Sain jostain koneelleni ask toolbar ja facemoods nimiset ohjelmat. Poistin revolla molemmat, mutta ask toolbar on silti joka selaimessa. Mikä neuvoksi?? Ongelma jatkuu. Ohjaa selaimen hausta suoraan tähän facemoods hakuun. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:14:09, on 6.2.2011 Platform: Unknown Windows (WinNT 6.01.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16700) Boot mode: Normal Running processes: C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Windows\PLFSetI.exe C:\Users\Topias\AppData\Roaming\Google\Google Talk\googletalk.exe C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe C:\Program Files (x86)\Launch Manager\LManager.exe C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Voddler\service\VNetManager.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040b&m=aspire_7736&r=273610103306l0328z175t49m1h636 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040b&m=aspire_7736&r=273610103306l0328z175t49m1h636 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040b&m=aspire_7736&r=273610103306l0328z175t49m1h636 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040b&m=aspire_7736&r=273610103306l0328z175t49m1h636 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ostpl&s={searchTerms}&f=4 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live ID -kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k O4 - HKLM\..\Run: [EgisTecLiveUpdate] "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe" O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe" O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [VoddlerNet Manager] C:\Program Files (x86)\Voddler\service\VNetManager.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [googletalk] C:\Users\Topias\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart O4 - HKCU\..\Run: [Google Update] "C:\Users\Topias\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [ALLUpdate] "C:\Program Files (x86)\OpenSubtitlesPlayer\ALLUpdate.exe" "sleep" O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Paikallinen palvelu') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Paikallinen palvelu') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Verkkopalvelu') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Verkkopalvelu') O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Topias\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O8 - Extra context menu item: V&ie Microsoft Exceliin - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Lähetä OneNoteen - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Läh&etä OneNoteen - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O13 - Gopher Prefix: O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: VoddlerNet - Voddler - C:\Program Files (x86)\Voddler\service\voddler.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 10426 bytes
Odota rauhassa, kyllä kalminen/joku muu tulee kattomaan. Kalminen taitaa olla ainoa joka näitä logeja tarkistelee täällä AD:ssä.
. Lataa Malwarebytes' Anti-Malware työpöydällesi. Jos linkki ei toimi, voit ladata myös seuraavista linkeistä: Linkki1 Linkki2 * Tuplaklikkaa mbam-setup.exe ja seuraa ohjeita asentaaksesi ohjelman. * Lopuksi varmistu, että seuraavat on valittu: Päivitä Malwarebytes' Anti-Malware ja Käynnistä Malwarebytes' Anti-Malware ja sen jälkeen klikkaa Lopeta. * Jos päivitys löytyy, ohjelma lataa ja asentaa uusimman version. * Jos päivityksien lataaminen ei onnistu, voit ladata päivitykset TÄSTÄ. Tuplaklikkaa mbam-rules.exe asentaaksesi päivitykset. * Kun ohjelma on latautunut ja päivitykset tehty, valitse Suorita täysi tarkistus ja klikkaa Tarkista. * Kun tarkistus on valmis, klikkaa OK ja sitten Näytä tulokset nähdäksesi tulokset. * Varmistu, että kaikki on merkitty ja klikkaa Poista valitut. * Tämän jälkeen loki avautuu muistioon. Tallenna se paikkaan, josta löydät sen helposti. Loki löytyy myös täältä: C:\Documents and Settings\Käyttäjänimi\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-päiväys.txt * Lähetä lokin sisältö seuraavassa viestissäsi.[/list] Huom. Jos Mbam ei pystynyt poistamaan tiedostoa, se pyytää sinua käynnistämään koneesi uudelleen. Käynnistä koneesi silloin uudelleen heti. Mbam voi tehdä muutoksia rekisteriisi osana puhdistusta. Jos käytät suojausohjelmaa, joka havaitsee rekisterin muutokset, salli Mbamin tehdä muutokset. -------------------------------------------------------------------------- Mene Windowsin ControlPaneliin (Ohjauspaneli) ja sieltä Ohjelmat / Toiminnot tai => RevoUninstallerilla (hyvä softa) Etsi ja poista ohjelma jonka nimessä on: HijackThisin Lataa TÄÄLTÄ * Tallenna HijaskThis.exe työpöydällesi tai tee sille oma kansio. Poista ne rivit jotka ovat vielä jäljellä: Kun käynnistät HijackThis =(HJT) ohjelman tee se hiiren oikealla napilla ja valitset Suorita Järjestelmänvalvojana (HJT sammuttaa ohjelman ei poista) Sammuta selain ja muut ohjelmat Fixin ajaksi. (ei virustorjuntaa) ja Scan ja ruksaa seuraavat punaisella listatut rivit sekä sammuta ne. (fix Chekked napista) R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ostpl&s={searchTerms}&f=4 O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll ---------------------------------------------------------------- Tyhjennä roskakori ja käynnistä koneesi uudelleen. Postita tänne seuraavat logit: * Tuore HijackThis loki (Otetaan viimeisenä ennen postitusta) * Kopioi Malwarebytes' Anti-Malwaren Logitiedostot välilehdeltä uusin logi tänne. * * Mikä on tilanne ??? *
Hijack This loki: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:31:52, on 6.2.2011 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16700) Boot mode: Normal Running processes: C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Windows\PLFSetI.exe C:\Users\Topias\AppData\Roaming\Google\Google Talk\googletalk.exe C:\Users\Topias\AppData\Local\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe C:\Program Files (x86)\Launch Manager\LManager.exe C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Program Files (x86)\Voddler\service\VNetManager.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Users\Topias\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040b&m=aspire_7736&r=273610103306l0328z175t49m1h636 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040b&m=aspire_7736&r=273610103306l0328z175t49m1h636 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040b&m=aspire_7736&r=273610103306l0328z175t49m1h636 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040b&m=aspire_7736&r=273610103306l0328z175t49m1h636 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Windows Live ID -kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k O4 - HKLM\..