1. Tämä sivusto käyttää keksejä (cookie). Jatkamalla sivuston käyttämistä hyväksyt keksien käyttämisen. Lue lisää.

atapi.sys

Viestiketju Virukset ja haittaohjelmat - HijackThis -logit -osiossa. Ketjun avasi toope92 08.03.2010.

Sivu 1 / 2
  1. toope92

    toope92 Regular member

    Liittynyt:
    08.11.2006
    Viestejä:
    140
    Kiitokset:
    0
    Pisteet:
    26
    Windows 7 home premium
    Ati radeon 4800 hd
    amd phenom II 955 3.0 GzH
    4GB RAM


    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 20:39:12, on 8.3.2010
    Platform: Unknown Windows (WinNT 6.01.3504)
    MSIE: Internet Explorer v8.00 (8.00.7600.16385)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskhost.exe
    C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\Explorer.EXE
    C:\Windows\msa.exe
    C:\Program Files\Sonera\Sonera Tietoturva\Common\FSM32.EXE
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Users\Sini\AppData\Local\Temp\Qtr.exe
    C:\Program Files\Opera\opera.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com?o=15161&l=dis
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
    O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL
    O2 - BHO: LitmusBHO - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files\Sonera\Sonera Tietoturva\NRS\iescript\baselitmus.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files\Sonera\Sonera Tietoturva\NRS\iescript\baselitmus.dll
    O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
    O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Sonera\Sonera Tietoturva\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Sonera\Sonera Tietoturva\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
    O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
    O4 - HKCU\..\Run: [TOY5KNQ8OC] C:\Users\Sini\AppData\Local\Temp\Qtr.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Paikallinen palvelu')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Paikallinen palvelu')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Verkkopalvelu')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Verkkopalvelu')
    O4 - HKUS\S-1-5-18\..\Run: [cbssreg] C:\Windows\TEMP\nytf.tmp\svchost.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [cbssreg] C:\Windows\TEMP\nytf.tmp\svchost.exe (User 'Default user')
    O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
    O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O13 - Gopher Prefix:
    O15 - Trusted Zone: www.corel.com
    O15 - Trusted Zone: http://*.corel.com
    O15 - Trusted Zone: www.intervideo.com
    O15 - Trusted Zone: http://*.intervideo.com
    O16 - DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} (System Requirements Lab Class) - http://srtest-cdn.systemrequirementslab.com.s3.amazonaws.com/bin/sysreqlabdetect.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15111/CTPID.cab
    O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
    O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\fsgk32st.exe
    O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Sonera\Sonera Tietoturva\FWES\Program\fsdfwd.exe
    O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Sonera\Sonera Tietoturva\Common\FSMA32.EXE
    O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\Sonera\Sonera Tietoturva\ORSP Client\fsorsp.exe
    O23 - Service: iPod-palvelu (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:\Program Files\WinPcap\rpcapd.exe
    O23 - Service: SupportSoft Sprocket Service (sonera) (sprtsvc_sonera) - SupportSoft, Inc. - C:\Program Files\Sonera\InternetAvustaja\bin\sprtsvc.exe
    O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\SupportSoft\bin\ssrc.exe
    O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
    O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

    --
    End of file - 7393 bytes
     
    toope92, 08.03.2010
    #1
  2.  
  3. toope92

    toope92 Regular member

    Liittynyt:
    08.11.2006
    Viestejä:
    140
    Kiitokset:
    0
    Pisteet:
    26
    GMER 1.0.15.15281 - http://www.gmer.net
    Rootkit scan 2010-03-10 15:55:05
    Windows 6.1.7600
    Running: gmer.exe; Driver: C:\Users\Sini\AppData\Local\Temp\kxldypod.sys


    ---- System - GMER 1.0.15 ----

    SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwCreateThread [0x9255EE8C]
    SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwCreateThreadEx [0x9255EEA6]
    SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwLoadDriver [0x9255F1BC]
    SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwMapViewOfSection [0x9255EBCC]
    SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwOpenSection [0x9255F5EE]
    SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwRenameKey [0x9256088C]
    SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwSetSystemInformation [0x9255F43E]
    SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwSuspendProcess [0x9255EA4C]
    SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwSuspendThread [0x9255EEC0]
    SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwSystemDebugControl [0x9255F042]
    SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwTerminateProcess [0x9255E9A6]
    SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwTerminateThread [0x9255EB06]
    SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwWriteVirtualMemory [0x9255EF86]

    INT 0x1F \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8322AAF8
    INT 0x37 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8322A104
    INT 0xC1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8322A3F4
    INT 0xD1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 832132D8
    INT 0xDF \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8322A1DC
    INT 0xE1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8322A958
    INT 0xE3 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8322A6F8
    INT 0xFD \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8322AF2C
    INT 0xFE \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8322B1A8

    ---- Kernel code sections - GMER 1.0.15 ----

    .text ntkrnlpa.exe!ZwSaveKeyEx + 13AD 82E43579 1 Byte [06]
    .text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82E67F52 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
    .text ntkrnlpa.exe!RtlSidHashLookup + 34C 82E6F84C 8 Bytes [8C, EE, 55, 92, A6, EE, 55, ...] {MOV ESI, GS; PUSH EBP; XCHG EDX, EAX; CMPSB ; OUT DX, AL ; PUSH EBP; XCHG EDX, EAX}
    .text ntkrnlpa.exe!RtlSidHashLookup + 45C 82E6F95C 4 Bytes [BC, F1, 55, 92]
    .text ntkrnlpa.exe!RtlSidHashLookup + 490 82E6F990 4 Bytes [CC, EB, 55, 92] {INT 3 ; JMP 0x58; XCHG EDX, EAX}
    .text ntkrnlpa.exe!RtlSidHashLookup + 4F8 82E6F9F8 4 Bytes [EE, F5, 55, 92] {OUT DX, AL ; CMC ; PUSH EBP; XCHG EDX, EAX}
    .text ntkrnlpa.exe!RtlSidHashLookup + 678 82E6FB78 4 Bytes [8C, 08, 56, 92] {MOV WORD [EAX], CS; PUSH ESI; XCHG EDX, EAX}
    .text ...
    ? System32\Drivers\spnq.sys Määritettyä polkua ei löydy. !
    PAGE ataport.SYS!DllUnload + 1 8C843AD7 4 Bytes JMP 85D021D9
    .text USBPORT.SYS!DllUnload 93848CA0 5 Bytes JMP 876971D8
    .text C:\Windows\system32\DRIVERS\atipmdag.sys section is writeable [0x94A2F000, 0x2E6316, 0xE8000020]
    .text C:\Windows\system32\DRIVERS\lirsgt.sys section is writeable [0x9B985300, 0x1B7E, 0xE8000020]
    .text peauth.sys 9C63DC9D 28 Bytes [0F, 87, 3B, 68, DB, A3, E3, ...]
    .text peauth.sys 9C63DCC1 28 Bytes [0F, 87, 3B, 68, DB, A3, E3, ...]
    PAGE peauth.sys 9C643B9B 72 Bytes [A7, C7, 21, 18, 6C, EC, 29, ...]
    PAGE peauth.sys 9C643BEC 111 Bytes [90, F4, A3, B6, 9A, 13, 23, ...]
    PAGE peauth.sys 9C643E20 101 Bytes [E4, 9F, B5, 9C, 35, 8D, 33, ...]
    PAGE ...

    ---- User code sections - GMER 1.0.15 ----

    .text C:\Windows\system32\svchost.exe[796] ole32.dll!CoCreateInstance 76DE57FC 5 Bytes JMP 00A2000A
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!UnhookWindowsHookEx 76C2CC7B 5 Bytes JMP 6E3781D8 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!CallNextHookEx 76C2CC8F 5 Bytes JMP 6E359A6C C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!CreateWindowExW 76C30E51 5 Bytes JMP 6E36801F C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!SetWindowsHookExW 76C3210A 5 Bytes JMP 6E3146DB C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!DialogBoxIndirectParamW 76C54AA7 5 Bytes JMP 6E48EDC0 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!DialogBoxParamW 76C5564A 5 Bytes JMP 6E284D5B C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!DialogBoxParamA 76C6CF6A 5 Bytes JMP 6E48ED5D C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!DialogBoxIndirectParamA 76C6D29C 5 Bytes JMP 6E48EE23 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!MessageBoxIndirectA 76C7E8C9 5 Bytes JMP 6E48ECF2 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!MessageBoxIndirectW 76C7E9C3 5 Bytes JMP 6E48EC87 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!MessageBoxExA 76C7EA29 5 Bytes JMP 6E48EC25 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!MessageBoxExW 76C7EA4D 5 Bytes JMP 6E48EBC3 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] ole32.dll!OleLoadFromStream 76D95B88 5 Bytes JMP 6E48F137 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] ole32.dll!CoCreateInstance 76DE57FC 5 Bytes JMP 6E368B0D C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[6060] USER32.dll!CreateWindowExW 76C30E51 5 Bytes JMP 6E36801F C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[6060] USER32.dll!DialogBoxIndirectParamW 76C54AA7 5 Bytes JMP 6E48EDC0 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[6060] USER32.dll!DialogBoxParamW 76C5564A 5 Bytes JMP 6E284D5B C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[6060] USER32.dll!DialogBoxParamA 76C6CF6A 5 Bytes JMP 6E48ED5D C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[6060] USER32.dll!DialogBoxIndirectParamA 76C6D29C 5 Bytes JMP 6E48EE23 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[6060] USER32.dll!MessageBoxIndirectA 76C7E8C9 5 Bytes JMP 6E48ECF2 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[6060] USER32.dll!MessageBoxIndirectW 76C7E9C3 5 Bytes JMP 6E48EC87 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[6060] USER32.dll!MessageBoxExA 76C7EA29 5 Bytes JMP 6E48EC25 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[6060] USER32.dll!MessageBoxExW 76C7EA4D 5 Bytes JMP 6E48EBC3 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)

    ---- User IAT/EAT - GMER 1.0.15 ----

    IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [73B92494] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [73B75624] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [73B756E2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [73B9250F] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [73B88573] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [73B84D27] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [73B850CE] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [73B851A3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromHBITMAP] [73B866D0] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [73B882CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [73B88819] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [73B8907A] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [73B8E21D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [73B84C59] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Users\Sini\AppData\Local\Temp\Qtr.exe[1192] @ C:\Windows\system32\WININET.dll [USER32.dll!CreateWindowExW] [00417CE6] C:\Users\Sini\AppData\Local\Temp\Qtr.exe
    IAT C:\Users\Sini\AppData\Local\Temp\Qtr.exe[1192] @ C:\Windows\system32\WININET.dll [USER32.dll!SetWindowPos] [00417E12] C:\Users\Sini\AppData\Local\Temp\Qtr.exe
    IAT C:\Users\Sini\AppData\Local\Temp\Qtr.exe[1192] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!CreateWindowExA] [00417C6C] C:\Users\Sini\AppData\Local\Temp\Qtr.exe
    IAT C:\Users\Sini\AppData\Local\Temp\Qtr.exe[1192] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!CreateWindowExW] [00417CE6] C:\Users\Sini\AppData\Local\Temp\Qtr.exe
    IAT C:\Users\Sini\AppData\Local\Temp\Qtr.exe[1192] @ C:\Windows\system32\ole32.dll [USER32.dll!CreateWindowExW] [00417CE6] C:\Users\Sini\AppData\Local\Temp\Qtr.exe
    IAT C:\Users\Sini\AppData\Local\Temp\Qtr.exe[1192] @ C:\Windows\system32\ole32.dll [USER32.dll!ShowWindow] [00417D60] C:\Users\Sini\AppData\Local\Temp\Qtr.exe
    IAT C:\Users\Sini\AppData\Local\Temp\Qtr.exe[1192] @ C:\Windows\system32\shell32.dll [USER32.dll!CreateWindowExW] [00417CE6] C:\Users\Sini\AppData\Local\Temp\Qtr.exe
    IAT C:\Users\Sini\AppData\Local\Temp\Qtr.exe[1192] @ C:\Windows\system32\shell32.dll [USER32.dll!SetWindowPos] [00417E12] C:\Users\Sini\AppData\Local\Temp\Qtr.exe
    IAT C:\Users\Sini\AppData\Local\Temp\Qtr.exe[1192] @ C:\Windows\system32\shell32.dll [USER32.dll!ShowWindow] [00417D60] C:\Users\Sini\AppData\Local\Temp\Qtr.exe
    IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\SHELL32.dll [USER32.dll!MessageBoxW] [00418686] C:\Windows\msa.exe
    IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\SHELL32.dll [USER32.dll!DialogBoxParamW] [0041867A] C:\Windows\msa.exe
    IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\SHELL32.dll [USER32.dll!CreateWindowExW] [004184E8] C:\Windows\msa.exe
    IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\SHELL32.dll [USER32.dll!MessageBoxIndirectW] [00418674] C:\Windows\msa.exe
    IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\SHELL32.dll [USER32.dll!SetWindowPos] [0041860E] C:\Windows\msa.exe
    IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\SHELL32.dll [USER32.dll!ShowWindow] [00418560] C:\Windows\msa.exe
    IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!DialogBoxParamW] [0041867A] C:\Windows\msa.exe
    IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!DialogBoxParamA] [0041867A] C:\Windows\msa.exe
    IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!CreateWindowExA] [00418470] C:\Windows\msa.exe
    IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!CreateWindowExW] [004184E8] C:\Windows\msa.exe
    IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!MessageBoxW] [00418686] C:\Windows\msa.exe
    IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\WININET.dll [USER32.dll!DialogBoxParamW] [0041867A] C:\Windows\msa.exe
    IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\WININET.dll [USER32.dll!CreateWindowExW] [004184E8] C:\Windows\msa.exe
    IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\WININET.dll [USER32.dll!MessageBoxW] [00418686] C:\Windows\msa.exe
    IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\WININET.dll [USER32.dll!SetWindowPos] [0041860E] C:\Windows\msa.exe
    IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\ole32.dll [USER32.dll!CreateWindowExW] [004184E8] C:\Windows\msa.exe
    IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\ole32.dll [USER32.dll!DialogBoxParamW] [0041867A] C:\Windows\msa.exe
    IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\ole32.dll [USER32.dll!MessageBoxW] [00418686] C:\Windows\msa.exe
    IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\ole32.dll [USER32.dll!ShowWindow] [00418560] C:\Windows\msa.exe
    IAT C:\Windows\System32\rundll32.exe[3524] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [74F95D3D] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
    IAT C:\Windows\System32\rundll32.exe[3524] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [74F95D3D] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
    IAT C:\Windows\System32\rundll32.exe[3524] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [74F95D3D] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
    IAT C:\Windows\System32\rundll32.exe[3524] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [74F95D3D] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
    IAT C:\Windows\System32\rundll32.exe[3524] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [74F95D3D] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
    IAT C:\Windows\System32\rundll32.exe[3524] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [74F95D3D] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)

    ---- Devices - GMER 1.0.15 ----

    Device \FileSystem\Ntfs \Ntfs 85D081F8
    Device \FileSystem\fastfat \FatCdrom 889C61F8
    Device \Driver\volmgr \Device\VolMgrControl 85D041F8
    Device \Driver\usbohci \Device\USBPDO-0 876941F8
    Device \Driver\usbehci \Device\USBPDO-1 876A71F8
    Device \Driver\usbohci \Device\USBPDO-2 876941F8
    Device \Driver\usbehci \Device\USBPDO-3 876A71F8
    Device \Driver\volmgr \Device\HarddiskVolume1 85D041F8

    AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

    Device \Driver\volmgr \Device\HarddiskVolume2 85D041F8

    AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

    Device \Driver\cdrom \Device\CdRom0 87451500
    Device \Driver\volmgr \Device\HarddiskVolume3 85D041F8

    AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

    Device \Driver\atapi \Device\Ide\IdePort0 85D061F8
    Device \Driver\atapi \Device\Ide\IdePort1 85D061F8
    Device \Driver\atapi \Device\Ide\IdePort2 85D061F8
    Device \Driver\atapi \Device\Ide\IdePort3 85D061F8
    Device \Driver\atapi \Device\Ide\IdeDeviceP3T0L0-4 85D061F8
    Device \Driver\volmgr \Device\HarddiskVolume4 85D041F8

    AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

    Device \Driver\volmgr \Device\HarddiskVolume5 85D041F8

    AttachedDevice \Driver\volmgr \Device\HarddiskVolume5 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

    Device \Driver\NetBT \Device\NetBT_Tcpip_{02C4A9CE-C6F6-4610-AA31-268A8ADBE780} 874321F8
    Device \Driver\NetBT \Device\NetBt_Wins_Export 874321F8
    Device \Driver\USBSTOR \Device\00000083 879AD500
    Device \Driver\USBSTOR \Device\00000084 879AD500
    Device \Driver\USBSTOR \Device\00000085 879AD500
    Device \Driver\USBSTOR \Device\00000086 879AD500
    Device \Driver\USBSTOR \Device\00000087 879AD500
    Device \Driver\ACPI_HAL \Device\0000004e halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)
    Device \Driver\usbohci \Device\USBFDO-0 876941F8
    Device \Driver\usbehci \Device\USBFDO-1 876A71F8
    Device \Driver\usbohci \Device\USBFDO-2 876941F8
    Device \Driver\usbehci \Device\USBFDO-3 876A71F8
    Device \FileSystem\fastfat \Fat 889C61F8

    AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

    Device -> \Driver\atapi \Device\Harddisk0\DR0 86AEF841

    ---- Registry - GMER 1.0.15 ----

    Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s1 771343423
    Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s2 285507792

    ---- Files - GMER 1.0.15 ----

    File C:\Windows\system32\drivers\atapi.sys suspicious modification

    ---- EOF - GMER 1.0.15 ----
     
    toope92, 10.03.2010
    #2
  4. toope92

    toope92 Regular member

    Liittynyt:
    08.11.2006
    Viestejä:
    140
    Kiitokset:
    0
    Pisteet:
    26
    GMER 1.0.15.15281 - http://www.gmer.net
    Rootkit scan 2010-03-10 15:55:05
    Windows 6.1.7600
    Running: gmer.exe; Driver: C:\Users\Sini\AppData\Local\Temp\kxldypod.sys


    ---- System - GMER 1.0.15 ----

    SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwCreateThread [0x9255EE8C]
    SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwCreateThreadEx [0x9255EEA6]
    SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwLoadDriver [0x9255F1BC]
    SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwMapViewOfSection [0x9255EBCC]
    SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwOpenSection [0x9255F5EE]
    SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwRenameKey [0x9256088C]
    SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwSetSystemInformation [0x9255F43E]
    SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwSuspendProcess [0x9255EA4C]
    SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwSuspendThread [0x9255EEC0]
    SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwSystemDebugControl [0x9255F042]
    SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwTerminateProcess [0x9255E9A6]
    SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwTerminateThread [0x9255EB06]
    SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwWriteVirtualMemory [0x9255EF86]

    INT 0x1F \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8322AAF8
    INT 0x37 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8322A104
    INT 0xC1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8322A3F4
    INT 0xD1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 832132D8
    INT 0xDF \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8322A1DC
    INT 0xE1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8322A958
    INT 0xE3 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8322A6F8
    INT 0xFD \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8322AF2C
    INT 0xFE \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8322B1A8

    ---- Kernel code sections - GMER 1.0.15 ----

    .text ntkrnlpa.exe!ZwSaveKeyEx + 13AD 82E43579 1 Byte [06]
    .text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82E67F52 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
    .text ntkrnlpa.exe!RtlSidHashLookup + 34C 82E6F84C 8 Bytes [8C, EE, 55, 92, A6, EE, 55, ...] {MOV ESI, GS; PUSH EBP; XCHG EDX, EAX; CMPSB ; OUT DX, AL ; PUSH EBP; XCHG EDX, EAX}
    .text ntkrnlpa.exe!RtlSidHashLookup + 45C 82E6F95C 4 Bytes [BC, F1, 55, 92]
    .text ntkrnlpa.exe!RtlSidHashLookup + 490 82E6F990 4 Bytes [CC, EB, 55, 92] {INT 3 ; JMP 0x58; XCHG EDX, EAX}
    .text ntkrnlpa.exe!RtlSidHashLookup + 4F8 82E6F9F8 4 Bytes [EE, F5, 55, 92] {OUT DX, AL ; CMC ; PUSH EBP; XCHG EDX, EAX}
    .text ntkrnlpa.exe!RtlSidHashLookup + 678 82E6FB78 4 Bytes [8C, 08, 56, 92] {MOV WORD [EAX], CS; PUSH ESI; XCHG EDX, EAX}
    .text ...
    ? System32\Drivers\spnq.sys Määritettyä polkua ei löydy. !
    PAGE ataport.SYS!DllUnload + 1 8C843AD7 4 Bytes JMP 85D021D9
    .text USBPORT.SYS!DllUnload 93848CA0 5 Bytes JMP 876971D8
    .text C:\Windows\system32\DRIVERS\atipmdag.sys section is writeable [0x94A2F000, 0x2E6316, 0xE8000020]
    .text C:\Windows\system32\DRIVERS\lirsgt.sys section is writeable [0x9B985300, 0x1B7E, 0xE8000020]
    .text peauth.sys 9C63DC9D 28 Bytes [0F, 87, 3B, 68, DB, A3, E3, ...]
    .text peauth.sys 9C63DCC1 28 Bytes [0F, 87, 3B, 68, DB, A3, E3, ...]
    PAGE peauth.sys 9C643B9B 72 Bytes [A7, C7, 21, 18, 6C, EC, 29, ...]
    PAGE peauth.sys 9C643BEC 111 Bytes [90, F4, A3, B6, 9A, 13, 23, ...]
    PAGE peauth.sys 9C643E20 101 Bytes [E4, 9F, B5, 9C, 35, 8D, 33, ...]
    PAGE ...

    ---- User code sections - GMER 1.0.15 ----

    .text C:\Windows\system32\svchost.exe[796] ole32.dll!CoCreateInstance 76DE57FC 5 Bytes JMP 00A2000A
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!UnhookWindowsHookEx 76C2CC7B 5 Bytes JMP 6E3781D8 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!CallNextHookEx 76C2CC8F 5 Bytes JMP 6E359A6C C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!CreateWindowExW 76C30E51 5 Bytes JMP 6E36801F C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!SetWindowsHookExW 76C3210A 5 Bytes JMP 6E3146DB C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!DialogBoxIndirectParamW 76C54AA7 5 Bytes JMP 6E48EDC0 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!DialogBoxParamW 76C5564A 5 Bytes JMP 6E284D5B C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!DialogBoxParamA 76C6CF6A 5 Bytes JMP 6E48ED5D C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!DialogBoxIndirectParamA 76C6D29C 5 Bytes JMP 6E48EE23 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!MessageBoxIndirectA 76C7E8C9 5 Bytes JMP 6E48ECF2 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!MessageBoxIndirectW 76C7E9C3 5 Bytes JMP 6E48EC87 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!MessageBoxExA 76C7EA29 5 Bytes JMP 6E48EC25 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!MessageBoxExW 76C7EA4D 5 Bytes JMP 6E48EBC3 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] ole32.dll!OleLoadFromStream 76D95B88 5 Bytes JMP 6E48F137 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] ole32.dll!CoCreateInstance 76DE57FC 5 Bytes JMP 6E368B0D C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[6060] USER32.dll!CreateWindowExW 76C30E51 5 Bytes JMP 6E36801F C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[6060] USER32.dll!DialogBoxIndirectParamW 76C54AA7 5 Bytes JMP 6E48EDC0 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[6060] USER32.dll!DialogBoxParamW 76C5564A 5 Bytes JMP 6E284D5B C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[6060] USER32.dll!DialogBoxParamA 76C6CF6A 5 Bytes JMP 6E48ED5D C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[6060] USER32.dll!DialogBoxIndirectParamA 76C6D29C 5 Bytes JMP 6E48EE23 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[6060] USER32.dll!MessageBoxIndirectA 76C7E8C9 5 Bytes JMP 6E48ECF2 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[6060] USER32.dll!MessageBoxIndirectW 76C7E9C3 5 Bytes JMP 6E48EC87 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[6060] USER32.dll!MessageBoxExA 76C7EA29 5 Bytes JMP 6E48EC25 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[6060] USER32.dll!MessageBoxExW 76C7EA4D 5 Bytes JMP 6E48EBC3 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)

    ---- User IAT/EAT - GMER 1.0.15 ----

    IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [73B92494] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [73B75624] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [73B756E2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [73B9250F] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [73B88573] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [73B84D27] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [73B850CE] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [73B851A3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromHBITMAP] [73B866D0] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [73B882CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [73B88819] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [73B8907A] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [73B8E21D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [73B84C59] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Users\Sini\AppData\Local\Temp\Qtr.exe[1192] @ C:\Windows\system32\WININET.dll [USER32.dll!CreateWindowExW] [00417CE6] C:\Users\Sini\AppData\Local\Temp\Qtr.exe
    IAT C:\Users\Sini\AppData\Local\Temp\Qtr.exe[1192] @ C:\Windows\system32\WININET.dll [USER32.dll!SetWindowPos] [00417E12] C:\Users\Sini\AppData\Local\Temp\Qtr.exe
    IAT C:\Users\Sini\AppData\Local\Temp\Qtr.exe[1192] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!CreateWindowExA] [00417C6C] C:\Users\Sini\AppData\Local\Temp\Qtr.exe
    IAT C:\Users\Sini\AppData\Local\Temp\Qtr.exe[1192] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!CreateWindowExW] [00417CE6] C:\Users\Sini\AppData\Local\Temp\Qtr.exe
    IAT C:\Users\Sini\AppData\Local\Temp\Qtr.exe[1192] @ C:\Windows\system32\ole32.dll [USER32.dll!CreateWindowExW] [00417CE6] C:\Users\Sini\AppData\Local\Temp\Qtr.exe
    IAT C:\Users\Sini\AppData\Local\Temp\Qtr.exe[1192] @ C:\Windows\system32\ole32.dll [USER32.dll!ShowWindow] [00417D60] C:\Users\Sini\AppData\Local\Temp\Qtr.exe
    IAT C:\Users\Sini\AppData\Local\Temp\Qtr.exe[1192] @ C:\Windows\system32\shell32.dll [USER32.dll!CreateWindowExW] [00417CE6] C:\Users\Sini\AppData\Local\Temp\Qtr.exe
    IAT C:\Users\Sini\AppData\Local\Temp\Qtr.exe[1192] @ C:\Windows\system32\shell32.dll [USER32.dll!SetWindowPos] [00417E12] C:\Users\Sini\AppData\Local\Temp\Qtr.exe
    IAT C:\Users\Sini\AppData\Local\Temp\Qtr.exe[1192] @ C:\Windows\system32\shell32.dll [USER32.dll!ShowWindow] [00417D60] C:\Users\Sini\AppData\Local\Temp\Qtr.exe
    IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\SHELL32.dll [USER32.dll!MessageBoxW] [00418686] C:\Windows\msa.exe
    IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\SHELL32.dll [USER32.dll!DialogBoxParamW] [0041867A] C:\Windows\msa.exe
    IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\SHELL32.dll [USER32.dll!CreateWindowExW] [004184E8] C:\Windows\msa.exe
    IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\SHELL32.dll [USER32.dll!MessageBoxIndirectW] [00418674] C:\Windows\msa.exe
    IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\SHELL32.dll [USER32.dll!SetWindowPos] [0041860E] C:\Windows\msa.exe
    IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\SHELL32.dll [USER32.dll!ShowWindow] [00418560] C:\Windows\msa.exe
    IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!DialogBoxParamW] [0041867A] C:\Windows\msa.exe
    IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!DialogBoxParamA] [0041867A] C:\Windows\msa.exe
    IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!CreateWindowExA] [00418470] C:\Windows\msa.exe
    IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!CreateWindowExW] [004184E8] C:\Windows\msa.exe
    IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!MessageBoxW] [00418686] C:\Windows\msa.exe
    IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\WININET.dll [USER32.dll!DialogBoxParamW] [0041867A] C:\Windows\msa.exe
    IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\WININET.dll [USER32.dll!CreateWindowExW] [004184E8] C:\Windows\msa.exe
    IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\WININET.dll [USER32.dll!MessageBoxW] [00418686] C:\Windows\msa.exe
    IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\WININET.dll [USER32.dll!SetWindowPos] [0041860E] C:\Windows\msa.exe
    IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\ole32.dll [USER32.dll!CreateWindowExW] [004184E8] C:\Windows\msa.exe
    IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\ole32.dll [USER32.dll!DialogBoxParamW] [0041867A] C:\Windows\msa.exe
    IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\ole32.dll [USER32.dll!MessageBoxW] [00418686] C:\Windows\msa.exe
    IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\ole32.dll [USER32.dll!ShowWindow] [00418560] C:\Windows\msa.exe
    IAT C:\Windows\System32\rundll32.exe[3524] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [74F95D3D] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
    IAT C:\Windows\System32\rundll32.exe[3524] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [74F95D3D] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
    IAT C:\Windows\System32\rundll32.exe[3524] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [74F95D3D] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
    IAT C:\Windows\System32\rundll32.exe[3524] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [74F95D3D] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
    IAT C:\Windows\System32\rundll32.exe[3524] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [74F95D3D] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
    IAT C:\Windows\System32\rundll32.exe[3524] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [74F95D3D] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)

    ---- Devices - GMER 1.0.15 ----

    Device \FileSystem\Ntfs \Ntfs 85D081F8
    Device \FileSystem\fastfat \FatCdrom 889C61F8
    Device \Driver\volmgr \Device\VolMgrControl 85D041F8
    Device \Driver\usbohci \Device\USBPDO-0 876941F8
    Device \Driver\usbehci \Device\USBPDO-1 876A71F8
    Device \Driver\usbohci \Device\USBPDO-2 876941F8
    Device \Driver\usbehci \Device\USBPDO-3 876A71F8
    Device \Driver\volmgr \Device\HarddiskVolume1 85D041F8

    AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

    Device \Driver\volmgr \Device\HarddiskVolume2 85D041F8

    AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

    Device \Driver\cdrom \Device\CdRom0 87451500
    Device \Driver\volmgr \Device\HarddiskVolume3 85D041F8

    AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

    Device \Driver\atapi \Device\Ide\IdePort0 85D061F8
    Device \Driver\atapi \Device\Ide\IdePort1 85D061F8
    Device \Driver\atapi \Device\Ide\IdePort2 85D061F8
    Device \Driver\atapi \Device\Ide\IdePort3 85D061F8
    Device \Driver\atapi \Device\Ide\IdeDeviceP3T0L0-4 85D061F8
    Device \Driver\volmgr \Device\HarddiskVolume4 85D041F8

    AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

    Device \Driver\volmgr \Device\HarddiskVolume5 85D041F8

    AttachedDevice \Driver\volmgr \Device\HarddiskVolume5 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

    Device \Driver\NetBT \Device\NetBT_Tcpip_{02C4A9CE-C6F6-4610-AA31-268A8ADBE780} 874321F8
    Device \Driver\NetBT \Device\NetBt_Wins_Export 874321F8
    Device \Driver\USBSTOR \Device\00000083 879AD500
    Device \Driver\USBSTOR \Device\00000084 879AD500
    Device \Driver\USBSTOR \Device\00000085 879AD500
    Device \Driver\USBSTOR \Device\00000086 879AD500
    Device \Driver\USBSTOR \Device\00000087 879AD500
    Device \Driver\ACPI_HAL \Device\0000004e halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)
    Device \Driver\usbohci \Device\USBFDO-0 876941F8
    Device \Driver\usbehci \Device\USBFDO-1 876A71F8
    Device \Driver\usbohci \Device\USBFDO-2 876941F8
    Device \Driver\usbehci \Device\USBFDO-3 876A71F8
    Device \FileSystem\fastfat \Fat 889C61F8

    AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

    Device -> \Driver\atapi \Device\Harddisk0\DR0 86AEF841

    ---- Registry - GMER 1.0.15 ----

    Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s1 771343423
    Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s2 285507792

    ---- Files - GMER 1.0.15 ----

    File C:\Windows\system32\drivers\atapi.sys suspicious modification

    ---- EOF - GMER 1.0.15 ----
     
    toope92, 10.03.2010
    #3
  5. toope92

    toope92 Regular member

    Liittynyt:
    08.11.2006
    Viestejä:
    140
    Kiitokset:
    0
    Pisteet:
    26
    GMER 1.0.15.15281 - http://www.gmer.net
    Rootkit scan 2010-03-10 15:55:05
    Windows 6.1.7600
    Running: gmer.exe; Driver: C:\Users\Sini\AppData\Local\Temp\kxldypod.sys


    ---- System - GMER 1.0.15 ----

    SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwCreateThread [0x9255EE8C]
    SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwCreateThreadEx [0x9255EEA6]
    SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwLoadDriver [0x9255F1BC]
    SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwMapViewOfSection [0x9255EBCC]
    SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwOpenSection [0x9255F5EE]
    SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwRenameKey [0x9256088C]
    SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwSetSystemInformation [0x9255F43E]
    SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwSuspendProcess [0x9255EA4C]
    SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwSuspendThread [0x9255EEC0]
    SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwSystemDebugControl [0x9255F042]
    SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwTerminateProcess [0x9255E9A6]
    SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwTerminateThread [0x9255EB06]
    SSDT \??\C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys ZwWriteVirtualMemory [0x9255EF86]

    INT 0x1F \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8322AAF8
    INT 0x37 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8322A104
    INT 0xC1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8322A3F4
    INT 0xD1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 832132D8
    INT 0xDF \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8322A1DC
    INT 0xE1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8322A958
    INT 0xE3 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8322A6F8
    INT 0xFD \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8322AF2C
    INT 0xFE \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8322B1A8

    ---- Kernel code sections - GMER 1.0.15 ----

    .text ntkrnlpa.exe!ZwSaveKeyEx + 13AD 82E43579 1 Byte [06]
    .text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82E67F52 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
    .text ntkrnlpa.exe!RtlSidHashLookup + 34C 82E6F84C 8 Bytes [8C, EE, 55, 92, A6, EE, 55, ...] {MOV ESI, GS; PUSH EBP; XCHG EDX, EAX; CMPSB ; OUT DX, AL ; PUSH EBP; XCHG EDX, EAX}
    .text ntkrnlpa.exe!RtlSidHashLookup + 45C 82E6F95C 4 Bytes [BC, F1, 55, 92]
    .text ntkrnlpa.exe!RtlSidHashLookup + 490 82E6F990 4 Bytes [CC, EB, 55, 92] {INT 3 ; JMP 0x58; XCHG EDX, EAX}
    .text ntkrnlpa.exe!RtlSidHashLookup + 4F8 82E6F9F8 4 Bytes [EE, F5, 55, 92] {OUT DX, AL ; CMC ; PUSH EBP; XCHG EDX, EAX}
    .text ntkrnlpa.exe!RtlSidHashLookup + 678 82E6FB78 4 Bytes [8C, 08, 56, 92] {MOV WORD [EAX], CS; PUSH ESI; XCHG EDX, EAX}
    .text ...
    ? System32\Drivers\spnq.sys Määritettyä polkua ei löydy. !
    PAGE ataport.SYS!DllUnload + 1 8C843AD7 4 Bytes JMP 85D021D9
    .text USBPORT.SYS!DllUnload 93848CA0 5 Bytes JMP 876971D8
    .text C:\Windows\system32\DRIVERS\atipmdag.sys section is writeable [0x94A2F000, 0x2E6316, 0xE8000020]
    .text C:\Windows\system32\DRIVERS\lirsgt.sys section is writeable [0x9B985300, 0x1B7E, 0xE8000020]
    .text peauth.sys 9C63DC9D 28 Bytes [0F, 87, 3B, 68, DB, A3, E3, ...]
    .text peauth.sys 9C63DCC1 28 Bytes [0F, 87, 3B, 68, DB, A3, E3, ...]
    PAGE peauth.sys 9C643B9B 72 Bytes [A7, C7, 21, 18, 6C, EC, 29, ...]
    PAGE peauth.sys 9C643BEC 111 Bytes [90, F4, A3, B6, 9A, 13, 23, ...]
    PAGE peauth.sys 9C643E20 101 Bytes [E4, 9F, B5, 9C, 35, 8D, 33, ...]
    PAGE ...

    ---- User code sections - GMER 1.0.15 ----

    .text C:\Windows\system32\svchost.exe[796] ole32.dll!CoCreateInstance 76DE57FC 5 Bytes JMP 00A2000A
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!UnhookWindowsHookEx 76C2CC7B 5 Bytes JMP 6E3781D8 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!CallNextHookEx 76C2CC8F 5 Bytes JMP 6E359A6C C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!CreateWindowExW 76C30E51 5 Bytes JMP 6E36801F C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!SetWindowsHookExW 76C3210A 5 Bytes JMP 6E3146DB C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!DialogBoxIndirectParamW 76C54AA7 5 Bytes JMP 6E48EDC0 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!DialogBoxParamW 76C5564A 5 Bytes JMP 6E284D5B C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!DialogBoxParamA 76C6CF6A 5 Bytes JMP 6E48ED5D C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!DialogBoxIndirectParamA 76C6D29C 5 Bytes JMP 6E48EE23 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!MessageBoxIndirectA 76C7E8C9 5 Bytes JMP 6E48ECF2 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!MessageBoxIndirectW 76C7E9C3 5 Bytes JMP 6E48EC87 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!MessageBoxExA 76C7EA29 5 Bytes JMP 6E48EC25 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] USER32.dll!MessageBoxExW 76C7EA4D 5 Bytes JMP 6E48EBC3 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] ole32.dll!OleLoadFromStream 76D95B88 5 Bytes JMP 6E48F137 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2184] ole32.dll!CoCreateInstance 76DE57FC 5 Bytes JMP 6E368B0D C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[6060] USER32.dll!CreateWindowExW 76C30E51 5 Bytes JMP 6E36801F C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[6060] USER32.dll!DialogBoxIndirectParamW 76C54AA7 5 Bytes JMP 6E48EDC0 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[6060] USER32.dll!DialogBoxParamW 76C5564A 5 Bytes JMP 6E284D5B C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[6060] USER32.dll!DialogBoxParamA 76C6CF6A 5 Bytes JMP 6E48ED5D C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[6060] USER32.dll!DialogBoxIndirectParamA 76C6D29C 5 Bytes JMP 6E48EE23 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[6060] USER32.dll!MessageBoxIndirectA 76C7E8C9 5 Bytes JMP 6E48ECF2 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[6060] USER32.dll!MessageBoxIndirectW 76C7E9C3 5 Bytes JMP 6E48EC87 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[6060] USER32.dll!MessageBoxExA 76C7EA29 5 Bytes JMP 6E48EC25 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[6060] USER32.dll!MessageBoxExW 76C7EA4D 5 Bytes JMP 6E48EBC3 C:\Windows\system32\IEFRAME.dll (Internet-selain/Microsoft Corporation)

    ---- User IAT/EAT - GMER 1.0.15 ----

    IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [73B92494] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [73B75624] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [73B756E2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [73B9250F] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [73B88573] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [73B84D27] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [73B850CE] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [73B851A3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromHBITMAP] [73B866D0] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [73B882CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [73B88819] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [73B8907A] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [73B8E21D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Windows\Explorer.EXE[496] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [73B84C59] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Users\Sini\AppData\Local\Temp\Qtr.exe[1192] @ C:\Windows\system32\WININET.dll [USER32.dll!CreateWindowExW] [00417CE6] C:\Users\Sini\AppData\Local\Temp\Qtr.exe
    IAT C:\Users\Sini\AppData\Local\Temp\Qtr.exe[1192] @ C:\Windows\system32\WININET.dll [USER32.dll!SetWindowPos] [00417E12] C:\Users\Sini\AppData\Local\Temp\Qtr.exe
    IAT C:\Users\Sini\AppData\Local\Temp\Qtr.exe[1192] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!CreateWindowExA] [00417C6C] C:\Users\Sini\AppData\Local\Temp\Qtr.exe
    IAT C:\Users\Sini\AppData\Local\Temp\Qtr.exe[1192] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!CreateWindowExW] [00417CE6] C:\Users\Sini\AppData\Local\Temp\Qtr.exe
    IAT C:\Users\Sini\AppData\Local\Temp\Qtr.exe[1192] @ C:\Windows\system32\ole32.dll [USER32.dll!CreateWindowExW] [00417CE6] C:\Users\Sini\AppData\Local\Temp\Qtr.exe
    IAT C:\Users\Sini\AppData\Local\Temp\Qtr.exe[1192] @ C:\Windows\system32\ole32.dll [USER32.dll!ShowWindow] [00417D60] C:\Users\Sini\AppData\Local\Temp\Qtr.exe
    IAT C:\Users\Sini\AppData\Local\Temp\Qtr.exe[1192] @ C:\Windows\system32\shell32.dll [USER32.dll!CreateWindowExW] [00417CE6] C:\Users\Sini\AppData\Local\Temp\Qtr.exe
    IAT C:\Users\Sini\AppData\Local\Temp\Qtr.exe[1192] @ C:\Windows\system32\shell32.dll [USER32.dll!SetWindowPos] [00417E12] C:\Users\Sini\AppData\Local\Temp\Qtr.exe
    IAT C:\Users\Sini\AppData\Local\Temp\Qtr.exe[1192] @ C:\Windows\system32\shell32.dll [USER32.dll!ShowWindow] [00417D60] C:\Users\Sini\AppData\Local\Temp\Qtr.exe
    IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\SHELL32.dll [USER32.dll!MessageBoxW] [00418686] C:\Windows\msa.exe
    IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\SHELL32.dll [USER32.dll!DialogBoxParamW] [0041867A] C:\Windows\msa.exe
    IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\SHELL32.dll [USER32.dll!CreateWindowExW] [004184E8] C:\Windows\msa.exe
    IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\SHELL32.dll [USER32.dll!MessageBoxIndirectW] [00418674] C:\Windows\msa.exe
    IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\SHELL32.dll [USER32.dll!SetWindowPos] [0041860E] C:\Windows\msa.exe
    IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\SHELL32.dll [USER32.dll!ShowWindow] [00418560] C:\Windows\msa.exe
    IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!DialogBoxParamW] [0041867A] C:\Windows\msa.exe
    IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!DialogBoxParamA] [0041867A] C:\Windows\msa.exe
    IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!CreateWindowExA] [00418470] C:\Windows\msa.exe
    IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!CreateWindowExW] [004184E8] C:\Windows\msa.exe
    IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!MessageBoxW] [00418686] C:\Windows\msa.exe
    IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\WININET.dll [USER32.dll!DialogBoxParamW] [0041867A] C:\Windows\msa.exe
    IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\WININET.dll [USER32.dll!CreateWindowExW] [004184E8] C:\Windows\msa.exe
    IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\WININET.dll [USER32.dll!MessageBoxW] [00418686] C:\Windows\msa.exe
    IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\WININET.dll [USER32.dll!SetWindowPos] [0041860E] C:\Windows\msa.exe
    IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\ole32.dll [USER32.dll!CreateWindowExW] [004184E8] C:\Windows\msa.exe
    IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\ole32.dll [USER32.dll!DialogBoxParamW] [0041867A] C:\Windows\msa.exe
    IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\ole32.dll [USER32.dll!MessageBoxW] [00418686] C:\Windows\msa.exe
    IAT C:\Windows\msa.exe[1432] @ C:\Windows\system32\ole32.dll [USER32.dll!ShowWindow] [00418560] C:\Windows\msa.exe
    IAT C:\Windows\System32\rundll32.exe[3524] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [74F95D3D] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
    IAT C:\Windows\System32\rundll32.exe[3524] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [74F95D3D] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
    IAT C:\Windows\System32\rundll32.exe[3524] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [74F95D3D] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
    IAT C:\Windows\System32\rundll32.exe[3524] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [74F95D3D] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
    IAT C:\Windows\System32\rundll32.exe[3524] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [74F95D3D] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
    IAT C:\Windows\System32\rundll32.exe[3524] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [74F95D3D] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)

    ---- Devices - GMER 1.0.15 ----

    Device \FileSystem\Ntfs \Ntfs 85D081F8
    Device \FileSystem\fastfat \FatCdrom 889C61F8
    Device \Driver\volmgr \Device\VolMgrControl 85D041F8
    Device \Driver\usbohci \Device\USBPDO-0 876941F8
    Device \Driver\usbehci \Device\USBPDO-1 876A71F8
    Device \Driver\usbohci \Device\USBPDO-2 876941F8
    Device \Driver\usbehci \Device\USBPDO-3 876A71F8
    Device \Driver\volmgr \Device\HarddiskVolume1 85D041F8

    AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

    Device \Driver\volmgr \Device\HarddiskVolume2 85D041F8

    AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

    Device \Driver\cdrom \Device\CdRom0 87451500
    Device \Driver\volmgr \Device\HarddiskVolume3 85D041F8

    AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

    Device \Driver\atapi \Device\Ide\IdePort0 85D061F8
    Device \Driver\atapi \Device\Ide\IdePort1 85D061F8
    Device \Driver\atapi \Device\Ide\IdePort2 85D061F8
    Device \Driver\atapi \Device\Ide\IdePort3 85D061F8
    Device \Driver\atapi \Device\Ide\IdeDeviceP3T0L0-4 85D061F8
    Device \Driver\volmgr \Device\HarddiskVolume4 85D041F8

    AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

    Device \Driver\volmgr \Device\HarddiskVolume5 85D041F8

    AttachedDevice \Driver\volmgr \Device\HarddiskVolume5 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

    Device \Driver\NetBT \Device\NetBT_Tcpip_{02C4A9CE-C6F6-4610-AA31-268A8ADBE780} 874321F8
    Device \Driver\NetBT \Device\NetBt_Wins_Export 874321F8
    Device \Driver\USBSTOR \Device\00000083 879AD500
    Device \Driver\USBSTOR \Device\00000084 879AD500
    Device \Driver\USBSTOR \Device\00000085 879AD500
    Device \Driver\USBSTOR \Device\00000086 879AD500
    Device \Driver\USBSTOR \Device\00000087 879AD500
    Device \Driver\ACPI_HAL \Device\0000004e halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)
    Device \Driver\usbohci \Device\USBFDO-0 876941F8
    Device \Driver\usbehci \Device\USBFDO-1 876A71F8
    Device \Driver\usbohci \Device\USBFDO-2 876941F8
    Device \Driver\usbehci \Device\USBFDO-3 876A71F8
    Device \FileSystem\fastfat \Fat 889C61F8

    AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

    Device -> \Driver\atapi \Device\Harddisk0\DR0 86AEF841

    ---- Registry - GMER 1.0.15 ----

    Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s1 771343423
    Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s2 285507792

    ---- Files - GMER 1.0.15 ----

    File C:\Windows\system32\drivers\atapi.sys suspicious modification

    ---- EOF - GMER 1.0.15 ----
     
    toope92, 10.03.2010
    #4
  6. Michelola

    Michelola Regular member

    Liittynyt:
    13.04.2009
    Viestejä:
    588
    Kiitokset:
    1
    Pisteet:
    28
    niin mikä oli ongelma
     
    Michelola, 10.03.2010
    #5
  7. warwas

    warwas Guest

    Jos sul ei ole muuta sanomista niin kasvatatko vain postcountia jotta pääsisit Senior Memberiksi?

    @Toope92
    Tästä alkaa savotta jos jonkinmoinen, saastunut on ja pahasti ja pahin siellä on saastunut Atapi.sys, ongelmana että me ei voida poistaa sitä ja laittaa uutta tilalle ihan hetkessä.

    Kokeillaan kummiskin...(Tulee vaatimaan kyllä Korjauslevykkeen mikä ei poista omia tiedostoja)

    Vistassa kaikki fixit tarvii tehdä järjestelmänvalvojana
    Eli hiiren oikealla ja aja järjestelmän valvojana.

    Avaa HJT
    Klikkaa Do a system scan only ja merkkaa seuraavat rivit:

    O4 - HKCU\..\Run: [TOY5KNQ8OC] C:\Users\Sini\AppData\Local\Temp\Qtr.exe

    O4 - HKUS\S-1-5-18\..\Run: [cbssreg] C:\Windows\TEMP\nytf.tmp\svchost.exe (User 'SYSTEM')

    O4 - HKUS\.DEFAULT\..\Run: [cbssreg] C:\Windows\TEMP\nytf.tmp\svchost.exe (User 'Default user')

    Sammuta kaikki muut ohjelmat paitsi palomuuri ja virustorjunta ja Klikkaa Fix checked

    Sulje HJT

    -------------------------------------------------------------------------------
    Päivitä ja skannaa Mbam:lla
    • Avaa Mbam
    • Klikkaa päivitys
    • Tarkista päivitykset
    • Kun ohjelma on latautunut ja päivitykset tehty, valitse Suorita täysi tarkistus ja klikkaa Tarkista.
    • Kun tarkistus on valmis, klikkaa OK ja sitten Näytä tulokset nähdäksesi tulokset.
    • Varmistu, että kaikki on merkitty ja klikkaa Poista valitut.
    • Tämän jälkeen loki avautuu muistioon. Tallenna se paikkaan, josta löydät sen helposti. Loki löytyy myös täältä: C:\Documents and Settings\Käyttäjänimi\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-päiväys.txt
    • Lähetä lokin sisältö seuraavassa viestissäsi.

