogBoxParamW] [0041867A] C:\Windows\msa.exe
IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!DialogBoxParamA] [0041867A] C:\Windows\msa.exe
IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!CreateWindowExA] [00418470] C:\Windows\msa.exe
IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!CreateWindowExW] [004184E8] C:\Windows\msa.exe
IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!MessageBoxW] [00418686] C:\Windows\msa.exe
IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\WININET.dll [USER32.dll!DialogBoxParamW] [0041867A] C:\Windows\msa.exe
IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\WININET.dll [USER32.dll!CreateWindowExW] [004184E8] C:\Windows\msa.exe
IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\WININET.dll [USER32.dll!MessageBoxW] [00418686] C:\Windows\msa.exe
IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\WININET.dll [USER32.dll!SetWindowPos] [0041860E] C:\Windows\msa.exe
IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\ole32.dll [USER32.dll!CreateWindowExW] [004184E8] C:\Windows\msa.exe
IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\ole32.dll [USER32.dll!DialogBoxParamW] [0041867A] C:\Windows\msa.exe
IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\ole32.dll [USER32.dll!MessageBoxW] [00418686] C:\Windows\msa.exe
IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\ole32.dll [USER32.dll!ShowWindow] [00418560] C:\Windows\msa.exe
IAT C:\Windows\System32\rundll32.exe[3524] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [74F95D3D] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
IAT C:\Windows\System32\rundll32.exe[3524] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [74F95D3D] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
IAT C:\Windows\System32\rundll32.exe[3524] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [74F95D3D] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
IAT C:\Windows\System32\rundll32.exe[3524] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [74F95D3D] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
IAT C:\Windows\System32\rundll32.exe[3524] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [74F95D3D] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
IAT C:\Windows\System32\rundll32.exe[3524] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [74F95D3D] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
---- Devices - GMER 1.0.15 ----
Device \FileSystem\Ntfs \Ntfs 85D081F8
Device \FileSystem\fastfat \FatCdrom 889C61F8
Device \Driver\volmgr \Device\VolMgrControl 85D041F8
Device \Driver\usbohci \Device\USBPDO-0 876941F8
Device \Driver\usbehci \Device\USBPDO-1 876A71F8
Device \Driver\usbohci \Device\USBPDO-2 876941F8
Device \Driver\usbehci \Device\USBPDO-3 876A71F8
Device \Driver\volmgr \Device\HarddiskVolume1 85D041F8
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
Device \Driver\volmgr \Device\HarddiskVolume2 85D041F8
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
Device \Driver\cdrom \Device\CdRom0 87451500
Device \Driver\volmgr \Device\HarddiskVolume3 85D041F8
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
Device \Driver\atapi \Device\Ide\IdePort0 85D061F8
Device \Driver\atapi \Device\Ide\IdePort1 85D061F8
Device \Driver\atapi \Device\Ide\IdePort2 85D061F8
Device \Driver\atapi \Device\Ide\IdePort3 85D061F8
Device \Driver\atapi \Device\Ide\IdeDeviceP3T0L0-4 85D061F8
Device \Driver\volmgr \Device\HarddiskVolume4 85D041F8
AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
Device \Driver\volmgr \Device\HarddiskVolume5 85D041F8
AttachedDevice \Driver\volmgr \Device\HarddiskVolume5 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
Device \Driver\NetBT \Device\NetBT_Tcpip_{02C4A9CE-C6F6-4610-AA31-268A8ADBE780} 874321F8
Device \Driver\NetBT \Device\NetBt_Wins_Export 874321F8
Device \Driver\USBSTOR \Device\00000083 879AD500
Device \Driver\USBSTOR \Device\00000084 879AD500
Device \Driver\USBSTOR \Device\00000085 879AD500
Device \Driver\USBSTOR \Device\00000086 879AD500
Device \Driver\USBSTOR \Device\00000087 879AD500
Device \Driver\ACPI_HAL \Device\0000004e halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)
Device \Driver\usbohci \Device\USBFDO-0 876941F8
Device \Driver\usbehci \Device\USBFDO-1 876A71F8
Device \Driver\usbohci \Device\USBFDO-2 876941F8
Device \Driver\usbehci \Device\USBFDO-3 876A71F8
Device \FileSystem\fastfat \Fat 889C61F8
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
Device -> \Driver\atapi \Device\Harddisk0\DR0 86AEF841
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s2 285507792
---- Files - GMER 1.0.15 ----
File C:\Windows\system32\drivers\atapi.sys suspicious modification
---- EOF - GMER 1.0.15 ----
|
Senior Member
7 tuotearviota
|
10. maaliskuuta 2010 @ 16:04 |
Linkki tähän viestiin
|
|
niin mikä oli ongelma
|
|
warwas
Suspended permanently
|
10. maaliskuuta 2010 @ 19:45 |
Linkki tähän viestiin
|
Lainaus, alkuperäisen viestin kirjoitti Michelola:
niin mikä oli ongelma
Jos sul ei ole muuta sanomista niin kasvatatko vain postcountia jotta pääsisit Senior Memberiksi?
@Toope92
Tästä alkaa savotta jos jonkinmoinen, saastunut on ja pahasti ja pahin siellä on saastunut Atapi.sys, ongelmana että me ei voida poistaa sitä ja laittaa uutta tilalle ihan hetkessä.
Kokeillaan kummiskin...(Tulee vaatimaan kyllä Korjauslevykkeen mikä ei poista omia tiedostoja)
Vistassa kaikki fixit tarvii tehdä järjestelmänvalvojana
Eli hiiren oikealla ja aja järjestelmän valvojana.
Avaa HJT
Klikkaa Do a system scan only ja merkkaa seuraavat rivit:
[size=9]
O4 - HKCU\..\Run: [TOY5KNQ8OC] C:\Users\Sini\AppData\Local\Temp\Qtr.exe
O4 - HKUS\S-1-5-18\..\Run: [cbssreg] C:\Windows\TEMP\nytf.tmp\svchost.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [cbssreg] C:\Windows\TEMP\nytf.tmp\svchost.exe (User 'Default user')
[/size]
Sammuta kaikki muut ohjelmat paitsi palomuuri ja virustorjunta ja Klikkaa Fix checked
[color=blue]Sulje HJT[/color]
-------------------------------------------------------------------------------
Päivitä ja skannaa Mbam:lla
[list][*] Avaa Mbam
[*] Klikkaa päivitys
[*] Tarkista päivitykset
[*]Kun ohjelma on latautunut ja päivitykset tehty, valitse Suorita täysi tarkistus ja klikkaa Tarkista.
[*]Kun tarkistus on valmis, klikkaa OK ja sitten Näytä tulokset nähdäksesi tulokset.
[*]Varmistu, että kaikki on merkitty ja klikkaa Poista valitut.
[*]Tämän jälkeen loki avautuu muistioon. Tallenna se paikkaan, josta löydät sen helposti. Loki löytyy myös täältä: C:\Documents and Settings\Käyttäjänimi\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-päiväys.txt
[*]Lähetä lokin sisältö seuraavassa viestissäsi.[/list]
Sammuta ja käynnistä jollei Mbam sitä Tee/Pyydä
[list=1][*] Lataa OTListIt by OldTimer ja tallenna se työpöydälle.
[*] Sulje kaikki päälläolevat ikkunat ja sovellukset.
[*] Tuplaklikkaa OTL.exeä käynnistääksesi OTListIt:n.
[*] Valitse "Scan All Users"-valintaruutu (laita siihen rasti).
[*] Klikkaa sinistä Run Scan-nappulaa.
[*] OTListIt aloittaa tarkistuksen.
[*] Kun tarkistus on valmis, OTListIt luo kaksi tekstitiedostoa työpöydälle, OTListIt.Txt <- tämä avautuu Muistioon ja Extras.txt
[*] Kopioi (Ctrl+A , Ctrl+C) ja liitä (Ctrl+V) OTListIt.Txt ja Extras.txt-tiedostojen sisältö seuravaan viestiisi[/list]
Lähetätkö seuraavat lokit
Mbam:n log-päiväys.txt
Otl:n OTListIt.Txt ja Extras.txt
Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 10. maaliskuuta 2010 @ 19:49
|
Member
1 tuotearvio
|
11. maaliskuuta 2010 @ 17:47 |
Linkki tähän viestiin
|
|
Ongelmana on se että mbam lakkaa kesken kaiken toimimasta!
|
Member
1 tuotearvio
|
11. maaliskuuta 2010 @ 18:33 |
Linkki tähän viestiin
|
OTL logfile created on: 11.3.2010 17:49:46 - Run 1
OTL by OldTimer - Version 3.1.36.1 Folder = C:\Users\Sini\Desktop
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 0000040b | Country: Suomi | Language: FIN | Date Format: d.M.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 68,00% Memory free
7,00 Gb Paging File | 6,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 931,51 Gb Total Space | 732,06 Gb Free Space | 78,59% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: SINI-PC
Current User Name: Sini
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - [2010.03.11 17:47:34 | 000,554,496 | ---- | M] (OldTimer Tools) -- C:\Users\Sini\Desktop\OTL.exe
PRC - [2010.03.06 10:36:53 | 000,356,960 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\fsav32.exe
PRC - [2010.03.06 10:36:07 | 000,619,616 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\fssm32.exe
PRC - [2010.03.06 10:36:06 | 000,480,352 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\fsgk32.exe
PRC - [2010.03.06 10:28:03 | 000,055,992 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\ORSP Client\fsorsp.exe
PRC - [2010.02.25 12:02:02 | 000,716,616 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
PRC - [2010.02.25 11:59:54 | 001,047,880 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
PRC - [2010.02.02 20:17:28 | 000,372,736 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2010.02.02 20:16:58 | 000,172,032 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.08.10 15:59:50 | 000,178,720 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
PRC - [2009.08.10 15:59:48 | 000,387,616 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
PRC - [2009.08.05 17:58:52 | 000,186,976 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\Common\FSMA32.EXE
PRC - [2009.08.05 17:58:50 | 000,199,264 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\Common\FSM32.EXE
PRC - [2009.08.05 17:58:50 | 000,088,672 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\Common\FSHDLL32.EXE
PRC - [2009.08.05 17:57:20 | 000,522,848 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\FWES\program\fsdfwd.exe
PRC - [2009.08.05 17:56:10 | 000,215,648 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\fsgk32st.exe
PRC - [2009.07.14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009.07.14 03:14:24 | 000,157,184 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Windows Defender\MpCmdRun.exe
PRC - [2008.10.16 10:04:42 | 000,202,016 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Sonera\InternetAvustaja\bin\sprtsvc.exe
PRC - [2007.07.24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
[color=#E56717]========== Modules (SafeList) ==========[/color]
MOD - [2010.03.11 17:47:34 | 000,554,496 | ---- | M] (OldTimer Tools) -- C:\Users\Sini\Desktop\OTL.exe
MOD - [2009.07.14 03:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll
MOD - [2009.07.14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll
MOD - [2009.07.14 03:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll
MOD - [2009.07.14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll
MOD - [2009.07.14 03:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll
MOD - [2009.07.14 03:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll
MOD - [2009.07.14 03:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
MOD - [2009.07.14 03:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll
MOD - [2009.07.14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll
MOD - [2009.07.14 03:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll
MOD - [2009.07.14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
SRV - [2010.03.06 10:28:03 | 000,055,992 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files\Sonera\Sonera Tietoturva\ORSP Client\fsorsp.exe -- (FSORSPClient)
SRV - [2010.03.05 16:33:51 | 002,462,256 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\rswin_3648.dll -- (Akamai)
SRV - [2010.03.03 10:05:31 | 000,435,016 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2010.02.25 11:59:54 | 001,047,880 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2010.02.25 11:56:02 | 000,030,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2010.02.02 20:16:58 | 000,172,032 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009.08.21 15:47:14 | 030,510,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2009.08.21 15:36:08 | 004,639,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009.08.10 15:59:50 | 000,178,720 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp)
SRV - [2009.08.10 15:59:48 | 000,387,616 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM)
SRV - [2009.08.05 17:58:52 | 000,186,976 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files\Sonera\Sonera Tietoturva\Common\FSMA32.EXE -- (FSMA)
SRV - [2009.08.05 17:57:20 | 000,522,848 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files\Sonera\Sonera Tietoturva\FWES\Program\fsdfwd.exe -- (FSDFWD)
SRV - [2009.08.05 17:56:10 | 000,215,648 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\fsgk32st.exe -- (F-Secure Gatekeeper Handler Starter)
SRV - [2009.07.14 03:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)
SRV - [2009.07.14 03:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
SRV - [2009.07.14 03:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power)
SRV - [2009.07.14 03:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2009.07.14 03:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)
SRV - [2009.07.14 03:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)
SRV - [2009.07.14 03:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
SRV - [2009.07.14 03:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
SRV - [2009.07.14 03:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.07.14 03:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
SRV - [2009.07.14 03:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009.07.14 03:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2009.07.14 03:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc)
SRV - [2009.07.14 03:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC)
SRV - [2009.07.14 03:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) ActiveX-asennusohjelma (AxInstSV)
SRV - [2009.07.14 03:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)
SRV - [2009.07.14 03:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc)
SRV - [2008.10.16 10:04:42 | 000,202,016 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Sonera\InternetAvustaja\bin\sprtsvc.exe -- (sprtsvc_sonera) SupportSoft Sprocket Service (sonera)
SRV - [2008.10.16 10:02:58 | 000,382,320 | ---- | M] (SupportSoft, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\supportsoft\bin\ssrc.exe -- (SupportSoft RemoteAssist)
SRV - [2008.05.21 13:42:56 | 000,064,000 | ---- | M] (Creative Technology Ltd) [Disabled | Stopped] -- C:\Program Files\Creative\Creative Centrale\CTUPnPSv.exe -- (CTUPnPSv)
SRV - [2007.12.13 16:29:59 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2007.07.24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2007.04.02 08:15:40 | 000,061,440 | ---- | M] (Creative Technology Ltd) [Disabled | Stopped] -- C:\Program Files\Creative\Shared Files\CTDevSrv.exe -- (CTDevice_Srv)
SRV - [2004.05.14 13:02:46 | 000,086,016 | ---- | M] (NetGroup - Politecnico di Torino) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV - [2010.03.10 16:16:42 | 000,021,584 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\atapi.sys -- (atapi)
DRV - [2010.03.06 10:37:16 | 000,033,920 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\Drivers\fsbts.sys -- (fsbts)
DRV - [2010.03.06 10:36:46 | 000,107,104 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\minifilter\fsgk.sys -- (F-Secure Gatekeeper)
DRV - [2010.02.20 17:07:24 | 000,278,984 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2010.02.20 17:06:41 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2010.02.02 20:54:34 | 005,313,536 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2010.02.02 20:54:34 | 005,313,536 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atipmdag.sys -- (amdkmdag)
DRV - [2010.02.02 19:23:42 | 000,150,016 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2010.01.28 15:33:30 | 000,100,352 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2010.01.27 11:04:00 | 000,183,584 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService)
DRV - [2010.01.21 01:59:58 | 000,020,864 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2010.01.21 01:59:56 | 000,024,960 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2010.01.21 01:59:56 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2010.01.07 16:07:14 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2010.01.03 21:04:37 | 000,722,416 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.12.19 02:31:32 | 000,073,312 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\adfs.sys -- (adfs)
DRV - [2009.12.01 11:11:28 | 001,872,192 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\cmudax3.sys -- (cmuda3)
DRV - [2009.11.10 14:55:08 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2009.11.10 14:54:52 | 000,035,984 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2009.11.09 05:21:18 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2009.10.14 07:24:44 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2009.08.05 17:58:30 | 000,068,064 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys -- (F-Secure HIPS)
DRV - [2009.08.05 17:57:20 | 000,071,040 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\fsdfw.sys -- (FSFW)
DRV - [2009.08.05 17:57:12 | 000,035,680 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\fses.sys -- (FSES)
DRV - [2009.08.05 17:56:14 | 000,039,776 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\win2k\fsfilter.sys -- (F-Secure Filter)
DRV - [2009.08.05 17:56:14 | 000,025,184 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\win2k\fsrec.sys -- (F-Secure Recognizer)
DRV - [2009.08.05 17:56:12 | 000,012,384 | ---- | M] () [Kernel | System | Running] -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\minifilter\fsvista.sys -- (fsvista)
DRV - [2009.07.30 17:12:54 | 000,287,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmf6232.sys -- (NVNET)
DRV - [2009.07.14 03:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide)
DRV - [2009.07.14 03:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci)
DRV - [2009.07.14 03:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)
DRV - [2009.07.14 03:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)
DRV - [2009.07.14 03:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320)
DRV - [2009.07.14 03:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas)
DRV - [2009.07.14 03:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata)
DRV - [2009.07.14 03:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc)
DRV - [2009.07.14 03:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata)
DRV - [2009.07.14 03:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide)
DRV - [2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor)
DRV - [2009.07.14 03:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid)
DRV - [2009.07.14 03:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)
DRV - [2009.07.14 03:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)
DRV - [2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV)
DRV - [2009.07.14 03:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)
DRV - [2009.07.14 03:20:36 | 000,133,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg)
DRV - [2009.07.14 03:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2009.07.14 03:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)
DRV - [2009.07.14 03:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)
DRV - [2009.07.14 03:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp)
DRV - [2009.07.14 03:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas)
DRV - [2009.07.14 03:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)
DRV - [2009.07.14 03:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor)
DRV - [2009.07.14 03:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx)
DRV - [2009.07.14 03:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD)
DRV - [2009.07.14 03:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)
DRV - [2009.07.14 03:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)
DRV - [2009.07.14 03:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp)
DRV - [2009.07.14 03:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount)
DRV - [2009.07.14 03:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide)
DRV - [2009.07.14 03:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300)
DRV - [2009.07.14 03:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)
DRV - [2009.07.14 03:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)
DRV - [2009.07.14 03:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)
DRV - [2009.07.14 03:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw)
DRV - [2009.07.14 03:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)
DRV - [2009.07.14 03:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor)
DRV - [2009.07.14 03:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG)
DRV - [2009.07.14 02:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2009.07.14 02:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\rdpbus.sys -- (rdpbus)
DRV - [2009.07.14 02:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV - [2009.07.14 01:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV - [2009.07.14 01:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)
DRV - [2009.07.14 01:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)
DRV - [2009.07.14 01:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)
DRV - [2009.07.14 01:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\1394ohci.sys -- (1394ohci)
DRV - [2009.07.14 01:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass)
DRV - [2009.07.14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009.07.14 01:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV - [2009.07.14 01:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)
DRV - [2009.07.14 01:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus)
DRV - [2009.07.14 01:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID)
DRV - [2009.07.14 01:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter)
DRV - [2009.07.14 01:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache)
DRV - [2009.07.14 01:19:21 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HidBatt.sys -- (HidBatt)
DRV - [2009.07.14 01:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi)
DRV - [2009.07.14 01:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdppm.sys -- (AmdPPM)
DRV - [2009.07.14 00:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.14 00:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV - [2009.07.14 00:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer)
DRV - [2009.07.14 00:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm)
DRV - [2009.07.14 00:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo)
DRV - [2009.07.14 00:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp)
DRV - [2009.07.14 00:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
DRV - [2009.07.14 00:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2009.07.14 00:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv)
DRV - [2009.07.14 00:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv)
DRV - [2009.06.29 00:36:36 | 000,017,920 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2008.12.12 15:27:46 | 000,018,432 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\LG Soft India\forteManager\bin\PII2CDriver.sys -- (LGII2CDevice)
DRV - [2008.12.12 15:27:46 | 000,014,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\LG Soft India\forteManager\bin\I2CDriver.sys -- (LGDDCDevice)
DRV - [2008.01.19 05:55:22 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\irsir.sys -- (irsir)
DRV - [2007.04.17 20:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\regi.sys -- (regi)
DRV - [2004.05.14 11:37:10 | 000,032,896 | ---- | M] (NetGroup - Politecnico di Torino) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\npf.sys -- (NPF)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3761315706-44459061-675875969-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com?o=15161&l=dis
IE - HKU\S-1-5-21-3761315706-44459061-675875969-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fi.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-3761315706-44459061-675875969-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fi
IE - HKU\S-1-5-21-3761315706-44459061-675875969-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 59 2D 93 5E EC 6D CA 01 [binary data]
IE - HKU\S-1-5-21-3761315706-44459061-675875969-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
[color=#E56717]========== FireFox ==========[/color]
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "BS Player Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://www3.iamwired.net/websearch.php?src=tops&search="
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Torrents.to"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.fi/"
FF - prefs.js..extensions.enabledItems: {80155943-b083-a2cf-0350-54d3b1be1609}:4.6.6.4
FF - prefs.js..keyword.URL: ""
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - HKLM\software\mozilla\Firefox\Extensions\\FFToolbar@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2010\bdaphffext\ [2010.03.06 10:33:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\litmus-ff@f-secure.com: C:\Program Files\Sonera\Sonera Tietoturva\NRS\litmus-ff@f-secure.com [2010.03.06 10:23:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.03.11 10:51:52 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.03.11 10:56:18 | 000,000,000 | ---D | M]
[2009.12.23 03:15:53 | 000,000,000 | ---D | M] -- C:\Users\Sini\AppData\Roaming\mozilla\Extensions
[2009.12.23 03:15:53 | 000,000,000 | ---D | M] -- C:\Users\Sini\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org
[2010.03.11 17:24:40 | 000,000,000 | ---D | M] -- C:\Users\Sini\AppData\Roaming\mozilla\Firefox\Profiles\k20tmfqy.default\extensions
[2010.01.23 17:01:58 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Sini\AppData\Roaming\mozilla\Firefox\Profiles\k20tmfqy.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2009.12.24 14:49:06 | 000,000,000 | ---D | M] (Fasterfox) -- C:\Users\Sini\AppData\Roaming\mozilla\Firefox\Profiles\k20tmfqy.default\extensions\{c36177c0-224a-11da-8cd6-0800200c9a91}
[2010.01.23 17:01:58 | 000,000,000 | ---D | M] (FoxTab) -- C:\Users\Sini\AppData\Roaming\mozilla\Firefox\Profiles\k20tmfqy.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
[2010.01.27 23:30:56 | 000,000,000 | ---D | M] -- C:\Users\Sini\AppData\Roaming\mozilla\Firefox\Profiles\k20tmfqy.default\extensions\fsonlinescanner@f-secure.com
[2010.01.23 17:01:58 | 000,000,000 | ---D | M] -- C:\Users\Sini\AppData\Roaming\mozilla\Firefox\Profiles\k20tmfqy.default\extensions\personas@christopher.beard
[2010.03.11 17:18:44 | 000,002,257 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\Mozilla\FireFox\Profiles\k20tmfqy.default\searchplugins\askcom.xml
[2009.12.24 20:57:14 | 000,002,367 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\Mozilla\FireFox\Profiles\k20tmfqy.default\searchplugins\photobucket.xml
[2010.03.09 17:57:08 | 000,000,261 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\Mozilla\FireFox\Profiles\k20tmfqy.default\searchplugins\Search.xml
[2009.12.02 18:49:43 | 000,000,897 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\Mozilla\FireFox\Profiles\k20tmfqy.default\searchplugins\torrentsto.xml
[2010.01.22 19:04:02 | 000,001,713 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\Mozilla\FireFox\Profiles\k20tmfqy.default\searchplugins\youtube-video-search.xml
[2010.03.11 17:19:18 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.03.09 18:35:10 | 000,000,000 | ---D | M] (LoudMo Contextual Ad Assistant) -- C:\Program Files\Mozilla Firefox\extensions\{80155943-b083-a2cf-0350-54d3b1be1609}
[2010.01.16 03:19:09 | 000,002,062 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bookplus-fi.xml
[2010.01.16 03:19:09 | 000,001,069 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons-fi.xml
[2010.01.16 03:19:09 | 000,002,677 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\huuto-fi.xml
[2010.01.16 03:19:09 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fi.xml
[2010.01.16 03:19:09 | 000,000,796 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-fi.xml
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Browsing Protection Class) - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files\Sonera\Sonera Tietoturva\NRS\iescript\BaseLitmus.dll (F-Secure Corporation)
O2 - BHO: (gwprimawega) - {da9e5a55-a1a2-1b97-026f-b233372fee2e} - C:\Windows\System32\p0_aPIH.dll ()
O3 - HKLM\..\Toolbar: (Browsing Protection Toolbar) - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files\Sonera\Sonera Tietoturva\NRS\iescript\BaseLitmus.dll (F-Secure Corporation)
O3 - HKU\S-1-5-21-3761315706-44459061-675875969-1001\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [CmPCIaudio] File not found
O4 - HKLM..\Run: [F-Secure Manager] C:\Program Files\Sonera\Sonera Tietoturva\Common\FSM32.EXE (F-Secure Corporation)
O4 - HKLM..\Run: [F-Secure TNB] C:\Program Files\Sonera\Sonera Tietoturva\FSGUI\TNBUtil.exe (F-Secure Corporation)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKU\.DEFAULT..\Run: [cbssreg] C:\Windows\TEMP\nytf.tmp\svchost.exe File not found
O4 - HKU\S-1-5-18..\Run: [cbssreg] C:\Windows\TEMP\nytf.tmp\svchost.exe File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe File not found
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe File not found
O4 - HKU\S-1-5-21-3761315706-44459061-675875969-1001..\Run: [FileHippo.com] C:\Program Files\FileHippo.com\UpdateChecker.exe (FileHippo.com)
O4 - HKU\S-1-5-21-3761315706-44459061-675875969-1001..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Sini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe (Lime Wire, LLC)
O4 - Startup: C:\Users\Sini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\update.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-3761315706-44459061-675875969-1001\..Trusted Domains: corel.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-3761315706-44459061-675875969-1001\..Trusted Domains: corel.com ([www] * in Trusted sites)
O15 - HKU\S-1-5-21-3761315706-44459061-675875969-1001\..Trusted Domains: intervideo.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-3761315706-44459061-675875969-1001\..Trusted Domains: intervideo.com ([www] * in Trusted sites)
O16 - DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} http://srtest-cdn.systemrequirementslab....eqlabdetect.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstal...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstal...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstal...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/software...15111/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKU\S-1-5-21-3761315706-44459061-675875969-1001 Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-3761315706-44459061-675875969-1001 Winlogon: Shell - (C:\Users\Sini\AppData\Roaming\ufxw.exe) - C:\Users\Sini\AppData\Roaming\ufxw.exe File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\I\Shell - "" = AutoRun
O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\Autorun.exe -- File not found
O33 - MountPoints2\J\Shell - "" = AutoRun
O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\Autorun.exe -- File not found
O33 - MountPoints2\K\Shell - "" = AutoRun
O34 - HKLM BootExecute: (autocheck autochk /r \??\F:) - File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (sasnative32) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2010.03.11 17:47:34 | 000,554,496 | ---- | C] (OldTimer Tools) -- C:\Users\Sini\Desktop\OTL.exe
[2010.03.10 16:49:11 | 000,000,000 | ---D | C] -- C:\Users\Sini\Tracing
[2010.03.09 20:58:43 | 000,705,536 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\cohelper.dll
[2010.03.09 19:14:02 | 002,622,496 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkHDMI.dll
[2010.03.09 19:14:02 | 000,355,528 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32H.dll
[2010.03.09 19:14:02 | 000,183,584 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RtHDMIV.sys
[2010.03.09 19:14:02 | 000,073,928 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32H.dll
[2010.03.09 19:14:01 | 000,168,648 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32H.dll
[2010.03.09 19:14:01 | 000,062,664 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32H.dll
[2010.03.09 19:14:00 | 001,640,480 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RHDMIExt.dll
[2010.03.09 19:14:00 | 000,293,600 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RH3DHT32.dll
[2010.03.09 19:14:00 | 000,293,600 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RH3DAA32.dll
[2010.03.09 19:14:00 | 000,057,376 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RHCoInst.dll
[2010.03.09 19:14:00 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2010.03.09 19:13:52 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp
[2010.03.09 19:11:56 | 000,000,000 | ---D | C] -- C:\SMU
[2010.03.09 19:11:56 | 000,000,000 | ---D | C] -- C:\SMBUS
[2010.03.09 19:11:54 | 000,000,000 | ---D | C] -- C:\IDE
[2010.03.09 19:11:54 | 000,000,000 | ---D | C] -- C:\Ethernet
[2010.03.09 17:27:11 | 000,000,000 | ---D | C] -- C:\Users\Sini\Documents\DriverGenius
[2010.03.09 17:03:19 | 000,000,000 | ---D | C] -- C:\Program Files\Driver-Soft
[2010.03.09 07:09:41 | 003,955,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010.03.09 07:09:41 | 003,899,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010.03.08 20:27:42 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010.03.08 17:22:58 | 000,000,000 | ---D | C] -- C:\Program Files\TrendMicro
[2010.03.08 04:51:36 | 000,000,000 | ---D | C] -- C:\SDFix
[2010.03.08 04:50:41 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
[2010.03.08 04:47:05 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2010.03.07 19:54:36 | 000,000,000 | ---D | C] -- C:\Users\Sini\AppData\Local\Stay Secure
[2010.03.07 16:43:44 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[2010.03.07 16:37:07 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.03.07 16:37:06 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.03.07 16:37:06 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.03.06 10:31:35 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010.03.06 10:24:13 | 000,035,680 | ---- | C] (F-Secure Corporation) -- C:\Windows\System32\drivers\fses.sys
[2010.03.06 10:24:08 | 000,572,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcp50.dll
[2010.03.06 10:24:08 | 000,071,040 | ---- | C] (F-Secure Corporation) -- C:\Windows\System32\drivers\fsdfw.sys
[2010.03.06 09:46:08 | 000,000,000 | ---D | C] -- C:\Users\Sini\Documents\My Drivers
[2010.03.05 13:33:38 | 000,000,000 | ---D | C] -- C:\Users\Sini\Documents\Adobe Scripts
[2010.03.05 10:24:58 | 000,016,400 | ---- | C] (Logitech, Inc.) -- C:\Windows\System32\drivers\LNonPnP.sys
[2010.03.05 10:24:41 | 001,581,072 | ---- | C] (Logitech, Inc.) -- C:\Windows\System32\LkmdfCoInst.dll
[2010.03.05 10:24:41 | 000,052,240 | ---- | C] (Logitech, Inc.) -- C:\Windows\System32\LMouFiltCoInst.dll
[2010.03.05 10:24:41 | 000,037,392 | ---- | C] (Logitech, Inc.) -- C:\Windows\System32\drivers\LMouFilt.Sys
[2010.03.05 10:24:40 | 000,035,984 | ---- | C] (Logitech, Inc.) -- C:\Windows\System32\drivers\LHidFilt.Sys
[2010.03.04 15:38:01 | 000,000,000 | ---D | C] -- C:\Program Files\The Sims Resource
[2010.03.04 14:50:34 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010.03.04 14:40:01 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2010.03.03 20:00:17 | 000,274,432 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\Oemdspif.dll
[2010.03.03 20:00:17 | 000,100,352 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\drivers\AtiHdmi.sys
[2010.03.03 20:00:17 | 000,050,176 | ---- | C] (AMD) -- C:\Windows\System32\coinst.dll
[2010.03.03 20:00:17 | 000,027,136 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiuxpag.dll
[2010.03.03 20:00:16 | 000,020,480 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiu9pag.dll
[2010.03.03 20:00:15 | 000,356,352 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\atipdlxx.dll
[2010.03.03 20:00:15 | 000,159,744 | ---- | C] (AMD) -- C:\Windows\System32\atitmmxx.dll
[2010.03.03 20:00:12 | 014,147,072 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atioglxx.dll
[2010.03.03 20:00:07 | 005,313,536 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\atipmdag.sys
[2010.03.03 20:00:07 | 005,313,536 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\atikmdag.sys
[2010.03.03 20:00:07 | 000,150,016 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\drivers\atikmpag.sys
[2010.03.03 20:00:07 | 000,052,224 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atimpc32.dll
[2010.03.03 20:00:07 | 000,052,224 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\amdpcom32.dll
[2010.03.03 20:00:07 | 000,011,776 | ---- | C] (AMD) -- C:\Windows\System32\atimuixx.dll
[2010.03.03 20:00:06 | 000,446,464 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIDEMGX.dll
[2010.03.03 20:00:06 | 000,014,848 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atigktxx.dll
[2010.03.03 20:00:06 | 000,012,800 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiglpxx.dll
[2010.03.03 20:00:05 | 003,649,536 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticaldd.dll
[2010.03.03 20:00:05 | 000,426,496 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\System32\aticfx32.dll
[2010.03.03 20:00:05 | 000,143,360 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiapfxx.exe
[2010.03.03 20:00:05 | 000,053,248 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalrt.dll
[2010.03.03 20:00:05 | 000,053,248 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalcl.dll
[2010.03.03 20:00:04 | 000,053,248 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\ati2erec.dll
[2010.03.03 20:00:04 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\ati2edxx.dll
[2010.03.03 12:59:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Protexis
[2010.03.03 12:58:53 | 000,000,000 | ---D | C] -- C:\Program Files\Corel
[2010.03.03 11:22:44 | 000,000,000 | ---D | C] -- C:\KU990
[2010.03.03 11:19:08 | 000,000,000 | ---D | C] -- C:\LG_USB
[2010.03.03 11:15:35 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml4a.dll
[2010.03.03 11:15:16 | 000,000,000 | ---D | C] -- C:\ProgramData\LGMOBILEAX
[2010.03.03 10:34:51 | 000,055,824 | ---- | C] (Logitech, Inc.) -- C:\Windows\KHALMNPR.Exe
[2010.03.03 10:18:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2010.03.03 10:05:37 | 000,030,024 | ---- | C] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll
[2010.03.03 10:05:37 | 000,021,320 | ---- | C] (TuneUp Software) -- C:\Windows\System32\authuitu.dll
[2010.03.03 10:01:40 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2010.03.03 10:01:37 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2010.03.03 10:01:37 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2010.03.03 10:01:37 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2010.03.03 10:01:33 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll
[2010.03.03 10:01:33 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2010.03.03 10:01:33 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll
[2010.03.03 10:01:33 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2010.03.03 10:01:31 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2010.03.03 10:01:31 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2010.03.03 10:01:31 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2010.03.03 10:01:31 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2010.03.03 10:01:31 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2010.03.03 10:01:31 | 000,277,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2010.03.03 10:01:31 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2010.03.03 10:01:31 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2010.03.03 10:01:29 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010.02.09 23:30:57 | 000,000,000 | ---D | C] -- C:\Users\Sini\AppData\Roaming\InstallShield
[2010.02.09 23:23:07 | 000,000,000 | -H-D | C] -- C:\LG3G
[2010.02.09 23:20:23 | 000,000,000 | ---D | C] -- C:\lgupload
[2010.02.09 23:00:14 | 000,024,960 | ---- | C] (LG Electronics Inc.) -- C:\Windows\System32\drivers\lgusbmodem.sys
[2010.02.09 23:00:14 | 000,020,864 | ---- | C] (LG Electronics Inc.) -- C:\Windows\System32\drivers\lgusbdiag.sys
[2010.02.09 23:00:14 | 000,013,056 | ---- | C] (LG Electronics Inc.) -- C:\Windows\System32\drivers\lgusbbus.sys
[2010.02.09 23:00:13 | 000,000,000 | ---D | C] -- C:\Program Files\LG Electronics
[2010.02.09 22:58:49 | 000,000,000 | ---D | C] -- C:\Program Files\LG PC Suite 2
[2010.02.09 22:05:04 | 000,000,000 | ---D | C] -- C:\Windows\pss
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2010.03.11 17:51:09 | 003,670,016 | ---- | M] () -- C:\Users\Sini\ntuser.dat
[2010.03.11 17:47:34 | 000,554,496 | ---- | M] (OldTimer Tools) -- C:\Users\Sini\Desktop\OTL.exe
[2010.03.11 17:32:18 | 000,014,608 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.03.11 17:32:18 | 000,014,608 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.03.11 17:22:50 | 000,000,975 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.03.11 10:53:23 | 000,001,815 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk
[2010.03.11 10:06:52 | 000,000,574 | ---- | M] () -- C:\Windows\tasks\Scheduled scanning task.job
[2010.03.11 10:06:24 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.03.11 10:06:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.03.10 23:48:17 | 001,144,078 | -H-- | M] () -- C:\Users\Sini\AppData\Local\IconCache.db
[2010.03.10 18:33:27 | 000,000,466 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_021.cplist
[2010.03.10 18:33:24 | 000,002,516 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys
[2010.03.10 18:27:55 | 000,000,466 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_020.cplist
[2010.03.10 17:18:06 | 000,000,480 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_019.cplist
[2010.03.10 17:07:51 | 000,000,466 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_018.cplist
[2010.03.10 16:48:16 | 000,000,522 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_017.cplist
[2010.03.10 16:39:45 | 437,169,378 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010.03.10 16:16:42 | 000,021,584 | ---- | M] () -- C:\Windows\System32\drivers\atapi.sys
[2010.03.09 21:01:02 | 001,243,400 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.03.09 21:01:02 | 000,616,736 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.03.09 21:01:02 | 000,442,586 | ---- | M] () -- C:\Windows\System32\perfh00B.dat
[2010.03.09 21:01:02 | 000,107,828 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.03.09 21:01:02 | 000,083,000 | ---- | M] () -- C:\Windows\System32\perfc00B.dat
[2010.03.09 19:14:17 | 000,000,246 | ---- | M] () -- C:\Windows\Cmicnfg3.ini.cfl
[2010.03.09 19:14:17 | 000,000,168 | ---- | M] () -- C:\Windows\Cmicnfg3.ini.imi
[2010.03.09 19:14:17 | 000,000,136 | ---- | M] () -- C:\Windows\System\Dlap.pfx
[2010.03.09 19:13:35 | 000,000,107 | ---- | M] () -- C:\Windows\System\Cmicnfg3.ini
[2010.03.09 18:35:11 | 000,118,375 | ---- | M] () -- C:\Windows\System32\MSF_RIUNyS3.exe
[2010.03.09 17:58:41 | 002,760,844 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\update.exe
[2010.03.08 23:34:07 | 000,196,608 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2010.03.08 23:33:56 | 000,524,288 | -HS- | M] () -- C:\Users\Sini\ntuser.dat{d4828c67-2ac3-11df-9e1b-001966bb5e2b}.TMContainer00000000000000000002.regtrans-ms
[2010.03.08 23:33:56 | 000,524,288 | -HS- | M] () -- C:\Users\Sini\ntuser.dat{d4828c67-2ac3-11df-9e1b-001966bb5e2b}.TMContainer00000000000000000001.regtrans-ms
[2010.03.08 23:33:56 | 000,065,536 | -HS- | M] () -- C:\Users\Sini\ntuser.dat{d4828c67-2ac3-11df-9e1b-001966bb5e2b}.TM.blf
[2010.03.07 20:12:07 | 000,000,514 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_016.cplist
[2010.03.07 20:11:41 | 000,000,498 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_015.cplist
[2010.03.07 19:54:33 | 000,000,562 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_014.cplist
[2010.03.07 16:18:57 | 000,000,466 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_013.cplist
[2010.03.07 15:15:38 | 000,000,490 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_012.cplist
[2010.03.07 10:49:53 | 000,000,486 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_011.cplist
[2010.03.07 10:49:13 | 000,000,514 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_010.cplist
[2010.03.06 22:12:01 | 000,000,582 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_009.cplist
[2010.03.06 22:10:45 | 000,000,452 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_008.cplist
[2010.03.06 22:09:53 | 000,000,582 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_007.cplist
[2010.03.06 22:08:50 | 000,000,510 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_006.cplist
[2010.03.06 20:32:44 | 000,000,498 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_005.cplist
[2010.03.06 18:00:35 | 000,000,564 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_004.cplist
[2010.03.06 13:05:40 | 000,000,522 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_003.cplist
[2010.03.06 10:44:37 | 000,016,400 | ---- | M] (Logitech, Inc.) -- C:\Windows\System32\drivers\LNonPnP.sys
[2010.03.06 10:37:16 | 000,033,920 | ---- | M] () -- C:\Windows\System32\drivers\fsbts.sys
[2010.03.06 10:31:37 | 000,000,052 | ---- | M] () -- C:\Windows\System32\ashttpstats.csv
[2010.03.05 17:29:59 | 000,000,496 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_002.cplist
[2010.03.05 17:07:49 | 000,000,562 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_001.cplist
[2010.03.04 10:06:23 | 002,353,664 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\phar_unmip.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\phar_histprot.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_video.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_webproxy.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_tabloids.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_socialnetworks.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_searchengines.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_regionaltlds.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_pornography.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_onlineshop.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_onlinepay.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_onlinedating.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_news.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_im.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_illegal.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_hate.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_games.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_gambling.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_drugs.dat
[2010.03.03 12:59:57 | 000,115,248 | ---- | M] () -- C:\Users\Sini\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.03.03 12:06:44 | 000,000,025 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\bdfvconp.ini
[2010.03.03 11:15:58 | 000,002,412 | ---- | M] () -- C:\Windows\System32\lgAxconfig.ini
[2010.03.03 10:42:16 | 000,000,132 | ---- | M] () -- C:\Windows\System32\rezumatenoi.dat
[2010.03.03 10:38:08 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
[2010.03.03 10:18:28 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcp71.dll
[2010.03.03 10:18:28 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcr71.dll
[2010.03.03 09:58:58 | 000,008,284 | ---- | M] () -- C:\Windows\System32\eps_icon.avi
[2010.02.25 12:03:02 | 000,030,536 | ---- | M] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe
[2010.02.25 11:56:16 | 000,021,320 | ---- | M] (TuneUp Software) -- C:\Windows\System32\authuitu.dll
[2010.02.25 11:56:02 | 000,030,024 | ---- | M] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll
[2010.02.24 09:16:06 | 000,181,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010.02.20 17:07:24 | 000,278,984 | ---- | M] () -- C:\Windows\System32\drivers\atksgt.sys
[2010.02.20 17:06:41 | 000,025,416 | ---- | M] () -- C:\Windows\System32\drivers\lirsgt.sys
[2010.02.18 13:42:24 | 001,290,240 | ---- | M] () -- C:\Windows\System32\p0_aPIH.dll
[2010.02.11 09:10:14 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2010.03.11 17:22:50 | 000,000,975 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.03.11 10:53:23 | 000,001,815 | ---- | C] () -- C:\Users\Sini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk
[2010.03.10 18:33:27 | 000,000,466 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_021.cplist
[2010.03.10 18:27:55 | 000,000,466 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_020.cplist
[2010.03.10 17:14:46 | 000,000,480 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_019.cplist
[2010.03.10 17:07:51 | 000,000,466 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_018.cplist
[2010.03.10 16:48:16 | 000,000,522 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_017.cplist
[2010.03.09 23:08:45 | 437,169,378 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010.03.09 20:58:43 | 000,006,136 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2010.03.09 17:58:09 | 002,760,844 | ---- | C] () -- C:\Users\Sini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\update.exe
[2010.03.09 17:57:01 | 000,118,375 | ---- | C] () -- C:\Windows\System32\MSF_RIUNyS3.exe
[2010.03.08 17:34:09 | 000,524,288 | -HS- | C] () -- C:\Users\Sini\ntuser.dat{d4828c67-2ac3-11df-9e1b-001966bb5e2b}.TMContainer00000000000000000002.regtrans-ms
[2010.03.08 17:34:09 | 000,524,288 | -HS- | C] () -- C:\Users\Sini\ntuser.dat{d4828c67-2ac3-11df-9e1b-001966bb5e2b}.TMContainer00000000000000000001.regtrans-ms
[2010.03.08 17:34:09 | 000,065,536 | -HS- | C] () -- C:\Users\Sini\ntuser.dat{d4828c67-2ac3-11df-9e1b-001966bb5e2b}.TM.blf
[2010.03.07 20:12:07 | 000,000,514 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_016.cplist
[2010.03.07 20:11:41 | 000,000,498 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_015.cplist
[2010.03.07 19:54:33 | 000,000,562 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_014.cplist
[2010.03.07 15:16:36 | 000,000,466 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_013.cplist
[2010.03.07 15:15:38 | 000,000,490 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_012.cplist
[2010.03.07 10:49:53 | 000,000,486 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_011.cplist
[2010.03.07 10:49:13 | 000,000,514 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_010.cplist
[2010.03.06 22:12:01 | 000,000,582 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_009.cplist
[2010.03.06 22:10:45 | 000,000,452 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_008.cplist
[2010.03.06 22:09:53 | 000,000,582 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_007.cplist
[2010.03.06 22:08:50 | 000,000,510 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_006.cplist
[2010.03.06 20:32:44 | 000,000,498 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_005.cplist
[2010.03.06 18:00:35 | 000,000,564 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_004.cplist
[2010.03.06 13:05:40 | 000,000,522 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_003.cplist
[2010.03.06 10:40:52 | 000,000,574 | ---- | C] () -- C:\Windows\tasks\Scheduled scanning task.job
[2010.03.06 10:24:39 | 000,033,920 | ---- | C] () -- C:\Windows\System32\drivers\fsbts.sys
[2010.03.05 17:29:59 | 000,000,496 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_002.cplist
[2010.03.05 17:07:49 | 000,000,562 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_001.cplist
[2010.03.05 10:32:29 | 000,000,052 | ---- | C] () -- C:\Windows\System32\ashttpstats.csv
[2010.03.03 20:00:16 | 000,491,104 | ---- | C] () -- C:\Windows\System32\atiumdva.cap
[2010.03.03 20:00:15 | 000,001,035 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2010.03.03 20:00:08 | 000,020,274 | ---- | C] () -- C:\Windows\atiogl.xml
[2010.03.03 20:00:06 | 000,198,341 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2010.03.03 20:00:05 | 000,031,240 | ---- | C] () -- C:\Windows\System32\atiapfxx.blb
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\phar_unmip.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\phar_histprot.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_video.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_webproxy.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_tabloids.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_socialnetworks.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_searchengines.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_regionaltlds.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_pornography.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_onlineshop.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_onlinepay.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_onlinedating.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_news.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_im.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_illegal.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_hate.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_games.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_gambling.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_drugs.dat
[2010.03.03 12:06:44 | 000,000,025 | ---- | C] () -- C:\Users\Sini\AppData\Roaming\bdfvconp.ini
[2010.03.03 11:15:35 | 000,053,248 | ---- | C] () -- C:\Windows\System32\CommonDL.dll
[2010.03.03 11:15:35 | 000,002,412 | ---- | C] () -- C:\Windows\System32\lgAxconfig.ini
[2010.03.03 10:38:08 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
[2010.02.20 17:06:42 | 000,278,984 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2010.02.20 17:06:41 | 000,025,416 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2010.02.18 13:42:24 | 001,290,240 | ---- | C] () -- C:\Windows\System32\p0_aPIH.dll
[2010.01.20 21:29:05 | 000,000,008 | RHS- | C] () -- C:\ProgramData\DA2827B44C.sys
[2010.01.20 21:29:04 | 000,002,516 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010.01.03 21:04:37 | 000,722,416 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2009.12.26 18:13:11 | 000,151,552 | ---- | C] () -- C:\Windows\System32\nvRegDev.dll
[2009.12.18 20:29:26 | 000,237,568 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2009.12.18 19:47:12 | 000,026,112 | ---- | C] () -- C:\Users\Sini\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.12.03 18:49:16 | 000,007,605 | ---- | C] () -- C:\Users\Sini\AppData\Local\Resmon.ResmonCfg
[2009.12.01 19:03:03 | 000,003,733 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2009.11.26 22:38:15 | 000,008,704 | ---- | C] () -- C:\Windows\System32\CNMVS7I.DLL
[2009.11.26 17:11:39 | 000,000,246 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.cfl
[2009.11.26 17:10:57 | 000,303,104 | ---- | C] () -- C:\Windows\System32\CmiInstallResAll.dll
[2009.11.26 17:10:57 | 000,002,123 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.cfg
[2009.11.26 17:10:57 | 000,000,168 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.imi
[2009.11.26 17:10:56 | 000,002,754 | ---- | C] () -- C:\Windows\cmudax3.ini
[2009.11.25 22:39:58 | 000,000,266 | ---- | C] () -- C:\Windows\lgfwup.ini
[2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.07.14 01:11:15 | 000,021,584 | ---- | C] () -- C:\Windows\System32\drivers\atapi.sys
[2009.06.19 20:06:22 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2006.10.11 05:33:58 | 000,010,288 | ---- | C] () -- C:\Windows\System32\drivers\ASUSHWIO.SYS
[2005.02.25 06:15:00 | 000,159,744 | ---- | C] () -- C:\Windows\System32\EPSPTDV.DLL
[2004.01.15 07:01:26 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll
< End of report >
OTL Extras logfile created on: 11.3.2010 17:49:46 - Run 1
OTL by OldTimer - Version 3.1.36.1 Folder = C:\Users\Sini\Desktop
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 0000040b | Country: Suomi | Language: FIN | Date Format: d.M.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 68,00% Memory free
7,00 Gb Paging File | 6,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 931,51 Gb Total Space | 732,06 Gb Free Space | 78,59% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: SINI-PC
Current User Name: Sini
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
[color=#E56717]========== File Associations ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-3761315706-44459061-675875969-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[color=#E56717]========== Shell Spawning ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[color=#E56717]========== Security Center Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[color=#E56717]========== Authorized Applications List ==========[/color]
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{022F6097-A053-4B1B-BE50-3AADE4116B92}" = Opera 10.50
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0BB72566-0D4C-7200-2CE7-02F298B49C88}" = CCC Help English
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{110AD51E-D0E0-49B1-52FD-291373BA62EA}" = Catalyst Control Center Graphics Full New
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{1B2DBF55-05D4-4072-87D8-689141E262BD}" = Creative ZEN
"{1E99F5D7-4262-4C7C-9135-F066E7485811}" = System Requirements Lab
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20071984-5EB1-4881-8EDB-082532ACEC6D}" = Heroes of Might and Magic V
"{20140000-000F-0000-0000-0000000FF1CE}" = Microsoft Office Mondo 2010 (Beta)
"{20140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010 (Beta)
"{20140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010 (Beta)
"{20140000-0017-0409-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (English) 2010 (Beta)
"{20140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010 (Beta)
"{20140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010 (Beta)
"{20140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010 (Beta)
"{20140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010 (Beta)
"{20140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 (Beta)
"{20140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 (Beta)
"{20140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010 (Beta)
"{20140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010 (Beta)
"{20140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010 (Beta)
"{20140000-0054-0409-0000-0000000FF1CE}" = Microsoft Office Visio MUI (English) 2010 (Beta)
"{20140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010 (Beta)
"{20140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010 (Beta)
"{20140000-00B4-0409-0000-0000000FF1CE}" = Microsoft Office Project MUI (English) 2010 (Beta)
"{20140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010 (Beta)
"{20140000-0102-0409-0000-0000000FF1CE}" = Microsoft Office MondoOnly MUI (English) 2010 (Beta)
"{20140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010 (Beta)
"{20140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010 (Beta)
"{20140000-011A-0000-0000-0000000FF1CE}" = Microsoft Office Send-a-Smile
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Liven lataustyökalu
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{23F79416-CAD1-41BF-99A3-040F6C814AAA}" = NVIDIA Photoshop Plug-ins
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{31557F4F-7D10-D32E-4B70-237A09FCC31B}" = Catalyst Control Center Graphics Previews Common
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3C175604-F026-5D79-BBD8-F626AE10B3EF}" = Catalyst Control Center Graphics Full Existing
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Autodesk Backburner 2008.1
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{4442AB48-DEC4-4B39-B067-1F75BF8017E7}" = Creative Centrale
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{513148E7-B7A1-48B2-B518-668701E546F5}" = LightScribe System Software 1.14.19.1
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{5C1F18D2-F6B7-4242-B803-B5A78648185D}" = Corel WinDVD 2010
"{5DB65884-C963-4454-AABA-4CA3089281FA}" = NVIDIA PhysX
"{6179550A-3E7C-499E-BCC9-9E8113E0A285}" = LG Tool Kit
"{62C2067E-5851-BD4C-98E0-5C4D5E155A5B}" = Catalyst Control Center Core Implementation
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{72736F5F-520D-472A-88CC-7B02872FD34E}" = ATI Catalyst Registration
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{85EB1E72-4FAA-40E4-A511-DF3A9A0A4CA8}" = Windows Live Messenger
"{86604C06-DA30-425E-AECE-47304FE81C45}" = Creative Software Update
"{87BB78C4-F36D-4D93-A7C7-F80F18219848}" = AMD DnD V1.0.19
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{993960EE-CA4D-443F-8F88-E24260DD5FD2}" = LG PC Suite
"{998152E5-B605-4BBB-9853-E749AEE02B21}" = Windows Liven kirjautumisavustaja
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C87F6BB-75E4-4F35-8353-F5E295264E98}" = Windows Live Call
"{9D669429-A2E4-4793-B7A0-283D259F39AF}" = Adobe Photoshop Lightroom 2.5
"{9E1BAB75-EB78-440D-94C0-A3857BE2E733}" = System Requirements Lab
"{A292C05C-840A-9D47-5350-EF39ECC7629E}" = Catalyst Control Center HydraVision Full
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A666A477-4C02-415E-9F31-3541FC0CD6B5}" = SipdxDLL
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{AA2BCB44-B44F-445A-A80C-E6C50218940C}" = Windows Liven asennustyökalu
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.1
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AD17676C-5065-E427-130B-21CE713F93E7}" = Catalyst Control Center Graphics Light
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B970700B-E49F-ECEF-4ADB-0F3E1AFEDE91}" = ccc-core-static
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BC1FFF14-C10D-7087-C43A-4A8ECC9C98C4}" = ATI Catalyst Install Manager
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims? 3
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem Driver
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CF23AFD7-3078-4134-8823-EBF6D1FE6FAD}" = Canon MP450
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{D5395E5F-4D45-4665-8F00-234FA33678AF}" = SlimDX Redistributable (March 2009)
"{DA6FAB8D-E87A-4E8E-A3D3-B7B9F479C725}" = forteManager
"{E2E7A0E8-77C4-495F-8FA3-63DAEDAA2DB3}" = F-Secure PSC Prerequisites
"{E2F29FCA-126F-48DF-A9B5-BEBE8F0F1610}" = CreativeSetup
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{E542E630-8BB7-4C28-B8EB-0BAD2B201C65}" = Audio Track Editor
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F439D7AF-03F3-4F8E-AEC4-571BFE977C61}" = iTunes
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{F9726DDC-D7B5-BF1F-5626-EA467FEEBC52}" = ccc-utility
"{F9F13FEA-D51E-A1C3-4EDC-D04A91B62C93}" = Catalyst Control Center Graphics Previews Vista
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FE3997D3-6B56-4AC4-A99C-9DDFC45359BF}" = TuneUp Utilities Language Pack (en-US)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"ADSL Router Utility" = ADSL Router Utility
"Akamai" = Akamai NetSession Interface
"CCleaner" = CCleaner
"C-Media PCI Audio Driver" = C-Media PCI Audio Device
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Creative Centrale" = Creative Centrale
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Defraggler" = Defraggler
"Driver Genius Professional Edition_is1" = Driver Genius Professional Edition
"EADM" = EA Download Manager
"FileHippo.com" = FileHippo.com Update Checker
"F-Secure Product 444" = Sonera Tietoturva
"HijackThis" = HijackThis 2.0.2
"InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"LastFM_is1" = Last.fm 1.5.4.24567
"LimeWire" = LimeWire 5.5.5
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.6)" = Mozilla Firefox (3.6)
"MSF_RIUNyS3" = LoudMo Contextual Ad Assistant
"NVIDIA Drivers" = NVIDIA Drivers
"Office14.MONDO" = Microsoft Office Mondo 2010
"PowerISO" = PowerISO
"Sonera Internet Avustaja_is1" = Sonera Internet Avustaja
"Spotify" = Spotify
"SysInfo" = Creative System Information
"TS3 Install Helper Monkey" = TS3 Install Helper Monkey
"TuneUp Utilities" = TuneUp Utilities
"Uninstall_is1" = Uninstall 1.0.0.1
"uTorrent" = µTorrent
"WinLiveSuite_Wave3" = Windows Liven asennustyökalu
"WinPcapInst" = WinPcap 3.1 beta3
"WinRAR archiver" = WinRAR archiver
"VLC media player" = VLC media player 1.0.3
[color=#E56717]========== Last 10 Event Log Errors ==========[/color]
[ Application Events ]
Error - 10.3.2010 10:40:05 | Computer Name = Sini-PC | Source = FSecure-FSecure-F-Secure DeepGuard | ID = 103
Description = 1 2010-03-10 16:40:05+03:00 SINI-PC SYSTEM F-Secure DeepGuard
DeepGuard configuration was rejected. Old configuration will be used if possible.