\Run: [EgisTecLiveUpdate] "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe" O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe" O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKLM\..\Run: [VoddlerNet Manager] C:\Program Files (x86)\Voddler\service\VNetManager.exe O4 - HKCU\..\Run: [googletalk] C:\Users\Topias\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart O4 - HKCU\..\Run: [Google Update] "C:\Users\Topias\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Paikallinen palvelu') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Paikallinen palvelu') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Verkkopalvelu') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Verkkopalvelu') O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Topias\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O8 - Extra context menu item: V&ie Microsoft Exceliin - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Lähetä OneNoteen - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Läh&etä OneNoteen - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: VoddlerNet - Voddler - C:\Program Files (x86)\Voddler\service\voddler.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe -- End of file - 22603 bytes ---------------------------------------------------------------------------------------- Malwarebytes' Anti-Malware Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Tietokantaversio: 5693 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 6.2.2011 21:02:05 mbam-log-2011-02-06 (21-02-05).txt Tarkistustyyppi: Täysi tarkistus (C:\|) Tarkistettuja kohteita: 278356 Kulunut aika: 36 minuutti(a), 35 sekunti(a) Saastuneita muistiprosesseja: 0 Saastuneita muistimoduuleja: 0 Saastuneita rekisteriavaimia: 0 Saastuneita rekisteriarvoja: 0 Saastuneita rekisterikohteita: 0 Saastuneita kansioita: 0 Saastuneita tiedostoja: 0 Saastuneita muistiprosesseja: (Ei haitallisia kohteita) Saastuneita muistimoduuleja: (Ei haitallisia kohteita) Saastuneita rekisteriavaimia: (Ei haitallisia kohteita) Saastuneita rekisteriarvoja: (Ei haitallisia kohteita) Saastuneita rekisterikohteita: (Ei haitallisia kohteita) Saastuneita kansioita: (Ei haitallisia kohteita) Saastuneita tiedostoja: (Ei haitallisia kohteita) ---------------------------------------------------------------------------------------- Edelleen jos koittaa selaimen osoiteriviin kirjoittaa esim. facebook, se heittää tälläiselle sivulle: http://start.facemoods.com/results.php?f=5&a=ostpl&q=facebook Toivottavasti tein kuitenkin noi fixit oikein
. Kyllä olet toiminut oikein. Tuo TuliKettu on tänä talvena ollut tavallista hankalampi. (jäänut 4.0 kehitystyön takia jälkeen) Lataa työpöydälle => TÄMÄ * Sulje kaikki päälläolevat ikkunat ja sovellukset. * Tuplaklikkaa OTL.exeä käynnistääksesi OTListIt:n. * laita ruxit kuvanmukaan => * Klikkaa Run Scan nappulaa. * Kun tarkistus on valmis, OTListIt luo kaksi tekstitiedostoa työpöydälle, tai alapalkkiin OTListIt.Txt ja Extras.txt * Kopioi ja lähetä tiedostojen sisältö tänne.
Extras.txt: OTL Extras logfile created on: 2/7/2011 3:07:01 PM - Run 1 OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\Topias\Downloads 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000409 | Country: Suomi | Language: FIN | Date Format: d.M.yyyy 6.00 Gb Total Physical Memory | 5.00 Gb Available Physical Memory | 76.00% Memory free 12.00 Gb Paging File | 10.00 Gb Available in Paging File | 86.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 582.40 Gb Total Space | 454.66 Gb Free Space | 78.07% Space Free | Partition Type: NTFS Computer Name: TOPIAS-PC | User Name: Topias | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found [HKEY_USERS\S-1-5-21-4208683347-5779211-2842322190-1001\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* File not found cmdfile [open] -- "%1" %* File not found comfile [open] -- "%1" %* File not found exefile [open] -- "%1" %* File not found helpfile [open] -- Reg Error: Key error. http [open] -- Reg Error: Key error. https [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* File not found regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" File not found scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found scrfile [open] -- "%1" /S File not found txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. http [open] -- Reg Error: Key error. https [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{11F38253-8940-FFDA-D131-B14120C357E4}" = ATI Catalyst Install Manager "{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant "{3D4BCAF1-DDA5-3E92-9143-1133D125B071}" = Microsoft .NET Framework 4 Client Profile FIN Language Pack "{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety "{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP "{856A0713-BB96-4192-B48A-2488A0B871E1}" = Windows Live Family Safety "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-040B-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Finnish) 2007 "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{96F70DF8-160F-4F9C-9B9E-2A9B439B4EB9}" = Broadcom Gigabit NetLink Controller "{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver "{BD41C9CA-7722-7C0F-8BFE-E88A81865287}" = ccc-utility64 "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware "{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "CCleaner" = CCleaner "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile FIN Language Pack" = Microsoft .NET Framework 4 Client Profilen suomen kielipaketti "WinRAR archiver" = WinRAR 4.00 beta 3 (64-bit) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{14D6085A-9A42-C0B5-823E-8C9619AC1026}" = Catalyst Control Center Graphics Full New "{1A72337E-D126-4BAF-AC89-E6122DB71866}" = Windows Liven valokuvavalikoima "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1FF19BBD-554D-733C-3BDF-B55C99349198}" = Catalyst Control Center Core Implementation "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8 "{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe "{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 23 "{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{346D6B7A-4AD8-5C2C-E249-34CA3CD7D34B}" = CCC Help Polish "{34A0D249-747E-4D6C-803D-329C120C6B79}" = Catalyst Control Center - Branding "{357C0C30-051F-FE77-4709-025786123FB1}" = ccc-core-static "{39BDD209-5704-480C-9F4A-B69D0370DDBB}" = Windows Live Messenger "{3B27F4EF-23C4-4D9F-871C-B284E8CDA97A}" = Windows Live Sync "{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management "{41BC23C5-157F-77A0-6662-17A5096E7946}" = Catalyst Control Center Graphics Previews Vista "{4507185D-FAB8-B77D-4546-2CF31DA906AD}" = Catalyst Control Center Graphics Full Existing "{4967ADB1-27A6-635F-A217-754BD9A05E2E}" = CCC Help Czech "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{54DFD48E-0E0D-5D0C-BD93-CE3DF090EC1C}" = CCC Help Japanese "{5528C69D-4018-C4BD-7D00-67F90623EB33}" = CCC Help Italian "{5582C24D-5597-42D2-537E-BA329164D78D}" = CCC Help Thai "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6EF2BE2C-3121-48B7-B7A6-C56046B3A588}" = Windows Live Movie Maker "{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7760D94E-B1B5-40A0-9AA0-ABF942108755}" = Acer Crystal Eye Webcam "{785F975B-50FB-C523-5E58-C6EFE9E62424}" = CCC Help Portuguese "{7D62622F-78B7-91B0-5B75-4082DDFAC775}" = CCC Help Swedish "{7D9EF8C1-1B76-44AF-A918-86CBA6FD24C8}" = Microsoft Works "{7DE2B39B-97F0-EC01-06D6-E25C6D4164DF}" = CCC Help German "{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}" = Farm Frenzy 2 "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{878789F8-276E-4D98-20E6-78DCBD77AD7D}" = CCC Help Turkish "{8909CFA8-97BF-4077-AC0F-6925243FFE08}" = Windows Liven asennustyökalu "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8CF5D47D-27B7-49D6-A14F-10550B92749D}" = Windows Live UX Platform Language Pack "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1" = Acer GameZone Console "{8F2AE892-C036-C2F8-0D45-0ED891440D68}" = CCC Help French "{90120000-0015-040B-0000-0000000FF1CE}" = Microsoft Office Access MUI (Finnish) 2007 "{90120000-0015-040B-0000-0000000FF1CE}_ENTERPRISE_{DCB679BA-7B0C-4D8C-B443-79701F6FA01C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-040B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Finnish) 2007 "{90120000-0016-040B-0000-0000000FF1CE}_ENTERPRISE_{DCB679BA-7B0C-4D8C-B443-79701F6FA01C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-040B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Finnish) 2007 "{90120000-0018-040B-0000-0000000FF1CE}_ENTERPRISE_{DCB679BA-7B0C-4D8C-B443-79701F6FA01C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-040B-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Finnish) 2007 "{90120000-0019-040B-0000-0000000FF1CE}_ENTERPRISE_{DCB679BA-7B0C-4D8C-B443-79701F6FA01C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-040B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Finnish) 2007 "{90120000-001A-040B-0000-0000000FF1CE}_ENTERPRISE_{DCB679BA-7B0C-4D8C-B443-79701F6FA01C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-040B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Finnish) 2007 "{90120000-001B-040B-0000-0000000FF1CE}_ENTERPRISE_{DCB679BA-7B0C-4D8C-B443-79701F6FA01C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040B-0000-0000000FF1CE}" = Microsoft Office Proof (Finnish) 2007 "{90120000-001F-040B-0000-0000000FF1CE}_ENTERPRISE_{8C00DF3E-E8BD-4C6A-B86F-0135E11DAF1C}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-041D-0000-0000000FF1CE}" = Microsoft Office Proof (Swedish) 2007 "{90120000-001F-041D-0000-0000000FF1CE}_ENTERPRISE_{43722AA8-ACEA-4F54-9B83-2467D376EF8A}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-002A-040B-1000-0000000FF1CE}_ENTERPRISE_{06921DF8-773B-45F8-9464-6BB1C56FEF21}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-002C-040B-0000-0000000FF1CE}" = Microsoft Office Proofing (Finnish) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{90120000-0044-040B-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Finnish) 2007 "{90120000-0044-040B-0000-0000000FF1CE}_ENTERPRISE_{DCB679BA-7B0C-4D8C-B443-79701F6FA01C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-040B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Finnish) 2007 "{90120000-006E-040B-0000-0000000FF1CE}_ENTERPRISE_{06921DF8-773B-45F8-9464-6BB1C56FEF21}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-040B-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Finnish) 2007 "{90120000-00A1-040B-0000-0000000FF1CE}_ENTERPRISE_{DCB679BA-7B0C-4D8C-B443-79701F6FA01C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00BA-040B-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Finnish) 2007 "{90120000-00BA-040B-0000-0000000FF1CE}_ENTERPRISE_{DCB679BA-7B0C-4D8C-B443-79701F6FA01C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{95D40BD8-2EA7-C51E-A218-B2F863481573}" = CCC Help Chinese Standard "{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader "{98A7C691-304F-31DC-A21C-3675E1D68501}" = CCC Help Chinese Traditional "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{A33B56D0-F273-F6C2-C335-50AE0C83C85C}" = CCC Help Finnish "{A8CB3994-B273-D81E-315C-CA3A8376415E}" = Catalyst Control Center Localization All "{A8D450FB-F8F7-4250-7CE3-A3C24CDE5722}" = CCC Help Hungarian "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AB82BA59-B05B-70DC-992B-D2D7A2AF4EE5}" = CCC Help Korean "{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.4.1 MUI "{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR "{BFB59706-4FEC-37A8-96CD-C7F6932AD6DD}" = CCC Help Norwegian "{C09EECFB-8925-5E54-1580-3FAEB6A78856}" = Catalyst Control Center Graphics Light "{C0ED2557-8BCC-71B6-253C-BDFE26A9B37D}" = CCC Help Spanish "{CC62C6C8-0D7F-3F0D-9BD6-49CB16029A6A}" = CCC Help Greek "{CC6D2A70-B152-E250-ABEA-5D7D681469F8}" = CCC Help English "{CD7CB1E6-267A-408F-877D-B532AD2C882E}" = Windows Live Photo Common "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D6EF5E3C-FED4-15BC-8401-99DFBF3018CD}" = VoddlerPlayer "{DAFFBC42-ABA2-882C-68CB-593B9CF9ACF5}" = CCC Help Russian "{DFF2D0B9-1706-6AA8-85CD-A70DF44AE3F8}" = CCC Help Danish "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E6AAFC37-EB31-768D-A9A5-AA8A84612615}" = CCC Help Dutch "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger "{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F6B7BF58-36D0-A76E-53E2-F65DBD4A6A52}" = Catalyst Control Center InstallProxy "{FBDCDFA2-6950-46A1-B31E-B1B3DF08242B}" = Miro Video Converter "Acer Registration" = Acer Registration "Acer Screensaver" = Acer ScreenSaver "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "avast5" = avast! Free Antivirus "ENTERPRISE" = Microsoft Office Enterprise 2007 "ffdshow_is1" = ffdshow v1.1.3749 [2011-01-24] "foobar2000" = foobar2000 v1.1.1 "Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7 "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.31 "GOM Player" = GOM Player "GridVista" = Acer GridVista "Identity Card" = Identity Card "InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8 "InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe "InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Acer Backup Manager "LManager" = Launch Manager "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13) "Revo Uninstaller" = Revo Uninstaller 1.89 "Spotify" = Spotify "Uninstall_is1" = Uninstall 1.0.0.1 "uTorrent" = µTorrent "Voddler" = VoddlerNet "VoddlerPlayer.22AA32E1C519F8FB77514A36DC6C2AE2C623240F.1" = VoddlerPlayer "WinLiveSuite" = Windows Liven asennustyökalu ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-4208683347-5779211-2842322190-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only) "Google Chrome" = Google Chrome "Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player "XBMC" = XBMC ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 11/10/2010 3:49:02 PM | Computer Name = Topias-PC | Source = MsiInstaller | ID = 11722 Description = Error - 11/10/2010 3:49:03 PM | Computer Name = Topias-PC | Source = Microsoft-Windows-RestartManager | ID = 10007 Description = Sovellusta tai palvelua MyWinLocker Service ei voitu käynnistää uudelleen. Error - 11/11/2010 2:46:35 PM | Computer Name = Topias-PC | Source = MsiInstaller | ID = 11500 Description = Error - 12/16/2010 6:20:09 PM | Computer Name = Topias-PC | Source = Application Error | ID = 1000 Description = Viallisen sovelluksen nimi: chrome.exe, versio: 0.0.0.0, aikaleima: 0x4ccf15cc Viallisen moduulin nimi: chrome.dll, versio: 7.0.517.44, aikaleima: 0x4ccf1596 Poikkeuskoodi: 0x80000003 Virhepoikkeama: 0x000cd2d8 Viallisen prosessin tunnus: 0x12dc Viallisen sovelluksen käynnistysaika: 0x01cb9d6f65a59af0 Viallisen sovelluksen polku: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Viallisen moduulin polku: C:\Program Files (x86)\Google\Chrome\Application\7.0.517.44\chrome.dll Raportin tunnus: a3f0c1bb-0962-11e0-8b81-00262d73ce5e Error - 12/16/2010 6:20:50 PM | Computer Name = Topias-PC | Source = Application Error | ID = 1000 Description = Viallisen sovelluksen nimi: chrome.exe, versio: 0.0.0.0, aikaleima: 0x4ccf15cc Viallisen moduulin nimi: chrome.dll, versio: 7.0.517.44, aikaleima: 0x4ccf1596 Poikkeuskoodi: 0x80000003 Virhepoikkeama: 0x000cd2d8 Viallisen prosessin tunnus: 0x138c Viallisen sovelluksen käynnistysaika: 0x01cb9d6f7ede6d0b Viallisen sovelluksen polku: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Viallisen moduulin polku: C:\Program Files (x86)\Google\Chrome\Application\7.0.517.44\chrome.dll Raportin tunnus: bc9c1ed4-0962-11e0-8b81-00262d73ce5e Error - 1/6/2011 5:36:42 AM | Computer Name = Topias-PC | Source = Application Hang | ID = 1002 Description = Ohjelman Explorer.EXE versio 6.1.7600.16450, lakkasi olemasta yhteydessä Windowsiin, joten se suljettiin. Voit tarkistaa, onko ongelmasta saatavilla lisätietoja, ohjauspaneelin Toimintokeskus-kohdasta. Prosessin tunnus: 5b8 Alkamisaika: 01cbab4c1d25133c Päättymisaika: 60 Sovelluksen polku: C:\Windows\Explorer.EXE Raportin tunnus: 73dbe045-1978-11e0-86e6-00262d73ce5e Error - 2/5/2011 3:41:29 PM | Computer Name = Topias-PC | Source = Application Error | ID = 1000 Description = Viallisen sovelluksen nimi: iexplore.exe, versio: 8.0.7600.16700, aikaleima: 0x4cd23213 Viallisen moduulin nimi: GenericAskToolbar.dll_unloaded, versio: 0.0.0.0, aikaleima: 0x4ca2d1ef Poikkeuskoodi: 0xc0000005 Virhepoikkeama: 0x6e0e8784 Viallisen prosessin tunnus: 0x16e4 Viallisen sovelluksen käynnistysaika: 0x01cbc56ca544b953 Viallisen sovelluksen polku: C:\Program Files (x86)\Internet Explorer\iexplore.exe Viallisen moduulin polku: GenericAskToolbar.dll Raportin tunnus: ecb4b525-315f-11e0-8a85-00262d73ce5e Error - 2/5/2011 4:08:28 PM | Computer Name = Topias-PC | Source = Application Hang | ID = 1002 Description = Ohjelman ALLSubSearcher.exe versio 0.0.0.0, lakkasi olemasta yhteydessä Windowsiin, joten se suljettiin. Voit tarkistaa, onko ongelmasta saatavilla lisätietoja, ohjauspaneelin Toimintokeskus-kohdasta. Prosessin tunnus: 15f0 Alkamisaika: 01cbc5701e56b365 Päättymisaika: 13 Sovelluksen polku: C:\Program Files (x86)\OpenSubtitlesPlayer\ALLSubSearcher.exe Raportin tunnus: Error - 2/6/2011 8:33:42 AM | Computer Name = Topias-PC | Source = Microsoft-Windows-CAPI2 | ID = 513 Description = Salauspalvelut eivät voineet käsitellä OnIdentity()-kutsua järjestelmän kirjoitusobjektissa. Details: AddLegacyDriverFiles: Unable to back up image of binary SASDIFSV. System Error: Määritettyä tiedostoa ei löydy. . Error - 2/6/2011 8:33:42 AM | Computer Name = Topias-PC | Source = Microsoft-Windows-CAPI2 | ID = 513 Description = Salauspalvelut eivät voineet käsitellä OnIdentity()-kutsua järjestelmän kirjoitusobjektissa. Details: AddLegacyDriverFiles: Unable to back up image of binary SASKUTIL. System Error: Määritettyä tiedostoa ei löydy. . [ System Events ] Error - 2/6/2011 4:22:11 AM | Computer Name = Topias-PC | Source = Service Control Manager | ID = 7000 Description = Palvelua MyWinLocker Service ei voi käynnistää. Virhekoodi on %%1053 Error - 2/6/2011 4:40:51 AM | Computer Name = Topias-PC | Source = Service Control Manager | ID = 7009 Description = Aikakatkaisu (30000 millisekuntia) odotettaessa MyWinLocker Service-palvelun yhteyden muodostusta. Error - 2/6/2011 4:40:51 AM | Computer Name = Topias-PC | Source = Service Control Manager | ID = 7000 Description = Palvelua MyWinLocker Service ei voi käynnistää. Virhekoodi on %%1053 Error - 2/6/2011 5:33:20 AM | Computer Name = Topias-PC | Source = Service Control Manager | ID = 7009 Description = Aikakatkaisu (30000 millisekuntia) odotettaessa MyWinLocker Service-palvelun yhteyden muodostusta. Error - 2/6/2011 5:33:20 AM | Computer Name = Topias-PC | Source = Service Control Manager | ID = 7000 Description = Palvelua MyWinLocker Service ei voi käynnistää. Virhekoodi on %%1053 Error - 2/6/2011 2:22:14 PM | Computer Name = Topias-PC | Source = Service Control Manager | ID = 7009 Description = Aikakatkaisu (30000 millisekuntia) odotettaessa MyWinLocker Service-palvelun yhteyden muodostusta. Error - 2/6/2011 2:22:14 PM | Computer Name = Topias-PC | Source = Service Control Manager | ID = 7000 Description = Palvelua MyWinLocker Service ei voi käynnistää. Virhekoodi on %%1053 Error - 2/6/2011 3:22:53 PM | Computer Name = Topias-PC | Source = Service Control Manager | ID = 7009 Description = Aikakatkaisu (30000 millisekuntia) odotettaessa MyWinLocker Service-palvelun yhteyden muodostusta. Error - 2/6/2011 3:22:53 PM | Computer Name = Topias-PC | Source = Service Control Manager | ID = 7000 Description = Palvelua MyWinLocker Service ei voi käynnistää. Virhekoodi on %%1053 Error - 2/7/2011 2:40:18 AM | Computer Name = Topias-PC | Source = Server | ID = 2505 Description = Palvelin ei voinut sitoutua kuljetukseen \Device\NetBT_Tcpip_{1EFA9807-D5F7-427A-BFA9-62829C97BE34} kaksinkertaisen verkkonimen takia. < End of report ________________________________________________________________________________________ OTL.txt: OTL logfile created on: 2/7/2011 3:07:01 PM - Run 1 OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\Topias\Downloads 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000409 | Country: Suomi | Language: FIN | Date Format: d.M.yyyy 6.00 Gb Total Physical Memory | 5.00 Gb Available Physical Memory | 76.00% Memory free 12.00 Gb Paging File | 10.00 Gb Available in Paging File | 86.