    Sammuta ja käynnistä jollei Mbam sitä Tee/Pyydä

    1. Lataa OTListIt by OldTimer ja tallenna se työpöydälle.
    2. Sulje kaikki päälläolevat ikkunat ja sovellukset.
    3. Tuplaklikkaa OTL.exeä käynnistääksesi OTListIt:n.
    4. Valitse "Scan All Users"-valintaruutu (laita siihen rasti).
    5. Klikkaa sinistä Run Scan-nappulaa.
    6. OTListIt aloittaa tarkistuksen.
    7. Kun tarkistus on valmis, OTListIt luo kaksi tekstitiedostoa työpöydälle, OTListIt.Txt <- tämä avautuu Muistioon ja Extras.txt
    8. Kopioi (Ctrl+A , Ctrl+C) ja liitä (Ctrl+V) OTListIt.Txt ja Extras.txt-tiedostojen sisältö seuravaan viestiisi

    Lähetätkö seuraavat lokit
    Mbam:n log-päiväys.txt
    Otl:n OTListIt.Txt ja Extras.txt
     
    Moderaattorin viimeksi muokkaama: 10.03.2010
    warwas, 10.03.2010
    #6
  8. toope92

    toope92 Regular member

    Liittynyt:
    08.11.2006
    Viestejä:
    140
    Kiitokset:
    0
    Pisteet:
    26
    Ongelmana on se että mbam lakkaa kesken kaiken toimimasta!
     
    toope92, 11.03.2010
    #7
  9. toope92

    toope92 Regular member

    Liittynyt:
    08.11.2006
    Viestejä:
    140
    Kiitokset:
    0
    Pisteet:
    26
    OTL logfile created on: 11.3.2010 17:49:46 - Run 1
    OTL by OldTimer - Version 3.1.36.1 Folder = C:\Users\Sini\Desktop
    Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.7600.16385)
    Locale: 0000040b | Country: Suomi | Language: FIN | Date Format: d.M.yyyy

    3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 68,00% Memory free
    7,00 Gb Paging File | 6,00 Gb Available in Paging File | 83,00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 931,51 Gb Total Space | 732,06 Gb Free Space | 78,59% Space Free | Partition Type: NTFS
    D: Drive not present or media not loaded
    E: Drive not present or media not loaded
    F: Drive not present or media not loaded
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded

    Computer Name: SINI-PC
    Current User Name: Sini
    Logged in as Administrator.

    Current Boot Mode: Normal
    Scan Mode: All users
    Company Name Whitelist: Off
    Skip Microsoft Files: Off
    File Age = 30 Days
    Output = Standard

    ========== Processes (SafeList) ==========

    PRC - [2010.03.11 17:47:34 | 000,554,496 | ---- | M] (OldTimer Tools) -- C:\Users\Sini\Desktop\OTL.exe
    PRC - [2010.03.06 10:36:53 | 000,356,960 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\fsav32.exe
    PRC - [2010.03.06 10:36:07 | 000,619,616 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\fssm32.exe
    PRC - [2010.03.06 10:36:06 | 000,480,352 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\fsgk32.exe
    PRC - [2010.03.06 10:28:03 | 000,055,992 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\ORSP Client\fsorsp.exe
    PRC - [2010.02.25 12:02:02 | 000,716,616 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
    PRC - [2010.02.25 11:59:54 | 001,047,880 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
    PRC - [2010.02.02 20:17:28 | 000,372,736 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
    PRC - [2010.02.02 20:16:58 | 000,172,032 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
    PRC - [2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
    PRC - [2009.08.10 15:59:50 | 000,178,720 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
    PRC - [2009.08.10 15:59:48 | 000,387,616 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
    PRC - [2009.08.05 17:58:52 | 000,186,976 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\Common\FSMA32.EXE
    PRC - [2009.08.05 17:58:50 | 000,199,264 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\Common\FSM32.EXE
    PRC - [2009.08.05 17:58:50 | 000,088,672 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\Common\FSHDLL32.EXE
    PRC - [2009.08.05 17:57:20 | 000,522,848 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\FWES\program\fsdfwd.exe
    PRC - [2009.08.05 17:56:10 | 000,215,648 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\fsgk32st.exe
    PRC - [2009.07.14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
    PRC - [2009.07.14 03:14:24 | 000,157,184 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Windows Defender\MpCmdRun.exe
    PRC - [2008.10.16 10:04:42 | 000,202,016 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Sonera\InternetAvustaja\bin\sprtsvc.exe
    PRC - [2007.07.24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe


    ========== Modules (SafeList) ==========

    MOD - [2010.03.11 17:47:34 | 000,554,496 | ---- | M] (OldTimer Tools) -- C:\Users\Sini\Desktop\OTL.exe
    MOD - [2009.07.14 03:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll
    MOD - [2009.07.14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll
    MOD - [2009.07.14 03:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll
    MOD - [2009.07.14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll
    MOD - [2009.07.14 03:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll
    MOD - [2009.07.14 03:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll
    MOD - [2009.07.14 03:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
    MOD - [2009.07.14 03:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll
    MOD - [2009.07.14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll
    MOD - [2009.07.14 03:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll
    MOD - [2009.07.14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll


    ========== Win32 Services (SafeList) ==========

    SRV - [2010.03.06 10:28:03 | 000,055,992 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files\Sonera\Sonera Tietoturva\ORSP Client\fsorsp.exe -- (FSORSPClient)
    SRV - [2010.03.05 16:33:51 | 002,462,256 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\rswin_3648.dll -- (Akamai)
    SRV - [2010.03.03 10:05:31 | 000,435,016 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)
    SRV - [2010.02.25 11:59:54 | 001,047,880 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
    SRV - [2010.02.25 11:56:02 | 000,030,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
    SRV - [2010.02.02 20:16:58 | 000,172,032 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
    SRV - [2009.08.21 15:47:14 | 030,510,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
    SRV - [2009.08.21 15:36:08 | 004,639,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
    SRV - [2009.08.10 15:59:50 | 000,178,720 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp)
    SRV - [2009.08.10 15:59:48 | 000,387,616 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM)
    SRV - [2009.08.05 17:58:52 | 000,186,976 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files\Sonera\Sonera Tietoturva\Common\FSMA32.EXE -- (FSMA)
    SRV - [2009.08.05 17:57:20 | 000,522,848 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files\Sonera\Sonera Tietoturva\FWES\Program\fsdfwd.exe -- (FSDFWD)
    SRV - [2009.08.05 17:56:10 | 000,215,648 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\fsgk32st.exe -- (F-Secure Gatekeeper Handler Starter)
    SRV - [2009.07.14 03:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)
    SRV - [2009.07.14 03:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
    SRV - [2009.07.14 03:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power)
    SRV - [2009.07.14 03:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
    SRV - [2009.07.14 03:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)
    SRV - [2009.07.14 03:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
    SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
    SRV - [2009.07.14 03:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)
    SRV - [2009.07.14 03:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
    SRV - [2009.07.14 03:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
    SRV - [2009.07.14 03:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
    SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
    SRV - [2009.07.14 03:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
    SRV - [2009.07.14 03:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
    SRV - [2009.07.14 03:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
    SRV - [2009.07.14 03:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc)
    SRV - [2009.07.14 03:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC)
    SRV - [2009.07.14 03:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) ActiveX-asennusohjelma (AxInstSV)
    SRV - [2009.07.14 03:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)
    SRV - [2009.07.14 03:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc)
    SRV - [2008.10.16 10:04:42 | 000,202,016 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Sonera\InternetAvustaja\bin\sprtsvc.exe -- (sprtsvc_sonera) SupportSoft Sprocket Service (sonera)
    SRV - [2008.10.16 10:02:58 | 000,382,320 | ---- | M] (SupportSoft, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\supportsoft\bin\ssrc.exe -- (SupportSoft RemoteAssist)
    SRV - [2008.05.21 13:42:56 | 000,064,000 | ---- | M] (Creative Technology Ltd) [Disabled | Stopped] -- C:\Program Files\Creative\Creative Centrale\CTUPnPSv.exe -- (CTUPnPSv)
    SRV - [2007.12.13 16:29:59 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
    SRV - [2007.07.24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
    SRV - [2007.04.02 08:15:40 | 000,061,440 | ---- | M] (Creative Technology Ltd) [Disabled | Stopped] -- C:\Program Files\Creative\Shared Files\CTDevSrv.exe -- (CTDevice_Srv)
    SRV - [2004.05.14 13:02:46 | 000,086,016 | ---- | M] (NetGroup - Politecnico di Torino) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)


    ========== Driver Services (SafeList) ==========

    DRV - [2010.03.10 16:16:42 | 000,021,584 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\atapi.sys -- (atapi)
    DRV - [2010.03.06 10:37:16 | 000,033,920 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\Drivers\fsbts.sys -- (fsbts)
    DRV - [2010.03.06 10:36:46 | 000,107,104 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\minifilter\fsgk.sys -- (F-Secure Gatekeeper)
    DRV - [2010.02.20 17:07:24 | 000,278,984 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
    DRV - [2010.02.20 17:06:41 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
    DRV - [2010.02.02 20:54:34 | 005,313,536 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
    DRV - [2010.02.02 20:54:34 | 005,313,536 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atipmdag.sys -- (amdkmdag)
    DRV - [2010.02.02 19:23:42 | 000,150,016 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
    DRV - [2010.01.28 15:33:30 | 000,100,352 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
    DRV - [2010.01.27 11:04:00 | 000,183,584 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService)
    DRV - [2010.01.21 01:59:58 | 000,020,864 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag)
    DRV - [2010.01.21 01:59:56 | 000,024,960 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem)
    DRV - [2010.01.21 01:59:56 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)
    DRV - [2010.01.07 16:07:14 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
    DRV - [2010.01.03 21:04:37 | 000,722,416 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
    DRV - [2009.12.19 02:31:32 | 000,073,312 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\adfs.sys -- (adfs)
    DRV - [2009.12.01 11:11:28 | 001,872,192 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\cmudax3.sys -- (cmuda3)
    DRV - [2009.11.10 14:55:08 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
    DRV - [2009.11.10 14:54:52 | 000,035,984 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
    DRV - [2009.11.09 05:21:18 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
    DRV - [2009.10.14 07:24:44 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
    DRV - [2009.08.05 17:58:30 | 000,068,064 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys -- (F-Secure HIPS)
    DRV - [2009.08.05 17:57:20 | 000,071,040 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\fsdfw.sys -- (FSFW)
    DRV - [2009.08.05 17:57:12 | 000,035,680 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\fses.sys -- (FSES)
    DRV - [2009.08.05 17:56:14 | 000,039,776 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\win2k\fsfilter.sys -- (F-Secure Filter)
    DRV - [2009.08.05 17:56:14 | 000,025,184 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\win2k\fsrec.sys -- (F-Secure Recognizer)
    DRV - [2009.08.05 17:56:12 | 000,012,384 | ---- | M] () [Kernel | System | Running] -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\minifilter\fsvista.sys -- (fsvista)
    DRV - [2009.07.30 17:12:54 | 000,287,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmf6232.sys -- (NVNET)
    DRV - [2009.07.14 03:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide)
    DRV - [2009.07.14 03:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci)
    DRV - [2009.07.14 03:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)
    DRV - [2009.07.14 03:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)
    DRV - [2009.07.14 03:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320)
    DRV - [2009.07.14 03:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas)
    DRV - [2009.07.14 03:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata)
    DRV - [2009.07.14 03:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc)
    DRV - [2009.07.14 03:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata)
    DRV - [2009.07.14 03:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide)
    DRV - [2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor)
    DRV - [2009.07.14 03:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid)
    DRV - [2009.07.14 03:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)
    DRV - [2009.07.14 03:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)
    DRV - [2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV)
    DRV - [2009.07.14 03:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)
    DRV - [2009.07.14 03:20:36 | 000,133,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg)
    DRV - [2009.07.14 03:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)
    DRV - [2009.07.14 03:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)
    DRV - [2009.07.14 03:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)
    DRV - [2009.07.14 03:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp)
    DRV - [2009.07.14 03:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas)
    DRV - [2009.07.14 03:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)
    DRV - [2009.07.14 03:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor)
    DRV - [2009.07.14 03:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx)
    DRV - [2009.07.14 03:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD)
    DRV - [2009.07.14 03:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)
    DRV - [2009.07.14 03:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)
    DRV - [2009.07.14 03:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp)
    DRV - [2009.07.14 03:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot)
    DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount)
    DRV - [2009.07.14 03:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide)
    DRV - [2009.07.14 03:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300)
    DRV - [2009.07.14 03:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)
    DRV - [2009.07.14 03:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)
    DRV - [2009.07.14 03:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)
    DRV - [2009.07.14 03:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw)
    DRV - [2009.07.14 03:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)
    DRV - [2009.07.14 03:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor)
    DRV - [2009.07.14 03:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG)
    DRV - [2009.07.14 02:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
    DRV - [2009.07.14 02:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\rdpbus.sys -- (rdpbus)
    DRV - [2009.07.14 02:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)
    DRV - [2009.07.14 01:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
    DRV - [2009.07.14 01:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)
    DRV - [2009.07.14 01:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)
    DRV - [2009.07.14 01:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)
    DRV - [2009.07.14 01:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\1394ohci.sys -- (1394ohci)
    DRV - [2009.07.14 01:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass)
    DRV - [2009.07.14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
    DRV - [2009.07.14 01:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)
    DRV - [2009.07.14 01:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)
    DRV - [2009.07.14 01:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus)
    DRV - [2009.07.14 01:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID)
    DRV - [2009.07.14 01:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter)
    DRV - [2009.07.14 01:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache)
    DRV - [2009.07.14 01:19:21 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HidBatt.sys -- (HidBatt)
    DRV - [2009.07.14 01:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi)
    DRV - [2009.07.14 01:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdppm.sys -- (AmdPPM)
    DRV - [2009.07.14 00:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir)
    DRV - [2009.07.14 00:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm)
    DRV - [2009.07.14 00:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer)
    DRV - [2009.07.14 00:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm)
    DRV - [2009.07.14 00:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo)
    DRV - [2009.07.14 00:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp)
    DRV - [2009.07.14 00:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
    DRV - [2009.07.14 00:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
    DRV - [2009.07.14 00:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv)
    DRV - [2009.07.14 00:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv)
    DRV - [2009.06.29 00:36:36 | 000,017,920 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
    DRV - [2008.12.12 15:27:46 | 000,018,432 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\LG Soft India\forteManager\bin\PII2CDriver.sys -- (LGII2CDevice)
    DRV - [2008.12.12 15:27:46 | 000,014,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\LG Soft India\forteManager\bin\I2CDriver.sys -- (LGDDCDevice)
    DRV - [2008.01.19 05:55:22 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\irsir.sys -- (irsir)
    DRV - [2007.04.17 20:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\regi.sys -- (regi)
    DRV - [2004.05.14 11:37:10 | 000,032,896 | ---- | M] (NetGroup - Politecnico di Torino) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\npf.sys -- (NPF)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========



    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



    IE - HKU\S-1-5-21-3761315706-44459061-675875969-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com?o=15161&l=dis
    IE - HKU\S-1-5-21-3761315706-44459061-675875969-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fi.msn.com/?ocid=iehp
    IE - HKU\S-1-5-21-3761315706-44459061-675875969-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fi
    IE - HKU\S-1-5-21-3761315706-44459061-675875969-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 59 2D 93 5E EC 6D CA 01 [binary data]
    IE - HKU\S-1-5-21-3761315706-44459061-675875969-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    ========== FireFox ==========

    FF - prefs.js..browser.search.defaultengine: "Ask.com"
    FF - prefs.js..browser.search.defaultenginename: "Ask.com"
    FF - prefs.js..browser.search.defaultthis.engineName: "BS Player Customized Web Search"
    FF - prefs.js..browser.search.defaulturl: "http://www3.iamwired.net/websearch.php?src=tops&search="
    FF - prefs.js..browser.search.order.1: "Ask.com"
    FF - prefs.js..browser.search.selectedEngine: "Torrents.to"
    FF - prefs.js..browser.search.update: false
    FF - prefs.js..browser.search.useDBForOrder: true
    FF - prefs.js..browser.startup.homepage: "http://www.google.fi/"
    FF - prefs.js..extensions.enabledItems: {80155943-b083-a2cf-0350-54d3b1be1609}:4.6.6.4
    FF - prefs.js..keyword.URL: ""
    FF - prefs.js..network.proxy.no_proxies_on: "*.local"


    FF - HKLM\software\mozilla\Firefox\Extensions\\FFToolbar@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2010\bdaphffext\ [2010.03.06 10:33:01 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Firefox\Extensions\\litmus-ff@f-secure.com: C:\Program Files\Sonera\Sonera Tietoturva\NRS\litmus-ff@f-secure.com [2010.03.06 10:23:23 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.03.11 10:51:52 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.03.11 10:56:18 | 000,000,000 | ---D | M]

    [2009.12.23 03:15:53 | 000,000,000 | ---D | M] -- C:\Users\Sini\AppData\Roaming\mozilla\Extensions
    [2009.12.23 03:15:53 | 000,000,000 | ---D | M] -- C:\Users\Sini\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org
    [2010.03.11 17:24:40 | 000,000,000 | ---D | M] -- C:\Users\Sini\AppData\Roaming\mozilla\Firefox\Profiles\k20tmfqy.default\extensions
    [2010.01.23 17:01:58 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Sini\AppData\Roaming\mozilla\Firefox\Profiles\k20tmfqy.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
    [2009.12.24 14:49:06 | 000,000,000 | ---D | M] (Fasterfox) -- C:\Users\Sini\AppData\Roaming\mozilla\Firefox\Profiles\k20tmfqy.default\extensions\{c36177c0-224a-11da-8cd6-0800200c9a91}
    [2010.01.23 17:01:58 | 000,000,000 | ---D | M] (FoxTab) -- C:\Users\Sini\AppData\Roaming\mozilla\Firefox\Profiles\k20tmfqy.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
    [2010.01.27 23:30:56 | 000,000,000 | ---D | M] -- C:\Users\Sini\AppData\Roaming\mozilla\Firefox\Profiles\k20tmfqy.default\extensions\fsonlinescanner@f-secure.com
    [2010.01.23 17:01:58 | 000,000,000 | ---D | M] -- C:\Users\Sini\AppData\Roaming\mozilla\Firefox\Profiles\k20tmfqy.default\extensions\personas@christopher.beard
    [2010.03.11 17:18:44 | 000,002,257 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\Mozilla\FireFox\Profiles\k20tmfqy.default\searchplugins\askcom.xml
    [2009.12.24 20:57:14 | 000,002,367 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\Mozilla\FireFox\Profiles\k20tmfqy.default\searchplugins\photobucket.xml
    [2010.03.09 17:57:08 | 000,000,261 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\Mozilla\FireFox\Profiles\k20tmfqy.default\searchplugins\Search.xml
    [2009.12.02 18:49:43 | 000,000,897 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\Mozilla\FireFox\Profiles\k20tmfqy.default\searchplugins\torrentsto.xml
    [2010.01.22 19:04:02 | 000,001,713 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\Mozilla\FireFox\Profiles\k20tmfqy.default\searchplugins\youtube-video-search.xml
    [2010.03.11 17:19:18 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
    [2010.03.09 18:35:10 | 000,000,000 | ---D | M] (LoudMo Contextual Ad Assistant) -- C:\Program Files\Mozilla Firefox\extensions\{80155943-b083-a2cf-0350-54d3b1be1609}
    [2010.01.16 03:19:09 | 000,002,062 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bookplus-fi.xml
    [2010.01.16 03:19:09 | 000,001,069 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons-fi.xml
    [2010.01.16 03:19:09 | 000,002,677 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\huuto-fi.xml
    [2010.01.16 03:19:09 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fi.xml
    [2010.01.16 03:19:09 | 000,000,796 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-fi.xml

    O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
    O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
    O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    O2 - BHO: (Browsing Protection Class) - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files\Sonera\Sonera Tietoturva\NRS\iescript\BaseLitmus.dll (F-Secure Corporation)
    O2 - BHO: (gwprimawega) - {da9e5a55-a1a2-1b97-026f-b233372fee2e} - C:\Windows\System32\p0_aPIH.dll ()
    O3 - HKLM\..\Toolbar: (Browsing Protection Toolbar) - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files\Sonera\Sonera Tietoturva\NRS\iescript\BaseLitmus.dll (F-Secure Corporation)
    O3 - HKU\S-1-5-21-3761315706-44459061-675875969-1001\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
    O4 - HKLM..\Run: [CmPCIaudio] File not found
    O4 - HKLM..\Run: [F-Secure Manager] C:\Program Files\Sonera\Sonera Tietoturva\Common\FSM32.EXE (F-Secure Corporation)
    O4 - HKLM..\Run: [F-Secure TNB] C:\Program Files\Sonera\Sonera Tietoturva\FSGUI\TNBUtil.exe (F-Secure Corporation)
    O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
    O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
    O4 - HKU\.DEFAULT..\Run: [cbssreg] C:\Windows\TEMP\nytf.tmp\svchost.exe File not found
    O4 - HKU\S-1-5-18..\Run: [cbssreg] C:\Windows\TEMP\nytf.tmp\svchost.exe File not found
    O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe File not found
    O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe File not found
    O4 - HKU\S-1-5-21-3761315706-44459061-675875969-1001..\Run: [FileHippo.com] C:\Program Files\FileHippo.com\UpdateChecker.exe (FileHippo.com)
    O4 - HKU\S-1-5-21-3761315706-44459061-675875969-1001..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
    O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
    O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
    O4 - Startup: C:\Users\Sini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe (Lime Wire, LLC)
    O4 - Startup: C:\Users\Sini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\update.exe ()
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
    O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
    O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
    O13 - gopher Prefix: missing
    O15 - HKU\S-1-5-21-3761315706-44459061-675875969-1001\..Trusted Domains: corel.com ([]http in Trusted sites)
    O15 - HKU\S-1-5-21-3761315706-44459061-675875969-1001\..Trusted Domains: corel.com ([www] * in Trusted sites)
    O15 - HKU\S-1-5-21-3761315706-44459061-675875969-1001\..Trusted Domains: intervideo.com ([]http in Trusted sites)
    O15 - HKU\S-1-5-21-3761315706-44459061-675875969-1001\..Trusted Domains: intervideo.com ([www] * in Trusted sites)
    O16 - DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} http://srtest-cdn.systemrequirementslab.com.s3.amazonaws.com/bin/sysreqlabdetect.cab (Reg Error: Key error.)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
    O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
    O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15111/CTPID.cab (Creative Software AutoUpdate Support Package)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254
    O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
    O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O20 - HKU\S-1-5-21-3761315706-44459061-675875969-1001 Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20 - HKU\S-1-5-21-3761315706-44459061-675875969-1001 Winlogon: Shell - (C:\Users\Sini\AppData\Roaming\ufxw.exe) - C:\Users\Sini\AppData\Roaming\ufxw.exe File not found
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
    O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
    O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O33 - MountPoints2\I\Shell - "" = AutoRun
    O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\Autorun.exe -- File not found
    O33 - MountPoints2\J\Shell - "" = AutoRun
    O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\Autorun.exe -- File not found
    O33 - MountPoints2\K\Shell - "" = AutoRun
    O34 - HKLM BootExecute: (autocheck autochk /r \??\F:) - File not found
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O34 - HKLM BootExecute: (sasnative32) - File not found
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*

    ========== Files/Folders - Created Within 30 Days ==========

    [2010.03.11 17:47:34 | 000,554,496 | ---- | C] (OldTimer Tools) -- C:\Users\Sini\Desktop\OTL.exe
    [2010.03.10 16:49:11 | 000,000,000 | ---D | C] -- C:\Users\Sini\Tracing
    [2010.03.09 20:58:43 | 000,705,536 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\cohelper.dll
    [2010.03.09 19:14:02 | 002,622,496 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkHDMI.dll
    [2010.03.09 19:14:02 | 000,355,528 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32H.dll
    [2010.03.09 19:14:02 | 000,183,584 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RtHDMIV.sys
    [2010.03.09 19:14:02 | 000,073,928 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32H.dll
    [2010.03.09 19:14:01 | 000,168,648 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32H.dll
    [2010.03.09 19:14:01 | 000,062,664 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32H.dll
    [2010.03.09 19:14:00 | 001,640,480 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RHDMIExt.dll
    [2010.03.09 19:14:00 | 000,293,600 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RH3DHT32.dll
    [2010.03.09 19:14:00 | 000,293,600 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RH3DAA32.dll
    [2010.03.09 19:14:00 | 000,057,376 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RHCoInst.dll
    [2010.03.09 19:14:00 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
    [2010.03.09 19:13:52 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp
    [2010.03.09 19:11:56 | 000,000,000 | ---D | C] -- C:\SMU
    [2010.03.09 19:11:56 | 000,000,000 | ---D | C] -- C:\SMBUS
    [2010.03.09 19:11:54 | 000,000,000 | ---D | C] -- C:\IDE
    [2010.03.09 19:11:54 | 000,000,000 | ---D | C] -- C:\Ethernet
    [2010.03.09 17:27:11 | 000,000,000 | ---D | C] -- C:\Users\Sini\Documents\DriverGenius
    [2010.03.09 17:03:19 | 000,000,000 | ---D | C] -- C:\Program Files\Driver-Soft
    [2010.03.09 07:09:41 | 003,955,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
    [2010.03.09 07:09:41 | 003,899,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
    [2010.03.08 20:27:42 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
    [2010.03.08 17:22:58 | 000,000,000 | ---D | C] -- C:\Program Files\TrendMicro
    [2010.03.08 04:51:36 | 000,000,000 | ---D | C] -- C:\SDFix
    [2010.03.08 04:50:41 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
    [2010.03.08 04:47:05 | 000,000,000 | ---D | C] -- C:\Windows\Sun
    [2010.03.07 19:54:36 | 000,000,000 | ---D | C] -- C:\Users\Sini\AppData\Local\Stay Secure
    [2010.03.07 16:43:44 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
    [2010.03.07 16:37:07 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
    [2010.03.07 16:37:06 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
    [2010.03.07 16:37:06 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
    [2010.03.06 10:31:35 | 000,000,000 | -HSD | C] -- C:\Config.Msi
    [2010.03.06 10:24:13 | 000,035,680 | ---- | C] (F-Secure Corporation) -- C:\Windows\System32\drivers\fses.sys
    [2010.03.06 10:24:08 | 000,572,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcp50.dll
    [2010.03.06 10:24:08 | 000,071,040 | ---- | C] (F-Secure Corporation) -- C:\Windows\System32\drivers\fsdfw.sys
    [2010.03.06 09:46:08 | 000,000,000 | ---D | C] -- C:\Users\Sini\Documents\My Drivers
    [2010.03.05 13:33:38 | 000,000,000 | ---D | C] -- C:\Users\Sini\Documents\Adobe Scripts
    [2010.03.05 10:24:58 | 000,016,400 | ---- | C] (Logitech, Inc.) -- C:\Windows\System32\drivers\LNonPnP.sys
    [2010.03.05 10:24:41 | 001,581,072 | ---- | C] (Logitech, Inc.) -- C:\Windows\System32\LkmdfCoInst.dll
    [2010.03.05 10:24:41 | 000,052,240 | ---- | C] (Logitech, Inc.) -- C:\Windows\System32\LMouFiltCoInst.dll
    [2010.03.05 10:24:41 | 000,037,392 | ---- | C] (Logitech, Inc.) -- C:\Windows\System32\drivers\LMouFilt.Sys
    [2010.03.05 10:24:40 | 000,035,984 | ---- | C] (Logitech, Inc.) -- C:\Windows\System32\drivers\LHidFilt.Sys
    [2010.03.04 15:38:01 | 000,000,000 | ---D | C] -- C:\Program Files\The Sims Resource
    [2010.03.04 14:50:34 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
    [2010.03.04 14:40:01 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
    [2010.03.03 20:00:17 | 000,274,432 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\Oemdspif.dll
    [2010.03.03 20:00:17 | 000,100,352 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\drivers\AtiHdmi.sys
    [2010.03.03 20:00:17 | 000,050,176 | ---- | C] (AMD) -- C:\Windows\System32\coinst.dll
    [2010.03.03 20:00:17 | 000,027,136 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiuxpag.dll
    [2010.03.03 20:00:16 | 000,020,480 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiu9pag.dll
    [2010.03.03 20:00:15 | 000,356,352 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\atipdlxx.dll
    [2010.03.03 20:00:15 | 000,159,744 | ---- | C] (AMD) -- C:\Windows\System32\atitmmxx.dll
    [2010.03.03 20:00:12 | 014,147,072 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atioglxx.dll
    [2010.03.03 20:00:07 | 005,313,536 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\atipmdag.sys
    [2010.03.03 20:00:07 | 005,313,536 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\atikmdag.sys
    [2010.03.03 20:00:07 | 000,150,016 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\drivers\atikmpag.sys
    [2010.03.03 20:00:07 | 000,052,224 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atimpc32.dll
    [2010.03.03 20:00:07 | 000,052,224 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\amdpcom32.dll
    [2010.03.03 20:00:07 | 000,011,776 | ---- | C] (AMD) -- C:\Windows\System32\atimuixx.dll
    [2010.03.03 20:00:06 | 000,446,464 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIDEMGX.dll
    [2010.03.03 20:00:06 | 000,014,848 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atigktxx.dll
    [2010.03.03 20:00:06 | 000,012,800 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiglpxx.dll
    [2010.03.03 20:00:05 | 003,649,536 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticaldd.dll
    [2010.03.03 20:00:05 | 000,426,496 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\System32\aticfx32.dll
    [2010.03.03 20:00:05 | 000,143,360 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiapfxx.exe
    [2010.03.03 20:00:05 | 000,053,248 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalrt.dll
    [2010.03.03 20:00:05 | 000,053,248 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalcl.dll
    [2010.03.03 20:00:04 | 000,053,248 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\ati2erec.dll
    [2010.03.03 20:00:04 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\ati2edxx.dll
    [2010.03.03 12:59:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Protexis
    [2010.03.03 12:58:53 | 000,000,000 | ---D | C] -- C:\Program Files\Corel
    [2010.03.03 11:22:44 | 000,000,000 | ---D | C] -- C:\KU990
    [2010.03.03 11:19:08 | 000,000,000 | ---D | C] -- C:\LG_USB
    [2010.03.03 11:15:35 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml4a.dll
    [2010.03.03 11:15:16 | 000,000,000 | ---D | C] -- C:\ProgramData\LGMOBILEAX
    [2010.03.03 10:34:51 | 000,055,824 | ---- | C] (Logitech, Inc.) -- C:\Windows\KHALMNPR.Exe
    [2010.03.03 10:18:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
    [2010.03.03 10:05:37 | 000,030,024 | ---- | C] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll
    [2010.03.03 10:05:37 | 000,021,320 | ---- | C] (TuneUp Software) -- C:\Windows\System32\authuitu.dll
    [2010.03.03 10:01:40 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
    [2010.03.03 10:01:37 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
    [2010.03.03 10:01:37 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
    [2010.03.03 10:01:37 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
    [2010.03.03 10:01:33 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll
    [2010.03.03 10:01:33 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
    [2010.03.03 10:01:33 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll
    [2010.03.03 10:01:33 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
    [2010.03.03 10:01:31 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
    [2010.03.03 10:01:31 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
    [2010.03.03 10:01:31 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
    [2010.03.03 10:01:31 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
    [2010.03.03 10:01:31 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
    [2010.03.03 10:01:31 | 000,277,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
    [2010.03.03 10:01:31 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
    [2010.03.03 10:01:31 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
    [2010.03.03 10:01:29 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
    [2010.02.09 23:30:57 | 000,000,000 | ---D | C] -- C:\Users\Sini\AppData\Roaming\InstallShield
    [2010.02.09 23:23:07 | 000,000,000 | -H-D | C] -- C:\LG3G
    [2010.02.09 23:20:23 | 000,000,000 | ---D | C] -- C:\lgupload
    [2010.02.09 23:00:14 | 000,024,960 | ---- | C] (LG Electronics Inc.) -- C:\Windows\System32\drivers\lgusbmodem.sys
    [2010.02.09 23:00:14 | 000,020,864 | ---- | C] (LG Electronics Inc.) -- C:\Windows\System32\drivers\lgusbdiag.sys
    [2010.02.09 23:00:14 | 000,013,056 | ---- | C] (LG Electronics Inc.) -- C:\Windows\System32\drivers\lgusbbus.sys
    [2010.02.09 23:00:13 | 000,000,000 | ---D | C] -- C:\Program Files\LG Electronics
    [2010.02.09 22:58:49 | 000,000,000 | ---D | C] -- C:\Program Files\LG PC Suite 2
    [2010.02.09 22:05:04 | 000,000,000 | ---D | C] -- C:\Windows\pss
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2010.03.11 17:51:09 | 003,670,016 | ---- | M] () -- C:\Users\Sini\ntuser.dat
    [2010.03.11 17:47:34 | 000,554,496 | ---- | M] (OldTimer Tools) -- C:\Users\Sini\Desktop\OTL.exe
    [2010.03.11 17:32:18 | 000,014,608 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2010.03.11 17:32:18 | 000,014,608 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2010.03.11 17:22:50 | 000,000,975 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
    [2010.03.11 10:53:23 | 000,001,815 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk
    [2010.03.11 10:06:52 | 000,000,574 | ---- | M] () -- C:\Windows\tasks\Scheduled scanning task.job
    [2010.03.11 10:06:24 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
    [2010.03.11 10:06:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2010.03.10 23:48:17 | 001,144,078 | -H-- | M] () -- C:\Users\Sini\AppData\Local\IconCache.db
    [2010.03.10 18:33:27 | 000,000,466 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_021.cplist
    [2010.03.10 18:33:24 | 000,002,516 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys
    [2010.03.10 18:27:55 | 000,000,466 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_020.cplist
    [2010.03.10 17:18:06 | 000,000,480 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_019.cplist
    [2010.03.10 17:07:51 | 000,000,466 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_018.cplist
    [2010.03.10 16:48:16 | 000,000,522 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_017.cplist
    [2010.03.10 16:39:45 | 437,169,378 | ---- | M] () -- C:\Windows\MEMORY.DMP
    [2010.03.10 16:16:42 | 000,021,584 | ---- | M] () -- C:\Windows\System32\drivers\atapi.sys
    [2010.03.09 21:01:02 | 001,243,400 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
    [2010.03.09 21:01:02 | 000,616,736 | ---- | M] () -- C:\Windows\System32\perfh009.dat
    [2010.03.09 21:01:02 | 000,442,586 | ---- | M] () -- C:\Windows\System32\perfh00B.dat
    [2010.03.09 21:01:02 | 000,107,828 | ---- | M] () -- C:\Windows\System32\perfc009.dat
    [2010.03.09 21:01:02 | 000,083,000 | ---- | M] () -- C:\Windows\System32\perfc00B.dat
    [2010.03.09 19:14:17 | 000,000,246 | ---- | M] () -- C:\Windows\Cmicnfg3.ini.cfl
    [2010.03.09 19:14:17 | 000,000,168 | ---- | M] () -- C:\Windows\Cmicnfg3.ini.imi
    [2010.03.09 19:14:17 | 000,000,136 | ---- | M] () -- C:\Windows\System\Dlap.pfx
    [2010.03.09 19:13:35 | 000,000,107 | ---- | M] () -- C:\Windows\System\Cmicnfg3.ini
    [2010.03.09 18:35:11 | 000,118,375 | ---- | M] () -- C:\Windows\System32\MSF_RIUNyS3.exe
    [2010.03.09 17:58:41 | 002,760,844 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\update.exe
    [2010.03.08 23:34:07 | 000,196,608 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
    [2010.03.08 23:33:56 | 000,524,288 | -HS- | M] () -- C:\Users\Sini\ntuser.dat{d4828c67-2ac3-11df-9e1b-001966bb5e2b}.TMContainer00000000000000000002.regtrans-ms
    [2010.03.08 23:33:56 | 000,524,288 | -HS- | M] () -- C:\Users\Sini\ntuser.dat{d4828c67-2ac3-11df-9e1b-001966bb5e2b}.TMContainer00000000000000000001.regtrans-ms
    [2010.03.08 23:33:56 | 000,065,536 | -HS- | M] () -- C:\Users\Sini\ntuser.dat{d4828c67-2ac3-11df-9e1b-001966bb5e2b}.TM.blf
    [2010.03.07 20:12:07 | 000,000,514 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_016.cplist
    [2010.03.07 20:11:41 | 000,000,498 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_015.cplist
    [2010.03.07 19:54:33 | 000,000,562 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_014.cplist
    [2010.03.07 16:18:57 | 000,000,466 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_013.cplist
    [2010.03.07 15:15:38 | 000,000,490 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_012.cplist
    [2010.03.07 10:49:53 | 000,000,486 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_011.cplist
    [2010.03.07 10:49:13 | 000,000,514 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_010.cplist
    [2010.03.06 22:12:01 | 000,000,582 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_009.cplist
    [2010.03.06 22:10:45 | 000,000,452 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_008.cplist
    [2010.03.06 22:09:53 | 000,000,582 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_007.cplist
    [2010.03.06 22:08:50 | 000,000,510 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_006.cplist
    [2010.03.06 20:32:44 | 000,000,498 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_005.cplist
    [2010.03.06 18:00:35 | 000,000,564 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_004.cplist
    [2010.03.06 13:05:40 | 000,000,522 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_003.cplist
    [2010.03.06 10:44:37 | 000,016,400 | ---- | M] (Logitech, Inc.) -- C:\Windows\System32\drivers\LNonPnP.sys
    [2010.03.06 10:37:16 | 000,033,920 | ---- | M] () -- C:\Windows\System32\drivers\fsbts.sys
    [2010.03.06 10:31:37 | 000,000,052 | ---- | M] () -- C:\Windows\System32\ashttpstats.csv
    [2010.03.05 17:29:59 | 000,000,496 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_002.cplist
    [2010.03.05 17:07:49 | 000,000,562 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_001.cplist
    [2010.03.04 10:06:23 | 002,353,664 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\phar_unmip.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\phar_histprot.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_video.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_webproxy.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_tabloids.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_socialnetworks.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_searchengines.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_regionaltlds.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_pornography.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_onlineshop.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_onlinepay.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_onlinedating.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_news.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_im.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_illegal.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_hate.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_games.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_gambling.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_drugs.dat
    [2010.03.03 12:59:57 | 000,115,248 | ---- | M] () -- C:\Users\Sini\AppData\Local\GDIPFONTCACHEV1.DAT
    [2010.03.03 12:06:44 | 000,000,025 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\bdfvconp.ini
    [2010.03.03 11:15:58 | 000,002,412 | ---- | M] () -- C:\Windows\System32\lgAxconfig.ini
    [2010.03.03 10:42:16 | 000,000,132 | ---- | M] () -- C:\Windows\System32\rezumatenoi.dat
    [2010.03.03 10:38:08 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
    [2010.03.03 10:18:28 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcp71.dll
    [2010.03.03 10:18:28 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcr71.dll
    [2010.03.03 09:58:58 | 000,008,284 | ---- | M] () -- C:\Windows\System32\eps_icon.avi
    [2010.02.25 12:03:02 | 000,030,536 | ---- | M] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe
    [2010.02.25 11:56:16 | 000,021,320 | ---- | M] (TuneUp Software) -- C:\Windows\System32\authuitu.dll
    [2010.02.25 11:56:02 | 000,030,024 | ---- | M] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll
    [2010.02.24 09:16:06 | 000,181,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
    [2010.02.20 17:07:24 | 000,278,984 | ---- | M] () -- C:\Windows\System32\drivers\atksgt.sys
    [2010.02.20 17:06:41 | 000,025,416 | ---- | M] () -- C:\Windows\System32\drivers\lirsgt.sys
    [2010.02.18 13:42:24 | 001,290,240 | ---- | M] () -- C:\Windows\System32\p0_aPIH.dll
    [2010.02.11 09:10:14 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2010.03.11 17:22:50 | 000,000,975 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
    [2010.03.11 10:53:23 | 000,001,815 | ---- | C] () -- C:\Users\Sini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk
    [2010.03.10 18:33:27 | 000,000,466 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_021.cplist
    [2010.03.10 18:27:55 | 000,000,466 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_020.cplist
    [2010.03.10 17:14:46 | 000,000,480 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_019.cplist
    [2010.03.10 17:07:51 | 000,000,466 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_018.cplist
    [2010.03.10 16:48:16 | 000,000,522 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_017.cplist
    [2010.03.09 23:08:45 | 437,169,378 | ---- | C] () -- C:\Windows\MEMORY.DMP
    [2010.03.09 20:58:43 | 000,006,136 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
    [2010.03.09 17:58:09 | 002,760,844 | ---- | C] () -- C:\Users\Sini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\update.exe
    [2010.03.09 17:57:01 | 000,118,375 | ---- | C] () -- C:\Windows\System32\MSF_RIUNyS3.exe
    [2010.03.08 17:34:09 | 000,524,288 | -HS- | C] () -- C:\Users\Sini\ntuser.dat{d4828c67-2ac3-11df-9e1b-001966bb5e2b}.TMContainer00000000000000000002.regtrans-ms
    [2010.03.08 17:34:09 | 000,524,288 | -HS- | C] () -- C:\Users\Sini\ntuser.dat{d4828c67-2ac3-11df-9e1b-001966bb5e2b}.TMContainer00000000000000000001.regtrans-ms
    [2010.03.08 17:34:09 | 000,065,536 | -HS- | C] () -- C:\Users\Sini\ntuser.dat{d4828c67-2ac3-11df-9e1b-001966bb5e2b}.TM.blf
    [2010.03.07 20:12:07 | 000,000,514 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_016.cplist
    [2010.03.07 20:11:41 | 000,000,498 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_015.cplist
    [2010.03.07 19:54:33 | 000,000,562 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_014.cplist
    [2010.03.07 15:16:36 | 000,000,466 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_013.cplist
    [2010.03.07 15:15:38 | 000,000,490 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_012.cplist
    [2010.03.07 10:49:53 | 000,000,486 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_011.cplist
    [2010.03.07 10:49:13 | 000,000,514 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_010.cplist
    [2010.03.06 22:12:01 | 000,000,582 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_009.cplist
    [2010.03.06 22:10:45 | 000,000,452 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_008.cplist
    [2010.03.06 22:09:53 | 000,000,582 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_007.cplist
    [2010.03.06 22:08:50 | 000,000,510 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_006.cplist
    [2010.03.06 20:32:44 | 000,000,498 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_005.cplist
    [2010.03.06 18:00:35 | 000,000,564 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_004.cplist
    [2010.03.06 13:05:40 | 000,000,522 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_003.cplist
    [2010.03.06 10:40:52 | 000,000,574 | ---- | C] () -- C:\Windows\tasks\Scheduled scanning task.job
    [2010.03.06 10:24:39 | 000,033,920 | ---- | C] () -- C:\Windows\System32\drivers\fsbts.sys
    [2010.03.05 17:29:59 | 000,000,496 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_002.cplist
    [2010.03.05 17:07:49 | 000,000,562 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_001.cplist
    [2010.03.05 10:32:29 | 000,000,052 | ---- | C] () -- C:\Windows\System32\ashttpstats.csv
    [2010.03.03 20:00:16 | 000,491,104 | ---- | C] () -- C:\Windows\System32\atiumdva.cap
    [2010.03.03 20:00:15 | 000,001,035 | ---- | C] () -- C:\Windows\System32\atipblag.dat
    [2010.03.03 20:00:08 | 000,020,274 | ---- | C] () -- C:\Windows\atiogl.xml
    [2010.03.03 20:00:06 | 000,198,341 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
    [2010.03.03 20:00:05 | 000,031,240 | ---- | C] () -- C:\Windows\System32\atiapfxx.blb
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\phar_unmip.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\phar_histprot.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_video.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_webproxy.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_tabloids.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_socialnetworks.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_searchengines.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_regionaltlds.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_pornography.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_onlineshop.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_onlinepay.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_onlinedating.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_news.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_im.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_illegal.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_hate.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_games.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_gambling.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_drugs.dat
    [2010.03.03 12:06:44 | 000,000,025 | ---- | C] () -- C:\Users\Sini\AppData\Roaming\bdfvconp.ini
    [2010.03.03 11:15:35 | 000,053,248 | ---- | C] () -- C:\Windows\System32\CommonDL.dll
    [2010.03.03 11:15:35 | 000,002,412 | ---- | C] () -- C:\Windows\System32\lgAxconfig.ini
    [2010.03.03 10:38:08 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
    [2010.02.20 17:06:42 | 000,278,984 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
    [2010.02.20 17:06:41 | 000,025,416 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
    [2010.02.18 13:42:24 | 001,290,240 | ---- | C] () -- C:\Windows\System32\p0_aPIH.dll
    [2010.01.20 21:29:05 | 000,000,008 | RHS- | C] () -- C:\ProgramData\DA2827B44C.sys
    [2010.01.20 21:29:04 | 000,002,516 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
    [2010.01.03 21:04:37 | 000,722,416 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
    [2009.12.26 18:13:11 | 000,151,552 | ---- | C] () -- C:\Windows\System32\nvRegDev.dll
    [2009.12.18 20:29:26 | 000,237,568 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
    [2009.12.18 19:47:12 | 000,026,112 | ---- | C] () -- C:\Users\Sini\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2009.12.03 18:49:16 | 000,007,605 | ---- | C] () -- C:\Users\Sini\AppData\Local\Resmon.ResmonCfg
    [2009.12.01 19:03:03 | 000,003,733 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
    [2009.11.26 22:38:15 | 000,008,704 | ---- | C] () -- C:\Windows\System32\CNMVS7I.DLL
    [2009.11.26 17:11:39 | 000,000,246 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.cfl
    [2009.11.26 17:10:57 | 000,303,104 | ---- | C] () -- C:\Windows\System32\CmiInstallResAll.dll
    [2009.11.26 17:10:57 | 000,002,123 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.cfg
    [2009.11.26 17:10:57 | 000,000,168 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.imi
    [2009.11.26 17:10:56 | 000,002,754 | ---- | C] () -- C:\Windows\cmudax3.ini
    [2009.11.25 22:39:58 | 000,000,266 | ---- | C] () -- C:\Windows\lgfwup.ini
    [2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
    [2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
    [2009.07.14 01:11:15 | 000,021,584 | ---- | C] () -- C:\Windows\System32\drivers\atapi.sys
    [2009.06.19 20:06:22 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
    [2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
    [2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
    [2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
    [2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
    [2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
    [2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
    [2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
    [2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
    [2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
    [2006.10.11 05:33:58 | 000,010,288 | ---- | C] () -- C:\Windows\System32\drivers\ASUSHWIO.SYS
    [2005.02.25 06:15:00 | 000,159,744 | ---- | C] () -- C:\Windows\System32\EPSPTDV.DLL
    [2004.01.15 07:01:26 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll
    < End of report >



    OTL Extras logfile created on: 11.3.2010 17:49:46 - Run 1
    OTL by OldTimer - Version 3.1.36.1 Folder = C:\Users\Sini\Desktop
    Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.7600.16385)
    Locale: 0000040b | Country: Suomi | Language: FIN | Date Format: d.M.yyyy

    3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 68,00% Memory free
    7,00 Gb Paging File | 6,00 Gb Available in Paging File | 83,00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 931,51 Gb Total Space | 732,06 Gb Free Space | 78,59% Space Free | Partition Type: NTFS
    D: Drive not present or media not loaded
    E: Drive not present or media not loaded
    F: Drive not present or media not loaded
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded

    Computer Name: SINI-PC
    Current User Name: Sini
    Logged in as Administrator.