Error code: DAAS reject
Error - 10.3.2010 10:52:02 | Computer Name = Sini-PC | Source = FSecure-FSecure-F-Secure DeepGuard | ID = 103
Description = 1 2010-03-10 16:52:02+03:00 SINI-PC SYSTEM F-Secure DeepGuard
DeepGuard configuration was rejected. Old configuration will be used if possible.
Error code: DAAS reject
Error - 10.3.2010 14:39:39 | Computer Name = Sini-PC | Source = Application Error | ID = 1000
Description = Viallisen sovelluksen nimi: IEXPLORE.EXE, versio: 8.0.7600.16385,
aikaleima: 0x4a5bc69e Viallisen moduulin nimi: ntdll.dll, versio: 6.1.7600.16385,
aikaleima: 0x4a5bdadb Poikkeuskoodi: 0xc0000005 Virhepoikkeama: 0x00046b90 Viallisen
prosessin tunnus: 0xee8 Viallisen sovelluksen käynnistysaika: 0x01cac080c4a06724
Viallisen
sovelluksen polku: C:\Program Files\Internet Explorer\IEXPLORE.EXE Viallisen moduulin
polku: C:\Windows\SYSTEM32\ntdll.dll Raportin tunnus: 4873d423-2c74-11df-a210-001966bb5e2b
Error - 10.3.2010 15:02:09 | Computer Name = Sini-PC | Source = Application Error | ID = 1000
Description = Viallisen sovelluksen nimi: iexplore.exe, versio: 8.0.7600.16385,
aikaleima: 0x4a5bc69e Viallisen moduulin nimi: ntdll.dll, versio: 6.1.7600.16385,
aikaleima: 0x4a5bdadb Poikkeuskoodi: 0xc0000005 Virhepoikkeama: 0x00046b90 Viallisen
prosessin tunnus: 0xdd0 Viallisen sovelluksen käynnistysaika: 0x01cac0841fbdf149
Viallisen
sovelluksen polku: C:\Program Files\Internet Explorer\iexplore.exe Viallisen moduulin
polku: C:\Windows\SYSTEM32\ntdll.dll Raportin tunnus: 6cfac2e4-2c77-11df-a210-001966bb5e2b
Error - 10.3.2010 15:20:08 | Computer Name = Sini-PC | Source = Application Error | ID = 1000
Description = Viallisen sovelluksen nimi: iexplore.exe, versio: 8.0.7600.16385,
aikaleima: 0x4a5bc69e Viallisen moduulin nimi: ntdll.dll, versio: 6.1.7600.16385,
aikaleima: 0x4a5bdadb Poikkeuskoodi: 0xc0000005 Virhepoikkeama: 0x00046b90 Viallisen
prosessin tunnus: 0xecc Viallisen sovelluksen käynnistysaika: 0x01cac0869d47617f
Viallisen
sovelluksen polku: C:\Program Files\Internet Explorer\iexplore.exe Viallisen moduulin
polku: C:\Windows\SYSTEM32\ntdll.dll Raportin tunnus: f03d4823-2c79-11df-a210-001966bb5e2b
Error - 10.3.2010 16:04:02 | Computer Name = Sini-PC | Source = Application Error | ID = 1000
Description = Viallisen sovelluksen nimi: iexplore.exe, versio: 8.0.7600.16385,
aikaleima: 0x4a5bc69e Viallisen moduulin nimi: ntdll.dll, versio: 6.1.7600.16385,
aikaleima: 0x4a5bdadb Poikkeuskoodi: 0xc0000005 Virhepoikkeama: 0x00046b90 Viallisen
prosessin tunnus: 0x1214 Viallisen sovelluksen käynnistysaika: 0x01cac08cbde8fc58
Viallisen
sovelluksen polku: C:\Program Files\Internet Explorer\iexplore.exe Viallisen moduulin
polku: C:\Windows\SYSTEM32\ntdll.dll Raportin tunnus: 11dd8c29-2c80-11df-a210-001966bb5e2b
Error - 11.3.2010 4:06:42 | Computer Name = Sini-PC | Source = FSecure-FSecure-F-Secure DeepGuard | ID = 103
Description = 1 2010-03-11 10:06:42+03:00 SINI-PC SYSTEM F-Secure DeepGuard
DeepGuard configuration was rejected. Old configuration will be used if possible.
Error code: DAAS reject
Error - 11.3.2010 5:16:36 | Computer Name = Sini-PC | Source = SideBySide | ID = 16842815
Description = Aktivointikontekstin luonti epäonnistui (c:\Program Files\Common Files\Adobe
AIR\Versions\1.0\Adobe AIR.dll). Virhe luettelo- tai käytäntötiedoston c:\Program
Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll rivillä 3. Määritteen version
arvo (MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR) ei kelpaa
elementissä assemblyIdentity.
Error - 11.3.2010 11:24:57 | Computer Name = Sini-PC | Source = FSecure-FSecure-F-Secure Anti-Virus | ID = 103
Description = 2 2010-03-11 17:24:56+03:00 SINI-PC Sini-PC\Sini F-Secure Anti-Virus
Malicious code found in file C:\Windows\System32\sshnas21.dll. Infection: Trojan.Generic.3313565
Error - 11.3.2010 11:46:26 | Computer Name = Sini-PC | Source = Application Error | ID = 1000
Description = Viallisen sovelluksen nimi: mbam.exe, versio: 1.44.0.0, aikaleima:
0x4b46461a Viallisen moduulin nimi: ntdll.dll, versio: 6.1.7600.16385, aikaleima:
0x4a5bdadb Poikkeuskoodi: 0xc0000005 Virhepoikkeama: 0x0005c74a Viallisen prosessin
tunnus: 0x6a0 Viallisen sovelluksen käynnistysaika: 0x01cac12ecd93b5f4 Viallisen
sovelluksen polku: C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe Viallisen
moduulin polku: C:\Windows\SYSTEM32\ntdll.dll Raportin tunnus: 3fd4557a-2d25-11df-99ba-001966bb5e2b
[ Media Center Events ]
Error - 19.2.2010 7:06:41 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
Description = 13:06:39 - Virhe muodostettaessa Internet-yhteyttä. 13:06:40 -
Yhteyden muodostaminen palvelimeen ei onnistu..
Error - 19.2.2010 7:11:14 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
Description = 13:07:14 - Virhe muodostettaessa Internet-yhteyttä. 13:07:14 -
Yhteyden muodostaminen palvelimeen ei onnistu..
Error - 20.2.2010 10:48:31 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
Description = 16:48:31 - Virhe muodostettaessa Internet-yhteyttä. 16:48:31 -
Yhteyden muodostaminen palvelimeen ei onnistu..
Error - 20.2.2010 10:49:04 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
Description = 16:49:01 - Virhe muodostettaessa Internet-yhteyttä. 16:49:01 -
Yhteyden muodostaminen palvelimeen ei onnistu..
Error - 21.2.2010 11:00:55 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
Description = 17:00:55 - Virhe muodostettaessa Internet-yhteyttä. 17:00:55 -
Yhteyden muodostaminen palvelimeen ei onnistu..
Error - 21.2.2010 11:01:04 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
Description = 17:01:00 - Virhe muodostettaessa Internet-yhteyttä. 17:01:00 -
Yhteyden muodostaminen palvelimeen ei onnistu..
Error - 23.2.2010 1:22:28 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
Description = 7:22:28 - Virhe muodostettaessa Internet-yhteyttä. 7:22:28 - Yhteyden
muodostaminen palvelimeen ei onnistu..
Error - 23.2.2010 1:22:38 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
Description = 7:22:33 - Virhe muodostettaessa Internet-yhteyttä. 7:22:33 - Yhteyden
muodostaminen palvelimeen ei onnistu..
Error - 2.3.2010 5:43:49 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
Description = 11:43:49 - Virhe muodostettaessa Internet-yhteyttä. 11:43:49 -
Yhteyden muodostaminen palvelimeen ei onnistu..
Error - 2.3.2010 5:43:58 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
Description = 11:43:55 - Virhe muodostettaessa Internet-yhteyttä. 11:43:55 -
Yhteyden muodostaminen palvelimeen ei onnistu..
[ System Events ]
Error - 16.1.2010 10:26:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7031
Description = Palvelu Käyttäjäprofiilipalvelu on päättynyt odottamatta. Tämä on
tapahtunut 1 kertaa. 120000 millisekunnin kuluttua suoritetaan seuraava korjaustoimi:
Käynnistä palvelu uudelleen.
Error - 16.1.2010 10:26:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7031
Description = Palvelu Tehtävien ajoitus on päättynyt odottamatta. Tämä on tapahtunut
1 kertaa. 60000 millisekunnin kuluttua suoritetaan seuraava korjaustoimi: Käynnistä
palvelu uudelleen.
Error - 16.1.2010 10:26:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7031
Description = Palvelu Järjestelmätapahtumien ilmoituspalvelu on päättynyt odottamatta.
Tämä on tapahtunut 1 kertaa. 120000 millisekunnin kuluttua suoritetaan seuraava
korjaustoimi: Käynnistä palvelu uudelleen.
Error - 16.1.2010 10:26:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7031
Description = Palvelu Käyttöliittymän laitteistotunnistus on päättynyt odottamatta.
Tämä on tapahtunut 1 kertaa. 60000 millisekunnin kuluttua suoritetaan seuraava
korjaustoimi: Käynnistä palvelu uudelleen.
Error - 16.1.2010 10:26:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7031
Description = Palvelu Teemat on päättynyt odottamatta. Tämä on tapahtunut 1 kertaa.
60000 millisekunnin kuluttua suoritetaan seuraava korjaustoimi: Käynnistä palvelu
uudelleen.
Error - 16.1.2010 10:26:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7031
Description = Palvelu WMI-palvelu (Windows Management Instrumentation) on päättynyt
odottamatta. Tämä on tapahtunut 1 kertaa. 120000 millisekunnin kuluttua suoritetaan
seuraava korjaustoimi: Käynnistä palvelu uudelleen.
Error - 16.1.2010 10:26:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7031
Description = Palvelu Windows Update on päättynyt odottamatta. Tämä on tapahtunut
1 kertaa. 60000 millisekunnin kuluttua suoritetaan seuraava korjaustoimi: Käynnistä
palvelu uudelleen.
Error - 16.1.2010 10:27:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7032
Description = Palvelujen ohjauksen hallinta yritti suorittaa korjaustoimia (Käynnistä
palvelu uudelleen) palvelun Palvelin odottamattoman lopettamisen jälkeen. Yritys
epäonnistui ja tapahtui virhe: %%1056
Error - 16.1.2010 10:28:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7032
Description = Palvelujen ohjauksen hallinta yritti suorittaa korjaustoimia (Käynnistä
palvelu uudelleen) palvelun Tietokoneiden selaus odottamattoman lopettamisen jälkeen.
Yritys epäonnistui ja tapahtui virhe: %%1056
Error - 16.1.2010 10:28:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7032
Description = Palvelujen ohjauksen hallinta yritti suorittaa korjaustoimia (Käynnistä
palvelu uudelleen) palvelun WMI-palvelu (Windows Management Instrumentation) odottamattoman
lopettamisen jälkeen. Yritys epäonnistui ja tapahtui virhe: %%1056
< End of report >
|
Member
1 tuotearvio
|
11. maaliskuuta 2010 @ 18:37 |
Linkki tähän viestiin
|
OTL logfile created on: 11.3.2010 17:49:46 - Run 1
OTL by OldTimer - Version 3.1.36.1 Folder = C:\Users\Sini\Desktop
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 0000040b | Country: Suomi | Language: FIN | Date Format: d.M.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 68,00% Memory free
7,00 Gb Paging File | 6,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 931,51 Gb Total Space | 732,06 Gb Free Space | 78,59% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: SINI-PC
Current User Name: Sini
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - [2010.03.11 17:47:34 | 000,554,496 | ---- | M] (OldTimer Tools) -- C:\Users\Sini\Desktop\OTL.exe
PRC - [2010.03.06 10:36:53 | 000,356,960 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\fsav32.exe
PRC - [2010.03.06 10:36:07 | 000,619,616 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\fssm32.exe
PRC - [2010.03.06 10:36:06 | 000,480,352 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\fsgk32.exe
PRC - [2010.03.06 10:28:03 | 000,055,992 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\ORSP Client\fsorsp.exe
PRC - [2010.02.25 12:02:02 | 000,716,616 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
PRC - [2010.02.25 11:59:54 | 001,047,880 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
PRC - [2010.02.02 20:17:28 | 000,372,736 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2010.02.02 20:16:58 | 000,172,032 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.08.10 15:59:50 | 000,178,720 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
PRC - [2009.08.10 15:59:48 | 000,387,616 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
PRC - [2009.08.05 17:58:52 | 000,186,976 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\Common\FSMA32.EXE
PRC - [2009.08.05 17:58:50 | 000,199,264 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\Common\FSM32.EXE
PRC - [2009.08.05 17:58:50 | 000,088,672 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\Common\FSHDLL32.EXE
PRC - [2009.08.05 17:57:20 | 000,522,848 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\FWES\program\fsdfwd.exe
PRC - [2009.08.05 17:56:10 | 000,215,648 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\fsgk32st.exe
PRC - [2009.07.14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009.07.14 03:14:24 | 000,157,184 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Windows Defender\MpCmdRun.exe
PRC - [2008.10.16 10:04:42 | 000,202,016 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Sonera\InternetAvustaja\bin\sprtsvc.exe
PRC - [2007.07.24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
[color=#E56717]========== Modules (SafeList) ==========[/color]
MOD - [2010.03.11 17:47:34 | 000,554,496 | ---- | M] (OldTimer Tools) -- C:\Users\Sini\Desktop\OTL.exe
MOD - [2009.07.14 03:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll
MOD - [2009.07.14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll
MOD - [2009.07.14 03:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll
MOD - [2009.07.14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll
MOD - [2009.07.14 03:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll
MOD - [2009.07.14 03:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll
MOD - [2009.07.14 03:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
MOD - [2009.07.14 03:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll
MOD - [2009.07.14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll
MOD - [2009.07.14 03:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll
MOD - [2009.07.14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
SRV - [2010.03.06 10:28:03 | 000,055,992 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files\Sonera\Sonera Tietoturva\ORSP Client\fsorsp.exe -- (FSORSPClient)
SRV - [2010.03.05 16:33:51 | 002,462,256 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\rswin_3648.dll -- (Akamai)
SRV - [2010.03.03 10:05:31 | 000,435,016 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2010.02.25 11:59:54 | 001,047,880 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2010.02.25 11:56:02 | 000,030,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2010.02.02 20:16:58 | 000,172,032 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009.08.21 15:47:14 | 030,510,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2009.08.21 15:36:08 | 004,639,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009.08.10 15:59:50 | 000,178,720 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp)
SRV - [2009.08.10 15:59:48 | 000,387,616 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM)
SRV - [2009.08.05 17:58:52 | 000,186,976 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files\Sonera\Sonera Tietoturva\Common\FSMA32.EXE -- (FSMA)
SRV - [2009.08.05 17:57:20 | 000,522,848 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files\Sonera\Sonera Tietoturva\FWES\Program\fsdfwd.exe -- (FSDFWD)
SRV - [2009.08.05 17:56:10 | 000,215,648 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\fsgk32st.exe -- (F-Secure Gatekeeper Handler Starter)
SRV - [2009.07.14 03:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)
SRV - [2009.07.14 03:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
SRV - [2009.07.14 03:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power)
SRV - [2009.07.14 03:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2009.07.14 03:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)
SRV - [2009.07.14 03:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)
SRV - [2009.07.14 03:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
SRV - [2009.07.14 03:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
SRV - [2009.07.14 03:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.07.14 03:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
SRV - [2009.07.14 03:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009.07.14 03:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2009.07.14 03:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc)
SRV - [2009.07.14 03:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC)
SRV - [2009.07.14 03:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) ActiveX-asennusohjelma (AxInstSV)
SRV - [2009.07.14 03:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)
SRV - [2009.07.14 03:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc)
SRV - [2008.10.16 10:04:42 | 000,202,016 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Sonera\InternetAvustaja\bin\sprtsvc.exe -- (sprtsvc_sonera) SupportSoft Sprocket Service (sonera)
SRV - [2008.10.16 10:02:58 | 000,382,320 | ---- | M] (SupportSoft, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\supportsoft\bin\ssrc.exe -- (SupportSoft RemoteAssist)
SRV - [2008.05.21 13:42:56 | 000,064,000 | ---- | M] (Creative Technology Ltd) [Disabled | Stopped] -- C:\Program Files\Creative\Creative Centrale\CTUPnPSv.exe -- (CTUPnPSv)
SRV - [2007.12.13 16:29:59 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2007.07.24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2007.04.02 08:15:40 | 000,061,440 | ---- | M] (Creative Technology Ltd) [Disabled | Stopped] -- C:\Program Files\Creative\Shared Files\CTDevSrv.exe -- (CTDevice_Srv)
SRV - [2004.05.14 13:02:46 | 000,086,016 | ---- | M] (NetGroup - Politecnico di Torino) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV - [2010.03.10 16:16:42 | 000,021,584 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\atapi.sys -- (atapi)
DRV - [2010.03.06 10:37:16 | 000,033,920 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\Drivers\fsbts.sys -- (fsbts)
DRV - [2010.03.06 10:36:46 | 000,107,104 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\minifilter\fsgk.sys -- (F-Secure Gatekeeper)
DRV - [2010.02.20 17:07:24 | 000,278,984 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2010.02.20 17:06:41 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2010.02.02 20:54:34 | 005,313,536 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2010.02.02 20:54:34 | 005,313,536 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atipmdag.sys -- (amdkmdag)
DRV - [2010.02.02 19:23:42 | 000,150,016 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2010.01.28 15:33:30 | 000,100,352 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2010.01.27 11:04:00 | 000,183,584 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService)
DRV - [2010.01.21 01:59:58 | 000,020,864 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2010.01.21 01:59:56 | 000,024,960 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2010.01.21 01:59:56 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2010.01.07 16:07:14 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2010.01.03 21:04:37 | 000,722,416 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.12.19 02:31:32 | 000,073,312 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\adfs.sys -- (adfs)
DRV - [2009.12.01 11:11:28 | 001,872,192 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\cmudax3.sys -- (cmuda3)
DRV - [2009.11.10 14:55:08 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2009.11.10 14:54:52 | 000,035,984 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2009.11.09 05:21:18 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2009.10.14 07:24:44 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2009.08.05 17:58:30 | 000,068,064 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys -- (F-Secure HIPS)
DRV - [2009.08.05 17:57:20 | 000,071,040 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\fsdfw.sys -- (FSFW)
DRV - [2009.08.05 17:57:12 | 000,035,680 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\fses.sys -- (FSES)
DRV - [2009.08.05 17:56:14 | 000,039,776 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\win2k\fsfilter.sys -- (F-Secure Filter)
DRV - [2009.08.05 17:56:14 | 000,025,184 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\win2k\fsrec.sys -- (F-Secure Recognizer)
DRV - [2009.08.05 17:56:12 | 000,012,384 | ---- | M] () [Kernel | System | Running] -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\minifilter\fsvista.sys -- (fsvista)
DRV - [2009.07.30 17:12:54 | 000,287,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmf6232.sys -- (NVNET)
DRV - [2009.07.14 03:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide)
DRV - [2009.07.14 03:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci)
DRV - [2009.07.14 03:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)
DRV - [2009.07.14 03:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)
DRV - [2009.07.14 03:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320)
DRV - [2009.07.14 03:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas)
DRV - [2009.07.14 03:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata)
DRV - [2009.07.14 03:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc)
DRV - [2009.07.14 03:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata)
DRV - [2009.07.14 03:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide)
DRV - [2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor)
DRV - [2009.07.14 03:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid)
DRV - [2009.07.14 03:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)
DRV - [2009.07.14 03:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)
DRV - [2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV)
DRV - [2009.07.14 03:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)
DRV - [2009.07.14 03:20:36 | 000,133,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg)
DRV - [2009.07.14 03:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2009.07.14 03:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)
DRV - [2009.07.14 03:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)
DRV - [2009.07.14 03:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp)
DRV - [2009.07.14 03:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas)
DRV - [2009.07.14 03:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)
DRV - [2009.07.14 03:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor)
DRV - [2009.07.14 03:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx)
DRV - [2009.07.14 03:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD)
DRV - [2009.07.14 03:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)
DRV - [2009.07.14 03:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)
DRV - [2009.07.14 03:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp)
DRV - [2009.07.14 03:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount)
DRV - [2009.07.14 03:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide)
DRV - [2009.07.14 03:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300)
DRV - [2009.07.14 03:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)
DRV - [2009.07.14 03:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)
DRV - [2009.07.14 03:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)
DRV - [2009.07.14 03:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw)
DRV - [2009.07.14 03:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)
DRV - [2009.07.14 03:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor)
DRV - [2009.07.14 03:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG)
DRV - [2009.07.14 02:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2009.07.14 02:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\rdpbus.sys -- (rdpbus)
DRV - [2009.07.14 02:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV - [2009.07.14 01:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV - [2009.07.14 01:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)
DRV - [2009.07.14 01:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)
DRV - [2009.07.14 01:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)
DRV - [2009.07.14 01:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\1394ohci.sys -- (1394ohci)
DRV - [2009.07.14 01:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass)
DRV - [2009.07.14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009.07.14 01:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV - [2009.07.14 01:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)
DRV - [2009.07.14 01:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus)
DRV - [2009.07.14 01:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID)
DRV - [2009.07.14 01:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter)
DRV - [2009.07.14 01:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache)
DRV - [2009.07.14 01:19:21 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HidBatt.sys -- (HidBatt)
DRV - [2009.07.14 01:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi)
DRV - [2009.07.14 01:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdppm.sys -- (AmdPPM)
DRV - [2009.07.14 00:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.14 00:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV - [2009.07.14 00:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer)
DRV - [2009.07.14 00:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm)
DRV - [2009.07.14 00:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo)
DRV - [2009.07.14 00:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp)
DRV - [2009.07.14 00:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
DRV - [2009.07.14 00:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2009.07.14 00:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv)
DRV - [2009.07.14 00:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv)
DRV - [2009.06.29 00:36:36 | 000,017,920 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2008.12.12 15:27:46 | 000,018,432 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\LG Soft India\forteManager\bin\PII2CDriver.sys -- (LGII2CDevice)
DRV - [2008.12.12 15:27:46 | 000,014,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\LG Soft India\forteManager\bin\I2CDriver.sys -- (LGDDCDevice)
DRV - [2008.01.19 05:55:22 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\irsir.sys -- (irsir)
DRV - [2007.04.17 20:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\regi.sys -- (regi)
DRV - [2004.05.14 11:37:10 | 000,032,896 | ---- | M] (NetGroup - Politecnico di Torino) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\npf.sys -- (NPF)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3761315706-44459061-675875969-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com?o=15161&l=dis
IE - HKU\S-1-5-21-3761315706-44459061-675875969-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fi.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-3761315706-44459061-675875969-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fi
IE - HKU\S-1-5-21-3761315706-44459061-675875969-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 59 2D 93 5E EC 6D CA 01 [binary data]
IE - HKU\S-1-5-21-3761315706-44459061-675875969-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
[color=#E56717]========== FireFox ==========[/color]
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "BS Player Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://www3.iamwired.net/websearch.php?src=tops&search="
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Torrents.to"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.fi/"
FF - prefs.js..extensions.enabledItems: {80155943-b083-a2cf-0350-54d3b1be1609}:4.6.6.4
FF - prefs.js..keyword.URL: ""
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - HKLM\software\mozilla\Firefox\Extensions\\FFToolbar@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2010\bdaphffext\ [2010.03.06 10:33:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\litmus-ff@f-secure.com: C:\Program Files\Sonera\Sonera Tietoturva\NRS\litmus-ff@f-secure.com [2010.03.06 10:23:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.03.11 10:51:52 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.03.11 10:56:18 | 000,000,000 | ---D | M]
[2009.12.23 03:15:53 | 000,000,000 | ---D | M] -- C:\Users\Sini\AppData\Roaming\mozilla\Extensions
[2009.12.23 03:15:53 | 000,000,000 | ---D | M] -- C:\Users\Sini\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org
[2010.03.11 17:24:40 | 000,000,000 | ---D | M] -- C:\Users\Sini\AppData\Roaming\mozilla\Firefox\Profiles\k20tmfqy.default\extensions
[2010.01.23 17:01:58 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Sini\AppData\Roaming\mozilla\Firefox\Profiles\k20tmfqy.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2009.12.24 14:49:06 | 000,000,000 | ---D | M] (Fasterfox) -- C:\Users\Sini\AppData\Roaming\mozilla\Firefox\Profiles\k20tmfqy.default\extensions\{c36177c0-224a-11da-8cd6-0800200c9a91}
[2010.01.23 17:01:58 | 000,000,000 | ---D | M] (FoxTab) -- C:\Users\Sini\AppData\Roaming\mozilla\Firefox\Profiles\k20tmfqy.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
[2010.01.27 23:30:56 | 000,000,000 | ---D | M] -- C:\Users\Sini\AppData\Roaming\mozilla\Firefox\Profiles\k20tmfqy.default\extensions\fsonlinescanner@f-secure.com
[2010.01.23 17:01:58 | 000,000,000 | ---D | M] -- C:\Users\Sini\AppData\Roaming\mozilla\Firefox\Profiles\k20tmfqy.default\extensions\personas@christopher.beard
[2010.03.11 17:18:44 | 000,002,257 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\Mozilla\FireFox\Profiles\k20tmfqy.default\searchplugins\askcom.xml
[2009.12.24 20:57:14 | 000,002,367 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\Mozilla\FireFox\Profiles\k20tmfqy.default\searchplugins\photobucket.xml
[2010.03.09 17:57:08 | 000,000,261 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\Mozilla\FireFox\Profiles\k20tmfqy.default\searchplugins\Search.xml
[2009.12.02 18:49:43 | 000,000,897 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\Mozilla\FireFox\Profiles\k20tmfqy.default\searchplugins\torrentsto.xml
[2010.01.22 19:04:02 | 000,001,713 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\Mozilla\FireFox\Profiles\k20tmfqy.default\searchplugins\youtube-video-search.xml
[2010.03.11 17:19:18 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.03.09 18:35:10 | 000,000,000 | ---D | M] (LoudMo Contextual Ad Assistant) -- C:\Program Files\Mozilla Firefox\extensions\{80155943-b083-a2cf-0350-54d3b1be1609}
[2010.01.16 03:19:09 | 000,002,062 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bookplus-fi.xml
[2010.01.16 03:19:09 | 000,001,069 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons-fi.xml
[2010.01.16 03:19:09 | 000,002,677 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\huuto-fi.xml
[2010.01.16 03:19:09 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fi.xml
[2010.01.16 03:19:09 | 000,000,796 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-fi.xml
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Browsing Protection Class) - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files\Sonera\Sonera Tietoturva\NRS\iescript\BaseLitmus.dll (F-Secure Corporation)
O2 - BHO: (gwprimawega) - {da9e5a55-a1a2-1b97-026f-b233372fee2e} - C:\Windows\System32\p0_aPIH.dll ()
O3 - HKLM\..\Toolbar: (Browsing Protection Toolbar) - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files\Sonera\Sonera Tietoturva\NRS\iescript\BaseLitmus.dll (F-Secure Corporation)
O3 - HKU\S-1-5-21-3761315706-44459061-675875969-1001\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [CmPCIaudio] File not found
O4 - HKLM..\Run: [F-Secure Manager] C:\Program Files\Sonera\Sonera Tietoturva\Common\FSM32.EXE (F-Secure Corporation)
O4 - HKLM..\Run: [F-Secure TNB] C:\Program Files\Sonera\Sonera Tietoturva\FSGUI\TNBUtil.exe (F-Secure Corporation)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKU\.DEFAULT..\Run: [cbssreg] C:\Windows\TEMP\nytf.tmp\svchost.exe File not found
O4 - HKU\S-1-5-18..\Run: [cbssreg] C:\Windows\TEMP\nytf.tmp\svchost.exe File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe File not found
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe File not found
O4 - HKU\S-1-5-21-3761315706-44459061-675875969-1001..\Run: [FileHippo.com] C:\Program Files\FileHippo.com\UpdateChecker.exe (FileHippo.com)
O4 - HKU\S-1-5-21-3761315706-44459061-675875969-1001..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Sini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe (Lime Wire, LLC)
O4 - Startup: C:\Users\Sini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\update.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-3761315706-44459061-675875969-1001\..Trusted Domains: corel.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-3761315706-44459061-675875969-1001\..Trusted Domains: corel.com ([www] * in Trusted sites)
O15 - HKU\S-1-5-21-3761315706-44459061-675875969-1001\..Trusted Domains: intervideo.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-3761315706-44459061-675875969-1001\..Trusted Domains: intervideo.com ([www] * in Trusted sites)
O16 - DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} http://srtest-cdn.systemrequirementslab....eqlabdetect.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstal...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstal...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstal...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/software...15111/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKU\S-1-5-21-3761315706-44459061-675875969-1001 Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-3761315706-44459061-675875969-1001 Winlogon: Shell - (C:\Users\Sini\AppData\Roaming\ufxw.exe) - C:\Users\Sini\AppData\Roaming\ufxw.exe File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\I\Shell - "" = AutoRun
O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\Autorun.exe -- File not found
O33 - MountPoints2\J\Shell - "" = AutoRun
O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\Autorun.exe -- File not found
O33 - MountPoints2\K\Shell - "" = AutoRun
O34 - HKLM BootExecute: (autocheck autochk /r \??\F:) - File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (sasnative32) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2010.03.11 17:47:34 | 000,554,496 | ---- | C] (OldTimer Tools) -- C:\Users\Sini\Desktop\OTL.exe
[2010.03.10 16:49:11 | 000,000,000 | ---D | C] -- C:\Users\Sini\Tracing
[2010.03.09 20:58:43 | 000,705,536 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\cohelper.dll
[2010.03.09 19:14:02 | 002,622,496 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkHDMI.dll
[2010.03.09 19:14:02 | 000,355,528 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32H.dll
[2010.03.09 19:14:02 | 000,183,584 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RtHDMIV.sys
[2010.03.09 19:14:02 | 000,073,928 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32H.dll
[2010.03.09 19:14:01 | 000,168,648 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32H.dll
[2010.03.09 19:14:01 | 000,062,664 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32H.dll
[2010.03.09 19:14:00 | 001,640,480 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RHDMIExt.dll
[2010.03.09 19:14:00 | 000,293,600 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RH3DHT32.dll
[2010.03.09 19:14:00 | 000,293,600 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RH3DAA32.dll
[2010.03.09 19:14:00 | 000,057,376 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RHCoInst.dll
[2010.03.09 19:14:00 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2010.03.09 19:13:52 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp
[2010.03.09 19:11:56 | 000,000,000 | ---D | C] -- C:\SMU
[2010.03.09 19:11:56 | 000,000,000 | ---D | C] -- C:\SMBUS
[2010.03.09 19:11:54 | 000,000,000 | ---D | C] -- C:\IDE
[2010.03.09 19:11:54 | 000,000,000 | ---D | C] -- C:\Ethernet
[2010.03.09 17:27:11 | 000,000,000 | ---D | C] -- C:\Users\Sini\Documents\DriverGenius
[2010.03.09 17:03:19 | 000,000,000 | ---D | C] -- C:\Program Files\Driver-Soft
[2010.03.09 07:09:41 | 003,955,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010.03.09 07:09:41 | 003,899,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010.03.08 20:27:42 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010.03.08 17:22:58 | 000,000,000 | ---D | C] -- C:\Program Files\TrendMicro
[2010.03.08 04:51:36 | 000,000,000 | ---D | C] -- C:\SDFix
[2010.03.08 04:50:41 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
[2010.03.08 04:47:05 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2010.03.07 19:54:36 | 000,000,000 | ---D | C] -- C:\Users\Sini\AppData\Local\Stay Secure
[2010.03.07 16:43:44 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[2010.03.07 16:37:07 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.03.07 16:37:06 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.03.07 16:37:06 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.03.06 10:31:35 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010.03.06 10:24:13 | 000,035,680 | ---- | C] (F-Secure Corporation) -- C:\Windows\System32\drivers\fses.sys
[2010.03.06 10:24:08 | 000,572,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcp50.dll
[2010.03.06 10:24:08 | 000,071,040 | ---- | C] (F-Secure Corporation) -- C:\Windows\System32\drivers\fsdfw.sys
[2010.03.06 09:46:08 | 000,000,000 | ---D | C] -- C:\Users\Sini\Documents\My Drivers
[2010.03.05 13:33:38 | 000,000,000 | ---D | C] -- C:\Users\Sini\Documents\Adobe Scripts
[2010.03.05 10:24:58 | 000,016,400 | ---- | C] (Logitech, Inc.) -- C:\Windows\System32\drivers\LNonPnP.sys
[2010.03.05 10:24:41 | 001,581,072 | ---- | C] (Logitech, Inc.) -- C:\Windows\System32\LkmdfCoInst.dll
[2010.03.05 10:24:41 | 000,052,240 | ---- | C] (Logitech, Inc.) -- C:\Windows\System32\LMouFiltCoInst.dll
[2010.03.05 10:24:41 | 000,037,392 | ---- | C] (Logitech, Inc.) -- C:\Windows\System32\drivers\LMouFilt.Sys
[2010.03.05 10:24:40 | 000,035,984 | ---- | C] (Logitech, Inc.) -- C:\Windows\System32\drivers\LHidFilt.Sys
[2010.03.04 15:38:01 | 000,000,000 | ---D | C] -- C:\Program Files\The Sims Resource
[2010.03.04 14:50:34 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010.03.04 14:40:01 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2010.03.03 20:00:17 | 000,274,432 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\Oemdspif.dll
[2010.03.03 20:00:17 | 000,100,352 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\drivers\AtiHdmi.sys
[2010.03.03 20:00:17 | 000,050,176 | ---- | C] (AMD) -- C:\Windows\System32\coinst.dll
[2010.03.03 20:00:17 | 000,027,136 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiuxpag.dll
[2010.03.03 20:00:16 | 000,020,480 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiu9pag.dll
[2010.03.03 20:00:15 | 000,356,352 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\atipdlxx.dll
[2010.03.03 20:00:15 | 000,159,744 | ---- | C] (AMD) -- C:\Windows\System32\atitmmxx.dll
[2010.03.03 20:00:12 | 014,147,072 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atioglxx.dll
[2010.03.03 20:00:07 | 005,313,536 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\atipmdag.sys
[2010.03.03 20:00:07 | 005,313,536 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\atikmdag.sys
[2010.03.03 20:00:07 | 000,150,016 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\drivers\atikmpag.sys
[2010.03.03 20:00:07 | 000,052,224 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atimpc32.dll
[2010.03.03 20:00:07 | 000,052,224 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\amdpcom32.dll
[2010.03.03 20:00:07 | 000,011,776 | ---- | C] (AMD) -- C:\Windows\System32\atimuixx.dll
[2010.03.03 20:00:06 | 000,446,464 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIDEMGX.dll
[2010.03.03 20:00:06 | 000,014,848 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atigktxx.dll
[2010.03.03 20:00:06 | 000,012,800 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiglpxx.dll
[2010.03.03 20:00:05 | 003,649,536 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticaldd.dll
[2010.03.03 20:00:05 | 000,426,496 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\System32\aticfx32.dll
[2010.03.03 20:00:05 | 000,143,360 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiapfxx.exe
[2010.03.03 20:00:05 | 000,053,248 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalrt.dll
[2010.03.03 20:00:05 | 000,053,248 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalcl.dll
[2010.03.03 20:00:04 | 000,053,248 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\ati2erec.dll
[2010.03.03 20:00:04 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\ati2edxx.dll
[2010.03.03 12:59:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Protexis
[2010.03.03 12:58:53 | 000,000,000 | ---D | C] -- C:\Program Files\Corel
[2010.03.03 11:22:44 | 000,000,000 | ---D | C] -- C:\KU990
[2010.03.03 11:19:08 | 000,000,000 | ---D | C] -- C:\LG_USB
[2010.03.03 11:15:35 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml4a.dll
[2010.03.03 11:15:16 | 000,000,000 | ---D | C] -- C:\ProgramData\LGMOBILEAX
[2010.03.03 10:34:51 | 000,055,824 | ---- | C] (Logitech, Inc.) -- C:\Windows\KHALMNPR.Exe
[2010.03.03 10:18:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2010.03.03 10:05:37 | 000,030,024 | ---- | C] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll
[2010.03.03 10:05:37 | 000,021,320 | ---- | C] (TuneUp Software) -- C:\Windows\System32\authuitu.dll
[2010.03.03 10:01:40 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2010.03.03 10:01:37 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2010.03.03 10:01:37 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2010.03.03 10:01:37 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2010.03.03 10:01:33 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll
[2010.03.03 10:01:33 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2010.03.03 10:01:33 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll
[2010.03.03 10:01:33 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2010.03.03 10:01:31 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2010.03.03 10:01:31 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2010.03.03 10:01:31 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2010.03.03 10:01:31 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2010.03.03 10:01:31 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2010.03.03 10:01:31 | 000,277,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2010.03.03 10:01:31 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2010.03.03 10:01:31 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2010.03.03 10:01:29 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010.02.09 23:30:57 | 000,000,000 | ---D | C] -- C:\Users\Sini\AppData\Roaming\InstallShield
[2010.02.09 23:23:07 | 000,000,000 | -H-D | C] -- C:\LG3G
[2010.02.09 23:20:23 | 000,000,000 | ---D | C] -- C:\lgupload
[2010.02.09 23:00:14 | 000,024,960 | ---- | C] (LG Electronics Inc.) -- C:\Windows\System32\drivers\lgusbmodem.sys
[2010.02.09 23:00:14 | 000,020,864 | ---- | C] (LG Electronics Inc.) -- C:\Windows\System32\drivers\lgusbdiag.sys
[2010.02.09 23:00:14 | 000,013,056 | ---- | C] (LG Electronics Inc.) -- C:\Windows\System32\drivers\lgusbbus.sys
[2010.02.09 23:00:13 | 000,000,000 | ---D | C] -- C:\Program Files\LG Electronics
[2010.02.09 22:58:49 | 000,000,000 | ---D | C] -- C:\Program Files\LG PC Suite 2
[2010.02.09 22:05:04 | 000,000,000 | ---D | C] -- C:\Windows\pss
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2010.03.11 17:51:09 | 003,670,016 | ---- | M] () -- C:\Users\Sini\ntuser.dat
[2010.03.11 17:47:34 | 000,554,496 | ---- | M] (OldTimer Tools) -- C:\Users\Sini\Desktop\OTL.exe
[2010.03.11 17:32:18 | 000,014,608 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.03.11 17:32:18 | 000,014,608 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.03.11 17:22:50 | 000,000,975 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.03.11 10:53:23 | 000,001,815 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk
[2010.03.11 10:06:52 | 000,000,574 | ---- | M] () -- C:\Windows\tasks\Scheduled scanning task.job
[2010.03.11 10:06:24 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.03.11 10:06:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.03.10 23:48:17 | 001,144,078 | -H-- | M] () -- C:\Users\Sini\AppData\Local\IconCache.db
[2010.03.10 18:33:27 | 000,000,466 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_021.cplist
[2010.03.10 18:33:24 | 000,002,516 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys
[2010.03.10 18:27:55 | 000,000,466 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_020.cplist
[2010.03.10 17:18:06 | 000,000,480 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_019.cplist
[2010.03.10 17:07:51 | 000,000,466 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_018.cplist
[2010.03.10 16:48:16 | 000,000,522 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_017.cplist
[2010.03.10 16:39:45 | 437,169,378 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010.03.10 16:16:42 | 000,021,584 | ---- | M] () -- C:\Windows\System32\drivers\atapi.sys
[2010.03.09 21:01:02 | 001,243,400 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.03.09 21:01:02 | 000,616,736 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.03.09 21:01:02 | 000,442,586 | ---- | M] () -- C:\Windows\System32\perfh00B.dat
[2010.03.09 21:01:02 | 000,107,828 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.03.09 21:01:02 | 000,083,000 | ---- | M] () -- C:\Windows\System32\perfc00B.dat
[2010.03.09 19:14:17 | 000,000,246 | ---- | M] () -- C:\Windows\Cmicnfg3.ini.cfl
[2010.03.09 19:14:17 | 000,000,168 | ---- | M] () -- C:\Windows\Cmicnfg3.ini.imi
[2010.03.09 19:14:17 | 000,000,136 | ---- | M] () -- C:\Windows\System\Dlap.pfx
[2010.03.09 19:13:35 | 000,000,107 | ---- | M] () -- C:\Windows\System\Cmicnfg3.ini
[2010.03.09 18:35:11 | 000,118,375 | ---- | M] () -- C:\Windows\System32\MSF_RIUNyS3.exe
[2010.03.09 17:58:41 | 002,760,844 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\update.exe
[2010.03.08 23:34:07 | 000,196,608 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2010.03.08 23:33:56 | 000,524,288 | -HS- | M] () -- C:\Users\Sini\ntuser.dat{d4828c67-2ac3-11df-9e1b-001966bb5e2b}.TMContainer00000000000000000002.regtrans-ms
[2010.03.08 23:33:56 | 000,524,288 | -HS- | M] () -- C:\Users\Sini\ntuser.dat{d4828c67-2ac3-11df-9e1b-001966bb5e2b}.TMContainer00000000000000000001.regtrans-ms
[2010.03.08 23:33:56 | 000,065,536 | -HS- | M] () -- C:\Users\Sini\ntuser.dat{d4828c67-2ac3-11df-9e1b-001966bb5e2b}.TM.blf
[2010.03.07 20:12:07 | 000,000,514 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_016.cplist
[2010.03.07 20:11:41 | 000,000,498 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_015.cplist
[2010.03.07 19:54:33 | 000,000,562 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_014.cplist
[2010.03.07 16:18:57 | 000,000,466 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_013.cplist
[2010.03.07 15:15:38 | 000,000,490 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_012.cplist
[2010.03.07 10:49:53 | 000,000,486 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_011.cplist
[2010.03.07 10:49:13 | 000,000,514 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_010.cplist
[2010.03.06 22:12:01 | 000,000,582 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_009.cplist
[2010.03.06 22:10:45 | 000,000,452 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_008.cplist
[2010.03.06 22:09:53 | 000,000,582 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_007.cplist
[2010.03.06 22:08:50 | 000,000,510 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_006.cplist
[2010.03.06 20:32:44 | 000,000,498 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_005.cplist
[2010.03.06 18:00:35 | 000,000,564 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_004.cplist
[2010.03.06 13:05:40 | 000,000,522 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_003.cplist
[2010.03.06 10:44:37 | 000,016,400 | ---- | M] (Logitech, Inc.) -- C:\Windows\System32\drivers\LNonPnP.sys
[2010.03.06 10:37:16 | 000,033,920 | ---- | M] () -- C:\Windows\System32\drivers\fsbts.sys
[2010.03.06 10:31:37 | 000,000,052 | ---- | M] () -- C:\Windows\System32\ashttpstats.csv