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 582.40 Gb Total Space | 454.66 Gb Free Space | 78.07% Space Free | Partition Type: NTFS Computer Name: TOPIAS-PC | User Name: Topias | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011/02/07 15:03:42 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Topias\Downloads\OTL.exe PRC - [2010/12/03 21:47:01 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2010/12/03 21:47:01 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe PRC - [2010/10/19 15:20:30 | 000,672,968 | ---- | M] () -- C:\Program Files (x86)\Voddler\service\VNetManager.exe PRC - [2010/09/07 17:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe PRC - [2010/09/07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe PRC - [2009/11/20 14:34:08 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe PRC - [2009/11/02 01:39:48 | 001,094,736 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe PRC - [2009/10/06 13:18:26 | 000,419,112 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe PRC - [2009/10/05 18:15:10 | 000,181,480 | ---- | M] (Acer Corp.) -- C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe PRC - [2009/08/21 02:25:56 | 000,261,888 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe PRC - [2009/08/21 02:25:50 | 000,062,720 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe PRC - [2009/08/04 23:09:34 | 000,199,464 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe PRC - [2009/07/04 03:47:12 | 000,240,160 | ---- | M] (Acer) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe PRC - [2009/06/05 04:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe PRC - [2009/06/05 04:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe PRC - [2009/06/04 15:04:50 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe PRC - [2007/01/01 23:22:02 | 003,739,648 | ---- | M] (Google) -- C:\Users\Topias\AppData\Roaming\Google\Google Talk\googletalk.exe ========== Modules (SafeList) ========== MOD - [2011/02/07 15:03:42 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Topias\Downloads\OTL.exe MOD - [2010/08/21 07:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2010/09/07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner) SRV:64bit: - [2010/09/07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner) SRV:64bit: - [2010/09/07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV:64bit: - [2010/06/29 19:49:27 | 000,128,752 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE) SRV:64bit: - [2009/12/10 11:15:06 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2009/09/30 13:44:58 | 000,844,320 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc) SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:64bit: - [2009/07/04 03:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service) SRV - [2010/10/19 15:20:32 | 000,907,984 | ---- | M] (Voddler) [Auto | Stopped] -- C:\Program Files (x86)\Voddler\service\voddler.exe -- (VoddlerNet) SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009/08/21 02:25:50 | 000,062,720 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc) SRV - [2009/08/07 11:18:54 | 000,311,592 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe -- (MWLService) SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009/06/05 04:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R) SRV - [2009/06/04 15:04:50 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe -- (Greg_Service) ========== Driver Services (SafeList) ========== DRV:64bit: - [2010/09/23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr) DRV:64bit: - [2010/09/07 16:47:33 | 000,061,008 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:64bit: - [2009/12/10 13:40:30 | 006,179,328 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag) DRV:64bit: - [2009/09/21 21:00:44 | 001,537,024 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2009/07/14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2009/07/14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/06/20 13:35:00 | 000,317,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM) DRV:64bit: - [2009/06/20 04:09:57 | 000,054,272 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E) NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20) DRV:64bit: - [2009/06/10 23:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem) DRV:64bit: - [2009/06/10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs) DRV:64bit: - [2009/06/10 22:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2009/06/10 22:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX) DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009/06/05 03:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2009/06/05 02:46:50 | 000,216,064 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR) DRV:64bit: - [2009/06/03 05:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk) DRV:64bit: - [2009/06/03 05:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter) DRV:64bit: - [2009/06/03 05:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ) DRV:64bit: - [2009/05/25 05:57:42 | 000,243,760 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService) DRV:64bit: - [2009/05/06 02:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr) DRV:64bit: - [2009/05/06 02:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040b&m=aspire_7736&r=273610103306l0328z175t49m1h636 IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040b&m=aspire_7736&r=273610103306l0328z175t49m1h636 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040b&m=aspire_7736&r=273610103306l0328z175t49m1h636 