    Current Boot Mode: Normal
    Scan Mode: All users
    Company Name Whitelist: Off
    Skip Microsoft Files: Off
    File Age = 30 Days
    Output = Standard

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
    .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

    [HKEY_USERS\S-1-5-21-3761315706-44459061-675875969-1001\SOFTWARE\Classes\<extension>]
    .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

    ========== Shell Spawning ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
    htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
    htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = Reg Error: Unknown registry data type -- File not found
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    ========== Authorized Applications List ==========


    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
    "{022F6097-A053-4B1B-BE50-3AADE4116B92}" = Opera 10.50
    "{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
    "{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
    "{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
    "{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
    "{0BB72566-0D4C-7200-2CE7-02F298B49C88}" = CCC Help English
    "{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
    "{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
    "{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
    "{110AD51E-D0E0-49B1-52FD-291373BA62EA}" = Catalyst Control Center Graphics Full New
    "{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
    "{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
    "{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
    "{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
    "{1B2DBF55-05D4-4072-87D8-689141E262BD}" = Creative ZEN
    "{1E99F5D7-4262-4C7C-9135-F066E7485811}" = System Requirements Lab
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{20071984-5EB1-4881-8EDB-082532ACEC6D}" = Heroes of Might and Magic V
    "{20140000-000F-0000-0000-0000000FF1CE}" = Microsoft Office Mondo 2010 (Beta)
    "{20140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010 (Beta)
    "{20140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010 (Beta)
    "{20140000-0017-0409-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (English) 2010 (Beta)
    "{20140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010 (Beta)
    "{20140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010 (Beta)
    "{20140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010 (Beta)
    "{20140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010 (Beta)
    "{20140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 (Beta)
    "{20140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 (Beta)
    "{20140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010 (Beta)
    "{20140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010 (Beta)
    "{20140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010 (Beta)
    "{20140000-0054-0409-0000-0000000FF1CE}" = Microsoft Office Visio MUI (English) 2010 (Beta)
    "{20140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010 (Beta)
    "{20140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010 (Beta)
    "{20140000-00B4-0409-0000-0000000FF1CE}" = Microsoft Office Project MUI (English) 2010 (Beta)
    "{20140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010 (Beta)
    "{20140000-0102-0409-0000-0000000FF1CE}" = Microsoft Office MondoOnly MUI (English) 2010 (Beta)
    "{20140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010 (Beta)
    "{20140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010 (Beta)
    "{20140000-011A-0000-0000-0000000FF1CE}" = Microsoft Office Send-a-Smile
    "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Liven lataustyökalu
    "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
    "{23F79416-CAD1-41BF-99A3-040F6C814AAA}" = NVIDIA Photoshop Plug-ins
    "{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
    "{31557F4F-7D10-D32E-4B70-237A09FCC31B}" = Catalyst Control Center Graphics Previews Common
    "{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
    "{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
    "{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
    "{3C175604-F026-5D79-BBD8-F626AE10B3EF}" = Catalyst Control Center Graphics Full Existing
    "{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
    "{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Autodesk Backburner 2008.1
    "{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
    "{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
    "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
    "{4442AB48-DEC4-4B39-B067-1F75BF8017E7}" = Creative Centrale
    "{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{513148E7-B7A1-48B2-B518-668701E546F5}" = LightScribe System Software 1.14.19.1
    "{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
    "{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
    "{5C1F18D2-F6B7-4242-B803-B5A78648185D}" = Corel WinDVD 2010
    "{5DB65884-C963-4454-AABA-4CA3089281FA}" = NVIDIA PhysX
    "{6179550A-3E7C-499E-BCC9-9E8113E0A285}" = LG Tool Kit
    "{62C2067E-5851-BD4C-98E0-5C4D5E155A5B}" = Catalyst Control Center Core Implementation
    "{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
    "{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
    "{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
    "{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
    "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
    "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
    "{72736F5F-520D-472A-88CC-7B02872FD34E}" = ATI Catalyst Registration
    "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
    "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    "{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
    "{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
    "{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
    "{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
    "{85EB1E72-4FAA-40E4-A511-DF3A9A0A4CA8}" = Windows Live Messenger
    "{86604C06-DA30-425E-AECE-47304FE81C45}" = Creative Software Update
    "{87BB78C4-F36D-4D93-A7C7-F80F18219848}" = AMD DnD V1.0.19
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
    "{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
    "{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
    "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{993960EE-CA4D-443F-8F88-E24260DD5FD2}" = LG PC Suite
    "{998152E5-B605-4BBB-9853-E749AEE02B21}" = Windows Liven kirjautumisavustaja
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{9C87F6BB-75E4-4F35-8353-F5E295264E98}" = Windows Live Call
    "{9D669429-A2E4-4793-B7A0-283D259F39AF}" = Adobe Photoshop Lightroom 2.5
    "{9E1BAB75-EB78-440D-94C0-A3857BE2E733}" = System Requirements Lab
    "{A292C05C-840A-9D47-5350-EF39ECC7629E}" = Catalyst Control Center HydraVision Full
    "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
    "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
    "{A666A477-4C02-415E-9F31-3541FC0CD6B5}" = SipdxDLL
    "{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
    "{AA2BCB44-B44F-445A-A80C-E6C50218940C}" = Windows Liven asennustyökalu
    "{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
    "{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.1
    "{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
    "{AD17676C-5065-E427-130B-21CE713F93E7}" = Catalyst Control Center Graphics Light
    "{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
    "{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
    "{B970700B-E49F-ECEF-4ADB-0F3E1AFEDE91}" = ccc-core-static
    "{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
    "{BC1FFF14-C10D-7087-C43A-4A8ECC9C98C4}" = ATI Catalyst Install Manager
    "{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
    "{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem Driver
    "{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
    "{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
    "{CF23AFD7-3078-4134-8823-EBF6D1FE6FAD}" = Canon MP450
    "{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
    "{D5395E5F-4D45-4665-8F00-234FA33678AF}" = SlimDX Redistributable (March 2009)
    "{DA6FAB8D-E87A-4E8E-A3D3-B7B9F479C725}" = forteManager
    "{E2E7A0E8-77C4-495F-8FA3-63DAEDAA2DB3}" = F-Secure PSC Prerequisites
    "{E2F29FCA-126F-48DF-A9B5-BEBE8F0F1610}" = CreativeSetup
    "{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
    "{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
    "{E542E630-8BB7-4C28-B8EB-0BAD2B201C65}" = Audio Track Editor
    "{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
    "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
    "{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
    "{F439D7AF-03F3-4F8E-AEC4-571BFE977C61}" = iTunes
    "{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
    "{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
    "{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
    "{F9726DDC-D7B5-BF1F-5626-EA467FEEBC52}" = ccc-utility
    "{F9F13FEA-D51E-A1C3-4EDC-D04A91B62C93}" = Catalyst Control Center Graphics Previews Vista
    "{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
    "{FE3997D3-6B56-4AC4-A99C-9DDFC45359BF}" = TuneUp Utilities Language Pack (en-US)
    "Adobe AIR" = Adobe AIR
    "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
    "Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
    "ADSL Router Utility" = ADSL Router Utility
    "Akamai" = Akamai NetSession Interface
    "CCleaner" = CCleaner
    "C-Media PCI Audio Driver" = C-Media PCI Audio Device
    "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
    "Creative Centrale" = Creative Centrale
    "Creative Software AutoUpdate" = Creative Software AutoUpdate
    "Defraggler" = Defraggler
    "Driver Genius Professional Edition_is1" = Driver Genius Professional Edition
    "EADM" = EA Download Manager
    "FileHippo.com" = FileHippo.com Update Checker
    "F-Secure Product 444" = Sonera Tietoturva
    "HijackThis" = HijackThis 2.0.2
    "InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
    "LastFM_is1" = Last.fm 1.5.4.24567
    "LimeWire" = LimeWire 5.5.5
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
    "Mozilla Firefox (3.6)" = Mozilla Firefox (3.6)
    "MSF_RIUNyS3" = LoudMo Contextual Ad Assistant
    "NVIDIA Drivers" = NVIDIA Drivers
    "Office14.MONDO" = Microsoft Office Mondo 2010
    "PowerISO" = PowerISO
    "Sonera Internet Avustaja_is1" = Sonera Internet Avustaja
    "Spotify" = Spotify
    "SysInfo" = Creative System Information
    "TS3 Install Helper Monkey" = TS3 Install Helper Monkey
    "TuneUp Utilities" = TuneUp Utilities
    "Uninstall_is1" = Uninstall 1.0.0.1
    "uTorrent" = µTorrent
    "WinLiveSuite_Wave3" = Windows Liven asennustyökalu
    "WinPcapInst" = WinPcap 3.1 beta3
    "WinRAR archiver" = WinRAR archiver
    "VLC media player" = VLC media player 1.0.3

    ========== Last 10 Event Log Errors ==========

    [ Application Events ]
    Error - 10.3.2010 10:40:05 | Computer Name = Sini-PC | Source = FSecure-FSecure-F-Secure DeepGuard | ID = 103
    Description = 1 2010-03-10 16:40:05+03:00 SINI-PC SYSTEM F-Secure DeepGuard

    DeepGuard configuration was rejected. Old configuration will be used if possible.

    Error code: DAAS reject

    Error - 10.3.2010 10:52:02 | Computer Name = Sini-PC | Source = FSecure-FSecure-F-Secure DeepGuard | ID = 103
    Description = 1 2010-03-10 16:52:02+03:00 SINI-PC SYSTEM F-Secure DeepGuard

    DeepGuard configuration was rejected. Old configuration will be used if possible.

    Error code: DAAS reject

    Error - 10.3.2010 14:39:39 | Computer Name = Sini-PC | Source = Application Error | ID = 1000
    Description = Viallisen sovelluksen nimi: IEXPLORE.EXE, versio: 8.0.7600.16385,
    aikaleima: 0x4a5bc69e Viallisen moduulin nimi: ntdll.dll, versio: 6.1.7600.16385,
    aikaleima: 0x4a5bdadb Poikkeuskoodi: 0xc0000005 Virhepoikkeama: 0x00046b90 Viallisen
    prosessin tunnus: 0xee8 Viallisen sovelluksen käynnistysaika: 0x01cac080c4a06724
    Viallisen
    sovelluksen polku: C:\Program Files\Internet Explorer\IEXPLORE.EXE Viallisen moduulin
    polku: C:\Windows\SYSTEM32\ntdll.dll Raportin tunnus: 4873d423-2c74-11df-a210-001966bb5e2b

    Error - 10.3.2010 15:02:09 | Computer Name = Sini-PC | Source = Application Error | ID = 1000
    Description = Viallisen sovelluksen nimi: iexplore.exe, versio: 8.0.7600.16385,
    aikaleima: 0x4a5bc69e Viallisen moduulin nimi: ntdll.dll, versio: 6.1.7600.16385,
    aikaleima: 0x4a5bdadb Poikkeuskoodi: 0xc0000005 Virhepoikkeama: 0x00046b90 Viallisen
    prosessin tunnus: 0xdd0 Viallisen sovelluksen käynnistysaika: 0x01cac0841fbdf149
    Viallisen
    sovelluksen polku: C:\Program Files\Internet Explorer\iexplore.exe Viallisen moduulin
    polku: C:\Windows\SYSTEM32\ntdll.dll Raportin tunnus: 6cfac2e4-2c77-11df-a210-001966bb5e2b

    Error - 10.3.2010 15:20:08 | Computer Name = Sini-PC | Source = Application Error | ID = 1000
    Description = Viallisen sovelluksen nimi: iexplore.exe, versio: 8.0.7600.16385,
    aikaleima: 0x4a5bc69e Viallisen moduulin nimi: ntdll.dll, versio: 6.1.7600.16385,
    aikaleima: 0x4a5bdadb Poikkeuskoodi: 0xc0000005 Virhepoikkeama: 0x00046b90 Viallisen
    prosessin tunnus: 0xecc Viallisen sovelluksen käynnistysaika: 0x01cac0869d47617f
    Viallisen
    sovelluksen polku: C:\Program Files\Internet Explorer\iexplore.exe Viallisen moduulin
    polku: C:\Windows\SYSTEM32\ntdll.dll Raportin tunnus: f03d4823-2c79-11df-a210-001966bb5e2b

    Error - 10.3.2010 16:04:02 | Computer Name = Sini-PC | Source = Application Error | ID = 1000
    Description = Viallisen sovelluksen nimi: iexplore.exe, versio: 8.0.7600.16385,
    aikaleima: 0x4a5bc69e Viallisen moduulin nimi: ntdll.dll, versio: 6.1.7600.16385,
    aikaleima: 0x4a5bdadb Poikkeuskoodi: 0xc0000005 Virhepoikkeama: 0x00046b90 Viallisen
    prosessin tunnus: 0x1214 Viallisen sovelluksen käynnistysaika: 0x01cac08cbde8fc58
    Viallisen
    sovelluksen polku: C:\Program Files\Internet Explorer\iexplore.exe Viallisen moduulin
    polku: C:\Windows\SYSTEM32\ntdll.dll Raportin tunnus: 11dd8c29-2c80-11df-a210-001966bb5e2b

    Error - 11.3.2010 4:06:42 | Computer Name = Sini-PC | Source = FSecure-FSecure-F-Secure DeepGuard | ID = 103
    Description = 1 2010-03-11 10:06:42+03:00 SINI-PC SYSTEM F-Secure DeepGuard

    DeepGuard configuration was rejected. Old configuration will be used if possible.

    Error code: DAAS reject

    Error - 11.3.2010 5:16:36 | Computer Name = Sini-PC | Source = SideBySide | ID = 16842815
    Description = Aktivointikontekstin luonti epäonnistui (c:\Program Files\Common Files\Adobe
    AIR\Versions\1.0\Adobe AIR.dll). Virhe luettelo- tai käytäntötiedoston c:\Program
    Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll rivillä 3. Määritteen version
    arvo (MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR) ei kelpaa
    elementissä assemblyIdentity.

    Error - 11.3.2010 11:24:57 | Computer Name = Sini-PC | Source = FSecure-FSecure-F-Secure Anti-Virus | ID = 103
    Description = 2 2010-03-11 17:24:56+03:00 SINI-PC Sini-PC\Sini F-Secure Anti-Virus

    Malicious code found in file C:\Windows\System32\sshnas21.dll. Infection: Trojan.Generic.3313565


    Error - 11.3.2010 11:46:26 | Computer Name = Sini-PC | Source = Application Error | ID = 1000
    Description = Viallisen sovelluksen nimi: mbam.exe, versio: 1.44.0.0, aikaleima:
    0x4b46461a Viallisen moduulin nimi: ntdll.dll, versio: 6.1.7600.16385, aikaleima:
    0x4a5bdadb Poikkeuskoodi: 0xc0000005 Virhepoikkeama: 0x0005c74a Viallisen prosessin
    tunnus: 0x6a0 Viallisen sovelluksen käynnistysaika: 0x01cac12ecd93b5f4 Viallisen
    sovelluksen polku: C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe Viallisen
    moduulin polku: C:\Windows\SYSTEM32\ntdll.dll Raportin tunnus: 3fd4557a-2d25-11df-99ba-001966bb5e2b

    [ Media Center Events ]
    Error - 19.2.2010 7:06:41 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
    Description = 13:06:39 - Virhe muodostettaessa Internet-yhteyttä. 13:06:40 -
    Yhteyden muodostaminen palvelimeen ei onnistu..

    Error - 19.2.2010 7:11:14 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
    Description = 13:07:14 - Virhe muodostettaessa Internet-yhteyttä. 13:07:14 -
    Yhteyden muodostaminen palvelimeen ei onnistu..

    Error - 20.2.2010 10:48:31 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
    Description = 16:48:31 - Virhe muodostettaessa Internet-yhteyttä. 16:48:31 -
    Yhteyden muodostaminen palvelimeen ei onnistu..

    Error - 20.2.2010 10:49:04 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
    Description = 16:49:01 - Virhe muodostettaessa Internet-yhteyttä. 16:49:01 -
    Yhteyden muodostaminen palvelimeen ei onnistu..

    Error - 21.2.2010 11:00:55 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
    Description = 17:00:55 - Virhe muodostettaessa Internet-yhteyttä. 17:00:55 -
    Yhteyden muodostaminen palvelimeen ei onnistu..

    Error - 21.2.2010 11:01:04 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
    Description = 17:01:00 - Virhe muodostettaessa Internet-yhteyttä. 17:01:00 -
    Yhteyden muodostaminen palvelimeen ei onnistu..

    Error - 23.2.2010 1:22:28 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
    Description = 7:22:28 - Virhe muodostettaessa Internet-yhteyttä. 7:22:28 - Yhteyden
    muodostaminen palvelimeen ei onnistu..

    Error - 23.2.2010 1:22:38 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
    Description = 7:22:33 - Virhe muodostettaessa Internet-yhteyttä. 7:22:33 - Yhteyden
    muodostaminen palvelimeen ei onnistu..

    Error - 2.3.2010 5:43:49 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
    Description = 11:43:49 - Virhe muodostettaessa Internet-yhteyttä. 11:43:49 -
    Yhteyden muodostaminen palvelimeen ei onnistu..

    Error - 2.3.2010 5:43:58 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
    Description = 11:43:55 - Virhe muodostettaessa Internet-yhteyttä. 11:43:55 -
    Yhteyden muodostaminen palvelimeen ei onnistu..

    [ System Events ]
    Error - 16.1.2010 10:26:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7031
    Description = Palvelu Käyttäjäprofiilipalvelu on päättynyt odottamatta. Tämä on
    tapahtunut 1 kertaa. 120000 millisekunnin kuluttua suoritetaan seuraava korjaustoimi:
    Käynnistä palvelu uudelleen.

    Error - 16.1.2010 10:26:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7031
    Description = Palvelu Tehtävien ajoitus on päättynyt odottamatta. Tämä on tapahtunut
    1 kertaa. 60000 millisekunnin kuluttua suoritetaan seuraava korjaustoimi: Käynnistä
    palvelu uudelleen.

    Error - 16.1.2010 10:26:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7031
    Description = Palvelu Järjestelmätapahtumien ilmoituspalvelu on päättynyt odottamatta.
    Tämä on tapahtunut 1 kertaa. 120000 millisekunnin kuluttua suoritetaan seuraava
    korjaustoimi: Käynnistä palvelu uudelleen.

    Error - 16.1.2010 10:26:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7031
    Description = Palvelu Käyttöliittymän laitteistotunnistus on päättynyt odottamatta.
    Tämä on tapahtunut 1 kertaa. 60000 millisekunnin kuluttua suoritetaan seuraava
    korjaustoimi: Käynnistä palvelu uudelleen.

    Error - 16.1.2010 10:26:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7031
    Description = Palvelu Teemat on päättynyt odottamatta. Tämä on tapahtunut 1 kertaa.
    60000 millisekunnin kuluttua suoritetaan seuraava korjaustoimi: Käynnistä palvelu
    uudelleen.

    Error - 16.1.2010 10:26:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7031
    Description = Palvelu WMI-palvelu (Windows Management Instrumentation) on päättynyt
    odottamatta. Tämä on tapahtunut 1 kertaa. 120000 millisekunnin kuluttua suoritetaan
    seuraava korjaustoimi: Käynnistä palvelu uudelleen.

    Error - 16.1.2010 10:26:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7031
    Description = Palvelu Windows Update on päättynyt odottamatta. Tämä on tapahtunut
    1 kertaa. 60000 millisekunnin kuluttua suoritetaan seuraava korjaustoimi: Käynnistä
    palvelu uudelleen.

    Error - 16.1.2010 10:27:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7032
    Description = Palvelujen ohjauksen hallinta yritti suorittaa korjaustoimia (Käynnistä
    palvelu uudelleen) palvelun Palvelin odottamattoman lopettamisen jälkeen. Yritys
    epäonnistui ja tapahtui virhe: %%1056

    Error - 16.1.2010 10:28:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7032
    Description = Palvelujen ohjauksen hallinta yritti suorittaa korjaustoimia (Käynnistä
    palvelu uudelleen) palvelun Tietokoneiden selaus odottamattoman lopettamisen jälkeen.
    Yritys epäonnistui ja tapahtui virhe: %%1056

    Error - 16.1.2010 10:28:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7032
    Description = Palvelujen ohjauksen hallinta yritti suorittaa korjaustoimia (Käynnistä
    palvelu uudelleen) palvelun WMI-palvelu (Windows Management Instrumentation) odottamattoman
    lopettamisen jälkeen. Yritys epäonnistui ja tapahtui virhe: %%1056


    < End of report >
     
    toope92, 11.03.2010
    #8
  10. toope92

    toope92 Regular member

    Liittynyt:
    08.11.2006
    Viestejä:
    140
    Kiitokset:
    0
    Pisteet:
    26
    OTL logfile created on: 11.3.2010 17:49:46 - Run 1
    OTL by OldTimer - Version 3.1.36.1 Folder = C:\Users\Sini\Desktop
    Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.7600.16385)
    Locale: 0000040b | Country: Suomi | Language: FIN | Date Format: d.M.yyyy

    3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 68,00% Memory free
    7,00 Gb Paging File | 6,00 Gb Available in Paging File | 83,00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 931,51 Gb Total Space | 732,06 Gb Free Space | 78,59% Space Free | Partition Type: NTFS
    D: Drive not present or media not loaded
    E: Drive not present or media not loaded
    F: Drive not present or media not loaded
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded

    Computer Name: SINI-PC
    Current User Name: Sini
    Logged in as Administrator.

    Current Boot Mode: Normal
    Scan Mode: All users
    Company Name Whitelist: Off
    Skip Microsoft Files: Off
    File Age = 30 Days
    Output = Standard

    ========== Processes (SafeList) ==========

    PRC - [2010.03.11 17:47:34 | 000,554,496 | ---- | M] (OldTimer Tools) -- C:\Users\Sini\Desktop\OTL.exe
    PRC - [2010.03.06 10:36:53 | 000,356,960 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\fsav32.exe
    PRC - [2010.03.06 10:36:07 | 000,619,616 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\fssm32.exe
    PRC - [2010.03.06 10:36:06 | 000,480,352 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\fsgk32.exe
    PRC - [2010.03.06 10:28:03 | 000,055,992 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\ORSP Client\fsorsp.exe
    PRC - [2010.02.25 12:02:02 | 000,716,616 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
    PRC - [2010.02.25 11:59:54 | 001,047,880 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
    PRC - [2010.02.02 20:17:28 | 000,372,736 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
    PRC - [2010.02.02 20:16:58 | 000,172,032 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
    PRC - [2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
    PRC - [2009.08.10 15:59:50 | 000,178,720 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
    PRC - [2009.08.10 15:59:48 | 000,387,616 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
    PRC - [2009.08.05 17:58:52 | 000,186,976 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\Common\FSMA32.EXE
    PRC - [2009.08.05 17:58:50 | 000,199,264 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\Common\FSM32.EXE
    PRC - [2009.08.05 17:58:50 | 000,088,672 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\Common\FSHDLL32.EXE
    PRC - [2009.08.05 17:57:20 | 000,522,848 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\FWES\program\fsdfwd.exe
    PRC - [2009.08.05 17:56:10 | 000,215,648 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\fsgk32st.exe
    PRC - [2009.07.14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
    PRC - [2009.07.14 03:14:24 | 000,157,184 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Windows Defender\MpCmdRun.exe
    PRC - [2008.10.16 10:04:42 | 000,202,016 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Sonera\InternetAvustaja\bin\sprtsvc.exe
    PRC - [2007.07.24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe


    ========== Modules (SafeList) ==========

    MOD - [2010.03.11 17:47:34 | 000,554,496 | ---- | M] (OldTimer Tools) -- C:\Users\Sini\Desktop\OTL.exe
    MOD - [2009.07.14 03:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll
    MOD - [2009.07.14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll
    MOD - [2009.07.14 03:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll
    MOD - [2009.07.14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll
    MOD - [2009.07.14 03:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll
    MOD - [2009.07.14 03:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll
    MOD - [2009.07.14 03:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
    MOD - [2009.07.14 03:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll
    MOD - [2009.07.14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll
    MOD - [2009.07.14 03:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll
    MOD - [2009.07.14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll


    ========== Win32 Services (SafeList) ==========

    SRV - [2010.03.06 10:28:03 | 000,055,992 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files\Sonera\Sonera Tietoturva\ORSP Client\fsorsp.exe -- (FSORSPClient)
    SRV - [2010.03.05 16:33:51 | 002,462,256 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\rswin_3648.dll -- (Akamai)
    SRV - [2010.03.03 10:05:31 | 000,435,016 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)
    SRV - [2010.02.25 11:59:54 | 001,047,880 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
    SRV - [2010.02.25 11:56:02 | 000,030,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
    SRV - [2010.02.02 20:16:58 | 000,172,032 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
    SRV - [2009.08.21 15:47:14 | 030,510,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
    SRV - [2009.08.21 15:36:08 | 004,639,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
    SRV - [2009.08.10 15:59:50 | 000,178,720 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp)
    SRV - [2009.08.10 15:59:48 | 000,387,616 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM)
    SRV - [2009.08.05 17:58:52 | 000,186,976 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files\Sonera\Sonera Tietoturva\Common\FSMA32.EXE -- (FSMA)
    SRV - [2009.08.05 17:57:20 | 000,522,848 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files\Sonera\Sonera Tietoturva\FWES\Program\fsdfwd.exe -- (FSDFWD)
    SRV - [2009.08.05 17:56:10 | 000,215,648 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\fsgk32st.exe -- (F-Secure Gatekeeper Handler Starter)
    SRV - [2009.07.14 03:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)
    SRV - [2009.07.14 03:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
    SRV - [2009.07.14 03:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power)
    SRV - [2009.07.14 03:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
    SRV - [2009.07.14 03:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)
    SRV - [2009.07.14 03:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
    SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
    SRV - [2009.07.14 03:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)
    SRV - [2009.07.14 03:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
    SRV - [2009.07.14 03:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
    SRV - [2009.07.14 03:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
    SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
    SRV - [2009.07.14 03:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
    SRV - [2009.07.14 03:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
    SRV - [2009.07.14 03:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
    SRV - [2009.07.14 03:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc)
    SRV - [2009.07.14 03:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC)
    SRV - [2009.07.14 03:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) ActiveX-asennusohjelma (AxInstSV)
    SRV - [2009.07.14 03:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)
    SRV - [2009.07.14 03:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc)
    SRV - [2008.10.16 10:04:42 | 000,202,016 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Sonera\InternetAvustaja\bin\sprtsvc.exe -- (sprtsvc_sonera) SupportSoft Sprocket Service (sonera)
    SRV - [2008.10.16 10:02:58 | 000,382,320 | ---- | M] (SupportSoft, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\supportsoft\bin\ssrc.exe -- (SupportSoft RemoteAssist)
    SRV - [2008.05.21 13:42:56 | 000,064,000 | ---- | M] (Creative Technology Ltd) [Disabled | Stopped] -- C:\Program Files\Creative\Creative Centrale\CTUPnPSv.exe -- (CTUPnPSv)
    SRV - [2007.12.13 16:29:59 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
    SRV - [2007.07.24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
    SRV - [2007.04.02 08:15:40 | 000,061,440 | ---- | M] (Creative Technology Ltd) [Disabled | Stopped] -- C:\Program Files\Creative\Shared Files\CTDevSrv.exe -- (CTDevice_Srv)
    SRV - [2004.05.14 13:02:46 | 000,086,016 | ---- | M] (NetGroup - Politecnico di Torino) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)


    ========== Driver Services (SafeList) ==========

    DRV - [2010.03.10 16:16:42 | 000,021,584 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\atapi.sys -- (atapi)
    DRV - [2010.03.06 10:37:16 | 000,033,920 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\Drivers\fsbts.sys -- (fsbts)
    DRV - [2010.03.06 10:36:46 | 000,107,104 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\minifilter\fsgk.sys -- (F-Secure Gatekeeper)
    DRV - [2010.02.20 17:07:24 | 000,278,984 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
    DRV - [2010.02.20 17:06:41 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
    DRV - [2010.02.02 20:54:34 | 005,313,536 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
    DRV - [2010.02.02 20:54:34 | 005,313,536 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atipmdag.sys -- (amdkmdag)
    DRV - [2010.02.02 19:23:42 | 000,150,016 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
    DRV - [2010.01.28 15:33:30 | 000,100,352 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
    DRV - [2010.01.27 11:04:00 | 000,183,584 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService)
    DRV - [2010.01.21 01:59:58 | 000,020,864 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag)
    DRV - [2010.01.21 01:59:56 | 000,024,960 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem)
    DRV - [2010.01.21 01:59:56 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)
    DRV - [2010.01.07 16:07:14 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
    DRV - [2010.01.03 21:04:37 | 000,722,416 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
    DRV - [2009.12.19 02:31:32 | 000,073,312 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\adfs.sys -- (adfs)
    DRV - [2009.12.01 11:11:28 | 001,872,192 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\cmudax3.sys -- (cmuda3)
    DRV - [2009.11.10 14:55:08 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
    DRV - [2009.11.10 14:54:52 | 000,035,984 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
    DRV - [2009.11.09 05:21:18 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
    DRV - [2009.10.14 07:24:44 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
    DRV - [2009.08.05 17:58:30 | 000,068,064 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys -- (F-Secure HIPS)
    DRV - [2009.08.05 17:57:20 | 000,071,040 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\fsdfw.sys -- (FSFW)
    DRV - [2009.08.05 17:57:12 | 000,035,680 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\fses.sys -- (FSES)
    DRV - [2009.08.05 17:56:14 | 000,039,776 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\win2k\fsfilter.sys -- (F-Secure Filter)
    DRV - [2009.08.05 17:56:14 | 000,025,184 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\win2k\fsrec.sys -- (F-Secure Recognizer)
    DRV - [2009.08.05 17:56:12 | 000,012,384 | ---- | M] () [Kernel | System | Running] -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\minifilter\fsvista.sys -- (fsvista)
    DRV - [2009.07.30 17:12:54 | 000,287,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmf6232.sys -- (NVNET)
    DRV - [2009.07.14 03:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide)
    DRV - [2009.07.14 03:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci)
    DRV - [2009.07.14 03:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)
    DRV - [2009.07.14 03:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)
    DRV - [2009.07.14 03:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320)
    DRV - [2009.07.14 03:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas)
    DRV - [2009.07.14 03:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata)
    DRV - [2009.07.14 03:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc)
    DRV - [2009.07.14 03:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata)
    DRV - [2009.07.14 03:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide)
    DRV - [2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor)
    DRV - [2009.07.14 03:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid)
    DRV - [2009.07.14 03:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)
    DRV - [2009.07.14 03:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)
    DRV - [2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV)
    DRV - [2009.07.14 03:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)
    DRV - [2009.07.14 03:20:36 | 000,133,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg)
    DRV - [2009.07.14 03:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)
    DRV - [2009.07.14 03:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)
    DRV - [2009.07.14 03:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)
    DRV - [2009.07.14 03:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp)
    DRV - [2009.07.14 03:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas)
    DRV - [2009.07.14 03:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)
    DRV - [2009.07.14 03:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor)
    DRV - [2009.07.14 03:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx)
    DRV - [2009.07.14 03:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD)
    DRV - [2009.07.14 03:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)
    DRV - [2009.07.14 03:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)
    DRV - [2009.07.14 03:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp)
    DRV - [2009.07.14 03:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot)
    DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount)
    DRV - [2009.07.14 03:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide)
    DRV - [2009.07.14 03:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300)
    DRV - [2009.07.14 03:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)
    DRV - [2009.07.14 03:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)
    DRV - [2009.07.14 03:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)
    DRV - [2009.07.14 03:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw)
    DRV - [2009.07.14 03:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)
    DRV - [2009.07.14 03:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor)
    DRV - [2009.07.14 03:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG)
    DRV - [2009.07.14 02:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
    DRV - [2009.07.14 02:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\rdpbus.sys -- (rdpbus)
    DRV - [2009.07.14 02:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)
    DRV - [2009.07.14 01:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
    DRV - [2009.07.14 01:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)
    DRV - [2009.07.14 01:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)
    DRV - [2009.07.14 01:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)
    DRV - [2009.07.14 01:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\1394ohci.sys -- (1394ohci)
    DRV - [2009.07.14 01:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass)
    DRV - [2009.07.14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
    DRV - [2009.07.14 01:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)
    DRV - [2009.07.14 01:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)
    DRV - [2009.07.14 01:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus)
    DRV - [2009.07.14 01:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID)
    DRV - [2009.07.14 01:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter)
    DRV - [2009.07.14 01:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache)
    DRV - [2009.07.14 01:19:21 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HidBatt.sys -- (HidBatt)
    DRV - [2009.07.14 01:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi)
    DRV - [2009.07.14 01:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdppm.sys -- (AmdPPM)
    DRV - [2009.07.14 00:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir)
    DRV - [2009.07.14 00:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm)
    DRV - [2009.07.14 00:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer)
    DRV - [2009.07.14 00:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm)
    DRV - [2009.07.14 00:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo)
    DRV - [2009.07.14 00:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp)
    DRV - [2009.07.14 00:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
    DRV - [2009.07.14 00:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
    DRV - [2009.07.14 00:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv)
    DRV - [2009.07.14 00:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv)
    DRV - [2009.06.29 00:36:36 | 000,017,920 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
    DRV - [2008.12.12 15:27:46 | 000,018,432 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\LG Soft India\forteManager\bin\PII2CDriver.sys -- (LGII2CDevice)
    DRV - [2008.12.12 15:27:46 | 000,014,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\LG Soft India\forteManager\bin\I2CDriver.sys -- (LGDDCDevice)
    DRV - [2008.01.19 05:55:22 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\irsir.sys -- (irsir)
    DRV - [2007.04.17 20:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\regi.sys -- (regi)
    DRV - [2004.05.14 11:37:10 | 000,032,896 | ---- | M] (NetGroup - Politecnico di Torino) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\npf.sys -- (NPF)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========



    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



    IE - HKU\S-1-5-21-3761315706-44459061-675875969-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com?o=15161&l=dis
    IE - HKU\S-1-5-21-3761315706-44459061-675875969-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fi.msn.com/?ocid=iehp
    IE - HKU\S-1-5-21-3761315706-44459061-675875969-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fi
    IE - HKU\S-1-5-21-3761315706-44459061-675875969-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 59 2D 93 5E EC 6D CA 01 [binary data]
    IE - HKU\S-1-5-21-3761315706-44459061-675875969-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    ========== FireFox ==========

    FF - prefs.js..browser.search.defaultengine: "Ask.com"
    FF - prefs.js..browser.search.defaultenginename: "Ask.com"
    FF - prefs.js..browser.search.defaultthis.engineName: "BS Player Customized Web Search"
    FF - prefs.js..browser.search.defaulturl: "http://www3.iamwired.net/websearch.php?src=tops&search="
    FF - prefs.js..browser.search.order.1: "Ask.com"
    FF - prefs.js..browser.search.selectedEngine: "Torrents.to"
    FF - prefs.js..browser.search.update: false
    FF - prefs.js..browser.search.useDBForOrder: true
    FF - prefs.js..browser.startup.homepage: "http://www.google.fi/"
    FF - prefs.js..extensions.enabledItems: {80155943-b083-a2cf-0350-54d3b1be1609}:4.6.6.4
    FF - prefs.js..keyword.URL: ""
    FF - prefs.js..network.proxy.no_proxies_on: "*.local"


    FF - HKLM\software\mozilla\Firefox\Extensions\\FFToolbar@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2010\bdaphffext\ [2010.03.06 10:33:01 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Firefox\Extensions\\litmus-ff@f-secure.com: C:\Program Files\Sonera\Sonera Tietoturva\NRS\litmus-ff@f-secure.com [2010.03.06 10:23:23 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.03.11 10:51:52 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.03.11 10:56:18 | 000,000,000 | ---D | M]

    [2009.12.23 03:15:53 | 000,000,000 | ---D | M] -- C:\Users\Sini\AppData\Roaming\mozilla\Extensions
    [2009.12.23 03:15:53 | 000,000,000 | ---D | M] -- C:\Users\Sini\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org
    [2010.03.11 17:24:40 | 000,000,000 | ---D | M] -- C:\Users\Sini\AppData\Roaming\mozilla\Firefox\Profiles\k20tmfqy.default\extensions
    [2010.01.23 17:01:58 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Sini\AppData\Roaming\mozilla\Firefox\Profiles\k20tmfqy.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
    [2009.12.24 14:49:06 | 000,000,000 | ---D | M] (Fasterfox) -- C:\Users\Sini\AppData\Roaming\mozilla\Firefox\Profiles\k20tmfqy.default\extensions\{c36177c0-224a-11da-8cd6-0800200c9a91}
    [2010.01.23 17:01:58 | 000,000,000 | ---D | M] (FoxTab) -- C:\Users\Sini\AppData\Roaming\mozilla\Firefox\Profiles\k20tmfqy.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
    [2010.01.27 23:30:56 | 000,000,000 | ---D | M] -- C:\Users\Sini\AppData\Roaming\mozilla\Firefox\Profiles\k20tmfqy.default\extensions\fsonlinescanner@f-secure.com
    [2010.01.23 17:01:58 | 000,000,000 | ---D | M] -- C:\Users\Sini\AppData\Roaming\mozilla\Firefox\Profiles\k20tmfqy.default\extensions\personas@christopher.beard
    [2010.03.11 17:18:44 | 000,002,257 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\Mozilla\FireFox\Profiles\k20tmfqy.default\searchplugins\askcom.xml
    [2009.12.24 20:57:14 | 000,002,367 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\Mozilla\FireFox\Profiles\k20tmfqy.default\searchplugins\photobucket.xml
    [2010.03.09 17:57:08 | 000,000,261 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\Mozilla\FireFox\Profiles\k20tmfqy.default\searchplugins\Search.xml
    [2009.12.02 18:49:43 | 000,000,897 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\Mozilla\FireFox\Profiles\k20tmfqy.default\searchplugins\torrentsto.xml
    [2010.01.22 19:04:02 | 000,001,713 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\Mozilla\FireFox\Profiles\k20tmfqy.default\searchplugins\youtube-video-search.xml
    [2010.03.11 17:19:18 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
    [2010.03.09 18:35:10 | 000,000,000 | ---D | M] (LoudMo Contextual Ad Assistant) -- C:\Program Files\Mozilla Firefox\extensions\{80155943-b083-a2cf-0350-54d3b1be1609}
    [2010.01.16 03:19:09 | 000,002,062 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bookplus-fi.xml
    [2010.01.16 03:19:09 | 000,001,069 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons-fi.xml
    [2010.01.16 03:19:09 | 000,002,677 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\huuto-fi.xml
    [2010.01.16 03:19:09 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fi.xml
    [2010.01.16 03:19:09 | 000,000,796 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-fi.xml

    O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
    O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
    O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    O2 - BHO: (Browsing Protection Class) - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files\Sonera\Sonera Tietoturva\NRS\iescript\BaseLitmus.dll (F-Secure Corporation)
    O2 - BHO: (gwprimawega) - {da9e5a55-a1a2-1b97-026f-b233372fee2e} - C:\Windows\System32\p0_aPIH.dll ()
    O3 - HKLM\..\Toolbar: (Browsing Protection Toolbar) - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files\Sonera\Sonera Tietoturva\NRS\iescript\BaseLitmus.dll (F-Secure Corporation)
    O3 - HKU\S-1-5-21-3761315706-44459061-675875969-1001\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
    O4 - HKLM..\Run: [CmPCIaudio] File not found
    O4 - HKLM..\Run: [F-Secure Manager] C:\Program Files\Sonera\Sonera Tietoturva\Common\FSM32.EXE (F-Secure Corporation)
    O4 - HKLM..\Run: [F-Secure TNB] C:\Program Files\Sonera\Sonera Tietoturva\FSGUI\TNBUtil.exe (F-Secure Corporation)
    O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
    O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
    O4 - HKU\.DEFAULT..\Run: [cbssreg] C:\Windows\TEMP\nytf.tmp\svchost.exe File not found
    O4 - HKU\S-1-5-18..\Run: [cbssreg] C:\Windows\TEMP\nytf.tmp\svchost.exe File not found
    O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe File not found
    O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe File not found
    O4 - HKU\S-1-5-21-3761315706-44459061-675875969-1001..\Run: [FileHippo.com] C:\Program Files\FileHippo.com\UpdateChecker.exe (FileHippo.com)
    O4 - HKU\S-1-5-21-3761315706-44459061-675875969-1001..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
    O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
    O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
    O4 - Startup: C:\Users\Sini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe (Lime Wire, LLC)
    O4 - Startup: C:\Users\Sini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\update.exe ()
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
    O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
    O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
    O13 - gopher Prefix: missing
    O15 - HKU\S-1-5-21-3761315706-44459061-675875969-1001\..Trusted Domains: corel.com ([]http in Trusted sites)
    O15 - HKU\S-1-5-21-3761315706-44459061-675875969-1001\..Trusted Domains: corel.com ([www] * in Trusted sites)
    O15 - HKU\S-1-5-21-3761315706-44459061-675875969-1001\..Trusted Domains: intervideo.com ([]http in Trusted sites)
    O15 - HKU\S-1-5-21-3761315706-44459061-675875969-1001\..Trusted Domains: intervideo.com ([www] * in Trusted sites)
    O16 - DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} http://srtest-cdn.systemrequirementslab.com.s3.amazonaws.com/bin/sysreqlabdetect.cab (Reg Error: Key error.)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
    O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
    O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15111/CTPID.cab (Creative Software AutoUpdate Support Package)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254
    O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
    O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O20 - HKU\S-1-5-21-3761315706-44459061-675875969-1001 Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20 - HKU\S-1-5-21-3761315706-44459061-675875969-1001 Winlogon: Shell - (C:\Users\Sini\AppData\Roaming\ufxw.exe) - C:\Users\Sini\AppData\Roaming\ufxw.exe File not found
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
    O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
    O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O33 - MountPoints2\I\Shell - "" = AutoRun
    O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\Autorun.exe -- File not found
    O33 - MountPoints2\J\Shell - "" = AutoRun
    O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\Autorun.exe -- File not found
    O33 - MountPoints2\K\Shell - "" = AutoRun
    O34 - HKLM BootExecute: (autocheck autochk /r \??\F:) - File not found
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O34 - HKLM BootExecute: (sasnative32) - File not found
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*