[2010.03.05 17:29:59 | 000,000,496 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_002.cplist
[2010.03.05 17:07:49 | 000,000,562 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_001.cplist
[2010.03.04 10:06:23 | 002,353,664 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\phar_unmip.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\phar_histprot.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_video.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_webproxy.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_tabloids.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_socialnetworks.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_searchengines.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_regionaltlds.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_pornography.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_onlineshop.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_onlinepay.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_onlinedating.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_news.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_im.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_illegal.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_hate.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_games.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_gambling.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_drugs.dat
[2010.03.03 12:59:57 | 000,115,248 | ---- | M] () -- C:\Users\Sini\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.03.03 12:06:44 | 000,000,025 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\bdfvconp.ini
[2010.03.03 11:15:58 | 000,002,412 | ---- | M] () -- C:\Windows\System32\lgAxconfig.ini
[2010.03.03 10:42:16 | 000,000,132 | ---- | M] () -- C:\Windows\System32\rezumatenoi.dat
[2010.03.03 10:38:08 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
[2010.03.03 10:18:28 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcp71.dll
[2010.03.03 10:18:28 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcr71.dll
[2010.03.03 09:58:58 | 000,008,284 | ---- | M] () -- C:\Windows\System32\eps_icon.avi
[2010.02.25 12:03:02 | 000,030,536 | ---- | M] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe
[2010.02.25 11:56:16 | 000,021,320 | ---- | M] (TuneUp Software) -- C:\Windows\System32\authuitu.dll
[2010.02.25 11:56:02 | 000,030,024 | ---- | M] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll
[2010.02.24 09:16:06 | 000,181,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010.02.20 17:07:24 | 000,278,984 | ---- | M] () -- C:\Windows\System32\drivers\atksgt.sys
[2010.02.20 17:06:41 | 000,025,416 | ---- | M] () -- C:\Windows\System32\drivers\lirsgt.sys
[2010.02.18 13:42:24 | 001,290,240 | ---- | M] () -- C:\Windows\System32\p0_aPIH.dll
[2010.02.11 09:10:14 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2010.03.11 17:22:50 | 000,000,975 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.03.11 10:53:23 | 000,001,815 | ---- | C] () -- C:\Users\Sini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk
[2010.03.10 18:33:27 | 000,000,466 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_021.cplist
[2010.03.10 18:27:55 | 000,000,466 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_020.cplist
[2010.03.10 17:14:46 | 000,000,480 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_019.cplist
[2010.03.10 17:07:51 | 000,000,466 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_018.cplist
[2010.03.10 16:48:16 | 000,000,522 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_017.cplist
[2010.03.09 23:08:45 | 437,169,378 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010.03.09 20:58:43 | 000,006,136 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2010.03.09 17:58:09 | 002,760,844 | ---- | C] () -- C:\Users\Sini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\update.exe
[2010.03.09 17:57:01 | 000,118,375 | ---- | C] () -- C:\Windows\System32\MSF_RIUNyS3.exe
[2010.03.08 17:34:09 | 000,524,288 | -HS- | C] () -- C:\Users\Sini\ntuser.dat{d4828c67-2ac3-11df-9e1b-001966bb5e2b}.TMContainer00000000000000000002.regtrans-ms
[2010.03.08 17:34:09 | 000,524,288 | -HS- | C] () -- C:\Users\Sini\ntuser.dat{d4828c67-2ac3-11df-9e1b-001966bb5e2b}.TMContainer00000000000000000001.regtrans-ms
[2010.03.08 17:34:09 | 000,065,536 | -HS- | C] () -- C:\Users\Sini\ntuser.dat{d4828c67-2ac3-11df-9e1b-001966bb5e2b}.TM.blf
[2010.03.07 20:12:07 | 000,000,514 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_016.cplist
[2010.03.07 20:11:41 | 000,000,498 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_015.cplist
[2010.03.07 19:54:33 | 000,000,562 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_014.cplist
[2010.03.07 15:16:36 | 000,000,466 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_013.cplist
[2010.03.07 15:15:38 | 000,000,490 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_012.cplist
[2010.03.07 10:49:53 | 000,000,486 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_011.cplist
[2010.03.07 10:49:13 | 000,000,514 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_010.cplist
[2010.03.06 22:12:01 | 000,000,582 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_009.cplist
[2010.03.06 22:10:45 | 000,000,452 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_008.cplist
[2010.03.06 22:09:53 | 000,000,582 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_007.cplist
[2010.03.06 22:08:50 | 000,000,510 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_006.cplist
[2010.03.06 20:32:44 | 000,000,498 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_005.cplist
[2010.03.06 18:00:35 | 000,000,564 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_004.cplist
[2010.03.06 13:05:40 | 000,000,522 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_003.cplist
[2010.03.06 10:40:52 | 000,000,574 | ---- | C] () -- C:\Windows\tasks\Scheduled scanning task.job
[2010.03.06 10:24:39 | 000,033,920 | ---- | C] () -- C:\Windows\System32\drivers\fsbts.sys
[2010.03.05 17:29:59 | 000,000,496 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_002.cplist
[2010.03.05 17:07:49 | 000,000,562 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_001.cplist
[2010.03.05 10:32:29 | 000,000,052 | ---- | C] () -- C:\Windows\System32\ashttpstats.csv
[2010.03.03 20:00:16 | 000,491,104 | ---- | C] () -- C:\Windows\System32\atiumdva.cap
[2010.03.03 20:00:15 | 000,001,035 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2010.03.03 20:00:08 | 000,020,274 | ---- | C] () -- C:\Windows\atiogl.xml
[2010.03.03 20:00:06 | 000,198,341 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2010.03.03 20:00:05 | 000,031,240 | ---- | C] () -- C:\Windows\System32\atiapfxx.blb
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\phar_unmip.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\phar_histprot.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_video.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_webproxy.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_tabloids.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_socialnetworks.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_searchengines.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_regionaltlds.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_pornography.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_onlineshop.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_onlinepay.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_onlinedating.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_news.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_im.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_illegal.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_hate.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_games.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_gambling.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_drugs.dat
[2010.03.03 12:06:44 | 000,000,025 | ---- | C] () -- C:\Users\Sini\AppData\Roaming\bdfvconp.ini
[2010.03.03 11:15:35 | 000,053,248 | ---- | C] () -- C:\Windows\System32\CommonDL.dll
[2010.03.03 11:15:35 | 000,002,412 | ---- | C] () -- C:\Windows\System32\lgAxconfig.ini
[2010.03.03 10:38:08 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
[2010.02.20 17:06:42 | 000,278,984 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2010.02.20 17:06:41 | 000,025,416 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2010.02.18 13:42:24 | 001,290,240 | ---- | C] () -- C:\Windows\System32\p0_aPIH.dll
[2010.01.20 21:29:05 | 000,000,008 | RHS- | C] () -- C:\ProgramData\DA2827B44C.sys
[2010.01.20 21:29:04 | 000,002,516 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010.01.03 21:04:37 | 000,722,416 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2009.12.26 18:13:11 | 000,151,552 | ---- | C] () -- C:\Windows\System32\nvRegDev.dll
[2009.12.18 20:29:26 | 000,237,568 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2009.12.18 19:47:12 | 000,026,112 | ---- | C] () -- C:\Users\Sini\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.12.03 18:49:16 | 000,007,605 | ---- | C] () -- C:\Users\Sini\AppData\Local\Resmon.ResmonCfg
[2009.12.01 19:03:03 | 000,003,733 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2009.11.26 22:38:15 | 000,008,704 | ---- | C] () -- C:\Windows\System32\CNMVS7I.DLL
[2009.11.26 17:11:39 | 000,000,246 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.cfl
[2009.11.26 17:10:57 | 000,303,104 | ---- | C] () -- C:\Windows\System32\CmiInstallResAll.dll
[2009.11.26 17:10:57 | 000,002,123 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.cfg
[2009.11.26 17:10:57 | 000,000,168 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.imi
[2009.11.26 17:10:56 | 000,002,754 | ---- | C] () -- C:\Windows\cmudax3.ini
[2009.11.25 22:39:58 | 000,000,266 | ---- | C] () -- C:\Windows\lgfwup.ini
[2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.07.14 01:11:15 | 000,021,584 | ---- | C] () -- C:\Windows\System32\drivers\atapi.sys
[2009.06.19 20:06:22 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2006.10.11 05:33:58 | 000,010,288 | ---- | C] () -- C:\Windows\System32\drivers\ASUSHWIO.SYS
[2005.02.25 06:15:00 | 000,159,744 | ---- | C] () -- C:\Windows\System32\EPSPTDV.DLL
[2004.01.15 07:01:26 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll
< End of report >
OTL Extras logfile created on: 11.3.2010 17:49:46 - Run 1
OTL by OldTimer - Version 3.1.36.1 Folder = C:\Users\Sini\Desktop
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 0000040b | Country: Suomi | Language: FIN | Date Format: d.M.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 68,00% Memory free
7,00 Gb Paging File | 6,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 931,51 Gb Total Space | 732,06 Gb Free Space | 78,59% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: SINI-PC
Current User Name: Sini
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
[color=#E56717]========== File Associations ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-3761315706-44459061-675875969-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[color=#E56717]========== Shell Spawning ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[color=#E56717]========== Security Center Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[color=#E56717]========== Authorized Applications List ==========[/color]
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{022F6097-A053-4B1B-BE50-3AADE4116B92}" = Opera 10.50
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0BB72566-0D4C-7200-2CE7-02F298B49C88}" = CCC Help English
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{110AD51E-D0E0-49B1-52FD-291373BA62EA}" = Catalyst Control Center Graphics Full New
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{1B2DBF55-05D4-4072-87D8-689141E262BD}" = Creative ZEN
"{1E99F5D7-4262-4C7C-9135-F066E7485811}" = System Requirements Lab
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20071984-5EB1-4881-8EDB-082532ACEC6D}" = Heroes of Might and Magic V
"{20140000-000F-0000-0000-0000000FF1CE}" = Microsoft Office Mondo 2010 (Beta)
"{20140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010 (Beta)
"{20140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010 (Beta)
"{20140000-0017-0409-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (English) 2010 (Beta)
"{20140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010 (Beta)
"{20140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010 (Beta)
"{20140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010 (Beta)
"{20140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010 (Beta)
"{20140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 (Beta)
"{20140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 (Beta)
"{20140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010 (Beta)
"{20140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010 (Beta)
"{20140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010 (Beta)
"{20140000-0054-0409-0000-0000000FF1CE}" = Microsoft Office Visio MUI (English) 2010 (Beta)
"{20140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010 (Beta)
"{20140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010 (Beta)
"{20140000-00B4-0409-0000-0000000FF1CE}" = Microsoft Office Project MUI (English) 2010 (Beta)
"{20140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010 (Beta)
"{20140000-0102-0409-0000-0000000FF1CE}" = Microsoft Office MondoOnly MUI (English) 2010 (Beta)
"{20140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010 (Beta)
"{20140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010 (Beta)
"{20140000-011A-0000-0000-0000000FF1CE}" = Microsoft Office Send-a-Smile
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Liven lataustyökalu
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{23F79416-CAD1-41BF-99A3-040F6C814AAA}" = NVIDIA Photoshop Plug-ins
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{31557F4F-7D10-D32E-4B70-237A09FCC31B}" = Catalyst Control Center Graphics Previews Common
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3C175604-F026-5D79-BBD8-F626AE10B3EF}" = Catalyst Control Center Graphics Full Existing
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Autodesk Backburner 2008.1
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{4442AB48-DEC4-4B39-B067-1F75BF8017E7}" = Creative Centrale
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{513148E7-B7A1-48B2-B518-668701E546F5}" = LightScribe System Software 1.14.19.1
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{5C1F18D2-F6B7-4242-B803-B5A78648185D}" = Corel WinDVD 2010
"{5DB65884-C963-4454-AABA-4CA3089281FA}" = NVIDIA PhysX
"{6179550A-3E7C-499E-BCC9-9E8113E0A285}" = LG Tool Kit
"{62C2067E-5851-BD4C-98E0-5C4D5E155A5B}" = Catalyst Control Center Core Implementation
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{72736F5F-520D-472A-88CC-7B02872FD34E}" = ATI Catalyst Registration
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{85EB1E72-4FAA-40E4-A511-DF3A9A0A4CA8}" = Windows Live Messenger
"{86604C06-DA30-425E-AECE-47304FE81C45}" = Creative Software Update
"{87BB78C4-F36D-4D93-A7C7-F80F18219848}" = AMD DnD V1.0.19
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{993960EE-CA4D-443F-8F88-E24260DD5FD2}" = LG PC Suite
"{998152E5-B605-4BBB-9853-E749AEE02B21}" = Windows Liven kirjautumisavustaja
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C87F6BB-75E4-4F35-8353-F5E295264E98}" = Windows Live Call
"{9D669429-A2E4-4793-B7A0-283D259F39AF}" = Adobe Photoshop Lightroom 2.5
"{9E1BAB75-EB78-440D-94C0-A3857BE2E733}" = System Requirements Lab
"{A292C05C-840A-9D47-5350-EF39ECC7629E}" = Catalyst Control Center HydraVision Full
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A666A477-4C02-415E-9F31-3541FC0CD6B5}" = SipdxDLL
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{AA2BCB44-B44F-445A-A80C-E6C50218940C}" = Windows Liven asennustyökalu
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.1
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AD17676C-5065-E427-130B-21CE713F93E7}" = Catalyst Control Center Graphics Light
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B970700B-E49F-ECEF-4ADB-0F3E1AFEDE91}" = ccc-core-static
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BC1FFF14-C10D-7087-C43A-4A8ECC9C98C4}" = ATI Catalyst Install Manager
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims? 3
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem Driver
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CF23AFD7-3078-4134-8823-EBF6D1FE6FAD}" = Canon MP450
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{D5395E5F-4D45-4665-8F00-234FA33678AF}" = SlimDX Redistributable (March 2009)
"{DA6FAB8D-E87A-4E8E-A3D3-B7B9F479C725}" = forteManager
"{E2E7A0E8-77C4-495F-8FA3-63DAEDAA2DB3}" = F-Secure PSC Prerequisites
"{E2F29FCA-126F-48DF-A9B5-BEBE8F0F1610}" = CreativeSetup
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{E542E630-8BB7-4C28-B8EB-0BAD2B201C65}" = Audio Track Editor
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F439D7AF-03F3-4F8E-AEC4-571BFE977C61}" = iTunes
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{F9726DDC-D7B5-BF1F-5626-EA467FEEBC52}" = ccc-utility
"{F9F13FEA-D51E-A1C3-4EDC-D04A91B62C93}" = Catalyst Control Center Graphics Previews Vista
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FE3997D3-6B56-4AC4-A99C-9DDFC45359BF}" = TuneUp Utilities Language Pack (en-US)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"ADSL Router Utility" = ADSL Router Utility
"Akamai" = Akamai NetSession Interface
"CCleaner" = CCleaner
"C-Media PCI Audio Driver" = C-Media PCI Audio Device
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Creative Centrale" = Creative Centrale
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Defraggler" = Defraggler
"Driver Genius Professional Edition_is1" = Driver Genius Professional Edition
"EADM" = EA Download Manager
"FileHippo.com" = FileHippo.com Update Checker
"F-Secure Product 444" = Sonera Tietoturva
"HijackThis" = HijackThis 2.0.2
"InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"LastFM_is1" = Last.fm 1.5.4.24567
"LimeWire" = LimeWire 5.5.5
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.6)" = Mozilla Firefox (3.6)
"MSF_RIUNyS3" = LoudMo Contextual Ad Assistant
"NVIDIA Drivers" = NVIDIA Drivers
"Office14.MONDO" = Microsoft Office Mondo 2010
"PowerISO" = PowerISO
"Sonera Internet Avustaja_is1" = Sonera Internet Avustaja
"Spotify" = Spotify
"SysInfo" = Creative System Information
"TS3 Install Helper Monkey" = TS3 Install Helper Monkey
"TuneUp Utilities" = TuneUp Utilities
"Uninstall_is1" = Uninstall 1.0.0.1
"uTorrent" = µTorrent
"WinLiveSuite_Wave3" = Windows Liven asennustyökalu
"WinPcapInst" = WinPcap 3.1 beta3
"WinRAR archiver" = WinRAR archiver
"VLC media player" = VLC media player 1.0.3
[color=#E56717]========== Last 10 Event Log Errors ==========[/color]
[ Application Events ]
Error - 10.3.2010 10:40:05 | Computer Name = Sini-PC | Source = FSecure-FSecure-F-Secure DeepGuard | ID = 103
Description = 1 2010-03-10 16:40:05+03:00 SINI-PC SYSTEM F-Secure DeepGuard
DeepGuard configuration was rejected. Old configuration will be used if possible.
Error code: DAAS reject
Error - 10.3.2010 10:52:02 | Computer Name = Sini-PC | Source = FSecure-FSecure-F-Secure DeepGuard | ID = 103
Description = 1 2010-03-10 16:52:02+03:00 SINI-PC SYSTEM F-Secure DeepGuard
DeepGuard configuration was rejected. Old configuration will be used if possible.
Error code: DAAS reject
Error - 10.3.2010 14:39:39 | Computer Name = Sini-PC | Source = Application Error | ID = 1000
Description = Viallisen sovelluksen nimi: IEXPLORE.EXE, versio: 8.0.7600.16385,
aikaleima: 0x4a5bc69e Viallisen moduulin nimi: ntdll.dll, versio: 6.1.7600.16385,
aikaleima: 0x4a5bdadb Poikkeuskoodi: 0xc0000005 Virhepoikkeama: 0x00046b90 Viallisen
prosessin tunnus: 0xee8 Viallisen sovelluksen käynnistysaika: 0x01cac080c4a06724
Viallisen
sovelluksen polku: C:\Program Files\Internet Explorer\IEXPLORE.EXE Viallisen moduulin
polku: C:\Windows\SYSTEM32\ntdll.dll Raportin tunnus: 4873d423-2c74-11df-a210-001966bb5e2b
Error - 10.3.2010 15:02:09 | Computer Name = Sini-PC | Source = Application Error | ID = 1000
Description = Viallisen sovelluksen nimi: iexplore.exe, versio: 8.0.7600.16385,
aikaleima: 0x4a5bc69e Viallisen moduulin nimi: ntdll.dll, versio: 6.1.7600.16385,
aikaleima: 0x4a5bdadb Poikkeuskoodi: 0xc0000005 Virhepoikkeama: 0x00046b90 Viallisen
prosessin tunnus: 0xdd0 Viallisen sovelluksen käynnistysaika: 0x01cac0841fbdf149
Viallisen
sovelluksen polku: C:\Program Files\Internet Explorer\iexplore.exe Viallisen moduulin
polku: C:\Windows\SYSTEM32\ntdll.dll Raportin tunnus: 6cfac2e4-2c77-11df-a210-001966bb5e2b
Error - 10.3.2010 15:20:08 | Computer Name = Sini-PC | Source = Application Error | ID = 1000
Description = Viallisen sovelluksen nimi: iexplore.exe, versio: 8.0.7600.16385,
aikaleima: 0x4a5bc69e Viallisen moduulin nimi: ntdll.dll, versio: 6.1.7600.16385,
aikaleima: 0x4a5bdadb Poikkeuskoodi: 0xc0000005 Virhepoikkeama: 0x00046b90 Viallisen
prosessin tunnus: 0xecc Viallisen sovelluksen käynnistysaika: 0x01cac0869d47617f
Viallisen
sovelluksen polku: C:\Program Files\Internet Explorer\iexplore.exe Viallisen moduulin
polku: C:\Windows\SYSTEM32\ntdll.dll Raportin tunnus: f03d4823-2c79-11df-a210-001966bb5e2b
Error - 10.3.2010 16:04:02 | Computer Name = Sini-PC | Source = Application Error | ID = 1000
Description = Viallisen sovelluksen nimi: iexplore.exe, versio: 8.0.7600.16385,
aikaleima: 0x4a5bc69e Viallisen moduulin nimi: ntdll.dll, versio: 6.1.7600.16385,
aikaleima: 0x4a5bdadb Poikkeuskoodi: 0xc0000005 Virhepoikkeama: 0x00046b90 Viallisen
prosessin tunnus: 0x1214 Viallisen sovelluksen käynnistysaika: 0x01cac08cbde8fc58
Viallisen
sovelluksen polku: C:\Program Files\Internet Explorer\iexplore.exe Viallisen moduulin
polku: C:\Windows\SYSTEM32\ntdll.dll Raportin tunnus: 11dd8c29-2c80-11df-a210-001966bb5e2b
Error - 11.3.2010 4:06:42 | Computer Name = Sini-PC | Source = FSecure-FSecure-F-Secure DeepGuard | ID = 103
Description = 1 2010-03-11 10:06:42+03:00 SINI-PC SYSTEM F-Secure DeepGuard
DeepGuard configuration was rejected. Old configuration will be used if possible.
Error code: DAAS reject
Error - 11.3.2010 5:16:36 | Computer Name = Sini-PC | Source = SideBySide | ID = 16842815
Description = Aktivointikontekstin luonti epäonnistui (c:\Program Files\Common Files\Adobe
AIR\Versions\1.0\Adobe AIR.dll). Virhe luettelo- tai käytäntötiedoston c:\Program
Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll rivillä 3. Määritteen version
arvo (MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR) ei kelpaa
elementissä assemblyIdentity.
Error - 11.3.2010 11:24:57 | Computer Name = Sini-PC | Source = FSecure-FSecure-F-Secure Anti-Virus | ID = 103
Description = 2 2010-03-11 17:24:56+03:00 SINI-PC Sini-PC\Sini F-Secure Anti-Virus
Malicious code found in file C:\Windows\System32\sshnas21.dll. Infection: Trojan.Generic.3313565
Error - 11.3.2010 11:46:26 | Computer Name = Sini-PC | Source = Application Error | ID = 1000
Description = Viallisen sovelluksen nimi: mbam.exe, versio: 1.44.0.0, aikaleima:
0x4b46461a Viallisen moduulin nimi: ntdll.dll, versio: 6.1.7600.16385, aikaleima:
0x4a5bdadb Poikkeuskoodi: 0xc0000005 Virhepoikkeama: 0x0005c74a Viallisen prosessin
tunnus: 0x6a0 Viallisen sovelluksen käynnistysaika: 0x01cac12ecd93b5f4 Viallisen
sovelluksen polku: C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe Viallisen
moduulin polku: C:\Windows\SYSTEM32\ntdll.dll Raportin tunnus: 3fd4557a-2d25-11df-99ba-001966bb5e2b
[ Media Center Events ]
Error - 19.2.2010 7:06:41 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
Description = 13:06:39 - Virhe muodostettaessa Internet-yhteyttä. 13:06:40 -
Yhteyden muodostaminen palvelimeen ei onnistu..
Error - 19.2.2010 7:11:14 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
Description = 13:07:14 - Virhe muodostettaessa Internet-yhteyttä. 13:07:14 -
Yhteyden muodostaminen palvelimeen ei onnistu..
Error - 20.2.2010 10:48:31 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
Description = 16:48:31 - Virhe muodostettaessa Internet-yhteyttä. 16:48:31 -
Yhteyden muodostaminen palvelimeen ei onnistu..
Error - 20.2.2010 10:49:04 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
Description = 16:49:01 - Virhe muodostettaessa Internet-yhteyttä. 16:49:01 -
Yhteyden muodostaminen palvelimeen ei onnistu..
Error - 21.2.2010 11:00:55 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
Description = 17:00:55 - Virhe muodostettaessa Internet-yhteyttä. 17:00:55 -
Yhteyden muodostaminen palvelimeen ei onnistu..
Error - 21.2.2010 11:01:04 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
Description = 17:01:00 - Virhe muodostettaessa Internet-yhteyttä. 17:01:00 -
Yhteyden muodostaminen palvelimeen ei onnistu..
Error - 23.2.2010 1:22:28 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
Description = 7:22:28 - Virhe muodostettaessa Internet-yhteyttä. 7:22:28 - Yhteyden
muodostaminen palvelimeen ei onnistu..
Error - 23.2.2010 1:22:38 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
Description = 7:22:33 - Virhe muodostettaessa Internet-yhteyttä. 7:22:33 - Yhteyden
muodostaminen palvelimeen ei onnistu..
Error - 2.3.2010 5:43:49 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
Description = 11:43:49 - Virhe muodostettaessa Internet-yhteyttä. 11:43:49 -
Yhteyden muodostaminen palvelimeen ei onnistu..
Error - 2.3.2010 5:43:58 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
Description = 11:43:55 - Virhe muodostettaessa Internet-yhteyttä. 11:43:55 -
Yhteyden muodostaminen palvelimeen ei onnistu..
[ System Events ]
Error - 16.1.2010 10:26:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7031
Description = Palvelu Käyttäjäprofiilipalvelu on päättynyt odottamatta. Tämä on
tapahtunut 1 kertaa. 120000 millisekunnin kuluttua suoritetaan seuraava korjaustoimi:
Käynnistä palvelu uudelleen.
Error - 16.1.2010 10:26:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7031
Description = Palvelu Tehtävien ajoitus on päättynyt odottamatta. Tämä on tapahtunut
1 kertaa. 60000 millisekunnin kuluttua suoritetaan seuraava korjaustoimi: Käynnistä
palvelu uudelleen.
Error - 16.1.2010 10:26:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7031
Description = Palvelu Järjestelmätapahtumien ilmoituspalvelu on päättynyt odottamatta.
Tämä on tapahtunut 1 kertaa. 120000 millisekunnin kuluttua suoritetaan seuraava
korjaustoimi: Käynnistä palvelu uudelleen.
Error - 16.1.2010 10:26:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7031
Description = Palvelu Käyttöliittymän laitteistotunnistus on päättynyt odottamatta.
Tämä on tapahtunut 1 kertaa. 60000 millisekunnin kuluttua suoritetaan seuraava
korjaustoimi: Käynnistä palvelu uudelleen.
Error - 16.1.2010 10:26:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7031
Description = Palvelu Teemat on päättynyt odottamatta. Tämä on tapahtunut 1 kertaa.
60000 millisekunnin kuluttua suoritetaan seuraava korjaustoimi: Käynnistä palvelu
uudelleen.
Error - 16.1.2010 10:26:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7031
Description = Palvelu WMI-palvelu (Windows Management Instrumentation) on päättynyt
odottamatta. Tämä on tapahtunut 1 kertaa. 120000 millisekunnin kuluttua suoritetaan
seuraava korjaustoimi: Käynnistä palvelu uudelleen.
Error - 16.1.2010 10:26:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7031
Description = Palvelu Windows Update on päättynyt odottamatta. Tämä on tapahtunut
1 kertaa. 60000 millisekunnin kuluttua suoritetaan seuraava korjaustoimi: Käynnistä
palvelu uudelleen.
Error - 16.1.2010 10:27:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7032
Description = Palvelujen ohjauksen hallinta yritti suorittaa korjaustoimia (Käynnistä
palvelu uudelleen) palvelun Palvelin odottamattoman lopettamisen jälkeen. Yritys
epäonnistui ja tapahtui virhe: %%1056
Error - 16.1.2010 10:28:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7032
Description = Palvelujen ohjauksen hallinta yritti suorittaa korjaustoimia (Käynnistä
palvelu uudelleen) palvelun Tietokoneiden selaus odottamattoman lopettamisen jälkeen.
Yritys epäonnistui ja tapahtui virhe: %%1056
Error - 16.1.2010 10:28:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7032
Description = Palvelujen ohjauksen hallinta yritti suorittaa korjaustoimia (Käynnistä
palvelu uudelleen) palvelun WMI-palvelu (Windows Management Instrumentation) odottamattoman
lopettamisen jälkeen. Yritys epäonnistui ja tapahtui virhe: %%1056
< End of report >
|
Member
1 tuotearvio
|
11. maaliskuuta 2010 @ 18:40 |
Linkki tähän viestiin
|
OTL logfile created on: 11.3.2010 17:49:46 - Run 1
OTL by OldTimer - Version 3.1.36.1 Folder = C:\Users\Sini\Desktop
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 0000040b | Country: Suomi | Language: FIN | Date Format: d.M.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 68,00% Memory free
7,00 Gb Paging File | 6,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 931,51 Gb Total Space | 732,06 Gb Free Space | 78,59% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: SINI-PC
Current User Name: Sini
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - [2010.03.11 17:47:34 | 000,554,496 | ---- | M] (OldTimer Tools) -- C:\Users\Sini\Desktop\OTL.exe
PRC - [2010.03.06 10:36:53 | 000,356,960 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\fsav32.exe
PRC - [2010.03.06 10:36:07 | 000,619,616 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\fssm32.exe
PRC - [2010.03.06 10:36:06 | 000,480,352 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\fsgk32.exe
PRC - [2010.03.06 10:28:03 | 000,055,992 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\ORSP Client\fsorsp.exe
PRC - [2010.02.25 12:02:02 | 000,716,616 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
PRC - [2010.02.25 11:59:54 | 001,047,880 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
PRC - [2010.02.02 20:17:28 | 000,372,736 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2010.02.02 20:16:58 | 000,172,032 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.08.10 15:59:50 | 000,178,720 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
PRC - [2009.08.10 15:59:48 | 000,387,616 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
PRC - [2009.08.05 17:58:52 | 000,186,976 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\Common\FSMA32.EXE
PRC - [2009.08.05 17:58:50 | 000,199,264 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\Common\FSM32.EXE
PRC - [2009.08.05 17:58:50 | 000,088,672 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\Common\FSHDLL32.EXE
PRC - [2009.08.05 17:57:20 | 000,522,848 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\FWES\program\fsdfwd.exe
PRC - [2009.08.05 17:56:10 | 000,215,648 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\fsgk32st.exe
PRC - [2009.07.14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009.07.14 03:14:24 | 000,157,184 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Windows Defender\MpCmdRun.exe
PRC - [2008.10.16 10:04:42 | 000,202,016 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Sonera\InternetAvustaja\bin\sprtsvc.exe
PRC - [2007.07.24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
[color=#E56717]========== Modules (SafeList) ==========[/color]
MOD - [2010.03.11 17:47:34 | 000,554,496 | ---- | M] (OldTimer Tools) -- C:\Users\Sini\Desktop\OTL.exe
MOD - [2009.07.14 03:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll
MOD - [2009.07.14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll
MOD - [2009.07.14 03:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll
MOD - [2009.07.14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll
MOD - [2009.07.14 03:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll
MOD - [2009.07.14 03:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll
MOD - [2009.07.14 03:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
MOD - [2009.07.14 03:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll
MOD - [2009.07.14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll
MOD - [2009.07.14 03:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll
MOD - [2009.07.14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
SRV - [2010.03.06 10:28:03 | 000,055,992 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files\Sonera\Sonera Tietoturva\ORSP Client\fsorsp.exe -- (FSORSPClient)
SRV - [2010.03.05 16:33:51 | 002,462,256 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\rswin_3648.dll -- (Akamai)
SRV - [2010.03.03 10:05:31 | 000,435,016 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2010.02.25 11:59:54 | 001,047,880 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2010.02.25 11:56:02 | 000,030,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2010.02.02 20:16:58 | 000,172,032 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009.08.21 15:47:14 | 030,510,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2009.08.21 15:36:08 | 004,639,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009.08.10 15:59:50 | 000,178,720 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp)
SRV - [2009.08.10 15:59:48 | 000,387,616 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM)
SRV - [2009.08.05 17:58:52 | 000,186,976 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files\Sonera\Sonera Tietoturva\Common\FSMA32.EXE -- (FSMA)
SRV - [2009.08.05 17:57:20 | 000,522,848 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files\Sonera\Sonera Tietoturva\FWES\Program\fsdfwd.exe -- (FSDFWD)
SRV - [2009.08.05 17:56:10 | 000,215,648 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\fsgk32st.exe -- (F-Secure Gatekeeper Handler Starter)
SRV - [2009.07.14 03:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)
SRV - [2009.07.14 03:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
SRV - [2009.07.14 03:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power)
SRV - [2009.07.14 03:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2009.07.14 03:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)
SRV - [2009.07.14 03:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)
SRV - [2009.07.14 03:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
SRV - [2009.07.14 03:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
SRV - [2009.07.14 03:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.07.14 03:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
SRV - [2009.07.14 03:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009.07.14 03:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2009.07.14 03:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc)
SRV - [2009.07.14 03:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC)
SRV - [2009.07.14 03:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) ActiveX-asennusohjelma (AxInstSV)
SRV - [2009.07.14 03:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)
SRV - [2009.07.14 03:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc)
SRV - [2008.10.16 10:04:42 | 000,202,016 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Sonera\InternetAvustaja\bin\sprtsvc.exe -- (sprtsvc_sonera) SupportSoft Sprocket Service (sonera)
SRV - [2008.10.16 10:02:58 | 000,382,320 | ---- | M] (SupportSoft, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\supportsoft\bin\ssrc.exe -- (SupportSoft RemoteAssist)
SRV - [2008.05.21 13:42:56 | 000,064,000 | ---- | M] (Creative Technology Ltd) [Disabled | Stopped] -- C:\Program Files\Creative\Creative Centrale\CTUPnPSv.exe -- (CTUPnPSv)
SRV - [2007.12.13 16:29:59 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2007.07.24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2007.04.02 08:15:40 | 000,061,440 | ---- | M] (Creative Technology Ltd) [Disabled | Stopped] -- C:\Program Files\Creative\Shared Files\CTDevSrv.exe -- (CTDevice_Srv)
SRV - [2004.05.14 13:02:46 | 000,086,016 | ---- | M] (NetGroup - Politecnico di Torino) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV - [2010.03.10 16:16:42 | 000,021,584 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\atapi.sys -- (atapi)
DRV - [2010.03.06 10:37:16 | 000,033,920 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\Drivers\fsbts.sys -- (fsbts)
DRV - [2010.03.06 10:36:46 | 000,107,104 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\minifilter\fsgk.sys -- (F-Secure Gatekeeper)
DRV - [2010.02.20 17:07:24 | 000,278,984 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2010.02.20 17:06:41 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2010.02.02 20:54:34 | 005,313,536 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2010.02.02 20:54:34 | 005,313,536 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atipmdag.sys -- (amdkmdag)
DRV - [2010.02.02 19:23:42 | 000,150,016 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2010.01.28 15:33:30 | 000,100,352 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2010.01.27 11:04:00 | 000,183,584 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService)
DRV - [2010.01.21 01:59:58 | 000,020,864 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2010.01.21 01:59:56 | 000,024,960 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2010.01.21 01:59:56 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2010.01.07 16:07:14 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2010.01.03 21:04:37 | 000,722,416 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.12.19 02:31:32 | 000,073,312 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\adfs.sys -- (adfs)
DRV - [2009.12.01 11:11:28 | 001,872,192 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\cmudax3.sys -- (cmuda3)
DRV - [2009.11.10 14:55:08 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2009.11.10 14:54:52 | 000,035,984 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2009.11.09 05:21:18 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2009.10.14 07:24:44 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2009.08.05 17:58:30 | 000,068,064 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys -- (F-Secure HIPS)
DRV - [2009.08.05 17:57:20 | 000,071,040 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\fsdfw.sys -- (FSFW)
DRV - [2009.08.05 17:57:12 | 000,035,680 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\fses.sys -- (FSES)
DRV - [2009.08.05 17:56:14 | 000,039,776 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\win2k\fsfilter.sys -- (F-Secure Filter)
DRV - [2009.08.05 17:56:14 | 000,025,184 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\win2k\fsrec.sys -- (F-Secure Recognizer)
DRV - [2009.08.05 17:56:12 | 000,012,384 | ---- | M] () [Kernel | System | Running] -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\minifilter\fsvista.sys -- (fsvista)
DRV - [2009.07.30 17:12:54 | 000,287,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmf6232.sys -- (NVNET)
DRV - [2009.07.14 03:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide)
DRV - [2009.07.14 03:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci)
DRV - [2009.07.14 03:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)
DRV - [2009.07.14 03:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)
DRV - [2009.07.14 03:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320)
DRV - [2009.07.14 03:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas)
DRV - [2009.07.14 03:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata)
DRV - [2009.07.14 03:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc)
DRV - [2009.07.14 03:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata)
DRV - [2009.07.14 03:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide)
DRV - [2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor)
DRV - [2009.07.14 03:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid)
DRV - [2009.07.14 03:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)
DRV - [2009.07.14 03:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)
DRV - [2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV)
DRV - [2009.07.14 03:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)
DRV - [2009.07.14 03:20:36 | 000,133,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg)
DRV - [2009.07.14 03:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2009.07.14 03:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)
DRV - [2009.07.14 03:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)
DRV - [2009.07.14 03:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp)
DRV - [2009.07.14 03:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas)
DRV - [2009.07.14 03:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)
DRV - [2009.07.14 03:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor)
DRV - [2009.07.14 03:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx)
DRV - [2009.07.14 03:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD)
DRV - [2009.07.14 03:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)
DRV - [2009.07.14 03:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)
DRV - [2009.07.14 03:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp)
DRV - [2009.07.14 03:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount)
DRV - [2009.07.14 03:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide)
DRV - [2009.07.14 03:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300)
DRV - [2009.07.14 03:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)
DRV - [2009.07.14 03:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)
DRV - [2009.07.14 03:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)
DRV - [2009.07.14 03:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw)
DRV - [2009.07.14 03:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)
DRV - [2009.07.14 03:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor)
DRV - [2009.07.14 03:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG)
DRV - [2009.07.14 02:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2009.07.14 02:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\rdpbus.sys -- (rdpbus)
DRV - [2009.07.14 02:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV - [2009.07.14 01:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV - [2009.07.14 01:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)
DRV - [2009.07.14 01:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)
DRV - [2009.07.14 01:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)
DRV - [2009.07.14 01:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\1394ohci.sys -- (1394ohci)
DRV - [2009.07.14 01:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass)
DRV - [2009.07.14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009.07.14 01:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV - [2009.07.14 01:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)
DRV - [2009.07.14 01:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus)
DRV - [2009.07.14 01:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID)
DRV - [2009.07.14 01:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter)
DRV - [2009.07.14 01:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache)
DRV - [2009.07.14 01:19:21 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HidBatt.sys -- (HidBatt)
DRV - [2009.07.14 01:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi)
DRV - [2009.07.14 01:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdppm.sys -- (AmdPPM)
DRV - [2009.07.14 00:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.14 00:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV - [2009.07.14 00:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer)
DRV - [2009.07.14 00:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm)
DRV - [2009.07.14 00:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo)
DRV - [2009.07.14 00:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp)
DRV - [2009.07.14 00:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
DRV - [2009.07.14 00:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2009.07.14 00:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv)
DRV - [2009.07.14 00:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv)
DRV - [2009.06.29 00:36:36 | 000,017,920 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2008.12.12 15:27:46 | 000,018,432 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\LG Soft India\forteManager\bin\PII2CDriver.sys -- (LGII2CDevice)
DRV - [2008.12.12 15:27:46 | 000,014,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\LG Soft India\forteManager\bin\I2CDriver.sys -- (LGDDCDevice)
DRV - [2008.01.19 05:55:22 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\irsir.sys -- (irsir)
DRV - [2007.04.17 20:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\regi.sys -- (regi)
DRV - [2004.05.14 11:37:10 | 000,032,896 | ---- | M] (NetGroup - Politecnico di Torino) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\npf.sys -- (NPF)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3761315706-44459061-675875969-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com?o=15161&l=dis
IE - HKU\S-1-5-21-3761315706-44459061-675875969-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fi.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-3761315706-44459061-675875969-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fi
IE - HKU\S-1-5-21-3761315706-44459061-675875969-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 59 2D 93 5E EC 6D CA 01 [binary data]
IE - HKU\S-1-5-21-3761315706-44459061-675875969-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
[color=#E56717]========== FireFox ==========[/color]
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "BS Player Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://www3.iamwired.net/websearch.php?src=tops&search="
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Torrents.to"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.fi/"
FF - prefs.js..extensions.enabledItems: {80155943-b083-a2cf-0350-54d3b1be1609}:4.6.6.4
FF - prefs.js..keyword.URL: ""
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - HKLM\software\mozilla\Firefox\Extensions\\FFToolbar@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2010\bdaphffext\ [2010.03.06 10:33:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\litmus-ff@f-secure.com: C:\Program Files\Sonera\Sonera Tietoturva\NRS\litmus-ff@f-secure.com [2010.03.06 10:23:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.03.11 10:51:52 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.03.11 10:56:18 | 000,000,000 | ---D | M]
[2009.12.23 03:15:53 | 000,000,000 | ---D | M] -- C:\Users\Sini\AppData\Roaming\mozilla\Extensions
[2009.12.23 03:15:53 | 000,000,000 | ---D | M] -- C:\Users\Sini\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org
[2010.03.11 17:24:40 | 000,000,000 | ---D | M] -- C:\Users\Sini\AppData\Roaming\mozilla\Firefox\Profiles\k20tmfqy.default\extensions
[2010.01.23 17:01:58 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Sini\AppData\Roaming\mozilla\Firefox\Profiles\k20tmfqy.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2009.12.24 14:49:06 | 000,000,000 | ---D | M] (Fasterfox) -- C:\Users\Sini\AppData\Roaming\mozilla\Firefox\Profiles\k20tmfqy.default\extensions\{c36177c0-224a-11da-8cd6-0800200c9a91}
[2010.01.23 17:01:58 | 000,000,000 | ---D | M] (FoxTab) -- C:\Users\Sini\AppData\Roaming\mozilla\Firefox\Profiles\k20tmfqy.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