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040b&m=aspire_7736&r=273610103306l0328z175t49m1h636 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-4208683347-5779211-2842322190-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040b&m=aspire_7736&r=273610103306l0328z175t49m1h636 IE - HKU\S-1-5-21-4208683347-5779211-2842322190-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040b&m=aspire_7736&r=273610103306l0328z175t49m1h636 IE - HKU\S-1-5-21-4208683347-5779211-2842322190-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.selectedEngine: "Search" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "www.imperiumi.net" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3 FF - prefs.js..keyword.URL: "http://start.facemoods.com/results.php?f=5&a=ostpl&q=" FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/02/06 10:33:23 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/02/06 10:33:22 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0b9\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 7\components FF - HKLM\software\mozilla\Mozilla Firefox 4.0b9\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 7\plugins [2010/10/08 15:03:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Topias\AppData\Roaming\mozilla\Extensions [2011/02/06 15:24:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Topias\AppData\Roaming\mozilla\Firefox\Profiles\xaw3xo4j.default\extensions [2011/01/30 23:33:49 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Topias\AppData\Roaming\mozilla\Firefox\Profiles\xaw3xo4j.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2011/02/06 10:33:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2010/12/03 20:02:48 | 000,002,062 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\bookplus-fi.xml [2010/12/03 20:02:48 | 000,001,069 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\creativecommons-fi.xml [2010/12/03 20:02:48 | 000,002,677 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\huuto-fi.xml [2010/12/03 20:02:48 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-fi.xml [2010/12/03 20:02:48 | 000,001,100 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-fi.xml O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-4208683347-5779211-2842322190-1001\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated) O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.) O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe () O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.) O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.) O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.) O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [PlayMovie] C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [VoddlerNet Manager] C:\Program Files (x86)\Voddler\service\VNetManager.exe () O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-4208683347-5779211-2842322190-1001..\Run: [googletalk] C:\Users\Topias\AppData\Roaming\Google\Google Talk\googletalk.exe (Google) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Topias\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Topias\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 193.229.0.40 193.229.0.42 O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - File not found O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{148934ae-e53a-11df-9aa3-00262d73ce5e}\Shell - "" = AutoRun O33 - MountPoints2\{148934ae-e53a-11df-9aa3-00262d73ce5e}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011/02/06 13:42:59 | 000,000,000 | ---D | C] -- C:\Users\Topias\AppData\Roaming\GRETECH [2011/02/06 13:42:59 | 000,000,000 | ---D | C] -- C:\Users\Topias\Documents\GomPlayer [2011/02/06 13:42:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM Player [2011/02/06 13:41:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GRETECH [2011/02/06 12:13:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro [2011/02/06 10:33:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox [2011/02/06 10:33:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2011/02/06 10:21:06 | 000,000,000 | ---D | C] -- C:\Windows\Options [2011/02/05 22:25:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow [2011/02/05 22:25:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ffdshow [2011/02/05 21:41:04 | 000,000,000 | ---D | C] -- C:\ProgramData\ALLPlayer [2011/02/05 21:39:31 | 004,411,392 | ---- | C] (Gabest) -- C:\Users\Topias\Desktop\mplayerc.exe [2011/02/05 21:39:08 | 000,000,000 | ---D | C] -- C:\Users\Topias\AppData\Roaming\Media Player Classic [2011/02/05 18:26:24 | 000,000,000 | ---D | C] -- C:\Users\Topias\Documents\The KMPlayer [2011/02/05 18:25:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ask.com [2011/02/05 18:24:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\The KMPlayer [2011/02/05 18:20:26 | 000,000,000 | ---D | C] -- C:\Users\Topias\Documents\KMPlayer [2011/02/05 18:15:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\The KMPlayer1431 [2011/01/31 13:25:30 | 000,000,000 | ---D | C] -- C:\Users\Topias\AppData\Local\{CE5F8019-BB7D-449A-ADCF-0DAD980D3789} [2011/01/23 20:32:33 | 000,000,000 | ---D | C] -- C:\Users\Topias\AppData\Local\{0443E9D2-D5DB-4B58-9322-BD5CE28CC58F} [2011/01/23 08:31:51 | 000,000,000 | ---D | C] -- C:\Users\Topias\AppData\Local\{5BDF7CCE-3650-41CD-B766-9C429F105FB9} [2011/01/22 12:26:04 | 000,000,000 | ---D | C] -- C:\Users\Topias\Documents\Vastaanotetut tiedostot [2011/01/22 11:21:54 | 000,000,000 | ---D | C] -- C:\Users\Topias\AppData\Local\{D21C8860-3516-43DE-9245-B3C9FB510415} [2011/01/22 11:21:21 | 000,000,000 | ---D | C] -- C:\Windows\fi [2011/01/22 11:18:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition [2011/01/22 11:17:41 | 000,048,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fssfltr.sys [2011/01/22 11:17:41 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live [2011/01/22 11:17:41 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE [2011/01/22 11:17:39 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live [2011/01/22 11:17:30 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2011/01/22 11:16:43 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll [2011/01/22 11:16:43 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll [2011/01/22 11:16:43 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll [2011/01/22 11:16:43 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll [2011/01/22 11:16:14 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll [2011/01/22 11:16:14 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll [2011/01/22 