    ========== Files/Folders - Created Within 30 Days ==========

    [2010.03.11 17:47:34 | 000,554,496 | ---- | C] (OldTimer Tools) -- C:\Users\Sini\Desktop\OTL.exe
    [2010.03.10 16:49:11 | 000,000,000 | ---D | C] -- C:\Users\Sini\Tracing
    [2010.03.09 20:58:43 | 000,705,536 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\cohelper.dll
    [2010.03.09 19:14:02 | 002,622,496 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkHDMI.dll
    [2010.03.09 19:14:02 | 000,355,528 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32H.dll
    [2010.03.09 19:14:02 | 000,183,584 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RtHDMIV.sys
    [2010.03.09 19:14:02 | 000,073,928 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32H.dll
    [2010.03.09 19:14:01 | 000,168,648 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32H.dll
    [2010.03.09 19:14:01 | 000,062,664 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32H.dll
    [2010.03.09 19:14:00 | 001,640,480 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RHDMIExt.dll
    [2010.03.09 19:14:00 | 000,293,600 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RH3DHT32.dll
    [2010.03.09 19:14:00 | 000,293,600 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RH3DAA32.dll
    [2010.03.09 19:14:00 | 000,057,376 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RHCoInst.dll
    [2010.03.09 19:14:00 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
    [2010.03.09 19:13:52 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp
    [2010.03.09 19:11:56 | 000,000,000 | ---D | C] -- C:\SMU
    [2010.03.09 19:11:56 | 000,000,000 | ---D | C] -- C:\SMBUS
    [2010.03.09 19:11:54 | 000,000,000 | ---D | C] -- C:\IDE
    [2010.03.09 19:11:54 | 000,000,000 | ---D | C] -- C:\Ethernet
    [2010.03.09 17:27:11 | 000,000,000 | ---D | C] -- C:\Users\Sini\Documents\DriverGenius
    [2010.03.09 17:03:19 | 000,000,000 | ---D | C] -- C:\Program Files\Driver-Soft
    [2010.03.09 07:09:41 | 003,955,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
    [2010.03.09 07:09:41 | 003,899,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
    [2010.03.08 20:27:42 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
    [2010.03.08 17:22:58 | 000,000,000 | ---D | C] -- C:\Program Files\TrendMicro
    [2010.03.08 04:51:36 | 000,000,000 | ---D | C] -- C:\SDFix
    [2010.03.08 04:50:41 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
    [2010.03.08 04:47:05 | 000,000,000 | ---D | C] -- C:\Windows\Sun
    [2010.03.07 19:54:36 | 000,000,000 | ---D | C] -- C:\Users\Sini\AppData\Local\Stay Secure
    [2010.03.07 16:43:44 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
    [2010.03.07 16:37:07 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
    [2010.03.07 16:37:06 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
    [2010.03.07 16:37:06 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
    [2010.03.06 10:31:35 | 000,000,000 | -HSD | C] -- C:\Config.Msi
    [2010.03.06 10:24:13 | 000,035,680 | ---- | C] (F-Secure Corporation) -- C:\Windows\System32\drivers\fses.sys
    [2010.03.06 10:24:08 | 000,572,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcp50.dll
    [2010.03.06 10:24:08 | 000,071,040 | ---- | C] (F-Secure Corporation) -- C:\Windows\System32\drivers\fsdfw.sys
    [2010.03.06 09:46:08 | 000,000,000 | ---D | C] -- C:\Users\Sini\Documents\My Drivers
    [2010.03.05 13:33:38 | 000,000,000 | ---D | C] -- C:\Users\Sini\Documents\Adobe Scripts
    [2010.03.05 10:24:58 | 000,016,400 | ---- | C] (Logitech, Inc.) -- C:\Windows\System32\drivers\LNonPnP.sys
    [2010.03.05 10:24:41 | 001,581,072 | ---- | C] (Logitech, Inc.) -- C:\Windows\System32\LkmdfCoInst.dll
    [2010.03.05 10:24:41 | 000,052,240 | ---- | C] (Logitech, Inc.) -- C:\Windows\System32\LMouFiltCoInst.dll
    [2010.03.05 10:24:41 | 000,037,392 | ---- | C] (Logitech, Inc.) -- C:\Windows\System32\drivers\LMouFilt.Sys
    [2010.03.05 10:24:40 | 000,035,984 | ---- | C] (Logitech, Inc.) -- C:\Windows\System32\drivers\LHidFilt.Sys
    [2010.03.04 15:38:01 | 000,000,000 | ---D | C] -- C:\Program Files\The Sims Resource
    [2010.03.04 14:50:34 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
    [2010.03.04 14:40:01 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
    [2010.03.03 20:00:17 | 000,274,432 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\Oemdspif.dll
    [2010.03.03 20:00:17 | 000,100,352 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\drivers\AtiHdmi.sys
    [2010.03.03 20:00:17 | 000,050,176 | ---- | C] (AMD) -- C:\Windows\System32\coinst.dll
    [2010.03.03 20:00:17 | 000,027,136 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiuxpag.dll
    [2010.03.03 20:00:16 | 000,020,480 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiu9pag.dll
    [2010.03.03 20:00:15 | 000,356,352 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\atipdlxx.dll
    [2010.03.03 20:00:15 | 000,159,744 | ---- | C] (AMD) -- C:\Windows\System32\atitmmxx.dll
    [2010.03.03 20:00:12 | 014,147,072 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atioglxx.dll
    [2010.03.03 20:00:07 | 005,313,536 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\atipmdag.sys
    [2010.03.03 20:00:07 | 005,313,536 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\atikmdag.sys
    [2010.03.03 20:00:07 | 000,150,016 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\drivers\atikmpag.sys
    [2010.03.03 20:00:07 | 000,052,224 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atimpc32.dll
    [2010.03.03 20:00:07 | 000,052,224 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\amdpcom32.dll
    [2010.03.03 20:00:07 | 000,011,776 | ---- | C] (AMD) -- C:\Windows\System32\atimuixx.dll
    [2010.03.03 20:00:06 | 000,446,464 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIDEMGX.dll
    [2010.03.03 20:00:06 | 000,014,848 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atigktxx.dll
    [2010.03.03 20:00:06 | 000,012,800 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiglpxx.dll
    [2010.03.03 20:00:05 | 003,649,536 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticaldd.dll
    [2010.03.03 20:00:05 | 000,426,496 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\System32\aticfx32.dll
    [2010.03.03 20:00:05 | 000,143,360 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiapfxx.exe
    [2010.03.03 20:00:05 | 000,053,248 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalrt.dll
    [2010.03.03 20:00:05 | 000,053,248 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalcl.dll
    [2010.03.03 20:00:04 | 000,053,248 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\ati2erec.dll
    [2010.03.03 20:00:04 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\ati2edxx.dll
    [2010.03.03 12:59:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Protexis
    [2010.03.03 12:58:53 | 000,000,000 | ---D | C] -- C:\Program Files\Corel
    [2010.03.03 11:22:44 | 000,000,000 | ---D | C] -- C:\KU990
    [2010.03.03 11:19:08 | 000,000,000 | ---D | C] -- C:\LG_USB
    [2010.03.03 11:15:35 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml4a.dll
    [2010.03.03 11:15:16 | 000,000,000 | ---D | C] -- C:\ProgramData\LGMOBILEAX
    [2010.03.03 10:34:51 | 000,055,824 | ---- | C] (Logitech, Inc.) -- C:\Windows\KHALMNPR.Exe
    [2010.03.03 10:18:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
    [2010.03.03 10:05:37 | 000,030,024 | ---- | C] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll
    [2010.03.03 10:05:37 | 000,021,320 | ---- | C] (TuneUp Software) -- C:\Windows\System32\authuitu.dll
    [2010.03.03 10:01:40 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
    [2010.03.03 10:01:37 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
    [2010.03.03 10:01:37 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
    [2010.03.03 10:01:37 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
    [2010.03.03 10:01:33 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll
    [2010.03.03 10:01:33 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
    [2010.03.03 10:01:33 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll
    [2010.03.03 10:01:33 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
    [2010.03.03 10:01:31 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
    [2010.03.03 10:01:31 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
    [2010.03.03 10:01:31 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
    [2010.03.03 10:01:31 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
    [2010.03.03 10:01:31 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
    [2010.03.03 10:01:31 | 000,277,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
    [2010.03.03 10:01:31 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
    [2010.03.03 10:01:31 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
    [2010.03.03 10:01:29 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
    [2010.02.09 23:30:57 | 000,000,000 | ---D | C] -- C:\Users\Sini\AppData\Roaming\InstallShield
    [2010.02.09 23:23:07 | 000,000,000 | -H-D | C] -- C:\LG3G
    [2010.02.09 23:20:23 | 000,000,000 | ---D | C] -- C:\lgupload
    [2010.02.09 23:00:14 | 000,024,960 | ---- | C] (LG Electronics Inc.) -- C:\Windows\System32\drivers\lgusbmodem.sys
    [2010.02.09 23:00:14 | 000,020,864 | ---- | C] (LG Electronics Inc.) -- C:\Windows\System32\drivers\lgusbdiag.sys
    [2010.02.09 23:00:14 | 000,013,056 | ---- | C] (LG Electronics Inc.) -- C:\Windows\System32\drivers\lgusbbus.sys
    [2010.02.09 23:00:13 | 000,000,000 | ---D | C] -- C:\Program Files\LG Electronics
    [2010.02.09 22:58:49 | 000,000,000 | ---D | C] -- C:\Program Files\LG PC Suite 2
    [2010.02.09 22:05:04 | 000,000,000 | ---D | C] -- C:\Windows\pss
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2010.03.11 17:51:09 | 003,670,016 | ---- | M] () -- C:\Users\Sini\ntuser.dat
    [2010.03.11 17:47:34 | 000,554,496 | ---- | M] (OldTimer Tools) -- C:\Users\Sini\Desktop\OTL.exe
    [2010.03.11 17:32:18 | 000,014,608 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2010.03.11 17:32:18 | 000,014,608 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2010.03.11 17:22:50 | 000,000,975 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
    [2010.03.11 10:53:23 | 000,001,815 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk
    [2010.03.11 10:06:52 | 000,000,574 | ---- | M] () -- C:\Windows\tasks\Scheduled scanning task.job
    [2010.03.11 10:06:24 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
    [2010.03.11 10:06:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2010.03.10 23:48:17 | 001,144,078 | -H-- | M] () -- C:\Users\Sini\AppData\Local\IconCache.db
    [2010.03.10 18:33:27 | 000,000,466 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_021.cplist
    [2010.03.10 18:33:24 | 000,002,516 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys
    [2010.03.10 18:27:55 | 000,000,466 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_020.cplist
    [2010.03.10 17:18:06 | 000,000,480 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_019.cplist
    [2010.03.10 17:07:51 | 000,000,466 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_018.cplist
    [2010.03.10 16:48:16 | 000,000,522 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_017.cplist
    [2010.03.10 16:39:45 | 437,169,378 | ---- | M] () -- C:\Windows\MEMORY.DMP
    [2010.03.10 16:16:42 | 000,021,584 | ---- | M] () -- C:\Windows\System32\drivers\atapi.sys
    [2010.03.09 21:01:02 | 001,243,400 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
    [2010.03.09 21:01:02 | 000,616,736 | ---- | M] () -- C:\Windows\System32\perfh009.dat
    [2010.03.09 21:01:02 | 000,442,586 | ---- | M] () -- C:\Windows\System32\perfh00B.dat
    [2010.03.09 21:01:02 | 000,107,828 | ---- | M] () -- C:\Windows\System32\perfc009.dat
    [2010.03.09 21:01:02 | 000,083,000 | ---- | M] () -- C:\Windows\System32\perfc00B.dat
    [2010.03.09 19:14:17 | 000,000,246 | ---- | M] () -- C:\Windows\Cmicnfg3.ini.cfl
    [2010.03.09 19:14:17 | 000,000,168 | ---- | M] () -- C:\Windows\Cmicnfg3.ini.imi
    [2010.03.09 19:14:17 | 000,000,136 | ---- | M] () -- C:\Windows\System\Dlap.pfx
    [2010.03.09 19:13:35 | 000,000,107 | ---- | M] () -- C:\Windows\System\Cmicnfg3.ini
    [2010.03.09 18:35:11 | 000,118,375 | ---- | M] () -- C:\Windows\System32\MSF_RIUNyS3.exe
    [2010.03.09 17:58:41 | 002,760,844 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\update.exe
    [2010.03.08 23:34:07 | 000,196,608 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
    [2010.03.08 23:33:56 | 000,524,288 | -HS- | M] () -- C:\Users\Sini\ntuser.dat{d4828c67-2ac3-11df-9e1b-001966bb5e2b}.TMContainer00000000000000000002.regtrans-ms
    [2010.03.08 23:33:56 | 000,524,288 | -HS- | M] () -- C:\Users\Sini\ntuser.dat{d4828c67-2ac3-11df-9e1b-001966bb5e2b}.TMContainer00000000000000000001.regtrans-ms
    [2010.03.08 23:33:56 | 000,065,536 | -HS- | M] () -- C:\Users\Sini\ntuser.dat{d4828c67-2ac3-11df-9e1b-001966bb5e2b}.TM.blf
    [2010.03.07 20:12:07 | 000,000,514 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_016.cplist
    [2010.03.07 20:11:41 | 000,000,498 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_015.cplist
    [2010.03.07 19:54:33 | 000,000,562 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_014.cplist
    [2010.03.07 16:18:57 | 000,000,466 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_013.cplist
    [2010.03.07 15:15:38 | 000,000,490 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_012.cplist
    [2010.03.07 10:49:53 | 000,000,486 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_011.cplist
    [2010.03.07 10:49:13 | 000,000,514 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_010.cplist
    [2010.03.06 22:12:01 | 000,000,582 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_009.cplist
    [2010.03.06 22:10:45 | 000,000,452 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_008.cplist
    [2010.03.06 22:09:53 | 000,000,582 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_007.cplist
    [2010.03.06 22:08:50 | 000,000,510 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_006.cplist
    [2010.03.06 20:32:44 | 000,000,498 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_005.cplist
    [2010.03.06 18:00:35 | 000,000,564 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_004.cplist
    [2010.03.06 13:05:40 | 000,000,522 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_003.cplist
    [2010.03.06 10:44:37 | 000,016,400 | ---- | M] (Logitech, Inc.) -- C:\Windows\System32\drivers\LNonPnP.sys
    [2010.03.06 10:37:16 | 000,033,920 | ---- | M] () -- C:\Windows\System32\drivers\fsbts.sys
    [2010.03.06 10:31:37 | 000,000,052 | ---- | M] () -- C:\Windows\System32\ashttpstats.csv
    [2010.03.05 17:29:59 | 000,000,496 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_002.cplist
    [2010.03.05 17:07:49 | 000,000,562 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_001.cplist
    [2010.03.04 10:06:23 | 002,353,664 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\phar_unmip.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\phar_histprot.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_video.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_webproxy.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_tabloids.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_socialnetworks.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_searchengines.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_regionaltlds.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_pornography.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_onlineshop.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_onlinepay.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_onlinedating.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_news.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_im.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_illegal.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_hate.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_games.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_gambling.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_drugs.dat
    [2010.03.03 12:59:57 | 000,115,248 | ---- | M] () -- C:\Users\Sini\AppData\Local\GDIPFONTCACHEV1.DAT
    [2010.03.03 12:06:44 | 000,000,025 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\bdfvconp.ini
    [2010.03.03 11:15:58 | 000,002,412 | ---- | M] () -- C:\Windows\System32\lgAxconfig.ini
    [2010.03.03 10:42:16 | 000,000,132 | ---- | M] () -- C:\Windows\System32\rezumatenoi.dat
    [2010.03.03 10:38:08 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
    [2010.03.03 10:18:28 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcp71.dll
    [2010.03.03 10:18:28 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcr71.dll
    [2010.03.03 09:58:58 | 000,008,284 | ---- | M] () -- C:\Windows\System32\eps_icon.avi
    [2010.02.25 12:03:02 | 000,030,536 | ---- | M] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe
    [2010.02.25 11:56:16 | 000,021,320 | ---- | M] (TuneUp Software) -- C:\Windows\System32\authuitu.dll
    [2010.02.25 11:56:02 | 000,030,024 | ---- | M] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll
    [2010.02.24 09:16:06 | 000,181,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
    [2010.02.20 17:07:24 | 000,278,984 | ---- | M] () -- C:\Windows\System32\drivers\atksgt.sys
    [2010.02.20 17:06:41 | 000,025,416 | ---- | M] () -- C:\Windows\System32\drivers\lirsgt.sys
    [2010.02.18 13:42:24 | 001,290,240 | ---- | M] () -- C:\Windows\System32\p0_aPIH.dll
    [2010.02.11 09:10:14 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2010.03.11 17:22:50 | 000,000,975 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
    [2010.03.11 10:53:23 | 000,001,815 | ---- | C] () -- C:\Users\Sini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk
    [2010.03.10 18:33:27 | 000,000,466 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_021.cplist
    [2010.03.10 18:27:55 | 000,000,466 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_020.cplist
    [2010.03.10 17:14:46 | 000,000,480 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_019.cplist
    [2010.03.10 17:07:51 | 000,000,466 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_018.cplist
    [2010.03.10 16:48:16 | 000,000,522 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_017.cplist
    [2010.03.09 23:08:45 | 437,169,378 | ---- | C] () -- C:\Windows\MEMORY.DMP
    [2010.03.09 20:58:43 | 000,006,136 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
    [2010.03.09 17:58:09 | 002,760,844 | ---- | C] () -- C:\Users\Sini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\update.exe
    [2010.03.09 17:57:01 | 000,118,375 | ---- | C] () -- C:\Windows\System32\MSF_RIUNyS3.exe
    [2010.03.08 17:34:09 | 000,524,288 | -HS- | C] () -- C:\Users\Sini\ntuser.dat{d4828c67-2ac3-11df-9e1b-001966bb5e2b}.TMContainer00000000000000000002.regtrans-ms
    [2010.03.08 17:34:09 | 000,524,288 | -HS- | C] () -- C:\Users\Sini\ntuser.dat{d4828c67-2ac3-11df-9e1b-001966bb5e2b}.TMContainer00000000000000000001.regtrans-ms
    [2010.03.08 17:34:09 | 000,065,536 | -HS- | C] () -- C:\Users\Sini\ntuser.dat{d4828c67-2ac3-11df-9e1b-001966bb5e2b}.TM.blf
    [2010.03.07 20:12:07 | 000,000,514 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_016.cplist
    [2010.03.07 20:11:41 | 000,000,498 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_015.cplist
    [2010.03.07 19:54:33 | 000,000,562 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_014.cplist
    [2010.03.07 15:16:36 | 000,000,466 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_013.cplist
    [2010.03.07 15:15:38 | 000,000,490 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_012.cplist
    [2010.03.07 10:49:53 | 000,000,486 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_011.cplist
    [2010.03.07 10:49:13 | 000,000,514 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_010.cplist
    [2010.03.06 22:12:01 | 000,000,582 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_009.cplist
    [2010.03.06 22:10:45 | 000,000,452 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_008.cplist
    [2010.03.06 22:09:53 | 000,000,582 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_007.cplist
    [2010.03.06 22:08:50 | 000,000,510 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_006.cplist
    [2010.03.06 20:32:44 | 000,000,498 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_005.cplist
    [2010.03.06 18:00:35 | 000,000,564 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_004.cplist
    [2010.03.06 13:05:40 | 000,000,522 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_003.cplist
    [2010.03.06 10:40:52 | 000,000,574 | ---- | C] () -- C:\Windows\tasks\Scheduled scanning task.job
    [2010.03.06 10:24:39 | 000,033,920 | ---- | C] () -- C:\Windows\System32\drivers\fsbts.sys
    [2010.03.05 17:29:59 | 000,000,496 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_002.cplist
    [2010.03.05 17:07:49 | 000,000,562 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_001.cplist
    [2010.03.05 10:32:29 | 000,000,052 | ---- | C] () -- C:\Windows\System32\ashttpstats.csv
    [2010.03.03 20:00:16 | 000,491,104 | ---- | C] () -- C:\Windows\System32\atiumdva.cap
    [2010.03.03 20:00:15 | 000,001,035 | ---- | C] () -- C:\Windows\System32\atipblag.dat
    [2010.03.03 20:00:08 | 000,020,274 | ---- | C] () -- C:\Windows\atiogl.xml
    [2010.03.03 20:00:06 | 000,198,341 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
    [2010.03.03 20:00:05 | 000,031,240 | ---- | C] () -- C:\Windows\System32\atiapfxx.blb
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\phar_unmip.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\phar_histprot.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_video.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_webproxy.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_tabloids.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_socialnetworks.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_searchengines.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_regionaltlds.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_pornography.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_onlineshop.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_onlinepay.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_onlinedating.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_news.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_im.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_illegal.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_hate.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_games.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_gambling.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_drugs.dat
    [2010.03.03 12:06:44 | 000,000,025 | ---- | C] () -- C:\Users\Sini\AppData\Roaming\bdfvconp.ini
    [2010.03.03 11:15:35 | 000,053,248 | ---- | C] () -- C:\Windows\System32\CommonDL.dll
    [2010.03.03 11:15:35 | 000,002,412 | ---- | C] () -- C:\Windows\System32\lgAxconfig.ini
    [2010.03.03 10:38:08 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
    [2010.02.20 17:06:42 | 000,278,984 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
    [2010.02.20 17:06:41 | 000,025,416 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
    [2010.02.18 13:42:24 | 001,290,240 | ---- | C] () -- C:\Windows\System32\p0_aPIH.dll
    [2010.01.20 21:29:05 | 000,000,008 | RHS- | C] () -- C:\ProgramData\DA2827B44C.sys
    [2010.01.20 21:29:04 | 000,002,516 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
    [2010.01.03 21:04:37 | 000,722,416 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
    [2009.12.26 18:13:11 | 000,151,552 | ---- | C] () -- C:\Windows\System32\nvRegDev.dll
    [2009.12.18 20:29:26 | 000,237,568 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
    [2009.12.18 19:47:12 | 000,026,112 | ---- | C] () -- C:\Users\Sini\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2009.12.03 18:49:16 | 000,007,605 | ---- | C] () -- C:\Users\Sini\AppData\Local\Resmon.ResmonCfg
    [2009.12.01 19:03:03 | 000,003,733 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
    [2009.11.26 22:38:15 | 000,008,704 | ---- | C] () -- C:\Windows\System32\CNMVS7I.DLL
    [2009.11.26 17:11:39 | 000,000,246 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.cfl
    [2009.11.26 17:10:57 | 000,303,104 | ---- | C] () -- C:\Windows\System32\CmiInstallResAll.dll
    [2009.11.26 17:10:57 | 000,002,123 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.cfg
    [2009.11.26 17:10:57 | 000,000,168 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.imi
    [2009.11.26 17:10:56 | 000,002,754 | ---- | C] () -- C:\Windows\cmudax3.ini
    [2009.11.25 22:39:58 | 000,000,266 | ---- | C] () -- C:\Windows\lgfwup.ini
    [2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
    [2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
    [2009.07.14 01:11:15 | 000,021,584 | ---- | C] () -- C:\Windows\System32\drivers\atapi.sys
    [2009.06.19 20:06:22 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
    [2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
    [2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
    [2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
    [2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
    [2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
    [2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
    [2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
    [2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
    [2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
    [2006.10.11 05:33:58 | 000,010,288 | ---- | C] () -- C:\Windows\System32\drivers\ASUSHWIO.SYS
    [2005.02.25 06:15:00 | 000,159,744 | ---- | C] () -- C:\Windows\System32\EPSPTDV.DLL
    [2004.01.15 07:01:26 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll
    < End of report >



    OTL Extras logfile created on: 11.3.2010 17:49:46 - Run 1
    OTL by OldTimer - Version 3.1.36.1 Folder = C:\Users\Sini\Desktop
    Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.7600.16385)
    Locale: 0000040b | Country: Suomi | Language: FIN | Date Format: d.M.yyyy

    3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 68,00% Memory free
    7,00 Gb Paging File | 6,00 Gb Available in Paging File | 83,00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 931,51 Gb Total Space | 732,06 Gb Free Space | 78,59% Space Free | Partition Type: NTFS
    D: Drive not present or media not loaded
    E: Drive not present or media not loaded
    F: Drive not present or media not loaded
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded

    Computer Name: SINI-PC
    Current User Name: Sini
    Logged in as Administrator.

    Current Boot Mode: Normal
    Scan Mode: All users
    Company Name Whitelist: Off
    Skip Microsoft Files: Off
    File Age = 30 Days
    Output = Standard

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
    .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

    [HKEY_USERS\S-1-5-21-3761315706-44459061-675875969-1001\SOFTWARE\Classes\<extension>]
    .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

    ========== Shell Spawning ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
    htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
    htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = Reg Error: Unknown registry data type -- File not found
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    ========== Authorized Applications List ==========


    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
    "{022F6097-A053-4B1B-BE50-3AADE4116B92}" = Opera 10.50
    "{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
    "{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
    "{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
    "{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
    "{0BB72566-0D4C-7200-2CE7-02F298B49C88}" = CCC Help English
    "{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
    "{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
    "{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
    "{110AD51E-D0E0-49B1-52FD-291373BA62EA}" = Catalyst Control Center Graphics Full New
    "{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
    "{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
    "{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
    "{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
    "{1B2DBF55-05D4-4072-87D8-689141E262BD}" = Creative ZEN
    "{1E99F5D7-4262-4C7C-9135-F066E7485811}" = System Requirements Lab
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{20071984-5EB1-4881-8EDB-082532ACEC6D}" = Heroes of Might and Magic V
    "{20140000-000F-0000-0000-0000000FF1CE}" = Microsoft Office Mondo 2010 (Beta)
    "{20140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010 (Beta)
    "{20140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010 (Beta)
    "{20140000-0017-0409-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (English) 2010 (Beta)
    "{20140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010 (Beta)
    "{20140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010 (Beta)
    "{20140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010 (Beta)
    "{20140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010 (Beta)
    "{20140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 (Beta)
    "{20140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 (Beta)
    "{20140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010 (Beta)
    "{20140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010 (Beta)
    "{20140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010 (Beta)
    "{20140000-0054-0409-0000-0000000FF1CE}" = Microsoft Office Visio MUI (English) 2010 (Beta)
    "{20140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010 (Beta)
    "{20140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010 (Beta)
    "{20140000-00B4-0409-0000-0000000FF1CE}" = Microsoft Office Project MUI (English) 2010 (Beta)
    "{20140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010 (Beta)
    "{20140000-0102-0409-0000-0000000FF1CE}" = Microsoft Office MondoOnly MUI (English) 2010 (Beta)
    "{20140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010 (Beta)
    "{20140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010 (Beta)
    "{20140000-011A-0000-0000-0000000FF1CE}" = Microsoft Office Send-a-Smile
    "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Liven lataustyökalu
    "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
    "{23F79416-CAD1-41BF-99A3-040F6C814AAA}" = NVIDIA Photoshop Plug-ins
    "{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
    "{31557F4F-7D10-D32E-4B70-237A09FCC31B}" = Catalyst Control Center Graphics Previews Common
    "{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
    "{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
    "{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
    "{3C175604-F026-5D79-BBD8-F626AE10B3EF}" = Catalyst Control Center Graphics Full Existing
    "{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
    "{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Autodesk Backburner 2008.1
    "{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
    "{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
    "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
    "{4442AB48-DEC4-4B39-B067-1F75BF8017E7}" = Creative Centrale
    "{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{513148E7-B7A1-48B2-B518-668701E546F5}" = LightScribe System Software 1.14.19.1
    "{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
    "{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
    "{5C1F18D2-F6B7-4242-B803-B5A78648185D}" = Corel WinDVD 2010
    "{5DB65884-C963-4454-AABA-4CA3089281FA}" = NVIDIA PhysX
    "{6179550A-3E7C-499E-BCC9-9E8113E0A285}" = LG Tool Kit
    "{62C2067E-5851-BD4C-98E0-5C4D5E155A5B}" = Catalyst Control Center Core Implementation
    "{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
    "{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
    "{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
    "{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
    "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
    "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
    "{72736F5F-520D-472A-88CC-7B02872FD34E}" = ATI Catalyst Registration
    "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
    "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    "{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
    "{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
    "{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
    "{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
    "{85EB1E72-4FAA-40E4-A511-DF3A9A0A4CA8}" = Windows Live Messenger
    "{86604C06-DA30-425E-AECE-47304FE81C45}" = Creative Software Update
    "{87BB78C4-F36D-4D93-A7C7-F80F18219848}" = AMD DnD V1.0.19
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
    "{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
    "{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
    "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{993960EE-CA4D-443F-8F88-E24260DD5FD2}" = LG PC Suite
    "{998152E5-B605-4BBB-9853-E749AEE02B21}" = Windows Liven kirjautumisavustaja
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{9C87F6BB-75E4-4F35-8353-F5E295264E98}" = Windows Live Call
    "{9D669429-A2E4-4793-B7A0-283D259F39AF}" = Adobe Photoshop Lightroom 2.5
    "{9E1BAB75-EB78-440D-94C0-A3857BE2E733}" = System Requirements Lab
    "{A292C05C-840A-9D47-5350-EF39ECC7629E}" = Catalyst Control Center HydraVision Full
    "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
    "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
    "{A666A477-4C02-415E-9F31-3541FC0CD6B5}" = SipdxDLL
    "{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
    "{AA2BCB44-B44F-445A-A80C-E6C50218940C}" = Windows Liven asennustyökalu
    "{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
    "{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.1
    "{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
    "{AD17676C-5065-E427-130B-21CE713F93E7}" = Catalyst Control Center Graphics Light
    "{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
    "{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
    "{B970700B-E49F-ECEF-4ADB-0F3E1AFEDE91}" = ccc-core-static
    "{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
    "{BC1FFF14-C10D-7087-C43A-4A8ECC9C98C4}" = ATI Catalyst Install Manager
    "{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
    "{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem Driver
    "{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
    "{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
    "{CF23AFD7-3078-4134-8823-EBF6D1FE6FAD}" = Canon MP450
    "{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
    "{D5395E5F-4D45-4665-8F00-234FA33678AF}" = SlimDX Redistributable (March 2009)
    "{DA6FAB8D-E87A-4E8E-A3D3-B7B9F479C725}" = forteManager
    "{E2E7A0E8-77C4-495F-8FA3-63DAEDAA2DB3}" = F-Secure PSC Prerequisites
    "{E2F29FCA-126F-48DF-A9B5-BEBE8F0F1610}" = CreativeSetup
    "{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
    "{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
    "{E542E630-8BB7-4C28-B8EB-0BAD2B201C65}" = Audio Track Editor
    "{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
    "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
    "{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
    "{F439D7AF-03F3-4F8E-AEC4-571BFE977C61}" = iTunes
    "{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
    "{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
    "{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
    "{F9726DDC-D7B5-BF1F-5626-EA467FEEBC52}" = ccc-utility
    "{F9F13FEA-D51E-A1C3-4EDC-D04A91B62C93}" = Catalyst Control Center Graphics Previews Vista
    "{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
    "{FE3997D3-6B56-4AC4-A99C-9DDFC45359BF}" = TuneUp Utilities Language Pack (en-US)
    "Adobe AIR" = Adobe AIR
    "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
    "Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
    "ADSL Router Utility" = ADSL Router Utility
    "Akamai" = Akamai NetSession Interface
    "CCleaner" = CCleaner
    "C-Media PCI Audio Driver" = C-Media PCI Audio Device
    "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
    "Creative Centrale" = Creative Centrale
    "Creative Software AutoUpdate" = Creative Software AutoUpdate
    "Defraggler" = Defraggler
    "Driver Genius Professional Edition_is1" = Driver Genius Professional Edition
    "EADM" = EA Download Manager
    "FileHippo.com" = FileHippo.com Update Checker
    "F-Secure Product 444" = Sonera Tietoturva
    "HijackThis" = HijackThis 2.0.2
    "InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
    "LastFM_is1" = Last.fm 1.5.4.24567
    "LimeWire" = LimeWire 5.5.5
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
    "Mozilla Firefox (3.6)" = Mozilla Firefox (3.6)
    "MSF_RIUNyS3" = LoudMo Contextual Ad Assistant
    "NVIDIA Drivers" = NVIDIA Drivers
    "Office14.MONDO" = Microsoft Office Mondo 2010
    "PowerISO" = PowerISO
    "Sonera Internet Avustaja_is1" = Sonera Internet Avustaja
    "Spotify" = Spotify
    "SysInfo" = Creative System Information
    "TS3 Install Helper Monkey" = TS3 Install Helper Monkey
    "TuneUp Utilities" = TuneUp Utilities
    "Uninstall_is1" = Uninstall 1.0.0.1
    "uTorrent" = µTorrent
    "WinLiveSuite_Wave3" = Windows Liven asennustyökalu
    "WinPcapInst" = WinPcap 3.1 beta3
    "WinRAR archiver" = WinRAR archiver
    "VLC media player" = VLC media player 1.0.3

    ========== Last 10 Event Log Errors ==========

    [ Application Events ]
    Error - 10.3.2010 10:40:05 | Computer Name = Sini-PC | Source = FSecure-FSecure-F-Secure DeepGuard | ID = 103
    Description = 1 2010-03-10 16:40:05+03:00 SINI-PC SYSTEM F-Secure DeepGuard

    DeepGuard configuration was rejected. Old configuration will be used if possible.

    Error code: DAAS reject

    Error - 10.3.2010 10:52:02 | Computer Name = Sini-PC | Source = FSecure-FSecure-F-Secure DeepGuard | ID = 103
    Description = 1 2010-03-10 16:52:02+03:00 SINI-PC SYSTEM F-Secure DeepGuard

    DeepGuard configuration was rejected. Old configuration will be used if possible.

    Error code: DAAS reject

    Error - 10.3.2010 14:39:39 | Computer Name = Sini-PC | Source = Application Error | ID = 1000
    Description = Viallisen sovelluksen nimi: IEXPLORE.EXE, versio: 8.0.7600.16385,
    aikaleima: 0x4a5bc69e Viallisen moduulin nimi: ntdll.dll, versio: 6.1.7600.16385,
    aikaleima: 0x4a5bdadb Poikkeuskoodi: 0xc0000005 Virhepoikkeama: 0x00046b90 Viallisen
    prosessin tunnus: 0xee8 Viallisen sovelluksen käynnistysaika: 0x01cac080c4a06724
    Viallisen
    sovelluksen polku: C:\Program Files\Internet Explorer\IEXPLORE.EXE Viallisen moduulin
    polku: C:\Windows\SYSTEM32\ntdll.dll Raportin tunnus: 4873d423-2c74-11df-a210-001966bb5e2b

    Error - 10.3.2010 15:02:09 | Computer Name = Sini-PC | Source = Application Error | ID = 1000
    Description = Viallisen sovelluksen nimi: iexplore.exe, versio: 8.0.7600.16385,
    aikaleima: 0x4a5bc69e Viallisen moduulin nimi: ntdll.dll, versio: 6.1.7600.16385,
    aikaleima: 0x4a5bdadb Poikkeuskoodi: 0xc0000005 Virhepoikkeama: 0x00046b90 Viallisen
    prosessin tunnus: 0xdd0 Viallisen sovelluksen käynnistysaika: 0x01cac0841fbdf149
    Viallisen
    sovelluksen polku: C:\Program Files\Internet Explorer\iexplore.exe Viallisen moduulin
    polku: C:\Windows\SYSTEM32\ntdll.dll Raportin tunnus: 6cfac2e4-2c77-11df-a210-001966bb5e2b

    Error - 10.3.2010 15:20:08 | Computer Name = Sini-PC | Source = Application Error | ID = 1000
    Description = Viallisen sovelluksen nimi: iexplore.exe, versio: 8.0.7600.16385,
    aikaleima: 0x4a5bc69e Viallisen moduulin nimi: ntdll.dll, versio: 6.1.7600.16385,
    aikaleima: 0x4a5bdadb Poikkeuskoodi: 0xc0000005 Virhepoikkeama: 0x00046b90 Viallisen
    prosessin tunnus: 0xecc Viallisen sovelluksen käynnistysaika: 0x01cac0869d47617f
    Viallisen
    sovelluksen polku: C:\Program Files\Internet Explorer\iexplore.exe Viallisen moduulin
    polku: C:\Windows\SYSTEM32\ntdll.dll Raportin tunnus: f03d4823-2c79-11df-a210-001966bb5e2b

    Error - 10.3.2010 16:04:02 | Computer Name = Sini-PC | Source = Application Error | ID = 1000
    Description = Viallisen sovelluksen nimi: iexplore.exe, versio: 8.0.7600.16385,
    aikaleima: 0x4a5bc69e Viallisen moduulin nimi: ntdll.dll, versio: 6.1.7600.16385,
    aikaleima: 0x4a5bdadb Poikkeuskoodi: 0xc0000005 Virhepoikkeama: 0x00046b90 Viallisen
    prosessin tunnus: 0x1214 Viallisen sovelluksen käynnistysaika: 0x01cac08cbde8fc58
    Viallisen
    sovelluksen polku: C:\Program Files\Internet Explorer\iexplore.exe Viallisen moduulin
    polku: C:\Windows\SYSTEM32\ntdll.dll Raportin tunnus: 11dd8c29-2c80-11df-a210-001966bb5e2b

    Error - 11.3.2010 4:06:42 | Computer Name = Sini-PC | Source = FSecure-FSecure-F-Secure DeepGuard | ID = 103
    Description = 1 2010-03-11 10:06:42+03:00 SINI-PC SYSTEM F-Secure DeepGuard

    DeepGuard configuration was rejected. Old configuration will be used if possible.

    Error code: DAAS reject

    Error - 11.3.2010 5:16:36 | Computer Name = Sini-PC | Source = SideBySide | ID = 16842815
    Description = Aktivointikontekstin luonti epäonnistui (c:\Program Files\Common Files\Adobe
    AIR\Versions\1.0\Adobe AIR.dll). Virhe luettelo- tai käytäntötiedoston c:\Program
    Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll rivillä 3. Määritteen version
    arvo (MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR) ei kelpaa
    elementissä assemblyIdentity.

    Error - 11.3.2010 11:24:57 | Computer Name = Sini-PC | Source = FSecure-FSecure-F-Secure Anti-Virus | ID = 103
    Description = 2 2010-03-11 17:24:56+03:00 SINI-PC Sini-PC\Sini F-Secure Anti-Virus

    Malicious code found in file C:\Windows\System32\sshnas21.dll. Infection: Trojan.Generic.3313565


    Error - 11.3.2010 11:46:26 | Computer Name = Sini-PC | Source = Application Error | ID = 1000
    Description = Viallisen sovelluksen nimi: mbam.exe, versio: 1.44.0.0, aikaleima:
    0x4b46461a Viallisen moduulin nimi: ntdll.dll, versio: 6.1.7600.16385, aikaleima:
    0x4a5bdadb Poikkeuskoodi: 0xc0000005 Virhepoikkeama: 0x0005c74a Viallisen prosessin
    tunnus: 0x6a0 Viallisen sovelluksen käynnistysaika: 0x01cac12ecd93b5f4 Viallisen
    sovelluksen polku: C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe Viallisen
    moduulin polku: C:\Windows\SYSTEM32\ntdll.dll Raportin tunnus: 3fd4557a-2d25-11df-99ba-001966bb5e2b

    [ Media Center Events ]
    Error - 19.2.2010 7:06:41 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
    Description = 13:06:39 - Virhe muodostettaessa Internet-yhteyttä. 13:06:40 -
    Yhteyden muodostaminen palvelimeen ei onnistu..

    Error - 19.2.2010 7:11:14 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
    Description = 13:07:14 - Virhe muodostettaessa Internet-yhteyttä. 13:07:14 -
    Yhteyden muodostaminen palvelimeen ei onnistu..

    Error - 20.2.2010 10:48:31 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
    Description = 16:48:31 - Virhe muodostettaessa Internet-yhteyttä. 16:48:31 -
    Yhteyden muodostaminen palvelimeen ei onnistu..

    Error - 20.2.2010 10:49:04 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
    Description = 16:49:01 - Virhe muodostettaessa Internet-yhteyttä. 16:49:01 -
    Yhteyden muodostaminen palvelimeen ei onnistu..

    Error - 21.2.2010 11:00:55 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
    Description = 17:00:55 - Virhe muodostettaessa Internet-yhteyttä. 17:00:55 -
    Yhteyden muodostaminen palvelimeen ei onnistu..

    Error - 21.2.2010 11:01:04 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
    Description = 17:01:00 - Virhe muodostettaessa Internet-yhteyttä. 17:01:00 -
    Yhteyden muodostaminen palvelimeen ei onnistu..

    Error - 23.2.2010 1:22:28 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
    Description = 7:22:28 - Virhe muodostettaessa Internet-yhteyttä. 7:22:28 - Yhteyden
    muodostaminen palvelimeen ei onnistu..

    Error - 23.2.2010 1:22:38 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
    Description = 7:22:33 - Virhe muodostettaessa Internet-yhteyttä. 7:22:33 - Yhteyden
    muodostaminen palvelimeen ei onnistu..

    Error - 2.3.2010 5:43:49 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
    Description = 11:43:49 - Virhe muodostettaessa Internet-yhteyttä. 11:43:49 -
    Yhteyden muodostaminen palvelimeen ei onnistu..

    Error - 2.3.2010 5:43:58 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
    Description = 11:43:55 - Virhe muodostettaessa Internet-yhteyttä. 11:43:55 -
    Yhteyden muodostaminen palvelimeen ei onnistu..

    [ System Events ]
    Error - 16.1.2010 10:26:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7031
    Description = Palvelu Käyttäjäprofiilipalvelu on päättynyt odottamatta. Tämä on
    tapahtunut 1 kertaa. 120000 millisekunnin kuluttua suoritetaan seuraava korjaustoimi:
    Käynnistä palvelu uudelleen.

    Error - 16.1.2010 10:26:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7031
    Description = Palvelu Tehtävien ajoitus on päättynyt odottamatta. Tämä on tapahtunut
    1 kertaa. 60000 millisekunnin kuluttua suoritetaan seuraava korjaustoimi: Käynnistä
    palvelu uudelleen.

    Error - 16.1.2010 10:26:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7031
    Description = Palvelu Järjestelmätapahtumien ilmoituspalvelu on päättynyt odottamatta.
    Tämä on tapahtunut 1 kertaa. 120000 millisekunnin kuluttua suoritetaan seuraava
    korjaustoimi: Käynnistä palvelu uudelleen.

    Error - 16.1.2010 10:26:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7031
    Description = Palvelu Käyttöliittymän laitteistotunnistus on päättynyt odottamatta.
    Tämä on tapahtunut 1 kertaa. 60000 millisekunnin kuluttua suoritetaan seuraava
    korjaustoimi: Käynnistä palvelu uudelleen.

    Error - 16.1.2010 10:26:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7031
    Description = Palvelu Teemat on päättynyt odottamatta. Tämä on tapahtunut 1 kertaa.
    60000 millisekunnin kuluttua suoritetaan seuraava korjaustoimi: Käynnistä palvelu
    uudelleen.

    Error - 16.1.2010 10:26:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7031
    Description = Palvelu WMI-palvelu (Windows Management Instrumentation) on päättynyt
    odottamatta. Tämä on tapahtunut 1 kertaa. 120000 millisekunnin kuluttua suoritetaan
    seuraava korjaustoimi: Käynnistä palvelu uudelleen.

    Error - 16.1.2010 10:26:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7031
    Description = Palvelu Windows Update on päättynyt odottamatta. Tämä on tapahtunut
    1 kertaa. 60000 millisekunnin kuluttua suoritetaan seuraava korjaustoimi: Käynnistä
    palvelu uudelleen.

    Error - 16.1.2010 10:27:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7032
    Description = Palvelujen ohjauksen hallinta yritti suorittaa korjaustoimia (Käynnistä
    palvelu uudelleen) palvelun Palvelin odottamattoman lopettamisen jälkeen. Yritys
    epäonnistui ja tapahtui virhe: %%1056

    Error - 16.1.2010 10:28:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7032
    Description = Palvelujen ohjauksen hallinta yritti suorittaa korjaustoimia (Käynnistä
    palvelu uudelleen) palvelun Tietokoneiden selaus odottamattoman lopettamisen jälkeen.
    Yritys epäonnistui ja tapahtui virhe: %%1056

    Error - 16.1.2010 10:28:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7032
    Description = Palvelujen ohjauksen hallinta yritti suorittaa korjaustoimia (Käynnistä
    palvelu uudelleen) palvelun WMI-palvelu (Windows Management Instrumentation) odottamattoman
    lopettamisen jälkeen. Yritys epäonnistui ja tapahtui virhe: %%1056


    < End of report >
     
    toope92, 11.03.2010
    #9
  11. toope92

    toope92 Regular member

    Liittynyt:
    08.11.2006
    Viestejä:
    140
    Kiitokset:
    0
    Pisteet:
    26
    OTL logfile created on: 11.3.2010 17:49:46 - Run 1
    OTL by OldTimer - Version 3.1.36.1 Folder = C:\Users\Sini\Desktop
    Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.7600.16385)
    Locale: 0000040b | Country: Suomi | Language: FIN | Date Format: d.M.yyyy

    3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 68,00% Memory free
    7,00 Gb Paging File | 6,00 Gb Available in Paging File | 83,00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 931,51 Gb Total Space | 732,06 Gb Free Space | 78,59% Space Free | Partition Type: NTFS
    D: Drive not present or media not loaded
    E: Drive not present or media not loaded
    F: Drive not present or media not loaded
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded

    Computer Name: SINI-PC
    Current User Name: Sini
    Logged in as Administrator.

    Current Boot Mode: Normal
    Scan Mode: All users
    Company Name Whitelist: Off
    Skip Microsoft Files: Off
    File Age = 30 Days
    Output = Standard

    ========== Processes (SafeList) ==========

    PRC - [2010.03.11 17:47:34 | 000,554,496 | ---- | M] (OldTimer Tools) -- C:\Users\Sini\Desktop\OTL.exe
    PRC - [2010.03.06 10:36:53 | 000,356,960 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\fsav32.exe
    PRC - [2010.03.06 10:36:07 | 000,619,616 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\fssm32.exe
    PRC - [2010.03.06 10:36:06 | 000,480,352 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\fsgk32.exe
    PRC - [2010.03.06 10:28:03 | 000,055,992 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\ORSP Client\fsorsp.exe
    PRC - [2010.02.25 12:02:02 | 000,716,616 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
    PRC - [2010.02.25 11:59:54 | 001,047,880 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
    PRC - [2010.02.02 20:17:28 | 000,372,736 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
    PRC - [2010.02.02 20:16:58 | 000,172,032 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
    PRC - [2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
    PRC - [2009.08.10 15:59:50 | 000,178,720 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
    PRC - [2009.08.10 15:59:48 | 000,387,616 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
    PRC - [2009.08.05 17:58:52 | 000,186,976 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\Common\FSMA32.EXE
    PRC - [2009.08.05 17:58:50 | 000,199,264 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\Common\FSM32.EXE
    PRC - [2009.08.05 17:58:50 | 000,088,672 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\Common\FSHDLL32.EXE
    PRC - [2009.08.05 17:57:20 | 000,522,848 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\FWES\program\fsdfwd.exe
    PRC - [2009.08.05 17:56:10 | 000,215,648 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\fsgk32st.exe
    PRC - [2009.07.14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
    PRC - [2009.07.14 03:14:24 | 000,157,184 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Windows Defender\MpCmdRun.exe
    PRC - [2008.10.16 10:04:42 | 000,202,016 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Sonera\InternetAvustaja\bin\sprtsvc.exe
    PRC - [2007.07.24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe


    ========== Modules (SafeList) ==========

    MOD - [2010.03.11 17:47:34 | 000,554,496 | ---- | M] (OldTimer Tools) -- C:\Users\Sini\Desktop\OTL.exe
    MOD - [2009.07.14 03:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll
    MOD - [2009.07.14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll
    MOD - [2009.07.14 03:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll
    MOD - [2009.07.14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll
    MOD - [2009.07.14 03:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll
    MOD - [2009.07.14 03:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll
    MOD - [2009.07.14 03:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
    MOD - [2009.07.14 03:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll
    MOD - [2009.07.14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll
    MOD - [2009.07.14 03:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll
    MOD - [2009.07.14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll


    ========== Win32 Services (SafeList) ==========

    SRV - [2010.03.06 10:28:03 | 000,055,992 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files\Sonera\Sonera Tietoturva\ORSP Client\fsorsp.exe -- (FSORSPClient)
    SRV - [2010.03.05 16:33:51 | 002,462,256 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\rswin_3648.dll -- (Akamai)
    SRV - [2010.03.03 10:05:31 | 000,435,016 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)
    SRV - [2010.02.25 11:59:54 | 001,047,880 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
    SRV - [2010.02.25 11:56:02 | 000,030,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
    SRV - [2010.02.02 20:16:58 | 000,172,032 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
    SRV - [2009.08.21 15:47:14 | 030,510,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
    SRV - [2009.08.21 15:36:08 | 004,639,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
    SRV - [2009.08.10 15:59:50 | 000,178,720 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp)
    SRV - [2009.08.10 15:59:48 | 000,387,616 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM)
    SRV - [2009.08.05 17:58:52 | 000,186,976 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files\Sonera\Sonera Tietoturva\Common\FSMA32.EXE -- (FSMA)
    SRV - [2009.08.05 17:57:20 | 000,522,848 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files\Sonera\Sonera Tietoturva\FWES\Program\fsdfwd.exe -- (FSDFWD)
    SRV - [2009.08.05 17:56:10 | 000,215,648 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\fsgk32st.exe -- (F-Secure Gatekeeper Handler Starter)
    SRV - [2009.07.14 03:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)
    SRV - [2009.07.14 03:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
    SRV - [2009.07.14 03:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power)
    SRV - [2009.07.14 03:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
    SRV - [2009.07.14 03:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)
    SRV - [2009.07.14 03:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
    SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
    SRV - [2009.07.14 03:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)
    SRV - [2009.07.14 03:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
    SRV - [2009.07.14 03:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
    SRV - [2009.07.14 03:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
    SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
    SRV - [2009.07.14 03:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
    SRV - [2009.07.14 03:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
    SRV - [2009.07.14 03:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
    SRV - [2009.07.14 03:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc)
    SRV - [2009.07.14 03:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC)
    SRV - [2009.07.14 03:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) ActiveX-asennusohjelma (AxInstSV)
    SRV - [2009.07.14 03:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)
    SRV - [2009.07.14 03:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc)
    SRV - [2008.10.16 10:04:42 | 000,202,016 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Sonera\InternetAvustaja\bin\sprtsvc.exe -- (sprtsvc_sonera) SupportSoft Sprocket Service (sonera)
    SRV - [2008.10.16 10:02:58 | 000,382,320 | ---- | M] (SupportSoft, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\supportsoft\bin\ssrc.exe -- (SupportSoft RemoteAssist)
    SRV - [2008.05.21 13:42:56 | 000,064,000 | ---- | M] (Creative Technology Ltd) [Disabled | Stopped] -- C:\Program Files\Creative\Creative Centrale\CTUPnPSv.exe -- (CTUPnPSv)
    SRV - [2007.12.13 16:29:59 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
    SRV - [2007.07.24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
    SRV - [2007.04.02 08:15:40 | 000,061,440 | ---- | M] (Creative Technology Ltd) [Disabled | Stopped] -- C:\Program Files\Creative\Shared Files\CTDevSrv.exe -- (CTDevice_Srv)
    SRV - [2004.05.14 13:02:46 | 000,086,016 | ---- | M] (NetGroup - Politecnico di Torino) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)


    ========== Driver Services (SafeList) ==========

    DRV - [2010.03.10 16:16:42 | 000,021,584 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\atapi.sys -- (atapi)
    DRV - [2010.03.06 10:37:16 | 000,033,920 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\Drivers\fsbts.sys -- (fsbts)
    DRV - [2010.03.06 10:36:46 | 000,107,104 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\minifilter\fsgk.sys -- (F-Secure Gatekeeper)
    DRV - [2010.02.20 17:07:24 | 000,278,984 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
    DRV - [2010.02.20 17:06:41 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
    DRV - [2010.02.02 20:54:34 | 005,313,536 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
    DRV - [2010.02.02 20:54:34 | 005,313,536 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atipmdag.sys -- (amdkmdag)
    DRV - [2010.02.02 19:23:42 | 000,150,016 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
    DRV - [2010.01.28 15:33:30 | 000,100,352 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
    DRV - [2010.01.27 11:04:00 | 000,183,584 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService)
    DRV - [2010.01.21 01:59:58 | 000,020,864 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag)
    DRV - [2010.01.21 01:59:56 | 000,024,960 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem)
    DRV - [2010.01.21 01:59:56 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)
    DRV - [2010.01.07 16:07:14 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
    DRV - [2010.01.03 21:04:37 | 000,722,416 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
    DRV - [2009.12.19 02:31:32 | 000,073,312 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\adfs.sys -- (adfs)
    DRV - [2009.12.01 11:11:28 | 001,872,192 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\cmudax3.sys -- (cmuda3)
    DRV - [2009.11.10 14:55:08 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
    DRV - [2009.11.10 14:54:52 | 000,035,984 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
    DRV - [2009.11.09 05:21:18 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
    DRV - [2009.10.14 07:24:44 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
    DRV - [2009.08.05 17:58:30 | 000,068,064 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys -- (F-Secure HIPS)
    DRV - [2009.08.05 17:57:20 | 000,071,040 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\fsdfw.sys -- (FSFW)
    DRV - [2009.08.05 17:57:12 | 000,035,680 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\fses.sys -- (FSES)
    DRV - [2009.08.05 17:56:14 | 000,039,776 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\win2k\fsfilter.sys -- (F-Secure Filter)
    DRV - [2009.08.05 17:56:14 | 000,025,184 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\win2k\fsrec.sys -- (F-Secure Recognizer)
    DRV - [2009.08.05 17:56:12 | 000,012,384 | ---- | M] () [Kernel | System | Running] -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\minifilter\fsvista.sys -- (fsvista)
    DRV - [2009.07.30 17:12:54 | 000,287,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmf6232.sys -- (NVNET)
    DRV - [2009.07.14 03:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide)
    DRV - [2009.07.14 03:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci)
    DRV - [2009.07.14 03:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)
    DRV - [2009.07.14 03:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)
    DRV - [2009.07.14 03:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320)
    DRV - [2009.07.14 03:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas)
    DRV - [2009.07.14 03:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata)
    DRV - [2009.07.14 03:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc)
    DRV - [2009.07.14 03:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata)
    DRV - [2009.07.14 03:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide)
    DRV - [2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor)
    DRV - [2009.07.14 03:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid)
    DRV - [2009.07.14 03:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)
    DRV - [2009.07.14 03:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)
    DRV - [2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV)
    DRV - [2009.07.14 03:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)
    DRV - [2009.07.14 03:20:36 | 000,133,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg)
    DRV - [2009.07.14 03:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)
    DRV - [2009.07.14 03:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)
    DRV - [2009.07.14 03:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)
    DRV - [2009.07.14 03:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp)
    DRV - [2009.07.14 03:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas)
    DRV - [2009.07.14 03:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)
    DRV - [2009.07.14 03:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor)
    DRV - [2009.07.14 03:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx)
    DRV - [2009.07.14 03:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD)
    DRV - [2009.07.14 03:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)
    DRV - [2009.07.14 03:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)
    DRV - [2009.07.14 03:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp)
    DRV - [2009.07.14 03:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot)
    DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount)
    DRV - [2009.07.14 03:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide)
    DRV - [2009.07.14 03:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300)
    DRV - [2009.07.14 03:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)
    DRV - [2009.07.14 03:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)
    DRV - [2009.07.14 03:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)
    DRV - [2009.07.14 03:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw)
    DRV - [2009.07.14 03:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)
    DRV - [2009.07.14 03:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor)
    DRV - [2009.07.14 03:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG)
    DRV - [2009.07.14 02:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
    DRV - [2009.07.14 02:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\rdpbus.sys -- (rdpbus)
    DRV - [2009.07.14 02:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)
    DRV - [2009.07.14 01:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
    DRV - [2009.07.14 01:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)
    DRV - [2009.07.14 01:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)
    DRV - [2009.07.14 01:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)
    DRV - [2009.07.14 01:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\1394ohci.sys -- (1394ohci)
    DRV - [2009.07.14 01:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass)
    DRV - [2009.07.14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
    DRV - [2009.07.14 01:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)
    DRV - [2009.07.14 01:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)
    DRV - [2009.07.14 01:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus)
    DRV - [2009.07.14 01:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID)
    DRV - [2009.07.14 01:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter)
    DRV - [2009.07.14 01:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache)
    DRV - [2009.07.14 01:19:21 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HidBatt.sys -- (HidBatt)
    DRV - [2009.07.14 01:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi)
    DRV - [2009.07.14 01:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdppm.sys -- (AmdPPM)
    DRV - [2009.07.14 00:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir)
    DRV - [2009.07.14 00:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm)
    DRV - [2009.07.14 00:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer)
    DRV - [2009.07.14 00:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm)
    DRV - [2009.07.14 00:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo)
    DRV - [2009.07.14 00:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp)
    DRV - [2009.07.14 00:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
    DRV - [2009.07.14 00:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
    DRV - [2009.07.14 00:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv)
    DRV - [2009.07.14 00:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv)
    DRV - [2009.06.29 00:36:36 | 000,017,920 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
    DRV - [2008.12.12 15:27:46 | 000,018,432 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\LG Soft India\forteManager\bin\PII2CDriver.sys -- (LGII2CDevice)
    DRV - [2008.12.12 15:27:46 | 000,014,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\LG Soft India\forteManager\bin\I2CDriver.sys -- (LGDDCDevice)
    DRV - [2008.01.19 05:55:22 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\irsir.sys -- (irsir)
    DRV - [2007.04.17 20:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\regi.sys -- (regi)
    DRV - [2004.05.14 11:37:10 | 000,032,896 | ---- | M] (NetGroup - Politecnico di Torino) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\npf.sys -- (NPF)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========