[2010.01.27 23:30:56 | 000,000,000 | ---D | M] -- C:\Users\Sini\AppData\Roaming\mozilla\Firefox\Profiles\k20tmfqy.default\extensions\fsonlinescanner@f-secure.com
[2010.01.23 17:01:58 | 000,000,000 | ---D | M] -- C:\Users\Sini\AppData\Roaming\mozilla\Firefox\Profiles\k20tmfqy.default\extensions\personas@christopher.beard
[2010.03.11 17:18:44 | 000,002,257 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\Mozilla\FireFox\Profiles\k20tmfqy.default\searchplugins\askcom.xml
[2009.12.24 20:57:14 | 000,002,367 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\Mozilla\FireFox\Profiles\k20tmfqy.default\searchplugins\photobucket.xml
[2010.03.09 17:57:08 | 000,000,261 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\Mozilla\FireFox\Profiles\k20tmfqy.default\searchplugins\Search.xml
[2009.12.02 18:49:43 | 000,000,897 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\Mozilla\FireFox\Profiles\k20tmfqy.default\searchplugins\torrentsto.xml
[2010.01.22 19:04:02 | 000,001,713 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\Mozilla\FireFox\Profiles\k20tmfqy.default\searchplugins\youtube-video-search.xml
[2010.03.11 17:19:18 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.03.09 18:35:10 | 000,000,000 | ---D | M] (LoudMo Contextual Ad Assistant) -- C:\Program Files\Mozilla Firefox\extensions\{80155943-b083-a2cf-0350-54d3b1be1609}
[2010.01.16 03:19:09 | 000,002,062 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bookplus-fi.xml
[2010.01.16 03:19:09 | 000,001,069 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons-fi.xml
[2010.01.16 03:19:09 | 000,002,677 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\huuto-fi.xml
[2010.01.16 03:19:09 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fi.xml
[2010.01.16 03:19:09 | 000,000,796 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-fi.xml
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Browsing Protection Class) - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files\Sonera\Sonera Tietoturva\NRS\iescript\BaseLitmus.dll (F-Secure Corporation)
O2 - BHO: (gwprimawega) - {da9e5a55-a1a2-1b97-026f-b233372fee2e} - C:\Windows\System32\p0_aPIH.dll ()
O3 - HKLM\..\Toolbar: (Browsing Protection Toolbar) - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files\Sonera\Sonera Tietoturva\NRS\iescript\BaseLitmus.dll (F-Secure Corporation)
O3 - HKU\S-1-5-21-3761315706-44459061-675875969-1001\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [CmPCIaudio] File not found
O4 - HKLM..\Run: [F-Secure Manager] C:\Program Files\Sonera\Sonera Tietoturva\Common\FSM32.EXE (F-Secure Corporation)
O4 - HKLM..\Run: [F-Secure TNB] C:\Program Files\Sonera\Sonera Tietoturva\FSGUI\TNBUtil.exe (F-Secure Corporation)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKU\.DEFAULT..\Run: [cbssreg] C:\Windows\TEMP\nytf.tmp\svchost.exe File not found
O4 - HKU\S-1-5-18..\Run: [cbssreg] C:\Windows\TEMP\nytf.tmp\svchost.exe File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe File not found
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe File not found
O4 - HKU\S-1-5-21-3761315706-44459061-675875969-1001..\Run: [FileHippo.com] C:\Program Files\FileHippo.com\UpdateChecker.exe (FileHippo.com)
O4 - HKU\S-1-5-21-3761315706-44459061-675875969-1001..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Sini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe (Lime Wire, LLC)
O4 - Startup: C:\Users\Sini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\update.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-3761315706-44459061-675875969-1001\..Trusted Domains: corel.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-3761315706-44459061-675875969-1001\..Trusted Domains: corel.com ([www] * in Trusted sites)
O15 - HKU\S-1-5-21-3761315706-44459061-675875969-1001\..Trusted Domains: intervideo.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-3761315706-44459061-675875969-1001\..Trusted Domains: intervideo.com ([www] * in Trusted sites)
O16 - DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} http://srtest-cdn.systemrequirementslab....eqlabdetect.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstal...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstal...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstal...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/software...15111/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKU\S-1-5-21-3761315706-44459061-675875969-1001 Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-3761315706-44459061-675875969-1001 Winlogon: Shell - (C:\Users\Sini\AppData\Roaming\ufxw.exe) - C:\Users\Sini\AppData\Roaming\ufxw.exe File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\I\Shell - "" = AutoRun
O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\Autorun.exe -- File not found
O33 - MountPoints2\J\Shell - "" = AutoRun
O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\Autorun.exe -- File not found
O33 - MountPoints2\K\Shell - "" = AutoRun
O34 - HKLM BootExecute: (autocheck autochk /r \??\F:) - File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (sasnative32) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2010.03.11 17:47:34 | 000,554,496 | ---- | C] (OldTimer Tools) -- C:\Users\Sini\Desktop\OTL.exe
[2010.03.10 16:49:11 | 000,000,000 | ---D | C] -- C:\Users\Sini\Tracing
[2010.03.09 20:58:43 | 000,705,536 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\cohelper.dll
[2010.03.09 19:14:02 | 002,622,496 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkHDMI.dll
[2010.03.09 19:14:02 | 000,355,528 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32H.dll
[2010.03.09 19:14:02 | 000,183,584 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RtHDMIV.sys
[2010.03.09 19:14:02 | 000,073,928 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32H.dll
[2010.03.09 19:14:01 | 000,168,648 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32H.dll
[2010.03.09 19:14:01 | 000,062,664 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32H.dll
[2010.03.09 19:14:00 | 001,640,480 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RHDMIExt.dll
[2010.03.09 19:14:00 | 000,293,600 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RH3DHT32.dll
[2010.03.09 19:14:00 | 000,293,600 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RH3DAA32.dll
[2010.03.09 19:14:00 | 000,057,376 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RHCoInst.dll
[2010.03.09 19:14:00 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2010.03.09 19:13:52 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp
[2010.03.09 19:11:56 | 000,000,000 | ---D | C] -- C:\SMU
[2010.03.09 19:11:56 | 000,000,000 | ---D | C] -- C:\SMBUS
[2010.03.09 19:11:54 | 000,000,000 | ---D | C] -- C:\IDE
[2010.03.09 19:11:54 | 000,000,000 | ---D | C] -- C:\Ethernet
[2010.03.09 17:27:11 | 000,000,000 | ---D | C] -- C:\Users\Sini\Documents\DriverGenius
[2010.03.09 17:03:19 | 000,000,000 | ---D | C] -- C:\Program Files\Driver-Soft
[2010.03.09 07:09:41 | 003,955,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010.03.09 07:09:41 | 003,899,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010.03.08 20:27:42 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010.03.08 17:22:58 | 000,000,000 | ---D | C] -- C:\Program Files\TrendMicro
[2010.03.08 04:51:36 | 000,000,000 | ---D | C] -- C:\SDFix
[2010.03.08 04:50:41 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
[2010.03.08 04:47:05 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2010.03.07 19:54:36 | 000,000,000 | ---D | C] -- C:\Users\Sini\AppData\Local\Stay Secure
[2010.03.07 16:43:44 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[2010.03.07 16:37:07 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.03.07 16:37:06 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.03.07 16:37:06 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.03.06 10:31:35 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010.03.06 10:24:13 | 000,035,680 | ---- | C] (F-Secure Corporation) -- C:\Windows\System32\drivers\fses.sys
[2010.03.06 10:24:08 | 000,572,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcp50.dll
[2010.03.06 10:24:08 | 000,071,040 | ---- | C] (F-Secure Corporation) -- C:\Windows\System32\drivers\fsdfw.sys
[2010.03.06 09:46:08 | 000,000,000 | ---D | C] -- C:\Users\Sini\Documents\My Drivers
[2010.03.05 13:33:38 | 000,000,000 | ---D | C] -- C:\Users\Sini\Documents\Adobe Scripts
[2010.03.05 10:24:58 | 000,016,400 | ---- | C] (Logitech, Inc.) -- C:\Windows\System32\drivers\LNonPnP.sys
[2010.03.05 10:24:41 | 001,581,072 | ---- | C] (Logitech, Inc.) -- C:\Windows\System32\LkmdfCoInst.dll
[2010.03.05 10:24:41 | 000,052,240 | ---- | C] (Logitech, Inc.) -- C:\Windows\System32\LMouFiltCoInst.dll
[2010.03.05 10:24:41 | 000,037,392 | ---- | C] (Logitech, Inc.) -- C:\Windows\System32\drivers\LMouFilt.Sys
[2010.03.05 10:24:40 | 000,035,984 | ---- | C] (Logitech, Inc.) -- C:\Windows\System32\drivers\LHidFilt.Sys
[2010.03.04 15:38:01 | 000,000,000 | ---D | C] -- C:\Program Files\The Sims Resource
[2010.03.04 14:50:34 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010.03.04 14:40:01 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2010.03.03 20:00:17 | 000,274,432 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\Oemdspif.dll
[2010.03.03 20:00:17 | 000,100,352 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\drivers\AtiHdmi.sys
[2010.03.03 20:00:17 | 000,050,176 | ---- | C] (AMD) -- C:\Windows\System32\coinst.dll
[2010.03.03 20:00:17 | 000,027,136 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiuxpag.dll
[2010.03.03 20:00:16 | 000,020,480 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiu9pag.dll
[2010.03.03 20:00:15 | 000,356,352 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\atipdlxx.dll
[2010.03.03 20:00:15 | 000,159,744 | ---- | C] (AMD) -- C:\Windows\System32\atitmmxx.dll
[2010.03.03 20:00:12 | 014,147,072 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atioglxx.dll
[2010.03.03 20:00:07 | 005,313,536 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\atipmdag.sys
[2010.03.03 20:00:07 | 005,313,536 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\atikmdag.sys
[2010.03.03 20:00:07 | 000,150,016 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\drivers\atikmpag.sys
[2010.03.03 20:00:07 | 000,052,224 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atimpc32.dll
[2010.03.03 20:00:07 | 000,052,224 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\amdpcom32.dll
[2010.03.03 20:00:07 | 000,011,776 | ---- | C] (AMD) -- C:\Windows\System32\atimuixx.dll
[2010.03.03 20:00:06 | 000,446,464 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIDEMGX.dll
[2010.03.03 20:00:06 | 000,014,848 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atigktxx.dll
[2010.03.03 20:00:06 | 000,012,800 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiglpxx.dll
[2010.03.03 20:00:05 | 003,649,536 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticaldd.dll
[2010.03.03 20:00:05 | 000,426,496 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\System32\aticfx32.dll
[2010.03.03 20:00:05 | 000,143,360 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiapfxx.exe
[2010.03.03 20:00:05 | 000,053,248 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalrt.dll
[2010.03.03 20:00:05 | 000,053,248 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalcl.dll
[2010.03.03 20:00:04 | 000,053,248 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\ati2erec.dll
[2010.03.03 20:00:04 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\ati2edxx.dll
[2010.03.03 12:59:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Protexis
[2010.03.03 12:58:53 | 000,000,000 | ---D | C] -- C:\Program Files\Corel
[2010.03.03 11:22:44 | 000,000,000 | ---D | C] -- C:\KU990
[2010.03.03 11:19:08 | 000,000,000 | ---D | C] -- C:\LG_USB
[2010.03.03 11:15:35 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml4a.dll
[2010.03.03 11:15:16 | 000,000,000 | ---D | C] -- C:\ProgramData\LGMOBILEAX
[2010.03.03 10:34:51 | 000,055,824 | ---- | C] (Logitech, Inc.) -- C:\Windows\KHALMNPR.Exe
[2010.03.03 10:18:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2010.03.03 10:05:37 | 000,030,024 | ---- | C] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll
[2010.03.03 10:05:37 | 000,021,320 | ---- | C] (TuneUp Software) -- C:\Windows\System32\authuitu.dll
[2010.03.03 10:01:40 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2010.03.03 10:01:37 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2010.03.03 10:01:37 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2010.03.03 10:01:37 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2010.03.03 10:01:33 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll
[2010.03.03 10:01:33 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2010.03.03 10:01:33 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll
[2010.03.03 10:01:33 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2010.03.03 10:01:31 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2010.03.03 10:01:31 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2010.03.03 10:01:31 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2010.03.03 10:01:31 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2010.03.03 10:01:31 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2010.03.03 10:01:31 | 000,277,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2010.03.03 10:01:31 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2010.03.03 10:01:31 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2010.03.03 10:01:29 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010.02.09 23:30:57 | 000,000,000 | ---D | C] -- C:\Users\Sini\AppData\Roaming\InstallShield
[2010.02.09 23:23:07 | 000,000,000 | -H-D | C] -- C:\LG3G
[2010.02.09 23:20:23 | 000,000,000 | ---D | C] -- C:\lgupload
[2010.02.09 23:00:14 | 000,024,960 | ---- | C] (LG Electronics Inc.) -- C:\Windows\System32\drivers\lgusbmodem.sys
[2010.02.09 23:00:14 | 000,020,864 | ---- | C] (LG Electronics Inc.) -- C:\Windows\System32\drivers\lgusbdiag.sys
[2010.02.09 23:00:14 | 000,013,056 | ---- | C] (LG Electronics Inc.) -- C:\Windows\System32\drivers\lgusbbus.sys
[2010.02.09 23:00:13 | 000,000,000 | ---D | C] -- C:\Program Files\LG Electronics
[2010.02.09 22:58:49 | 000,000,000 | ---D | C] -- C:\Program Files\LG PC Suite 2
[2010.02.09 22:05:04 | 000,000,000 | ---D | C] -- C:\Windows\pss
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2010.03.11 17:51:09 | 003,670,016 | ---- | M] () -- C:\Users\Sini\ntuser.dat
[2010.03.11 17:47:34 | 000,554,496 | ---- | M] (OldTimer Tools) -- C:\Users\Sini\Desktop\OTL.exe
[2010.03.11 17:32:18 | 000,014,608 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.03.11 17:32:18 | 000,014,608 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.03.11 17:22:50 | 000,000,975 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.03.11 10:53:23 | 000,001,815 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk
[2010.03.11 10:06:52 | 000,000,574 | ---- | M] () -- C:\Windows\tasks\Scheduled scanning task.job
[2010.03.11 10:06:24 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.03.11 10:06:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.03.10 23:48:17 | 001,144,078 | -H-- | M] () -- C:\Users\Sini\AppData\Local\IconCache.db
[2010.03.10 18:33:27 | 000,000,466 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_021.cplist
[2010.03.10 18:33:24 | 000,002,516 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys
[2010.03.10 18:27:55 | 000,000,466 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_020.cplist
[2010.03.10 17:18:06 | 000,000,480 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_019.cplist
[2010.03.10 17:07:51 | 000,000,466 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_018.cplist
[2010.03.10 16:48:16 | 000,000,522 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_017.cplist
[2010.03.10 16:39:45 | 437,169,378 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010.03.10 16:16:42 | 000,021,584 | ---- | M] () -- C:\Windows\System32\drivers\atapi.sys
[2010.03.09 21:01:02 | 001,243,400 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.03.09 21:01:02 | 000,616,736 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.03.09 21:01:02 | 000,442,586 | ---- | M] () -- C:\Windows\System32\perfh00B.dat
[2010.03.09 21:01:02 | 000,107,828 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.03.09 21:01:02 | 000,083,000 | ---- | M] () -- C:\Windows\System32\perfc00B.dat
[2010.03.09 19:14:17 | 000,000,246 | ---- | M] () -- C:\Windows\Cmicnfg3.ini.cfl
[2010.03.09 19:14:17 | 000,000,168 | ---- | M] () -- C:\Windows\Cmicnfg3.ini.imi
[2010.03.09 19:14:17 | 000,000,136 | ---- | M] () -- C:\Windows\System\Dlap.pfx
[2010.03.09 19:13:35 | 000,000,107 | ---- | M] () -- C:\Windows\System\Cmicnfg3.ini
[2010.03.09 18:35:11 | 000,118,375 | ---- | M] () -- C:\Windows\System32\MSF_RIUNyS3.exe
[2010.03.09 17:58:41 | 002,760,844 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\update.exe
[2010.03.08 23:34:07 | 000,196,608 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2010.03.08 23:33:56 | 000,524,288 | -HS- | M] () -- C:\Users\Sini\ntuser.dat{d4828c67-2ac3-11df-9e1b-001966bb5e2b}.TMContainer00000000000000000002.regtrans-ms
[2010.03.08 23:33:56 | 000,524,288 | -HS- | M] () -- C:\Users\Sini\ntuser.dat{d4828c67-2ac3-11df-9e1b-001966bb5e2b}.TMContainer00000000000000000001.regtrans-ms
[2010.03.08 23:33:56 | 000,065,536 | -HS- | M] () -- C:\Users\Sini\ntuser.dat{d4828c67-2ac3-11df-9e1b-001966bb5e2b}.TM.blf
[2010.03.07 20:12:07 | 000,000,514 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_016.cplist
[2010.03.07 20:11:41 | 000,000,498 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_015.cplist
[2010.03.07 19:54:33 | 000,000,562 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_014.cplist
[2010.03.07 16:18:57 | 000,000,466 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_013.cplist
[2010.03.07 15:15:38 | 000,000,490 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_012.cplist
[2010.03.07 10:49:53 | 000,000,486 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_011.cplist
[2010.03.07 10:49:13 | 000,000,514 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_010.cplist
[2010.03.06 22:12:01 | 000,000,582 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_009.cplist
[2010.03.06 22:10:45 | 000,000,452 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_008.cplist
[2010.03.06 22:09:53 | 000,000,582 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_007.cplist
[2010.03.06 22:08:50 | 000,000,510 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_006.cplist
[2010.03.06 20:32:44 | 000,000,498 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_005.cplist
[2010.03.06 18:00:35 | 000,000,564 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_004.cplist
[2010.03.06 13:05:40 | 000,000,522 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_003.cplist
[2010.03.06 10:44:37 | 000,016,400 | ---- | M] (Logitech, Inc.) -- C:\Windows\System32\drivers\LNonPnP.sys
[2010.03.06 10:37:16 | 000,033,920 | ---- | M] () -- C:\Windows\System32\drivers\fsbts.sys
[2010.03.06 10:31:37 | 000,000,052 | ---- | M] () -- C:\Windows\System32\ashttpstats.csv
[2010.03.05 17:29:59 | 000,000,496 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_002.cplist
[2010.03.05 17:07:49 | 000,000,562 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_001.cplist
[2010.03.04 10:06:23 | 002,353,664 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\phar_unmip.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\phar_histprot.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_video.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_webproxy.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_tabloids.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_socialnetworks.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_searchengines.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_regionaltlds.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_pornography.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_onlineshop.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_onlinepay.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_onlinedating.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_news.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_im.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_illegal.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_hate.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_games.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_gambling.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_drugs.dat
[2010.03.03 12:59:57 | 000,115,248 | ---- | M] () -- C:\Users\Sini\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.03.03 12:06:44 | 000,000,025 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\bdfvconp.ini
[2010.03.03 11:15:58 | 000,002,412 | ---- | M] () -- C:\Windows\System32\lgAxconfig.ini
[2010.03.03 10:42:16 | 000,000,132 | ---- | M] () -- C:\Windows\System32\rezumatenoi.dat
[2010.03.03 10:38:08 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
[2010.03.03 10:18:28 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcp71.dll
[2010.03.03 10:18:28 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcr71.dll
[2010.03.03 09:58:58 | 000,008,284 | ---- | M] () -- C:\Windows\System32\eps_icon.avi
[2010.02.25 12:03:02 | 000,030,536 | ---- | M] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe
[2010.02.25 11:56:16 | 000,021,320 | ---- | M] (TuneUp Software) -- C:\Windows\System32\authuitu.dll
[2010.02.25 11:56:02 | 000,030,024 | ---- | M] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll
[2010.02.24 09:16:06 | 000,181,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010.02.20 17:07:24 | 000,278,984 | ---- | M] () -- C:\Windows\System32\drivers\atksgt.sys
[2010.02.20 17:06:41 | 000,025,416 | ---- | M] () -- C:\Windows\System32\drivers\lirsgt.sys
[2010.02.18 13:42:24 | 001,290,240 | ---- | M] () -- C:\Windows\System32\p0_aPIH.dll
[2010.02.11 09:10:14 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2010.03.11 17:22:50 | 000,000,975 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.03.11 10:53:23 | 000,001,815 | ---- | C] () -- C:\Users\Sini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk
[2010.03.10 18:33:27 | 000,000,466 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_021.cplist
[2010.03.10 18:27:55 | 000,000,466 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_020.cplist
[2010.03.10 17:14:46 | 000,000,480 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_019.cplist
[2010.03.10 17:07:51 | 000,000,466 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_018.cplist
[2010.03.10 16:48:16 | 000,000,522 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_017.cplist
[2010.03.09 23:08:45 | 437,169,378 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010.03.09 20:58:43 | 000,006,136 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2010.03.09 17:58:09 | 002,760,844 | ---- | C] () -- C:\Users\Sini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\update.exe
[2010.03.09 17:57:01 | 000,118,375 | ---- | C] () -- C:\Windows\System32\MSF_RIUNyS3.exe
[2010.03.08 17:34:09 | 000,524,288 | -HS- | C] () -- C:\Users\Sini\ntuser.dat{d4828c67-2ac3-11df-9e1b-001966bb5e2b}.TMContainer00000000000000000002.regtrans-ms
[2010.03.08 17:34:09 | 000,524,288 | -HS- | C] () -- C:\Users\Sini\ntuser.dat{d4828c67-2ac3-11df-9e1b-001966bb5e2b}.TMContainer00000000000000000001.regtrans-ms
[2010.03.08 17:34:09 | 000,065,536 | -HS- | C] () -- C:\Users\Sini\ntuser.dat{d4828c67-2ac3-11df-9e1b-001966bb5e2b}.TM.blf
[2010.03.07 20:12:07 | 000,000,514 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_016.cplist
[2010.03.07 20:11:41 | 000,000,498 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_015.cplist
[2010.03.07 19:54:33 | 000,000,562 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_014.cplist
[2010.03.07 15:16:36 | 000,000,466 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_013.cplist
[2010.03.07 15:15:38 | 000,000,490 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_012.cplist
[2010.03.07 10:49:53 | 000,000,486 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_011.cplist
[2010.03.07 10:49:13 | 000,000,514 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_010.cplist
[2010.03.06 22:12:01 | 000,000,582 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_009.cplist
[2010.03.06 22:10:45 | 000,000,452 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_008.cplist
[2010.03.06 22:09:53 | 000,000,582 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_007.cplist
[2010.03.06 22:08:50 | 000,000,510 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_006.cplist
[2010.03.06 20:32:44 | 000,000,498 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_005.cplist
[2010.03.06 18:00:35 | 000,000,564 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_004.cplist
[2010.03.06 13:05:40 | 000,000,522 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_003.cplist
[2010.03.06 10:40:52 | 000,000,574 | ---- | C] () -- C:\Windows\tasks\Scheduled scanning task.job
[2010.03.06 10:24:39 | 000,033,920 | ---- | C] () -- C:\Windows\System32\drivers\fsbts.sys
[2010.03.05 17:29:59 | 000,000,496 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_002.cplist
[2010.03.05 17:07:49 | 000,000,562 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_001.cplist
[2010.03.05 10:32:29 | 000,000,052 | ---- | C] () -- C:\Windows\System32\ashttpstats.csv
[2010.03.03 20:00:16 | 000,491,104 | ---- | C] () -- C:\Windows\System32\atiumdva.cap
[2010.03.03 20:00:15 | 000,001,035 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2010.03.03 20:00:08 | 000,020,274 | ---- | C] () -- C:\Windows\atiogl.xml
[2010.03.03 20:00:06 | 000,198,341 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2010.03.03 20:00:05 | 000,031,240 | ---- | C] () -- C:\Windows\System32\atiapfxx.blb
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\phar_unmip.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\phar_histprot.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_video.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_webproxy.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_tabloids.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_socialnetworks.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_searchengines.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_regionaltlds.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_pornography.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_onlineshop.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_onlinepay.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_onlinedating.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_news.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_im.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_illegal.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_hate.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_games.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_gambling.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_drugs.dat
[2010.03.03 12:06:44 | 000,000,025 | ---- | C] () -- C:\Users\Sini\AppData\Roaming\bdfvconp.ini
[2010.03.03 11:15:35 | 000,053,248 | ---- | C] () -- C:\Windows\System32\CommonDL.dll
[2010.03.03 11:15:35 | 000,002,412 | ---- | C] () -- C:\Windows\System32\lgAxconfig.ini
[2010.03.03 10:38:08 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
[2010.02.20 17:06:42 | 000,278,984 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2010.02.20 17:06:41 | 000,025,416 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2010.02.18 13:42:24 | 001,290,240 | ---- | C] () -- C:\Windows\System32\p0_aPIH.dll
[2010.01.20 21:29:05 | 000,000,008 | RHS- | C] () -- C:\ProgramData\DA2827B44C.sys
[2010.01.20 21:29:04 | 000,002,516 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010.01.03 21:04:37 | 000,722,416 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2009.12.26 18:13:11 | 000,151,552 | ---- | C] () -- C:\Windows\System32\nvRegDev.dll
[2009.12.18 20:29:26 | 000,237,568 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2009.12.18 19:47:12 | 000,026,112 | ---- | C] () -- C:\Users\Sini\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.12.03 18:49:16 | 000,007,605 | ---- | C] () -- C:\Users\Sini\AppData\Local\Resmon.ResmonCfg
[2009.12.01 19:03:03 | 000,003,733 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2009.11.26 22:38:15 | 000,008,704 | ---- | C] () -- C:\Windows\System32\CNMVS7I.DLL
[2009.11.26 17:11:39 | 000,000,246 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.cfl
[2009.11.26 17:10:57 | 000,303,104 | ---- | C] () -- C:\Windows\System32\CmiInstallResAll.dll
[2009.11.26 17:10:57 | 000,002,123 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.cfg
[2009.11.26 17:10:57 | 000,000,168 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.imi
[2009.11.26 17:10:56 | 000,002,754 | ---- | C] () -- C:\Windows\cmudax3.ini
[2009.11.25 22:39:58 | 000,000,266 | ---- | C] () -- C:\Windows\lgfwup.ini
[2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.07.14 01:11:15 | 000,021,584 | ---- | C] () -- C:\Windows\System32\drivers\atapi.sys
[2009.06.19 20:06:22 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2006.10.11 05:33:58 | 000,010,288 | ---- | C] () -- C:\Windows\System32\drivers\ASUSHWIO.SYS
[2005.02.25 06:15:00 | 000,159,744 | ---- | C] () -- C:\Windows\System32\EPSPTDV.DLL
[2004.01.15 07:01:26 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll
< End of report >
OTL Extras logfile created on: 11.3.2010 17:49:46 - Run 1
OTL by OldTimer - Version 3.1.36.1 Folder = C:\Users\Sini\Desktop
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 0000040b | Country: Suomi | Language: FIN | Date Format: d.M.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 68,00% Memory free
7,00 Gb Paging File | 6,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 931,51 Gb Total Space | 732,06 Gb Free Space | 78,59% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: SINI-PC
Current User Name: Sini
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
[color=#E56717]========== File Associations ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-3761315706-44459061-675875969-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[color=#E56717]========== Shell Spawning ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[color=#E56717]========== Security Center Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[color=#E56717]========== Authorized Applications List ==========[/color]
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{022F6097-A053-4B1B-BE50-3AADE4116B92}" = Opera 10.50
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0BB72566-0D4C-7200-2CE7-02F298B49C88}" = CCC Help English
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{110AD51E-D0E0-49B1-52FD-291373BA62EA}" = Catalyst Control Center Graphics Full New
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{1B2DBF55-05D4-4072-87D8-689141E262BD}" = Creative ZEN
"{1E99F5D7-4262-4C7C-9135-F066E7485811}" = System Requirements Lab
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20071984-5EB1-4881-8EDB-082532ACEC6D}" = Heroes of Might and Magic V
"{20140000-000F-0000-0000-0000000FF1CE}" = Microsoft Office Mondo 2010 (Beta)
"{20140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010 (Beta)
"{20140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010 (Beta)
"{20140000-0017-0409-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (English) 2010 (Beta)
"{20140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010 (Beta)
"{20140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010 (Beta)
"{20140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010 (Beta)
"{20140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010 (Beta)
"{20140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 (Beta)
"{20140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 (Beta)
"{20140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010 (Beta)
"{20140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010 (Beta)
"{20140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010 (Beta)
"{20140000-0054-0409-0000-0000000FF1CE}" = Microsoft Office Visio MUI (English) 2010 (Beta)
"{20140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010 (Beta)
"{20140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010 (Beta)
"{20140000-00B4-0409-0000-0000000FF1CE}" = Microsoft Office Project MUI (English) 2010 (Beta)
"{20140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010 (Beta)
"{20140000-0102-0409-0000-0000000FF1CE}" = Microsoft Office MondoOnly MUI (English) 2010 (Beta)
"{20140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010 (Beta)
"{20140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010 (Beta)
"{20140000-011A-0000-0000-0000000FF1CE}" = Microsoft Office Send-a-Smile
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Liven lataustyökalu
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{23F79416-CAD1-41BF-99A3-040F6C814AAA}" = NVIDIA Photoshop Plug-ins
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{31557F4F-7D10-D32E-4B70-237A09FCC31B}" = Catalyst Control Center Graphics Previews Common
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3C175604-F026-5D79-BBD8-F626AE10B3EF}" = Catalyst Control Center Graphics Full Existing
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Autodesk Backburner 2008.1
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{4442AB48-DEC4-4B39-B067-1F75BF8017E7}" = Creative Centrale
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{513148E7-B7A1-48B2-B518-668701E546F5}" = LightScribe System Software 1.14.19.1
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{5C1F18D2-F6B7-4242-B803-B5A78648185D}" = Corel WinDVD 2010
"{5DB65884-C963-4454-AABA-4CA3089281FA}" = NVIDIA PhysX
"{6179550A-3E7C-499E-BCC9-9E8113E0A285}" = LG Tool Kit
"{62C2067E-5851-BD4C-98E0-5C4D5E155A5B}" = Catalyst Control Center Core Implementation
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{72736F5F-520D-472A-88CC-7B02872FD34E}" = ATI Catalyst Registration
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{85EB1E72-4FAA-40E4-A511-DF3A9A0A4CA8}" = Windows Live Messenger
"{86604C06-DA30-425E-AECE-47304FE81C45}" = Creative Software Update
"{87BB78C4-F36D-4D93-A7C7-F80F18219848}" = AMD DnD V1.0.19
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{993960EE-CA4D-443F-8F88-E24260DD5FD2}" = LG PC Suite
"{998152E5-B605-4BBB-9853-E749AEE02B21}" = Windows Liven kirjautumisavustaja
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C87F6BB-75E4-4F35-8353-F5E295264E98}" = Windows Live Call
"{9D669429-A2E4-4793-B7A0-283D259F39AF}" = Adobe Photoshop Lightroom 2.5
"{9E1BAB75-EB78-440D-94C0-A3857BE2E733}" = System Requirements Lab
"{A292C05C-840A-9D47-5350-EF39ECC7629E}" = Catalyst Control Center HydraVision Full
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A666A477-4C02-415E-9F31-3541FC0CD6B5}" = SipdxDLL
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{AA2BCB44-B44F-445A-A80C-E6C50218940C}" = Windows Liven asennustyökalu
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.1
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AD17676C-5065-E427-130B-21CE713F93E7}" = Catalyst Control Center Graphics Light
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B970700B-E49F-ECEF-4ADB-0F3E1AFEDE91}" = ccc-core-static
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BC1FFF14-C10D-7087-C43A-4A8ECC9C98C4}" = ATI Catalyst Install Manager
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims? 3
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem Driver
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CF23AFD7-3078-4134-8823-EBF6D1FE6FAD}" = Canon MP450
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{D5395E5F-4D45-4665-8F00-234FA33678AF}" = SlimDX Redistributable (March 2009)
"{DA6FAB8D-E87A-4E8E-A3D3-B7B9F479C725}" = forteManager
"{E2E7A0E8-77C4-495F-8FA3-63DAEDAA2DB3}" = F-Secure PSC Prerequisites
"{E2F29FCA-126F-48DF-A9B5-BEBE8F0F1610}" = CreativeSetup
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{E542E630-8BB7-4C28-B8EB-0BAD2B201C65}" = Audio Track Editor
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F439D7AF-03F3-4F8E-AEC4-571BFE977C61}" = iTunes
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{F9726DDC-D7B5-BF1F-5626-EA467FEEBC52}" = ccc-utility
"{F9F13FEA-D51E-A1C3-4EDC-D04A91B62C93}" = Catalyst Control Center Graphics Previews Vista
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FE3997D3-6B56-4AC4-A99C-9DDFC45359BF}" = TuneUp Utilities Language Pack (en-US)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"ADSL Router Utility" = ADSL Router Utility
"Akamai" = Akamai NetSession Interface
"CCleaner" = CCleaner
"C-Media PCI Audio Driver" = C-Media PCI Audio Device
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Creative Centrale" = Creative Centrale
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Defraggler" = Defraggler
"Driver Genius Professional Edition_is1" = Driver Genius Professional Edition
"EADM" = EA Download Manager
"FileHippo.com" = FileHippo.com Update Checker
"F-Secure Product 444" = Sonera Tietoturva
"HijackThis" = HijackThis 2.0.2
"InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"LastFM_is1" = Last.fm 1.5.4.24567
"LimeWire" = LimeWire 5.5.5
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.6)" = Mozilla Firefox (3.6)
"MSF_RIUNyS3" = LoudMo Contextual Ad Assistant
"NVIDIA Drivers" = NVIDIA Drivers
"Office14.MONDO" = Microsoft Office Mondo 2010
"PowerISO" = PowerISO
"Sonera Internet Avustaja_is1" = Sonera Internet Avustaja
"Spotify" = Spotify
"SysInfo" = Creative System Information
"TS3 Install Helper Monkey" = TS3 Install Helper Monkey
"TuneUp Utilities" = TuneUp Utilities
"Uninstall_is1" = Uninstall 1.0.0.1
"uTorrent" = µTorrent
"WinLiveSuite_Wave3" = Windows Liven asennustyökalu
"WinPcapInst" = WinPcap 3.1 beta3
"WinRAR archiver" = WinRAR archiver
"VLC media player" = VLC media player 1.0.3
[color=#E56717]========== Last 10 Event Log Errors ==========[/color]
[ Application Events ]
Error - 10.3.2010 10:40:05 | Computer Name = Sini-PC | Source = FSecure-FSecure-F-Secure DeepGuard | ID = 103
Description = 1 2010-03-10 16:40:05+03:00 SINI-PC SYSTEM F-Secure DeepGuard
DeepGuard configuration was rejected. Old configuration will be used if possible.
Error code: DAAS reject
Error - 10.3.2010 10:52:02 | Computer Name = Sini-PC | Source = FSecure-FSecure-F-Secure DeepGuard | ID = 103
Description = 1 2010-03-10 16:52:02+03:00 SINI-PC SYSTEM F-Secure DeepGuard
DeepGuard configuration was rejected. Old configuration will be used if possible.
Error code: DAAS reject
Error - 10.3.2010 14:39:39 | Computer Name = Sini-PC | Source = Application Error | ID = 1000
Description = Viallisen sovelluksen nimi: IEXPLORE.EXE, versio: 8.0.7600.16385,
aikaleima: 0x4a5bc69e Viallisen moduulin nimi: ntdll.dll, versio: 6.1.7600.16385,
aikaleima: 0x4a5bdadb Poikkeuskoodi: 0xc0000005 Virhepoikkeama: 0x00046b90 Viallisen
prosessin tunnus: 0xee8 Viallisen sovelluksen käynnistysaika: 0x01cac080c4a06724
Viallisen
sovelluksen polku: C:\Program Files\Internet Explorer\IEXPLORE.EXE Viallisen moduulin
polku: C:\Windows\SYSTEM32\ntdll.dll Raportin tunnus: 4873d423-2c74-11df-a210-001966bb5e2b
Error - 10.3.2010 15:02:09 | Computer Name = Sini-PC | Source = Application Error | ID = 1000
Description = Viallisen sovelluksen nimi: iexplore.exe, versio: 8.0.7600.16385,
aikaleima: 0x4a5bc69e Viallisen moduulin nimi: ntdll.dll, versio: 6.1.7600.16385,
aikaleima: 0x4a5bdadb Poikkeuskoodi: 0xc0000005 Virhepoikkeama: 0x00046b90 Viallisen
prosessin tunnus: 0xdd0 Viallisen sovelluksen käynnistysaika: 0x01cac0841fbdf149
Viallisen
sovelluksen polku: C:\Program Files\Internet Explorer\iexplore.exe Viallisen moduulin
polku: C:\Windows\SYSTEM32\ntdll.dll Raportin tunnus: 6cfac2e4-2c77-11df-a210-001966bb5e2b
Error - 10.3.2010 15:20:08 | Computer Name = Sini-PC | Source = Application Error | ID = 1000
Description = Viallisen sovelluksen nimi: iexplore.exe, versio: 8.0.7600.16385,
aikaleima: 0x4a5bc69e Viallisen moduulin nimi: ntdll.dll, versio: 6.1.7600.16385,
aikaleima: 0x4a5bdadb Poikkeuskoodi: 0xc0000005 Virhepoikkeama: 0x00046b90 Viallisen
prosessin tunnus: 0xecc Viallisen sovelluksen käynnistysaika: 0x01cac0869d47617f
Viallisen
sovelluksen polku: C:\Program Files\Internet Explorer\iexplore.exe Viallisen moduulin
polku: C:\Windows\SYSTEM32\ntdll.dll Raportin tunnus: f03d4823-2c79-11df-a210-001966bb5e2b
Error - 10.3.2010 16:04:02 | Computer Name = Sini-PC | Source = Application Error | ID = 1000
Description = Viallisen sovelluksen nimi: iexplore.exe, versio: 8.0.7600.16385,
aikaleima: 0x4a5bc69e Viallisen moduulin nimi: ntdll.dll, versio: 6.1.7600.16385,
aikaleima: 0x4a5bdadb Poikkeuskoodi: 0xc0000005 Virhepoikkeama: 0x00046b90 Viallisen
prosessin tunnus: 0x1214 Viallisen sovelluksen käynnistysaika: 0x01cac08cbde8fc58
Viallisen
sovelluksen polku: C:\Program Files\Internet Explorer\iexplore.exe Viallisen moduulin
polku: C:\Windows\SYSTEM32\ntdll.dll Raportin tunnus: 11dd8c29-2c80-11df-a210-001966bb5e2b
Error - 11.3.2010 4:06:42 | Computer Name = Sini-PC | Source = FSecure-FSecure-F-Secure DeepGuard | ID = 103
Description = 1 2010-03-11 10:06:42+03:00 SINI-PC SYSTEM F-Secure DeepGuard
DeepGuard configuration was rejected. Old configuration will be used if possible.
Error code: DAAS reject
Error - 11.3.2010 5:16:36 | Computer Name = Sini-PC | Source = SideBySide | ID = 16842815
Description = Aktivointikontekstin luonti epäonnistui (c:\Program Files\Common Files\Adobe
AIR\Versions\1.0\Adobe AIR.dll). Virhe luettelo- tai käytäntötiedoston c:\Program
Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll rivillä 3. Määritteen version
arvo (MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR) ei kelpaa
elementissä assemblyIdentity.
Error - 11.3.2010 11:24:57 | Computer Name = Sini-PC | Source = FSecure-FSecure-F-Secure Anti-Virus | ID = 103
Description = 2 2010-03-11 17:24:56+03:00 SINI-PC Sini-PC\Sini F-Secure Anti-Virus
Malicious code found in file C:\Windows\System32\sshnas21.dll. Infection: Trojan.Generic.3313565
Error - 11.3.2010 11:46:26 | Computer Name = Sini-PC | Source = Application Error | ID = 1000
Description = Viallisen sovelluksen nimi: mbam.exe, versio: 1.44.0.0, aikaleima:
0x4b46461a Viallisen moduulin nimi: ntdll.dll, versio: 6.1.7600.16385, aikaleima:
0x4a5bdadb Poikkeuskoodi: 0xc0000005 Virhepoikkeama: 0x0005c74a Viallisen prosessin
tunnus: 0x6a0 Viallisen sovelluksen käynnistysaika: 0x01cac12ecd93b5f4 Viallisen
sovelluksen polku: C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe Viallisen
moduulin polku: C:\Windows\SYSTEM32\ntdll.dll Raportin tunnus: 3fd4557a-2d25-11df-99ba-001966bb5e2b
[ Media Center Events ]
Error - 19.2.2010 7:06:41 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
Description = 13:06:39 - Virhe muodostettaessa Internet-yhteyttä. 13:06:40 -
Yhteyden muodostaminen palvelimeen ei onnistu..
Error - 19.2.2010 7:11:14 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
Description = 13:07:14 - Virhe muodostettaessa Internet-yhteyttä. 13:07:14 -
Yhteyden muodostaminen palvelimeen ei onnistu..
Error - 20.2.2010 10:48:31 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
Description = 16:48:31 - Virhe muodostettaessa Internet-yhteyttä. 16:48:31 -
Yhteyden muodostaminen palvelimeen ei onnistu..
Error - 20.2.2010 10:49:04 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
Description = 16:49:01 - Virhe muodostettaessa Internet-yhteyttä. 16:49:01 -
Yhteyden muodostaminen palvelimeen ei onnistu..
Error - 21.2.2010 11:00:55 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
Description = 17:00:55 - Virhe muodostettaessa Internet-yhteyttä. 17:00:55 -
Yhteyden muodostaminen palvelimeen ei onnistu..
Error - 21.2.2010 11:01:04 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
Description = 17:01:00 - Virhe muodostettaessa Internet-yhteyttä. 17:01:00 -
Yhteyden muodostaminen palvelimeen ei onnistu..
Error - 23.2.2010 1:22:28 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
Description = 7:22:28 - Virhe muodostettaessa Internet-yhteyttä. 7:22:28 - Yhteyden
muodostaminen palvelimeen ei onnistu..
Error - 23.2.2010 1:22:38 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
Description = 7:22:33 - Virhe muodostettaessa Internet-yhteyttä. 7:22:33 - Yhteyden
muodostaminen palvelimeen ei onnistu..
Error - 2.3.2010 5:43:49 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
Description = 11:43:49 - Virhe muodostettaessa Internet-yhteyttä. 11:43:49 -
Yhteyden muodostaminen palvelimeen ei onnistu..
Error - 2.3.2010 5:43:58 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
Description = 11:43:55 - Virhe muodostettaessa Internet-yhteyttä. 11:43:55 -
Yhteyden muodostaminen palvelimeen ei onnistu..
[ System Events ]
Error - 16.1.2010 10:26:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7031
Description = Palvelu Käyttäjäprofiilipalvelu on päättynyt odottamatta. Tämä on
tapahtunut 1 kertaa. 120000 millisekunnin kuluttua suoritetaan seuraava korjaustoimi:
Käynnistä palvelu uudelleen.
Error - 16.1.2010 10:26:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7031
Description = Palvelu Tehtävien ajoitus on päättynyt odottamatta. Tämä on tapahtunut
1 kertaa. 60000 millisekunnin kuluttua suoritetaan seuraava korjaustoimi: Käynnistä
palvelu uudelleen.
Error - 16.1.2010 10:26:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7031
Description = Palvelu Järjestelmätapahtumien ilmoituspalvelu on päättynyt odottamatta.
Tämä on tapahtunut 1 kertaa. 120000 millisekunnin kuluttua suoritetaan seuraava
korjaustoimi: Käynnistä palvelu uudelleen.
Error - 16.1.2010 10:26:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7031
Description = Palvelu Käyttöliittymän laitteistotunnistus on päättynyt odottamatta.
Tämä on tapahtunut 1 kertaa. 60000 millisekunnin kuluttua suoritetaan seuraava
korjaustoimi: Käynnistä palvelu uudelleen.
Error - 16.1.2010 10:26:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7031
Description = Palvelu Teemat on päättynyt odottamatta. Tämä on tapahtunut 1 kertaa.
60000 millisekunnin kuluttua suoritetaan seuraava korjaustoimi: Käynnistä palvelu
uudelleen.
Error - 16.1.2010 10:26:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7031
Description = Palvelu WMI-palvelu (Windows Management Instrumentation) on päättynyt
odottamatta. Tämä on tapahtunut 1 kertaa. 120000 millisekunnin kuluttua suoritetaan
seuraava korjaustoimi: Käynnistä palvelu uudelleen.
Error - 16.1.2010 10:26:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7031
Description = Palvelu Windows Update on päättynyt odottamatta. Tämä on tapahtunut
1 kertaa. 60000 millisekunnin kuluttua suoritetaan seuraava korjaustoimi: Käynnistä
palvelu uudelleen.
Error - 16.1.2010 10:27:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7032
Description = Palvelujen ohjauksen hallinta yritti suorittaa korjaustoimia (Käynnistä
palvelu uudelleen) palvelun Palvelin odottamattoman lopettamisen jälkeen. Yritys
epäonnistui ja tapahtui virhe: %%1056
Error - 16.1.2010 10:28:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7032
Description = Palvelujen ohjauksen hallinta yritti suorittaa korjaustoimia (Käynnistä
palvelu uudelleen) palvelun Tietokoneiden selaus odottamattoman lopettamisen jälkeen.