11:15:36 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIRibbonRes.dll [2011/01/22 11:15:36 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIRibbonRes.dll [2011/01/22 11:15:35 | 003,860,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIRibbon.dll [2011/01/22 11:15:35 | 002,983,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIRibbon.dll [2011/01/12 09:02:20 | 001,837,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll [2011/01/12 09:02:20 | 001,170,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10warp.dll [2011/01/12 09:02:19 | 001,540,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2011/01/12 09:02:19 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DWrite.dll [2011/01/12 09:02:19 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll [2011/01/12 09:02:19 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d2d1.dll [2011/01/12 09:02:19 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll [2011/01/12 09:02:19 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll [2011/01/12 09:02:18 | 000,470,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll [2011/01/12 09:02:17 | 001,863,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ExplorerFrame.dll [2011/01/12 09:02:17 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ExplorerFrame.dll [2011/01/12 09:02:17 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll [2011/01/12 09:02:17 | 000,283,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll [2011/01/12 09:02:17 | 000,258,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys [2011/01/12 09:02:17 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsRasterService.dll [2011/01/12 09:02:17 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1core.dll [2011/01/12 09:02:17 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll [2011/01/12 09:02:17 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1.dll [2011/01/12 09:02:17 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll [2011/01/12 09:02:17 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsRasterService.dll [2011/01/12 09:02:15 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbc32.dll [2011/01/12 09:02:15 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbc32.dll [2011/01/09 21:42:45 | 000,000,000 | ---D | C] -- C:\Users\Topias\Desktop\Työnhaku [2009/08/22 10:44:20 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe ========== Files - Modified Within 30 Days ========== [2011/02/07 15:08:47 | 001,572,864 | -HS- | M] () -- C:\Users\Topias\ntuser.dat [2011/02/07 14:22:02 | 000,001,022 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4208683347-5779211-2842322190-1001UA.job [2011/02/07 13:14:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011/02/06 22:53:24 | 000,000,970 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4208683347-5779211-2842322190-1001Core.job [2011/02/06 21:30:09 | 000,017,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011/02/06 21:30:09 | 000,017,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011/02/06 21:22:51 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2011/02/06 21:22:32 | 532,877,311 | -HS- | M] () -- C:\hiberfil.sys [2011/02/06 21:21:49 | 002,147,298 | -H-- | M] () -- C:\Users\Topias\AppData\Local\IconCache.db [2011/02/06 13:42:09 | 000,001,133 | ---- | M] () -- C:\Users\Topias\Application Data\Microsoft\Internet Explorer\Quick Launch\GOM Player.lnk [2011/02/06 13:42:09 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\GOM Player.lnk [2011/02/06 11:45:27 | 000,001,772 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk [2011/02/06 10:47:00 | 001,238,470 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011/02/06 10:47:00 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011/02/06 10:47:00 | 000,441,568 | ---- | M] () -- C:\Windows\SysNative\perfh00B.dat [2011/02/06 10:47:00 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011/02/06 10:47:00 | 000,082,306 | ---- | M] () -- C:\Windows\SysNative\perfc00B.dat [2011/02/06 10:33:24 | 000,001,963 | ---- | M] () -- C:\Users\Topias\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [2011/02/06 10:33:24 | 000,001,939 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2011/02/06 10:27:05 | 000,002,018 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2011/02/05 14:22:56 | 000,002,403 | ---- | M] () -- C:\Users\Topias\Desktop\Google Chrome.lnk [2011/01/24 12:55:18 | 000,073,216 | ---- | M] () -- C:\Windows\SysWow64\ff_vfw.dll [2011/01/22 12:24:14 | 000,002,490 | ---- | M] () -- C:\Users\Topias\Desktop\Windows Live Messenger.lnk ========== Files Created - No Company Name ========== [2011/02/06 13:42:09 | 000,001,133 | ---- | C] () -- C:\Users\Topias\Application Data\Microsoft\Internet Explorer\Quick Launch\GOM Player.lnk [2011/02/06 13:42:09 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\GOM Player.lnk [2011/02/06 11:45:27 | 000,001,772 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk [2011/02/06 10:33:24 | 000,001,963 | ---- | C] () -- C:\Users\Topias\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [2011/02/06 10:33:24 | 000,001,939 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2011/02/05 22:25:07 | 000,073,216 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2011/01/23 09:52:53 | 000,002,018 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2011/01/22 12:24:14 | 000,002,490 | ---- | C] () -- C:\Users\Topias\Desktop\Windows Live Messenger.lnk [2011/01/22 11:19:54 | 000,001,309 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk [2011/01/22 11:18:58 | 000,001,378 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk [2011/01/22 11:18:34 | 000,002,490 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk [2010/11/10 21:48:08 | 000,009,260 | ---- | C] () -- C:\Users\Topias\AppData\Local\MyWinLockerInstaller.txt-20101110.log [2010/10/08 14:27:24 | 002,147,298 | -H-- | C] () -- C:\Users\Topias\AppData\Local\IconCache.db [2010/10/08 14:07:43 | 000,007,754 | ---- | C] () -- C:\ProgramData\ArcadeDeluxe3.log [2010/10/08 14:04:57 | 000,626,688 | ---- | C] () -- C:\Windows\Image.dll [2010/10/08 14:04:57 | 000,000,323 | ---- | C] () -- C:\Windows\PidList.ini [2010/10/08 13:58:26 | 000,110,832 | ---- | C] () -- C:\Users\Topias\AppData\Local\GDIPFONTCACHEV1.DAT [2010/10/05 23:29:36 | 000,001,276 | ---- | C] () -- C:\Windows\WPatchProgress.ini [2009/08/22 10:43:39 | 000,192,484 | ---- | C] () -- C:\Program Files (x86)\Common Files\Acer GameZone online.ico [2009/08/22 08:01:23 | 000,872,448 | ---- | C] () -- C:\Windows\iconv.dll [2009/08/22 08:01:23 | 000,743,424 | ---- | C] () -- C:\Windows\libxml2.dll [2009/08/22 08:01:21 | 000,000,193 | ---- | C] () -- C:\Windows\Prelaunch.ini [2009/08/22 08:01:21 | 000,000,167 | ---- | C] () -- C:\Windows\WisLangCode.ini [2009/08/22 08:01:21 | 000,000,147 | ---- | C] () -- C:\Windows\WisPriority.ini [2009/07/14 06:54:24 | 000,000,174 | -HS- | C] () -- C:\Program Files\desktop.ini [2009/07/14 06:54:24 | 000,000,174 | -HS- | C] () -- C:\Program Files (x86)\desktop.ini [2009/07/14 04:35:42 | 000,001,405 | ---- | C] () -- C:\Windows\msdfmap.ini [2009/07/14 04:34:57 | 000,000,510 | ---- | C] () -- C:\Windows\win.ini [2009/07/14 04:34:57 | 000,000,219 | ---- | C] () -- C:\Windows\system.ini [2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009/07/13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll ========== LOP Check ========== [2010/12/25 08:05:09 | 000,000,000 | -HSD | M] -- C:\Users\Topias\AppData\Roaming\.