    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



    IE - HKU\S-1-5-21-3761315706-44459061-675875969-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com?o=15161&l=dis
    IE - HKU\S-1-5-21-3761315706-44459061-675875969-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fi.msn.com/?ocid=iehp
    IE - HKU\S-1-5-21-3761315706-44459061-675875969-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fi
    IE - HKU\S-1-5-21-3761315706-44459061-675875969-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 59 2D 93 5E EC 6D CA 01 [binary data]
    IE - HKU\S-1-5-21-3761315706-44459061-675875969-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    ========== FireFox ==========

    FF - prefs.js..browser.search.defaultengine: "Ask.com"
    FF - prefs.js..browser.search.defaultenginename: "Ask.com"
    FF - prefs.js..browser.search.defaultthis.engineName: "BS Player Customized Web Search"
    FF - prefs.js..browser.search.defaulturl: "http://www3.iamwired.net/websearch.php?src=tops&search="
    FF - prefs.js..browser.search.order.1: "Ask.com"
    FF - prefs.js..browser.search.selectedEngine: "Torrents.to"
    FF - prefs.js..browser.search.update: false
    FF - prefs.js..browser.search.useDBForOrder: true
    FF - prefs.js..browser.startup.homepage: "http://www.google.fi/"
    FF - prefs.js..extensions.enabledItems: {80155943-b083-a2cf-0350-54d3b1be1609}:4.6.6.4
    FF - prefs.js..keyword.URL: ""
    FF - prefs.js..network.proxy.no_proxies_on: "*.local"


    FF - HKLM\software\mozilla\Firefox\Extensions\\FFToolbar@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2010\bdaphffext\ [2010.03.06 10:33:01 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Firefox\Extensions\\litmus-ff@f-secure.com: C:\Program Files\Sonera\Sonera Tietoturva\NRS\litmus-ff@f-secure.com [2010.03.06 10:23:23 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.03.11 10:51:52 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.03.11 10:56:18 | 000,000,000 | ---D | M]

    [2009.12.23 03:15:53 | 000,000,000 | ---D | M] -- C:\Users\Sini\AppData\Roaming\mozilla\Extensions
    [2009.12.23 03:15:53 | 000,000,000 | ---D | M] -- C:\Users\Sini\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org
    [2010.03.11 17:24:40 | 000,000,000 | ---D | M] -- C:\Users\Sini\AppData\Roaming\mozilla\Firefox\Profiles\k20tmfqy.default\extensions
    [2010.01.23 17:01:58 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Sini\AppData\Roaming\mozilla\Firefox\Profiles\k20tmfqy.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
    [2009.12.24 14:49:06 | 000,000,000 | ---D | M] (Fasterfox) -- C:\Users\Sini\AppData\Roaming\mozilla\Firefox\Profiles\k20tmfqy.default\extensions\{c36177c0-224a-11da-8cd6-0800200c9a91}
    [2010.01.23 17:01:58 | 000,000,000 | ---D | M] (FoxTab) -- C:\Users\Sini\AppData\Roaming\mozilla\Firefox\Profiles\k20tmfqy.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
    [2010.01.27 23:30:56 | 000,000,000 | ---D | M] -- C:\Users\Sini\AppData\Roaming\mozilla\Firefox\Profiles\k20tmfqy.default\extensions\fsonlinescanner@f-secure.com
    [2010.01.23 17:01:58 | 000,000,000 | ---D | M] -- C:\Users\Sini\AppData\Roaming\mozilla\Firefox\Profiles\k20tmfqy.default\extensions\personas@christopher.beard
    [2010.03.11 17:18:44 | 000,002,257 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\Mozilla\FireFox\Profiles\k20tmfqy.default\searchplugins\askcom.xml
    [2009.12.24 20:57:14 | 000,002,367 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\Mozilla\FireFox\Profiles\k20tmfqy.default\searchplugins\photobucket.xml
    [2010.03.09 17:57:08 | 000,000,261 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\Mozilla\FireFox\Profiles\k20tmfqy.default\searchplugins\Search.xml
    [2009.12.02 18:49:43 | 000,000,897 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\Mozilla\FireFox\Profiles\k20tmfqy.default\searchplugins\torrentsto.xml
    [2010.01.22 19:04:02 | 000,001,713 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\Mozilla\FireFox\Profiles\k20tmfqy.default\searchplugins\youtube-video-search.xml
    [2010.03.11 17:19:18 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
    [2010.03.09 18:35:10 | 000,000,000 | ---D | M] (LoudMo Contextual Ad Assistant) -- C:\Program Files\Mozilla Firefox\extensions\{80155943-b083-a2cf-0350-54d3b1be1609}
    [2010.01.16 03:19:09 | 000,002,062 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bookplus-fi.xml
    [2010.01.16 03:19:09 | 000,001,069 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons-fi.xml
    [2010.01.16 03:19:09 | 000,002,677 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\huuto-fi.xml
    [2010.01.16 03:19:09 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fi.xml
    [2010.01.16 03:19:09 | 000,000,796 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-fi.xml

    O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
    O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
    O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    O2 - BHO: (Browsing Protection Class) - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files\Sonera\Sonera Tietoturva\NRS\iescript\BaseLitmus.dll (F-Secure Corporation)
    O2 - BHO: (gwprimawega) - {da9e5a55-a1a2-1b97-026f-b233372fee2e} - C:\Windows\System32\p0_aPIH.dll ()
    O3 - HKLM\..\Toolbar: (Browsing Protection Toolbar) - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files\Sonera\Sonera Tietoturva\NRS\iescript\BaseLitmus.dll (F-Secure Corporation)
    O3 - HKU\S-1-5-21-3761315706-44459061-675875969-1001\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
    O4 - HKLM..\Run: [CmPCIaudio] File not found
    O4 - HKLM..\Run: [F-Secure Manager] C:\Program Files\Sonera\Sonera Tietoturva\Common\FSM32.EXE (F-Secure Corporation)
    O4 - HKLM..\Run: [F-Secure TNB] C:\Program Files\Sonera\Sonera Tietoturva\FSGUI\TNBUtil.exe (F-Secure Corporation)
    O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
    O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
    O4 - HKU\.DEFAULT..\Run: [cbssreg] C:\Windows\TEMP\nytf.tmp\svchost.exe File not found
    O4 - HKU\S-1-5-18..\Run: [cbssreg] C:\Windows\TEMP\nytf.tmp\svchost.exe File not found
    O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe File not found
    O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe File not found
    O4 - HKU\S-1-5-21-3761315706-44459061-675875969-1001..\Run: [FileHippo.com] C:\Program Files\FileHippo.com\UpdateChecker.exe (FileHippo.com)
    O4 - HKU\S-1-5-21-3761315706-44459061-675875969-1001..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
    O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
    O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
    O4 - Startup: C:\Users\Sini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe (Lime Wire, LLC)
    O4 - Startup: C:\Users\Sini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\update.exe ()
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
    O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
    O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
    O13 - gopher Prefix: missing
    O15 - HKU\S-1-5-21-3761315706-44459061-675875969-1001\..Trusted Domains: corel.com ([]http in Trusted sites)
    O15 - HKU\S-1-5-21-3761315706-44459061-675875969-1001\..Trusted Domains: corel.com ([www] * in Trusted sites)
    O15 - HKU\S-1-5-21-3761315706-44459061-675875969-1001\..Trusted Domains: intervideo.com ([]http in Trusted sites)
    O15 - HKU\S-1-5-21-3761315706-44459061-675875969-1001\..Trusted Domains: intervideo.com ([www] * in Trusted sites)
    O16 - DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} http://srtest-cdn.systemrequirementslab.com.s3.amazonaws.com/bin/sysreqlabdetect.cab (Reg Error: Key error.)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
    O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
    O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15111/CTPID.cab (Creative Software AutoUpdate Support Package)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254
    O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
    O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O20 - HKU\S-1-5-21-3761315706-44459061-675875969-1001 Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20 - HKU\S-1-5-21-3761315706-44459061-675875969-1001 Winlogon: Shell - (C:\Users\Sini\AppData\Roaming\ufxw.exe) - C:\Users\Sini\AppData\Roaming\ufxw.exe File not found
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
    O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
    O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O33 - MountPoints2\I\Shell - "" = AutoRun
    O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\Autorun.exe -- File not found
    O33 - MountPoints2\J\Shell - "" = AutoRun
    O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\Autorun.exe -- File not found
    O33 - MountPoints2\K\Shell - "" = AutoRun
    O34 - HKLM BootExecute: (autocheck autochk /r \??\F:) - File not found
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O34 - HKLM BootExecute: (sasnative32) - File not found
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*

    ========== Files/Folders - Created Within 30 Days ==========

    [2010.03.11 17:47:34 | 000,554,496 | ---- | C] (OldTimer Tools) -- C:\Users\Sini\Desktop\OTL.exe
    [2010.03.10 16:49:11 | 000,000,000 | ---D | C] -- C:\Users\Sini\Tracing
    [2010.03.09 20:58:43 | 000,705,536 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\cohelper.dll
    [2010.03.09 19:14:02 | 002,622,496 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkHDMI.dll
    [2010.03.09 19:14:02 | 000,355,528 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32H.dll
    [2010.03.09 19:14:02 | 000,183,584 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RtHDMIV.sys
    [2010.03.09 19:14:02 | 000,073,928 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32H.dll
    [2010.03.09 19:14:01 | 000,168,648 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32H.dll
    [2010.03.09 19:14:01 | 000,062,664 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32H.dll
    [2010.03.09 19:14:00 | 001,640,480 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RHDMIExt.dll
    [2010.03.09 19:14:00 | 000,293,600 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RH3DHT32.dll
    [2010.03.09 19:14:00 | 000,293,600 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RH3DAA32.dll
    [2010.03.09 19:14:00 | 000,057,376 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RHCoInst.dll
    [2010.03.09 19:14:00 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
    [2010.03.09 19:13:52 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp
    [2010.03.09 19:11:56 | 000,000,000 | ---D | C] -- C:\SMU
    [2010.03.09 19:11:56 | 000,000,000 | ---D | C] -- C:\SMBUS
    [2010.03.09 19:11:54 | 000,000,000 | ---D | C] -- C:\IDE
    [2010.03.09 19:11:54 | 000,000,000 | ---D | C] -- C:\Ethernet
    [2010.03.09 17:27:11 | 000,000,000 | ---D | C] -- C:\Users\Sini\Documents\DriverGenius
    [2010.03.09 17:03:19 | 000,000,000 | ---D | C] -- C:\Program Files\Driver-Soft
    [2010.03.09 07:09:41 | 003,955,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
    [2010.03.09 07:09:41 | 003,899,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
    [2010.03.08 20:27:42 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
    [2010.03.08 17:22:58 | 000,000,000 | ---D | C] -- C:\Program Files\TrendMicro
    [2010.03.08 04:51:36 | 000,000,000 | ---D | C] -- C:\SDFix
    [2010.03.08 04:50:41 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
    [2010.03.08 04:47:05 | 000,000,000 | ---D | C] -- C:\Windows\Sun
    [2010.03.07 19:54:36 | 000,000,000 | ---D | C] -- C:\Users\Sini\AppData\Local\Stay Secure
    [2010.03.07 16:43:44 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
    [2010.03.07 16:37:07 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
    [2010.03.07 16:37:06 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
    [2010.03.07 16:37:06 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
    [2010.03.06 10:31:35 | 000,000,000 | -HSD | C] -- C:\Config.Msi
    [2010.03.06 10:24:13 | 000,035,680 | ---- | C] (F-Secure Corporation) -- C:\Windows\System32\drivers\fses.sys
    [2010.03.06 10:24:08 | 000,572,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcp50.dll
    [2010.03.06 10:24:08 | 000,071,040 | ---- | C] (F-Secure Corporation) -- C:\Windows\System32\drivers\fsdfw.sys
    [2010.03.06 09:46:08 | 000,000,000 | ---D | C] -- C:\Users\Sini\Documents\My Drivers
    [2010.03.05 13:33:38 | 000,000,000 | ---D | C] -- C:\Users\Sini\Documents\Adobe Scripts
    [2010.03.05 10:24:58 | 000,016,400 | ---- | C] (Logitech, Inc.) -- C:\Windows\System32\drivers\LNonPnP.sys
    [2010.03.05 10:24:41 | 001,581,072 | ---- | C] (Logitech, Inc.) -- C:\Windows\System32\LkmdfCoInst.dll
    [2010.03.05 10:24:41 | 000,052,240 | ---- | C] (Logitech, Inc.) -- C:\Windows\System32\LMouFiltCoInst.dll
    [2010.03.05 10:24:41 | 000,037,392 | ---- | C] (Logitech, Inc.) -- C:\Windows\System32\drivers\LMouFilt.Sys
    [2010.03.05 10:24:40 | 000,035,984 | ---- | C] (Logitech, Inc.) -- C:\Windows\System32\drivers\LHidFilt.Sys
    [2010.03.04 15:38:01 | 000,000,000 | ---D | C] -- C:\Program Files\The Sims Resource
    [2010.03.04 14:50:34 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
    [2010.03.04 14:40:01 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
    [2010.03.03 20:00:17 | 000,274,432 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\Oemdspif.dll
    [2010.03.03 20:00:17 | 000,100,352 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\drivers\AtiHdmi.sys
    [2010.03.03 20:00:17 | 000,050,176 | ---- | C] (AMD) -- C:\Windows\System32\coinst.dll
    [2010.03.03 20:00:17 | 000,027,136 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiuxpag.dll
    [2010.03.03 20:00:16 | 000,020,480 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiu9pag.dll
    [2010.03.03 20:00:15 | 000,356,352 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\atipdlxx.dll
    [2010.03.03 20:00:15 | 000,159,744 | ---- | C] (AMD) -- C:\Windows\System32\atitmmxx.dll
    [2010.03.03 20:00:12 | 014,147,072 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atioglxx.dll
    [2010.03.03 20:00:07 | 005,313,536 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\atipmdag.sys
    [2010.03.03 20:00:07 | 005,313,536 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\atikmdag.sys
    [2010.03.03 20:00:07 | 000,150,016 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\drivers\atikmpag.sys
    [2010.03.03 20:00:07 | 000,052,224 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atimpc32.dll
    [2010.03.03 20:00:07 | 000,052,224 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\amdpcom32.dll
    [2010.03.03 20:00:07 | 000,011,776 | ---- | C] (AMD) -- C:\Windows\System32\atimuixx.dll
    [2010.03.03 20:00:06 | 000,446,464 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIDEMGX.dll
    [2010.03.03 20:00:06 | 000,014,848 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atigktxx.dll
    [2010.03.03 20:00:06 | 000,012,800 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiglpxx.dll
    [2010.03.03 20:00:05 | 003,649,536 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticaldd.dll
    [2010.03.03 20:00:05 | 000,426,496 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\System32\aticfx32.dll
    [2010.03.03 20:00:05 | 000,143,360 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiapfxx.exe
    [2010.03.03 20:00:05 | 000,053,248 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalrt.dll
    [2010.03.03 20:00:05 | 000,053,248 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalcl.dll
    [2010.03.03 20:00:04 | 000,053,248 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\ati2erec.dll
    [2010.03.03 20:00:04 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\ati2edxx.dll
    [2010.03.03 12:59:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Protexis
    [2010.03.03 12:58:53 | 000,000,000 | ---D | C] -- C:\Program Files\Corel
    [2010.03.03 11:22:44 | 000,000,000 | ---D | C] -- C:\KU990
    [2010.03.03 11:19:08 | 000,000,000 | ---D | C] -- C:\LG_USB
    [2010.03.03 11:15:35 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml4a.dll
    [2010.03.03 11:15:16 | 000,000,000 | ---D | C] -- C:\ProgramData\LGMOBILEAX
    [2010.03.03 10:34:51 | 000,055,824 | ---- | C] (Logitech, Inc.) -- C:\Windows\KHALMNPR.Exe
    [2010.03.03 10:18:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
    [2010.03.03 10:05:37 | 000,030,024 | ---- | C] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll
    [2010.03.03 10:05:37 | 000,021,320 | ---- | C] (TuneUp Software) -- C:\Windows\System32\authuitu.dll
    [2010.03.03 10:01:40 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
    [2010.03.03 10:01:37 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
    [2010.03.03 10:01:37 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
    [2010.03.03 10:01:37 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
    [2010.03.03 10:01:33 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll
    [2010.03.03 10:01:33 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
    [2010.03.03 10:01:33 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll
    [2010.03.03 10:01:33 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
    [2010.03.03 10:01:31 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
    [2010.03.03 10:01:31 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
    [2010.03.03 10:01:31 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
    [2010.03.03 10:01:31 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
    [2010.03.03 10:01:31 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
    [2010.03.03 10:01:31 | 000,277,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
    [2010.03.03 10:01:31 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
    [2010.03.03 10:01:31 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
    [2010.03.03 10:01:29 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
    [2010.02.09 23:30:57 | 000,000,000 | ---D | C] -- C:\Users\Sini\AppData\Roaming\InstallShield
    [2010.02.09 23:23:07 | 000,000,000 | -H-D | C] -- C:\LG3G
    [2010.02.09 23:20:23 | 000,000,000 | ---D | C] -- C:\lgupload
    [2010.02.09 23:00:14 | 000,024,960 | ---- | C] (LG Electronics Inc.) -- C:\Windows\System32\drivers\lgusbmodem.sys
    [2010.02.09 23:00:14 | 000,020,864 | ---- | C] (LG Electronics Inc.) -- C:\Windows\System32\drivers\lgusbdiag.sys
    [2010.02.09 23:00:14 | 000,013,056 | ---- | C] (LG Electronics Inc.) -- C:\Windows\System32\drivers\lgusbbus.sys
    [2010.02.09 23:00:13 | 000,000,000 | ---D | C] -- C:\Program Files\LG Electronics
    [2010.02.09 22:58:49 | 000,000,000 | ---D | C] -- C:\Program Files\LG PC Suite 2
    [2010.02.09 22:05:04 | 000,000,000 | ---D | C] -- C:\Windows\pss
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2010.03.11 17:51:09 | 003,670,016 | ---- | M] () -- C:\Users\Sini\ntuser.dat
    [2010.03.11 17:47:34 | 000,554,496 | ---- | M] (OldTimer Tools) -- C:\Users\Sini\Desktop\OTL.exe
    [2010.03.11 17:32:18 | 000,014,608 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2010.03.11 17:32:18 | 000,014,608 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2010.03.11 17:22:50 | 000,000,975 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
    [2010.03.11 10:53:23 | 000,001,815 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk
    [2010.03.11 10:06:52 | 000,000,574 | ---- | M] () -- C:\Windows\tasks\Scheduled scanning task.job
    [2010.03.11 10:06:24 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
    [2010.03.11 10:06:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2010.03.10 23:48:17 | 001,144,078 | -H-- | M] () -- C:\Users\Sini\AppData\Local\IconCache.db
    [2010.03.10 18:33:27 | 000,000,466 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_021.cplist
    [2010.03.10 18:33:24 | 000,002,516 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys
    [2010.03.10 18:27:55 | 000,000,466 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_020.cplist
    [2010.03.10 17:18:06 | 000,000,480 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_019.cplist
    [2010.03.10 17:07:51 | 000,000,466 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_018.cplist
    [2010.03.10 16:48:16 | 000,000,522 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_017.cplist
    [2010.03.10 16:39:45 | 437,169,378 | ---- | M] () -- C:\Windows\MEMORY.DMP
    [2010.03.10 16:16:42 | 000,021,584 | ---- | M] () -- C:\Windows\System32\drivers\atapi.sys
    [2010.03.09 21:01:02 | 001,243,400 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
    [2010.03.09 21:01:02 | 000,616,736 | ---- | M] () -- C:\Windows\System32\perfh009.dat
    [2010.03.09 21:01:02 | 000,442,586 | ---- | M] () -- C:\Windows\System32\perfh00B.dat
    [2010.03.09 21:01:02 | 000,107,828 | ---- | M] () -- C:\Windows\System32\perfc009.dat
    [2010.03.09 21:01:02 | 000,083,000 | ---- | M] () -- C:\Windows\System32\perfc00B.dat
    [2010.03.09 19:14:17 | 000,000,246 | ---- | M] () -- C:\Windows\Cmicnfg3.ini.cfl
    [2010.03.09 19:14:17 | 000,000,168 | ---- | M] () -- C:\Windows\Cmicnfg3.ini.imi
    [2010.03.09 19:14:17 | 000,000,136 | ---- | M] () -- C:\Windows\System\Dlap.pfx
    [2010.03.09 19:13:35 | 000,000,107 | ---- | M] () -- C:\Windows\System\Cmicnfg3.ini
    [2010.03.09 18:35:11 | 000,118,375 | ---- | M] () -- C:\Windows\System32\MSF_RIUNyS3.exe
    [2010.03.09 17:58:41 | 002,760,844 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\update.exe
    [2010.03.08 23:34:07 | 000,196,608 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
    [2010.03.08 23:33:56 | 000,524,288 | -HS- | M] () -- C:\Users\Sini\ntuser.dat{d4828c67-2ac3-11df-9e1b-001966bb5e2b}.TMContainer00000000000000000002.regtrans-ms
    [2010.03.08 23:33:56 | 000,524,288 | -HS- | M] () -- C:\Users\Sini\ntuser.dat{d4828c67-2ac3-11df-9e1b-001966bb5e2b}.TMContainer00000000000000000001.regtrans-ms
    [2010.03.08 23:33:56 | 000,065,536 | -HS- | M] () -- C:\Users\Sini\ntuser.dat{d4828c67-2ac3-11df-9e1b-001966bb5e2b}.TM.blf
    [2010.03.07 20:12:07 | 000,000,514 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_016.cplist
    [2010.03.07 20:11:41 | 000,000,498 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_015.cplist
    [2010.03.07 19:54:33 | 000,000,562 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_014.cplist
    [2010.03.07 16:18:57 | 000,000,466 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_013.cplist
    [2010.03.07 15:15:38 | 000,000,490 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_012.cplist
    [2010.03.07 10:49:53 | 000,000,486 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_011.cplist
    [2010.03.07 10:49:13 | 000,000,514 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_010.cplist
    [2010.03.06 22:12:01 | 000,000,582 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_009.cplist
    [2010.03.06 22:10:45 | 000,000,452 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_008.cplist
    [2010.03.06 22:09:53 | 000,000,582 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_007.cplist
    [2010.03.06 22:08:50 | 000,000,510 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_006.cplist
    [2010.03.06 20:32:44 | 000,000,498 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_005.cplist
    [2010.03.06 18:00:35 | 000,000,564 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_004.cplist
    [2010.03.06 13:05:40 | 000,000,522 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_003.cplist
    [2010.03.06 10:44:37 | 000,016,400 | ---- | M] (Logitech, Inc.) -- C:\Windows\System32\drivers\LNonPnP.sys
    [2010.03.06 10:37:16 | 000,033,920 | ---- | M] () -- C:\Windows\System32\drivers\fsbts.sys
    [2010.03.06 10:31:37 | 000,000,052 | ---- | M] () -- C:\Windows\System32\ashttpstats.csv
    [2010.03.05 17:29:59 | 000,000,496 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_002.cplist
    [2010.03.05 17:07:49 | 000,000,562 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_001.cplist
    [2010.03.04 10:06:23 | 002,353,664 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\phar_unmip.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\phar_histprot.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_video.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_webproxy.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_tabloids.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_socialnetworks.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_searchengines.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_regionaltlds.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_pornography.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_onlineshop.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_onlinepay.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_onlinedating.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_news.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_im.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_illegal.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_hate.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_games.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_gambling.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_drugs.dat
    [2010.03.03 12:59:57 | 000,115,248 | ---- | M] () -- C:\Users\Sini\AppData\Local\GDIPFONTCACHEV1.DAT
    [2010.03.03 12:06:44 | 000,000,025 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\bdfvconp.ini
    [2010.03.03 11:15:58 | 000,002,412 | ---- | M] () -- C:\Windows\System32\lgAxconfig.ini
    [2010.03.03 10:42:16 | 000,000,132 | ---- | M] () -- C:\Windows\System32\rezumatenoi.dat
    [2010.03.03 10:38:08 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
    [2010.03.03 10:18:28 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcp71.dll
    [2010.03.03 10:18:28 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcr71.dll
    [2010.03.03 09:58:58 | 000,008,284 | ---- | M] () -- C:\Windows\System32\eps_icon.avi
    [2010.02.25 12:03:02 | 000,030,536 | ---- | M] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe
    [2010.02.25 11:56:16 | 000,021,320 | ---- | M] (TuneUp Software) -- C:\Windows\System32\authuitu.dll
    [2010.02.25 11:56:02 | 000,030,024 | ---- | M] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll
    [2010.02.24 09:16:06 | 000,181,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
    [2010.02.20 17:07:24 | 000,278,984 | ---- | M] () -- C:\Windows\System32\drivers\atksgt.sys
    [2010.02.20 17:06:41 | 000,025,416 | ---- | M] () -- C:\Windows\System32\drivers\lirsgt.sys
    [2010.02.18 13:42:24 | 001,290,240 | ---- | M] () -- C:\Windows\System32\p0_aPIH.dll
    [2010.02.11 09:10:14 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2010.03.11 17:22:50 | 000,000,975 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
    [2010.03.11 10:53:23 | 000,001,815 | ---- | C] () -- C:\Users\Sini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk
    [2010.03.10 18:33:27 | 000,000,466 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_021.cplist
    [2010.03.10 18:27:55 | 000,000,466 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_020.cplist
    [2010.03.10 17:14:46 | 000,000,480 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_019.cplist
    [2010.03.10 17:07:51 | 000,000,466 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_018.cplist
    [2010.03.10 16:48:16 | 000,000,522 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_017.cplist
    [2010.03.09 23:08:45 | 437,169,378 | ---- | C] () -- C:\Windows\MEMORY.DMP
    [2010.03.09 20:58:43 | 000,006,136 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
    [2010.03.09 17:58:09 | 002,760,844 | ---- | C] () -- C:\Users\Sini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\update.exe
    [2010.03.09 17:57:01 | 000,118,375 | ---- | C] () -- C:\Windows\System32\MSF_RIUNyS3.exe
    [2010.03.08 17:34:09 | 000,524,288 | -HS- | C] () -- C:\Users\Sini\ntuser.dat{d4828c67-2ac3-11df-9e1b-001966bb5e2b}.TMContainer00000000000000000002.regtrans-ms
    [2010.03.08 17:34:09 | 000,524,288 | -HS- | C] () -- C:\Users\Sini\ntuser.dat{d4828c67-2ac3-11df-9e1b-001966bb5e2b}.TMContainer00000000000000000001.regtrans-ms
    [2010.03.08 17:34:09 | 000,065,536 | -HS- | C] () -- C:\Users\Sini\ntuser.dat{d4828c67-2ac3-11df-9e1b-001966bb5e2b}.TM.blf
    [2010.03.07 20:12:07 | 000,000,514 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_016.cplist
    [2010.03.07 20:11:41 | 000,000,498 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_015.cplist
    [2010.03.07 19:54:33 | 000,000,562 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_014.cplist
    [2010.03.07 15:16:36 | 000,000,466 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_013.cplist
    [2010.03.07 15:15:38 | 000,000,490 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_012.cplist
    [2010.03.07 10:49:53 | 000,000,486 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_011.cplist
    [2010.03.07 10:49:13 | 000,000,514 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_010.cplist
    [2010.03.06 22:12:01 | 000,000,582 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_009.cplist
    [2010.03.06 22:10:45 | 000,000,452 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_008.cplist
    [2010.03.06 22:09:53 | 000,000,582 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_007.cplist
    [2010.03.06 22:08:50 | 000,000,510 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_006.cplist
    [2010.03.06 20:32:44 | 000,000,498 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_005.cplist
    [2010.03.06 18:00:35 | 000,000,564 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_004.cplist
    [2010.03.06 13:05:40 | 000,000,522 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_003.cplist
    [2010.03.06 10:40:52 | 000,000,574 | ---- | C] () -- C:\Windows\tasks\Scheduled scanning task.job
    [2010.03.06 10:24:39 | 000,033,920 | ---- | C] () -- C:\Windows\System32\drivers\fsbts.sys
    [2010.03.05 17:29:59 | 000,000,496 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_002.cplist
    [2010.03.05 17:07:49 | 000,000,562 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_001.cplist
    [2010.03.05 10:32:29 | 000,000,052 | ---- | C] () -- C:\Windows\System32\ashttpstats.csv
    [2010.03.03 20:00:16 | 000,491,104 | ---- | C] () -- C:\Windows\System32\atiumdva.cap
    [2010.03.03 20:00:15 | 000,001,035 | ---- | C] () -- C:\Windows\System32\atipblag.dat
    [2010.03.03 20:00:08 | 000,020,274 | ---- | C] () -- C:\Windows\atiogl.xml
    [2010.03.03 20:00:06 | 000,198,341 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
    [2010.03.03 20:00:05 | 000,031,240 | ---- | C] () -- C:\Windows\System32\atiapfxx.blb
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\phar_unmip.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\phar_histprot.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_video.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_webproxy.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_tabloids.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_socialnetworks.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_searchengines.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_regionaltlds.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_pornography.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_onlineshop.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_onlinepay.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_onlinedating.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_news.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_im.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_illegal.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_hate.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_games.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_gambling.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_drugs.dat
    [2010.03.03 12:06:44 | 000,000,025 | ---- | C] () -- C:\Users\Sini\AppData\Roaming\bdfvconp.ini
    [2010.03.03 11:15:35 | 000,053,248 | ---- | C] () -- C:\Windows\System32\CommonDL.dll
    [2010.03.03 11:15:35 | 000,002,412 | ---- | C] () -- C:\Windows\System32\lgAxconfig.ini
    [2010.03.03 10:38:08 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
    [2010.02.20 17:06:42 | 000,278,984 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
    [2010.02.20 17:06:41 | 000,025,416 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
    [2010.02.18 13:42:24 | 001,290,240 | ---- | C] () -- C:\Windows\System32\p0_aPIH.dll
    [2010.01.20 21:29:05 | 000,000,008 | RHS- | C] () -- C:\ProgramData\DA2827B44C.sys
    [2010.01.20 21:29:04 | 000,002,516 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
    [2010.01.03 21:04:37 | 000,722,416 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
    [2009.12.26 18:13:11 | 000,151,552 | ---- | C] () -- C:\Windows\System32\nvRegDev.dll
    [2009.12.18 20:29:26 | 000,237,568 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
    [2009.12.18 19:47:12 | 000,026,112 | ---- | C] () -- C:\Users\Sini\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2009.12.03 18:49:16 | 000,007,605 | ---- | C] () -- C:\Users\Sini\AppData\Local\Resmon.ResmonCfg
    [2009.12.01 19:03:03 | 000,003,733 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
    [2009.11.26 22:38:15 | 000,008,704 | ---- | C] () -- C:\Windows\System32\CNMVS7I.DLL
    [2009.11.26 17:11:39 | 000,000,246 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.cfl
    [2009.11.26 17:10:57 | 000,303,104 | ---- | C] () -- C:\Windows\System32\CmiInstallResAll.dll
    [2009.11.26 17:10:57 | 000,002,123 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.cfg
    [2009.11.26 17:10:57 | 000,000,168 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.imi
    [2009.11.26 17:10:56 | 000,002,754 | ---- | C] () -- C:\Windows\cmudax3.ini
    [2009.11.25 22:39:58 | 000,000,266 | ---- | C] () -- C:\Windows\lgfwup.ini
    [2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
    [2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
    [2009.07.14 01:11:15 | 000,021,584 | ---- | C] () -- C:\Windows\System32\drivers\atapi.sys
    [2009.06.19 20:06:22 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
    [2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
    [2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
    [2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
    [2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
    [2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
    [2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
    [2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
    [2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
    [2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
    [2006.10.11 05:33:58 | 000,010,288 | ---- | C] () -- C:\Windows\System32\drivers\ASUSHWIO.SYS
    [2005.02.25 06:15:00 | 000,159,744 | ---- | C] () -- C:\Windows\System32\EPSPTDV.DLL
    [2004.01.15 07:01:26 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll
    < End of report >



    OTL Extras logfile created on: 11.3.2010 17:49:46 - Run 1
    OTL by OldTimer - Version 3.1.36.1 Folder = C:\Users\Sini\Desktop
    Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.7600.16385)
    Locale: 0000040b | Country: Suomi | Language: FIN | Date Format: d.M.yyyy

    3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 68,00% Memory free
    7,00 Gb Paging File | 6,00 Gb Available in Paging File | 83,00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 931,51 Gb Total Space | 732,06 Gb Free Space | 78,59% Space Free | Partition Type: NTFS
    D: Drive not present or media not loaded
    E: Drive not present or media not loaded
    F: Drive not present or media not loaded
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded

    Computer Name: SINI-PC
    Current User Name: Sini
    Logged in as Administrator.

    Current Boot Mode: Normal
    Scan Mode: All users
    Company Name Whitelist: Off
    Skip Microsoft Files: Off
    File Age = 30 Days
    Output = Standard

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
    .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

    [HKEY_USERS\S-1-5-21-3761315706-44459061-675875969-1001\SOFTWARE\Classes\<extension>]
    .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

    ========== Shell Spawning ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
    htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
    htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = Reg Error: Unknown registry data type -- File not found
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    ========== Authorized Applications List ==========


    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
    "{022F6097-A053-4B1B-BE50-3AADE4116B92}" = Opera 10.50
    "{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
    "{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
    "{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
    "{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
    "{0BB72566-0D4C-7200-2CE7-02F298B49C88}" = CCC Help English
    "{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
    "{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
    "{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
    "{110AD51E-D0E0-49B1-52FD-291373BA62EA}" = Catalyst Control Center Graphics Full New
    "{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
    "{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
    "{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
    "{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
    "{1B2DBF55-05D4-4072-87D8-689141E262BD}" = Creative ZEN
    "{1E99F5D7-4262-4C7C-9135-F066E7485811}" = System Requirements Lab
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{20071984-5EB1-4881-8EDB-082532ACEC6D}" = Heroes of Might and Magic V
    "{20140000-000F-0000-0000-0000000FF1CE}" = Microsoft Office Mondo 2010 (Beta)
    "{20140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010 (Beta)
    "{20140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010 (Beta)
    "{20140000-0017-0409-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (English) 2010 (Beta)
    "{20140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010 (Beta)
    "{20140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010 (Beta)
    "{20140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010 (Beta)
    "{20140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010 (Beta)
    "{20140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 (Beta)
    "{20140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 (Beta)
    "{20140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010 (Beta)
    "{20140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010 (Beta)
    "{20140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010 (Beta)
    "{20140000-0054-0409-0000-0000000FF1CE}" = Microsoft Office Visio MUI (English) 2010 (Beta)
    "{20140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010 (Beta)
    "{20140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010 (Beta)
    "{20140000-00B4-0409-0000-0000000FF1CE}" = Microsoft Office Project MUI (English) 2010 (Beta)
    "{20140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010 (Beta)
    "{20140000-0102-0409-0000-0000000FF1CE}" = Microsoft Office MondoOnly MUI (English) 2010 (Beta)
    "{20140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010 (Beta)
    "{20140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010 (Beta)
    "{20140000-011A-0000-0000-0000000FF1CE}" = Microsoft Office Send-a-Smile
    "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Liven lataustyökalu
    "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
    "{23F79416-CAD1-41BF-99A3-040F6C814AAA}" = NVIDIA Photoshop Plug-ins
    "{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
    "{31557F4F-7D10-D32E-4B70-237A09FCC31B}" = Catalyst Control Center Graphics Previews Common
    "{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
    "{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
    "{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
    "{3C175604-F026-5D79-BBD8-F626AE10B3EF}" = Catalyst Control Center Graphics Full Existing
    "{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
    "{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Autodesk Backburner 2008.1
    "{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
    "{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
    "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
    "{4442AB48-DEC4-4B39-B067-1F75BF8017E7}" = Creative Centrale
    "{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{513148E7-B7A1-48B2-B518-668701E546F5}" = LightScribe System Software 1.14.19.1
    "{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
    "{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
    "{5C1F18D2-F6B7-4242-B803-B5A78648185D}" = Corel WinDVD 2010
    "{5DB65884-C963-4454-AABA-4CA3089281FA}" = NVIDIA PhysX
    "{6179550A-3E7C-499E-BCC9-9E8113E0A285}" = LG Tool Kit
    "{62C2067E-5851-BD4C-98E0-5C4D5E155A5B}" = Catalyst Control Center Core Implementation
    "{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
    "{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
    "{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
    "{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
    "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
    "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
    "{72736F5F-520D-472A-88CC-7B02872FD34E}" = ATI Catalyst Registration
    "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
    "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    "{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
    "{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
    "{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
    "{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
    "{85EB1E72-4FAA-40E4-A511-DF3A9A0A4CA8}" = Windows Live Messenger
    "{86604C06-DA30-425E-AECE-47304FE81C45}" = Creative Software Update
    "{87BB78C4-F36D-4D93-A7C7-F80F18219848}" = AMD DnD V1.0.19
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
    "{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
    "{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
    "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{993960EE-CA4D-443F-8F88-E24260DD5FD2}" = LG PC Suite
    "{998152E5-B605-4BBB-9853-E749AEE02B21}" = Windows Liven kirjautumisavustaja
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{9C87F6BB-75E4-4F35-8353-F5E295264E98}" = Windows Live Call
    "{9D669429-A2E4-4793-B7A0-283D259F39AF}" = Adobe Photoshop Lightroom 2.5
    "{9E1BAB75-EB78-440D-94C0-A3857BE2E733}" = System Requirements Lab
    "{A292C05C-840A-9D47-5350-EF39ECC7629E}" = Catalyst Control Center HydraVision Full
    "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
    "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
    "{A666A477-4C02-415E-9F31-3541FC0CD6B5}" = SipdxDLL
    "{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
    "{AA2BCB44-B44F-445A-A80C-E6C50218940C}" = Windows Liven asennustyökalu
    "{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
    "{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.1
    "{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
    "{AD17676C-5065-E427-130B-21CE713F93E7}" = Catalyst Control Center Graphics Light
    "{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
    "{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
    "{B970700B-E49F-ECEF-4ADB-0F3E1AFEDE91}" = ccc-core-static
    "{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
    "{BC1FFF14-C10D-7087-C43A-4A8ECC9C98C4}" = ATI Catalyst Install Manager
    "{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
    "{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem Driver
    "{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
    "{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
    "{CF23AFD7-3078-4134-8823-EBF6D1FE6FAD}" = Canon MP450
    "{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
    "{D5395E5F-4D45-4665-8F00-234FA33678AF}" = SlimDX Redistributable (March 2009)
    "{DA6FAB8D-E87A-4E8E-A3D3-B7B9F479C725}" = forteManager
    "{E2E7A0E8-77C4-495F-8FA3-63DAEDAA2DB3}" = F-Secure PSC Prerequisites
    "{E2F29FCA-126F-48DF-A9B5-BEBE8F0F1610}" = CreativeSetup
    "{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
    "{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
    "{E542E630-8BB7-4C28-B8EB-0BAD2B201C65}" = Audio Track Editor
    "{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
    "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
    "{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
    "{F439D7AF-03F3-4F8E-AEC4-571BFE977C61}" = iTunes
    "{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
    "{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
    "{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
    "{F9726DDC-D7B5-BF1F-5626-EA467FEEBC52}" = ccc-utility
    "{F9F13FEA-D51E-A1C3-4EDC-D04A91B62C93}" = Catalyst Control Center Graphics Previews Vista
    "{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
    "{FE3997D3-6B56-4AC4-A99C-9DDFC45359BF}" = TuneUp Utilities Language Pack (en-US)
    "Adobe AIR" = Adobe AIR
    "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
    "Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
    "ADSL Router Utility" = ADSL Router Utility
    "Akamai" = Akamai NetSession Interface
    "CCleaner" = CCleaner
    "C-Media PCI Audio Driver" = C-Media PCI Audio Device
    "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
    "Creative Centrale" = Creative Centrale
    "Creative Software AutoUpdate" = Creative Software AutoUpdate
    "Defraggler" = Defraggler
    "Driver Genius Professional Edition_is1" = Driver Genius Professional Edition
    "EADM" = EA Download Manager
    "FileHippo.com" = FileHippo.com Update Checker
    "F-Secure Product 444" = Sonera Tietoturva
    "HijackThis" = HijackThis 2.0.2
    "InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
    "LastFM_is1" = Last.fm 1.5.4.24567
    "LimeWire" = LimeWire 5.5.5
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
    "Mozilla Firefox (3.6)" = Mozilla Firefox (3.6)
    "MSF_RIUNyS3" = LoudMo Contextual Ad Assistant
    "NVIDIA Drivers" = NVIDIA Drivers
    "Office14.MONDO" = Microsoft Office Mondo 2010
    "PowerISO" = PowerISO
    "Sonera Internet Avustaja_is1" = Sonera Internet Avustaja
    "Spotify" = Spotify
    "SysInfo" = Creative System Information
    "TS3 Install Helper Monkey" = TS3 Install Helper Monkey
    "TuneUp Utilities" = TuneUp Utilities
    "Uninstall_is1" = Uninstall 1.0.0.1
    "uTorrent" = µTorrent
    "WinLiveSuite_Wave3" = Windows Liven asennustyökalu
    "WinPcapInst" = WinPcap 3.1 beta3
    "WinRAR archiver" = WinRAR archiver
    "VLC media player" = VLC media player 1.0.3

    ========== Last 10 Event Log Errors ==========

    [ Application Events ]
    Error - 10.3.2010 10:40:05 | Computer Name = Sini-PC | Source = FSecure-FSecure-F-Secure DeepGuard | ID = 103
    Description = 1 2010-03-10 16:40:05+03:00 SINI-PC SYSTEM F-Secure DeepGuard

    DeepGuard configuration was rejected. Old configuration will be used if possible.

    Error code: DAAS reject

    Error - 10.3.2010 10:52:02 | Computer Name = Sini-PC | Source = FSecure-FSecure-F-Secure DeepGuard | ID = 103
    Description = 1 2010-03-10 16:52:02+03:00 SINI-PC SYSTEM F-Secure DeepGuard

    DeepGuard configuration was rejected. Old configuration will be used if possible.

    Error code: DAAS reject

    Error - 10.3.2010 14:39:39 | Computer Name = Sini-PC | Source = Application Error | ID = 1000
    Description = Viallisen sovelluksen nimi: IEXPLORE.EXE, versio: 8.0.7600.16385,
    aikaleima: 0x4a5bc69e Viallisen moduulin nimi: ntdll.dll, versio: 6.1.7600.16385,
    aikaleima: 0x4a5bdadb Poikkeuskoodi: 0xc0000005 Virhepoikkeama: 0x00046b90 Viallisen
    prosessin tunnus: 0xee8 Viallisen sovelluksen käynnistysaika: 0x01cac080c4a06724
    Viallisen
    sovelluksen polku: C:\Program Files\Internet Explorer\IEXPLORE.EXE Viallisen moduulin
    polku: C:\Windows\SYSTEM32\ntdll.dll Raportin tunnus: 4873d423-2c74-11df-a210-001966bb5e2b

    Error - 10.3.2010 15:02:09 | Computer Name = Sini-PC | Source = Application Error | ID = 1000
    Description = Viallisen sovelluksen nimi: iexplore.exe, versio: 8.0.7600.16385,
    aikaleima: 0x4a5bc69e Viallisen moduulin nimi: ntdll.dll, versio: 6.1.7600.16385,
    aikaleima: 0x4a5bdadb Poikkeuskoodi: 0xc0000005 Virhepoikkeama: 0x00046b90 Viallisen
    prosessin tunnus: 0xdd0 Viallisen sovelluksen käynnistysaika: 0x01cac0841fbdf149
    Viallisen
    sovelluksen polku: C:\Program Files\Internet Explorer\iexplore.exe Viallisen moduulin
    polku: C:\Windows\SYSTEM32\ntdll.dll Raportin tunnus: 6cfac2e4-2c77-11df-a210-001966bb5e2b

    Error - 10.3.2010 15:20:08 | Computer Name = Sini-PC | Source = Application Error | ID = 1000
    Description = Viallisen sovelluksen nimi: iexplore.exe, versio: 8.0.7600.16385,
    aikaleima: 0x4a5bc69e Viallisen moduulin nimi: ntdll.dll, versio: 6.1.7600.16385,
    aikaleima: 0x4a5bdadb Poikkeuskoodi: 0xc0000005 Virhepoikkeama: 0x00046b90 Viallisen
    prosessin tunnus: 0xecc Viallisen sovelluksen käynnistysaika: 0x01cac0869d47617f
    Viallisen
    sovelluksen polku: C:\Program Files\Internet Explorer\iexplore.exe Viallisen moduulin
    polku: C:\Windows\SYSTEM32\ntdll.dll Raportin tunnus: f03d4823-2c79-11df-a210-001966bb5e2b

    Error - 10.3.2010 16:04:02 | Computer Name = Sini-PC | Source = Application Error | ID = 1000
    Description = Viallisen sovelluksen nimi: iexplore.exe, versio: 8.0.7600.16385,
    aikaleima: 0x4a5bc69e Viallisen moduulin nimi: ntdll.dll, versio: 6.1.7600.16385,
    aikaleima: 0x4a5bdadb Poikkeuskoodi: 0xc0000005 Virhepoikkeama: 0x00046b90 Viallisen
    prosessin tunnus: 0x1214 Viallisen sovelluksen käynnistysaika: 0x01cac08cbde8fc58
    Viallisen
    sovelluksen polku: C:\Program Files\Internet Explorer\iexplore.exe Viallisen moduulin
    polku: C:\Windows\SYSTEM32\ntdll.dll Raportin tunnus: 11dd8c29-2c80-11df-a210-001966bb5e2b

    Error - 11.3.2010 4:06:42 | Computer Name = Sini-PC | Source = FSecure-FSecure-F-Secure DeepGuard | ID = 103
    Description = 1 2010-03-11 10:06:42+03:00 SINI-PC SYSTEM F-Secure DeepGuard

    DeepGuard configuration was rejected. Old configuration will be used if possible.