Yritys epäonnistui ja tapahtui virhe: %%1056
Error - 16.1.2010 10:28:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7032
Description = Palvelujen ohjauksen hallinta yritti suorittaa korjaustoimia (Käynnistä
palvelu uudelleen) palvelun WMI-palvelu (Windows Management Instrumentation) odottamattoman
lopettamisen jälkeen. Yritys epäonnistui ja tapahtui virhe: %%1056
< End of report >
|
Member
1 tuotearvio
|
11. maaliskuuta 2010 @ 18:40 |
Linkki tähän viestiin
|
OTL logfile created on: 11.3.2010 17:49:46 - Run 1
OTL by OldTimer - Version 3.1.36.1 Folder = C:\Users\Sini\Desktop
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 0000040b | Country: Suomi | Language: FIN | Date Format: d.M.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 68,00% Memory free
7,00 Gb Paging File | 6,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 931,51 Gb Total Space | 732,06 Gb Free Space | 78,59% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: SINI-PC
Current User Name: Sini
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - [2010.03.11 17:47:34 | 000,554,496 | ---- | M] (OldTimer Tools) -- C:\Users\Sini\Desktop\OTL.exe
PRC - [2010.03.06 10:36:53 | 000,356,960 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\fsav32.exe
PRC - [2010.03.06 10:36:07 | 000,619,616 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\fssm32.exe
PRC - [2010.03.06 10:36:06 | 000,480,352 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\fsgk32.exe
PRC - [2010.03.06 10:28:03 | 000,055,992 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\ORSP Client\fsorsp.exe
PRC - [2010.02.25 12:02:02 | 000,716,616 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
PRC - [2010.02.25 11:59:54 | 001,047,880 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
PRC - [2010.02.02 20:17:28 | 000,372,736 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2010.02.02 20:16:58 | 000,172,032 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.08.10 15:59:50 | 000,178,720 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
PRC - [2009.08.10 15:59:48 | 000,387,616 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
PRC - [2009.08.05 17:58:52 | 000,186,976 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\Common\FSMA32.EXE
PRC - [2009.08.05 17:58:50 | 000,199,264 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\Common\FSM32.EXE
PRC - [2009.08.05 17:58:50 | 000,088,672 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\Common\FSHDLL32.EXE
PRC - [2009.08.05 17:57:20 | 000,522,848 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\FWES\program\fsdfwd.exe
PRC - [2009.08.05 17:56:10 | 000,215,648 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\fsgk32st.exe
PRC - [2009.07.14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009.07.14 03:14:24 | 000,157,184 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Windows Defender\MpCmdRun.exe
PRC - [2008.10.16 10:04:42 | 000,202,016 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Sonera\InternetAvustaja\bin\sprtsvc.exe
PRC - [2007.07.24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
[color=#E56717]========== Modules (SafeList) ==========[/color]
MOD - [2010.03.11 17:47:34 | 000,554,496 | ---- | M] (OldTimer Tools) -- C:\Users\Sini\Desktop\OTL.exe
MOD - [2009.07.14 03:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll
MOD - [2009.07.14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll
MOD - [2009.07.14 03:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll
MOD - [2009.07.14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll
MOD - [2009.07.14 03:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll
MOD - [2009.07.14 03:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll
MOD - [2009.07.14 03:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
MOD - [2009.07.14 03:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll
MOD - [2009.07.14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll
MOD - [2009.07.14 03:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll
MOD - [2009.07.14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
SRV - [2010.03.06 10:28:03 | 000,055,992 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files\Sonera\Sonera Tietoturva\ORSP Client\fsorsp.exe -- (FSORSPClient)
SRV - [2010.03.05 16:33:51 | 002,462,256 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\rswin_3648.dll -- (Akamai)
SRV - [2010.03.03 10:05:31 | 000,435,016 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2010.02.25 11:59:54 | 001,047,880 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2010.02.25 11:56:02 | 000,030,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2010.02.02 20:16:58 | 000,172,032 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009.08.21 15:47:14 | 030,510,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2009.08.21 15:36:08 | 004,639,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009.08.10 15:59:50 | 000,178,720 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp)
SRV - [2009.08.10 15:59:48 | 000,387,616 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM)
SRV - [2009.08.05 17:58:52 | 000,186,976 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files\Sonera\Sonera Tietoturva\Common\FSMA32.EXE -- (FSMA)
SRV - [2009.08.05 17:57:20 | 000,522,848 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files\Sonera\Sonera Tietoturva\FWES\Program\fsdfwd.exe -- (FSDFWD)
SRV - [2009.08.05 17:56:10 | 000,215,648 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\fsgk32st.exe -- (F-Secure Gatekeeper Handler Starter)
SRV - [2009.07.14 03:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)
SRV - [2009.07.14 03:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
SRV - [2009.07.14 03:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power)
SRV - [2009.07.14 03:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2009.07.14 03:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)
SRV - [2009.07.14 03:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)
SRV - [2009.07.14 03:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
SRV - [2009.07.14 03:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
SRV - [2009.07.14 03:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.07.14 03:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
SRV - [2009.07.14 03:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009.07.14 03:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2009.07.14 03:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc)
SRV - [2009.07.14 03:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC)
SRV - [2009.07.14 03:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) ActiveX-asennusohjelma (AxInstSV)
SRV - [2009.07.14 03:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)
SRV - [2009.07.14 03:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc)
SRV - [2008.10.16 10:04:42 | 000,202,016 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Sonera\InternetAvustaja\bin\sprtsvc.exe -- (sprtsvc_sonera) SupportSoft Sprocket Service (sonera)
SRV - [2008.10.16 10:02:58 | 000,382,320 | ---- | M] (SupportSoft, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\supportsoft\bin\ssrc.exe -- (SupportSoft RemoteAssist)
SRV - [2008.05.21 13:42:56 | 000,064,000 | ---- | M] (Creative Technology Ltd) [Disabled | Stopped] -- C:\Program Files\Creative\Creative Centrale\CTUPnPSv.exe -- (CTUPnPSv)
SRV - [2007.12.13 16:29:59 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2007.07.24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2007.04.02 08:15:40 | 000,061,440 | ---- | M] (Creative Technology Ltd) [Disabled | Stopped] -- C:\Program Files\Creative\Shared Files\CTDevSrv.exe -- (CTDevice_Srv)
SRV - [2004.05.14 13:02:46 | 000,086,016 | ---- | M] (NetGroup - Politecnico di Torino) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV - [2010.03.10 16:16:42 | 000,021,584 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\atapi.sys -- (atapi)
DRV - [2010.03.06 10:37:16 | 000,033,920 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\Drivers\fsbts.sys -- (fsbts)
DRV - [2010.03.06 10:36:46 | 000,107,104 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\minifilter\fsgk.sys -- (F-Secure Gatekeeper)
DRV - [2010.02.20 17:07:24 | 000,278,984 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2010.02.20 17:06:41 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2010.02.02 20:54:34 | 005,313,536 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2010.02.02 20:54:34 | 005,313,536 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atipmdag.sys -- (amdkmdag)
DRV - [2010.02.02 19:23:42 | 000,150,016 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2010.01.28 15:33:30 | 000,100,352 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2010.01.27 11:04:00 | 000,183,584 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService)
DRV - [2010.01.21 01:59:58 | 000,020,864 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2010.01.21 01:59:56 | 000,024,960 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2010.01.21 01:59:56 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2010.01.07 16:07:14 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2010.01.03 21:04:37 | 000,722,416 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.12.19 02:31:32 | 000,073,312 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\adfs.sys -- (adfs)
DRV - [2009.12.01 11:11:28 | 001,872,192 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\cmudax3.sys -- (cmuda3)
DRV - [2009.11.10 14:55:08 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2009.11.10 14:54:52 | 000,035,984 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2009.11.09 05:21:18 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2009.10.14 07:24:44 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2009.08.05 17:58:30 | 000,068,064 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys -- (F-Secure HIPS)
DRV - [2009.08.05 17:57:20 | 000,071,040 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\fsdfw.sys -- (FSFW)
DRV - [2009.08.05 17:57:12 | 000,035,680 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\fses.sys -- (FSES)
DRV - [2009.08.05 17:56:14 | 000,039,776 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\win2k\fsfilter.sys -- (F-Secure Filter)
DRV - [2009.08.05 17:56:14 | 000,025,184 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\win2k\fsrec.sys -- (F-Secure Recognizer)
DRV - [2009.08.05 17:56:12 | 000,012,384 | ---- | M] () [Kernel | System | Running] -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\minifilter\fsvista.sys -- (fsvista)
DRV - [2009.07.30 17:12:54 | 000,287,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmf6232.sys -- (NVNET)
DRV - [2009.07.14 03:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide)
DRV - [2009.07.14 03:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci)
DRV - [2009.07.14 03:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)
DRV - [2009.07.14 03:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)
DRV - [2009.07.14 03:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320)
DRV - [2009.07.14 03:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas)
DRV - [2009.07.14 03:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata)
DRV - [2009.07.14 03:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc)
DRV - [2009.07.14 03:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata)
DRV - [2009.07.14 03:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide)
DRV - [2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor)
DRV - [2009.07.14 03:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid)
DRV - [2009.07.14 03:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)
DRV - [2009.07.14 03:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)
DRV - [2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV)
DRV - [2009.07.14 03:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)
DRV - [2009.07.14 03:20:36 | 000,133,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg)
DRV - [2009.07.14 03:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2009.07.14 03:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)
DRV - [2009.07.14 03:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)
DRV - [2009.07.14 03:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp)
DRV - [2009.07.14 03:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas)
DRV - [2009.07.14 03:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)
DRV - [2009.07.14 03:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor)
DRV - [2009.07.14 03:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx)
DRV - [2009.07.14 03:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD)
DRV - [2009.07.14 03:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)
DRV - [2009.07.14 03:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)
DRV - [2009.07.14 03:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp)
DRV - [2009.07.14 03:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount)
DRV - [2009.07.14 03:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide)
DRV - [2009.07.14 03:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300)
DRV - [2009.07.14 03:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)
DRV - [2009.07.14 03:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)
DRV - [2009.07.14 03:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)
DRV - [2009.07.14 03:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw)
DRV - [2009.07.14 03:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)
DRV - [2009.07.14 03:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor)
DRV - [2009.07.14 03:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG)
DRV - [2009.07.14 02:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2009.07.14 02:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\rdpbus.sys -- (rdpbus)
DRV - [2009.07.14 02:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV - [2009.07.14 01:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV - [2009.07.14 01:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)
DRV - [2009.07.14 01:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)
DRV - [2009.07.14 01:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)
DRV - [2009.07.14 01:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\1394ohci.sys -- (1394ohci)
DRV - [2009.07.14 01:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass)
DRV - [2009.07.14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009.07.14 01:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV - [2009.07.14 01:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)
DRV - [2009.07.14 01:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus)
DRV - [2009.07.14 01:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID)
DRV - [2009.07.14 01:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter)
DRV - [2009.07.14 01:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache)
DRV - [2009.07.14 01:19:21 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HidBatt.sys -- (HidBatt)
DRV - [2009.07.14 01:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi)
DRV - [2009.07.14 01:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdppm.sys -- (AmdPPM)
DRV - [2009.07.14 00:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.14 00:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV - [2009.07.14 00:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer)
DRV - [2009.07.14 00:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm)
DRV - [2009.07.14 00:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo)
DRV - [2009.07.14 00:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp)
DRV - [2009.07.14 00:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
DRV - [2009.07.14 00:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2009.07.14 00:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv)
DRV - [2009.07.14 00:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv)
DRV - [2009.06.29 00:36:36 | 000,017,920 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2008.12.12 15:27:46 | 000,018,432 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\LG Soft India\forteManager\bin\PII2CDriver.sys -- (LGII2CDevice)
DRV - [2008.12.12 15:27:46 | 000,014,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\LG Soft India\forteManager\bin\I2CDriver.sys -- (LGDDCDevice)
DRV - [2008.01.19 05:55:22 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\irsir.sys -- (irsir)
DRV - [2007.04.17 20:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\regi.sys -- (regi)
DRV - [2004.05.14 11:37:10 | 000,032,896 | ---- | M] (NetGroup - Politecnico di Torino) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\npf.sys -- (NPF)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3761315706-44459061-675875969-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com?o=15161&l=dis
IE - HKU\S-1-5-21-3761315706-44459061-675875969-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fi.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-3761315706-44459061-675875969-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fi
IE - HKU\S-1-5-21-3761315706-44459061-675875969-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 59 2D 93 5E EC 6D CA 01 [binary data]
IE - HKU\S-1-5-21-3761315706-44459061-675875969-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
[color=#E56717]========== FireFox ==========[/color]
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "BS Player Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://www3.iamwired.net/websearch.php?src=tops&search="
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Torrents.to"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.fi/"
FF - prefs.js..extensions.enabledItems: {80155943-b083-a2cf-0350-54d3b1be1609}:4.6.6.4
FF - prefs.js..keyword.URL: ""
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - HKLM\software\mozilla\Firefox\Extensions\\FFToolbar@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2010\bdaphffext\ [2010.03.06 10:33:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\litmus-ff@f-secure.com: C:\Program Files\Sonera\Sonera Tietoturva\NRS\litmus-ff@f-secure.com [2010.03.06 10:23:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.03.11 10:51:52 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.03.11 10:56:18 | 000,000,000 | ---D | M]
[2009.12.23 03:15:53 | 000,000,000 | ---D | M] -- C:\Users\Sini\AppData\Roaming\mozilla\Extensions
[2009.12.23 03:15:53 | 000,000,000 | ---D | M] -- C:\Users\Sini\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org
[2010.03.11 17:24:40 | 000,000,000 | ---D | M] -- C:\Users\Sini\AppData\Roaming\mozilla\Firefox\Profiles\k20tmfqy.default\extensions
[2010.01.23 17:01:58 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Sini\AppData\Roaming\mozilla\Firefox\Profiles\k20tmfqy.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2009.12.24 14:49:06 | 000,000,000 | ---D | M] (Fasterfox) -- C:\Users\Sini\AppData\Roaming\mozilla\Firefox\Profiles\k20tmfqy.default\extensions\{c36177c0-224a-11da-8cd6-0800200c9a91}
[2010.01.23 17:01:58 | 000,000,000 | ---D | M] (FoxTab) -- C:\Users\Sini\AppData\Roaming\mozilla\Firefox\Profiles\k20tmfqy.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
[2010.01.27 23:30:56 | 000,000,000 | ---D | M] -- C:\Users\Sini\AppData\Roaming\mozilla\Firefox\Profiles\k20tmfqy.default\extensions\fsonlinescanner@f-secure.com
[2010.01.23 17:01:58 | 000,000,000 | ---D | M] -- C:\Users\Sini\AppData\Roaming\mozilla\Firefox\Profiles\k20tmfqy.default\extensions\personas@christopher.beard
[2010.03.11 17:18:44 | 000,002,257 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\Mozilla\FireFox\Profiles\k20tmfqy.default\searchplugins\askcom.xml
[2009.12.24 20:57:14 | 000,002,367 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\Mozilla\FireFox\Profiles\k20tmfqy.default\searchplugins\photobucket.xml
[2010.03.09 17:57:08 | 000,000,261 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\Mozilla\FireFox\Profiles\k20tmfqy.default\searchplugins\Search.xml
[2009.12.02 18:49:43 | 000,000,897 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\Mozilla\FireFox\Profiles\k20tmfqy.default\searchplugins\torrentsto.xml
[2010.01.22 19:04:02 | 000,001,713 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\Mozilla\FireFox\Profiles\k20tmfqy.default\searchplugins\youtube-video-search.xml
[2010.03.11 17:19:18 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.03.09 18:35:10 | 000,000,000 | ---D | M] (LoudMo Contextual Ad Assistant) -- C:\Program Files\Mozilla Firefox\extensions\{80155943-b083-a2cf-0350-54d3b1be1609}
[2010.01.16 03:19:09 | 000,002,062 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bookplus-fi.xml
[2010.01.16 03:19:09 | 000,001,069 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons-fi.xml
[2010.01.16 03:19:09 | 000,002,677 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\huuto-fi.xml
[2010.01.16 03:19:09 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fi.xml
[2010.01.16 03:19:09 | 000,000,796 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-fi.xml
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Browsing Protection Class) - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files\Sonera\Sonera Tietoturva\NRS\iescript\BaseLitmus.dll (F-Secure Corporation)
O2 - BHO: (gwprimawega) - {da9e5a55-a1a2-1b97-026f-b233372fee2e} - C:\Windows\System32\p0_aPIH.dll ()
O3 - HKLM\..\Toolbar: (Browsing Protection Toolbar) - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files\Sonera\Sonera Tietoturva\NRS\iescript\BaseLitmus.dll (F-Secure Corporation)
O3 - HKU\S-1-5-21-3761315706-44459061-675875969-1001\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [CmPCIaudio] File not found
O4 - HKLM..\Run: [F-Secure Manager] C:\Program Files\Sonera\Sonera Tietoturva\Common\FSM32.EXE (F-Secure Corporation)
O4 - HKLM..\Run: [F-Secure TNB] C:\Program Files\Sonera\Sonera Tietoturva\FSGUI\TNBUtil.exe (F-Secure Corporation)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKU\.DEFAULT..\Run: [cbssreg] C:\Windows\TEMP\nytf.tmp\svchost.exe File not found
O4 - HKU\S-1-5-18..\Run: [cbssreg] C:\Windows\TEMP\nytf.tmp\svchost.exe File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe File not found
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe File not found
O4 - HKU\S-1-5-21-3761315706-44459061-675875969-1001..\Run: [FileHippo.com] C:\Program Files\FileHippo.com\UpdateChecker.exe (FileHippo.com)
O4 - HKU\S-1-5-21-3761315706-44459061-675875969-1001..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Sini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe (Lime Wire, LLC)
O4 - Startup: C:\Users\Sini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\update.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-3761315706-44459061-675875969-1001\..Trusted Domains: corel.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-3761315706-44459061-675875969-1001\..Trusted Domains: corel.com ([www] * in Trusted sites)
O15 - HKU\S-1-5-21-3761315706-44459061-675875969-1001\..Trusted Domains: intervideo.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-3761315706-44459061-675875969-1001\..Trusted Domains: intervideo.com ([www] * in Trusted sites)
O16 - DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} http://srtest-cdn.systemrequirementslab....eqlabdetect.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstal...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstal...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstal...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/software...15111/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKU\S-1-5-21-3761315706-44459061-675875969-1001 Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-3761315706-44459061-675875969-1001 Winlogon: Shell - (C:\Users\Sini\AppData\Roaming\ufxw.exe) - C:\Users\Sini\AppData\Roaming\ufxw.exe File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\I\Shell - "" = AutoRun
O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\Autorun.exe -- File not found
O33 - MountPoints2\J\Shell - "" = AutoRun
O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\Autorun.exe -- File not found
O33 - MountPoints2\K\Shell - "" = AutoRun
O34 - HKLM BootExecute: (autocheck autochk /r \??\F:) - File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (sasnative32) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2010.03.11 17:47:34 | 000,554,496 | ---- | C] (OldTimer Tools) -- C:\Users\Sini\Desktop\OTL.exe
[2010.03.10 16:49:11 | 000,000,000 | ---D | C] -- C:\Users\Sini\Tracing
[2010.03.09 20:58:43 | 000,705,536 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\cohelper.dll
[2010.03.09 19:14:02 | 002,622,496 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkHDMI.dll
[2010.03.09 19:14:02 | 000,355,528 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32H.dll
[2010.03.09 19:14:02 | 000,183,584 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RtHDMIV.sys
[2010.03.09 19:14:02 | 000,073,928 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32H.dll
[2010.03.09 19:14:01 | 000,168,648 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32H.dll
[2010.03.09 19:14:01 | 000,062,664 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32H.dll
[2010.03.09 19:14:00 | 001,640,480 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RHDMIExt.dll
[2010.03.09 19:14:00 | 000,293,600 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RH3DHT32.dll
[2010.03.09 19:14:00 | 000,293,600 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RH3DAA32.dll
[2010.03.09 19:14:00 | 000,057,376 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RHCoInst.dll
[2010.03.09 19:14:00 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2010.03.09 19:13:52 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp
[2010.03.09 19:11:56 | 000,000,000 | ---D | C] -- C:\SMU
[2010.03.09 19:11:56 | 000,000,000 | ---D | C] -- C:\SMBUS
[2010.03.09 19:11:54 | 000,000,000 | ---D | C] -- C:\IDE
[2010.03.09 19:11:54 | 000,000,000 | ---D | C] -- C:\Ethernet
[2010.03.09 17:27:11 | 000,000,000 | ---D | C] -- C:\Users\Sini\Documents\DriverGenius
[2010.03.09 17:03:19 | 000,000,000 | ---D | C] -- C:\Program Files\Driver-Soft
[2010.03.09 07:09:41 | 003,955,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010.03.09 07:09:41 | 003,899,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010.03.08 20:27:42 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010.03.08 17:22:58 | 000,000,000 | ---D | C] -- C:\Program Files\TrendMicro
[2010.03.08 04:51:36 | 000,000,000 | ---D | C] -- C:\SDFix
[2010.03.08 04:50:41 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
[2010.03.08 04:47:05 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2010.03.07 19:54:36 | 000,000,000 | ---D | C] -- C:\Users\Sini\AppData\Local\Stay Secure
[2010.03.07 16:43:44 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[2010.03.07 16:37:07 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.03.07 16:37:06 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.03.07 16:37:06 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.03.06 10:31:35 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010.03.06 10:24:13 | 000,035,680 | ---- | C] (F-Secure Corporation) -- C:\Windows\System32\drivers\fses.sys
[2010.03.06 10:24:08 | 000,572,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcp50.dll
[2010.03.06 10:24:08 | 000,071,040 | ---- | C] (F-Secure Corporation) -- C:\Windows\System32\drivers\fsdfw.sys
[2010.03.06 09:46:08 | 000,000,000 | ---D | C] -- C:\Users\Sini\Documents\My Drivers
[2010.03.05 13:33:38 | 000,000,000 | ---D | C] -- C:\Users\Sini\Documents\Adobe Scripts
[2010.03.05 10:24:58 | 000,016,400 | ---- | C] (Logitech, Inc.) -- C:\Windows\System32\drivers\LNonPnP.sys
[2010.03.05 10:24:41 | 001,581,072 | ---- | C] (Logitech, Inc.) -- C:\Windows\System32\LkmdfCoInst.dll
[2010.03.05 10:24:41 | 000,052,240 | ---- | C] (Logitech, Inc.) -- C:\Windows\System32\LMouFiltCoInst.dll
[2010.03.05 10:24:41 | 000,037,392 | ---- | C] (Logitech, Inc.) -- C:\Windows\System32\drivers\LMouFilt.Sys
[2010.03.05 10:24:40 | 000,035,984 | ---- | C] (Logitech, Inc.) -- C:\Windows\System32\drivers\LHidFilt.Sys
[2010.03.04 15:38:01 | 000,000,000 | ---D | C] -- C:\Program Files\The Sims Resource
[2010.03.04 14:50:34 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010.03.04 14:40:01 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2010.03.03 20:00:17 | 000,274,432 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\Oemdspif.dll
[2010.03.03 20:00:17 | 000,100,352 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\drivers\AtiHdmi.sys
[2010.03.03 20:00:17 | 000,050,176 | ---- | C] (AMD) -- C:\Windows\System32\coinst.dll
[2010.03.03 20:00:17 | 000,027,136 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiuxpag.dll
[2010.03.03 20:00:16 | 000,020,480 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiu9pag.dll
[2010.03.03 20:00:15 | 000,356,352 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\atipdlxx.dll
[2010.03.03 20:00:15 | 000,159,744 | ---- | C] (AMD) -- C:\Windows\System32\atitmmxx.dll
[2010.03.03 20:00:12 | 014,147,072 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atioglxx.dll
[2010.03.03 20:00:07 | 005,313,536 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\atipmdag.sys
[2010.03.03 20:00:07 | 005,313,536 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\atikmdag.sys
[2010.03.03 20:00:07 | 000,150,016 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\drivers\atikmpag.sys
[2010.03.03 20:00:07 | 000,052,224 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atimpc32.dll
[2010.03.03 20:00:07 | 000,052,224 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\amdpcom32.dll
[2010.03.03 20:00:07 | 000,011,776 | ---- | C] (AMD) -- C:\Windows\System32\atimuixx.dll
[2010.03.03 20:00:06 | 000,446,464 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIDEMGX.dll
[2010.03.03 20:00:06 | 000,014,848 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atigktxx.dll
[2010.03.03 20:00:06 | 000,012,800 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiglpxx.dll
[2010.03.03 20:00:05 | 003,649,536 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticaldd.dll
[2010.03.03 20:00:05 | 000,426,496 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\System32\aticfx32.dll
[2010.03.03 20:00:05 | 000,143,360 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiapfxx.exe
[2010.03.03 20:00:05 | 000,053,248 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalrt.dll
[2010.03.03 20:00:05 | 000,053,248 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalcl.dll
[2010.03.03 20:00:04 | 000,053,248 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\ati2erec.dll
[2010.03.03 20:00:04 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\ati2edxx.dll
[2010.03.03 12:59:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Protexis
[2010.03.03 12:58:53 | 000,000,000 | ---D | C] -- C:\Program Files\Corel
[2010.03.03 11:22:44 | 000,000,000 | ---D | C] -- C:\KU990
[2010.03.03 11:19:08 | 000,000,000 | ---D | C] -- C:\LG_USB
[2010.03.03 11:15:35 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml4a.dll
[2010.03.03 11:15:16 | 000,000,000 | ---D | C] -- C:\ProgramData\LGMOBILEAX
[2010.03.03 10:34:51 | 000,055,824 | ---- | C] (Logitech, Inc.) -- C:\Windows\KHALMNPR.Exe
[2010.03.03 10:18:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2010.03.03 10:05:37 | 000,030,024 | ---- | C] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll
[2010.03.03 10:05:37 | 000,021,320 | ---- | C] (TuneUp Software) -- C:\Windows\System32\authuitu.dll
[2010.03.03 10:01:40 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2010.03.03 10:01:37 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2010.03.03 10:01:37 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2010.03.03 10:01:37 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2010.03.03 10:01:33 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll
[2010.03.03 10:01:33 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2010.03.03 10:01:33 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll
[2010.03.03 10:01:33 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2010.03.03 10:01:31 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2010.03.03 10:01:31 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2010.03.03 10:01:31 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2010.03.03 10:01:31 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2010.03.03 10:01:31 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2010.03.03 10:01:31 | 000,277,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2010.03.03 10:01:31 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2010.03.03 10:01:31 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2010.03.03 10:01:29 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010.02.09 23:30:57 | 000,000,000 | ---D | C] -- C:\Users\Sini\AppData\Roaming\InstallShield
[2010.02.09 23:23:07 | 000,000,000 | -H-D | C] -- C:\LG3G
[2010.02.09 23:20:23 | 000,000,000 | ---D | C] -- C:\lgupload
[2010.02.09 23:00:14 | 000,024,960 | ---- | C] (LG Electronics Inc.) -- C:\Windows\System32\drivers\lgusbmodem.sys
[2010.02.09 23:00:14 | 000,020,864 | ---- | C] (LG Electronics Inc.) -- C:\Windows\System32\drivers\lgusbdiag.sys
[2010.02.09 23:00:14 | 000,013,056 | ---- | C] (LG Electronics Inc.) -- C:\Windows\System32\drivers\lgusbbus.sys
[2010.02.09 23:00:13 | 000,000,000 | ---D | C] -- C:\Program Files\LG Electronics
[2010.02.09 22:58:49 | 000,000,000 | ---D | C] -- C:\Program Files\LG PC Suite 2
[2010.02.09 22:05:04 | 000,000,000 | ---D | C] -- C:\Windows\pss
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2010.03.11 17:51:09 | 003,670,016 | ---- | M] () -- C:\Users\Sini\ntuser.dat
[2010.03.11 17:47:34 | 000,554,496 | ---- | M] (OldTimer Tools) -- C:\Users\Sini\Desktop\OTL.exe
[2010.03.11 17:32:18 | 000,014,608 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.03.11 17:32:18 | 000,014,608 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.03.11 17:22:50 | 000,000,975 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.03.11 10:53:23 | 000,001,815 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk
[2010.03.11 10:06:52 | 000,000,574 | ---- | M] () -- C:\Windows\tasks\Scheduled scanning task.job
[2010.03.11 10:06:24 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.03.11 10:06:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.03.10 23:48:17 | 001,144,078 | -H-- | M] () -- C:\Users\Sini\AppData\Local\IconCache.db
[2010.03.10 18:33:27 | 000,000,466 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_021.cplist
[2010.03.10 18:33:24 | 000,002,516 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys
[2010.03.10 18:27:55 | 000,000,466 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_020.cplist
[2010.03.10 17:18:06 | 000,000,480 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_019.cplist
[2010.03.10 17:07:51 | 000,000,466 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_018.cplist
[2010.03.10 16:48:16 | 000,000,522 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_017.cplist
[2010.03.10 16:39:45 | 437,169,378 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010.03.10 16:16:42 | 000,021,584 | ---- | M] () -- C:\Windows\System32\drivers\atapi.sys
[2010.03.09 21:01:02 | 001,243,400 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.03.09 21:01:02 | 000,616,736 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.03.09 21:01:02 | 000,442,586 | ---- | M] () -- C:\Windows\System32\perfh00B.dat
[2010.03.09 21:01:02 | 000,107,828 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.03.09 21:01:02 | 000,083,000 | ---- | M] () -- C:\Windows\System32\perfc00B.dat
[2010.03.09 19:14:17 | 000,000,246 | ---- | M] () -- C:\Windows\Cmicnfg3.ini.cfl
[2010.03.09 19:14:17 | 000,000,168 | ---- | M] () -- C:\Windows\Cmicnfg3.ini.imi
[2010.03.09 19:14:17 | 000,000,136 | ---- | M] () -- C:\Windows\System\Dlap.pfx
[2010.03.09 19:13:35 | 000,000,107 | ---- | M] () -- C:\Windows\System\Cmicnfg3.ini
[2010.03.09 18:35:11 | 000,118,375 | ---- | M] () -- C:\Windows\System32\MSF_RIUNyS3.exe
[2010.03.09 17:58:41 | 002,760,844 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\update.exe
[2010.03.08 23:34:07 | 000,196,608 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2010.03.08 23:33:56 | 000,524,288 | -HS- | M] () -- C:\Users\Sini\ntuser.dat{d4828c67-2ac3-11df-9e1b-001966bb5e2b}.TMContainer00000000000000000002.regtrans-ms
[2010.03.08 23:33:56 | 000,524,288 | -HS- | M] () -- C:\Users\Sini\ntuser.dat{d4828c67-2ac3-11df-9e1b-001966bb5e2b}.TMContainer00000000000000000001.regtrans-ms
[2010.03.08 23:33:56 | 000,065,536 | -HS- | M] () -- C:\Users\Sini\ntuser.dat{d4828c67-2ac3-11df-9e1b-001966bb5e2b}.TM.blf
[2010.03.07 20:12:07 | 000,000,514 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_016.cplist
[2010.03.07 20:11:41 | 000,000,498 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_015.cplist
[2010.03.07 19:54:33 | 000,000,562 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_014.cplist
[2010.03.07 16:18:57 | 000,000,466 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_013.cplist
[2010.03.07 15:15:38 | 000,000,490 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_012.cplist
[2010.03.07 10:49:53 | 000,000,486 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_011.cplist
[2010.03.07 10:49:13 | 000,000,514 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_010.cplist
[2010.03.06 22:12:01 | 000,000,582 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_009.cplist
[2010.03.06 22:10:45 | 000,000,452 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_008.cplist
[2010.03.06 22:09:53 | 000,000,582 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_007.cplist
[2010.03.06 22:08:50 | 000,000,510 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_006.cplist
[2010.03.06 20:32:44 | 000,000,498 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_005.cplist
[2010.03.06 18:00:35 | 000,000,564 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_004.cplist
[2010.03.06 13:05:40 | 000,000,522 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_003.cplist
[2010.03.06 10:44:37 | 000,016,400 | ---- | M] (Logitech, Inc.) -- C:\Windows\System32\drivers\LNonPnP.sys
[2010.03.06 10:37:16 | 000,033,920 | ---- | M] () -- C:\Windows\System32\drivers\fsbts.sys
[2010.03.06 10:31:37 | 000,000,052 | ---- | M] () -- C:\Windows\System32\ashttpstats.csv
[2010.03.05 17:29:59 | 000,000,496 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_002.cplist
[2010.03.05 17:07:49 | 000,000,562 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_001.cplist
[2010.03.04 10:06:23 | 002,353,664 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\phar_unmip.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\phar_histprot.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_video.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_webproxy.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_tabloids.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_socialnetworks.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_searchengines.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_regionaltlds.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_pornography.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_onlineshop.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_onlinepay.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_onlinedating.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_news.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_im.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_illegal.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_hate.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_games.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_gambling.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_drugs.dat
[2010.03.03 12:59:57 | 000,115,248 | ---- | M] () -- C:\Users\Sini\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.03.03 12:06:44 | 000,000,025 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\bdfvconp.ini
[2010.03.03 11:15:58 | 000,002,412 | ---- | M] () -- C:\Windows\System32\lgAxconfig.ini
[2010.03.03 10:42:16 | 000,000,132 | ---- | M] () -- C:\Windows\System32\rezumatenoi.dat
[2010.03.03 10:38:08 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
[2010.03.03 10:18:28 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcp71.dll
[2010.03.03 10:18:28 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcr71.dll
[2010.03.03 09:58:58 | 000,008,284 | ---- | M] () -- C:\Windows\System32\eps_icon.avi
[2010.02.25 12:03:02 | 000,030,536 | ---- | M] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe
[2010.02.25 11:56:16 | 000,021,320 | ---- | M] (TuneUp Software) -- C:\Windows\System32\authuitu.dll
[2010.02.25 11:56:02 | 000,030,024 | ---- | M] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll
[2010.02.24 09:16:06 | 000,181,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010.02.20 17:07:24 | 000,278,984 | ---- | M] () -- C:\Windows\System32\drivers\atksgt.sys
[2010.02.20 17:06:41 | 000,025,416 | ---- | M] () -- C:\Windows\System32\drivers\lirsgt.sys
[2010.02.18 13:42:24 | 001,290,240 | ---- | M] () -- C:\Windows\System32\p0_aPIH.dll
[2010.02.11 09:10:14 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2010.03.11 17:22:50 | 000,000,975 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.03.11 10:53:23 | 000,001,815 | ---- | C] () -- C:\Users\Sini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk
[2010.03.10 18:33:27 | 000,000,466 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_021.cplist
[2010.03.10 18:27:55 | 000,000,466 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_020.cplist
[2010.03.10 17:14:46 | 000,000,480 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_019.cplist
[2010.03.10 17:07:51 | 000,000,466 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_018.cplist
[2010.03.10 16:48:16 | 000,000,522 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_017.cplist
[2010.03.09 23:08:45 | 437,169,378 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010.03.09 20:58:43 | 000,006,136 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2010.03.09 17:58:09 | 002,760,844 | ---- | C] () -- C:\Users\Sini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\update.exe
[2010.03.09 17:57:01 | 000,118,375 | ---- | C] () -- C:\Windows\System32\MSF_RIUNyS3.exe
[2010.03.08 17:34:09 | 000,524,288 | -HS- | C] () -- C:\Users\Sini\ntuser.dat{d4828c67-2ac3-11df-9e1b-001966bb5e2b}.TMContainer00000000000000000002.regtrans-ms
[2010.03.08 17:34:09 | 000,524,288 | -HS- | C] () -- C:\Users\Sini\ntuser.dat{d4828c67-2ac3-11df-9e1b-001966bb5e2b}.TMContainer00000000000000000001.regtrans-ms
[2010.03.08 17:34:09 | 000,065,536 | -HS- | C] () -- C:\Users\Sini\ntuser.dat{d4828c67-2ac3-11df-9e1b-001966bb5e2b}.TM.blf
[2010.03.07 20:12:07 | 000,000,514 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_016.cplist
[2010.03.07 20:11:41 | 000,000,498 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_015.cplist
[2010.03.07 19:54:33 | 000,000,562 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_014.cplist
[2010.03.07 15:16:36 | 000,000,466 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_013.cplist
[2010.03.07 15:15:38 | 000,000,490 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_012.cplist
[2010.03.07 10:49:53 | 000,000,486 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_011.cplist
[2010.03.07 10:49:13 | 000,000,514 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_010.cplist
[2010.03.06 22:12:01 | 000,000,582 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_009.cplist
[2010.03.06 22:10:45 | 000,000,452 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_008.cplist
[2010.03.06 22:09:53 | 000,000,582 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_007.cplist
[2010.03.06 22:08:50 | 000,000,510 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_006.cplist
[2010.03.06 20:32:44 | 000,000,498 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_005.cplist
[2010.03.06 18:00:35 | 000,000,564 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_004.cplist
[2010.03.06 13:05:40 | 000,000,522 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_003.cplist
[2010.03.06 10:40:52 | 000,000,574 | ---- | C] () -- C:\Windows\tasks\Scheduled scanning task.job
[2010.03.06 10:24:39 | 000,033,920 | ---- | C] () -- C:\Windows\System32\drivers\fsbts.sys
[2010.03.05 17:29:59 | 000,000,496 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_002.cplist
[2010.03.05 17:07:49 | 000,000,562 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_001.cplist
[2010.03.05 10:32:29 | 000,000,052 | ---- | C] () -- C:\Windows\System32\ashttpstats.csv
[2010.03.03 20:00:16 | 000,491,104 | ---- | C] () -- C:\Windows\System32\atiumdva.cap
[2010.03.03 20:00:15 | 000,001,035 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2010.03.03 20:00:08 | 000,020,274 | ---- | C] () -- C:\Windows\atiogl.xml
[2010.03.03 20:00:06 | 000,198,341 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2010.03.03 20:00:05 | 000,031,240 | ---- | C] () -- C:\Windows\System32\atiapfxx.blb
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\phar_unmip.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\phar_histprot.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_video.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_webproxy.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_tabloids.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_socialnetworks.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_searchengines.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_regionaltlds.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_pornography.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_onlineshop.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_onlinepay.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_onlinedating.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_news.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_im.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_illegal.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_hate.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_games.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_gambling.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_drugs.dat
[2010.03.03 12:06:44 | 000,000,025 | ---- | C] () -- C:\Users\Sini\AppData\Roaming\bdfvconp.ini
[2010.03.03 11:15:35 | 000,053,248 | ---- | C] () -- C:\Windows\System32\CommonDL.dll
[2010.03.03 11:15:35 | 000,002,412 | ---- | C] () -- C:\Windows\System32\lgAxconfig.ini
[2010.03.03 10:38:08 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
[2010.02.20 17:06:42 | 000,278,984 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2010.02.20 17:06:41 | 000,025,416 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2010.02.18 13:42:24 | 001,290,240 | ---- | C] () -- C:\Windows\System32\p0_aPIH.dll
[2010.01.20 21:29:05 | 000,000,008 | RHS- | C] () -- C:\ProgramData\DA2827B44C.sys
[2010.01.20 21:29:04 | 000,002,516 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010.01.03 21:04:37 | 000,722,416 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2009.12.26 18:13:11 | 000,151,552 | ---- | C] () -- C:\Windows\System32\nvRegDev.dll
[2009.12.18 20:29:26 | 000,237,568 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2009.12.18 19:47:12 | 000,026,112 | ---- | C] () -- C:\Users\Sini\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.12.03 18:49:16 | 000,007,605 | ---- | C] () -- C:\Users\Sini\AppData\Local\Resmon.ResmonCfg
[2009.12.01 19:03:03 | 000,003,733 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2009.11.26 22:38:15 | 000,008,704 | ---- | C] () -- C:\Windows\System32\CNMVS7I.DLL
[2009.11.26 17:11:39 | 000,000,246 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.cfl
[2009.11.26 17:10:57 | 000,303,104 | ---- | C] () -- C:\Windows\System32\CmiInstallResAll.dll
[2009.11.26 17:10:57 | 000,002,123 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.cfg
[2009.11.26 17:10:57 | 000,000,168 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.imi
[2009.11.26 17:10:56 | 000,002,754 | ---- | C] () -- C:\Windows\cmudax3.ini
[2009.11.25 22:39:58 | 000,000,266 | ---- | C] () -- C:\Windows\lgfwup.ini
[2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.07.14 01:11:15 | 000,021,584 | ---- | C] () -- C:\Windows\System32\drivers\atapi.sys
[2009.06.19 20:06:22 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2006.10.11 05:33:58 | 000,010,288 | ---- | C] () -- C:\Windows\System32\drivers\ASUSHWIO.SYS
[2005.02.25 06:15:00 | 000,159,744 | ---- | C] () -- C:\Windows\System32\EPSPTDV.DLL
[2004.01.15 07:01:26 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll
< End of report >
OTL Extras logfile created on: 11.3.2010 17:49:46 - Run 1
OTL by OldTimer - Version 3.1.36.1 Folder = C:\Users\Sini\Desktop
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 0000040b | Country: Suomi | Language: FIN | Date Format: d.M.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 68,00% Memory free
7,00 Gb Paging File | 6,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 931,51 Gb Total Space | 732,06 Gb Free Space | 78,59% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: SINI-PC
Current User Name: Sini
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
[color=#E56717]========== File Associations ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-3761315706-44459061-675875969-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[color=#E56717]========== Shell Spawning ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[color=#E56717]========== Security Center Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[color=#E56717]========== Authorized Applications List ==========[/color]
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{022F6097-A053-4B1B-BE50-3AADE4116B92}" = Opera 10.50
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0BB72566-0D4C-7200-2CE7-02F298B49C88}" = CCC Help English
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{110AD51E-D0E0-49B1-52FD-291373BA62EA}" = Catalyst Control Center Graphics Full New
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{1B2DBF55-05D4-4072-87D8-689141E262BD}" = Creative ZEN
"{1E99F5D7-4262-4C7C-9135-F066E7485811}" = System Requirements Lab
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20071984-5EB1-4881-8EDB-082532ACEC6D}" = Heroes of Might and Magic V
"{20140000-000F-0000-0000-0000000FF1CE}" = Microsoft Office Mondo 2010 (Beta)
"{20140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010 (Beta)
"{20140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010 (Beta)
"{20140000-0017-0409-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (English) 2010 (Beta)
"{20140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010 (Beta)
"{20140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010 (Beta)
"{20140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010 (Beta)
"{20140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010 (Beta)
"{20140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 (Beta)
"{20140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 (Beta)
"{20140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010 (Beta)
"{20140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010 (Beta)
"{20140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010 (Beta)
"{20140000-0054-0409-0000-0000000FF1CE}" = Microsoft Office Visio MUI (English) 2010 (Beta)
"{20140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010 (Beta)
"{20140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010 (Beta)
"{20140000-00B4-0409-0000-0000000FF1CE}" = Microsoft Office Project MUI (English) 2010 (Beta)
"{20140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010 (Beta)
"{20140000-0102-0409-0000-0000000FF1CE}" = Microsoft Office MondoOnly MUI (English) 2010 (Beta)
"{20140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010 (Beta)
"{20140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010 (Beta)
"{20140000-011A-0000-0000-0000000FF1CE}" = Microsoft Office Send-a-Smile
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Liven lataustyökalu
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{23F79416-CAD1-41BF-99A3-040F6C814AAA}" = NVIDIA Photoshop Plug-ins
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{31557F4F-7D10-D32E-4B70-237A09FCC31B}" = Catalyst Control Center Graphics Previews Common
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3C175604-F026-5D79-BBD8-F626AE10B3EF}" = Catalyst Control Center Graphics Full Existing
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Autodesk Backburner 2008.1
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{4442AB48-DEC4-4B39-B067-1F75BF8017E7}" = Creative Centrale
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{513148E7-B7A1-48B2-B518-668701E546F5}" = LightScribe System Software 1.14.19.1
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{5C1F18D2-F6B7-4242-B803-B5A78648185D}" = Corel WinDVD 2010
"{5DB65884-C963-4454-AABA-4CA3089281FA}" = NVIDIA PhysX
"{6179550A-3E7C-499E-BCC9-9E8113E0A285}" = LG Tool Kit
"{62C2067E-5851-BD4C-98E0-5C4D5E155A5B}" = Catalyst Control Center Core Implementation
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{72736F5F-520D-472A-88CC-7B02872FD34E}" = ATI Catalyst Registration
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{85EB1E72-4FAA-40E4-A511-DF3A9A0A4CA8}" = Windows Live Messenger
"{86604C06-DA30-425E-AECE-47304FE81C45}" = Creative Software Update
"{87BB78C4-F36D-4D93-A7C7-F80F18219848}" = AMD DnD V1.0.19
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{993960EE-CA4D-443F-8F88-E24260DD5FD2}" = LG PC Suite
"{998152E5-B605-4BBB-9853-E749AEE02B21}" = Windows Liven kirjautumisavustaja
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C87F6BB-75E4-4F35-8353-F5E295264E98}" = Windows Live Call
"{9D669429-A2E4-4793-B7A0-283D259F39AF}" = Adobe Photoshop Lightroom 2.5
"{9E1BAB75-EB78-440D-94C0-A3857BE2E733}" = System Requirements Lab
"{A292C05C-840A-9D47-5350-EF39ECC7629E}" = Catalyst Control Center HydraVision Full
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A666A477-4C02-415E-9F31-3541FC0CD6B5}" = SipdxDLL
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{AA2BCB44-B44F-445A-A80C-E6C50218940C}" = Windows Liven asennustyökalu
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.1
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AD17676C-5065-E427-130B-21CE713F93E7}" = Catalyst Control Center Graphics Light
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B970700B-E49F-ECEF-4ADB-0F3E1AFEDE91}" = ccc-core-static
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BC1FFF14-C10D-7087-C43A-4A8ECC9C98C4}" = ATI Catalyst Install Manager
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims? 3
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem Driver
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CF23AFD7-3078-4134-8823-EBF6D1FE6FAD}" = Canon MP450
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{D5395E5F-4D45-4665-8F00-234FA33678AF}" = SlimDX Redistributable (March 2009)
"{DA6FAB8D-E87A-4E8E-A3D3-B7B9F479C725}" = forteManager
"{E2E7A0E8-77C4-495F-8FA3-63DAEDAA2DB3}" = F-Secure PSC Prerequisites
"{E2F29FCA-126F-48DF-A9B5-BEBE8F0F1610}" = CreativeSetup
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{E542E630-8BB7-4C28-B8EB-0BAD2B201C65}" = Audio Track Editor
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F439D7AF-03F3-4F8E-AEC4-571BFE977C61}" = iTunes
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{F9726DDC-D7B5-BF1F-5626-EA467FEEBC52}" = ccc-utility
"{F9F13FEA-D51E-A1C3-4EDC-D04A91B62C93}" = Catalyst Control Center Graphics Previews Vista
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FE3997D3-6B56-4AC4-A99C-9DDFC45359BF}" = TuneUp Utilities Language Pack (en-US)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"ADSL Router Utility" = ADSL Router Utility
"Akamai" = Akamai NetSession Interface
"CCleaner" = CCleaner
"C-Media PCI Audio Driver" = C-Media PCI Audio Device
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Creative Centrale" = Creative Centrale
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Defraggler" = Defraggler
"Driver Genius Professional Edition_is1" = Driver Genius Professional Edition
"EADM" = EA Download Manager
"FileHippo.com" = FileHippo.com Update Checker
"F-Secure Product 444" = Sonera Tietoturva
"HijackThis" = HijackThis 2.0.2
"InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"LastFM_is1" = Last.fm 1.5.4.24567
"LimeWire" = LimeWire 5.5.5
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.6)" = Mozilla Firefox (3.6)
"MSF_RIUNyS3" = LoudMo Contextual Ad Assistant
"NVIDIA Drivers" = NVIDIA Drivers
"Office14.MONDO" = Microsoft Office Mondo 2010
"PowerISO" = PowerISO
"Sonera Internet Avustaja_is1" = Sonera Internet Avustaja
"Spotify" = Spotify
"SysInfo" = Creative System Information
"TS3 Install Helper Monkey" = TS3 Install Helper Monkey
"TuneUp Utilities" = TuneUp Utilities
"Uninstall_is1" = Uninstall 1.0.0.1
"uTorrent" = µTorrent
"WinLiveSuite_Wave3" = Windows Liven asennustyökalu
"WinPcapInst" = WinPcap 3.1 beta3
"WinRAR archiver" = WinRAR archiver
"VLC media player" = VLC media player 1.0.3
[color=#E56717]========== Last 10 Event Log Errors ==========[/color]
[ Application Events ]
Error - 10.3.2010 10:40:05 | Computer Name = Sini-PC | Source = FSecure-FSecure-F-Secure DeepGuard | ID = 103
Description = 1 2010-03-10 16:40:05+03:00 SINI-PC SYSTEM F-Secure DeepGuard
DeepGuard configuration was rejected. Old configuration will be used if possible.
Error code: DAAS reject
Error - 10.3.2010 10:52:02 | Computer Name = Sini-PC | Source = FSecure-FSecure-F-Secure DeepGuard | ID = 103
Description = 1 2010-03-10 16:52:02+03:00 SINI-PC SYSTEM F-Secure DeepGuard
DeepGuard configuration was rejected. Old configuration will be used if possible.
Error code: DAAS reject
Error - 10.3.2010 14:39:39 | Computer Name = Sini-PC | Source = Application Error | ID = 1000
Description = Viallisen sovelluksen nimi: IEXPLORE.EXE, versio: 8.0.7600.16385,
aikaleima: 0x4a5bc69e Viallisen moduulin nimi: ntdll.dll, versio: 6.1.7600.16385,
aikaleima: 0x4a5bdadb Poikkeuskoodi: 0xc0000005 Virhepoikkeama: 0x00046b90 Viallisen
prosessin tunnus: 0xee8 Viallisen sovelluksen käynnistysaika: 0x01cac080c4a06724
Viallisen
sovelluksen polku: C:\Program Files\Internet Explorer\IEXPLORE.EXE Viallisen moduulin
polku: C:\Windows\SYSTEM32\ntdll.dll Raportin tunnus: 4873d423-2c74-11df-a210-001966bb5e2b
Error - 10.3.2010 15:02:09 | Computer Name = Sini-PC | Source = Application Error | ID = 1000
Description = Viallisen sovelluksen nimi: iexplore.exe, versio: 8.0.7600.16385,
aikaleima: 0x4a5bc69e Viallisen moduulin nimi: ntdll.dll, versio: 6.1.7600.16385,
aikaleima: 0x4a5bdadb Poikkeuskoodi: 0xc0000005 Virhepoikkeama: 0x00046b90 Viallisen
prosessin tunnus: 0xdd0 Viallisen sovelluksen käynnistysaika: 0x01cac0841fbdf149
Viallisen
sovelluksen polku: C:\Program Files\Internet Explorer\iexplore.exe Viallisen moduulin
polku: C:\Windows\SYSTEM32\ntdll.dll Raportin tunnus: 6cfac2e4-2c77-11df-a210-001966bb5e2b
Error - 10.3.2010 15:20:08 | Computer Name = Sini-PC | Source = Application Error | ID = 1000
Description = Viallisen sovelluksen nimi: iexplore.exe, versio: 8.0.7600.16385,
aikaleima: 0x4a5bc69e Viallisen moduulin nimi: ntdll.dll, versio: 6.1.7600.16385,
aikaleima: 0x4a5bdadb Poikkeuskoodi: 0xc0000005 Virhepoikkeama: 0x00046b90 Viallisen
prosessin tunnus: 0xecc Viallisen sovelluksen käynnistysaika: 0x01cac0869d47617f
Viallisen
sovelluksen polku: C:\Program Files\Internet Explorer\iexplore.exe Viallisen moduulin
polku: C:\Windows\SYSTEM32\ntdll.dll Raportin tunnus: f03d4823-2c79-11df-a210-001966bb5e2b
Error - 10.3.2010 16:04:02 | Computer Name = Sini-PC | Source = Application Error | ID = 1000
Description = Viallisen sovelluksen nimi: iexplore.exe, versio: 8.0.7600.16385,
aikaleima: 0x4a5bc69e Viallisen moduulin nimi: ntdll.dll, versio: 6.1.7600.16385,
aikaleima: 0x4a5bdadb Poikkeuskoodi: 0xc0000005 Virhepoikkeama: 0x00046b90 Viallisen
prosessin tunnus: 0x1214 Viallisen sovelluksen käynnistysaika: 0x01cac08cbde8fc58
Viallisen
sovelluksen polku: C:\Program Files\Internet Explorer\iexplore.exe Viallisen moduulin
polku: C:\Windows\SYSTEM32\ntdll.dll Raportin tunnus: 11dd8c29-2c80-11df-a210-001966bb5e2b
Error - 11.3.2010 4:06:42 | Computer Name = Sini-PC | Source = FSecure-FSecure-F-Secure DeepGuard | ID = 103
Description = 1 2010-03-11 10:06:42+03:00 SINI-PC SYSTEM F-Secure DeepGuard
DeepGuard configuration was rejected. Old configuration will be used if possible.
Error code: DAAS reject
Error - 11.3.2010 5:16:36 | Computer Name = Sini-PC | Source = SideBySide | ID = 16842815
Description = Aktivointikontekstin luonti epäonnistui (c:\Program Files\Common Files\Adobe
AIR\Versions\1.0\Adobe AIR.dll). Virhe luettelo- tai käytäntötiedoston c:\Program
Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll rivillä 3. Määritteen version
arvo (MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR) ei kelpaa
elementissä assemblyIdentity.
Error - 11.3.2010 11:24:57 | Computer Name = Sini-PC | Source = FSecure-FSecure-F-Secure Anti-Virus | ID = 103
Description = 2 2010-03-11 17:24:56+03:00 SINI-PC Sini-PC\Sini F-Secure Anti-Virus
Malicious code found in file C:\Windows\System32\sshnas21.dll. Infection: Trojan.Generic.3313565
Error - 11.3.2010 11:46:26 | Computer Name = Sini-PC | Source = Application Error | ID = 1000
Description = Viallisen sovelluksen nimi: mbam.exe, versio: 1.44.0.0, aikaleima:
0x4b46461a Viallisen moduulin nimi: ntdll.dll, versio: 6.1.7600.16385, aikaleima:
0x4a5bdadb Poikkeuskoodi: 0xc0000005 Virhepoikkeama: 0x0005c74a Viallisen prosessin
tunnus: 0x6a0 Viallisen sovelluksen käynnistysaika: 0x01cac12ecd93b5f4 Viallisen
sovelluksen polku: C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe Viallisen
moduulin polku: C:\Windows\SYSTEM32\ntdll.dll Raportin tunnus: 3fd4557a-2d25-11df-99ba-001966bb5e2b
[ Media Center Events ]
Error - 19.2.2010 7:06:41 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
Description = 13:06:39 - Virhe muodostettaessa Internet-yhteyttä. 13:06:40 -
Yhteyden muodostaminen palvelimeen ei onnistu..
Error - 19.2.2010 7:11:14 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
Description = 13:07:14 - Virhe muodostettaessa Internet-yhteyttä. 13:07:14 -
Yhteyden muodostaminen palvelimeen ei onnistu..
Error - 20.2.2010 10:48:31 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
Description = 16:48:31 - Virhe muodostettaessa Internet-yhteyttä. 16:48:31 -
Yhteyden muodostaminen palvelimeen ei onnistu..
Error - 20.2.2010 10:49:04 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
Description = 16:49:01 - Virhe muodostettaessa Internet-yhteyttä. 16:49:01 -
Yhteyden muodostaminen palvelimeen ei onnistu..
Error - 21.2.2010 11:00:55 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
Description = 17:00:55 - Virhe muodostettaessa Internet-yhteyttä. 17:00:55 -
Yhteyden muodostaminen palvelimeen ei onnistu..
Error - 21.2.2010 11:01:04 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
Description = 17:01:00 - Virhe muodostettaessa Internet-yhteyttä. 17:01:00 -
Yhteyden muodostaminen palvelimeen ei onnistu..
Error - 23.2.2010 1:22:28 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
Description = 7:22:28 - Virhe muodostettaessa Internet-yhteyttä. 7:22:28 - Yhteyden
muodostaminen palvelimeen ei onnistu..
Error - 23.2.2010 1:22:38 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
Description = 7:22:33 - Virhe muodostettaessa Internet-yhteyttä. 7:22:33 - Yhteyden
muodostaminen palvelimeen ei onnistu..
Error - 2.3.2010 5:43:49 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
Description = 11:43:49 - Virhe muodostettaessa Internet-yhteyttä. 11:43:49 -
Yhteyden muodostaminen palvelimeen ei onnistu..
Error - 2.3.2010 5:43:58 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
Description = 11:43:55 - Virhe muodostettaessa Internet-yhteyttä. 11:43:55 -
Yhteyden muodostaminen palvelimeen ei onnistu..
[ System Events ]
Error - 16.1.2010 10:26:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7031
Description = Palvelu Käyttäjäprofiilipalvelu on päättynyt odottamatta. Tämä on
tapahtunut 1 kertaa. 120000 millisekunnin kuluttua suoritetaan seuraava korjaustoimi:
Käynnistä palvelu uudelleen.
Error - 16.1.2010 10:26:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7031
Description = Palvelu Tehtävien ajoitus on päättynyt odottamatta. Tämä on tapahtunut
1 kertaa. 60000 millisekunnin kuluttua suoritetaan seuraava korjaustoimi: Käynnistä
palvelu uudelleen.
Error - 16.1.2010 10:26:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7031
Description = Palvelu Järjestelmätapahtumien ilmoituspalvelu on päättynyt odottamatta.
Tämä on tapahtunut 1 kertaa. 120000 millisekunnin kuluttua suoritetaan seuraava
korjaustoimi: Käynnistä palvelu uudelleen.
Error - 16.1.2010 10:26:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7031
Description = Palvelu Käyttöliittymän laitteistotunnistus on päättynyt odottamatta.