# [2010/12/23 16:50:59 | 000,000,000 | ---D | M] -- C:\Users\Topias\AppData\Roaming\Canneverbe Limited [2011/01/08 12:50:19 | 000,000,000 | ---D | M] -- C:\Users\Topias\AppData\Roaming\DVDVideoSoftIEHelpers [2011/02/07 15:03:57 | 000,000,000 | ---D | M] -- C:\Users\Topias\AppData\Roaming\foobar2000 [2010/10/22 12:42:27 | 000,000,000 | ---D | M] -- C:\Users\Topias\AppData\Roaming\GameConsole [2011/02/07 08:51:01 | 000,000,000 | ---D | M] -- C:\Users\Topias\AppData\Roaming\Spotify [2011/02/07 14:39:59 | 000,000,000 | ---D | M] -- C:\Users\Topias\AppData\Roaming\uTorrent [2010/11/03 21:32:17 | 000,000,000 | ---D | M] -- C:\Users\Topias\AppData\Roaming\VoddlerPlayer.22AA32E1C519F8FB77514A36DC6C2AE2C623240F.1 [2011/01/16 20:48:40 | 000,000,000 | ---D | M] -- C:\Users\Topias\AppData\Roaming\XBMC [2009/07/14 07:08:49 | 000,015,160 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 152 bytes -> C:\ProgramData\Temp:AB689DEA < End of report >
. Tämäkö saa jäädä => www.imperiumi.net ----------------------------------------------------------------------------- Kopioi alla olevasta laatikosta kaikki muistiin. Koodi: :OTL FF - prefs.js..keyword.URL: "http://start.facemoods.com/results.php?f=5&a=ostpl&q=" O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-4208683347-5779211-2842322190-1001\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. :Files C:\Program Files (x86)\Ask.com :Commands [purity] [emptytemp] [start explorer] [Reboot] Käynnistä OTL.EXE ohjelma. Vista - 7:ssa tee se hiiren oikealla napilla ja Suorita Järjestelmän valvojana Liitä muistista texti OTL:n valkoiseen laatikkoon (Custom Scans/Fixes) Paina sitten Run Fix nappia Lopuksi se pyytää koneen ReStarttia => OK Logi aukeaa muistioon josta kopioit sen viestiisi. Loppuiko selaimen sekoilut ???
All processes killed ========== OTL ========== Prefs.js: "http://start.facemoods.com/results.php?f=5&a=ostpl&q=" removed from keyword.URL 64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully. Registry value HKEY_USERS\S-1-5-21-4208683347-5779211-2842322190-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found. ========== FILES ========== C:\Program Files (x86)\Ask.com folder moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Flash cache emptied: 56504 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Public User: Topias ->Temp folder emptied: 24455919 bytes ->Temporary Internet Files folder emptied: 7619003 bytes ->Java cache emptied: 32419538 bytes ->FireFox cache emptied: 57890573 bytes ->Google Chrome cache emptied: 15052344 bytes ->Flash cache emptied: 1124575 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 22066 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50633 bytes RecycleBin emptied: 1163567308 bytes Total Files Cleaned = 1,242.00 mb OTL by OldTimer - Version 3.2.20.6 log created on 02092011_092609 Files\Folders moved on Reboot... C:\Users\Topias\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. File move failed. C:\Windows\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot. Registry entries deleted on Reboot... _______________________________________________________________________________________ Kuntoon tuli. Mahtava homma. Kiitän ja kumarran!
. Älähä Hättäile !!! Lopuksi poistamme kaikki käytetyt työkalut roskineen. * TuplaklikkaaOTL.exe. * Klikkaa CleanUp!. * Valitse Yes kun kysytään "Begin cleanup Process?". * Jos pyydetään, että saako koneen käynnistää uudeelleen, valitse Yes. * OTL.exe poistaa itsensä kun se on valmis, jos näin ei käy poista se itse. *********************************************************** Tässä pieni ohje, kuinka pienennetään koneen saastumisriskiä Laatinut www.virustorjunta.net -> Tyhjennä järjestelmänpalautus -> Ohjeet Windows ME - XP Ohjeet Windows Vista Tyhjennä järjestelmänpalautuskansio ja luo uusi palautuspiste. Tämä puhdistaa palautuskansion mahdollisista haittaohjelmajäännöksistä. -> Käytä CCleaneria -> CCleaner Lataa ja asenna CCleaner. Puhdista väliaikaistiedostot ja -kansiot ohjelmalla säännöllisesti. Ohjelman saa suomenkieliseksi. -> Käytä Malwarebytes' Anti-Malwarea -> Malwarebytes' Anti-Malware Lataa ja asenna Malwarebytes' Anti-Malware. Päivitä se ja skannaa konettasi sillä säännöllisesti. Ohjelman saa suomenkieliseksi. -> Asenna SpywareBlaster -> SpywareBlaster SpywareBlaster estää haittaohjelmia asentumasta koneellesi. Ei kuluta muistia! Opas saatavilla suomeksi! Nimimerkki Ad-Awaren opas -> Asenna MVPS Hosts tiedosto -> MVPS Hosts Estää koneesi yhteyden haitallisiin sivustoihin. Ei kuluta muistia! Opas saatavilla suomeksi! Nimimerkki Axelin opas -> Vaihda selaimesi Firefoxiin -> Firefox Firefox on nopeampi, turvallisempi ja parempi selain kuin Internet Explorer. -> Pidä järjestelmäsi ajantasalla. -> Windows Update Vieraile Windows Updatessa säännöllisesti. Tai laita päivitys automaattiseksi. -> Pidä palomuuri ja virustorjunta ajantasalla Päivitä ja skannaa koneesi säännöllisesti virustorjuntaohjelmallasi. -> Käytä Windows Vistassa/7:ssa normaalia käyttäjätiliä Nekon suomenkielinen ohje Käytä päivittäisessä käytössä normaalia käyttäjätiliä -> Käytä Windows Vistassa/7:ssa UAC:ta Nekon suomenkielinen ohje Muuta käyttäjätilien valvonnan (UAC) asetuksia -> Nopeuta tietokonettasi -> Nopeuta tietokonetta -opas Tietokoneen hidastuminen voi johtua monesta asiasta, mutta yleisesti Keskusmuistin määrästä, Automaattisesti käynnistyvien ohjelmien määrästä, liiallisesta suojauksesta, ylimääräisten tiedostojen poistamattomuudesta taikka levyn pirtoutuneisuudesta. Nekon ohjeista löytyvät helpot ohjeet koneesi kuntoutukseen. Pysy puhtaana