    Error code: DAAS reject

    Error - 11.3.2010 5:16:36 | Computer Name = Sini-PC | Source = SideBySide | ID = 16842815
    Description = Aktivointikontekstin luonti epäonnistui (c:\Program Files\Common Files\Adobe
    AIR\Versions\1.0\Adobe AIR.dll). Virhe luettelo- tai käytäntötiedoston c:\Program
    Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll rivillä 3. Määritteen version
    arvo (MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR) ei kelpaa
    elementissä assemblyIdentity.

    Error - 11.3.2010 11:24:57 | Computer Name = Sini-PC | Source = FSecure-FSecure-F-Secure Anti-Virus | ID = 103
    Description = 2 2010-03-11 17:24:56+03:00 SINI-PC Sini-PC\Sini F-Secure Anti-Virus

    Malicious code found in file C:\Windows\System32\sshnas21.dll. Infection: Trojan.Generic.3313565


    Error - 11.3.2010 11:46:26 | Computer Name = Sini-PC | Source = Application Error | ID = 1000
    Description = Viallisen sovelluksen nimi: mbam.exe, versio: 1.44.0.0, aikaleima:
    0x4b46461a Viallisen moduulin nimi: ntdll.dll, versio: 6.1.7600.16385, aikaleima:
    0x4a5bdadb Poikkeuskoodi: 0xc0000005 Virhepoikkeama: 0x0005c74a Viallisen prosessin
    tunnus: 0x6a0 Viallisen sovelluksen käynnistysaika: 0x01cac12ecd93b5f4 Viallisen
    sovelluksen polku: C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe Viallisen
    moduulin polku: C:\Windows\SYSTEM32\ntdll.dll Raportin tunnus: 3fd4557a-2d25-11df-99ba-001966bb5e2b

    [ Media Center Events ]
    Error - 19.2.2010 7:06:41 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
    Description = 13:06:39 - Virhe muodostettaessa Internet-yhteyttä. 13:06:40 -
    Yhteyden muodostaminen palvelimeen ei onnistu..

    Error - 19.2.2010 7:11:14 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
    Description = 13:07:14 - Virhe muodostettaessa Internet-yhteyttä. 13:07:14 -
    Yhteyden muodostaminen palvelimeen ei onnistu..

    Error - 20.2.2010 10:48:31 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
    Description = 16:48:31 - Virhe muodostettaessa Internet-yhteyttä. 16:48:31 -
    Yhteyden muodostaminen palvelimeen ei onnistu..

    Error - 20.2.2010 10:49:04 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
    Description = 16:49:01 - Virhe muodostettaessa Internet-yhteyttä. 16:49:01 -
    Yhteyden muodostaminen palvelimeen ei onnistu..

    Error - 21.2.2010 11:00:55 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
    Description = 17:00:55 - Virhe muodostettaessa Internet-yhteyttä. 17:00:55 -
    Yhteyden muodostaminen palvelimeen ei onnistu..

    Error - 21.2.2010 11:01:04 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
    Description = 17:01:00 - Virhe muodostettaessa Internet-yhteyttä. 17:01:00 -
    Yhteyden muodostaminen palvelimeen ei onnistu..

    Error - 23.2.2010 1:22:28 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
    Description = 7:22:28 - Virhe muodostettaessa Internet-yhteyttä. 7:22:28 - Yhteyden
    muodostaminen palvelimeen ei onnistu..

    Error - 23.2.2010 1:22:38 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
    Description = 7:22:33 - Virhe muodostettaessa Internet-yhteyttä. 7:22:33 - Yhteyden
    muodostaminen palvelimeen ei onnistu..

    Error - 2.3.2010 5:43:49 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
    Description = 11:43:49 - Virhe muodostettaessa Internet-yhteyttä. 11:43:49 -
    Yhteyden muodostaminen palvelimeen ei onnistu..

    Error - 2.3.2010 5:43:58 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
    Description = 11:43:55 - Virhe muodostettaessa Internet-yhteyttä. 11:43:55 -
    Yhteyden muodostaminen palvelimeen ei onnistu..

    [ System Events ]
    Error - 16.1.2010 10:26:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7031
    Description = Palvelu Käyttäjäprofiilipalvelu on päättynyt odottamatta. Tämä on
    tapahtunut 1 kertaa. 120000 millisekunnin kuluttua suoritetaan seuraava korjaustoimi:
    Käynnistä palvelu uudelleen.

    Error - 16.1.2010 10:26:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7031
    Description = Palvelu Tehtävien ajoitus on päättynyt odottamatta. Tämä on tapahtunut
    1 kertaa. 60000 millisekunnin kuluttua suoritetaan seuraava korjaustoimi: Käynnistä
    palvelu uudelleen.

    Error - 16.1.2010 10:26:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7031
    Description = Palvelu Järjestelmätapahtumien ilmoituspalvelu on päättynyt odottamatta.
    Tämä on tapahtunut 1 kertaa. 120000 millisekunnin kuluttua suoritetaan seuraava
    korjaustoimi: Käynnistä palvelu uudelleen.

    Error - 16.1.2010 10:26:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7031
    Description = Palvelu Käyttöliittymän laitteistotunnistus on päättynyt odottamatta.
    Tämä on tapahtunut 1 kertaa. 60000 millisekunnin kuluttua suoritetaan seuraava
    korjaustoimi: Käynnistä palvelu uudelleen.

    Error - 16.1.2010 10:26:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7031
    Description = Palvelu Teemat on päättynyt odottamatta. Tämä on tapahtunut 1 kertaa.
    60000 millisekunnin kuluttua suoritetaan seuraava korjaustoimi: Käynnistä palvelu
    uudelleen.

    Error - 16.1.2010 10:26:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7031
    Description = Palvelu WMI-palvelu (Windows Management Instrumentation) on päättynyt
    odottamatta. Tämä on tapahtunut 1 kertaa. 120000 millisekunnin kuluttua suoritetaan
    seuraava korjaustoimi: Käynnistä palvelu uudelleen.

    Error - 16.1.2010 10:26:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7031
    Description = Palvelu Windows Update on päättynyt odottamatta. Tämä on tapahtunut
    1 kertaa. 60000 millisekunnin kuluttua suoritetaan seuraava korjaustoimi: Käynnistä
    palvelu uudelleen.

    Error - 16.1.2010 10:27:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7032
    Description = Palvelujen ohjauksen hallinta yritti suorittaa korjaustoimia (Käynnistä
    palvelu uudelleen) palvelun Palvelin odottamattoman lopettamisen jälkeen. Yritys
    epäonnistui ja tapahtui virhe: %%1056

    Error - 16.1.2010 10:28:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7032
    Description = Palvelujen ohjauksen hallinta yritti suorittaa korjaustoimia (Käynnistä
    palvelu uudelleen) palvelun Tietokoneiden selaus odottamattoman lopettamisen jälkeen.
    Yritys epäonnistui ja tapahtui virhe: %%1056

    Error - 16.1.2010 10:28:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7032
    Description = Palvelujen ohjauksen hallinta yritti suorittaa korjaustoimia (Käynnistä
    palvelu uudelleen) palvelun WMI-palvelu (Windows Management Instrumentation) odottamattoman
    lopettamisen jälkeen. Yritys epäonnistui ja tapahtui virhe: %%1056


    < End of report >
     
    toope92, 11.03.2010
    #10
  12. toope92

    toope92 Regular member

    Liittynyt:
    08.11.2006
    Viestejä:
    140
    Kiitokset:
    0
    Pisteet:
    26
    OTL logfile created on: 11.3.2010 17:49:46 - Run 1
    OTL by OldTimer - Version 3.1.36.1 Folder = C:\Users\Sini\Desktop
    Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.7600.16385)
    Locale: 0000040b | Country: Suomi | Language: FIN | Date Format: d.M.yyyy

    3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 68,00% Memory free
    7,00 Gb Paging File | 6,00 Gb Available in Paging File | 83,00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 931,51 Gb Total Space | 732,06 Gb Free Space | 78,59% Space Free | Partition Type: NTFS
    D: Drive not present or media not loaded
    E: Drive not present or media not loaded
    F: Drive not present or media not loaded
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded

    Computer Name: SINI-PC
    Current User Name: Sini
    Logged in as Administrator.

    Current Boot Mode: Normal
    Scan Mode: All users
    Company Name Whitelist: Off
    Skip Microsoft Files: Off
    File Age = 30 Days
    Output = Standard

    ========== Processes (SafeList) ==========

    PRC - [2010.03.11 17:47:34 | 000,554,496 | ---- | M] (OldTimer Tools) -- C:\Users\Sini\Desktop\OTL.exe
    PRC - [2010.03.06 10:36:53 | 000,356,960 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\fsav32.exe
    PRC - [2010.03.06 10:36:07 | 000,619,616 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\fssm32.exe
    PRC - [2010.03.06 10:36:06 | 000,480,352 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\fsgk32.exe
    PRC - [2010.03.06 10:28:03 | 000,055,992 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\ORSP Client\fsorsp.exe
    PRC - [2010.02.25 12:02:02 | 000,716,616 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
    PRC - [2010.02.25 11:59:54 | 001,047,880 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
    PRC - [2010.02.02 20:17:28 | 000,372,736 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
    PRC - [2010.02.02 20:16:58 | 000,172,032 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
    PRC - [2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
    PRC - [2009.08.10 15:59:50 | 000,178,720 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
    PRC - [2009.08.10 15:59:48 | 000,387,616 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
    PRC - [2009.08.05 17:58:52 | 000,186,976 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\Common\FSMA32.EXE
    PRC - [2009.08.05 17:58:50 | 000,199,264 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\Common\FSM32.EXE
    PRC - [2009.08.05 17:58:50 | 000,088,672 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\Common\FSHDLL32.EXE
    PRC - [2009.08.05 17:57:20 | 000,522,848 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\FWES\program\fsdfwd.exe
    PRC - [2009.08.05 17:56:10 | 000,215,648 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\fsgk32st.exe
    PRC - [2009.07.14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
    PRC - [2009.07.14 03:14:24 | 000,157,184 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Windows Defender\MpCmdRun.exe
    PRC - [2008.10.16 10:04:42 | 000,202,016 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Sonera\InternetAvustaja\bin\sprtsvc.exe
    PRC - [2007.07.24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe


    ========== Modules (SafeList) ==========

    MOD - [2010.03.11 17:47:34 | 000,554,496 | ---- | M] (OldTimer Tools) -- C:\Users\Sini\Desktop\OTL.exe
    MOD - [2009.07.14 03:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll
    MOD - [2009.07.14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll
    MOD - [2009.07.14 03:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll
    MOD - [2009.07.14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll
    MOD - [2009.07.14 03:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll
    MOD - [2009.07.14 03:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll
    MOD - [2009.07.14 03:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
    MOD - [2009.07.14 03:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll
    MOD - [2009.07.14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll
    MOD - [2009.07.14 03:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll
    MOD - [2009.07.14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll


    ========== Win32 Services (SafeList) ==========

    SRV - [2010.03.06 10:28:03 | 000,055,992 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files\Sonera\Sonera Tietoturva\ORSP Client\fsorsp.exe -- (FSORSPClient)
    SRV - [2010.03.05 16:33:51 | 002,462,256 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\rswin_3648.dll -- (Akamai)
    SRV - [2010.03.03 10:05:31 | 000,435,016 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)
    SRV - [2010.02.25 11:59:54 | 001,047,880 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
    SRV - [2010.02.25 11:56:02 | 000,030,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
    SRV - [2010.02.02 20:16:58 | 000,172,032 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
    SRV - [2009.08.21 15:47:14 | 030,510,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
    SRV - [2009.08.21 15:36:08 | 004,639,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
    SRV - [2009.08.10 15:59:50 | 000,178,720 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp)
    SRV - [2009.08.10 15:59:48 | 000,387,616 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM)
    SRV - [2009.08.05 17:58:52 | 000,186,976 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files\Sonera\Sonera Tietoturva\Common\FSMA32.EXE -- (FSMA)
    SRV - [2009.08.05 17:57:20 | 000,522,848 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files\Sonera\Sonera Tietoturva\FWES\Program\fsdfwd.exe -- (FSDFWD)
    SRV - [2009.08.05 17:56:10 | 000,215,648 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\fsgk32st.exe -- (F-Secure Gatekeeper Handler Starter)
    SRV - [2009.07.14 03:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)
    SRV - [2009.07.14 03:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
    SRV - [2009.07.14 03:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power)
    SRV - [2009.07.14 03:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
    SRV - [2009.07.14 03:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)
    SRV - [2009.07.14 03:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
    SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
    SRV - [2009.07.14 03:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)
    SRV - [2009.07.14 03:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
    SRV - [2009.07.14 03:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
    SRV - [2009.07.14 03:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
    SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
    SRV - [2009.07.14 03:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
    SRV - [2009.07.14 03:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
    SRV - [2009.07.14 03:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
    SRV - [2009.07.14 03:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc)
    SRV - [2009.07.14 03:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC)
    SRV - [2009.07.14 03:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) ActiveX-asennusohjelma (AxInstSV)
    SRV - [2009.07.14 03:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)
    SRV - [2009.07.14 03:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc)
    SRV - [2008.10.16 10:04:42 | 000,202,016 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Sonera\InternetAvustaja\bin\sprtsvc.exe -- (sprtsvc_sonera) SupportSoft Sprocket Service (sonera)
    SRV - [2008.10.16 10:02:58 | 000,382,320 | ---- | M] (SupportSoft, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\supportsoft\bin\ssrc.exe -- (SupportSoft RemoteAssist)
    SRV - [2008.05.21 13:42:56 | 000,064,000 | ---- | M] (Creative Technology Ltd) [Disabled | Stopped] -- C:\Program Files\Creative\Creative Centrale\CTUPnPSv.exe -- (CTUPnPSv)
    SRV - [2007.12.13 16:29:59 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
    SRV - [2007.07.24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
    SRV - [2007.04.02 08:15:40 | 000,061,440 | ---- | M] (Creative Technology Ltd) [Disabled | Stopped] -- C:\Program Files\Creative\Shared Files\CTDevSrv.exe -- (CTDevice_Srv)
    SRV - [2004.05.14 13:02:46 | 000,086,016 | ---- | M] (NetGroup - Politecnico di Torino) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)


    ========== Driver Services (SafeList) ==========

    DRV - [2010.03.10 16:16:42 | 000,021,584 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\atapi.sys -- (atapi)
    DRV - [2010.03.06 10:37:16 | 000,033,920 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\Drivers\fsbts.sys -- (fsbts)
    DRV - [2010.03.06 10:36:46 | 000,107,104 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\minifilter\fsgk.sys -- (F-Secure Gatekeeper)
    DRV - [2010.02.20 17:07:24 | 000,278,984 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
    DRV - [2010.02.20 17:06:41 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
    DRV - [2010.02.02 20:54:34 | 005,313,536 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
    DRV - [2010.02.02 20:54:34 | 005,313,536 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atipmdag.sys -- (amdkmdag)
    DRV - [2010.02.02 19:23:42 | 000,150,016 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
    DRV - [2010.01.28 15:33:30 | 000,100,352 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
    DRV - [2010.01.27 11:04:00 | 000,183,584 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService)
    DRV - [2010.01.21 01:59:58 | 000,020,864 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag)
    DRV - [2010.01.21 01:59:56 | 000,024,960 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem)
    DRV - [2010.01.21 01:59:56 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)
    DRV - [2010.01.07 16:07:14 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
    DRV - [2010.01.03 21:04:37 | 000,722,416 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
    DRV - [2009.12.19 02:31:32 | 000,073,312 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\adfs.sys -- (adfs)
    DRV - [2009.12.01 11:11:28 | 001,872,192 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\cmudax3.sys -- (cmuda3)
    DRV - [2009.11.10 14:55:08 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
    DRV - [2009.11.10 14:54:52 | 000,035,984 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
    DRV - [2009.11.09 05:21:18 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
    DRV - [2009.10.14 07:24:44 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
    DRV - [2009.08.05 17:58:30 | 000,068,064 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys -- (F-Secure HIPS)
    DRV - [2009.08.05 17:57:20 | 000,071,040 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\fsdfw.sys -- (FSFW)
    DRV - [2009.08.05 17:57:12 | 000,035,680 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\fses.sys -- (FSES)
    DRV - [2009.08.05 17:56:14 | 000,039,776 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\win2k\fsfilter.sys -- (F-Secure Filter)
    DRV - [2009.08.05 17:56:14 | 000,025,184 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\win2k\fsrec.sys -- (F-Secure Recognizer)
    DRV - [2009.08.05 17:56:12 | 000,012,384 | ---- | M] () [Kernel | System | Running] -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\minifilter\fsvista.sys -- (fsvista)
    DRV - [2009.07.30 17:12:54 | 000,287,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmf6232.sys -- (NVNET)
    DRV - [2009.07.14 03:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide)
    DRV - [2009.07.14 03:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci)
    DRV - [2009.07.14 03:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)
    DRV - [2009.07.14 03:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)
    DRV - [2009.07.14 03:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320)
    DRV - [2009.07.14 03:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas)
    DRV - [2009.07.14 03:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata)
    DRV - [2009.07.14 03:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc)
    DRV - [2009.07.14 03:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata)
    DRV - [2009.07.14 03:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide)
    DRV - [2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor)
    DRV - [2009.07.14 03:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid)
    DRV - [2009.07.14 03:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)
    DRV - [2009.07.14 03:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)
    DRV - [2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV)
    DRV - [2009.07.14 03:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)
    DRV - [2009.07.14 03:20:36 | 000,133,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg)
    DRV - [2009.07.14 03:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)
    DRV - [2009.07.14 03:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)
    DRV - [2009.07.14 03:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)
    DRV - [2009.07.14 03:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp)
    DRV - [2009.07.14 03:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas)
    DRV - [2009.07.14 03:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)
    DRV - [2009.07.14 03:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor)
    DRV - [2009.07.14 03:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx)
    DRV - [2009.07.14 03:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD)
    DRV - [2009.07.14 03:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)
    DRV - [2009.07.14 03:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)
    DRV - [2009.07.14 03:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp)
    DRV - [2009.07.14 03:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot)
    DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount)
    DRV - [2009.07.14 03:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide)
    DRV - [2009.07.14 03:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300)
    DRV - [2009.07.14 03:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)
    DRV - [2009.07.14 03:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)
    DRV - [2009.07.14 03:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)
    DRV - [2009.07.14 03:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw)
    DRV - [2009.07.14 03:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)
    DRV - [2009.07.14 03:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor)
    DRV - [2009.07.14 03:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG)
    DRV - [2009.07.14 02:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
    DRV - [2009.07.14 02:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\rdpbus.sys -- (rdpbus)
    DRV - [2009.07.14 02:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)
    DRV - [2009.07.14 01:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
    DRV - [2009.07.14 01:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)
    DRV - [2009.07.14 01:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)
    DRV - [2009.07.14 01:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)
    DRV - [2009.07.14 01:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\1394ohci.sys -- (1394ohci)
    DRV - [2009.07.14 01:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass)
    DRV - [2009.07.14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
    DRV - [2009.07.14 01:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)
    DRV - [2009.07.14 01:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)
    DRV - [2009.07.14 01:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus)
    DRV - [2009.07.14 01:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID)
    DRV - [2009.07.14 01:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter)
    DRV - [2009.07.14 01:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache)
    DRV - [2009.07.14 01:19:21 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HidBatt.sys -- (HidBatt)
    DRV - [2009.07.14 01:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi)
    DRV - [2009.07.14 01:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdppm.sys -- (AmdPPM)
    DRV - [2009.07.14 00:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir)
    DRV - [2009.07.14 00:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm)
    DRV - [2009.07.14 00:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer)
    DRV - [2009.07.14 00:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm)
    DRV - [2009.07.14 00:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo)
    DRV - [2009.07.14 00:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp)
    DRV - [2009.07.14 00:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
    DRV - [2009.07.14 00:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
    DRV - [2009.07.14 00:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv)
    DRV - [2009.07.14 00:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv)
    DRV - [2009.06.29 00:36:36 | 000,017,920 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
    DRV - [2008.12.12 15:27:46 | 000,018,432 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\LG Soft India\forteManager\bin\PII2CDriver.sys -- (LGII2CDevice)
    DRV - [2008.12.12 15:27:46 | 000,014,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\LG Soft India\forteManager\bin\I2CDriver.sys -- (LGDDCDevice)
    DRV - [2008.01.19 05:55:22 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\irsir.sys -- (irsir)
    DRV - [2007.04.17 20:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\regi.sys -- (regi)
    DRV - [2004.05.14 11:37:10 | 000,032,896 | ---- | M] (NetGroup - Politecnico di Torino) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\npf.sys -- (NPF)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========



    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



    IE - HKU\S-1-5-21-3761315706-44459061-675875969-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com?o=15161&l=dis
    IE - HKU\S-1-5-21-3761315706-44459061-675875969-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fi.msn.com/?ocid=iehp
    IE - HKU\S-1-5-21-3761315706-44459061-675875969-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fi
    IE - HKU\S-1-5-21-3761315706-44459061-675875969-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 59 2D 93 5E EC 6D CA 01 [binary data]
    IE - HKU\S-1-5-21-3761315706-44459061-675875969-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    ========== FireFox ==========

    FF - prefs.js..browser.search.defaultengine: "Ask.com"
    FF - prefs.js..browser.search.defaultenginename: "Ask.com"
    FF - prefs.js..browser.search.defaultthis.engineName: "BS Player Customized Web Search"
    FF - prefs.js..browser.search.defaulturl: "http://www3.iamwired.net/websearch.php?src=tops&search="
    FF - prefs.js..browser.search.order.1: "Ask.com"
    FF - prefs.js..browser.search.selectedEngine: "Torrents.to"
    FF - prefs.js..browser.search.update: false
    FF - prefs.js..browser.search.useDBForOrder: true
    FF - prefs.js..browser.startup.homepage: "http://www.google.fi/"
    FF - prefs.js..extensions.enabledItems: {80155943-b083-a2cf-0350-54d3b1be1609}:4.6.6.4
    FF - prefs.js..keyword.URL: ""
    FF - prefs.js..network.proxy.no_proxies_on: "*.local"


    FF - HKLM\software\mozilla\Firefox\Extensions\\FFToolbar@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2010\bdaphffext\ [2010.03.06 10:33:01 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Firefox\Extensions\\litmus-ff@f-secure.com: C:\Program Files\Sonera\Sonera Tietoturva\NRS\litmus-ff@f-secure.com [2010.03.06 10:23:23 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.03.11 10:51:52 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.03.11 10:56:18 | 000,000,000 | ---D | M]

    [2009.12.23 03:15:53 | 000,000,000 | ---D | M] -- C:\Users\Sini\AppData\Roaming\mozilla\Extensions
    [2009.12.23 03:15:53 | 000,000,000 | ---D | M] -- C:\Users\Sini\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org
    [2010.03.11 17:24:40 | 000,000,000 | ---D | M] -- C:\Users\Sini\AppData\Roaming\mozilla\Firefox\Profiles\k20tmfqy.default\extensions
    [2010.01.23 17:01:58 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Sini\AppData\Roaming\mozilla\Firefox\Profiles\k20tmfqy.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
    [2009.12.24 14:49:06 | 000,000,000 | ---D | M] (Fasterfox) -- C:\Users\Sini\AppData\Roaming\mozilla\Firefox\Profiles\k20tmfqy.default\extensions\{c36177c0-224a-11da-8cd6-0800200c9a91}
    [2010.01.23 17:01:58 | 000,000,000 | ---D | M] (FoxTab) -- C:\Users\Sini\AppData\Roaming\mozilla\Firefox\Profiles\k20tmfqy.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
    [2010.01.27 23:30:56 | 000,000,000 | ---D | M] -- C:\Users\Sini\AppData\Roaming\mozilla\Firefox\Profiles\k20tmfqy.default\extensions\fsonlinescanner@f-secure.com
    [2010.01.23 17:01:58 | 000,000,000 | ---D | M] -- C:\Users\Sini\AppData\Roaming\mozilla\Firefox\Profiles\k20tmfqy.default\extensions\personas@christopher.beard
    [2010.03.11 17:18:44 | 000,002,257 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\Mozilla\FireFox\Profiles\k20tmfqy.default\searchplugins\askcom.xml
    [2009.12.24 20:57:14 | 000,002,367 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\Mozilla\FireFox\Profiles\k20tmfqy.default\searchplugins\photobucket.xml
    [2010.03.09 17:57:08 | 000,000,261 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\Mozilla\FireFox\Profiles\k20tmfqy.default\searchplugins\Search.xml
    [2009.12.02 18:49:43 | 000,000,897 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\Mozilla\FireFox\Profiles\k20tmfqy.default\searchplugins\torrentsto.xml
    [2010.01.22 19:04:02 | 000,001,713 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\Mozilla\FireFox\Profiles\k20tmfqy.default\searchplugins\youtube-video-search.xml
    [2010.03.11 17:19:18 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
    [2010.03.09 18:35:10 | 000,000,000 | ---D | M] (LoudMo Contextual Ad Assistant) -- C:\Program Files\Mozilla Firefox\extensions\{80155943-b083-a2cf-0350-54d3b1be1609}
    [2010.01.16 03:19:09 | 000,002,062 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bookplus-fi.xml
    [2010.01.16 03:19:09 | 000,001,069 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons-fi.xml
    [2010.01.16 03:19:09 | 000,002,677 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\huuto-fi.xml
    [2010.01.16 03:19:09 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fi.xml
    [2010.01.16 03:19:09 | 000,000,796 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-fi.xml

    O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
    O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
    O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    O2 - BHO: (Browsing Protection Class) - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files\Sonera\Sonera Tietoturva\NRS\iescript\BaseLitmus.dll (F-Secure Corporation)
    O2 - BHO: (gwprimawega) - {da9e5a55-a1a2-1b97-026f-b233372fee2e} - C:\Windows\System32\p0_aPIH.dll ()
    O3 - HKLM\..\Toolbar: (Browsing Protection Toolbar) - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files\Sonera\Sonera Tietoturva\NRS\iescript\BaseLitmus.dll (F-Secure Corporation)
    O3 - HKU\S-1-5-21-3761315706-44459061-675875969-1001\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
    O4 - HKLM..\Run: [CmPCIaudio] File not found
    O4 - HKLM..\Run: [F-Secure Manager] C:\Program Files\Sonera\Sonera Tietoturva\Common\FSM32.EXE (F-Secure Corporation)
    O4 - HKLM..\Run: [F-Secure TNB] C:\Program Files\Sonera\Sonera Tietoturva\FSGUI\TNBUtil.exe (F-Secure Corporation)
    O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
    O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
    O4 - HKU\.DEFAULT..\Run: [cbssreg] C:\Windows\TEMP\nytf.tmp\svchost.exe File not found
    O4 - HKU\S-1-5-18..\Run: [cbssreg] C:\Windows\TEMP\nytf.tmp\svchost.exe File not found
    O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe File not found
    O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe File not found
    O4 - HKU\S-1-5-21-3761315706-44459061-675875969-1001..\Run: [FileHippo.com] C:\Program Files\FileHippo.com\UpdateChecker.exe (FileHippo.com)
    O4 - HKU\S-1-5-21-3761315706-44459061-675875969-1001..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
    O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
    O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
    O4 - Startup: C:\Users\Sini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe (Lime Wire, LLC)
    O4 - Startup: C:\Users\Sini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\update.exe ()
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
    O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
    O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
    O13 - gopher Prefix: missing
    O15 - HKU\S-1-5-21-3761315706-44459061-675875969-1001\..Trusted Domains: corel.com ([]http in Trusted sites)
    O15 - HKU\S-1-5-21-3761315706-44459061-675875969-1001\..Trusted Domains: corel.com ([www] * in Trusted sites)
    O15 - HKU\S-1-5-21-3761315706-44459061-675875969-1001\..Trusted Domains: intervideo.com ([]http in Trusted sites)
    O15 - HKU\S-1-5-21-3761315706-44459061-675875969-1001\..Trusted Domains: intervideo.com ([www] * in Trusted sites)
    O16 - DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} http://srtest-cdn.systemrequirementslab.com.s3.amazonaws.com/bin/sysreqlabdetect.cab (Reg Error: Key error.)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
    O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
    O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15111/CTPID.cab (Creative Software AutoUpdate Support Package)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254
    O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
    O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O20 - HKU\S-1-5-21-3761315706-44459061-675875969-1001 Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20 - HKU\S-1-5-21-3761315706-44459061-675875969-1001 Winlogon: Shell - (C:\Users\Sini\AppData\Roaming\ufxw.exe) - C:\Users\Sini\AppData\Roaming\ufxw.exe File not found
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
    O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
    O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O33 - MountPoints2\I\Shell - "" = AutoRun
    O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\Autorun.exe -- File not found
    O33 - MountPoints2\J\Shell - "" = AutoRun
    O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\Autorun.exe -- File not found
    O33 - MountPoints2\K\Shell - "" = AutoRun
    O34 - HKLM BootExecute: (autocheck autochk /r \??\F:) - File not found
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O34 - HKLM BootExecute: (sasnative32) - File not found
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*

    ========== Files/Folders - Created Within 30 Days ==========

    [2010.03.11 17:47:34 | 000,554,496 | ---- | C] (OldTimer Tools) -- C:\Users\Sini\Desktop\OTL.exe
    [2010.03.10 16:49:11 | 000,000,000 | ---D | C] -- C:\Users\Sini\Tracing
    [2010.03.09 20:58:43 | 000,705,536 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\cohelper.dll
    [2010.03.09 19:14:02 | 002,622,496 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkHDMI.dll
    [2010.03.09 19:14:02 | 000,355,528 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32H.dll
    [2010.03.09 19:14:02 | 000,183,584 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RtHDMIV.sys
    [2010.03.09 19:14:02 | 000,073,928 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32H.dll
    [2010.03.09 19:14:01 | 000,168,648 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32H.dll
    [2010.03.09 19:14:01 | 000,062,664 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32H.dll
    [2010.03.09 19:14:00 | 001,640,480 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RHDMIExt.dll
    [2010.03.09 19:14:00 | 000,293,600 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RH3DHT32.dll
    [2010.03.09 19:14:00 | 000,293,600 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RH3DAA32.dll
    [2010.03.09 19:14:00 | 000,057,376 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RHCoInst.dll
    [2010.03.09 19:14:00 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
    [2010.03.09 19:13:52 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp
    [2010.03.09 19:11:56 | 000,000,000 | ---D | C] -- C:\SMU
    [2010.03.09 19:11:56 | 000,000,000 | ---D | C] -- C:\SMBUS
    [2010.03.09 19:11:54 | 000,000,000 | ---D | C] -- C:\IDE
    [2010.03.09 19:11:54 | 000,000,000 | ---D | C] -- C:\Ethernet
    [2010.03.09 17:27:11 | 000,000,000 | ---D | C] -- C:\Users\Sini\Documents\DriverGenius
    [2010.03.09 17:03:19 | 000,000,000 | ---D | C] -- C:\Program Files\Driver-Soft
    [2010.03.09 07:09:41 | 003,955,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
    [2010.03.09 07:09:41 | 003,899,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
    [2010.03.08 20:27:42 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
    [2010.03.08 17:22:58 | 000,000,000 | ---D | C] -- C:\Program Files\TrendMicro
    [2010.03.08 04:51:36 | 000,000,000 | ---D | C] -- C:\SDFix
    [2010.03.08 04:50:41 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
    [2010.03.08 04:47:05 | 000,000,000 | ---D | C] -- C:\Windows\Sun
    [2010.03.07 19:54:36 | 000,000,000 | ---D | C] -- C:\Users\Sini\AppData\Local\Stay Secure
    [2010.03.07 16:43:44 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
    [2010.03.07 16:37:07 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
    [2010.03.07 16:37:06 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
    [2010.03.07 16:37:06 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
    [2010.03.06 10:31:35 | 000,000,000 | -HSD | C] -- C:\Config.Msi
    [2010.03.06 10:24:13 | 000,035,680 | ---- | C] (F-Secure Corporation) -- C:\Windows\System32\drivers\fses.sys
    [2010.03.06 10:24:08 | 000,572,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcp50.dll
    [2010.03.06 10:24:08 | 000,071,040 | ---- | C] (F-Secure Corporation) -- C:\Windows\System32\drivers\fsdfw.sys
    [2010.03.06 09:46:08 | 000,000,000 | ---D | C] -- C:\Users\Sini\Documents\My Drivers
    [2010.03.05 13:33:38 | 000,000,000 | ---D | C] -- C:\Users\Sini\Documents\Adobe Scripts
    [2010.03.05 10:24:58 | 000,016,400 | ---- | C] (Logitech, Inc.) -- C:\Windows\System32\drivers\LNonPnP.sys
    [2010.03.05 10:24:41 | 001,581,072 | ---- | C] (Logitech, Inc.) -- C:\Windows\System32\LkmdfCoInst.dll
    [2010.03.05 10:24:41 | 000,052,240 | ---- | C] (Logitech, Inc.) -- C:\Windows\System32\LMouFiltCoInst.dll
    [2010.03.05 10:24:41 | 000,037,392 | ---- | C] (Logitech, Inc.) -- C:\Windows\System32\drivers\LMouFilt.Sys
    [2010.03.05 10:24:40 | 000,035,984 | ---- | C] (Logitech, Inc.) -- C:\Windows\System32\drivers\LHidFilt.Sys
    [2010.03.04 15:38:01 | 000,000,000 | ---D | C] -- C:\Program Files\The Sims Resource
    [2010.03.04 14:50:34 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
    [2010.03.04 14:40:01 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
    [2010.03.03 20:00:17 | 000,274,432 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\Oemdspif.dll
    [2010.03.03 20:00:17 | 000,100,352 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\drivers\AtiHdmi.sys
    [2010.03.03 20:00:17 | 000,050,176 | ---- | C] (AMD) -- C:\Windows\System32\coinst.dll
    [2010.03.03 20:00:17 | 000,027,136 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiuxpag.dll
    [2010.03.03 20:00:16 | 000,020,480 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiu9pag.dll
    [2010.03.03 20:00:15 | 000,356,352 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\atipdlxx.dll
    [2010.03.03 20:00:15 | 000,159,744 | ---- | C] (AMD) -- C:\Windows\System32\atitmmxx.dll
    [2010.03.03 20:00:12 | 014,147,072 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atioglxx.dll
    [2010.03.03 20:00:07 | 005,313,536 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\atipmdag.sys
    [2010.03.03 20:00:07 | 005,313,536 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\atikmdag.sys
    [2010.03.03 20:00:07 | 000,150,016 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\drivers\atikmpag.sys
    [2010.03.03 20:00:07 | 000,052,224 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atimpc32.dll
    [2010.03.03 20:00:07 | 000,052,224 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\amdpcom32.dll
    [2010.03.03 20:00:07 | 000,011,776 | ---- | C] (AMD) -- C:\Windows\System32\atimuixx.dll
    [2010.03.03 20:00:06 | 000,446,464 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIDEMGX.dll
    [2010.03.03 20:00:06 | 000,014,848 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atigktxx.dll
    [2010.03.03 20:00:06 | 000,012,800 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiglpxx.dll
    [2010.03.03 20:00:05 | 003,649,536 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticaldd.dll
    [2010.03.03 20:00:05 | 000,426,496 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\System32\aticfx32.dll
    [2010.03.03 20:00:05 | 000,143,360 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiapfxx.exe
    [2010.03.03 20:00:05 | 000,053,248 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalrt.dll
    [2010.03.03 20:00:05 | 000,053,248 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalcl.dll
    [2010.03.03 20:00:04 | 000,053,248 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\ati2erec.dll
    [2010.03.03 20:00:04 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\ati2edxx.dll
    [2010.03.03 12:59:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Protexis
    [2010.03.03 12:58:53 | 000,000,000 | ---D | C] -- C:\Program Files\Corel
    [2010.03.03 11:22:44 | 000,000,000 | ---D | C] -- C:\KU990
    [2010.03.03 11:19:08 | 000,000,000 | ---D | C] -- C:\LG_USB
    [2010.03.03 11:15:35 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml4a.dll
    [2010.03.03 11:15:16 | 000,000,000 | ---D | C] -- C:\ProgramData\LGMOBILEAX
    [2010.03.03 10:34:51 | 000,055,824 | ---- | C] (Logitech, Inc.) -- C:\Windows\KHALMNPR.Exe
    [2010.03.03 10:18:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
    [2010.03.03 10:05:37 | 000,030,024 | ---- | C] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll
    [2010.03.03 10:05:37 | 000,021,320 | ---- | C] (TuneUp Software) -- C:\Windows\System32\authuitu.dll
    [2010.03.03 10:01:40 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
    [2010.03.03 10:01:37 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
    [2010.03.03 10:01:37 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
    [2010.03.03 10:01:37 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
    [2010.03.03 10:01:33 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll
    [2010.03.03 10:01:33 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
    [2010.03.03 10:01:33 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll
    [2010.03.03 10:01:33 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
    [2010.03.03 10:01:31 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
    [2010.03.03 10:01:31 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
    [2010.03.03 10:01:31 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
    [2010.03.03 10:01:31 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
    [2010.03.03 10:01:31 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
    [2010.03.03 10:01:31 | 000,277,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
    [2010.03.03 10:01:31 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
    [2010.03.03 10:01:31 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
    [2010.03.03 10:01:29 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
    [2010.02.09 23:30:57 | 000,000,000 | ---D | C] -- C:\Users\Sini\AppData\Roaming\InstallShield
    [2010.02.09 23:23:07 | 000,000,000 | -H-D | C] -- C:\LG3G
    [2010.02.09 23:20:23 | 000,000,000 | ---D | C] -- C:\lgupload
    [2010.02.09 23:00:14 | 000,024,960 | ---- | C] (LG Electronics Inc.) -- C:\Windows\System32\drivers\lgusbmodem.sys
    [2010.02.09 23:00:14 | 000,020,864 | ---- | C] (LG Electronics Inc.) -- C:\Windows\System32\drivers\lgusbdiag.sys
    [2010.02.09 23:00:14 | 000,013,056 | ---- | C] (LG Electronics Inc.) -- C:\Windows\System32\drivers\lgusbbus.sys
    [2010.02.09 23:00:13 | 000,000,000 | ---D | C] -- C:\Program Files\LG Electronics
    [2010.02.09 22:58:49 | 000,000,000 | ---D | C] -- C:\Program Files\LG PC Suite 2
    [2010.02.09 22:05:04 | 000,000,000 | ---D | C] -- C:\Windows\pss
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2010.03.11 17:51:09 | 003,670,016 | ---- | M] () -- C:\Users\Sini\ntuser.dat
    [2010.03.11 17:47:34 | 000,554,496 | ---- | M] (OldTimer Tools) -- C:\Users\Sini\Desktop\OTL.exe
    [2010.03.11 17:32:18 | 000,014,608 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2010.03.11 17:32:18 | 000,014,608 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2010.03.11 17:22:50 | 000,000,975 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
    [2010.03.11 10:53:23 | 000,001,815 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk
    [2010.03.11 10:06:52 | 000,000,574 | ---- | M] () -- C:\Windows\tasks\Scheduled scanning task.job
    [2010.03.11 10:06:24 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
    [2010.03.11 10:06:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2010.03.10 23:48:17 | 001,144,078 | -H-- | M] () -- C:\Users\Sini\AppData\Local\IconCache.db
    [2010.03.10 18:33:27 | 000,000,466 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_021.cplist
    [2010.03.10 18:33:24 | 000,002,516 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys
    [2010.03.10 18:27:55 | 000,000,466 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_020.cplist
    [2010.03.10 17:18:06 | 000,000,480 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_019.cplist
    [2010.03.10 17:07:51 | 000,000,466 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_018.cplist
    [2010.03.10 16:48:16 | 000,000,522 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_017.cplist
    [2010.03.10 16:39:45 | 437,169,378 | ---- | M] () -- C:\Windows\MEMORY.DMP
    [2010.03.10 16:16:42 | 000,021,584 | ---- | M] () -- C:\Windows\System32\drivers\atapi.sys
    [2010.03.09 21:01:02 | 001,243,400 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
    [2010.03.09 21:01:02 | 000,616,736 | ---- | M] () -- C:\Windows\System32\perfh009.dat
    [2010.03.09 21:01:02 | 000,442,586 | ---- | M] () -- C:\Windows\System32\perfh00B.dat
    [2010.03.09 21:01:02 | 000,107,828 | ---- | M] () -- C:\Windows\System32\perfc009.dat
    [2010.03.09 21:01:02 | 000,083,000 | ---- | M] () -- C:\Windows\System32\perfc00B.dat
    [2010.03.09 19:14:17 | 000,000,246 | ---- | M] () -- C:\Windows\Cmicnfg3.ini.cfl
    [2010.03.09 19:14:17 | 000,000,168 | ---- | M] () -- C:\Windows\Cmicnfg3.ini.imi
    [2010.03.09 19:14:17 | 000,000,136 | ---- | M] () -- C:\Windows\System\Dlap.pfx
    [2010.03.09 19:13:35 | 000,000,107 | ---- | M] () -- C:\Windows\System\Cmicnfg3.ini
    [2010.03.09 18:35:11 | 000,118,375 | ---- | M] () -- C:\Windows\System32\MSF_RIUNyS3.exe
    [2010.03.09 17:58:41 | 002,760,844 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\update.exe
    [2010.03.08 23:34:07 | 000,196,608 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
    [2010.03.08 23:33:56 | 000,524,288 | -HS- | M] () -- C:\Users\Sini\ntuser.dat{d4828c67-2ac3-11df-9e1b-001966bb5e2b}.TMContainer00000000000000000002.regtrans-ms
    [2010.03.08 23:33:56 | 000,524,288 | -HS- | M] () -- C:\Users\Sini\ntuser.dat{d4828c67-2ac3-11df-9e1b-001966bb5e2b}.TMContainer00000000000000000001.regtrans-ms
    [2010.03.08 23:33:56 | 000,065,536 | -HS- | M] () -- C:\Users\Sini\ntuser.dat{d4828c67-2ac3-11df-9e1b-001966bb5e2b}.TM.blf
    [2010.03.07 20:12:07 | 000,000,514 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_016.cplist
    [2010.03.07 20:11:41 | 000,000,498 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_015.cplist
    [2010.03.07 19:54:33 | 000,000,562 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_014.cplist
    [2010.03.07 16:18:57 | 000,000,466 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_013.cplist
    [2010.03.07 15:15:38 | 000,000,490 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_012.cplist
    [2010.03.07 10:49:53 | 000,000,486 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_011.cplist
    [2010.03.07 10:49:13 | 000,000,514 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_010.cplist
    [2010.03.06 22:12:01 | 000,000,582 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_009.cplist
    [2010.03.06 22:10:45 | 000,000,452 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_008.cplist
    [2010.03.06 22:09:53 | 000,000,582 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_007.cplist
    [2010.03.06 22:08:50 | 000,000,510 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_006.cplist
    [2010.03.06 20:32:44 | 000,000,498 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_005.cplist
    [2010.03.06 18:00:35 | 000,000,564 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_004.cplist
    [2010.03.06 13:05:40 | 000,000,522 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_003.cplist
    [2010.03.06 10:44:37 | 000,016,400 | ---- | M] (Logitech, Inc.) -- C:\Windows\System32\drivers\LNonPnP.sys
    [2010.03.06 10:37:16 | 000,033,920 | ---- | M] () -- C:\Windows\System32\drivers\fsbts.sys
    [2010.03.06 10:31:37 | 000,000,052 | ---- | M] () -- C:\Windows\System32\ashttpstats.csv
    [2010.03.05 17:29:59 | 000,000,496 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_002.cplist
    [2010.03.05 17:07:49 | 000,000,562 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_001.cplist
    [2010.03.04 10:06:23 | 002,353,664 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\phar_unmip.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\phar_histprot.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_video.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_webproxy.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_tabloids.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_socialnetworks.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_searchengines.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_regionaltlds.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_pornography.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_onlineshop.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_onlinepay.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_onlinedating.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_news.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_im.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_illegal.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_hate.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_games.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_gambling.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_drugs.dat
    [2010.03.03 12:59:57 | 000,115,248 | ---- | M] () -- C:\Users\Sini\AppData\Local\GDIPFONTCACHEV1.DAT
    [2010.03.03 12:06:44 | 000,000,025 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\bdfvconp.ini
    [2010.03.03 11:15:58 | 000,002,412 | ---- | M] () -- C:\Windows\System32\lgAxconfig.ini
    [2010.03.03 10:42:16 | 000,000,132 | ---- | M] () -- C:\Windows\System32\rezumatenoi.dat
    [2010.03.03 10:38:08 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
    [2010.03.03 10:18:28 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcp71.dll
    [2010.03.03 10:18:28 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcr71.dll
    [2010.03.03 09:58:58 | 000,008,284 | ---- | M] () -- C:\Windows\System32\eps_icon.avi
    [2010.02.25 12:03:02 | 000,030,536 | ---- | M] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe
    [2010.02.25 11:56:16 | 000,021,320 | ---- | M] (TuneUp Software) -- C:\Windows\System32\authuitu.dll
    [2010.02.25 11:56:02 | 000,030,024 | ---- | M] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll
    [2010.02.24 09:16:06 | 000,181,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
    [2010.02.20 17:07:24 | 000,278,984 | ---- | M] () -- C:\Windows\System32\drivers\atksgt.sys
    [2010.02.20 17:06:41 | 000,025,416 | ---- | M] () -- C:\Windows\System32\drivers\lirsgt.sys
    [2010.02.18 13:42:24 | 001,290,240 | ---- | M] () -- C:\Windows\System32\p0_aPIH.dll
    [2010.02.11 09:10:14 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2010.03.11 17:22:50 | 000,000,975 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
    [2010.03.11 10:53:23 | 000,001,815 | ---- | C] () -- C:\Users\Sini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk
    [2010.03.10 18:33:27 | 000,000,466 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_021.cplist
    [2010.03.10 18:27:55 | 000,000,466 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_020.cplist
    [2010.03.10 17:14:46 | 000,000,480 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_019.cplist
    [2010.03.10 17:07:51 | 000,000,466 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_018.cplist
    [2010.03.10 16:48:16 | 000,000,522 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_017.cplist
    [2010.03.09 23:08:45 | 437,169,378 | ---- | C] () -- C:\Windows\MEMORY.DMP
    [2010.03.09 20:58:43 | 000,006,136 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
    [2010.03.09 17:58:09 | 002,760,844 | ---- | C] () -- C:\Users\Sini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\update.exe
    [2010.03.09 17:57:01 | 000,118,375 | ---- | C] () -- C:\Windows\System32\MSF_RIUNyS3.exe
    [2010.03.08 17:34:09 | 000,524,288 | -HS- | C] () -- C:\Users\Sini\ntuser.dat{d4828c67-2ac3-11df-9e1b-001966bb5e2b}.TMContainer00000000000000000002.regtrans-ms
    [2010.03.08 17:34:09 | 000,524,288 | -HS- | C] () -- C:\Users\Sini\ntuser.dat{d4828c67-2ac3-11df-9e1b-001966bb5e2b}.TMContainer00000000000000000001.regtrans-ms
    [2010.03.08 17:34:09 | 000,065,536 | -HS- | C] () -- C:\Users\Sini\ntuser.dat{d4828c67-2ac3-11df-9e1b-001966bb5e2b}.TM.blf
    [2010.03.07 20:12:07 | 000,000,514 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_016.cplist
    [2010.03.07 20:11:41 | 000,000,498 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_015.cplist
    [2010.03.07 19:54:33 | 000,000,562 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_014.cplist
    [2010.03.07 15:16:36 | 000,000,466 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_013.cplist
    [2010.03.07 15:15:38 | 000,000,490 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_012.cplist
    [2010.03.07 10:49:53 | 000,000,486 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_011.cplist
    [2010.03.07 10:49:13 | 000,000,514 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_010.cplist
    [2010.03.06 22:12:01 | 000,000,582 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_009.cplist
    [2010.03.06 22:10:45 | 000,000,452 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_008.cplist
    [2010.03.06 22:09:53 | 000,000,582 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_007.cplist
    [2010.03.06 22:08:50 | 000,000,510 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_006.cplist
    [2010.03.06 20:32:44 | 000,000,498 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_005.cplist
    [2010.03.06 18:00:35 | 000,000,564 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_004.cplist
    [2010.03.06 13:05:40 | 000,000,522 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_003.cplist
    [2010.03.06 10:40:52 | 000,000,574 | ---- | C] () -- C:\Windows\tasks\Scheduled scanning task.job
    [2010.03.06 10:24:39 | 000,033,920 | ---- | C] () -- C:\Windows\System32\drivers\fsbts.sys
    [2010.03.05 17:29:59 | 000,000,496 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_002.cplist
    [2010.03.05 17:07:49 | 000,000,562 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_001.cplist
    [2010.03.05 10:32:29 | 000,000,052 | ---- | C] () -- C:\Windows\System32\ashttpstats.csv
    [2010.03.03 20:00:16 | 000,491,104 | ---- | C] () -- C:\Windows\System32\atiumdva.cap
    [2010.03.03 20:00:15 | 000,001,035 | ---- | C] () -- C:\Windows\System32\atipblag.dat
    [2010.03.03 20:00:08 | 000,020,274 | ---- | C] () -- C:\Windows\atiogl.xml
    [2010.03.03 20:00:06 | 000,198,341 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
    [2010.03.03 20:00:05 | 000,031,240 | ---- | C] () -- C:\Windows\System32\atiapfxx.blb
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\phar_unmip.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\phar_histprot.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_video.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_webproxy.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_tabloids.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_socialnetworks.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_searchengines.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_regionaltlds.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_pornography.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_onlineshop.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_onlinepay.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_onlinedating.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_news.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_im.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_illegal.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_hate.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_games.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_gambling.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_drugs.dat
    [2010.03.03 12:06:44 | 000,000,025 | ---- | C] () -- C:\Users\Sini\AppData\Roaming\bdfvconp.ini
    [2010.03.03 11:15:35 | 000,053,248 | ---- | C] () -- C:\Windows\System32\CommonDL.dll
    [2010.03.03 11:15:35 | 000,002,412 | ---- | C] () -- C:\Windows\System32\lgAxconfig.ini
    [2010.03.03 10:38:08 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
    [2010.02.20 17:06:42 | 000,278,984 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
    [2010.02.20 17:06:41 | 000,025,416 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
    [2010.02.18 13:42:24 | 001,290,240 | ---- | C] () -- C:\Windows\System32\p0_aPIH.dll
    [2010.01.20 21:29:05 | 000,000,008 | RHS- | C] () -- C:\ProgramData\DA2827B44C.sys
    [2010.01.20 21:29:04 | 000,002,516 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
    [2010.01.03 21:04:37 | 000,722,416 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
    [2009.12.26 18:13:11 | 000,151,552 | ---- | C] () -- C:\Windows\System32\nvRegDev.dll
    [2009.12.18 20:29:26 | 000,237,568 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
    [2009.12.18 19:47:12 | 000,026,112 | ---- | C] () -- C:\Users\Sini\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2009.12.03 18:49:16 | 000,007,605 | ---- | C] () -- C:\Users\Sini\AppData\Local\Resmon.ResmonCfg
    [2009.12.01 19:03:03 | 000,003,733 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
    [2009.11.26 22:38:15 | 000,008,704 | ---- | C] () -- C:\Windows\System32\CNMVS7I.DLL
    [2009.11.26 17:11:39 | 000,000,246 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.cfl
    [2009.11.26 17:10:57 | 000,303,104 | ---- | C] () -- C:\Windows\System32\CmiInstallResAll.dll
    [2009.11.26 17:10:57 | 000,002,123 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.cfg
    [2009.11.26 17:10:57 | 000,000,168 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.imi
    [2009.11.26 17:10:56 | 000,002,754 | ---- | C] () -- C:\Windows\cmudax3.ini
    [2009.11.25 22:39:58 | 000,000,266 | ---- | C] () -- C:\Windows\lgfwup.ini
    [2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
    [2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
    [2009.07.14 01:11:15 | 000,021,584 | ---- | C] () -- C:\Windows\System32\drivers\atapi.sys
    [2009.06.19 20:06:22 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
    [2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
    [2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
    [2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
    [2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
    [2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
    [2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
    [2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
    [2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
    [2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
    [2006.10.11 05:33:58 | 000,010,288 | ---- | C] () -- C:\Windows\System32\drivers\ASUSHWIO.SYS
    [2005.02.25 06:15:00 | 000,159,744 | ---- | C] () -- C:\Windows\System32\EPSPTDV.DLL
    [2004.01.15 07:01:26 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll
    < End of report >



    OTL Extras logfile created on: 11.3.2010 17:49:46 - Run 1
    OTL by OldTimer - Version 3.1.36.1 Folder = C:\Users\Sini\Desktop
    Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.7600.16385)
    Locale: 0000040b | Country: Suomi | Language: FIN | Date Format: d.M.yyyy

    3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 68,00% Memory free
    7,00 Gb Paging File | 6,00 Gb Available in Paging File | 83,00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 931,51 Gb Total Space | 732,06 Gb Free Space | 78,59% Space Free | Partition Type: NTFS
    D: Drive not present or media not loaded
    E: Drive not present or media not loaded
    F: Drive not present or media not loaded
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded

    Computer Name: SINI-PC
    Current User Name: Sini
    Logged in as Administrator.