Tämä on tapahtunut 1 kertaa. 60000 millisekunnin kuluttua suoritetaan seuraava
korjaustoimi: Käynnistä palvelu uudelleen.
Error - 16.1.2010 10:26:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7031
Description = Palvelu Teemat on päättynyt odottamatta. Tämä on tapahtunut 1 kertaa.
60000 millisekunnin kuluttua suoritetaan seuraava korjaustoimi: Käynnistä palvelu
uudelleen.
Error - 16.1.2010 10:26:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7031
Description = Palvelu WMI-palvelu (Windows Management Instrumentation) on päättynyt
odottamatta. Tämä on tapahtunut 1 kertaa. 120000 millisekunnin kuluttua suoritetaan
seuraava korjaustoimi: Käynnistä palvelu uudelleen.
Error - 16.1.2010 10:26:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7031
Description = Palvelu Windows Update on päättynyt odottamatta. Tämä on tapahtunut
1 kertaa. 60000 millisekunnin kuluttua suoritetaan seuraava korjaustoimi: Käynnistä
palvelu uudelleen.
Error - 16.1.2010 10:27:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7032
Description = Palvelujen ohjauksen hallinta yritti suorittaa korjaustoimia (Käynnistä
palvelu uudelleen) palvelun Palvelin odottamattoman lopettamisen jälkeen. Yritys
epäonnistui ja tapahtui virhe: %%1056
Error - 16.1.2010 10:28:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7032
Description = Palvelujen ohjauksen hallinta yritti suorittaa korjaustoimia (Käynnistä
palvelu uudelleen) palvelun Tietokoneiden selaus odottamattoman lopettamisen jälkeen.
Yritys epäonnistui ja tapahtui virhe: %%1056
Error - 16.1.2010 10:28:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7032
Description = Palvelujen ohjauksen hallinta yritti suorittaa korjaustoimia (Käynnistä
palvelu uudelleen) palvelun WMI-palvelu (Windows Management Instrumentation) odottamattoman
lopettamisen jälkeen. Yritys epäonnistui ja tapahtui virhe: %%1056
< End of report >
|
Member
1 tuotearvio
|
11. maaliskuuta 2010 @ 18:41 |
Linkki tähän viestiin
|
OTL logfile created on: 11.3.2010 17:49:46 - Run 1
OTL by OldTimer - Version 3.1.36.1 Folder = C:\Users\Sini\Desktop
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 0000040b | Country: Suomi | Language: FIN | Date Format: d.M.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 68,00% Memory free
7,00 Gb Paging File | 6,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 931,51 Gb Total Space | 732,06 Gb Free Space | 78,59% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: SINI-PC
Current User Name: Sini
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - [2010.03.11 17:47:34 | 000,554,496 | ---- | M] (OldTimer Tools) -- C:\Users\Sini\Desktop\OTL.exe
PRC - [2010.03.06 10:36:53 | 000,356,960 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\fsav32.exe
PRC - [2010.03.06 10:36:07 | 000,619,616 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\fssm32.exe
PRC - [2010.03.06 10:36:06 | 000,480,352 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\fsgk32.exe
PRC - [2010.03.06 10:28:03 | 000,055,992 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\ORSP Client\fsorsp.exe
PRC - [2010.02.25 12:02:02 | 000,716,616 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
PRC - [2010.02.25 11:59:54 | 001,047,880 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
PRC - [2010.02.02 20:17:28 | 000,372,736 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2010.02.02 20:16:58 | 000,172,032 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.08.10 15:59:50 | 000,178,720 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
PRC - [2009.08.10 15:59:48 | 000,387,616 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
PRC - [2009.08.05 17:58:52 | 000,186,976 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\Common\FSMA32.EXE
PRC - [2009.08.05 17:58:50 | 000,199,264 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\Common\FSM32.EXE
PRC - [2009.08.05 17:58:50 | 000,088,672 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\Common\FSHDLL32.EXE
PRC - [2009.08.05 17:57:20 | 000,522,848 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\FWES\program\fsdfwd.exe
PRC - [2009.08.05 17:56:10 | 000,215,648 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\fsgk32st.exe
PRC - [2009.07.14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009.07.14 03:14:24 | 000,157,184 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Windows Defender\MpCmdRun.exe
PRC - [2008.10.16 10:04:42 | 000,202,016 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Sonera\InternetAvustaja\bin\sprtsvc.exe
PRC - [2007.07.24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
[color=#E56717]========== Modules (SafeList) ==========[/color]
MOD - [2010.03.11 17:47:34 | 000,554,496 | ---- | M] (OldTimer Tools) -- C:\Users\Sini\Desktop\OTL.exe
MOD - [2009.07.14 03:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll
MOD - [2009.07.14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll
MOD - [2009.07.14 03:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll
MOD - [2009.07.14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll
MOD - [2009.07.14 03:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll
MOD - [2009.07.14 03:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll
MOD - [2009.07.14 03:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
MOD - [2009.07.14 03:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll
MOD - [2009.07.14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll
MOD - [2009.07.14 03:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll
MOD - [2009.07.14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
SRV - [2010.03.06 10:28:03 | 000,055,992 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files\Sonera\Sonera Tietoturva\ORSP Client\fsorsp.exe -- (FSORSPClient)
SRV - [2010.03.05 16:33:51 | 002,462,256 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\rswin_3648.dll -- (Akamai)
SRV - [2010.03.03 10:05:31 | 000,435,016 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2010.02.25 11:59:54 | 001,047,880 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2010.02.25 11:56:02 | 000,030,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2010.02.02 20:16:58 | 000,172,032 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009.08.21 15:47:14 | 030,510,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2009.08.21 15:36:08 | 004,639,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009.08.10 15:59:50 | 000,178,720 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp)
SRV - [2009.08.10 15:59:48 | 000,387,616 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM)
SRV - [2009.08.05 17:58:52 | 000,186,976 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files\Sonera\Sonera Tietoturva\Common\FSMA32.EXE -- (FSMA)
SRV - [2009.08.05 17:57:20 | 000,522,848 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files\Sonera\Sonera Tietoturva\FWES\Program\fsdfwd.exe -- (FSDFWD)
SRV - [2009.08.05 17:56:10 | 000,215,648 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\fsgk32st.exe -- (F-Secure Gatekeeper Handler Starter)
SRV - [2009.07.14 03:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)
SRV - [2009.07.14 03:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
SRV - [2009.07.14 03:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power)
SRV - [2009.07.14 03:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2009.07.14 03:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)
SRV - [2009.07.14 03:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)
SRV - [2009.07.14 03:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
SRV - [2009.07.14 03:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
SRV - [2009.07.14 03:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.07.14 03:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
SRV - [2009.07.14 03:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009.07.14 03:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2009.07.14 03:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc)
SRV - [2009.07.14 03:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC)
SRV - [2009.07.14 03:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) ActiveX-asennusohjelma (AxInstSV)
SRV - [2009.07.14 03:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)
SRV - [2009.07.14 03:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc)
SRV - [2008.10.16 10:04:42 | 000,202,016 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Sonera\InternetAvustaja\bin\sprtsvc.exe -- (sprtsvc_sonera) SupportSoft Sprocket Service (sonera)
SRV - [2008.10.16 10:02:58 | 000,382,320 | ---- | M] (SupportSoft, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\supportsoft\bin\ssrc.exe -- (SupportSoft RemoteAssist)
SRV - [2008.05.21 13:42:56 | 000,064,000 | ---- | M] (Creative Technology Ltd) [Disabled | Stopped] -- C:\Program Files\Creative\Creative Centrale\CTUPnPSv.exe -- (CTUPnPSv)
SRV - [2007.12.13 16:29:59 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2007.07.24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2007.04.02 08:15:40 | 000,061,440 | ---- | M] (Creative Technology Ltd) [Disabled | Stopped] -- C:\Program Files\Creative\Shared Files\CTDevSrv.exe -- (CTDevice_Srv)
SRV - [2004.05.14 13:02:46 | 000,086,016 | ---- | M] (NetGroup - Politecnico di Torino) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV - [2010.03.10 16:16:42 | 000,021,584 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\atapi.sys -- (atapi)
DRV - [2010.03.06 10:37:16 | 000,033,920 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\Drivers\fsbts.sys -- (fsbts)
DRV - [2010.03.06 10:36:46 | 000,107,104 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\minifilter\fsgk.sys -- (F-Secure Gatekeeper)
DRV - [2010.02.20 17:07:24 | 000,278,984 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2010.02.20 17:06:41 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2010.02.02 20:54:34 | 005,313,536 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2010.02.02 20:54:34 | 005,313,536 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atipmdag.sys -- (amdkmdag)
DRV - [2010.02.02 19:23:42 | 000,150,016 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2010.01.28 15:33:30 | 000,100,352 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2010.01.27 11:04:00 | 000,183,584 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService)
DRV - [2010.01.21 01:59:58 | 000,020,864 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2010.01.21 01:59:56 | 000,024,960 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2010.01.21 01:59:56 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2010.01.07 16:07:14 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2010.01.03 21:04:37 | 000,722,416 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.12.19 02:31:32 | 000,073,312 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\adfs.sys -- (adfs)
DRV - [2009.12.01 11:11:28 | 001,872,192 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\cmudax3.sys -- (cmuda3)
DRV - [2009.11.10 14:55:08 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2009.11.10 14:54:52 | 000,035,984 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2009.11.09 05:21:18 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2009.10.14 07:24:44 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2009.08.05 17:58:30 | 000,068,064 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys -- (F-Secure HIPS)
DRV - [2009.08.05 17:57:20 | 000,071,040 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\fsdfw.sys -- (FSFW)
DRV - [2009.08.05 17:57:12 | 000,035,680 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\fses.sys -- (FSES)
DRV - [2009.08.05 17:56:14 | 000,039,776 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\win2k\fsfilter.sys -- (F-Secure Filter)
DRV - [2009.08.05 17:56:14 | 000,025,184 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\win2k\fsrec.sys -- (F-Secure Recognizer)
DRV - [2009.08.05 17:56:12 | 000,012,384 | ---- | M] () [Kernel | System | Running] -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\minifilter\fsvista.sys -- (fsvista)
DRV - [2009.07.30 17:12:54 | 000,287,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmf6232.sys -- (NVNET)
DRV - [2009.07.14 03:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide)
DRV - [2009.07.14 03:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci)
DRV - [2009.07.14 03:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)
DRV - [2009.07.14 03:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)
DRV - [2009.07.14 03:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320)
DRV - [2009.07.14 03:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas)
DRV - [2009.07.14 03:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata)
DRV - [2009.07.14 03:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc)
DRV - [2009.07.14 03:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata)
DRV - [2009.07.14 03:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide)
DRV - [2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor)
DRV - [2009.07.14 03:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid)
DRV - [2009.07.14 03:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)
DRV - [2009.07.14 03:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)
DRV - [2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV)
DRV - [2009.07.14 03:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)
DRV - [2009.07.14 03:20:36 | 000,133,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg)
DRV - [2009.07.14 03:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2009.07.14 03:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)
DRV - [2009.07.14 03:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)
DRV - [2009.07.14 03:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp)
DRV - [2009.07.14 03:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas)
DRV - [2009.07.14 03:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)
DRV - [2009.07.14 03:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor)
DRV - [2009.07.14 03:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx)
DRV - [2009.07.14 03:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD)
DRV - [2009.07.14 03:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)
DRV - [2009.07.14 03:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)
DRV - [2009.07.14 03:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp)
DRV - [2009.07.14 03:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount)
DRV - [2009.07.14 03:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide)
DRV - [2009.07.14 03:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300)
DRV - [2009.07.14 03:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)
DRV - [2009.07.14 03:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)
DRV - [2009.07.14 03:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)
DRV - [2009.07.14 03:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw)
DRV - [2009.07.14 03:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)
DRV - [2009.07.14 03:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor)
DRV - [2009.07.14 03:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG)
DRV - [2009.07.14 02:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2009.07.14 02:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\rdpbus.sys -- (rdpbus)
DRV - [2009.07.14 02:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV - [2009.07.14 01:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV - [2009.07.14 01:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)
DRV - [2009.07.14 01:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)
DRV - [2009.07.14 01:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)
DRV - [2009.07.14 01:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\1394ohci.sys -- (1394ohci)
DRV - [2009.07.14 01:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass)
DRV - [2009.07.14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009.07.14 01:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV - [2009.07.14 01:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)
DRV - [2009.07.14 01:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus)
DRV - [2009.07.14 01:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID)
DRV - [2009.07.14 01:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter)
DRV - [2009.07.14 01:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache)
DRV - [2009.07.14 01:19:21 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HidBatt.sys -- (HidBatt)
DRV - [2009.07.14 01:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi)
DRV - [2009.07.14 01:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdppm.sys -- (AmdPPM)
DRV - [2009.07.14 00:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.14 00:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV - [2009.07.14 00:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer)
DRV - [2009.07.14 00:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm)
DRV - [2009.07.14 00:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo)
DRV - [2009.07.14 00:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp)
DRV - [2009.07.14 00:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
DRV - [2009.07.14 00:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2009.07.14 00:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv)
DRV - [2009.07.14 00:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv)
DRV - [2009.06.29 00:36:36 | 000,017,920 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2008.12.12 15:27:46 | 000,018,432 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\LG Soft India\forteManager\bin\PII2CDriver.sys -- (LGII2CDevice)
DRV - [2008.12.12 15:27:46 | 000,014,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\LG Soft India\forteManager\bin\I2CDriver.sys -- (LGDDCDevice)
DRV - [2008.01.19 05:55:22 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\irsir.sys -- (irsir)
DRV - [2007.04.17 20:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\regi.sys -- (regi)
DRV - [2004.05.14 11:37:10 | 000,032,896 | ---- | M] (NetGroup - Politecnico di Torino) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\npf.sys -- (NPF)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3761315706-44459061-675875969-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com?o=15161&l=dis
IE - HKU\S-1-5-21-3761315706-44459061-675875969-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fi.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-3761315706-44459061-675875969-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fi
IE - HKU\S-1-5-21-3761315706-44459061-675875969-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 59 2D 93 5E EC 6D CA 01 [binary data]
IE - HKU\S-1-5-21-3761315706-44459061-675875969-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
[color=#E56717]========== FireFox ==========[/color]
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "BS Player Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://www3.iamwired.net/websearch.php?src=tops&search="
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Torrents.to"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.fi/"
FF - prefs.js..extensions.enabledItems: {80155943-b083-a2cf-0350-54d3b1be1609}:4.6.6.4
FF - prefs.js..keyword.URL: ""
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - HKLM\software\mozilla\Firefox\Extensions\\FFToolbar@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2010\bdaphffext\ [2010.03.06 10:33:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\litmus-ff@f-secure.com: C:\Program Files\Sonera\Sonera Tietoturva\NRS\litmus-ff@f-secure.com [2010.03.06 10:23:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.03.11 10:51:52 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.03.11 10:56:18 | 000,000,000 | ---D | M]
[2009.12.23 03:15:53 | 000,000,000 | ---D | M] -- C:\Users\Sini\AppData\Roaming\mozilla\Extensions
[2009.12.23 03:15:53 | 000,000,000 | ---D | M] -- C:\Users\Sini\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org
[2010.03.11 17:24:40 | 000,000,000 | ---D | M] -- C:\Users\Sini\AppData\Roaming\mozilla\Firefox\Profiles\k20tmfqy.default\extensions
[2010.01.23 17:01:58 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Sini\AppData\Roaming\mozilla\Firefox\Profiles\k20tmfqy.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2009.12.24 14:49:06 | 000,000,000 | ---D | M] (Fasterfox) -- C:\Users\Sini\AppData\Roaming\mozilla\Firefox\Profiles\k20tmfqy.default\extensions\{c36177c0-224a-11da-8cd6-0800200c9a91}
[2010.01.23 17:01:58 | 000,000,000 | ---D | M] (FoxTab) -- C:\Users\Sini\AppData\Roaming\mozilla\Firefox\Profiles\k20tmfqy.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
[2010.01.27 23:30:56 | 000,000,000 | ---D | M] -- C:\Users\Sini\AppData\Roaming\mozilla\Firefox\Profiles\k20tmfqy.default\extensions\fsonlinescanner@f-secure.com
[2010.01.23 17:01:58 | 000,000,000 | ---D | M] -- C:\Users\Sini\AppData\Roaming\mozilla\Firefox\Profiles\k20tmfqy.default\extensions\personas@christopher.beard
[2010.03.11 17:18:44 | 000,002,257 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\Mozilla\FireFox\Profiles\k20tmfqy.default\searchplugins\askcom.xml
[2009.12.24 20:57:14 | 000,002,367 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\Mozilla\FireFox\Profiles\k20tmfqy.default\searchplugins\photobucket.xml
[2010.03.09 17:57:08 | 000,000,261 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\Mozilla\FireFox\Profiles\k20tmfqy.default\searchplugins\Search.xml
[2009.12.02 18:49:43 | 000,000,897 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\Mozilla\FireFox\Profiles\k20tmfqy.default\searchplugins\torrentsto.xml
[2010.01.22 19:04:02 | 000,001,713 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\Mozilla\FireFox\Profiles\k20tmfqy.default\searchplugins\youtube-video-search.xml
[2010.03.11 17:19:18 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.03.09 18:35:10 | 000,000,000 | ---D | M] (LoudMo Contextual Ad Assistant) -- C:\Program Files\Mozilla Firefox\extensions\{80155943-b083-a2cf-0350-54d3b1be1609}
[2010.01.16 03:19:09 | 000,002,062 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bookplus-fi.xml
[2010.01.16 03:19:09 | 000,001,069 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons-fi.xml
[2010.01.16 03:19:09 | 000,002,677 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\huuto-fi.xml
[2010.01.16 03:19:09 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fi.xml
[2010.01.16 03:19:09 | 000,000,796 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-fi.xml
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Browsing Protection Class) - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files\Sonera\Sonera Tietoturva\NRS\iescript\BaseLitmus.dll (F-Secure Corporation)
O2 - BHO: (gwprimawega) - {da9e5a55-a1a2-1b97-026f-b233372fee2e} - C:\Windows\System32\p0_aPIH.dll ()
O3 - HKLM\..\Toolbar: (Browsing Protection Toolbar) - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files\Sonera\Sonera Tietoturva\NRS\iescript\BaseLitmus.dll (F-Secure Corporation)
O3 - HKU\S-1-5-21-3761315706-44459061-675875969-1001\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [CmPCIaudio] File not found
O4 - HKLM..\Run: [F-Secure Manager] C:\Program Files\Sonera\Sonera Tietoturva\Common\FSM32.EXE (F-Secure Corporation)
O4 - HKLM..\Run: [F-Secure TNB] C:\Program Files\Sonera\Sonera Tietoturva\FSGUI\TNBUtil.exe (F-Secure Corporation)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKU\.DEFAULT..\Run: [cbssreg] C:\Windows\TEMP\nytf.tmp\svchost.exe File not found
O4 - HKU\S-1-5-18..\Run: [cbssreg] C:\Windows\TEMP\nytf.tmp\svchost.exe File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe File not found
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe File not found
O4 - HKU\S-1-5-21-3761315706-44459061-675875969-1001..\Run: [FileHippo.com] C:\Program Files\FileHippo.com\UpdateChecker.exe (FileHippo.com)
O4 - HKU\S-1-5-21-3761315706-44459061-675875969-1001..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Sini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe (Lime Wire, LLC)
O4 - Startup: C:\Users\Sini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\update.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-3761315706-44459061-675875969-1001\..Trusted Domains: corel.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-3761315706-44459061-675875969-1001\..Trusted Domains: corel.com ([www] * in Trusted sites)
O15 - HKU\S-1-5-21-3761315706-44459061-675875969-1001\..Trusted Domains: intervideo.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-3761315706-44459061-675875969-1001\..Trusted Domains: intervideo.com ([www] * in Trusted sites)
O16 - DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} http://srtest-cdn.systemrequirementslab....eqlabdetect.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstal...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstal...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstal...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/software...15111/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKU\S-1-5-21-3761315706-44459061-675875969-1001 Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-3761315706-44459061-675875969-1001 Winlogon: Shell - (C:\Users\Sini\AppData\Roaming\ufxw.exe) - C:\Users\Sini\AppData\Roaming\ufxw.exe File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\I\Shell - "" = AutoRun
O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\Autorun.exe -- File not found
O33 - MountPoints2\J\Shell - "" = AutoRun
O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\Autorun.exe -- File not found
O33 - MountPoints2\K\Shell - "" = AutoRun
O34 - HKLM BootExecute: (autocheck autochk /r \??\F:) - File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (sasnative32) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2010.03.11 17:47:34 | 000,554,496 | ---- | C] (OldTimer Tools) -- C:\Users\Sini\Desktop\OTL.exe
[2010.03.10 16:49:11 | 000,000,000 | ---D | C] -- C:\Users\Sini\Tracing
[2010.03.09 20:58:43 | 000,705,536 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\cohelper.dll
[2010.03.09 19:14:02 | 002,622,496 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkHDMI.dll
[2010.03.09 19:14:02 | 000,355,528 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32H.dll
[2010.03.09 19:14:02 | 000,183,584 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RtHDMIV.sys
[2010.03.09 19:14:02 | 000,073,928 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32H.dll
[2010.03.09 19:14:01 | 000,168,648 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32H.dll
[2010.03.09 19:14:01 | 000,062,664 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32H.dll
[2010.03.09 19:14:00 | 001,640,480 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RHDMIExt.dll
[2010.03.09 19:14:00 | 000,293,600 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RH3DHT32.dll
[2010.03.09 19:14:00 | 000,293,600 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RH3DAA32.dll
[2010.03.09 19:14:00 | 000,057,376 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RHCoInst.dll
[2010.03.09 19:14:00 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2010.03.09 19:13:52 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp
[2010.03.09 19:11:56 | 000,000,000 | ---D | C] -- C:\SMU
[2010.03.09 19:11:56 | 000,000,000 | ---D | C] -- C:\SMBUS
[2010.03.09 19:11:54 | 000,000,000 | ---D | C] -- C:\IDE
[2010.03.09 19:11:54 | 000,000,000 | ---D | C] -- C:\Ethernet
[2010.03.09 17:27:11 | 000,000,000 | ---D | C] -- C:\Users\Sini\Documents\DriverGenius
[2010.03.09 17:03:19 | 000,000,000 | ---D | C] -- C:\Program Files\Driver-Soft
[2010.03.09 07:09:41 | 003,955,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010.03.09 07:09:41 | 003,899,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010.03.08 20:27:42 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010.03.08 17:22:58 | 000,000,000 | ---D | C] -- C:\Program Files\TrendMicro
[2010.03.08 04:51:36 | 000,000,000 | ---D | C] -- C:\SDFix
[2010.03.08 04:50:41 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
[2010.03.08 04:47:05 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2010.03.07 19:54:36 | 000,000,000 | ---D | C] -- C:\Users\Sini\AppData\Local\Stay Secure
[2010.03.07 16:43:44 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[2010.03.07 16:37:07 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.03.07 16:37:06 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.03.07 16:37:06 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.03.06 10:31:35 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010.03.06 10:24:13 | 000,035,680 | ---- | C] (F-Secure Corporation) -- C:\Windows\System32\drivers\fses.sys
[2010.03.06 10:24:08 | 000,572,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcp50.dll
[2010.03.06 10:24:08 | 000,071,040 | ---- | C] (F-Secure Corporation) -- C:\Windows\System32\drivers\fsdfw.sys
[2010.03.06 09:46:08 | 000,000,000 | ---D | C] -- C:\Users\Sini\Documents\My Drivers
[2010.03.05 13:33:38 | 000,000,000 | ---D | C] -- C:\Users\Sini\Documents\Adobe Scripts
[2010.03.05 10:24:58 | 000,016,400 | ---- | C] (Logitech, Inc.) -- C:\Windows\System32\drivers\LNonPnP.sys
[2010.03.05 10:24:41 | 001,581,072 | ---- | C] (Logitech, Inc.) -- C:\Windows\System32\LkmdfCoInst.dll
[2010.03.05 10:24:41 | 000,052,240 | ---- | C] (Logitech, Inc.) -- C:\Windows\System32\LMouFiltCoInst.dll
[2010.03.05 10:24:41 | 000,037,392 | ---- | C] (Logitech, Inc.) -- C:\Windows\System32\drivers\LMouFilt.Sys
[2010.03.05 10:24:40 | 000,035,984 | ---- | C] (Logitech, Inc.) -- C:\Windows\System32\drivers\LHidFilt.Sys
[2010.03.04 15:38:01 | 000,000,000 | ---D | C] -- C:\Program Files\The Sims Resource
[2010.03.04 14:50:34 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010.03.04 14:40:01 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2010.03.03 20:00:17 | 000,274,432 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\Oemdspif.dll
[2010.03.03 20:00:17 | 000,100,352 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\drivers\AtiHdmi.sys
[2010.03.03 20:00:17 | 000,050,176 | ---- | C] (AMD) -- C:\Windows\System32\coinst.dll
[2010.03.03 20:00:17 | 000,027,136 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiuxpag.dll
[2010.03.03 20:00:16 | 000,020,480 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiu9pag.dll
[2010.03.03 20:00:15 | 000,356,352 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\atipdlxx.dll
[2010.03.03 20:00:15 | 000,159,744 | ---- | C] (AMD) -- C:\Windows\System32\atitmmxx.dll
[2010.03.03 20:00:12 | 014,147,072 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atioglxx.dll
[2010.03.03 20:00:07 | 005,313,536 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\atipmdag.sys
[2010.03.03 20:00:07 | 005,313,536 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\atikmdag.sys
[2010.03.03 20:00:07 | 000,150,016 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\drivers\atikmpag.sys
[2010.03.03 20:00:07 | 000,052,224 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atimpc32.dll
[2010.03.03 20:00:07 | 000,052,224 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\amdpcom32.dll
[2010.03.03 20:00:07 | 000,011,776 | ---- | C] (AMD) -- C:\Windows\System32\atimuixx.dll
[2010.03.03 20:00:06 | 000,446,464 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIDEMGX.dll
[2010.03.03 20:00:06 | 000,014,848 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atigktxx.dll
[2010.03.03 20:00:06 | 000,012,800 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiglpxx.dll
[2010.03.03 20:00:05 | 003,649,536 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticaldd.dll
[2010.03.03 20:00:05 | 000,426,496 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\System32\aticfx32.dll
[2010.03.03 20:00:05 | 000,143,360 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiapfxx.exe
[2010.03.03 20:00:05 | 000,053,248 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalrt.dll
[2010.03.03 20:00:05 | 000,053,248 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalcl.dll
[2010.03.03 20:00:04 | 000,053,248 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\ati2erec.dll
[2010.03.03 20:00:04 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\ati2edxx.dll
[2010.03.03 12:59:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Protexis
[2010.03.03 12:58:53 | 000,000,000 | ---D | C] -- C:\Program Files\Corel
[2010.03.03 11:22:44 | 000,000,000 | ---D | C] -- C:\KU990
[2010.03.03 11:19:08 | 000,000,000 | ---D | C] -- C:\LG_USB
[2010.03.03 11:15:35 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml4a.dll
[2010.03.03 11:15:16 | 000,000,000 | ---D | C] -- C:\ProgramData\LGMOBILEAX
[2010.03.03 10:34:51 | 000,055,824 | ---- | C] (Logitech, Inc.) -- C:\Windows\KHALMNPR.Exe
[2010.03.03 10:18:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2010.03.03 10:05:37 | 000,030,024 | ---- | C] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll
[2010.03.03 10:05:37 | 000,021,320 | ---- | C] (TuneUp Software) -- C:\Windows\System32\authuitu.dll
[2010.03.03 10:01:40 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2010.03.03 10:01:37 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2010.03.03 10:01:37 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2010.03.03 10:01:37 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2010.03.03 10:01:33 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll
[2010.03.03 10:01:33 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2010.03.03 10:01:33 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll
[2010.03.03 10:01:33 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2010.03.03 10:01:31 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2010.03.03 10:01:31 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2010.03.03 10:01:31 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2010.03.03 10:01:31 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2010.03.03 10:01:31 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2010.03.03 10:01:31 | 000,277,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2010.03.03 10:01:31 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2010.03.03 10:01:31 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2010.03.03 10:01:29 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010.02.09 23:30:57 | 000,000,000 | ---D | C] -- C:\Users\Sini\AppData\Roaming\InstallShield
[2010.02.09 23:23:07 | 000,000,000 | -H-D | C] -- C:\LG3G
[2010.02.09 23:20:23 | 000,000,000 | ---D | C] -- C:\lgupload
[2010.02.09 23:00:14 | 000,024,960 | ---- | C] (LG Electronics Inc.) -- C:\Windows\System32\drivers\lgusbmodem.sys
[2010.02.09 23:00:14 | 000,020,864 | ---- | C] (LG Electronics Inc.) -- C:\Windows\System32\drivers\lgusbdiag.sys
[2010.02.09 23:00:14 | 000,013,056 | ---- | C] (LG Electronics Inc.) -- C:\Windows\System32\drivers\lgusbbus.sys
[2010.02.09 23:00:13 | 000,000,000 | ---D | C] -- C:\Program Files\LG Electronics
[2010.02.09 22:58:49 | 000,000,000 | ---D | C] -- C:\Program Files\LG PC Suite 2
[2010.02.09 22:05:04 | 000,000,000 | ---D | C] -- C:\Windows\pss
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2010.03.11 17:51:09 | 003,670,016 | ---- | M] () -- C:\Users\Sini\ntuser.dat
[2010.03.11 17:47:34 | 000,554,496 | ---- | M] (OldTimer Tools) -- C:\Users\Sini\Desktop\OTL.exe
[2010.03.11 17:32:18 | 000,014,608 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.03.11 17:32:18 | 000,014,608 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.03.11 17:22:50 | 000,000,975 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.03.11 10:53:23 | 000,001,815 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk
[2010.03.11 10:06:52 | 000,000,574 | ---- | M] () -- C:\Windows\tasks\Scheduled scanning task.job
[2010.03.11 10:06:24 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.03.11 10:06:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.03.10 23:48:17 | 001,144,078 | -H-- | M] () -- C:\Users\Sini\AppData\Local\IconCache.db
[2010.03.10 18:33:27 | 000,000,466 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_021.cplist
[2010.03.10 18:33:24 | 000,002,516 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys
[2010.03.10 18:27:55 | 000,000,466 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_020.cplist
[2010.03.10 17:18:06 | 000,000,480 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_019.cplist
[2010.03.10 17:07:51 | 000,000,466 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_018.cplist
[2010.03.10 16:48:16 | 000,000,522 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_017.cplist
[2010.03.10 16:39:45 | 437,169,378 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010.03.10 16:16:42 | 000,021,584 | ---- | M] () -- C:\Windows\System32\drivers\atapi.sys
[2010.03.09 21:01:02 | 001,243,400 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.03.09 21:01:02 | 000,616,736 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.03.09 21:01:02 | 000,442,586 | ---- | M] () -- C:\Windows\System32\perfh00B.dat
[2010.03.09 21:01:02 | 000,107,828 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.03.09 21:01:02 | 000,083,000 | ---- | M] () -- C:\Windows\System32\perfc00B.dat
[2010.03.09 19:14:17 | 000,000,246 | ---- | M] () -- C:\Windows\Cmicnfg3.ini.cfl
[2010.03.09 19:14:17 | 000,000,168 | ---- | M] () -- C:\Windows\Cmicnfg3.ini.imi
[2010.03.09 19:14:17 | 000,000,136 | ---- | M] () -- C:\Windows\System\Dlap.pfx
[2010.03.09 19:13:35 | 000,000,107 | ---- | M] () -- C:\Windows\System\Cmicnfg3.ini
[2010.03.09 18:35:11 | 000,118,375 | ---- | M] () -- C:\Windows\System32\MSF_RIUNyS3.exe
[2010.03.09 17:58:41 | 002,760,844 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\update.exe
[2010.03.08 23:34:07 | 000,196,608 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2010.03.08 23:33:56 | 000,524,288 | -HS- | M] () -- C:\Users\Sini\ntuser.dat{d4828c67-2ac3-11df-9e1b-001966bb5e2b}.TMContainer00000000000000000002.regtrans-ms
[2010.03.08 23:33:56 | 000,524,288 | -HS- | M] () -- C:\Users\Sini\ntuser.dat{d4828c67-2ac3-11df-9e1b-001966bb5e2b}.TMContainer00000000000000000001.regtrans-ms
[2010.03.08 23:33:56 | 000,065,536 | -HS- | M] () -- C:\Users\Sini\ntuser.dat{d4828c67-2ac3-11df-9e1b-001966bb5e2b}.TM.blf
[2010.03.07 20:12:07 | 000,000,514 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_016.cplist
[2010.03.07 20:11:41 | 000,000,498 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_015.cplist
[2010.03.07 19:54:33 | 000,000,562 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_014.cplist
[2010.03.07 16:18:57 | 000,000,466 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_013.cplist
[2010.03.07 15:15:38 | 000,000,490 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_012.cplist
[2010.03.07 10:49:53 | 000,000,486 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_011.cplist
[2010.03.07 10:49:13 | 000,000,514 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_010.cplist
[2010.03.06 22:12:01 | 000,000,582 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_009.cplist
[2010.03.06 22:10:45 | 000,000,452 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_008.cplist
[2010.03.06 22:09:53 | 000,000,582 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_007.cplist
[2010.03.06 22:08:50 | 000,000,510 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_006.cplist
[2010.03.06 20:32:44 | 000,000,498 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_005.cplist
[2010.03.06 18:00:35 | 000,000,564 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_004.cplist
[2010.03.06 13:05:40 | 000,000,522 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_003.cplist
[2010.03.06 10:44:37 | 000,016,400 | ---- | M] (Logitech, Inc.) -- C:\Windows\System32\drivers\LNonPnP.sys
[2010.03.06 10:37:16 | 000,033,920 | ---- | M] () -- C:\Windows\System32\drivers\fsbts.sys
[2010.03.06 10:31:37 | 000,000,052 | ---- | M] () -- C:\Windows\System32\ashttpstats.csv
[2010.03.05 17:29:59 | 000,000,496 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_002.cplist
[2010.03.05 17:07:49 | 000,000,562 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_001.cplist
[2010.03.04 10:06:23 | 002,353,664 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\phar_unmip.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\phar_histprot.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_video.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_webproxy.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_tabloids.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_socialnetworks.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_searchengines.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_regionaltlds.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_pornography.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_onlineshop.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_onlinepay.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_onlinedating.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_news.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_im.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_illegal.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_hate.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_games.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_gambling.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_drugs.dat
[2010.03.03 12:59:57 | 000,115,248 | ---- | M] () -- C:\Users\Sini\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.03.03 12:06:44 | 000,000,025 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\bdfvconp.ini
[2010.03.03 11:15:58 | 000,002,412 | ---- | M] () -- C:\Windows\System32\lgAxconfig.ini
[2010.03.03 10:42:16 | 000,000,132 | ---- | M] () -- C:\Windows\System32\rezumatenoi.dat
[2010.03.03 10:38:08 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
[2010.03.03 10:18:28 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcp71.dll
[2010.03.03 10:18:28 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcr71.dll
[2010.03.03 09:58:58 | 000,008,284 | ---- | M] () -- C:\Windows\System32\eps_icon.avi
[2010.02.25 12:03:02 | 000,030,536 | ---- | M] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe
[2010.02.25 11:56:16 | 000,021,320 | ---- | M] (TuneUp Software) -- C:\Windows\System32\authuitu.dll
[2010.02.25 11:56:02 | 000,030,024 | ---- | M] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll
[2010.02.24 09:16:06 | 000,181,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010.02.20 17:07:24 | 000,278,984 | ---- | M] () -- C:\Windows\System32\drivers\atksgt.sys
[2010.02.20 17:06:41 | 000,025,416 | ---- | M] () -- C:\Windows\System32\drivers\lirsgt.sys
[2010.02.18 13:42:24 | 001,290,240 | ---- | M] () -- C:\Windows\System32\p0_aPIH.dll
[2010.02.11 09:10:14 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2010.03.11 17:22:50 | 000,000,975 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.03.11 10:53:23 | 000,001,815 | ---- | C] () -- C:\Users\Sini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk
[2010.03.10 18:33:27 | 000,000,466 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_021.cplist
[2010.03.10 18:27:55 | 000,000,466 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_020.cplist
[2010.03.10 17:14:46 | 000,000,480 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_019.cplist
[2010.03.10 17:07:51 | 000,000,466 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_018.cplist
[2010.03.10 16:48:16 | 000,000,522 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_017.cplist
[2010.03.09 23:08:45 | 437,169,378 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010.03.09 20:58:43 | 000,006,136 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2010.03.09 17:58:09 | 002,760,844 | ---- | C] () -- C:\Users\Sini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\update.exe
[2010.03.09 17:57:01 | 000,118,375 | ---- | C] () -- C:\Windows\System32\MSF_RIUNyS3.exe
[2010.03.08 17:34:09 | 000,524,288 | -HS- | C] () -- C:\Users\Sini\ntuser.dat{d4828c67-2ac3-11df-9e1b-001966bb5e2b}.TMContainer00000000000000000002.regtrans-ms
[2010.03.08 17:34:09 | 000,524,288 | -HS- | C] () -- C:\Users\Sini\ntuser.dat{d4828c67-2ac3-11df-9e1b-001966bb5e2b}.TMContainer00000000000000000001.regtrans-ms
[2010.03.08 17:34:09 | 000,065,536 | -HS- | C] () -- C:\Users\Sini\ntuser.dat{d4828c67-2ac3-11df-9e1b-001966bb5e2b}.TM.blf
[2010.03.07 20:12:07 | 000,000,514 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_016.cplist
[2010.03.07 20:11:41 | 000,000,498 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_015.cplist
[2010.03.07 19:54:33 | 000,000,562 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_014.cplist
[2010.03.07 15:16:36 | 000,000,466 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_013.cplist
[2010.03.07 15:15:38 | 000,000,490 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_012.cplist
[2010.03.07 10:49:53 | 000,000,486 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_011.cplist
[2010.03.07 10:49:13 | 000,000,514 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_010.cplist
[2010.03.06 22:12:01 | 000,000,582 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_009.cplist
[2010.03.06 22:10:45 | 000,000,452 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_008.cplist
[2010.03.06 22:09:53 | 000,000,582 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_007.cplist
[2010.03.06 22:08:50 | 000,000,510 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_006.cplist
[2010.03.06 20:32:44 | 000,000,498 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_005.cplist
[2010.03.06 18:00:35 | 000,000,564 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_004.cplist
[2010.03.06 13:05:40 | 000,000,522 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_003.cplist
[2010.03.06 10:40:52 | 000,000,574 | ---- | C] () -- C:\Windows\tasks\Scheduled scanning task.job
[2010.03.06 10:24:39 | 000,033,920 | ---- | C] () -- C:\Windows\System32\drivers\fsbts.sys
[2010.03.05 17:29:59 | 000,000,496 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_002.cplist
[2010.03.05 17:07:49 | 000,000,562 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_001.cplist
[2010.03.05 10:32:29 | 000,000,052 | ---- | C] () -- C:\Windows\System32\ashttpstats.csv
[2010.03.03 20:00:16 | 000,491,104 | ---- | C] () -- C:\Windows\System32\atiumdva.cap
[2010.03.03 20:00:15 | 000,001,035 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2010.03.03 20:00:08 | 000,020,274 | ---- | C] () -- C:\Windows\atiogl.xml
[2010.03.03 20:00:06 | 000,198,341 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2010.03.03 20:00:05 | 000,031,240 | ---- | C] () -- C:\Windows\System32\atiapfxx.blb
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\phar_unmip.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\phar_histprot.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_video.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_webproxy.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_tabloids.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_socialnetworks.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_searchengines.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_regionaltlds.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_pornography.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_onlineshop.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_onlinepay.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_onlinedating.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_news.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_im.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_illegal.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_hate.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_games.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_gambling.dat
[2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_drugs.dat
[2010.03.03 12:06:44 | 000,000,025 | ---- | C] () -- C:\Users\Sini\AppData\Roaming\bdfvconp.ini
[2010.03.03 11:15:35 | 000,053,248 | ---- | C] () -- C:\Windows\System32\CommonDL.dll
[2010.03.03 11:15:35 | 000,002,412 | ---- | C] () -- C:\Windows\System32\lgAxconfig.ini
[2010.03.03 10:38:08 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
[2010.02.20 17:06:42 | 000,278,984 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2010.02.20 17:06:41 | 000,025,416 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2010.02.18 13:42:24 | 001,290,240 | ---- | C] () -- C:\Windows\System32\p0_aPIH.dll
[2010.01.20 21:29:05 | 000,000,008 | RHS- | C] () -- C:\ProgramData\DA2827B44C.sys
[2010.01.20 21:29:04 | 000,002,516 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010.01.03 21:04:37 | 000,722,416 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2009.12.26 18:13:11 | 000,151,552 | ---- | C] () -- C:\Windows\System32\nvRegDev.dll
[2009.12.18 20:29:26 | 000,237,568 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2009.12.18 19:47:12 | 000,026,112 | ---- | C] () -- C:\Users\Sini\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.12.03 18:49:16 | 000,007,605 | ---- | C] () -- C:\Users\Sini\AppData\Local\Resmon.ResmonCfg
[2009.12.01 19:03:03 | 000,003,733 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2009.11.26 22:38:15 | 000,008,704 | ---- | C] () -- C:\Windows\System32\CNMVS7I.DLL
[2009.11.26 17:11:39 | 000,000,246 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.cfl
[2009.11.26 17:10:57 | 000,303,104 | ---- | C] () -- C:\Windows\System32\CmiInstallResAll.dll
[2009.11.26 17:10:57 | 000,002,123 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.cfg
[2009.11.26 17:10:57 | 000,000,168 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.imi
[2009.11.26 17:10:56 | 000,002,754 | ---- | C] () -- C:\Windows\cmudax3.ini
[2009.11.25 22:39:58 | 000,000,266 | ---- | C] () -- C:\Windows\lgfwup.ini
[2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.07.14 01:11:15 | 000,021,584 | ---- | C] () -- C:\Windows\System32\drivers\atapi.sys
[2009.06.19 20:06:22 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2006.10.11 05:33:58 | 000,010,288 | ---- | C] () -- C:\Windows\System32\drivers\ASUSHWIO.SYS
[2005.02.25 06:15:00 | 000,159,744 | ---- | C] () -- C:\Windows\System32\EPSPTDV.DLL
[2004.01.15 07:01:26 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll
< End of report >
OTL Extras logfile created on: 11.3.2010 17:49:46 - Run 1
OTL by OldTimer - Version 3.1.36.1 Folder = C:\Users\Sini\Desktop
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 0000040b | Country: Suomi | Language: FIN | Date Format: d.M.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 68,00% Memory free
7,00 Gb Paging File | 6,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 931,51 Gb Total Space | 732,06 Gb Free Space | 78,59% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: SINI-PC
Current User Name: Sini
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
[color=#E56717]========== File Associations ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-3761315706-44459061-675875969-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[color=#E56717]========== Shell Spawning ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[color=#E56717]========== Security Center Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[color=#E56717]========== Authorized Applications List ==========[/color]
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{022F6097-A053-4B1B-BE50-3AADE4116B92}" = Opera 10.50
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0BB72566-0D4C-7200-2CE7-02F298B49C88}" = CCC Help English
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{110AD51E-D0E0-49B1-52FD-291373BA62EA}" = Catalyst Control Center Graphics Full New
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{1B2DBF55-05D4-4072-87D8-689141E262BD}" = Creative ZEN
"{1E99F5D7-4262-4C7C-9135-F066E7485811}" = System Requirements Lab
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20071984-5EB1-4881-8EDB-082532ACEC6D}" = Heroes of Might and Magic V
"{20140000-000F-0000-0000-0000000FF1CE}" = Microsoft Office Mondo 2010 (Beta)
"{20140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010 (Beta)
"{20140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010 (Beta)
"{20140000-0017-0409-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (English) 2010 (Beta)
"{20140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010 (Beta)
"{20140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010 (Beta)
"{20140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010 (Beta)
"{20140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010 (Beta)
"{20140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 (Beta)
"{20140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 (Beta)
"{20140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010 (Beta)
"{20140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010 (Beta)
"{20140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010 (Beta)
"{20140000-0054-0409-0000-0000000FF1CE}" = Microsoft Office Visio MUI (English) 2010 (Beta)
"{20140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010 (Beta)
"{20140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010 (Beta)
"{20140000-00B4-0409-0000-0000000FF1CE}" = Microsoft Office Project MUI (English) 2010 (Beta)
"{20140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010 (Beta)
"{20140000-0102-0409-0000-0000000FF1CE}" = Microsoft Office MondoOnly MUI (English) 2010 (Beta)
"{20140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010 (Beta)
"{20140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010 (Beta)
"{20140000-011A-0000-0000-0000000FF1CE}" = Microsoft Office Send-a-Smile
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Liven lataustyökalu
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{23F79416-CAD1-41BF-99A3-040F6C814AAA}" = NVIDIA Photoshop Plug-ins
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{31557F4F-7D10-D32E-4B70-237A09FCC31B}" = Catalyst Control Center Graphics Previews Common
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3C175604-F026-5D79-BBD8-F626AE10B3EF}" = Catalyst Control Center Graphics Full Existing
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Autodesk Backburner 2008.1
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{4442AB48-DEC4-4B39-B067-1F75BF8017E7}" = Creative Centrale
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{513148E7-B7A1-48B2-B518-668701E546F5}" = LightScribe System Software 1.14.19.1
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{5C1F18D2-F6B7-4242-B803-B5A78648185D}" = Corel WinDVD 2010
"{5DB65884-C963-4454-AABA-4CA3089281FA}" = NVIDIA PhysX
"{6179550A-3E7C-499E-BCC9-9E8113E0A285}" = LG Tool Kit
"{62C2067E-5851-BD4C-98E0-5C4D5E155A5B}" = Catalyst Control Center Core Implementation
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{72736F5F-520D-472A-88CC-7B02872FD34E}" = ATI Catalyst Registration
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{85EB1E72-4FAA-40E4-A511-DF3A9A0A4CA8}" = Windows Live Messenger
"{86604C06-DA30-425E-AECE-47304FE81C45}" = Creative Software Update
"{87BB78C4-F36D-4D93-A7C7-F80F18219848}" = AMD DnD V1.0.19
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{993960EE-CA4D-443F-8F88-E24260DD5FD2}" = LG PC Suite
"{998152E5-B605-4BBB-9853-E749AEE02B21}" = Windows Liven kirjautumisavustaja
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C87F6BB-75E4-4F35-8353-F5E295264E98}" = Windows Live Call
"{9D669429-A2E4-4793-B7A0-283D259F39AF}" = Adobe Photoshop Lightroom 2.5
"{9E1BAB75-EB78-440D-94C0-A3857BE2E733}" = System Requirements Lab
"{A292C05C-840A-9D47-5350-EF39ECC7629E}" = Catalyst Control Center HydraVision Full
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A666A477-4C02-415E-9F31-3541FC0CD6B5}" = SipdxDLL
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{AA2BCB44-B44F-445A-A80C-E6C50218940C}" = Windows Liven asennustyökalu
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.1
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AD17676C-5065-E427-130B-21CE713F93E7}" = Catalyst Control Center Graphics Light
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B970700B-E49F-ECEF-4ADB-0F3E1AFEDE91}" = ccc-core-static
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BC1FFF14-C10D-7087-C43A-4A8ECC9C98C4}" = ATI Catalyst Install Manager
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims? 3
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem Driver
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CF23AFD7-3078-4134-8823-EBF6D1FE6FAD}" = Canon MP450
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{D5395E5F-4D45-4665-8F00-234FA33678AF}" = SlimDX Redistributable (March 2009)
"{DA6FAB8D-E87A-4E8E-A3D3-B7B9F479C725}" = forteManager
"{E2E7A0E8-77C4-495F-8FA3-63DAEDAA2DB3}" = F-Secure PSC Prerequisites
"{E2F29FCA-126F-48DF-A9B5-BEBE8F0F1610}" = CreativeSetup
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{E542E630-8BB7-4C28-B8EB-0BAD2B201C65}" = Audio Track Editor
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F439D7AF-03F3-4F8E-AEC4-571BFE977C61}" = iTunes
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{F9726DDC-D7B5-BF1F-5626-EA467FEEBC52}" = ccc-utility
"{F9F13FEA-D51E-A1C3-4EDC-D04A91B62C93}" = Catalyst Control Center Graphics Previews Vista
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FE3997D3-6B56-4AC4-A99C-9DDFC45359BF}" = TuneUp Utilities Language Pack (en-US)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"ADSL Router Utility" = ADSL Router Utility
"Akamai" = Akamai NetSession Interface
"CCleaner" = CCleaner
"C-Media PCI Audio Driver" = C-Media PCI Audio Device
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Creative Centrale" = Creative Centrale
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Defraggler" = Defraggler
"Driver Genius Professional Edition_is1" = Driver Genius Professional Edition
"EADM" = EA Download Manager
"FileHippo.com" = FileHippo.com Update Checker
"F-Secure Product 444" = Sonera Tietoturva
"HijackThis" = HijackThis 2.0.2
"InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"LastFM_is1" = Last.fm 1.5.4.24567
"LimeWire" = LimeWire 5.5.5
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.6)" = Mozilla Firefox (3.6)
"MSF_RIUNyS3" = LoudMo Contextual Ad Assistant
"NVIDIA Drivers" = NVIDIA Drivers
"Office14.MONDO" = Microsoft Office Mondo 2010
"PowerISO" = PowerISO
"Sonera Internet Avustaja_is1" = Sonera Internet Avustaja
"Spotify" = Spotify
"SysInfo" = Creative System Information
"TS3 Install Helper Monkey" = TS3 Install Helper Monkey
"TuneUp Utilities" = TuneUp Utilities
"Uninstall_is1" = Uninstall 1.0.0.1
"uTorrent" = µTorrent
"WinLiveSuite_Wave3" = Windows Liven asennustyökalu
"WinPcapInst" = WinPcap 3.1 beta3
"WinRAR archiver" = WinRAR archiver
"VLC media player" = VLC media player 1.0.3
[color=#E56717]========== Last 10 Event Log Errors ==========[/color]
[ Application Events ]
Error - 10.3.2010 10:40:05 | Computer Name = Sini-PC | Source = FSecure-FSecure-F-Secure DeepGuard | ID = 103
Description = 1 2010-03-10 16:40:05+03:00 SINI-PC SYSTEM F-Secure DeepGuard
DeepGuard configuration was rejected. Old configuration will be used if possible.