    Current Boot Mode: Normal
    Scan Mode: All users
    Company Name Whitelist: Off
    Skip Microsoft Files: Off
    File Age = 30 Days
    Output = Standard

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
    .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

    [HKEY_USERS\S-1-5-21-3761315706-44459061-675875969-1001\SOFTWARE\Classes\<extension>]
    .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

    ========== Shell Spawning ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
    htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
    htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = Reg Error: Unknown registry data type -- File not found
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    ========== Authorized Applications List ==========


    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
    "{022F6097-A053-4B1B-BE50-3AADE4116B92}" = Opera 10.50
    "{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
    "{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
    "{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
    "{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
    "{0BB72566-0D4C-7200-2CE7-02F298B49C88}" = CCC Help English
    "{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
    "{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
    "{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
    "{110AD51E-D0E0-49B1-52FD-291373BA62EA}" = Catalyst Control Center Graphics Full New
    "{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
    "{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
    "{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
    "{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
    "{1B2DBF55-05D4-4072-87D8-689141E262BD}" = Creative ZEN
    "{1E99F5D7-4262-4C7C-9135-F066E7485811}" = System Requirements Lab
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{20071984-5EB1-4881-8EDB-082532ACEC6D}" = Heroes of Might and Magic V
    "{20140000-000F-0000-0000-0000000FF1CE}" = Microsoft Office Mondo 2010 (Beta)
    "{20140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010 (Beta)
    "{20140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010 (Beta)
    "{20140000-0017-0409-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (English) 2010 (Beta)
    "{20140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010 (Beta)
    "{20140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010 (Beta)
    "{20140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010 (Beta)
    "{20140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010 (Beta)
    "{20140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 (Beta)
    "{20140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 (Beta)
    "{20140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010 (Beta)
    "{20140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010 (Beta)
    "{20140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010 (Beta)
    "{20140000-0054-0409-0000-0000000FF1CE}" = Microsoft Office Visio MUI (English) 2010 (Beta)
    "{20140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010 (Beta)
    "{20140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010 (Beta)
    "{20140000-00B4-0409-0000-0000000FF1CE}" = Microsoft Office Project MUI (English) 2010 (Beta)
    "{20140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010 (Beta)
    "{20140000-0102-0409-0000-0000000FF1CE}" = Microsoft Office MondoOnly MUI (English) 2010 (Beta)
    "{20140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010 (Beta)
    "{20140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010 (Beta)
    "{20140000-011A-0000-0000-0000000FF1CE}" = Microsoft Office Send-a-Smile
    "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Liven lataustyökalu
    "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
    "{23F79416-CAD1-41BF-99A3-040F6C814AAA}" = NVIDIA Photoshop Plug-ins
    "{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
    "{31557F4F-7D10-D32E-4B70-237A09FCC31B}" = Catalyst Control Center Graphics Previews Common
    "{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
    "{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
    "{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
    "{3C175604-F026-5D79-BBD8-F626AE10B3EF}" = Catalyst Control Center Graphics Full Existing
    "{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
    "{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Autodesk Backburner 2008.1
    "{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
    "{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
    "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
    "{4442AB48-DEC4-4B39-B067-1F75BF8017E7}" = Creative Centrale
    "{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{513148E7-B7A1-48B2-B518-668701E546F5}" = LightScribe System Software 1.14.19.1
    "{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
    "{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
    "{5C1F18D2-F6B7-4242-B803-B5A78648185D}" = Corel WinDVD 2010
    "{5DB65884-C963-4454-AABA-4CA3089281FA}" = NVIDIA PhysX
    "{6179550A-3E7C-499E-BCC9-9E8113E0A285}" = LG Tool Kit
    "{62C2067E-5851-BD4C-98E0-5C4D5E155A5B}" = Catalyst Control Center Core Implementation
    "{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
    "{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
    "{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
    "{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
    "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
    "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
    "{72736F5F-520D-472A-88CC-7B02872FD34E}" = ATI Catalyst Registration
    "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
    "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    "{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
    "{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
    "{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
    "{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
    "{85EB1E72-4FAA-40E4-A511-DF3A9A0A4CA8}" = Windows Live Messenger
    "{86604C06-DA30-425E-AECE-47304FE81C45}" = Creative Software Update
    "{87BB78C4-F36D-4D93-A7C7-F80F18219848}" = AMD DnD V1.0.19
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
    "{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
    "{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
    "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{993960EE-CA4D-443F-8F88-E24260DD5FD2}" = LG PC Suite
    "{998152E5-B605-4BBB-9853-E749AEE02B21}" = Windows Liven kirjautumisavustaja
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{9C87F6BB-75E4-4F35-8353-F5E295264E98}" = Windows Live Call
    "{9D669429-A2E4-4793-B7A0-283D259F39AF}" = Adobe Photoshop Lightroom 2.5
    "{9E1BAB75-EB78-440D-94C0-A3857BE2E733}" = System Requirements Lab
    "{A292C05C-840A-9D47-5350-EF39ECC7629E}" = Catalyst Control Center HydraVision Full
    "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
    "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
    "{A666A477-4C02-415E-9F31-3541FC0CD6B5}" = SipdxDLL
    "{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
    "{AA2BCB44-B44F-445A-A80C-E6C50218940C}" = Windows Liven asennustyökalu
    "{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
    "{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.1
    "{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
    "{AD17676C-5065-E427-130B-21CE713F93E7}" = Catalyst Control Center Graphics Light
    "{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
    "{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
    "{B970700B-E49F-ECEF-4ADB-0F3E1AFEDE91}" = ccc-core-static
    "{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
    "{BC1FFF14-C10D-7087-C43A-4A8ECC9C98C4}" = ATI Catalyst Install Manager
    "{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
    "{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem Driver
    "{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
    "{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
    "{CF23AFD7-3078-4134-8823-EBF6D1FE6FAD}" = Canon MP450
    "{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
    "{D5395E5F-4D45-4665-8F00-234FA33678AF}" = SlimDX Redistributable (March 2009)
    "{DA6FAB8D-E87A-4E8E-A3D3-B7B9F479C725}" = forteManager
    "{E2E7A0E8-77C4-495F-8FA3-63DAEDAA2DB3}" = F-Secure PSC Prerequisites
    "{E2F29FCA-126F-48DF-A9B5-BEBE8F0F1610}" = CreativeSetup
    "{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
    "{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
    "{E542E630-8BB7-4C28-B8EB-0BAD2B201C65}" = Audio Track Editor
    "{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
    "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
    "{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
    "{F439D7AF-03F3-4F8E-AEC4-571BFE977C61}" = iTunes
    "{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
    "{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
    "{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
    "{F9726DDC-D7B5-BF1F-5626-EA467FEEBC52}" = ccc-utility
    "{F9F13FEA-D51E-A1C3-4EDC-D04A91B62C93}" = Catalyst Control Center Graphics Previews Vista
    "{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
    "{FE3997D3-6B56-4AC4-A99C-9DDFC45359BF}" = TuneUp Utilities Language Pack (en-US)
    "Adobe AIR" = Adobe AIR
    "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
    "Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
    "ADSL Router Utility" = ADSL Router Utility
    "Akamai" = Akamai NetSession Interface
    "CCleaner" = CCleaner
    "C-Media PCI Audio Driver" = C-Media PCI Audio Device
    "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
    "Creative Centrale" = Creative Centrale
    "Creative Software AutoUpdate" = Creative Software AutoUpdate
    "Defraggler" = Defraggler
    "Driver Genius Professional Edition_is1" = Driver Genius Professional Edition
    "EADM" = EA Download Manager
    "FileHippo.com" = FileHippo.com Update Checker
    "F-Secure Product 444" = Sonera Tietoturva
    "HijackThis" = HijackThis 2.0.2
    "InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
    "LastFM_is1" = Last.fm 1.5.4.24567
    "LimeWire" = LimeWire 5.5.5
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
    "Mozilla Firefox (3.6)" = Mozilla Firefox (3.6)
    "MSF_RIUNyS3" = LoudMo Contextual Ad Assistant
    "NVIDIA Drivers" = NVIDIA Drivers
    "Office14.MONDO" = Microsoft Office Mondo 2010
    "PowerISO" = PowerISO
    "Sonera Internet Avustaja_is1" = Sonera Internet Avustaja
    "Spotify" = Spotify
    "SysInfo" = Creative System Information
    "TS3 Install Helper Monkey" = TS3 Install Helper Monkey
    "TuneUp Utilities" = TuneUp Utilities
    "Uninstall_is1" = Uninstall 1.0.0.1
    "uTorrent" = µTorrent
    "WinLiveSuite_Wave3" = Windows Liven asennustyökalu
    "WinPcapInst" = WinPcap 3.1 beta3
    "WinRAR archiver" = WinRAR archiver
    "VLC media player" = VLC media player 1.0.3

    ========== Last 10 Event Log Errors ==========

    [ Application Events ]
    Error - 10.3.2010 10:40:05 | Computer Name = Sini-PC | Source = FSecure-FSecure-F-Secure DeepGuard | ID = 103
    Description = 1 2010-03-10 16:40:05+03:00 SINI-PC SYSTEM F-Secure DeepGuard

    DeepGuard configuration was rejected. Old configuration will be used if possible.

    Error code: DAAS reject

    Error - 10.3.2010 10:52:02 | Computer Name = Sini-PC | Source = FSecure-FSecure-F-Secure DeepGuard | ID = 103
    Description = 1 2010-03-10 16:52:02+03:00 SINI-PC SYSTEM F-Secure DeepGuard

    DeepGuard configuration was rejected. Old configuration will be used if possible.

    Error code: DAAS reject

    Error - 10.3.2010 14:39:39 | Computer Name = Sini-PC | Source = Application Error | ID = 1000
    Description = Viallisen sovelluksen nimi: IEXPLORE.EXE, versio: 8.0.7600.16385,
    aikaleima: 0x4a5bc69e Viallisen moduulin nimi: ntdll.dll, versio: 6.1.7600.16385,
    aikaleima: 0x4a5bdadb Poikkeuskoodi: 0xc0000005 Virhepoikkeama: 0x00046b90 Viallisen
    prosessin tunnus: 0xee8 Viallisen sovelluksen käynnistysaika: 0x01cac080c4a06724
    Viallisen
    sovelluksen polku: C:\Program Files\Internet Explorer\IEXPLORE.EXE Viallisen moduulin
    polku: C:\Windows\SYSTEM32\ntdll.dll Raportin tunnus: 4873d423-2c74-11df-a210-001966bb5e2b

    Error - 10.3.2010 15:02:09 | Computer Name = Sini-PC | Source = Application Error | ID = 1000
    Description = Viallisen sovelluksen nimi: iexplore.exe, versio: 8.0.7600.16385,
    aikaleima: 0x4a5bc69e Viallisen moduulin nimi: ntdll.dll, versio: 6.1.7600.16385,
    aikaleima: 0x4a5bdadb Poikkeuskoodi: 0xc0000005 Virhepoikkeama: 0x00046b90 Viallisen
    prosessin tunnus: 0xdd0 Viallisen sovelluksen käynnistysaika: 0x01cac0841fbdf149
    Viallisen
    sovelluksen polku: C:\Program Files\Internet Explorer\iexplore.exe Viallisen moduulin
    polku: C:\Windows\SYSTEM32\ntdll.dll Raportin tunnus: 6cfac2e4-2c77-11df-a210-001966bb5e2b

    Error - 10.3.2010 15:20:08 | Computer Name = Sini-PC | Source = Application Error | ID = 1000
    Description = Viallisen sovelluksen nimi: iexplore.exe, versio: 8.0.7600.16385,
    aikaleima: 0x4a5bc69e Viallisen moduulin nimi: ntdll.dll, versio: 6.1.7600.16385,
    aikaleima: 0x4a5bdadb Poikkeuskoodi: 0xc0000005 Virhepoikkeama: 0x00046b90 Viallisen
    prosessin tunnus: 0xecc Viallisen sovelluksen käynnistysaika: 0x01cac0869d47617f
    Viallisen
    sovelluksen polku: C:\Program Files\Internet Explorer\iexplore.exe Viallisen moduulin
    polku: C:\Windows\SYSTEM32\ntdll.dll Raportin tunnus: f03d4823-2c79-11df-a210-001966bb5e2b

    Error - 10.3.2010 16:04:02 | Computer Name = Sini-PC | Source = Application Error | ID = 1000
    Description = Viallisen sovelluksen nimi: iexplore.exe, versio: 8.0.7600.16385,
    aikaleima: 0x4a5bc69e Viallisen moduulin nimi: ntdll.dll, versio: 6.1.7600.16385,
    aikaleima: 0x4a5bdadb Poikkeuskoodi: 0xc0000005 Virhepoikkeama: 0x00046b90 Viallisen
    prosessin tunnus: 0x1214 Viallisen sovelluksen käynnistysaika: 0x01cac08cbde8fc58
    Viallisen
    sovelluksen polku: C:\Program Files\Internet Explorer\iexplore.exe Viallisen moduulin
    polku: C:\Windows\SYSTEM32\ntdll.dll Raportin tunnus: 11dd8c29-2c80-11df-a210-001966bb5e2b

    Error - 11.3.2010 4:06:42 | Computer Name = Sini-PC | Source = FSecure-FSecure-F-Secure DeepGuard | ID = 103
    Description = 1 2010-03-11 10:06:42+03:00 SINI-PC SYSTEM F-Secure DeepGuard

    DeepGuard configuration was rejected. Old configuration will be used if possible.

    Error code: DAAS reject

    Error - 11.3.2010 5:16:36 | Computer Name = Sini-PC | Source = SideBySide | ID = 16842815
    Description = Aktivointikontekstin luonti epäonnistui (c:\Program Files\Common Files\Adobe
    AIR\Versions\1.0\Adobe AIR.dll). Virhe luettelo- tai käytäntötiedoston c:\Program
    Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll rivillä 3. Määritteen version
    arvo (MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR) ei kelpaa
    elementissä assemblyIdentity.

    Error - 11.3.2010 11:24:57 | Computer Name = Sini-PC | Source = FSecure-FSecure-F-Secure Anti-Virus | ID = 103
    Description = 2 2010-03-11 17:24:56+03:00 SINI-PC Sini-PC\Sini F-Secure Anti-Virus

    Malicious code found in file C:\Windows\System32\sshnas21.dll. Infection: Trojan.Generic.3313565


    Error - 11.3.2010 11:46:26 | Computer Name = Sini-PC | Source = Application Error | ID = 1000
    Description = Viallisen sovelluksen nimi: mbam.exe, versio: 1.44.0.0, aikaleima:
    0x4b46461a Viallisen moduulin nimi: ntdll.dll, versio: 6.1.7600.16385, aikaleima:
    0x4a5bdadb Poikkeuskoodi: 0xc0000005 Virhepoikkeama: 0x0005c74a Viallisen prosessin
    tunnus: 0x6a0 Viallisen sovelluksen käynnistysaika: 0x01cac12ecd93b5f4 Viallisen
    sovelluksen polku: C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe Viallisen
    moduulin polku: C:\Windows\SYSTEM32\ntdll.dll Raportin tunnus: 3fd4557a-2d25-11df-99ba-001966bb5e2b

    [ Media Center Events ]
    Error - 19.2.2010 7:06:41 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
    Description = 13:06:39 - Virhe muodostettaessa Internet-yhteyttä. 13:06:40 -
    Yhteyden muodostaminen palvelimeen ei onnistu..

    Error - 19.2.2010 7:11:14 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
    Description = 13:07:14 - Virhe muodostettaessa Internet-yhteyttä. 13:07:14 -
    Yhteyden muodostaminen palvelimeen ei onnistu..

    Error - 20.2.2010 10:48:31 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
    Description = 16:48:31 - Virhe muodostettaessa Internet-yhteyttä. 16:48:31 -
    Yhteyden muodostaminen palvelimeen ei onnistu..

    Error - 20.2.2010 10:49:04 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
    Description = 16:49:01 - Virhe muodostettaessa Internet-yhteyttä. 16:49:01 -
    Yhteyden muodostaminen palvelimeen ei onnistu..

    Error - 21.2.2010 11:00:55 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
    Description = 17:00:55 - Virhe muodostettaessa Internet-yhteyttä. 17:00:55 -
    Yhteyden muodostaminen palvelimeen ei onnistu..

    Error - 21.2.2010 11:01:04 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
    Description = 17:01:00 - Virhe muodostettaessa Internet-yhteyttä. 17:01:00 -
    Yhteyden muodostaminen palvelimeen ei onnistu..

    Error - 23.2.2010 1:22:28 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
    Description = 7:22:28 - Virhe muodostettaessa Internet-yhteyttä. 7:22:28 - Yhteyden
    muodostaminen palvelimeen ei onnistu..

    Error - 23.2.2010 1:22:38 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
    Description = 7:22:33 - Virhe muodostettaessa Internet-yhteyttä. 7:22:33 - Yhteyden
    muodostaminen palvelimeen ei onnistu..

    Error - 2.3.2010 5:43:49 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
    Description = 11:43:49 - Virhe muodostettaessa Internet-yhteyttä. 11:43:49 -
    Yhteyden muodostaminen palvelimeen ei onnistu..

    Error - 2.3.2010 5:43:58 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
    Description = 11:43:55 - Virhe muodostettaessa Internet-yhteyttä. 11:43:55 -
    Yhteyden muodostaminen palvelimeen ei onnistu..

    [ System Events ]
    Error - 16.1.2010 10:26:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7031
    Description = Palvelu Käyttäjäprofiilipalvelu on päättynyt odottamatta. Tämä on
    tapahtunut 1 kertaa. 120000 millisekunnin kuluttua suoritetaan seuraava korjaustoimi:
    Käynnistä palvelu uudelleen.

    Error - 16.1.2010 10:26:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7031
    Description = Palvelu Tehtävien ajoitus on päättynyt odottamatta. Tämä on tapahtunut
    1 kertaa. 60000 millisekunnin kuluttua suoritetaan seuraava korjaustoimi: Käynnistä
    palvelu uudelleen.

    Error - 16.1.2010 10:26:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7031
    Description = Palvelu Järjestelmätapahtumien ilmoituspalvelu on päättynyt odottamatta.
    Tämä on tapahtunut 1 kertaa. 120000 millisekunnin kuluttua suoritetaan seuraava
    korjaustoimi: Käynnistä palvelu uudelleen.

    Error - 16.1.2010 10:26:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7031
    Description = Palvelu Käyttöliittymän laitteistotunnistus on päättynyt odottamatta.
    Tämä on tapahtunut 1 kertaa. 60000 millisekunnin kuluttua suoritetaan seuraava
    korjaustoimi: Käynnistä palvelu uudelleen.

    Error - 16.1.2010 10:26:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7031
    Description = Palvelu Teemat on päättynyt odottamatta. Tämä on tapahtunut 1 kertaa.
    60000 millisekunnin kuluttua suoritetaan seuraava korjaustoimi: Käynnistä palvelu
    uudelleen.

    Error - 16.1.2010 10:26:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7031
    Description = Palvelu WMI-palvelu (Windows Management Instrumentation) on päättynyt
    odottamatta. Tämä on tapahtunut 1 kertaa. 120000 millisekunnin kuluttua suoritetaan
    seuraava korjaustoimi: Käynnistä palvelu uudelleen.

    Error - 16.1.2010 10:26:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7031
    Description = Palvelu Windows Update on päättynyt odottamatta. Tämä on tapahtunut
    1 kertaa. 60000 millisekunnin kuluttua suoritetaan seuraava korjaustoimi: Käynnistä
    palvelu uudelleen.

    Error - 16.1.2010 10:27:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7032
    Description = Palvelujen ohjauksen hallinta yritti suorittaa korjaustoimia (Käynnistä
    palvelu uudelleen) palvelun Palvelin odottamattoman lopettamisen jälkeen. Yritys
    epäonnistui ja tapahtui virhe: %%1056

    Error - 16.1.2010 10:28:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7032
    Description = Palvelujen ohjauksen hallinta yritti suorittaa korjaustoimia (Käynnistä
    palvelu uudelleen) palvelun Tietokoneiden selaus odottamattoman lopettamisen jälkeen.
    Yritys epäonnistui ja tapahtui virhe: %%1056

    Error - 16.1.2010 10:28:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7032
    Description = Palvelujen ohjauksen hallinta yritti suorittaa korjaustoimia (Käynnistä
    palvelu uudelleen) palvelun WMI-palvelu (Windows Management Instrumentation) odottamattoman
    lopettamisen jälkeen. Yritys epäonnistui ja tapahtui virhe: %%1056


    < End of report >
     
    toope92, 11.03.2010
    #11
  13. toope92

    toope92 Regular member

    Liittynyt:
    08.11.2006
    Viestejä:
    140
    Kiitokset:
    0
    Pisteet:
    26
    OTL logfile created on: 11.3.2010 17:49:46 - Run 1
    OTL by OldTimer - Version 3.1.36.1 Folder = C:\Users\Sini\Desktop
    Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.7600.16385)
    Locale: 0000040b | Country: Suomi | Language: FIN | Date Format: d.M.yyyy

    3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 68,00% Memory free
    7,00 Gb Paging File | 6,00 Gb Available in Paging File | 83,00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 931,51 Gb Total Space | 732,06 Gb Free Space | 78,59% Space Free | Partition Type: NTFS
    D: Drive not present or media not loaded
    E: Drive not present or media not loaded
    F: Drive not present or media not loaded
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded

    Computer Name: SINI-PC
    Current User Name: Sini
    Logged in as Administrator.

    Current Boot Mode: Normal
    Scan Mode: All users
    Company Name Whitelist: Off
    Skip Microsoft Files: Off
    File Age = 30 Days
    Output = Standard

    ========== Processes (SafeList) ==========

    PRC - [2010.03.11 17:47:34 | 000,554,496 | ---- | M] (OldTimer Tools) -- C:\Users\Sini\Desktop\OTL.exe
    PRC - [2010.03.06 10:36:53 | 000,356,960 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\fsav32.exe
    PRC - [2010.03.06 10:36:07 | 000,619,616 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\fssm32.exe
    PRC - [2010.03.06 10:36:06 | 000,480,352 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\fsgk32.exe
    PRC - [2010.03.06 10:28:03 | 000,055,992 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\ORSP Client\fsorsp.exe
    PRC - [2010.02.25 12:02:02 | 000,716,616 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
    PRC - [2010.02.25 11:59:54 | 001,047,880 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
    PRC - [2010.02.02 20:17:28 | 000,372,736 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
    PRC - [2010.02.02 20:16:58 | 000,172,032 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
    PRC - [2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
    PRC - [2009.08.10 15:59:50 | 000,178,720 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
    PRC - [2009.08.10 15:59:48 | 000,387,616 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
    PRC - [2009.08.05 17:58:52 | 000,186,976 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\Common\FSMA32.EXE
    PRC - [2009.08.05 17:58:50 | 000,199,264 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\Common\FSM32.EXE
    PRC - [2009.08.05 17:58:50 | 000,088,672 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\Common\FSHDLL32.EXE
    PRC - [2009.08.05 17:57:20 | 000,522,848 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\FWES\program\fsdfwd.exe
    PRC - [2009.08.05 17:56:10 | 000,215,648 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\fsgk32st.exe
    PRC - [2009.07.14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
    PRC - [2009.07.14 03:14:24 | 000,157,184 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Windows Defender\MpCmdRun.exe
    PRC - [2008.10.16 10:04:42 | 000,202,016 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Sonera\InternetAvustaja\bin\sprtsvc.exe
    PRC - [2007.07.24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe


    ========== Modules (SafeList) ==========

    MOD - [2010.03.11 17:47:34 | 000,554,496 | ---- | M] (OldTimer Tools) -- C:\Users\Sini\Desktop\OTL.exe
    MOD - [2009.07.14 03:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll
    MOD - [2009.07.14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll
    MOD - [2009.07.14 03:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll
    MOD - [2009.07.14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll
    MOD - [2009.07.14 03:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll
    MOD - [2009.07.14 03:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll
    MOD - [2009.07.14 03:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
    MOD - [2009.07.14 03:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll
    MOD - [2009.07.14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll
    MOD - [2009.07.14 03:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll
    MOD - [2009.07.14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll


    ========== Win32 Services (SafeList) ==========

    SRV - [2010.03.06 10:28:03 | 000,055,992 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files\Sonera\Sonera Tietoturva\ORSP Client\fsorsp.exe -- (FSORSPClient)
    SRV - [2010.03.05 16:33:51 | 002,462,256 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\rswin_3648.dll -- (Akamai)
    SRV - [2010.03.03 10:05:31 | 000,435,016 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)
    SRV - [2010.02.25 11:59:54 | 001,047,880 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
    SRV - [2010.02.25 11:56:02 | 000,030,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
    SRV - [2010.02.02 20:16:58 | 000,172,032 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
    SRV - [2009.08.21 15:47:14 | 030,510,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
    SRV - [2009.08.21 15:36:08 | 004,639,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
    SRV - [2009.08.10 15:59:50 | 000,178,720 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp)
    SRV - [2009.08.10 15:59:48 | 000,387,616 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM)
    SRV - [2009.08.05 17:58:52 | 000,186,976 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files\Sonera\Sonera Tietoturva\Common\FSMA32.EXE -- (FSMA)
    SRV - [2009.08.05 17:57:20 | 000,522,848 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files\Sonera\Sonera Tietoturva\FWES\Program\fsdfwd.exe -- (FSDFWD)
    SRV - [2009.08.05 17:56:10 | 000,215,648 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\fsgk32st.exe -- (F-Secure Gatekeeper Handler Starter)
    SRV - [2009.07.14 03:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)
    SRV - [2009.07.14 03:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
    SRV - [2009.07.14 03:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power)
    SRV - [2009.07.14 03:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
    SRV - [2009.07.14 03:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)
    SRV - [2009.07.14 03:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
    SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
    SRV - [2009.07.14 03:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)
    SRV - [2009.07.14 03:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
    SRV - [2009.07.14 03:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
    SRV - [2009.07.14 03:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
    SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
    SRV - [2009.07.14 03:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
    SRV - [2009.07.14 03:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
    SRV - [2009.07.14 03:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
    SRV - [2009.07.14 03:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc)
    SRV - [2009.07.14 03:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC)
    SRV - [2009.07.14 03:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) ActiveX-asennusohjelma (AxInstSV)
    SRV - [2009.07.14 03:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)
    SRV - [2009.07.14 03:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc)
    SRV - [2008.10.16 10:04:42 | 000,202,016 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Sonera\InternetAvustaja\bin\sprtsvc.exe -- (sprtsvc_sonera) SupportSoft Sprocket Service (sonera)
    SRV - [2008.10.16 10:02:58 | 000,382,320 | ---- | M] (SupportSoft, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\supportsoft\bin\ssrc.exe -- (SupportSoft RemoteAssist)
    SRV - [2008.05.21 13:42:56 | 000,064,000 | ---- | M] (Creative Technology Ltd) [Disabled | Stopped] -- C:\Program Files\Creative\Creative Centrale\CTUPnPSv.exe -- (CTUPnPSv)
    SRV - [2007.12.13 16:29:59 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
    SRV - [2007.07.24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
    SRV - [2007.04.02 08:15:40 | 000,061,440 | ---- | M] (Creative Technology Ltd) [Disabled | Stopped] -- C:\Program Files\Creative\Shared Files\CTDevSrv.exe -- (CTDevice_Srv)
    SRV - [2004.05.14 13:02:46 | 000,086,016 | ---- | M] (NetGroup - Politecnico di Torino) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)


    ========== Driver Services (SafeList) ==========

    DRV - [2010.03.10 16:16:42 | 000,021,584 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\atapi.sys -- (atapi)
    DRV - [2010.03.06 10:37:16 | 000,033,920 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\Drivers\fsbts.sys -- (fsbts)
    DRV - [2010.03.06 10:36:46 | 000,107,104 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\minifilter\fsgk.sys -- (F-Secure Gatekeeper)
    DRV - [2010.02.20 17:07:24 | 000,278,984 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
    DRV - [2010.02.20 17:06:41 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
    DRV - [2010.02.02 20:54:34 | 005,313,536 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
    DRV - [2010.02.02 20:54:34 | 005,313,536 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atipmdag.sys -- (amdkmdag)
    DRV - [2010.02.02 19:23:42 | 000,150,016 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
    DRV - [2010.01.28 15:33:30 | 000,100,352 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
    DRV - [2010.01.27 11:04:00 | 000,183,584 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService)
    DRV - [2010.01.21 01:59:58 | 000,020,864 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag)
    DRV - [2010.01.21 01:59:56 | 000,024,960 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem)
    DRV - [2010.01.21 01:59:56 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)
    DRV - [2010.01.07 16:07:14 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
    DRV - [2010.01.03 21:04:37 | 000,722,416 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
    DRV - [2009.12.19 02:31:32 | 000,073,312 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\adfs.sys -- (adfs)
    DRV - [2009.12.01 11:11:28 | 001,872,192 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\cmudax3.sys -- (cmuda3)
    DRV - [2009.11.10 14:55:08 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
    DRV - [2009.11.10 14:54:52 | 000,035,984 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
    DRV - [2009.11.09 05:21:18 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
    DRV - [2009.10.14 07:24:44 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
    DRV - [2009.08.05 17:58:30 | 000,068,064 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Program Files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys -- (F-Secure HIPS)
    DRV - [2009.08.05 17:57:20 | 000,071,040 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\fsdfw.sys -- (FSFW)
    DRV - [2009.08.05 17:57:12 | 000,035,680 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\fses.sys -- (FSES)
    DRV - [2009.08.05 17:56:14 | 000,039,776 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\win2k\fsfilter.sys -- (F-Secure Filter)
    DRV - [2009.08.05 17:56:14 | 000,025,184 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\win2k\fsrec.sys -- (F-Secure Recognizer)
    DRV - [2009.08.05 17:56:12 | 000,012,384 | ---- | M] () [Kernel | System | Running] -- C:\Program Files\Sonera\Sonera Tietoturva\Anti-Virus\minifilter\fsvista.sys -- (fsvista)
    DRV - [2009.07.30 17:12:54 | 000,287,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmf6232.sys -- (NVNET)
    DRV - [2009.07.14 03:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide)
    DRV - [2009.07.14 03:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci)
    DRV - [2009.07.14 03:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)
    DRV - [2009.07.14 03:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)
    DRV - [2009.07.14 03:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320)
    DRV - [2009.07.14 03:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas)
    DRV - [2009.07.14 03:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata)
    DRV - [2009.07.14 03:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc)
    DRV - [2009.07.14 03:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata)
    DRV - [2009.07.14 03:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide)
    DRV - [2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor)
    DRV - [2009.07.14 03:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid)
    DRV - [2009.07.14 03:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)
    DRV - [2009.07.14 03:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)
    DRV - [2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV)
    DRV - [2009.07.14 03:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)
    DRV - [2009.07.14 03:20:36 | 000,133,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg)
    DRV - [2009.07.14 03:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)
    DRV - [2009.07.14 03:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)
    DRV - [2009.07.14 03:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)
    DRV - [2009.07.14 03:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp)
    DRV - [2009.07.14 03:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas)
    DRV - [2009.07.14 03:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)
    DRV - [2009.07.14 03:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor)
    DRV - [2009.07.14 03:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx)
    DRV - [2009.07.14 03:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD)
    DRV - [2009.07.14 03:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)
    DRV - [2009.07.14 03:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)
    DRV - [2009.07.14 03:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp)
    DRV - [2009.07.14 03:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot)
    DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount)
    DRV - [2009.07.14 03:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide)
    DRV - [2009.07.14 03:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300)
    DRV - [2009.07.14 03:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)
    DRV - [2009.07.14 03:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)
    DRV - [2009.07.14 03:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)
    DRV - [2009.07.14 03:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw)
    DRV - [2009.07.14 03:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)
    DRV - [2009.07.14 03:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor)
    DRV - [2009.07.14 03:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG)
    DRV - [2009.07.14 02:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
    DRV - [2009.07.14 02:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\rdpbus.sys -- (rdpbus)
    DRV - [2009.07.14 02:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)
    DRV - [2009.07.14 01:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
    DRV - [2009.07.14 01:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)
    DRV - [2009.07.14 01:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)
    DRV - [2009.07.14 01:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)
    DRV - [2009.07.14 01:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\1394ohci.sys -- (1394ohci)
    DRV - [2009.07.14 01:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass)
    DRV - [2009.07.14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
    DRV - [2009.07.14 01:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)
    DRV - [2009.07.14 01:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)
    DRV - [2009.07.14 01:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus)
    DRV - [2009.07.14 01:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID)
    DRV - [2009.07.14 01:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter)
    DRV - [2009.07.14 01:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache)
    DRV - [2009.07.14 01:19:21 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HidBatt.sys -- (HidBatt)
    DRV - [2009.07.14 01:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi)
    DRV - [2009.07.14 01:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdppm.sys -- (AmdPPM)
    DRV - [2009.07.14 00:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir)
    DRV - [2009.07.14 00:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm)
    DRV - [2009.07.14 00:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer)
    DRV - [2009.07.14 00:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm)
    DRV - [2009.07.14 00:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo)
    DRV - [2009.07.14 00:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp)
    DRV - [2009.07.14 00:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
    DRV - [2009.07.14 00:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
    DRV - [2009.07.14 00:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv)
    DRV - [2009.07.14 00:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv)
    DRV - [2009.06.29 00:36:36 | 000,017,920 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
    DRV - [2008.12.12 15:27:46 | 000,018,432 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\LG Soft India\forteManager\bin\PII2CDriver.sys -- (LGII2CDevice)
    DRV - [2008.12.12 15:27:46 | 000,014,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\LG Soft India\forteManager\bin\I2CDriver.sys -- (LGDDCDevice)
    DRV - [2008.01.19 05:55:22 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\irsir.sys -- (irsir)
    DRV - [2007.04.17 20:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\regi.sys -- (regi)
    DRV - [2004.05.14 11:37:10 | 000,032,896 | ---- | M] (NetGroup - Politecnico di Torino) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\npf.sys -- (NPF)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========



    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



    IE - HKU\S-1-5-21-3761315706-44459061-675875969-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com?o=15161&l=dis
    IE - HKU\S-1-5-21-3761315706-44459061-675875969-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fi.msn.com/?ocid=iehp
    IE - HKU\S-1-5-21-3761315706-44459061-675875969-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fi
    IE - HKU\S-1-5-21-3761315706-44459061-675875969-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 59 2D 93 5E EC 6D CA 01 [binary data]
    IE - HKU\S-1-5-21-3761315706-44459061-675875969-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    ========== FireFox ==========

    FF - prefs.js..browser.search.defaultengine: "Ask.com"
    FF - prefs.js..browser.search.defaultenginename: "Ask.com"
    FF - prefs.js..browser.search.defaultthis.engineName: "BS Player Customized Web Search"
    FF - prefs.js..browser.search.defaulturl: "http://www3.iamwired.net/websearch.php?src=tops&search="
    FF - prefs.js..browser.search.order.1: "Ask.com"
    FF - prefs.js..browser.search.selectedEngine: "Torrents.to"
    FF - prefs.js..browser.search.update: false
    FF - prefs.js..browser.search.useDBForOrder: true
    FF - prefs.js..browser.startup.homepage: "http://www.google.fi/"
    FF - prefs.js..extensions.enabledItems: {80155943-b083-a2cf-0350-54d3b1be1609}:4.6.6.4
    FF - prefs.js..keyword.URL: ""
    FF - prefs.js..network.proxy.no_proxies_on: "*.local"


    FF - HKLM\software\mozilla\Firefox\Extensions\\FFToolbar@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2010\bdaphffext\ [2010.03.06 10:33:01 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Firefox\Extensions\\litmus-ff@f-secure.com: C:\Program Files\Sonera\Sonera Tietoturva\NRS\litmus-ff@f-secure.com [2010.03.06 10:23:23 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.03.11 10:51:52 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.03.11 10:56:18 | 000,000,000 | ---D | M]

    [2009.12.23 03:15:53 | 000,000,000 | ---D | M] -- C:\Users\Sini\AppData\Roaming\mozilla\Extensions
    [2009.12.23 03:15:53 | 000,000,000 | ---D | M] -- C:\Users\Sini\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org
    [2010.03.11 17:24:40 | 000,000,000 | ---D | M] -- C:\Users\Sini\AppData\Roaming\mozilla\Firefox\Profiles\k20tmfqy.default\extensions
    [2010.01.23 17:01:58 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Sini\AppData\Roaming\mozilla\Firefox\Profiles\k20tmfqy.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
    [2009.12.24 14:49:06 | 000,000,000 | ---D | M] (Fasterfox) -- C:\Users\Sini\AppData\Roaming\mozilla\Firefox\Profiles\k20tmfqy.default\extensions\{c36177c0-224a-11da-8cd6-0800200c9a91}
    [2010.01.23 17:01:58 | 000,000,000 | ---D | M] (FoxTab) -- C:\Users\Sini\AppData\Roaming\mozilla\Firefox\Profiles\k20tmfqy.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
    [2010.01.27 23:30:56 | 000,000,000 | ---D | M] -- C:\Users\Sini\AppData\Roaming\mozilla\Firefox\Profiles\k20tmfqy.default\extensions\fsonlinescanner@f-secure.com
    [2010.01.23 17:01:58 | 000,000,000 | ---D | M] -- C:\Users\Sini\AppData\Roaming\mozilla\Firefox\Profiles\k20tmfqy.default\extensions\personas@christopher.beard
    [2010.03.11 17:18:44 | 000,002,257 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\Mozilla\FireFox\Profiles\k20tmfqy.default\searchplugins\askcom.xml
    [2009.12.24 20:57:14 | 000,002,367 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\Mozilla\FireFox\Profiles\k20tmfqy.default\searchplugins\photobucket.xml
    [2010.03.09 17:57:08 | 000,000,261 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\Mozilla\FireFox\Profiles\k20tmfqy.default\searchplugins\Search.xml
    [2009.12.02 18:49:43 | 000,000,897 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\Mozilla\FireFox\Profiles\k20tmfqy.default\searchplugins\torrentsto.xml
    [2010.01.22 19:04:02 | 000,001,713 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\Mozilla\FireFox\Profiles\k20tmfqy.default\searchplugins\youtube-video-search.xml
    [2010.03.11 17:19:18 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
    [2010.03.09 18:35:10 | 000,000,000 | ---D | M] (LoudMo Contextual Ad Assistant) -- C:\Program Files\Mozilla Firefox\extensions\{80155943-b083-a2cf-0350-54d3b1be1609}
    [2010.01.16 03:19:09 | 000,002,062 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bookplus-fi.xml
    [2010.01.16 03:19:09 | 000,001,069 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons-fi.xml
    [2010.01.16 03:19:09 | 000,002,677 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\huuto-fi.xml
    [2010.01.16 03:19:09 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fi.xml
    [2010.01.16 03:19:09 | 000,000,796 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-fi.xml

    O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
    O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
    O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    O2 - BHO: (Browsing Protection Class) - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files\Sonera\Sonera Tietoturva\NRS\iescript\BaseLitmus.dll (F-Secure Corporation)
    O2 - BHO: (gwprimawega) - {da9e5a55-a1a2-1b97-026f-b233372fee2e} - C:\Windows\System32\p0_aPIH.dll ()
    O3 - HKLM\..\Toolbar: (Browsing Protection Toolbar) - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files\Sonera\Sonera Tietoturva\NRS\iescript\BaseLitmus.dll (F-Secure Corporation)
    O3 - HKU\S-1-5-21-3761315706-44459061-675875969-1001\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
    O4 - HKLM..\Run: [CmPCIaudio] File not found
    O4 - HKLM..\Run: [F-Secure Manager] C:\Program Files\Sonera\Sonera Tietoturva\Common\FSM32.EXE (F-Secure Corporation)
    O4 - HKLM..\Run: [F-Secure TNB] C:\Program Files\Sonera\Sonera Tietoturva\FSGUI\TNBUtil.exe (F-Secure Corporation)
    O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
    O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
    O4 - HKU\.DEFAULT..\Run: [cbssreg] C:\Windows\TEMP\nytf.tmp\svchost.exe File not found
    O4 - HKU\S-1-5-18..\Run: [cbssreg] C:\Windows\TEMP\nytf.tmp\svchost.exe File not found
    O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe File not found
    O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe File not found
    O4 - HKU\S-1-5-21-3761315706-44459061-675875969-1001..\Run: [FileHippo.com] C:\Program Files\FileHippo.com\UpdateChecker.exe (FileHippo.com)
    O4 - HKU\S-1-5-21-3761315706-44459061-675875969-1001..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
    O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
    O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
    O4 - Startup: C:\Users\Sini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe (Lime Wire, LLC)
    O4 - Startup: C:\Users\Sini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\update.exe ()
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
    O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
    O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\Program Files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL (F-Secure Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
    O13 - gopher Prefix: missing
    O15 - HKU\S-1-5-21-3761315706-44459061-675875969-1001\..Trusted Domains: corel.com ([]http in Trusted sites)
    O15 - HKU\S-1-5-21-3761315706-44459061-675875969-1001\..Trusted Domains: corel.com ([www] * in Trusted sites)
    O15 - HKU\S-1-5-21-3761315706-44459061-675875969-1001\..Trusted Domains: intervideo.com ([]http in Trusted sites)
    O15 - HKU\S-1-5-21-3761315706-44459061-675875969-1001\..Trusted Domains: intervideo.com ([www] * in Trusted sites)
    O16 - DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} http://srtest-cdn.systemrequirementslab.com.s3.amazonaws.com/bin/sysreqlabdetect.cab (Reg Error: Key error.)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
    O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
    O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15111/CTPID.cab (Creative Software AutoUpdate Support Package)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254
    O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
    O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O20 - HKU\S-1-5-21-3761315706-44459061-675875969-1001 Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20 - HKU\S-1-5-21-3761315706-44459061-675875969-1001 Winlogon: Shell - (C:\Users\Sini\AppData\Roaming\ufxw.exe) - C:\Users\Sini\AppData\Roaming\ufxw.exe File not found
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
    O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
    O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O33 - MountPoints2\I\Shell - "" = AutoRun
    O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\Autorun.exe -- File not found
    O33 - MountPoints2\J\Shell - "" = AutoRun
    O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\Autorun.exe -- File not found
    O33 - MountPoints2\K\Shell - "" = AutoRun
    O34 - HKLM BootExecute: (autocheck autochk /r \??\F:) - File not found
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O34 - HKLM BootExecute: (sasnative32) - File not found
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*