Error code: DAAS reject
Error - 10.3.2010 10:52:02 | Computer Name = Sini-PC | Source = FSecure-FSecure-F-Secure DeepGuard | ID = 103
Description = 1 2010-03-10 16:52:02+03:00 SINI-PC SYSTEM F-Secure DeepGuard
DeepGuard configuration was rejected. Old configuration will be used if possible.
Error code: DAAS reject
Error - 10.3.2010 14:39:39 | Computer Name = Sini-PC | Source = Application Error | ID = 1000
Description = Viallisen sovelluksen nimi: IEXPLORE.EXE, versio: 8.0.7600.16385,
aikaleima: 0x4a5bc69e Viallisen moduulin nimi: ntdll.dll, versio: 6.1.7600.16385,
aikaleima: 0x4a5bdadb Poikkeuskoodi: 0xc0000005 Virhepoikkeama: 0x00046b90 Viallisen
prosessin tunnus: 0xee8 Viallisen sovelluksen käynnistysaika: 0x01cac080c4a06724
Viallisen
sovelluksen polku: C:\Program Files\Internet Explorer\IEXPLORE.EXE Viallisen moduulin
polku: C:\Windows\SYSTEM32\ntdll.dll Raportin tunnus: 4873d423-2c74-11df-a210-001966bb5e2b
Error - 10.3.2010 15:02:09 | Computer Name = Sini-PC | Source = Application Error | ID = 1000
Description = Viallisen sovelluksen nimi: iexplore.exe, versio: 8.0.7600.16385,
aikaleima: 0x4a5bc69e Viallisen moduulin nimi: ntdll.dll, versio: 6.1.7600.16385,
aikaleima: 0x4a5bdadb Poikkeuskoodi: 0xc0000005 Virhepoikkeama: 0x00046b90 Viallisen
prosessin tunnus: 0xdd0 Viallisen sovelluksen käynnistysaika: 0x01cac0841fbdf149
Viallisen
sovelluksen polku: C:\Program Files\Internet Explorer\iexplore.exe Viallisen moduulin
polku: C:\Windows\SYSTEM32\ntdll.dll Raportin tunnus: 6cfac2e4-2c77-11df-a210-001966bb5e2b
Error - 10.3.2010 15:20:08 | Computer Name = Sini-PC | Source = Application Error | ID = 1000
Description = Viallisen sovelluksen nimi: iexplore.exe, versio: 8.0.7600.16385,
aikaleima: 0x4a5bc69e Viallisen moduulin nimi: ntdll.dll, versio: 6.1.7600.16385,
aikaleima: 0x4a5bdadb Poikkeuskoodi: 0xc0000005 Virhepoikkeama: 0x00046b90 Viallisen
prosessin tunnus: 0xecc Viallisen sovelluksen käynnistysaika: 0x01cac0869d47617f
Viallisen
sovelluksen polku: C:\Program Files\Internet Explorer\iexplore.exe Viallisen moduulin
polku: C:\Windows\SYSTEM32\ntdll.dll Raportin tunnus: f03d4823-2c79-11df-a210-001966bb5e2b
Error - 10.3.2010 16:04:02 | Computer Name = Sini-PC | Source = Application Error | ID = 1000
Description = Viallisen sovelluksen nimi: iexplore.exe, versio: 8.0.7600.16385,
aikaleima: 0x4a5bc69e Viallisen moduulin nimi: ntdll.dll, versio: 6.1.7600.16385,
aikaleima: 0x4a5bdadb Poikkeuskoodi: 0xc0000005 Virhepoikkeama: 0x00046b90 Viallisen
prosessin tunnus: 0x1214 Viallisen sovelluksen käynnistysaika: 0x01cac08cbde8fc58
Viallisen
sovelluksen polku: C:\Program Files\Internet Explorer\iexplore.exe Viallisen moduulin
polku: C:\Windows\SYSTEM32\ntdll.dll Raportin tunnus: 11dd8c29-2c80-11df-a210-001966bb5e2b
Error - 11.3.2010 4:06:42 | Computer Name = Sini-PC | Source = FSecure-FSecure-F-Secure DeepGuard | ID = 103
Description = 1 2010-03-11 10:06:42+03:00 SINI-PC SYSTEM F-Secure DeepGuard
DeepGuard configuration was rejected. Old configuration will be used if possible.
Error code: DAAS reject
Error - 11.3.2010 5:16:36 | Computer Name = Sini-PC | Source = SideBySide | ID = 16842815
Description = Aktivointikontekstin luonti epäonnistui (c:\Program Files\Common Files\Adobe
AIR\Versions\1.0\Adobe AIR.dll). Virhe luettelo- tai käytäntötiedoston c:\Program
Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll rivillä 3. Määritteen version
arvo (MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR) ei kelpaa
elementissä assemblyIdentity.
Error - 11.3.2010 11:24:57 | Computer Name = Sini-PC | Source = FSecure-FSecure-F-Secure Anti-Virus | ID = 103
Description = 2 2010-03-11 17:24:56+03:00 SINI-PC Sini-PC\Sini F-Secure Anti-Virus
Malicious code found in file C:\Windows\System32\sshnas21.dll. Infection: Trojan.Generic.3313565
Error - 11.3.2010 11:46:26 | Computer Name = Sini-PC | Source = Application Error | ID = 1000
Description = Viallisen sovelluksen nimi: mbam.exe, versio: 1.44.0.0, aikaleima:
0x4b46461a Viallisen moduulin nimi: ntdll.dll, versio: 6.1.7600.16385, aikaleima:
0x4a5bdadb Poikkeuskoodi: 0xc0000005 Virhepoikkeama: 0x0005c74a Viallisen prosessin
tunnus: 0x6a0 Viallisen sovelluksen käynnistysaika: 0x01cac12ecd93b5f4 Viallisen
sovelluksen polku: C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe Viallisen
moduulin polku: C:\Windows\SYSTEM32\ntdll.dll Raportin tunnus: 3fd4557a-2d25-11df-99ba-001966bb5e2b
[ Media Center Events ]
Error - 19.2.2010 7:06:41 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
Description = 13:06:39 - Virhe muodostettaessa Internet-yhteyttä. 13:06:40 -
Yhteyden muodostaminen palvelimeen ei onnistu..
Error - 19.2.2010 7:11:14 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
Description = 13:07:14 - Virhe muodostettaessa Internet-yhteyttä. 13:07:14 -
Yhteyden muodostaminen palvelimeen ei onnistu..
Error - 20.2.2010 10:48:31 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
Description = 16:48:31 - Virhe muodostettaessa Internet-yhteyttä. 16:48:31 -
Yhteyden muodostaminen palvelimeen ei onnistu..
Error - 20.2.2010 10:49:04 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
Description = 16:49:01 - Virhe muodostettaessa Internet-yhteyttä. 16:49:01 -
Yhteyden muodostaminen palvelimeen ei onnistu..
Error - 21.2.2010 11:00:55 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
Description = 17:00:55 - Virhe muodostettaessa Internet-yhteyttä. 17:00:55 -
Yhteyden muodostaminen palvelimeen ei onnistu..
Error - 21.2.2010 11:01:04 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
Description = 17:01:00 - Virhe muodostettaessa Internet-yhteyttä. 17:01:00 -
Yhteyden muodostaminen palvelimeen ei onnistu..
Error - 23.2.2010 1:22:28 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
Description = 7:22:28 - Virhe muodostettaessa Internet-yhteyttä. 7:22:28 - Yhteyden
muodostaminen palvelimeen ei onnistu..
Error - 23.2.2010 1:22:38 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
Description = 7:22:33 - Virhe muodostettaessa Internet-yhteyttä. 7:22:33 - Yhteyden
muodostaminen palvelimeen ei onnistu..
Error - 2.3.2010 5:43:49 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
Description = 11:43:49 - Virhe muodostettaessa Internet-yhteyttä. 11:43:49 -
Yhteyden muodostaminen palvelimeen ei onnistu..
Error - 2.3.2010 5:43:58 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
Description = 11:43:55 - Virhe muodostettaessa Internet-yhteyttä. 11:43:55 -
Yhteyden muodostaminen palvelimeen ei onnistu..
[ System Events ]
Error - 16.1.2010 10:26:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7031
Description = Palvelu Käyttäjäprofiilipalvelu on päättynyt odottamatta. Tämä on
tapahtunut 1 kertaa. 120000 millisekunnin kuluttua suoritetaan seuraava korjaustoimi:
Käynnistä palvelu uudelleen.
Error - 16.1.2010 10:26:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7031
Description = Palvelu Tehtävien ajoitus on päättynyt odottamatta. Tämä on tapahtunut
1 kertaa. 60000 millisekunnin kuluttua suoritetaan seuraava korjaustoimi: Käynnistä
palvelu uudelleen.
Error - 16.1.2010 10:26:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7031
Description = Palvelu Järjestelmätapahtumien ilmoituspalvelu on päättynyt odottamatta.
Tämä on tapahtunut 1 kertaa. 120000 millisekunnin kuluttua suoritetaan seuraava
korjaustoimi: Käynnistä palvelu uudelleen.
Error - 16.1.2010 10:26:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7031
Description = Palvelu Käyttöliittymän laitteistotunnistus on päättynyt odottamatta.
Tämä on tapahtunut 1 kertaa. 60000 millisekunnin kuluttua suoritetaan seuraava
korjaustoimi: Käynnistä palvelu uudelleen.
Error - 16.1.2010 10:26:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7031
Description = Palvelu Teemat on päättynyt odottamatta. Tämä on tapahtunut 1 kertaa.
60000 millisekunnin kuluttua suoritetaan seuraava korjaustoimi: Käynnistä palvelu
uudelleen.
Error - 16.1.2010 10:26:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7031
Description = Palvelu WMI-palvelu (Windows Management Instrumentation) on päättynyt
odottamatta. Tämä on tapahtunut 1 kertaa. 120000 millisekunnin kuluttua suoritetaan
seuraava korjaustoimi: Käynnistä palvelu uudelleen.
Error - 16.1.2010 10:26:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7031
Description = Palvelu Windows Update on päättynyt odottamatta. Tämä on tapahtunut
1 kertaa. 60000 millisekunnin kuluttua suoritetaan seuraava korjaustoimi: Käynnistä
palvelu uudelleen.
Error - 16.1.2010 10:27:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7032
Description = Palvelujen ohjauksen hallinta yritti suorittaa korjaustoimia (Käynnistä
palvelu uudelleen) palvelun Palvelin odottamattoman lopettamisen jälkeen. Yritys
epäonnistui ja tapahtui virhe: %%1056
Error - 16.1.2010 10:28:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7032
Description = Palvelujen ohjauksen hallinta yritti suorittaa korjaustoimia (Käynnistä
palvelu uudelleen) palvelun Tietokoneiden selaus odottamattoman lopettamisen jälkeen.
Yritys epäonnistui ja tapahtui virhe: %%1056
Error - 16.1.2010 10:28:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7032
Description = Palvelujen ohjauksen hallinta yritti suorittaa korjaustoimia (Käynnistä
palvelu uudelleen) palvelun WMI-palvelu (Windows Management Instrumentation) odottamattoman
lopettamisen jälkeen. Yritys epäonnistui ja tapahtui virhe: %%1056
< End of report >
|
|
warwas
Suspended permanently
|
11. maaliskuuta 2010 @ 19:56 |
Linkki tähän viestiin
|
Kokeile ekaksi:
Lataa Combofix mistä tahansa alapuolella olevasta linkistä. Sinun täytyy uudelleennimetä se ennen tallennusta. Tallenna
se työpöydällesi.
Linkki 1
Linkki 2
Linkki 3
--------------------------------------------------------- -----------
Tuplaklikkaa Combo-Fix.exe-tiedostoa ja seuraa ohjeita.
Kun työkalu on valmis, se tuottaa lokin, C:\ComboFix.txt . Lähetä tämä loki viestiketjuusi uuden HijackThis-lokin kera.
Huom! Älä klikkaile combofixin ikkunaa käytön aikana. Tämä saattaa aiheuttaa ohjelman jumiutumisen
Nonni, päästään LiveLinuxiin :D
Pitäis nytten ladata ja polttaa LiveLinux DVD/CD-Levylle
Lataa Ubuntun LiveLinux
http://www.ubuntu.com/getubuntu/download
Polta se levylle.
Ekaksi hae Seiskan Haulla Atapi -tiedostoa
http://windows.microsoft.com/fi-FI/windows7/Find-a-file-or-folder
Katso missä se sijaitsee ja kirjoita polku ylös muistiin(itsellä on DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81
)
Printtaa taikka ota seuraavat ohjeet ylös talteen
Boottijärjestyksen muuttaminen:
Sammuta ja käynnistä tietokone, kun käynnistyy näpyttele DEL -näppäintä jolloin pääset vaihtamaan BIOSSista boottijärjestyksen jollei se suoraan boottaa polttamaltasi levyltä, valitse sieltä dvd-asemasi.
Kun pääset Linuxiin niin poista tummennetut tiedostot
C:\Windows\TEMP\nytf.tmp\svchost.exe
C:\Users\Sini\AppData\Roaming\ufxw.exe
C:\Windows\System32\MSF_RIUNyS3.exe
C:\Users\Sini\AppData\Local\Temp\Qtr.exe
C:\Windows\msa.exe
C:\Windows\System32\Drivers\spnq.sys
Hae etsimäsi puhdas atapi.sys ja laita se saastuneeen
c:\windows\system32\drivers\atapi.sys tilalle
Sammuta ja mene windowssiin, skannaa Mbam:lla sekä lähetä sen loki.
Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 11. maaliskuuta 2010 @ 20:28
|
Member
1 tuotearvio
|
12. maaliskuuta 2010 @ 15:22 |
Linkki tähän viestiin
|
|
poistaako tämä kaikki koneela olevat softat, kuvat, musat ym...?
|
|
warwas
Suspended permanently
|
12. maaliskuuta 2010 @ 16:54 |
Linkki tähän viestiin
|
|
Combo ei poista muuta kuin haitallisia tiedostoja, mutta nyt kun seiska kyseessä ei ole varmaa toimiiko se edes, koklataan sitä ekaksi kuin tuota monimutkaisempaa linux-ohjetta.
Eli kokeile ekaksi pelkkää comboa, sitten jollei toimi niin tuo live...-ohje.
Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 12. maaliskuuta 2010 @ 16:58
|
Member
1 tuotearvio
|
12. maaliskuuta 2010 @ 17:07 |
Linkki tähän viestiin
|
Linus homma menee hieman hankalaksi mutta combo toimi
ComboFix 10-03-11.02 - Sini 11.03.2010 22:48:45.1.2 - x86
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.358.1035.18.3583.2257 [GMT 2:00]
Sijainti: c:\users\Sini\Desktop\CF.exe
.
(((((((((((((((((((((((((((((((((((((( Muut poistot ))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\temp
c:\program files\WinPCap
c:\program files\WinPCap\daemon_mgm.exe
c:\program files\WinPCap\INSTALL.LOG
c:\program files\WinPCap\NetMonInstaller.exe
c:\program files\WinPCap\npf_mgm.exe
c:\program files\WinPCap\rpcapd.exe
c:\program files\WinPCap\Uninstall.exe
c:\programdata\Microsoft\Network\Downloader\qmgr0.dat
c:\programdata\Microsoft\Network\Downloader\qmgr1.dat
C:\setup.exe
c:\users\Sini\AppData\Local\Temp\jna8177222537024543165.dll
c:\users\Sini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\update.exe
c:\windows\system32\drivers\npf.sys
c:\windows\system32\Packet.dll
c:\windows\system32\pthreadVC.dll
c:\windows\system32\WanPacket.dll
c:\windows\system32\VB6KO.DLL
c:\windows\system32\wpcap.dll
----- BITS: Mahdollisesti saastuneet sivut -----
hxxp://sync.avustaja.sonera.fi
.
((((((((((((((((((((((((((((((((((((((( Ajurit/Palvelut )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_NPF
((((( Tiedostot, jotka on luotu seuraavalla aikavälillä: 2010-02-11 to 2010-03-11 )))))))))))))))))
.
2010-03-11 20:53 . 2010-03-11 20:53 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-03-11 20:21 . 2010-03-11 20:21 5115824 ----a-w- c:\programdata\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2010-03-10 14:49 . 2010-03-11 16:40 -------- d-----w- c:\users\Sini\Tracing
2010-03-09 18:58 . 2009-08-05 14:10 6136 ----a-w- c:\windows\system32\drivers\nvphy.bin
2010-03-09 18:58 . 2009-07-30 14:48 705536 ----a-w- c:\windows\system32\cohelper.dll
2010-03-09 17:14 . 2010-01-27 09:11 2622496 ----a-w- c:\windows\system32\RtkHDMI.dll
2010-03-09 17:14 . 2010-01-27 09:04 183584 ----a-w- c:\windows\system32\drivers\RtHDMIV.sys
2010-03-09 17:14 . 2009-12-15 16:26 73928 ----a-w- c:\windows\system32\RTEEL32H.dll
2010-03-09 17:14 . 2009-12-15 16:26 355528 ----a-w- c:\windows\system32\RTEEP32H.dll
2010-03-09 17:14 . 2009-12-15 16:26 62664 ----a-w- c:\windows\system32\RTEEG32H.dll
2010-03-09 17:14 . 2009-12-15 16:26 168648 ----a-w- c:\windows\system32\RTEED32H.dll
2010-03-09 17:14 . 2010-03-09 17:14 -------- dc----w- c:\program files\Realtek
2010-03-09 17:14 . 2010-01-27 09:11 57376 ----a-w- c:\windows\system32\RHCoInst.dll
2010-03-09 17:14 . 2010-01-27 09:11 1640480 ----a-w- c:\windows\system32\RHDMIExt.dll
2010-03-09 17:14 . 2010-01-11 06:41 293600 ----a-w- c:\windows\system32\RH3DHT32.dll
2010-03-09 17:14 . 2010-01-11 06:40 293600 ----a-w- c:\windows\system32\RH3DAA32.dll
2010-03-09 17:11 . 2010-03-09 17:11 -------- dc----w- C:\SMU
2010-03-09 17:11 . 2010-03-09 17:11 -------- dc----w- C:\SMBUS
2010-03-09 17:11 . 2010-03-09 17:11 -------- dc----w- C:\IDE
2010-03-09 17:11 . 2010-03-09 17:11 -------- dc----w- C:\Ethernet
2010-03-09 15:57 . 2010-03-09 16:35 118375 ----a-w- c:\windows\system32\MSF_RIUNyS3.exe
2010-03-09 15:03 . 2010-03-09 15:03 -------- dc----w- c:\program files\Driver-Soft
2010-03-09 05:09 . 2009-12-08 11:40 3955288 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-03-09 05:09 . 2009-12-08 11:40 3899464 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-03-09 05:09 . 2009-12-08 11:32 292864 ----a-w- c:\windows\system32\apphelp.dll
2010-03-08 18:27 . 2010-03-08 18:27 -------- dc----w- c:\program files\Trend Micro
2010-03-08 15:22 . 2010-03-08 15:22 -------- dc----w- c:\program files\TrendMicro
2010-03-08 02:51 . 2010-03-08 15:32 -------- dc----w- C:\SDFix
2010-03-08 02:47 . 2010-03-08 02:47 -------- d-----w- c:\windows\Sun
2010-03-07 17:54 . 2010-03-08 15:32 -------- d-----w- c:\users\Sini\AppData\Local\Stay Secure
2010-03-07 14:43 . 2010-02-11 07:10 293376 ----a-w- c:\windows\system32\browserchoice.exe
2010-03-07 14:37 . 2010-01-07 14:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-03-07 14:37 . 2010-03-11 20:34 -------- dc----w- c:\program files\Malwarebytes' Anti-Malware
2010-03-07 14:37 . 2010-01-07 14:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-03-06 08:24 . 2010-03-06 08:37 33920 ----a-w- c:\windows\system32\drivers\fsbts.sys
2010-03-06 08:24 . 2009-08-05 15:57 35680 ----a-w- c:\windows\system32\drivers\fses.sys
2010-03-06 08:24 . 2009-08-05 15:59 572512 ----a-w- c:\windows\system32\msvcp50.dll
2010-03-06 08:24 . 2009-08-05 15:57 71040 ----a-w- c:\windows\system32\drivers\fsdfw.sys
2010-03-05 08:24 . 2010-03-06 08:44 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2010-03-05 08:24 . 2009-11-10 12:55 52240 ----a-w- c:\windows\system32\LMouFiltCoInst.dll
2010-03-05 08:24 . 2009-11-10 12:55 37392 ----a-w- c:\windows\system32\drivers\LMouFilt.Sys
2010-03-05 08:24 . 2009-11-10 12:55 1581072 ----a-w- c:\windows\system32\LkmdfCoInst.dll
2010-03-05 08:24 . 2009-11-10 12:54 35984 ----a-w- c:\windows\system32\drivers\LHidFilt.Sys
2010-03-04 15:28 . 2010-03-04 15:28 85504 ----a-w- c:\users\Sini\AppData\Roaming\SystemRequirementsLab\srlproxy_cyri_4.1.71.0A.dll
2010-03-04 13:38 . 2010-03-04 13:38 -------- dc----w- c:\program files\The Sims Resource
2010-03-04 12:50 . 2010-03-04 12:50 -------- dc----w- c:\program files\iPod
2010-03-04 12:40 . 2010-03-04 12:40 -------- dc----w- c:\program files\Opera
2010-03-03 11:23 . 2010-03-03 11:23 0 ----a-w- c:\windows\system32\phar_unmip.dat
2010-03-03 10:59 . 2010-03-03 10:59 -------- d-----w- c:\program files\Common Files\Protexis
2010-03-03 10:58 . 2010-03-03 10:58 -------- dc----w- c:\program files\Corel
2010-03-03 09:22 . 2010-03-03 09:39 -------- dc----w- C:\KU990
2010-03-03 09:19 . 2010-03-03 09:19 -------- dc----w- C:\LG_USB
2010-03-03 09:15 . 2010-01-15 03:24 59328 ----a-w- c:\programdata\LGMOBILEAX\LGMLauncher.exe
2010-03-03 09:15 . 2006-05-04 06:33 53248 ----a-w- c:\windows\system32\CommonDL.dll
2010-03-03 09:15 . 2005-10-03 23:39 44544 ----a-w- c:\windows\system32\msxml4a.dll
2010-03-03 09:15 . 2010-03-02 07:15 1025984 ----a-w- c:\programdata\LGMOBILEAX\B2C_Client\LGUserCSTool.exe
2010-03-03 09:15 . 2010-03-02 07:11 507904 ----a-w- c:\programdata\LGMOBILEAX\B2C_Client\LGMUpgradeDL.dll
2010-03-03 09:15 . 2010-02-24 03:16 90112 ----a-w- c:\programdata\LGMOBILEAX\B2C_Client\LGMobileDL.dll
2010-03-03 09:15 . 2009-11-04 02:57 206792 ----a-w- c:\programdata\LGMOBILEAX\B2C_Client\B2CAppUninstall.exe
2010-03-03 09:15 . 2009-10-06 05:12 24576 ----a-w- c:\programdata\LGMOBILEAX\B2C_Client\LGMobileDLRapi.dll
2010-03-03 09:15 . 2009-06-15 05:21 182208 ----a-w- c:\programdata\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe
2010-03-03 09:15 . 2010-03-03 09:15 -------- d-----w- c:\programdata\LGMOBILEAX
2010-03-03 08:34 . 2010-03-03 08:34 -------- d-----w- c:\temp\HS2_191
2010-03-03 08:34 . 2009-06-17 10:55 55824 ----a-w- c:\windows\KHALMNPR.Exe
2010-03-03 08:18 . 2010-03-08 15:32 -------- d-----w- c:\program files\Common Files\xing shared
2010-03-03 08:05 . 2010-02-25 09:56 21320 ----a-w- c:\windows\system32\authuitu.dll
2010-03-03 08:05 . 2010-02-25 09:56 30024 ----a-w- c:\windows\system32\uxtuneup.dll
2010-02-20 15:06 . 2010-02-20 15:07 278984 ----a-w- c:\windows\system32\drivers\atksgt.sys
2010-02-20 15:06 . 2010-02-20 15:06 25416 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2010-02-18 11:42 . 2010-02-18 11:42 1290240 ----a-w- c:\windows\system32\p0_aPIH.dll
2010-02-09 21:30 . 2010-02-09 21:30 -------- d-----w- c:\users\Sini\AppData\Roaming\InstallShield
2010-02-09 21:23 . 2010-02-09 21:24 -------- dc----w- C:\LG3G
2010-02-09 21:20 . 2010-02-09 21:20 -------- dc----w- C:\lgupload
2010-02-09 21:00 . 2010-01-20 23:59 20864 ----a-w- c:\windows\system32\drivers\lgusbdiag.sys
2010-02-09 21:00 . 2010-01-20 23:59 24960 ----a-w- c:\windows\system32\drivers\lgusbmodem.sys
2010-02-09 21:00 . 2010-01-20 23:59 13056 ----a-w- c:\windows\system32\drivers\lgusbbus.sys
2010-02-09 21:00 . 2010-02-09 21:00 -------- dc----w- c:\program files\LG Electronics
2010-02-09 20:58 . 2010-02-09 21:32 -------- dc----w- c:\program files\LG PC Suite 2
.
(((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-11 20:59 . 2007-11-25 17:51 -------- d-----w- c:\users\Sini\AppData\Roaming\uTorrent
2010-03-11 20:57 . 2010-01-21 21:04 -------- d-----w- c:\users\Sini\AppData\Roaming\LimeWire
2010-03-11 20:57 . 2009-11-25 16:36 -------- d-----w- c:\program files\Common Files\Akamai
2010-03-11 20:49 . 2009-07-14 07:36 83000 ----a-w- c:\windows\system32\perfc00B.dat
2010-03-11 20:49 . 2009-07-14 07:36 442586 ----a-w- c:\windows\system32\perfh00B.dat
2010-03-11 15:16 . 2009-11-25 20:45 -------- d-----w- c:\users\Sini\AppData\Roaming\Spotify
2010-03-11 08:56 . 2009-11-28 19:11 -------- d-----w- c:\program files\Common Files\Real
2010-03-11 08:53 . 2010-01-21 21:02 -------- d-----w- c:\program files\LimeWire
2010-03-11 08:52 . 2009-12-21 11:51 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-03-11 08:52 . 2009-12-21 11:52 38784 ----a-w- c:\users\Sini\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-03-11 08:52 . 2009-12-21 11:51 38784 ----a-w- c:\users\Default\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-03-11 08:51 . 2007-11-25 17:51 -------- d-----w- c:\program files\uTorrent
2010-03-10 21:19 . 2009-12-07 16:08 -------- d-----w- c:\users\Sini\AppData\Roaming\vlc
2010-03-10 16:33 . 2010-01-20 19:29 2516 --sha-w- c:\programdata\KGyGaAvL.sys
2010-03-10 16:33 . 2010-01-20 19:29 2516 --sha-w- c:\programdata\KGyGaAvL.sys
2010-03-10 14:16 . 2009-07-13 23:11 21584 ----a-w- c:\windows\system32\drivers\atapi.sys
2010-03-09 19:01 . 2009-11-25 20:09 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-03-09 19:01 . 2009-12-26 16:14 -------- d-----w- c:\program files\NVIDIA Corporation
2010-03-08 15:32 . 2009-11-28 19:11 -------- d-----w- c:\program files\Real
2010-03-08 15:32 . 2009-11-25 17:37 -------- d-----w- c:\program files\FileHippo.com
2010-03-08 15:31 . 2009-11-29 21:32 -------- d-----w- c:\programdata\Malwarebytes
2010-03-08 15:31 . 2009-11-26 20:37 -------- d--h--w- c:\programdata\CanonBJ
2010-03-06 08:33 . 2010-01-05 22:55 -------- d-----w- c:\programdata\BitDefender
2010-03-06 08:33 . 2010-01-05 22:52 -------- d-----w- c:\program files\Common Files\BitDefender
2010-03-06 08:24 . 2009-11-25 16:35 -------- d-----w- c:\programdata\f-secure
2010-03-06 08:22 . 2009-11-25 16:38 -------- d-----w- c:\program files\Sonera
2010-03-06 08:22 . 2009-11-25 16:37 -------- d-----w- c:\programdata\fssg
2010-03-04 15:28 . 2009-12-02 18:12 -------- d-----w- c:\program files\SystemRequirementsLab
2010-03-04 15:28 . 2009-12-21 23:49 -------- d-----w- c:\users\Sini\AppData\Roaming\SystemRequirementsLab
2010-03-04 12:50 . 2009-11-28 13:26 -------- d-----w- c:\program files\iTunes
2010-03-04 12:50 . 2009-11-26 18:29 -------- d-----w- c:\programdata\Apple Computer
2010-03-04 12:50 . 2009-11-26 18:29 -------- d-----w- c:\program files\Common Files\Apple
2010-03-04 11:10 . 2009-12-02 14:12 -------- d-----w- c:\program files\Mad Scientist Productions
2010-03-03 13:37 . 2009-12-01 13:31 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2010-03-03 13:36 . 2009-11-27 15:21 460592 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2010-03-03 10:59 . 2009-12-01 16:22 115248 ----a-w- c:\users\Sini\AppData\Local\GDIPFONTCACHEV1.DAT
2010-03-03 10:58 . 2009-11-28 19:10 -------- d-----w- c:\programdata\Corel
2010-03-03 10:27 . 2009-11-28 15:44 53319 ----a-w- c:\programdata\Temp\{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}\PostBuild.exe
2010-03-03 08:42 . 2010-01-05 23:10 132 ----a-w- c:\windows\system32\rezumatenoi.dat
2010-03-03 08:38 . 2010-03-03 08:38 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
2010-03-03 08:18 . 2003-03-18 18:14 499712 ----a-w- c:\windows\system32\msvcp71.dll
2010-03-03 08:18 . 2003-02-21 02:42 348160 ----a-w- c:\windows\system32\msvcr71.dll
2010-03-03 08:16 . 2009-11-25 17:38 -------- d-----w- c:\program files\Defraggler
2010-03-03 08:14 . 2009-11-25 17:37 -------- d-----w- c:\program files\CCleaner
2010-03-03 08:05 . 2009-11-25 16:31 -------- d-----w- c:\program files\TuneUp Utilities 2010
2010-03-02 09:51 . 2007-12-02 13:47 -------- d-----w- c:\program files\Electronic Arts
2010-02-25 10:03 . 2009-11-25 16:31 30536 ----a-w- c:\windows\system32\TURegOpt.exe
2010-02-24 07:16 . 2009-11-25 16:58 181632 ------w- c:\windows\system32\MpSigStub.exe
2010-02-08 18:26 . 2010-02-08 18:26 -------- d-----w- c:\programdata\BDJ
2010-02-06 14:30 . 2010-02-06 14:30 -------- d-----w- c:\programdata\InstallShield
2010-02-06 14:30 . 2010-02-06 14:30 -------- dc----w- c:\program files\LG Soft India
2010-02-06 14:30 . 2009-11-25 20:09 -------- d-----w- c:\program files\Common Files\InstallShield
2010-02-02 18:54 . 2010-03-03 18:00 5313536 ----a-w- c:\windows\system32\drivers\atipmdag.sys
2010-02-02 18:54 . 2010-03-03 18:00 5313536 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2010-02-02 18:23 . 2010-03-03 18:00 426496 ----a-w- c:\windows\system32\aticfx32.dll
2010-02-02 18:19 . 2010-03-03 18:00 143360 ----a-w- c:\windows\system32\atiapfxx.exe
2010-02-02 18:17 . 2010-03-03 18:00 446464 ----a-w- c:\windows\system32\ATIDEMGX.dll
2010-02-02 18:17 . 2009-12-02 14:40 372736 ----a-w- c:\windows\system32\atieclxx.exe
2010-02-02 18:16 . 2009-12-02 14:40 172032 ----a-w- c:\windows\system32\atiesrxx.exe
2010-02-02 18:15 . 2010-03-03 18:00 159744 ----a-w- c:\windows\system32\atitmmxx.dll
2010-02-02 18:15 . 2010-03-03 18:00 356352 ----a-w- c:\windows\system32\atipdlxx.dll
2010-02-02 18:15 . 2010-03-03 18:00 274432 ----a-w- c:\windows\system32\Oemdspif.dll
2010-02-02 18:14 . 2010-03-03 18:00 11776 ----a-w- c:\windows\system32\atimuixx.dll
2010-02-02 18:14 . 2010-03-03 18:00 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2010-02-02 18:12 . 2009-12-19 11:31 3073024 ----a-w- c:\windows\system32\atidxx32.dll
2010-02-02 18:01 . 2010-03-03 18:00 14147072 ----a-w- c:\windows\system32\atioglxx.dll
2010-02-02 17:55 . 2009-12-02 14:40 3653632 ----a-w- c:\windows\system32\atiumdag.dll
2010-02-02 17:52 . 2010-03-03 18:00 53248 ----a-w- c:\windows\system32\aticalrt.dll
2010-02-02 17:52 . 2010-03-03 18:00 53248 ----a-w- c:\windows\system32\aticalcl.dll
2010-02-02 17:51 . 2010-03-03 18:00 3649536 ----a-w- c:\windows\system32\aticaldd.dll
2010-02-02 17:40 . 2010-03-03 18:00 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2010-02-02 17:37 . 2009-12-02 14:40 2934272 ----a-w- c:\windows\system32\atiumdva.dll
2010-02-02 17:25 . 2010-03-03 18:00 52224 ----a-w- c:\windows\system32\atimpc32.dll
2010-02-02 17:25 . 2010-03-03 18:00 52224 ----a-w- c:\windows\system32\amdpcom32.dll
2010-02-02 17:24 . 2009-12-02 14:40 229376 ----a-w- c:\windows\system32\atiadlxx.dll
2010-02-02 17:24 . 2010-03-03 18:00 12800 ----a-w- c:\windows\system32\atiglpxx.dll
2010-02-02 17:24 . 2010-03-03 18:00 14848 ----a-w- c:\windows\system32\atigktxx.dll
2010-02-02 17:23 . 2010-03-03 18:00 150016 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2010-02-02 17:23 . 2010-03-03 18:00 50176 ----a-w- c:\windows\system32\coinst.dll
2010-02-02 17:23 . 2010-03-03 18:00 27136 ----a-w- c:\windows\system32\atiuxpag.dll
2010-02-02 17:22 . 2010-03-03 18:00 20480 ----a-w- c:\windows\system32\atiu9pag.dll
2010-02-02 07:45 . 2010-03-03 08:01 2048 ----a-w- c:\windows\system32\tzres.dll
2010-01-29 22:30 . 2010-01-24 16:49 -------- d-----w- c:\program files\Audible
2010-01-29 20:29 . 2009-11-28 15:44 -------- d-----w- c:\users\Sini\AppData\Roaming\dvdcss
2010-01-28 21:51 . 2009-12-29 20:42 -------- d-----w- c:\programdata\Autodesk
2010-01-28 13:33 . 2010-03-03 18:00 100352 ----a-w- c:\windows\system32\drivers\AtiHdmi.sys
2010-01-24 18:24 . 2010-01-24 16:54 -------- d-----w- c:\users\Sini\AppData\Roaming\Creative
2010-01-24 18:22 . 2010-01-24 16:46 -------- d-----w- c:\program files\Creative
2010-01-24 18:21 . 2010-01-24 18:20 -------- d--h--w- c:\program files\Creative Installation Information
2010-01-24 18:20 . 2010-01-24 18:20 -------- d-----w- c:\program files\Common Files\Creative
2010-01-24 17:44 . 2010-01-24 17:44 10134 ----a-r- c:\users\Sini\AppData\Roaming\Microsoft\Installer\{E2F29FCA-126F-48DF-A9B5-BEBE8F0F1610}\_C78F0D128D61AE102A1FD8.exe
2010-01-24 17:44 . 2010-01-24 17:44 -------- d-----w- c:\program files\Default Company Name
2010-01-24 17:05 . 2010-01-24 16:50 2719920 ----a-w- c:\programdata\Creative\Software Update\cache\Creative Software Update 1.02.01__\SoftwareUpdate_PCApp_LA_1_02_01.exe
2010-01-24 16:58 . 2010-01-24 16:41 -------- d-----w- c:\programdata\Microsoft Help
2010-01-24 16:53 . 2010-01-24 16:53 -------- d-----w- c:\programdata\{F40E9D30-5DFC-4B21-BFDB-A5CDEE6440A6}
2010-01-24 16:52 . 2010-01-24 16:48 -------- d--h--w- c:\programdata\{4D18D6A0-D216-4470-B464-1F2DC271458B}
2010-01-24 16:52 . 2009-07-14 04:52 -------- d-----w- c:\program files\MSBuild
2010-01-24 16:51 . 2010-01-24 16:51 -------- d-----w- c:\program files\Microsoft Visual Studio .NET 2008
2010-01-24 16:51 . 2010-01-24 16:51 -------- d-----w- c:\program files\Microsoft Visual Studio .NET 2005
2010-01-24 16:51 . 2010-01-24 16:51 -------- d-----w- c:\program files\Microsoft Synchronization Services
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.
------- Sigcheck -------
[-] 2010-03-10 14:16 . 536F37C51D16ABE40A24E417148F8942 . 21584 . . [------] . . c:\windows\System32\drivers\atapi.sys
[7] 2009-07-14 . 338C86357871C167A96AB976519BF59E . 21584 . . [6.1.7600.16385] . . c:\windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
.
(((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
2009-08-17 16:54 564624 ----a-w- c:\progra~1\MICROS~1\Office14\URLREDIR.DLL
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{da9e5a55-a1a2-1b97-026f-b233372fee2e}]
2010-02-18 11:42 1290240 ----a-w- c:\windows\System32\p0_aPIH.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2010-03-11 319792]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-01-07 1394000]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 55824]
"F-Secure Manager"="c:\program files\Sonera\Sonera Tietoturva\Common\FSM32.EXE" [2009-08-05 199264]
"F-Secure TNB"="c:\program files\Sonera\Sonera Tietoturva\FSGUI\TNBUtil.exe" [2009-08-05 2349664]
c:\users\Sini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
LimeWire On Startup.lnk - c:\program files\LimeWire\LimeWire.exe [2010-3-8 503808]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /r \??\f:\0autocheck autochk *\0sasnative32
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^forteManager.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\forteManager.lnk
backup=c:\windows\pss\forteManager.lnk.CommonStartup
backupExtension=.CommonStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2010-03-11 08:51 319792 ----a-w- c:\program files\uTorrent\uTorrent.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"EA Core"="c:\program files\Electronic Arts\EADM\Core.exe" -silent
"uTorrent"="c:\program files\uTorrent\uTorrent.exe"
"LightScribe Control Panel"=c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
"SoftAuto.exe"="c:\program files\Creative\Software Update 3\SoftAuto.exe"
"CTSyncU.exe"="c:\program files\Creative\Sync Manager Unicode\CTSyncU.exe"
"ISUSPM Startup"=c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
"Canaveral"=rundll32.exe c:\windows\system32\sshnas21.dll,BackupReadW
"FileHippo.com"="c:\program files\FileHippo.com\UpdateChecker.exe" /background
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"ATICustomerCare"="c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"CmPCIaudio"=RunDll32 CMICNFG3.cpl,CMICtrlWnd
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" -start
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2010/01/20 10:46];c:\program files\CyberLink\PowerDVD9\000.fcl [x]
R2 1394ohcib;1394ohcib;c:\windows\System32\DRIVERS\1394ohcib.sys [x]
R3 ADASPROT;SYSTWEAKASO;c:\program files\Advanced System Optimizer 3\adasprot32.sys [x]
R3 LGDDCDevice;LGDDCDevice;c:\program files\LG Soft India\forteManager\bin\I2CDriver.sys [2008-12-12 14336]
R3 LGII2CDevice;LGII2CDevice;c:\program files\LG Soft India\forteManager\bin\PII2CDriver.sys [2008-12-12 18432]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2009-08-21 30510960]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-08-21 4639136]
R4 CTUPnPSv;Creative Centrale Media Server;c:\program files\Creative\Creative Centrale\CTUPnPSv.exe [2008-05-21 64000]
R4 F-Secure Filter;F-Secure File System Filter;c:\program files\Sonera\Sonera Tietoturva\Anti-Virus\Win2K\FSfilter.sys [2009-08-05 39776]
R4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files\Sonera\Sonera Tietoturva\Anti-Virus\Win2K\FSrec.sys [2009-08-05 25184]
S0 fsbts;fsbts;c:\windows\system32\Drivers\fsbts.sys [2010-03-06 33920]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-01-03 722416]
S1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys [2009-08-05 68064]
S1 FSES;F-Secure Email Scanning Driver;c:\windows\system32\drivers\fses.sys [2009-08-05 35680]
S1 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [2009-08-05 71040]
S1 fsvista;F-Secure Vista Support Driver;c:\program files\Sonera\Sonera Tietoturva\Anti-Virus\minifilter\fsvista.sys [2009-08-05 12384]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-02-02 172032]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-17 11032]
S2 sprtsvc_sonera;SupportSoft Sprocket Service (sonera);c:\program files\Sonera\InternetAvustaja\bin\sprtsvc.exe [2008-10-16 202016]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-02-25 1047880]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [2010-02-02 5313536]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-02-02 150016]
S3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\Sonera\Sonera Tietoturva\Anti-Virus\minifilter\fsgk.sys [2010-03-06 107104]
S3 FSORSPClient;F-Secure ORSP Client;c:\program files\Sonera\Sonera Tietoturva\ORSP Client\fsorsp.exe [2010-03-06 55992]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064]
--- Muut muistissa olevat ajurit/palvelut ---
*Deregistered* - CLBUDFR
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-07-30 08:39 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
'Ajoitetut tehtävät'-kansion sisältö
2010-03-11 c:\windows\Tasks\Scheduled scanning task.job
- c:\progra~1\Sonera\SONERA~1\ANTI-V~1\fsav.exe [2010-03-06 15:56]
.
.
------- Täydentävä tarkistus -------
.
uStart Page = hxxp://eu.ask.com?o=15161&l=dis
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
LSP: c:\program files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll
LSP: c:\program files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL
Trusted Zone: corel.com
Trusted Zone: corel.com\www
Trusted Zone: intervideo.com
Trusted Zone: intervideo.com\www
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
FF - ProfilePath - c:\users\Sini\AppData\Roaming\Mozilla\Firefox\Profiles\k20tmfqy.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www3.iamwired.net/websearch.php?src=tops&search=
FF - prefs.js: browser.search.selectedEngine - Torrents.to
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fi/
FF - prefs.js: keyword.URL -
FF - component: c:\program files\Mozilla Firefox\extensions\{80155943-b083-a2cf-0350-54d3b1be1609}\components\t_3vJRObPy.dll
FF - plugin: c:\progra~1\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
---- FIREFOXIN KÄYTÄNNÖT ----
FF - user.js: network.http.max-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 750
FF - user.js: content.notify.interval - 750000
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: network.http.max-persistent-connections-per-server - 2
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
.
------- Tiedostokytkennät -------
.
JSEFile=NOTEPAD.EXE %1
.
- - - - POISTETUT JÄMÄRIVIT - - - -
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKLM-Run-CmPCIaudio - CMICNFG3.cpl
AddRemove-WinPcapInst - c:\program files\WinPcap\Uninstall.exe
**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll >>UNKNOWN [0x85D061F8]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
IoDeviceObjectType -> DumpProcedure -> 0xd46a624f
SecurityProcedure -> 0x85d4bcf8
QueryNameProcedure -> 0x85d4be88
user & kernel MBR OK
**************************************************************************
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{B154377D-700F-42cc-9474-23858FBDF4BD}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD9\000.fcl"
.
--------------------- LUKITUT REKISTERIAVAIMET ---------------------
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Prosesseihin ladatut DLLt ---------------------
- - - - - - - > 'Explorer.exe'(2664)
c:\program files\Sonera\Sonera Tietoturva\Spam Control\fsscoepl.dll
c:\progra~1\LGPCSU~1\PHONEM~1\Phone.dll
c:\progra~1\LGPCSU~1\PHONEM~1\MFC42.DLL
.
------------------------ Muut prosessit ------------------------
.
c:\windows\system32\atieclxx.exe
c:\program files\Sonera\Sonera Tietoturva\Anti-Virus\fsgk32st.exe
c:\program files\Sonera\Sonera Tietoturva\Anti-Virus\FSGK32.EXE
c:\program files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
c:\program files\Sonera\Sonera Tietoturva\Common\FSMA32.EXE
c:\program files\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files\Sonera\Sonera Tietoturva\Common\FSHDLL32.EXE
c:\program files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
c:\windows\system32\taskhost.exe
c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
c:\program files\Sonera\Sonera Tietoturva\FWES\Program\fsdfwd.exe
c:\windows\system32\conhost.exe
c:\program files\Sonera\Sonera Tietoturva\Anti-Virus\fssm32.exe
c:\windows\system32\taskhost.exe
c:\program files\Sonera\Sonera Tietoturva\Anti-Virus\fsav32.exe
c:\windows\System32\rundll32.exe
c:\windows\system32\WUDFHost.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Valmistumisajankohta: 2010-03-11 23:00:57 - kone käynnistettiin uudelleen
ComboFix-quarantined-files.txt 2010-03-11 21:00
Ennen ajoa: 812 257 939 456 tavua vapaana
Ajon jälkeen: 812 054 183 936 tavua vapaana
- - End Of File - - BE9D709D86C6963ABC460E2A4406C775
|
Senior Member
7 tuotearviota
|
12. maaliskuuta 2010 @ 17:20 |
Linkki tähän viestiin
|
Lainaus:
Jos sul ei ole muuta sanomista niin kasvatatko vain postcountia jotta pääsisit Senior Memberiksi?
Se että yleensäkään saat päähäsi noin aivokuolleen ajatuksen kuin "postcountin" kasvatus (wtf??), voi tarkoittaa vain ja ainoastaan sitä että harrastat itse moista. Kerro yksikin syy miksi haluaisit olla niin kovasti senior member? Luuletko että saat enemmän e-rispektiä sen takia? Voi hyvä luoja...
Se oli hyvinkin pätevä kysymys. Ketjun aloittaja ei ollut kertonut mitään ongelman kuvausta.
|
|
warwas
Suspended permanently
|
12. maaliskuuta 2010 @ 20:11 |
Linkki tähän viestiin
|
Lainaus, alkuperäisen viestin kirjoitti Michelola:
Lainaus:
Jos sul ei ole muuta sanomista niin kasvatatko vain postcountia jotta pääsisit Senior Memberiksi?
Se että yleensäkään saat päähäsi noin aivokuolleen ajatuksen kuin "postcountin" kasvatus (wtf??), voi tarkoittaa vain ja ainoastaan sitä että harrastat itse moista. Kerro yksikin syy miksi haluaisit olla niin kovasti senior member? Luuletko että saat enemmän e-rispektiä sen takia? Voi hyvä luoja...
Se oli hyvinkin pätevä kysymys. Ketjun aloittaja ei ollut kertonut mitään ongelman kuvausta.
Sä saat jatkaa tästä kun niin innokas olet tänne vastaamaan, muista myös että vastuu on sulla!
BTW, topicissa on ongelma kuvattu.
|
|
hannu71
Member
|
12. maaliskuuta 2010 @ 20:25 |
Linkki tähän viestiin
|
Lainaus, alkuperäisen viestin kirjoitti Michelola:
Lainaus:
Jos sul ei ole muuta sanomista niin kasvatatko vain postcountia jotta pääsisit Senior Memberiksi?
Se että yleensäkään saat päähäsi noin aivokuolleen ajatuksen kuin "postcountin" kasvatus (wtf??), voi tarkoittaa vain ja ainoastaan sitä että harrastat itse moista. Kerro yksikin syy miksi haluaisit olla niin kovasti senior member? Luuletko että saat enemmän e-rispektiä sen takia? Voi hyvä luoja...
Se oli hyvinkin pätevä kysymys. Ketjun aloittaja ei ollut kertonut mitään ongelman kuvausta.
Michelola jospa antaisit warwakselle työrauhan;-) ei warwas mitään tittelii hae täält..
BTW, topicissa on ongelma kuvattu...
Sä saat jatkaa tästä kun niin innokas olet tänne vastaamaan, muista myös että vastuu on sulla!
Michelola hoitaa loppuun?
|
|
warwas
Suspended permanently
|
12. maaliskuuta 2010 @ 21:16 |
Linkki tähän viestiin
|
Lainaus, alkuperäisen viestin kirjoitti Michelola:
Lainaus:
Jos sul ei ole muuta sanomista niin kasvatatko vain postcountia jotta pääsisit Senior Memberiksi?
Se että yleensäkään saat päähäsi noin aivokuolleen ajatuksen kuin "postcountin" kasvatus (wtf??), voi tarkoittaa vain ja ainoastaan sitä että harrastat itse moista. Kerro yksikin syy miksi haluaisit olla niin kovasti senior member? Luuletko että saat enemmän e-rispektiä sen takia? Voi hyvä luoja...
Se oli hyvinkin pätevä kysymys. Ketjun aloittaja ei ollut kertonut mitään ongelman kuvausta.
Miks ihmees edes vastaat ketjuun missä lokeja mistä sulla ei ole hajuakaan???
Onko sun tyyli vastata joka ketjuun mistä sulla ei ole hajuakaan, aika idioottimaista toimintaa etten sanoisi.
Nooh, katotaas miten poju pärjää lopun kanssa...
|
|
warwas
Suspended permanently
|
13. maaliskuuta 2010 @ 17:38 |
Linkki tähän viestiin
|
Jeees
Avaa Muistio ja kopioi/liitä quoteboxin sisältö sinne ILMAN Lainaus tekstiä:
Lainaus:
Rootkit::
C:\Windows\System32\Drivers\spnq.sys
Folder::
C:\Windows\TEMP\nytf.tmp
File::
C:\Users\Sini\AppData\Roaming\ufxw.exe
C:\Windows\System32\MSF_RIUNyS3.exe
C:\Users\Sini\AppData\Local\Temp\Qtr.exe
C:\Windows\msa.exe
c:\windows\system32\sshnas21.dll
Filelook::
c:\windows\system32\drivers\atapi.sys
c:\windows\System32\p0_aPIH.dll
c:\programdata\Temp\{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}\PostBuild.exe
Dirlook::
c:\users\Sini\AppData\Local\Stay Secure
c:\temp
Tallenna nimellä CFScript.
Sitten raahaa CFScript ComboFix.exeen kuten alla.
Käynnistä kone uudelleen, jos niin pyydetään ja lähetä combofix.txt-tiedoston sisältö tänne uuden HijackThis-lokin kera.
Varmistu ensin, että piilotiedostot on näkyvillä.
Piilotiedostot näkyviin
Mene --> tänne
Kun sivu on latautunut, klikkaa Selaa-nappulaa ja etsi seuraava tiedosto ja paina Submit.
c:\windows\System32\p0_aPIH.dll
c:\windows\System32\DRIVERS\1394ohcib.sys
c:\windows\system32\drivers\atapi.sys
c:\programdata\Temp\{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}\PostBuild.exe
c:\windows\System32\DRIVERS\1394ohcib.sys
Lähetä skannin tulokset seuraavassa viestissäsi.
Jos et löydä tiedostoa, niin Klikkaa selaa Submit file/Upload a file-kohdassa ja kopio/liitä tiedostonimi polkuineen Tiedostonimi-kenttään ja paina Avaa sekä Submit.
Jos Jotti on ruuhkainen, yritä samaa Virustotalissa: http://www.virustotal.com/flash/index_en.html
Jos kummatkin edellä mainitut on ruuhkaisia, niin voit koittaa VirScanissa:
VirSCAN
Skannaa HJT:lla ja lähetä pyydetyt tiedot.
|
Member
1 tuotearvio
|
14. maaliskuuta 2010 @ 12:16 |
Linkki tähän viestiin
|
c:\windows\System32\p0_aPIH.dll
a-squared Riskware.AdWare.Win32.Ezula!IK
F-Secure not-a-virus: AdWare.Win32.Ezula.blp
Ikarus not-a-virus: AdWare.Win32.Ezula
Kaspersky not-a-virus: AdWare.Win32.Ezula.blp
VirusBuster AdWare. Ezula.SS
c:\windows\System32\DRIVERS\1394ohcib.sys
Ei löytynyt tiedostoa
c:\windows\system32\drivers\atapi.sys
a-squared Rootkit.Win32.TDSS!IK
Ikarus Rootkit.Win32.TDSS
c:\programdata\Temp\{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}\PostBuild.exe
Ei viruksia
c:\windows\System32\DRIVERS\1394ohcib.sys
Ei löytynyt tiedostoa
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:39:12, on 8.3.2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\msa.exe
C:\Program Files\Sonera\Sonera Tietoturva\Common\FSM32.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Users\Sini\AppData\Local\Temp\Qtr.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com?o=15161&l=dis
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: LitmusBHO - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files\Sonera\Sonera Tietoturva\NRS\iescript\baselitmus.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files\Sonera\Sonera Tietoturva\NRS\iescript\baselitmus.dll
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Sonera\Sonera Tietoturva\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Sonera\Sonera Tietoturva\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [TOY5KNQ8OC] C:\Users\Sini\AppData\Local\Temp\Qtr.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Verkkopalvelu')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Verkkopalvelu')
O4 - HKUS\S-1-5-18\..\Run: [cbssreg] C:\Windows\TEMP\nytf.tmp\svchost.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [cbssreg] C:\Windows\TEMP\nytf.tmp\svchost.exe (User 'Default user')
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O13 - Gopher Prefix:
O15 - Trusted Zone: www.corel.com
O15 - Trusted Zone: http://*.corel.com
O15 - Trusted Zone: www.intervideo.com
O15 - Trusted Zone: http://*.intervideo.com
O16 - DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} (System Requirements Lab Class) - http://srtest-cdn.systemrequirementslab....eqlabdetect.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/software...15111/CTPID.cab
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\fsgk32st.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Sonera\Sonera Tietoturva\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Sonera\Sonera Tietoturva\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\Sonera\Sonera Tietoturva\ORSP Client\fsorsp.exe
O23 - Service: iPod-palvelu (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: SupportSoft Sprocket Service (sonera) (sprtsvc_sonera) - SupportSoft, Inc. - C:\Program Files\Sonera\InternetAvustaja\bin\sprtsvc.exe
O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\SupportSoft\bin\ssrc.exe
O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
--
End of file - 7393 bytes
ComboFix 10-03-13.03 - Sini 14.03.2010 11:58:17.3.2 - x86
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.358.1035.18.3583.2482 [GMT 2:00]
Sijainti: c:\users\Sini\Desktop\CF.exe
Käytetyt komentorivivalitsimet :: c:\users\Sini\Desktop\CFScript.txt
FILE ::
"c:\users\Sini\AppData\Local\Temp\Qtr.exe"
"c:\users\Sini\AppData\Roaming\ufxw.exe"
"c:\windows\msa.exe"
"c:\windows\System32\MSF_RIUNyS3.exe"
"c:\windows\system32\sshnas21.dll"
.
(((((((((((((((((((((((((((((((((((((( Muut poistot ))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\programdata\Microsoft\Network\Downloader\qmgr0.dat
c:\programdata\Microsoft\Network\Downloader\qmgr1.dat
.
---- Edellinen ajo -------
.
c:\programdata\Microsoft\Network\Downloader\qmgr0.dat
c:\programdata\Microsoft\Network\Downloader\qmgr1.dat
c:\windows\System32\MSF_RIUNyS3.exe
----- BITS: Mahdollisesti saastuneet sivut -----
hxxp://sync.avustaja.sonera.fi
.
((((( Tiedostot, jotka on luotu seuraavalla aikavälillä: 2010-02-14 to 2010-03-14 )))))))))))))))))
.
2010-03-14 10:03 . 2010-03-14 10:04 -------- d-----w- c:\users\Sini\AppData\Local\temp
2010-03-14 10:03 . 2010-03-14 10:03 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-03-14 10:03 . 2010-03-14 10:03 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-03-13 13:10 . 2010-03-14 08:53 -------- d-----w- c:\users\Sini\AppData\Roaming\LimeWire
2010-03-13 13:10 . 2010-03-13 13:10 -------- dc----w- c:\program files\Ask.com
2010-03-13 13:10 . 2010-03-13 13:10 -------- dc----w- c:\program files\LimeWire
2010-03-12 14:24 . 2010-03-12 14:24 -------- d-----w- c:\programdata\LightScribe
2010-03-12 14:24 . 2010-03-12 14:25 -------- d-----w- c:\users\Sini\AppData\Roaming\Nero
2010-03-12 14:14 . 2010-03-12 14:22 -------- dc----w- c:\program files\Nero
2010-03-12 14:14 . 2010-03-12 14:16 -------- d-----w- c:\programdata\Nero
2010-03-12 14:14 . 2010-03-12 14:23 -------- d-----w- c:\program files\Common Files\Nero
2010-03-12 14:13 . 2010-03-12 14:13 -------- d-----w- c:\program files\Common Files\LightScribe
2010-03-12 13:27 . 2010-03-12 13:27 -------- d-----w- c:\users\Sini\AppData\Local\TempDIR
2010-03-10 14:49 . 2010-03-14 09:02 -------- d-----w- c:\users\Sini\Tracing
2010-03-09 18:58 . 2009-08-05 14:10 6136 ----a-w- c:\windows\system32\drivers\nvphy.bin
2010-03-09 18:58 . 2009-07-30 14:48 705536 ----a-w- c:\windows\system32\cohelper.dll
2010-03-09 17:14 . 2010-01-27 09:11 2622496 ----a-w- c:\windows\system32\RtkHDMI.dll
2010-03-09 17:14 . 2010-01-27 09:04 183584 ----a-w- c:\windows\system32\drivers\RtHDMIV.sys
2010-03-09 17:14 . 2009-12-15 16:26 73928 ----a-w- c:\windows\system32\RTEEL32H.dll
2010-03-09 17:14 . 2009-12-15 16:26 355528 ----a-w- c:\windows\system32\RTEEP32H.dll
2010-03-09 17:14 . 2009-12-15 16:26 62664 ----a-w- c:\windows\system32\RTEEG32H.dll
2010-03-09 17:14 . 2009-12-15 16:26 168648 ----a-w- c:\windows\system32\RTEED32H.dll
2010-03-09 17:14 . 2010-03-09 17:14 -------- dc----w- c:\program files\Realtek
2010-03-09 17:14 . 2010-01-27 09:11 57376 ----a-w- c:\windows\system32\RHCoInst.dll
2010-03-09 17:14 . 2010-01-27 09:11 1640480 ----a-w- c:\windows\system32\RHDMIExt.dll
2010-03-09 17:14 . 2010-01-11 06:41 293600 ----a-w- c:\windows\system32\RH3DHT32.dll
2010-03-09 17:14 . 2010-01-11 06:40 293600 ----a-w- c:\windows\system32\RH3DAA32.dll
2010-03-09 17:11 . 2010-03-09 17:11 -------- dc----w- C:\SMU
2010-03-09 17:11 . 2010-03-09 17:11 -------- dc----w- C:\SMBUS
2010-03-09 17:11 . 2010-03-09 17:11 -------- dc----w- C:\IDE
2010-03-09 17:11 . 2010-03-09 17:11 -------- dc----w- C:\Ethernet
2010-03-09 15:03 . 2010-03-09 15:03 -------- dc----w- c:\program files\Driver-Soft
2010-03-09 05:09 . 2009-12-08 11:40 3955288 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-03-09 05:09 . 2009-12-08 11:40 3899464 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-03-09 05:09 . 2009-12-08 11:32 292864 ----a-w- c:\windows\system32\apphelp.dll
2010-03-08 18:27 . 2010-03-08 18:27 -------- dc----w- c:\program files\Trend Micro
2010-03-08 15:22 . 2010-03-08 15:22 -------- dc----w- c:\program files\TrendMicro
2010-03-08 02:51 . 2010-03-08 15:32 -------- dc----w- C:\SDFix
2010-03-08 02:47 . 2010-03-08 02:47 -------- d-----w- c:\windows\Sun
2010-03-07 17:54 . 2010-03-08 15:32 -------- d-----w- c:\users\Sini\AppData\Local\Stay Secure
2010-03-07 14:43 . 2010-02-11 07:10 293376 ----a-w- c:\windows\system32\browserchoice.exe
2010-03-07 14:37 . 2010-01-07 14:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-03-07 14:37 . 2010-03-11 20:34 -------- dc----w- c:\program files\Malwarebytes' Anti-Malware
2010-03-07 14:37 . 2010-01-07 14:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-03-06 08:24 . 2010-03-06 08:37 33920 ----a-w- c:\windows\system32\drivers\fsbts.sys
2010-03-06 08:24 . 2009-08-05 15:57 35680 ----a-w- c:\windows\system32\drivers\fses.sys
2010-03-06 08:24 . 2009-08-05 15:59 572512 ----a-w- c:\windows\system32\msvcp50.dll
2010-03-06 08:24 . 2009-08-05 15:57 71040 ----a-w- c:\windows\system32\drivers\fsdfw.sys
2010-03-05 08:24 . 2010-03-06 08:44 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2010-03-05 08:24 . 2009-11-10 12:55 52240 ----a-w- c:\windows\system32\LMouFiltCoInst.dll
2010-03-05 08:24 . 2009-11-10 12:55 37392 ----a-w- c:\windows\system32\drivers\LMouFilt.Sys
2010-03-05 08:24 . 2009-11-10 12:55 1581072 ----a-w- c:\windows\system32\LkmdfCoInst.dll
2010-03-05 08:24 . 2009-11-10 12:54 35984 ----a-w- c:\windows\system32\drivers\LHidFilt.Sys
2010-03-04 13:38 . 2010-03-04 13:38 -------- dc----w- c:\program files\The Sims Resource
2010-03-04 12:50 . 2010-03-04 12:50 -------- dc----w- c:\program files\iPod
2010-03-04 12:40 . 2010-03-04 12:40 -------- dc----w- c:\program files\Opera
2010-03-03 11:23 . 2010-03-03 11:23 0 ----a-w- c:\windows\system32\phar_unmip.dat
2010-03-03 10:59 . 2010-03-03 10:59 -------- d-----w- c:\program files\Common Files\Protexis
2010-03-03 10:58 . 2010-03-03 10:58 -------- dc----w- c:\program files\Corel
2010-03-03 09:22 . 2010-03-03 09:39 -------- dc----w- C:\KU990
2010-03-03 09:19 . 2010-03-03 09:19 -------- dc----w- C:\LG_USB
2010-03-03 09:15 . 2006-05-04 06:33 53248 ----a-w- c:\windows\system32\CommonDL.dll
2010-03-03 09:15 . 2005-10-03 23:39 44544 ----a-w- c:\windows\system32\msxml4a.dll
2010-03-03 09:15 . 2010-03-03 09:15 -------- d-----w- c:\programdata\LGMOBILEAX
2010-03-03 08:34 . 2010-03-03 08:34 -------- d-----w- c:\temp\HS2_191
2010-03-03 08:34 . 2009-06-17 10:55 55824 ----a-w- c:\windows\KHALMNPR.Exe
2010-03-03 08:18 . 2010-03-08 15:32 -------- d-----w- c:\program files\Common Files\xing shared
2010-03-03 08:05 . 2010-02-25 09:56 21320 ----a-w- c:\windows\system32\authuitu.dll
2010-03-03 08:05 . 2010-02-25 09:56 30024 ----a-w- c:\windows\system32\uxtuneup.dll
2010-02-20 15:06 . 2010-02-20 15:07 278984 ----a-w- c:\windows\system32\drivers\atksgt.sys
2010-02-20 15:06 . 2010-02-20 15:06 25416 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2010-02-18 11:42 . 2010-02-18 11:42 1290240 ----a-w- c:\windows\system32\p0_aPIH.dll
.
(((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-14 10:07 . 2007-11-25 17:51 -------- d-----w- c:\users\Sini\AppData\Roaming\uTorrent
2010-03-14 10:04 . 2009-11-25 16:36 -------- d-----w- c:\program files\Common Files\Akamai
2010-03-14 09:20 . 2010-01-20 19:29 2516 --sha-w- c:\programdata\KGyGaAvL.sys
2010-03-14 09:20 . 2010-01-20 19:29 2516 --sha-w- c:\programdata\KGyGaAvL.sys
2010-03-13 13:48 . 2009-12-01 16:22 114792 ----a-w- c:\users\Sini\AppData\Local\GDIPFONTCACHEV1.DAT
2010-03-13 13:37 . 2009-12-18 18:27 -------- d-----w- c:\program files\Audio Track Editor
2010-03-13 13:35 . 2009-11-25 20:45 -------- d-----w- c:\users\Sini\AppData\Roaming\Spotify
2010-03-12 16:30 . 2010-03-12 16:30 45056 ----a-w- c:\users\Sini\AppData\Roaming\HLGCVFSDUA.exe
2010-03-12 16:30 . 2010-03-12 16:30 45056 ----a-w- c:\users\Sini\AppData\Roaming\HLGCVFSDUA.exe
2010-03-12 16:30 . 2010-03-12 16:30 20480 ----a-w- c:\users\Sini\AppData\Roaming\scheduler.exe
2010-03-12 16:30 . 2010-03-12 16:30 20480 ----a-w- c:\users\Sini\AppData\Roaming\scheduler.exe
2010-03-12 16:30 . 2010-03-12 16:30 24576 ----a-w- c:\users\Sini\AppData\Roaming\FileDownloader.exe
2010-03-12 16:30 . 2010-03-12 16:30 24576 ----a-w- c:\users\Sini\AppData\Roaming\FileDownloader.exe
2010-03-12 16:20 . 2007-12-02 13:47 -------- d-----w- c:\program files\Electronic Arts
2010-03-12 16:20 . 2009-11-25 20:09 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-03-11 20:49 . 2009-07-14 07:36 83000 ----a-w- c:\windows\system32\perfc00B.dat
2010-03-11 20:49 . 2009-07-14 07:36 442586 ----a-w- c:\windows\system32\perfh00B.dat
2010-03-11 20:21 . 2010-03-11 20:21 5115824 ----a-w- c:\programdata\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2010-03-11 08:56 . 2009-11-28 19:11 -------- d-----w- c:\program files\Common Files\Real
2010-03-11 08:52 . 2009-12-21 11:51 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-03-11 08:52 . 2009-12-21 11:52 38784 ----a-w- c:\users\Sini\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-03-11 08:52 . 2009-12-21 11:51 38784 ----a-w- c:\users\Default\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-03-11 08:51 . 2007-11-25 17:51 -------- d-----w- c:\program files\uTorrent
2010-03-10 21:19 . 2009-12-07 16:08 -------- d-----w- c:\users\Sini\AppData\Roaming\vlc
2010-03-10 14:16 . 2009-07-13 23:11 21584 ----a-w- c:\windows\system32\drivers\atapi.sys
2010-03-09 19:01 . 2009-12-26 16:14 -------- d-----w- c:\program files\NVIDIA Corporation
2010-03-08 15:32 . 2009-11-28 19:11 -------- d-----w- c:\program files\Real
2010-03-08 15:32 . 2009-11-25 17:37 -------- d-----w- c:\program files\FileHippo.com
2010-03-08 15:31 . 2009-11-29 21:32 -------- d-----w- c:\programdata\Malwarebytes
2010-03-08 15:31 . 2009-11-26 20:37 -------- d--h--w- c:\programdata\CanonBJ
2010-03-06 08:33 . 2010-01-05 22:55 -------- d-----w- c:\programdata\BitDefender
2010-03-06 08:33 . 2010-01-05 22:52 -------- d-----w- c:\program files\Common Files\BitDefender
2010-03-06 08:24 . 2009-11-25 16:35 -------- d-----w- c:\programdata\f-secure
2010-03-06 08:22 . 2009-11-25 16:38 -------- d-----w- c:\program files\Sonera
2010-03-06 08:22 . 2009-11-25 16:37 -------- d-----w- c:\programdata\fssg
2010-03-04 15:28 . 2009-12-02 18:12 -------- d-----w- c:\program files\SystemRequirementsLab
2010-03-04 15:28 . 2010-03-04 15:28 85504 ----a-w- c:\users\Sini\AppData\Roaming\SystemRequirementsLab\srlproxy_cyri_4.1.71.0A.dll
2010-03-04 15:28 . 2009-12-21 23:49 -------- d-----w- c:\users\Sini\AppData\Roaming\SystemRequirementsLab
2010-03-04 12:50 . 2009-11-28 13:26 -------- d-----w- c:\program files\iTunes
2010-03-04 12:50 . 2009-11-26 18:29 -------- d-----w- c:\programdata\Apple Computer
2010-03-04 12:50 . 2009-11-26 18:29 -------- d-----w- c:\program files\Common Files\Apple
2010-03-04 11:10 . 2009-12-02 14:12 -------- d-----w- c:\program files\Mad Scientist Productions
2010-03-03 13:37 . 2009-12-01 13:31 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2010-03-03 13:36 . 2009-11-27 15:21 460592 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2010-03-03 10:58 . 2009-11-28 19:10 -------- d-----w- c:\programdata\Corel
2010-03-03 10:27 . 2009-11-28 15:44 53319 ----a-w- c:\programdata\Temp\{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}\PostBuild.exe
2010-03-03 08:42 . 2010-01-05 23:10 132 ----a-w- c:\windows\system32\rezumatenoi.dat
2010-03-03 08:38 . 2010-03-03 08:38 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
2010-03-03 08:18 . 2003-03-18 18:14 499712 ----a-w- c:\windows\system32\msvcp71.dll
2010-03-03 08:18 . 2003-02-21 02:42 348160 ----a-w- c:\windows\system32\msvcr71.dll
2010-03-03 08:16 . 2009-11-25 17:38 -------- d-----w- c:\program files\Defraggler
2010-03-03 08:14 . 2009-11-25 17:37 -------- d-----w- c:\program files\CCleaner
2010-03-03 08:05 . 2009-11-25 16:31 -------- d-----w- c:\program files\TuneUp Utilities 2010
2010-03-02 07:15 . 2010-03-03 09:15 1025984 ----a-w- c:\programdata\LGMOBILEAX\B2C_Client\LGUserCSTool.exe
2010-03-02 07:11 . 2010-03-03 09:15 507904 ----a-w- c:\programdata\LGMOBILEAX\B2C_Client\LGMUpgradeDL.dll
2010-02-25 10:03 . 2009-11-25 16:31 30536 ----a-w- c:\windows\system32\TURegOpt.exe
2010-02-24 07:16 . 2009-11-25 16:58 181632 ------w- c:\windows\system32\MpSigStub.exe
2010-02-24 03:16 . 2010-03-03 09:15 90112 ----a-w- c:\programdata\LGMOBILEAX\B2C_Client\LGMobileDL.dll
2010-02-09 21:32 . 2010-02-09 20:58 -------- dc----w- c:\program files\LG PC Suite 2
2010-02-09 21:30 . 2010-02-09 21:30 -------- d-----w- c:\users\Sini\AppData\Roaming\InstallShield
2010-02-09 21:00 . 2010-02-09 21:00 -------- dc----w- c:\program files\LG Electronics
2010-02-08 18:26 . 2010-02-08 18:26 -------- d-----w- c:\programdata\BDJ
2010-02-06 14:30 . 2010-02-06 14:30 -------- d-----w- c:\programdata\InstallShield
2010-02-06 14:30 . 2010-02-06 14:30 -------- dc----w- c:\program files\LG Soft India
2010-02-06 14:30 . 2009-11-25 20:09 -------- d-----w- c:\program files\Common Files\InstallShield
2010-02-02 18:54 . 2010-03-03 18:00 5313536 ----a-w- c:\windows\system32\drivers\atipmdag.sys
2010-02-02 18:54 . 2010-03-03 18:00 5313536 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2010-02-02 18:23 . 2010-03-03 18:00 426496 ----a-w- c:\windows\system32\aticfx32.dll
2010-02-02 18:19 . 2010-03-03 18:00 143360 ----a-w- c:\windows\system32\atiapfxx.exe
2010-02-02 18:17 . 2010-03-03 18:00 446464 ----a-w- c:\windows\system32\ATIDEMGX.dll
2010-02-02 18:17 . 2009-12-02 14:40 372736 ----a-w- c:\windows\system32\atieclxx.exe
2010-02-02 18:16 . 2009-12-02 14:40 172032 ----a-w- c:\windows\system32\atiesrxx.exe
2010-02-02 18:15 . 2010-03-03 18:00 159744 ----a-w- c:\windows\system32\atitmmxx.dll
2010-02-02 18:15 . 2010-03-03 18:00 356352 ----a-w- c:\windows\system32\atipdlxx.dll
2010-02-02 18:15 . 2010-03-03 18:00 274432 ----a-w- c:\windows\system32\Oemdspif.dll
2010-02-02 18:14 . 2010-03-03 18:00 11776 ----a-w- c:\windows\system32\atimuixx.dll
2010-02-02 18:14 . 2010-03-03 18:00 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2010-02-02 18:12 . 2009-12-19 11:31 3073024 ----a-w- c:\windows\system32\atidxx32.dll
2010-02-02 18:01 . 2010-03-03 18:00 14147072 ----a-w- c:\windows\system32\atioglxx.dll
2010-02-02 17:55 . 2009-12-02 14:40 3653632 ----a-w- c:\windows\system32\atiumdag.dll
2010-02-02 17:52 . 2010-03-03 18:00 53248 ----a-w- c:\windows\system32\aticalrt.dll
2010-02-02 17:52 . 2010-03-03 18:00 53248 ----a-w- c:\windows\system32\aticalcl.dll
2010-02-02 17:51 . 2010-03-03 18:00 3649536 ----a-w- c:\windows\system32\aticaldd.dll
2010-02-02 17:40 . 2010-03-03 18:00 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2010-02-02 17:37 . 2009-12-02 14:40 2934272 ----a-w- c:\windows\system32\atiumdva.dll
2010-02-02 17:25 . 2010-03-03 18:00 52224 ----a-w- c:\windows\system32\atimpc32.dll
2010-02-02 17:25 . 2010-03-03 18:00 52224 ----a-w- c:\windows\system32\amdpcom32.dll
2010-02-02 17:24 . 2009-12-02 14:40 229376 ----a-w- c:\windows\system32\atiadlxx.dll
2010-02-02 17:24 . 2010-03-03 18:00 12800 ----a-w- c:\windows\system32\atiglpxx.dll
2010-02-02 17:24 . 2010-03-03 18:00 14848 ----a-w- c:\windows\system32\atigktxx.dll
2010-02-02 17:23 . 2010-03-03 18:00 150016 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2010-02-02 17:23 . 2010-03-03 18:00 50176 ----a-w- c:\windows\system32\coinst.dll
2010-02-02 17:23 . 2010-03-03 18:00 27136 ----a-w- c:\windows\system32\atiuxpag.dll
2010-02-02 17:22 . 2010-03-03 18:00 20480 ----a-w- c:\windows\system32\atiu9pag.dll
2010-02-02 07:45 . 2010-03-03 08:01 2048 ----a-w- c:\windows\system32\tzres.dll
2010-01-29 22:30 . 2010-01-24 16:49 -------- d-----w- c:\program files\Audible
2010-01-29 20:29 . 2009-11-28 15:44 -------- d-----w- c:\users\Sini\AppData\Roaming\dvdcss
2010-01-28 21:51 . 2009-12-29 20:42 -------- d-----w- c:\programdata\Autodesk
2010-01-28 13:33 . 2010-03-03 18:00 100352 ----a-w- c:\windows\system32\drivers\AtiHdmi.sys
2010-01-24 18:24 . 2010-01-24 16:54 -------- d-----w- c:\users\Sini\AppData\Roaming\Creative
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
--- c:\programdata\Temp\{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}\PostBuild.exe ---
Company:
File Description: PostBuild
File Version: 1.00.1026
Product Name: PostBuild
Copyright: Copyright c 2007
Original Filename: PostBuild.exe
File size: 53319
Created time: 2009-11-28 15:44
Modified time: 2010-03-03 10:27
MD5: 92405A3EEB9D74DB7CCFBF32CC720176
SHA1: 42F776DCA60BA19E04086D3E82148E3B68EFD7C1
--- c:\windows\system32\drivers\atapi.sys ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File size: 21584
Created time: 2009-07-13 23:11
Modified time: 2010-03-10 14:16
MD5: 536F37C51D16ABE40A24E417148F8942
SHA1: CCA153A8D0A79161A82A215EDC4CAE12D964CE64
--- c:\windows\System32\p0_aPIH.dll ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File size: 1290240
Created time: 2010-02-18 11:42
Modified time: 2010-02-18 11:42
MD5: B019DC94783BE2DEFE48F5E766E59180
SHA1: 4F5A2BDC24F412B9939275416BB75CFB0185C978
---- Directory of c:\temp ----
2007-11-19 17:39 . 2007-11-19 17:39 1510584 ----a-w- c:\temp\HS2_191\data1.cab
2007-11-19 17:39 . 2007-11-19 17:39 512 ----a-w- c:\temp\HS2_191\data2.cab
2007-11-19 17:39 . 2007-11-19 17:39 493 ----a-w- c:\temp\HS2_191\layout.bin
2007-11-19 17:39 . 2007-11-19 17:39 20574 ----a-w- c:\temp\HS2_191\data1.hdr
2007-11-19 17:39 . 2007-11-19 17:39 437812 ----a-w- c:\temp\HS2_191\setup.ibt
2007-11-19 17:39 . 2007-11-19 17:39 620 ----a-w- c:\temp\HS2_191\setup.ini
2007-11-19 17:39 . 2007-11-19 17:39 225167 ----a-w- c:\temp\HS2_191\setup.inx
2007-11-12 09:46 . 2007-11-12 09:46 200704 ----a-w- c:\temp\HS2_191\Common\UMonit.exe
2007-11-12 09:45 . 2007-11-12 09:45 200704 ----a-w- c:\temp\HS2_191\Common\UMonit64.exe
2007-11-07 17:25 . 2007-11-07 17:25 172097 ----a-w- c:\temp\HS2_191\Common\uninstall.exe
2007-11-02 10:40 . 2007-11-02 10:40 10671 ----a-w- c:\temp\HS2_191\Vista\fixustor.cat
2007-11-02 10:40 . 2007-11-02 10:40 10671 ----a-w- c:\temp\HS2_191\Vista64\fixustor.cat
2007-11-02 10:40 . 2007-11-02 10:40 10687 ----a-w- c:\temp\HS2_191\WinXP64\fixustor.cat
2007-11-02 10:39 . 2007-11-02 10:39 10663 ----a-w- c:\temp\HS2_191\WinXP\fixustor.cat
2007-10-25 12:37 . 2007-10-25 12:37 2150 ----a-w- c:\temp\HS2_191\WinXP64\fixustor.INF
2007-10-25 12:36 . 2007-10-25 12:36 2131 ----a-w- c:\temp\HS2_191\WinXP\FIXUSTOR.INF
2007-10-25 12:36 . 2007-10-25 12:36 2133 ----a-w- c:\temp\HS2_191\Win2K\FIXUSTOR.INF
2007-10-25 12:35 . 2007-10-25 12:35 2150 ----a-w- c:\temp\HS2_191\Vista64\fixustor.INF
2007-10-25 12:34 . 2007-10-25 12:34 2133 ----a-w- c:\temp\HS2_191\Vista\FIXUSTOR.INF
2007-10-23 09:27 . 2007-10-23 09:27 1376 ----a-w- c:\temp\HS2_191\Common\IconCfg.ini
2007-10-23 09:21 . 2007-10-23 09:21 176128 ----a-w- c:\temp\HS2_191\Common\GeneIcon.dll
2007-10-12 17:44 . 2007-10-12 17:44 385 ----a-w- c:\temp\HS2_191\ProductName.ini
2007-06-11 13:12 . 2007-06-11 13:12 12288 ----a-w- c:\temp\HS2_191\Win2K\fixustor.sys
2007-06-11 08:29 . 2007-06-11 08:29 14592 ----a-w- c:\temp\HS2_191\Vista64\fixustor.sys
2007-06-11 08:29 . 2007-06-11 08:29 14592 ----a-w- c:\temp\HS2_191\WinXP64\fixustor.sys
2007-06-11 08:28 . 2007-06-11 08:28 12800 ----a-w- c:\temp\HS2_191\Vista\fixustor.sys
2007-06-11 08:27 . 2007-06-11 08:27 12416 ----a-w- c:\temp\HS2_191\WinXP\fixustor.sys
2007-06-04 13:14 . 2007-06-04 13:14 20480 ----a-w- c:\temp\HS2_191\Common\CReaderRemoveTray98.exe
2007-05-09 12:34 . 2007-05-09 12:34 176128 ----a-w- c:\temp\HS2_191\Common\ustor.dll
2006-11-07 11:59 . 2006-11-07 11:59 142 ----a-w- c:\temp\HS2_191\Vista64\parameter.log
2006-11-07 11:59 . 2006-11-07 11:59 142 ----a-w- c:\temp\HS2_191\WinXP64\parameter.log
2006-11-07 11:56 . 2006-11-07 11:56 142 ----a-w- c:\temp\HS2_191\Vista\parameter.log
2006-11-07 11:56 . 2006-11-07 11:56 142 ----a-w- c:\temp\HS2_191\WinXP\parameter.log
2006-11-07 11:55 . 2006-11-07 11:55 142 ----a-w- c:\temp\HS2_191\Win2K\parameter.log
2006-05-18 15:58 . 2006-05-18 15:58 309760 ----a-w- c:\temp\HS2_191\DIFxAPI.dll
2005-04-14 08:12 . 2005-04-14 08:12 589880 ----a-w- c:\temp\HS2_191\SETUP.BMP
2004-04-19 01:10 . 2004-04-19 01:10 460264 ----a-w- c:\temp\HS2_191\engine32.cab
2004-04-19 01:10 . 2004-04-19 01:10 116688 ----a-w- c:\temp\HS2_191\setup.exe
2001-11-23 11:49 . 2001-11-23 11:49 41853 ----a-w- c:\temp\HS2_191\SETUP.JPG
---- Directory of c:\users\Sini\AppData\Local\Stay Secure ----
2010-03-07 17:54 . 2010-03-07 17:54 549 ----a-w- c:\users\Sini\AppData\Local\Stay Secure\icon.png
2010-03-07 17:54 . 2010-03-07 17:54 86 ----a-w- c:\users\Sini\AppData\Local\Stay Secure\install.conf
2010-03-07 17:54 . 2010-03-07 17:54 1060 ----a-w- c:\users\Sini\AppData\Local\Stay Secure\css\gui.css
2010-03-07 17:54 . 2010-03-07 17:54 3624 ----a-w- c:\users\Sini\AppData\Local\Stay Secure\img\browser4c.png
2010-03-07 17:54 . 2010-03-07 17:54 308 ----a-w- c:\users\Sini\AppData\Local\Stay Secure\img\status2.png
2010-03-07 17:54 . 2010-03-07 17:54 3558 ----a-w- c:\users\Sini\AppData\Local\Stay Secure\img\browser1b.png
2010-03-07 17:54 . 2010-03-07 17:54 3579 ----a-w- c:\users\Sini\AppData\Local\Stay Secure\img\browser1.png
2010-03-07 17:54 . 2010-03-07 17:54 134 ----a-w- c:\users\Sini\AppData\Local\Stay Secure\img\status0.png
2010-03-07 17:54 . 2010-03-07 17:54 3842 ----a-w- c:\users\Sini\AppData\Local\Stay Secure\img\browser0.png
2010-03-07 17:54 . 2010-03-07 17:54 3654 ----a-w- c:\users\Sini\AppData\Local\Stay Secure\img\browser2c.png
2010-03-07 17:54 . 2010-03-07 17:54 422 ----a-w- c:\users\Sini\AppData\Local\Stay Secure\img\status5.png
2010-03-07 17:54 . 2010-03-07 17:54 842 ----a-w- c:\users\Sini\AppData\Local\Stay Secure\img\browser4d.png
2010-03-07 17:54 . 2010-03-07 17:54 1337 ----a-w- c:\users\Sini\AppData\Local\Stay Secure\img\bg.png
2010-03-07 17:54 . 2010-03-07 17:54 3666 ----a-w- c:\users\Sini\AppData\Local\Stay Secure\img\browser2b.png
2010-03-07 17:54 . 2010-03-07 17:54 887 ----a-w- c:\users\Sini\AppData\Local\Stay Secure\img\browser3d.png
2010-03-07 17:54 . 2010-03-07 17:54 406 ----a-w- c:\users\Sini\AppData\Local\Stay Secure\img\status4.png
2010-03-07 17:54 . 2010-03-07 17:54 3634 ----a-w- c:\users\Sini\AppData\Local\Stay Secure\img\browser3b.png
2010-03-07 17:54 . 2010-03-07 17:54 3829 ----a-w- c:\users\Sini\AppData\Local\Stay Secure\img\browser0c.png
2010-03-07 17:54 . 2010-03-07 17:54 992 ----a-w- c:\users\Sini\AppData\Local\Stay Secure\img\browser0d.png
2010-03-07 17:54 . 2010-03-07 17:54 3675 ----a-w- c:\users\Sini\AppData\Local\Stay Secure\img\browser2.png
2010-03-07 17:54 . 2010-03-07 17:54 3615 ----a-w- c:\users\Sini\AppData\Local\Stay Secure\img\browser4b.png
2010-03-07 17:54 . 2010-03-07 17:54 354 ----a-w- c:\users\Sini\AppData\Local\Stay Secure\img\status3.png
2010-03-07 17:54 . 2010-03-07 17:54 233 ----a-w- c:\users\Sini\AppData\Local\Stay Secure\img\status1.png
2010-03-07 17:54 . 2010-03-07 17:54 549 ----a-w- c:\users\Sini\AppData\Local\Stay Secure\img\favicon.png
2010-03-07 17:54 . 2010-03-07 17:54 3638 ----a-w- c:\users\Sini\AppData\Local\Stay Secure\img\browser3.png
2010-03-07 17:54 . 2010-03-07 17:54 3629 ----a-w- c:\users\Sini\AppData\Local\Stay Secure\img\browser3c.png
2010-03-07 17:54 . 2010-03-07 17:54 3600 ----a-w- c:\users\Sini\AppData\Local\Stay Secure\img\browser4.png
2010-03-07 17:54 . 2010-03-07 17:54 849 ----a-w- c:\users\Sini\AppData\Local\Stay Secure\img\browser1d.png
2010-03-07 17:54 . 2010-03-07 17:54 3560 ----a-w- c:\users\Sini\AppData\Local\Stay Secure\img\browser1c.png
2010-03-07 17:54 . 2010-03-07 17:54 965 ----a-w- c:\users\Sini\AppData\Local\Stay Secure\img\browser2d.png
2010-03-07 17:54 . 2010-03-07 17:54 3833 ----a-w- c:\users\Sini\AppData\Local\Stay Secure\img\browser0b.png
2010-03-07 17:54 . 2010-03-07 17:54 221 ----a-w- c:\users\Sini\AppData\Local\Stay Secure\img\close.png
2010-03-07 17:54 . 2010-03-07 17:54 435 ----a-w- c:\users\Sini\AppData\Local\Stay Secure\config.xml
2010-03-07 17:54 . 2010-03-07 17:54 1323 ----a-w- c:\users\Sini\AppData\Local\Stay Secure\index.html
------- Sigcheck -------
[-] 2010-03-10 14:16 . 536F37C51D16ABE40A24E417148F8942 . 21584 . . [------] . . c:\windows\System32\drivers\atapi.sys
[7] 2009-07-14 . 338C86357871C167A96AB976519BF59E . 21584 . . [6.1.7600.16385] . . c:\windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
.
(((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-02-04 1197448]
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
2009-08-17 16:54 564624 ----a-w- c:\progra~1\MICROS~1\Office14\URLREDIR.DLL
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-02-04 14:50 1197448 -c--a-w- c:\program files\Ask.com\GenericAskToolbar.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{da9e5a55-a1a2-1b97-026f-b233372fee2e}]
2010-02-18 11:42 1290240 ----a-w- c:\windows\System32\p0_aPIH.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-02-04 1197448]
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2010-03-11 319792]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-01-07 1394000]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 55824]
"F-Secure Manager"="c:\program files\Sonera\Sonera Tietoturva\Common\FSM32.EXE" [2009-08-05 199264]
"F-Secure TNB"="c:\program files\Sonera\Sonera Tietoturva\FSGUI\TNBUtil.exe" [2009-08-05 2349664]
"HLGCVFSDUA.exe"="c:\users\Sini\AppData\Roaming\HLGCVFSDUA.exe" [2010-03-12 45056]
c:\users\Sini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
LimeWire On Startup.lnk - c:\program files\LimeWire\LimeWire.exe [2010-3-8 503808]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /r \??\f:\0autocheck autochk *\0sasnative32
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^forteManager.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\forteManager.lnk
backup=c:\windows\pss\forteManager.lnk.CommonStartup
backupExtension=.CommonStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2010-03-11 08:51 319792 ----a-w- c:\program files\uTorrent\uTorrent.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"EA Core"="c:\program files\Electronic Arts\EADM\Core.exe" -silent
"uTorrent"="c:\program files\uTorrent\uTorrent.exe"
"LightScribe Control Panel"=c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
"SoftAuto.exe"="c:\program files\Creative\Software Update 3\SoftAuto.exe"
"CTSyncU.exe"="c:\program files\Creative\Sync Manager Unicode\CTSyncU.exe"
"ISUSPM Startup"=c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
"Canaveral"=rundll32.exe c:\windows\system32\sshnas21.dll,BackupReadW
"FileHippo.com"="c:\program files\FileHippo.com\UpdateChecker.exe" /background
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"ATICustomerCare"="c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"CmPCIaudio"=RunDll32 CMICNFG3.cpl,CMICtrlWnd
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" -start
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2010/01/20 10:46];c:\program files\CyberLink\PowerDVD9\000.fcl [x]
R2 1394ohcib;1394ohcib;c:\windows\System32\DRIVERS\1394ohcib.sys [x]
R3 ADASPROT;SYSTWEAKASO;c:\program files\Advanced System Optimizer 3\adasprot32.sys [x]
R3 LGDDCDevice;LGDDCDevice;c:\program files\LG Soft India\forteManager\bin\I2CDriver.sys [2008-12-12 14336]
R3 LGII2CDevice;LGII2CDevice;c:\program files\LG Soft India\forteManager\bin\PII2CDriver.sys [2008-12-12 18432]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2009-08-21 30510960]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-08-21 4639136]
R4 CTUPnPSv;Creative Centrale Media Server;c:\program files\Creative\Creative Centrale\CTUPnPSv.exe [2008-05-21 64000]
R4 F-Secure Filter;F-Secure File System Filter;c:\program files\Sonera\Sonera Tietoturva\Anti-Virus\Win2K\FSfilter.sys [2009-08-05 39776]
R4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files\Sonera\Sonera Tietoturva\Anti-Virus\Win2K\FSrec.sys [2009-08-05 25184]
S0 fsbts;fsbts;c:\windows\system32\Drivers\fsbts.sys [2010-03-06 33920]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-01-03 722416]
S1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys [2009-08-05 68064]
S1 FSES;F-Secure Email Scanning Driver;c:\windows\system32\drivers\fses.sys [2009-08-05 35680]
S1 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [2009-08-05 71040]
S1 fsvista;F-Secure Vista Support Driver;c:\program files\Sonera\Sonera Tietoturva\Anti-Virus\minifilter\fsvista.sys [2009-08-05 12384]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-02-02 172032]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-17 11032]
S2 sprtsvc_sonera;SupportSoft Sprocket Service (sonera);c:\program files\Sonera\InternetAvustaja\bin\sprtsvc.exe [2008-10-16 202016]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-02-25 1047880]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [2010-02-02 5313536]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-02-02 150016]
S3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\Sonera\Sonera Tietoturva\Anti-Virus\minifilter\fsgk.sys [2010-03-06 107104]
S3 FSORSPClient;F-Secure ORSP Client;c:\program files\Sonera\Sonera Tietoturva\ORSP Client\fsorsp.exe [2010-03-06 55992]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064]
--- Muut muistissa olevat ajurit/palvelut ---
*Deregistered* - CLBUDFR
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-08-20 11:24 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
'Ajoitetut tehtävät'-kansion sisältö
2010-03-14 c:\windows\Tasks\Scheduled scanning task.job
- c:\progra~1\Sonera\SONERA~1\ANTI-V~1\fsav.exe [2010-03-06 15:56]
.
.
------- Täydentävä tarkistus -------
.
uStart Page = hxxp://eu.ask.com?o=15161&l=dis
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
LSP: c:\program files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll
LSP: c:\program files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL
Trusted Zone: corel.com
Trusted Zone: corel.com\www
Trusted Zone: intervideo.com
Trusted Zone: intervideo.com\www
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
FF - ProfilePath - c:\users\Sini\AppData\Roaming\Mozilla\Firefox\Profiles\k20tmfqy.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www3.iamwired.net/websearch.php?src=tops&search=
FF - prefs.js: browser.search.selectedEngine - Torrents.to
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fi/
FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=LMW2&o=16062&locale=en_EU&q=
FF - component: c:\program files\Mozilla Firefox\extensions\{80155943-b083-a2cf-0350-54d3b1be1609}\components\t_3vJRObPy.dll
FF - plugin: c:\progra~1\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
---- FIREFOXIN KÄYTÄNNÖT ----
FF - user.js: network.http.max-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 750
FF - user.js: content.notify.interval - 750000
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: network.http.max-persistent-connections-per-server - 2
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - POISTETUT JÄMÄRIVIT - - - -
AddRemove-MSF_RIUNyS3 - c:\windows\system32\MSF_RIUNyS3.exe
**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll >>UNKNOWN [0x85B061F8]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
IoDeviceObjectType -> DumpProcedure -> 0xd46a624f
SecurityProcedure -> 0x85b4bcf8
QueryNameProcedure -> 0x85b4be88
user & kernel MBR OK
**************************************************************************
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{B154377D-700F-42cc-9474-23858FBDF4BD}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD9\000.fcl"
.
--------------------- LUKITUT REKISTERIAVAIMET ---------------------
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Prosesseihin ladatut DLLt ---------------------
- - - - - - - > 'Explorer.exe'(4540)
c:\program files\Sonera\Sonera Tietoturva\Spam Control\fsscoepl.dll
c:\progra~1\LGPCSU~1\PHONEM~1\Phone.dll
c:\progra~1\LGPCSU~1\PHONEM~1\MFC42.DLL
.
------------------------ Muut prosessit ------------------------
.
c:\windows\system32\atieclxx.exe
c:\program files\Sonera\Sonera Tietoturva\Anti-Virus\fsgk32st.exe
c:\program files\Sonera\Sonera Tietoturva\Anti-Virus\FSGK32.EXE
c:\program files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
c:\program files\Sonera\Sonera Tietoturva\Common\FSMA32.EXE
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Sonera\Sonera Tietoturva\Common\FSHDLL32.EXE
c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\windows\system32\taskhost.exe
c:\program files\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
c:\program files\Sonera\Sonera Tietoturva\FWES\Program\fsdfwd.exe
c:\windows\system32\conhost.exe
c:\windows\system32\taskhost.exe
c:\program files\Sonera\Sonera Tietoturva\Anti-Virus\fssm32.exe
c:\program files\Sonera\Sonera Tietoturva\Anti-Virus\fsav32.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\WUDFHost.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Valmistumisajankohta: 2010-03-14 12:09:27 - kone käynnistettiin uudelleen
ComboFix-quarantined-files.txt 2010-03-14 10:09
ComboFix2.txt 2010-03-11 21:00
Ennen ajoa: 793 787 588 608 tavua vapaana
Ajon jälkeen: 793 739 071 488 tavua vapaana
- - End Of File - - 7C83DB647A252A49F14A0DEFC3A3A791
|
|
Mainos
|
|
|
|
hannu71
Member
|
18. maaliskuuta 2010 @ 00:40 |
Linkki tähän viestiin
|
warwas pyysi, että lähetät lokit tuonne , kun sen nicki on suljettu täällä.
|
|