    ========== Files/Folders - Created Within 30 Days ==========

    [2010.03.11 17:47:34 | 000,554,496 | ---- | C] (OldTimer Tools) -- C:\Users\Sini\Desktop\OTL.exe
    [2010.03.10 16:49:11 | 000,000,000 | ---D | C] -- C:\Users\Sini\Tracing
    [2010.03.09 20:58:43 | 000,705,536 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\cohelper.dll
    [2010.03.09 19:14:02 | 002,622,496 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkHDMI.dll
    [2010.03.09 19:14:02 | 000,355,528 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32H.dll
    [2010.03.09 19:14:02 | 000,183,584 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RtHDMIV.sys
    [2010.03.09 19:14:02 | 000,073,928 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32H.dll
    [2010.03.09 19:14:01 | 000,168,648 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32H.dll
    [2010.03.09 19:14:01 | 000,062,664 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32H.dll
    [2010.03.09 19:14:00 | 001,640,480 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RHDMIExt.dll
    [2010.03.09 19:14:00 | 000,293,600 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RH3DHT32.dll
    [2010.03.09 19:14:00 | 000,293,600 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RH3DAA32.dll
    [2010.03.09 19:14:00 | 000,057,376 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RHCoInst.dll
    [2010.03.09 19:14:00 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
    [2010.03.09 19:13:52 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp
    [2010.03.09 19:11:56 | 000,000,000 | ---D | C] -- C:\SMU
    [2010.03.09 19:11:56 | 000,000,000 | ---D | C] -- C:\SMBUS
    [2010.03.09 19:11:54 | 000,000,000 | ---D | C] -- C:\IDE
    [2010.03.09 19:11:54 | 000,000,000 | ---D | C] -- C:\Ethernet
    [2010.03.09 17:27:11 | 000,000,000 | ---D | C] -- C:\Users\Sini\Documents\DriverGenius
    [2010.03.09 17:03:19 | 000,000,000 | ---D | C] -- C:\Program Files\Driver-Soft
    [2010.03.09 07:09:41 | 003,955,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
    [2010.03.09 07:09:41 | 003,899,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
    [2010.03.08 20:27:42 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
    [2010.03.08 17:22:58 | 000,000,000 | ---D | C] -- C:\Program Files\TrendMicro
    [2010.03.08 04:51:36 | 000,000,000 | ---D | C] -- C:\SDFix
    [2010.03.08 04:50:41 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
    [2010.03.08 04:47:05 | 000,000,000 | ---D | C] -- C:\Windows\Sun
    [2010.03.07 19:54:36 | 000,000,000 | ---D | C] -- C:\Users\Sini\AppData\Local\Stay Secure
    [2010.03.07 16:43:44 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
    [2010.03.07 16:37:07 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
    [2010.03.07 16:37:06 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
    [2010.03.07 16:37:06 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
    [2010.03.06 10:31:35 | 000,000,000 | -HSD | C] -- C:\Config.Msi
    [2010.03.06 10:24:13 | 000,035,680 | ---- | C] (F-Secure Corporation) -- C:\Windows\System32\drivers\fses.sys
    [2010.03.06 10:24:08 | 000,572,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcp50.dll
    [2010.03.06 10:24:08 | 000,071,040 | ---- | C] (F-Secure Corporation) -- C:\Windows\System32\drivers\fsdfw.sys
    [2010.03.06 09:46:08 | 000,000,000 | ---D | C] -- C:\Users\Sini\Documents\My Drivers
    [2010.03.05 13:33:38 | 000,000,000 | ---D | C] -- C:\Users\Sini\Documents\Adobe Scripts
    [2010.03.05 10:24:58 | 000,016,400 | ---- | C] (Logitech, Inc.) -- C:\Windows\System32\drivers\LNonPnP.sys
    [2010.03.05 10:24:41 | 001,581,072 | ---- | C] (Logitech, Inc.) -- C:\Windows\System32\LkmdfCoInst.dll
    [2010.03.05 10:24:41 | 000,052,240 | ---- | C] (Logitech, Inc.) -- C:\Windows\System32\LMouFiltCoInst.dll
    [2010.03.05 10:24:41 | 000,037,392 | ---- | C] (Logitech, Inc.) -- C:\Windows\System32\drivers\LMouFilt.Sys
    [2010.03.05 10:24:40 | 000,035,984 | ---- | C] (Logitech, Inc.) -- C:\Windows\System32\drivers\LHidFilt.Sys
    [2010.03.04 15:38:01 | 000,000,000 | ---D | C] -- C:\Program Files\The Sims Resource
    [2010.03.04 14:50:34 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
    [2010.03.04 14:40:01 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
    [2010.03.03 20:00:17 | 000,274,432 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\Oemdspif.dll
    [2010.03.03 20:00:17 | 000,100,352 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\drivers\AtiHdmi.sys
    [2010.03.03 20:00:17 | 000,050,176 | ---- | C] (AMD) -- C:\Windows\System32\coinst.dll
    [2010.03.03 20:00:17 | 000,027,136 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiuxpag.dll
    [2010.03.03 20:00:16 | 000,020,480 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiu9pag.dll
    [2010.03.03 20:00:15 | 000,356,352 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\atipdlxx.dll
    [2010.03.03 20:00:15 | 000,159,744 | ---- | C] (AMD) -- C:\Windows\System32\atitmmxx.dll
    [2010.03.03 20:00:12 | 014,147,072 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atioglxx.dll
    [2010.03.03 20:00:07 | 005,313,536 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\atipmdag.sys
    [2010.03.03 20:00:07 | 005,313,536 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\atikmdag.sys
    [2010.03.03 20:00:07 | 000,150,016 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\drivers\atikmpag.sys
    [2010.03.03 20:00:07 | 000,052,224 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atimpc32.dll
    [2010.03.03 20:00:07 | 000,052,224 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\amdpcom32.dll
    [2010.03.03 20:00:07 | 000,011,776 | ---- | C] (AMD) -- C:\Windows\System32\atimuixx.dll
    [2010.03.03 20:00:06 | 000,446,464 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIDEMGX.dll
    [2010.03.03 20:00:06 | 000,014,848 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atigktxx.dll
    [2010.03.03 20:00:06 | 000,012,800 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiglpxx.dll
    [2010.03.03 20:00:05 | 003,649,536 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticaldd.dll
    [2010.03.03 20:00:05 | 000,426,496 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\System32\aticfx32.dll
    [2010.03.03 20:00:05 | 000,143,360 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiapfxx.exe
    [2010.03.03 20:00:05 | 000,053,248 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalrt.dll
    [2010.03.03 20:00:05 | 000,053,248 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalcl.dll
    [2010.03.03 20:00:04 | 000,053,248 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\ati2erec.dll
    [2010.03.03 20:00:04 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\ati2edxx.dll
    [2010.03.03 12:59:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Protexis
    [2010.03.03 12:58:53 | 000,000,000 | ---D | C] -- C:\Program Files\Corel
    [2010.03.03 11:22:44 | 000,000,000 | ---D | C] -- C:\KU990
    [2010.03.03 11:19:08 | 000,000,000 | ---D | C] -- C:\LG_USB
    [2010.03.03 11:15:35 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml4a.dll
    [2010.03.03 11:15:16 | 000,000,000 | ---D | C] -- C:\ProgramData\LGMOBILEAX
    [2010.03.03 10:34:51 | 000,055,824 | ---- | C] (Logitech, Inc.) -- C:\Windows\KHALMNPR.Exe
    [2010.03.03 10:18:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
    [2010.03.03 10:05:37 | 000,030,024 | ---- | C] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll
    [2010.03.03 10:05:37 | 000,021,320 | ---- | C] (TuneUp Software) -- C:\Windows\System32\authuitu.dll
    [2010.03.03 10:01:40 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
    [2010.03.03 10:01:37 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
    [2010.03.03 10:01:37 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
    [2010.03.03 10:01:37 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
    [2010.03.03 10:01:33 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll
    [2010.03.03 10:01:33 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
    [2010.03.03 10:01:33 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll
    [2010.03.03 10:01:33 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
    [2010.03.03 10:01:31 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
    [2010.03.03 10:01:31 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
    [2010.03.03 10:01:31 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
    [2010.03.03 10:01:31 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
    [2010.03.03 10:01:31 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
    [2010.03.03 10:01:31 | 000,277,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
    [2010.03.03 10:01:31 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
    [2010.03.03 10:01:31 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
    [2010.03.03 10:01:29 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
    [2010.02.09 23:30:57 | 000,000,000 | ---D | C] -- C:\Users\Sini\AppData\Roaming\InstallShield
    [2010.02.09 23:23:07 | 000,000,000 | -H-D | C] -- C:\LG3G
    [2010.02.09 23:20:23 | 000,000,000 | ---D | C] -- C:\lgupload
    [2010.02.09 23:00:14 | 000,024,960 | ---- | C] (LG Electronics Inc.) -- C:\Windows\System32\drivers\lgusbmodem.sys
    [2010.02.09 23:00:14 | 000,020,864 | ---- | C] (LG Electronics Inc.) -- C:\Windows\System32\drivers\lgusbdiag.sys
    [2010.02.09 23:00:14 | 000,013,056 | ---- | C] (LG Electronics Inc.) -- C:\Windows\System32\drivers\lgusbbus.sys
    [2010.02.09 23:00:13 | 000,000,000 | ---D | C] -- C:\Program Files\LG Electronics
    [2010.02.09 22:58:49 | 000,000,000 | ---D | C] -- C:\Program Files\LG PC Suite 2
    [2010.02.09 22:05:04 | 000,000,000 | ---D | C] -- C:\Windows\pss
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2010.03.11 17:51:09 | 003,670,016 | ---- | M] () -- C:\Users\Sini\ntuser.dat
    [2010.03.11 17:47:34 | 000,554,496 | ---- | M] (OldTimer Tools) -- C:\Users\Sini\Desktop\OTL.exe
    [2010.03.11 17:32:18 | 000,014,608 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2010.03.11 17:32:18 | 000,014,608 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2010.03.11 17:22:50 | 000,000,975 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
    [2010.03.11 10:53:23 | 000,001,815 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk
    [2010.03.11 10:06:52 | 000,000,574 | ---- | M] () -- C:\Windows\tasks\Scheduled scanning task.job
    [2010.03.11 10:06:24 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
    [2010.03.11 10:06:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2010.03.10 23:48:17 | 001,144,078 | -H-- | M] () -- C:\Users\Sini\AppData\Local\IconCache.db
    [2010.03.10 18:33:27 | 000,000,466 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_021.cplist
    [2010.03.10 18:33:24 | 000,002,516 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys
    [2010.03.10 18:27:55 | 000,000,466 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_020.cplist
    [2010.03.10 17:18:06 | 000,000,480 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_019.cplist
    [2010.03.10 17:07:51 | 000,000,466 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_018.cplist
    [2010.03.10 16:48:16 | 000,000,522 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_017.cplist
    [2010.03.10 16:39:45 | 437,169,378 | ---- | M] () -- C:\Windows\MEMORY.DMP
    [2010.03.10 16:16:42 | 000,021,584 | ---- | M] () -- C:\Windows\System32\drivers\atapi.sys
    [2010.03.09 21:01:02 | 001,243,400 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
    [2010.03.09 21:01:02 | 000,616,736 | ---- | M] () -- C:\Windows\System32\perfh009.dat
    [2010.03.09 21:01:02 | 000,442,586 | ---- | M] () -- C:\Windows\System32\perfh00B.dat
    [2010.03.09 21:01:02 | 000,107,828 | ---- | M] () -- C:\Windows\System32\perfc009.dat
    [2010.03.09 21:01:02 | 000,083,000 | ---- | M] () -- C:\Windows\System32\perfc00B.dat
    [2010.03.09 19:14:17 | 000,000,246 | ---- | M] () -- C:\Windows\Cmicnfg3.ini.cfl
    [2010.03.09 19:14:17 | 000,000,168 | ---- | M] () -- C:\Windows\Cmicnfg3.ini.imi
    [2010.03.09 19:14:17 | 000,000,136 | ---- | M] () -- C:\Windows\System\Dlap.pfx
    [2010.03.09 19:13:35 | 000,000,107 | ---- | M] () -- C:\Windows\System\Cmicnfg3.ini
    [2010.03.09 18:35:11 | 000,118,375 | ---- | M] () -- C:\Windows\System32\MSF_RIUNyS3.exe
    [2010.03.09 17:58:41 | 002,760,844 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\update.exe
    [2010.03.08 23:34:07 | 000,196,608 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
    [2010.03.08 23:33:56 | 000,524,288 | -HS- | M] () -- C:\Users\Sini\ntuser.dat{d4828c67-2ac3-11df-9e1b-001966bb5e2b}.TMContainer00000000000000000002.regtrans-ms
    [2010.03.08 23:33:56 | 000,524,288 | -HS- | M] () -- C:\Users\Sini\ntuser.dat{d4828c67-2ac3-11df-9e1b-001966bb5e2b}.TMContainer00000000000000000001.regtrans-ms
    [2010.03.08 23:33:56 | 000,065,536 | -HS- | M] () -- C:\Users\Sini\ntuser.dat{d4828c67-2ac3-11df-9e1b-001966bb5e2b}.TM.blf
    [2010.03.07 20:12:07 | 000,000,514 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_016.cplist
    [2010.03.07 20:11:41 | 000,000,498 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_015.cplist
    [2010.03.07 19:54:33 | 000,000,562 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_014.cplist
    [2010.03.07 16:18:57 | 000,000,466 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_013.cplist
    [2010.03.07 15:15:38 | 000,000,490 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_012.cplist
    [2010.03.07 10:49:53 | 000,000,486 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_011.cplist
    [2010.03.07 10:49:13 | 000,000,514 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_010.cplist
    [2010.03.06 22:12:01 | 000,000,582 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_009.cplist
    [2010.03.06 22:10:45 | 000,000,452 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_008.cplist
    [2010.03.06 22:09:53 | 000,000,582 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_007.cplist
    [2010.03.06 22:08:50 | 000,000,510 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_006.cplist
    [2010.03.06 20:32:44 | 000,000,498 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_005.cplist
    [2010.03.06 18:00:35 | 000,000,564 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_004.cplist
    [2010.03.06 13:05:40 | 000,000,522 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_003.cplist
    [2010.03.06 10:44:37 | 000,016,400 | ---- | M] (Logitech, Inc.) -- C:\Windows\System32\drivers\LNonPnP.sys
    [2010.03.06 10:37:16 | 000,033,920 | ---- | M] () -- C:\Windows\System32\drivers\fsbts.sys
    [2010.03.06 10:31:37 | 000,000,052 | ---- | M] () -- C:\Windows\System32\ashttpstats.csv
    [2010.03.05 17:29:59 | 000,000,496 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_002.cplist
    [2010.03.05 17:07:49 | 000,000,562 | ---- | M] () -- C:\Users\Sini\Documents\MyPlaylist_001.cplist
    [2010.03.04 10:06:23 | 002,353,664 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\phar_unmip.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\phar_histprot.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_video.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_webproxy.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_tabloids.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_socialnetworks.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_searchengines.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_regionaltlds.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_pornography.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_onlineshop.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_onlinepay.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_onlinedating.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_news.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_im.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_illegal.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_hate.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_games.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_gambling.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_drugs.dat
    [2010.03.03 12:59:57 | 000,115,248 | ---- | M] () -- C:\Users\Sini\AppData\Local\GDIPFONTCACHEV1.DAT
    [2010.03.03 12:06:44 | 000,000,025 | ---- | M] () -- C:\Users\Sini\AppData\Roaming\bdfvconp.ini
    [2010.03.03 11:15:58 | 000,002,412 | ---- | M] () -- C:\Windows\System32\lgAxconfig.ini
    [2010.03.03 10:42:16 | 000,000,132 | ---- | M] () -- C:\Windows\System32\rezumatenoi.dat
    [2010.03.03 10:38:08 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
    [2010.03.03 10:18:28 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcp71.dll
    [2010.03.03 10:18:28 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcr71.dll
    [2010.03.03 09:58:58 | 000,008,284 | ---- | M] () -- C:\Windows\System32\eps_icon.avi
    [2010.02.25 12:03:02 | 000,030,536 | ---- | M] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe
    [2010.02.25 11:56:16 | 000,021,320 | ---- | M] (TuneUp Software) -- C:\Windows\System32\authuitu.dll
    [2010.02.25 11:56:02 | 000,030,024 | ---- | M] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll
    [2010.02.24 09:16:06 | 000,181,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
    [2010.02.20 17:07:24 | 000,278,984 | ---- | M] () -- C:\Windows\System32\drivers\atksgt.sys
    [2010.02.20 17:06:41 | 000,025,416 | ---- | M] () -- C:\Windows\System32\drivers\lirsgt.sys
    [2010.02.18 13:42:24 | 001,290,240 | ---- | M] () -- C:\Windows\System32\p0_aPIH.dll
    [2010.02.11 09:10:14 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2010.03.11 17:22:50 | 000,000,975 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
    [2010.03.11 10:53:23 | 000,001,815 | ---- | C] () -- C:\Users\Sini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk
    [2010.03.10 18:33:27 | 000,000,466 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_021.cplist
    [2010.03.10 18:27:55 | 000,000,466 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_020.cplist
    [2010.03.10 17:14:46 | 000,000,480 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_019.cplist
    [2010.03.10 17:07:51 | 000,000,466 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_018.cplist
    [2010.03.10 16:48:16 | 000,000,522 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_017.cplist
    [2010.03.09 23:08:45 | 437,169,378 | ---- | C] () -- C:\Windows\MEMORY.DMP
    [2010.03.09 20:58:43 | 000,006,136 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
    [2010.03.09 17:58:09 | 002,760,844 | ---- | C] () -- C:\Users\Sini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\update.exe
    [2010.03.09 17:57:01 | 000,118,375 | ---- | C] () -- C:\Windows\System32\MSF_RIUNyS3.exe
    [2010.03.08 17:34:09 | 000,524,288 | -HS- | C] () -- C:\Users\Sini\ntuser.dat{d4828c67-2ac3-11df-9e1b-001966bb5e2b}.TMContainer00000000000000000002.regtrans-ms
    [2010.03.08 17:34:09 | 000,524,288 | -HS- | C] () -- C:\Users\Sini\ntuser.dat{d4828c67-2ac3-11df-9e1b-001966bb5e2b}.TMContainer00000000000000000001.regtrans-ms
    [2010.03.08 17:34:09 | 000,065,536 | -HS- | C] () -- C:\Users\Sini\ntuser.dat{d4828c67-2ac3-11df-9e1b-001966bb5e2b}.TM.blf
    [2010.03.07 20:12:07 | 000,000,514 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_016.cplist
    [2010.03.07 20:11:41 | 000,000,498 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_015.cplist
    [2010.03.07 19:54:33 | 000,000,562 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_014.cplist
    [2010.03.07 15:16:36 | 000,000,466 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_013.cplist
    [2010.03.07 15:15:38 | 000,000,490 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_012.cplist
    [2010.03.07 10:49:53 | 000,000,486 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_011.cplist
    [2010.03.07 10:49:13 | 000,000,514 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_010.cplist
    [2010.03.06 22:12:01 | 000,000,582 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_009.cplist
    [2010.03.06 22:10:45 | 000,000,452 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_008.cplist
    [2010.03.06 22:09:53 | 000,000,582 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_007.cplist
    [2010.03.06 22:08:50 | 000,000,510 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_006.cplist
    [2010.03.06 20:32:44 | 000,000,498 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_005.cplist
    [2010.03.06 18:00:35 | 000,000,564 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_004.cplist
    [2010.03.06 13:05:40 | 000,000,522 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_003.cplist
    [2010.03.06 10:40:52 | 000,000,574 | ---- | C] () -- C:\Windows\tasks\Scheduled scanning task.job
    [2010.03.06 10:24:39 | 000,033,920 | ---- | C] () -- C:\Windows\System32\drivers\fsbts.sys
    [2010.03.05 17:29:59 | 000,000,496 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_002.cplist
    [2010.03.05 17:07:49 | 000,000,562 | ---- | C] () -- C:\Users\Sini\Documents\MyPlaylist_001.cplist
    [2010.03.05 10:32:29 | 000,000,052 | ---- | C] () -- C:\Windows\System32\ashttpstats.csv
    [2010.03.03 20:00:16 | 000,491,104 | ---- | C] () -- C:\Windows\System32\atiumdva.cap
    [2010.03.03 20:00:15 | 000,001,035 | ---- | C] () -- C:\Windows\System32\atipblag.dat
    [2010.03.03 20:00:08 | 000,020,274 | ---- | C] () -- C:\Windows\atiogl.xml
    [2010.03.03 20:00:06 | 000,198,341 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
    [2010.03.03 20:00:05 | 000,031,240 | ---- | C] () -- C:\Windows\System32\atiapfxx.blb
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\phar_unmip.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\phar_histprot.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_video.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_webproxy.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_tabloids.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_socialnetworks.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_searchengines.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_regionaltlds.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_pornography.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_onlineshop.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_onlinepay.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_onlinedating.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_news.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_im.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_illegal.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_hate.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_games.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_gambling.dat
    [2010.03.03 13:23:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_drugs.dat
    [2010.03.03 12:06:44 | 000,000,025 | ---- | C] () -- C:\Users\Sini\AppData\Roaming\bdfvconp.ini
    [2010.03.03 11:15:35 | 000,053,248 | ---- | C] () -- C:\Windows\System32\CommonDL.dll
    [2010.03.03 11:15:35 | 000,002,412 | ---- | C] () -- C:\Windows\System32\lgAxconfig.ini
    [2010.03.03 10:38:08 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
    [2010.02.20 17:06:42 | 000,278,984 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
    [2010.02.20 17:06:41 | 000,025,416 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
    [2010.02.18 13:42:24 | 001,290,240 | ---- | C] () -- C:\Windows\System32\p0_aPIH.dll
    [2010.01.20 21:29:05 | 000,000,008 | RHS- | C] () -- C:\ProgramData\DA2827B44C.sys
    [2010.01.20 21:29:04 | 000,002,516 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
    [2010.01.03 21:04:37 | 000,722,416 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
    [2009.12.26 18:13:11 | 000,151,552 | ---- | C] () -- C:\Windows\System32\nvRegDev.dll
    [2009.12.18 20:29:26 | 000,237,568 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
    [2009.12.18 19:47:12 | 000,026,112 | ---- | C] () -- C:\Users\Sini\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2009.12.03 18:49:16 | 000,007,605 | ---- | C] () -- C:\Users\Sini\AppData\Local\Resmon.ResmonCfg
    [2009.12.01 19:03:03 | 000,003,733 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
    [2009.11.26 22:38:15 | 000,008,704 | ---- | C] () -- C:\Windows\System32\CNMVS7I.DLL
    [2009.11.26 17:11:39 | 000,000,246 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.cfl
    [2009.11.26 17:10:57 | 000,303,104 | ---- | C] () -- C:\Windows\System32\CmiInstallResAll.dll
    [2009.11.26 17:10:57 | 000,002,123 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.cfg
    [2009.11.26 17:10:57 | 000,000,168 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.imi
    [2009.11.26 17:10:56 | 000,002,754 | ---- | C] () -- C:\Windows\cmudax3.ini
    [2009.11.25 22:39:58 | 000,000,266 | ---- | C] () -- C:\Windows\lgfwup.ini
    [2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
    [2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
    [2009.07.14 01:11:15 | 000,021,584 | ---- | C] () -- C:\Windows\System32\drivers\atapi.sys
    [2009.06.19 20:06:22 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
    [2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
    [2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
    [2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
    [2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
    [2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
    [2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
    [2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
    [2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
    [2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
    [2006.10.11 05:33:58 | 000,010,288 | ---- | C] () -- C:\Windows\System32\drivers\ASUSHWIO.SYS
    [2005.02.25 06:15:00 | 000,159,744 | ---- | C] () -- C:\Windows\System32\EPSPTDV.DLL
    [2004.01.15 07:01:26 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll
    < End of report >



    OTL Extras logfile created on: 11.3.2010 17:49:46 - Run 1
    OTL by OldTimer - Version 3.1.36.1 Folder = C:\Users\Sini\Desktop
    Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.7600.16385)
    Locale: 0000040b | Country: Suomi | Language: FIN | Date Format: d.M.yyyy

    3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 68,00% Memory free
    7,00 Gb Paging File | 6,00 Gb Available in Paging File | 83,00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 931,51 Gb Total Space | 732,06 Gb Free Space | 78,59% Space Free | Partition Type: NTFS
    D: Drive not present or media not loaded
    E: Drive not present or media not loaded
    F: Drive not present or media not loaded
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded

    Computer Name: SINI-PC
    Current User Name: Sini
    Logged in as Administrator.

    Current Boot Mode: Normal
    Scan Mode: All users
    Company Name Whitelist: Off
    Skip Microsoft Files: Off
    File Age = 30 Days
    Output = Standard

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
    .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

    [HKEY_USERS\S-1-5-21-3761315706-44459061-675875969-1001\SOFTWARE\Classes\<extension>]
    .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

    ========== Shell Spawning ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
    htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
    htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = Reg Error: Unknown registry data type -- File not found
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    ========== Authorized Applications List ==========


    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
    "{022F6097-A053-4B1B-BE50-3AADE4116B92}" = Opera 10.50
    "{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
    "{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
    "{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
    "{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
    "{0BB72566-0D4C-7200-2CE7-02F298B49C88}" = CCC Help English
    "{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
    "{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
    "{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
    "{110AD51E-D0E0-49B1-52FD-291373BA62EA}" = Catalyst Control Center Graphics Full New
    "{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
    "{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
    "{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
    "{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
    "{1B2DBF55-05D4-4072-87D8-689141E262BD}" = Creative ZEN
    "{1E99F5D7-4262-4C7C-9135-F066E7485811}" = System Requirements Lab
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{20071984-5EB1-4881-8EDB-082532ACEC6D}" = Heroes of Might and Magic V
    "{20140000-000F-0000-0000-0000000FF1CE}" = Microsoft Office Mondo 2010 (Beta)
    "{20140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010 (Beta)
    "{20140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010 (Beta)
    "{20140000-0017-0409-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (English) 2010 (Beta)
    "{20140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010 (Beta)
    "{20140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010 (Beta)
    "{20140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010 (Beta)
    "{20140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010 (Beta)
    "{20140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 (Beta)
    "{20140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 (Beta)
    "{20140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010 (Beta)
    "{20140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010 (Beta)
    "{20140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010 (Beta)
    "{20140000-0054-0409-0000-0000000FF1CE}" = Microsoft Office Visio MUI (English) 2010 (Beta)
    "{20140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010 (Beta)
    "{20140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010 (Beta)
    "{20140000-00B4-0409-0000-0000000FF1CE}" = Microsoft Office Project MUI (English) 2010 (Beta)
    "{20140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010 (Beta)
    "{20140000-0102-0409-0000-0000000FF1CE}" = Microsoft Office MondoOnly MUI (English) 2010 (Beta)
    "{20140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010 (Beta)
    "{20140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010 (Beta)
    "{20140000-011A-0000-0000-0000000FF1CE}" = Microsoft Office Send-a-Smile
    "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Liven lataustyökalu
    "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
    "{23F79416-CAD1-41BF-99A3-040F6C814AAA}" = NVIDIA Photoshop Plug-ins
    "{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
    "{31557F4F-7D10-D32E-4B70-237A09FCC31B}" = Catalyst Control Center Graphics Previews Common
    "{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
    "{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
    "{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
    "{3C175604-F026-5D79-BBD8-F626AE10B3EF}" = Catalyst Control Center Graphics Full Existing
    "{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
    "{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Autodesk Backburner 2008.1
    "{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
    "{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
    "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
    "{4442AB48-DEC4-4B39-B067-1F75BF8017E7}" = Creative Centrale
    "{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{513148E7-B7A1-48B2-B518-668701E546F5}" = LightScribe System Software 1.14.19.1
    "{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
    "{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
    "{5C1F18D2-F6B7-4242-B803-B5A78648185D}" = Corel WinDVD 2010
    "{5DB65884-C963-4454-AABA-4CA3089281FA}" = NVIDIA PhysX
    "{6179550A-3E7C-499E-BCC9-9E8113E0A285}" = LG Tool Kit
    "{62C2067E-5851-BD4C-98E0-5C4D5E155A5B}" = Catalyst Control Center Core Implementation
    "{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
    "{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
    "{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
    "{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
    "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
    "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
    "{72736F5F-520D-472A-88CC-7B02872FD34E}" = ATI Catalyst Registration
    "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
    "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    "{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
    "{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
    "{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
    "{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
    "{85EB1E72-4FAA-40E4-A511-DF3A9A0A4CA8}" = Windows Live Messenger
    "{86604C06-DA30-425E-AECE-47304FE81C45}" = Creative Software Update
    "{87BB78C4-F36D-4D93-A7C7-F80F18219848}" = AMD DnD V1.0.19
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
    "{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
    "{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
    "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{993960EE-CA4D-443F-8F88-E24260DD5FD2}" = LG PC Suite
    "{998152E5-B605-4BBB-9853-E749AEE02B21}" = Windows Liven kirjautumisavustaja
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{9C87F6BB-75E4-4F35-8353-F5E295264E98}" = Windows Live Call
    "{9D669429-A2E4-4793-B7A0-283D259F39AF}" = Adobe Photoshop Lightroom 2.5
    "{9E1BAB75-EB78-440D-94C0-A3857BE2E733}" = System Requirements Lab
    "{A292C05C-840A-9D47-5350-EF39ECC7629E}" = Catalyst Control Center HydraVision Full
    "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
    "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
    "{A666A477-4C02-415E-9F31-3541FC0CD6B5}" = SipdxDLL
    "{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
    "{AA2BCB44-B44F-445A-A80C-E6C50218940C}" = Windows Liven asennustyökalu
    "{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
    "{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.1
    "{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
    "{AD17676C-5065-E427-130B-21CE713F93E7}" = Catalyst Control Center Graphics Light
    "{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
    "{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
    "{B970700B-E49F-ECEF-4ADB-0F3E1AFEDE91}" = ccc-core-static
    "{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
    "{BC1FFF14-C10D-7087-C43A-4A8ECC9C98C4}" = ATI Catalyst Install Manager
    "{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
    "{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem Driver
    "{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
    "{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
    "{CF23AFD7-3078-4134-8823-EBF6D1FE6FAD}" = Canon MP450
    "{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
    "{D5395E5F-4D45-4665-8F00-234FA33678AF}" = SlimDX Redistributable (March 2009)
    "{DA6FAB8D-E87A-4E8E-A3D3-B7B9F479C725}" = forteManager
    "{E2E7A0E8-77C4-495F-8FA3-63DAEDAA2DB3}" = F-Secure PSC Prerequisites
    "{E2F29FCA-126F-48DF-A9B5-BEBE8F0F1610}" = CreativeSetup
    "{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
    "{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
    "{E542E630-8BB7-4C28-B8EB-0BAD2B201C65}" = Audio Track Editor
    "{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
    "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
    "{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
    "{F439D7AF-03F3-4F8E-AEC4-571BFE977C61}" = iTunes
    "{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
    "{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
    "{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
    "{F9726DDC-D7B5-BF1F-5626-EA467FEEBC52}" = ccc-utility
    "{F9F13FEA-D51E-A1C3-4EDC-D04A91B62C93}" = Catalyst Control Center Graphics Previews Vista
    "{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
    "{FE3997D3-6B56-4AC4-A99C-9DDFC45359BF}" = TuneUp Utilities Language Pack (en-US)
    "Adobe AIR" = Adobe AIR
    "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
    "Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
    "ADSL Router Utility" = ADSL Router Utility
    "Akamai" = Akamai NetSession Interface
    "CCleaner" = CCleaner
    "C-Media PCI Audio Driver" = C-Media PCI Audio Device
    "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
    "Creative Centrale" = Creative Centrale
    "Creative Software AutoUpdate" = Creative Software AutoUpdate
    "Defraggler" = Defraggler
    "Driver Genius Professional Edition_is1" = Driver Genius Professional Edition
    "EADM" = EA Download Manager
    "FileHippo.com" = FileHippo.com Update Checker
    "F-Secure Product 444" = Sonera Tietoturva
    "HijackThis" = HijackThis 2.0.2
    "InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
    "LastFM_is1" = Last.fm 1.5.4.24567
    "LimeWire" = LimeWire 5.5.5
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
    "Mozilla Firefox (3.6)" = Mozilla Firefox (3.6)
    "MSF_RIUNyS3" = LoudMo Contextual Ad Assistant
    "NVIDIA Drivers" = NVIDIA Drivers
    "Office14.MONDO" = Microsoft Office Mondo 2010
    "PowerISO" = PowerISO
    "Sonera Internet Avustaja_is1" = Sonera Internet Avustaja
    "Spotify" = Spotify
    "SysInfo" = Creative System Information
    "TS3 Install Helper Monkey" = TS3 Install Helper Monkey
    "TuneUp Utilities" = TuneUp Utilities
    "Uninstall_is1" = Uninstall 1.0.0.1
    "uTorrent" = µTorrent
    "WinLiveSuite_Wave3" = Windows Liven asennustyökalu
    "WinPcapInst" = WinPcap 3.1 beta3
    "WinRAR archiver" = WinRAR archiver
    "VLC media player" = VLC media player 1.0.3

    ========== Last 10 Event Log Errors ==========

    [ Application Events ]
    Error - 10.3.2010 10:40:05 | Computer Name = Sini-PC | Source = FSecure-FSecure-F-Secure DeepGuard | ID = 103
    Description = 1 2010-03-10 16:40:05+03:00 SINI-PC SYSTEM F-Secure DeepGuard

    DeepGuard configuration was rejected. Old configuration will be used if possible.

    Error code: DAAS reject

    Error - 10.3.2010 10:52:02 | Computer Name = Sini-PC | Source = FSecure-FSecure-F-Secure DeepGuard | ID = 103
    Description = 1 2010-03-10 16:52:02+03:00 SINI-PC SYSTEM F-Secure DeepGuard

    DeepGuard configuration was rejected. Old configuration will be used if possible.

    Error code: DAAS reject

    Error - 10.3.2010 14:39:39 | Computer Name = Sini-PC | Source = Application Error | ID = 1000
    Description = Viallisen sovelluksen nimi: IEXPLORE.EXE, versio: 8.0.7600.16385,
    aikaleima: 0x4a5bc69e Viallisen moduulin nimi: ntdll.dll, versio: 6.1.7600.16385,
    aikaleima: 0x4a5bdadb Poikkeuskoodi: 0xc0000005 Virhepoikkeama: 0x00046b90 Viallisen
    prosessin tunnus: 0xee8 Viallisen sovelluksen käynnistysaika: 0x01cac080c4a06724
    Viallisen
    sovelluksen polku: C:\Program Files\Internet Explorer\IEXPLORE.EXE Viallisen moduulin
    polku: C:\Windows\SYSTEM32\ntdll.dll Raportin tunnus: 4873d423-2c74-11df-a210-001966bb5e2b

    Error - 10.3.2010 15:02:09 | Computer Name = Sini-PC | Source = Application Error | ID = 1000
    Description = Viallisen sovelluksen nimi: iexplore.exe, versio: 8.0.7600.16385,
    aikaleima: 0x4a5bc69e Viallisen moduulin nimi: ntdll.dll, versio: 6.1.7600.16385,
    aikaleima: 0x4a5bdadb Poikkeuskoodi: 0xc0000005 Virhepoikkeama: 0x00046b90 Viallisen
    prosessin tunnus: 0xdd0 Viallisen sovelluksen käynnistysaika: 0x01cac0841fbdf149
    Viallisen
    sovelluksen polku: C:\Program Files\Internet Explorer\iexplore.exe Viallisen moduulin
    polku: C:\Windows\SYSTEM32\ntdll.dll Raportin tunnus: 6cfac2e4-2c77-11df-a210-001966bb5e2b

    Error - 10.3.2010 15:20:08 | Computer Name = Sini-PC | Source = Application Error | ID = 1000
    Description = Viallisen sovelluksen nimi: iexplore.exe, versio: 8.0.7600.16385,
    aikaleima: 0x4a5bc69e Viallisen moduulin nimi: ntdll.dll, versio: 6.1.7600.16385,
    aikaleima: 0x4a5bdadb Poikkeuskoodi: 0xc0000005 Virhepoikkeama: 0x00046b90 Viallisen
    prosessin tunnus: 0xecc Viallisen sovelluksen käynnistysaika: 0x01cac0869d47617f
    Viallisen
    sovelluksen polku: C:\Program Files\Internet Explorer\iexplore.exe Viallisen moduulin
    polku: C:\Windows\SYSTEM32\ntdll.dll Raportin tunnus: f03d4823-2c79-11df-a210-001966bb5e2b

    Error - 10.3.2010 16:04:02 | Computer Name = Sini-PC | Source = Application Error | ID = 1000
    Description = Viallisen sovelluksen nimi: iexplore.exe, versio: 8.0.7600.16385,
    aikaleima: 0x4a5bc69e Viallisen moduulin nimi: ntdll.dll, versio: 6.1.7600.16385,
    aikaleima: 0x4a5bdadb Poikkeuskoodi: 0xc0000005 Virhepoikkeama: 0x00046b90 Viallisen
    prosessin tunnus: 0x1214 Viallisen sovelluksen käynnistysaika: 0x01cac08cbde8fc58
    Viallisen
    sovelluksen polku: C:\Program Files\Internet Explorer\iexplore.exe Viallisen moduulin
    polku: C:\Windows\SYSTEM32\ntdll.dll Raportin tunnus: 11dd8c29-2c80-11df-a210-001966bb5e2b

    Error - 11.3.2010 4:06:42 | Computer Name = Sini-PC | Source = FSecure-FSecure-F-Secure DeepGuard | ID = 103
    Description = 1 2010-03-11 10:06:42+03:00 SINI-PC SYSTEM F-Secure DeepGuard

    DeepGuard configuration was rejected. Old configuration will be used if possible.

    Error code: DAAS reject

    Error - 11.3.2010 5:16:36 | Computer Name = Sini-PC | Source = SideBySide | ID = 16842815
    Description = Aktivointikontekstin luonti epäonnistui (c:\Program Files\Common Files\Adobe
    AIR\Versions\1.0\Adobe AIR.dll). Virhe luettelo- tai käytäntötiedoston c:\Program
    Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll rivillä 3. Määritteen version
    arvo (MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR) ei kelpaa
    elementissä assemblyIdentity.

    Error - 11.3.2010 11:24:57 | Computer Name = Sini-PC | Source = FSecure-FSecure-F-Secure Anti-Virus | ID = 103
    Description = 2 2010-03-11 17:24:56+03:00 SINI-PC Sini-PC\Sini F-Secure Anti-Virus

    Malicious code found in file C:\Windows\System32\sshnas21.dll. Infection: Trojan.Generic.3313565


    Error - 11.3.2010 11:46:26 | Computer Name = Sini-PC | Source = Application Error | ID = 1000
    Description = Viallisen sovelluksen nimi: mbam.exe, versio: 1.44.0.0, aikaleima:
    0x4b46461a Viallisen moduulin nimi: ntdll.dll, versio: 6.1.7600.16385, aikaleima:
    0x4a5bdadb Poikkeuskoodi: 0xc0000005 Virhepoikkeama: 0x0005c74a Viallisen prosessin
    tunnus: 0x6a0 Viallisen sovelluksen käynnistysaika: 0x01cac12ecd93b5f4 Viallisen
    sovelluksen polku: C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe Viallisen
    moduulin polku: C:\Windows\SYSTEM32\ntdll.dll Raportin tunnus: 3fd4557a-2d25-11df-99ba-001966bb5e2b

    [ Media Center Events ]
    Error - 19.2.2010 7:06:41 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
    Description = 13:06:39 - Virhe muodostettaessa Internet-yhteyttä. 13:06:40 -
    Yhteyden muodostaminen palvelimeen ei onnistu..

    Error - 19.2.2010 7:11:14 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
    Description = 13:07:14 - Virhe muodostettaessa Internet-yhteyttä. 13:07:14 -
    Yhteyden muodostaminen palvelimeen ei onnistu..

    Error - 20.2.2010 10:48:31 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
    Description = 16:48:31 - Virhe muodostettaessa Internet-yhteyttä. 16:48:31 -
    Yhteyden muodostaminen palvelimeen ei onnistu..

    Error - 20.2.2010 10:49:04 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
    Description = 16:49:01 - Virhe muodostettaessa Internet-yhteyttä. 16:49:01 -
    Yhteyden muodostaminen palvelimeen ei onnistu..

    Error - 21.2.2010 11:00:55 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
    Description = 17:00:55 - Virhe muodostettaessa Internet-yhteyttä. 17:00:55 -
    Yhteyden muodostaminen palvelimeen ei onnistu..

    Error - 21.2.2010 11:01:04 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
    Description = 17:01:00 - Virhe muodostettaessa Internet-yhteyttä. 17:01:00 -
    Yhteyden muodostaminen palvelimeen ei onnistu..

    Error - 23.2.2010 1:22:28 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
    Description = 7:22:28 - Virhe muodostettaessa Internet-yhteyttä. 7:22:28 - Yhteyden
    muodostaminen palvelimeen ei onnistu..

    Error - 23.2.2010 1:22:38 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
    Description = 7:22:33 - Virhe muodostettaessa Internet-yhteyttä. 7:22:33 - Yhteyden
    muodostaminen palvelimeen ei onnistu..

    Error - 2.3.2010 5:43:49 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
    Description = 11:43:49 - Virhe muodostettaessa Internet-yhteyttä. 11:43:49 -
    Yhteyden muodostaminen palvelimeen ei onnistu..

    Error - 2.3.2010 5:43:58 | Computer Name = Sini-PC | Source = MCUpdate | ID = 0
    Description = 11:43:55 - Virhe muodostettaessa Internet-yhteyttä. 11:43:55 -
    Yhteyden muodostaminen palvelimeen ei onnistu..

    [ System Events ]
    Error - 16.1.2010 10:26:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7031
    Description = Palvelu Käyttäjäprofiilipalvelu on päättynyt odottamatta. Tämä on
    tapahtunut 1 kertaa. 120000 millisekunnin kuluttua suoritetaan seuraava korjaustoimi:
    Käynnistä palvelu uudelleen.

    Error - 16.1.2010 10:26:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7031
    Description = Palvelu Tehtävien ajoitus on päättynyt odottamatta. Tämä on tapahtunut
    1 kertaa. 60000 millisekunnin kuluttua suoritetaan seuraava korjaustoimi: Käynnistä
    palvelu uudelleen.

    Error - 16.1.2010 10:26:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7031
    Description = Palvelu Järjestelmätapahtumien ilmoituspalvelu on päättynyt odottamatta.
    Tämä on tapahtunut 1 kertaa. 120000 millisekunnin kuluttua suoritetaan seuraava
    korjaustoimi: Käynnistä palvelu uudelleen.

    Error - 16.1.2010 10:26:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7031
    Description = Palvelu Käyttöliittymän laitteistotunnistus on päättynyt odottamatta.
    Tämä on tapahtunut 1 kertaa. 60000 millisekunnin kuluttua suoritetaan seuraava
    korjaustoimi: Käynnistä palvelu uudelleen.

    Error - 16.1.2010 10:26:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7031
    Description = Palvelu Teemat on päättynyt odottamatta. Tämä on tapahtunut 1 kertaa.
    60000 millisekunnin kuluttua suoritetaan seuraava korjaustoimi: Käynnistä palvelu
    uudelleen.

    Error - 16.1.2010 10:26:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7031
    Description = Palvelu WMI-palvelu (Windows Management Instrumentation) on päättynyt
    odottamatta. Tämä on tapahtunut 1 kertaa. 120000 millisekunnin kuluttua suoritetaan
    seuraava korjaustoimi: Käynnistä palvelu uudelleen.

    Error - 16.1.2010 10:26:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7031
    Description = Palvelu Windows Update on päättynyt odottamatta. Tämä on tapahtunut
    1 kertaa. 60000 millisekunnin kuluttua suoritetaan seuraava korjaustoimi: Käynnistä
    palvelu uudelleen.

    Error - 16.1.2010 10:27:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7032
    Description = Palvelujen ohjauksen hallinta yritti suorittaa korjaustoimia (Käynnistä
    palvelu uudelleen) palvelun Palvelin odottamattoman lopettamisen jälkeen. Yritys
    epäonnistui ja tapahtui virhe: %%1056

    Error - 16.1.2010 10:28:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7032
    Description = Palvelujen ohjauksen hallinta yritti suorittaa korjaustoimia (Käynnistä
    palvelu uudelleen) palvelun Tietokoneiden selaus odottamattoman lopettamisen jälkeen.
    Yritys epäonnistui ja tapahtui virhe: %%1056

    Error - 16.1.2010 10:28:29 | Computer Name = Sini-PC | Source = Service Control Manager | ID = 7032
    Description = Palvelujen ohjauksen hallinta yritti suorittaa korjaustoimia (Käynnistä
    palvelu uudelleen) palvelun WMI-palvelu (Windows Management Instrumentation) odottamattoman
    lopettamisen jälkeen. Yritys epäonnistui ja tapahtui virhe: %%1056


    < End of report >
     
    toope92, 11.03.2010
    #12
  14. warwas

    warwas Guest

    Kokeile ekaksi:

    Lataa Combofix mistä tahansa alapuolella olevasta linkistä. Sinun täytyy uudelleennimetä se ennen tallennusta. Tallenna
    se työpöydällesi.

    Linkki 1
    Linkki 2
    Linkki 3

    [​IMG]


    [​IMG]
    --------------------------------------------------------- -----------

    Tuplaklikkaa Combo-Fix.exe-tiedostoa ja seuraa ohjeita.
    Kun työkalu on valmis, se tuottaa lokin, C:\ComboFix.txt . Lähetä tämä loki viestiketjuusi uuden HijackThis-lokin kera.

    Huom! Älä klikkaile combofixin ikkunaa käytön aikana. Tämä saattaa aiheuttaa ohjelman jumiutumisen


    Nonni, päästään LiveLinuxiin :D

    Pitäis nytten ladata ja polttaa LiveLinux DVD/CD-Levylle

    Lataa Ubuntun LiveLinux
    http://www.ubuntu.com/getubuntu/download

    Polta se levylle.

    Ekaksi hae Seiskan Haulla Atapi -tiedostoa
    http://windows.microsoft.com/fi-FI/windows7/Find-a-file-or-folder

    Katso missä se sijaitsee ja kirjoita polku ylös muistiin(itsellä on DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81
    )

    Printtaa taikka ota seuraavat ohjeet ylös talteen

    Boottijärjestyksen muuttaminen:
    Sammuta ja käynnistä tietokone, kun käynnistyy näpyttele DEL -näppäintä jolloin pääset vaihtamaan BIOSSista boottijärjestyksen jollei se suoraan boottaa polttamaltasi levyltä, valitse sieltä dvd-asemasi.

    Kun pääset Linuxiin niin poista tummennetut tiedostot
    C:\Windows\TEMP\nytf.tmp\svchost.exe
    C:\Users\Sini\AppData\Roaming\ufxw.exe
    C:\Windows\System32\MSF_RIUNyS3.exe
    C:\Users\Sini\AppData\Local\Temp\Qtr.exe
    C:\Windows\msa.exe
    C:\Windows\System32\Drivers\spnq.sys

    Hae etsimäsi puhdas atapi.sys ja laita se saastuneeen
    c:\windows\system32\drivers\atapi.sys tilalle

    Sammuta ja mene windowssiin, skannaa Mbam:lla sekä lähetä sen loki.
     
    Moderaattorin viimeksi muokkaama: 11.03.2010
    warwas, 11.03.2010
    #13
  15. toope92

    toope92 Regular member

    Liittynyt:
    08.11.2006
    Viestejä:
    140
    Kiitokset:
    0
    Pisteet:
    26
    poistaako tämä kaikki koneela olevat softat, kuvat, musat ym...?
     
    toope92, 12.03.2010
    #14
  16. warwas

    warwas Guest

    Combo ei poista muuta kuin haitallisia tiedostoja, mutta nyt kun seiska kyseessä ei ole varmaa toimiiko se edes, koklataan sitä ekaksi kuin tuota monimutkaisempaa linux-ohjetta.

    Eli kokeile ekaksi pelkkää comboa, sitten jollei toimi niin tuo live...-ohje.
     
    Moderaattorin viimeksi muokkaama: 12.03.2010
    warwas, 12.03.2010
    #15
  17. toope92

    toope92 Regular member

    Liittynyt:
    08.11.2006
    Viestejä:
    140
    Kiitokset:
    0
    Pisteet:
    26
    Linus homma menee hieman hankalaksi mutta combo toimi


    ComboFix 10-03-11.02 - Sini 11.03.2010 22:48:45.1.2 - x86
    Microsoft Windows 7 Home Premium 6.1.7600.0.1252.358.1035.18.3583.2257 [GMT 2:00]
    Sijainti: c:\users\Sini\Desktop\CF.exe
    .

    (((((((((((((((((((((((((((((((((((((( Muut poistot ))))))))))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\program files\temp
    c:\program files\WinPCap
    c:\program files\WinPCap\daemon_mgm.exe
    c:\program files\WinPCap\INSTALL.LOG
    c:\program files\WinPCap\NetMonInstaller.exe
    c:\program files\WinPCap\npf_mgm.exe
    c:\program files\WinPCap\rpcapd.exe
    c:\program files\WinPCap\Uninstall.exe
    c:\programdata\Microsoft\Network\Downloader\qmgr0.dat
    c:\programdata\Microsoft\Network\Downloader\qmgr1.dat
    C:\setup.exe
    c:\users\Sini\AppData\Local\Temp\jna8177222537024543165.dll
    c:\users\Sini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\update.exe
    c:\windows\system32\drivers\npf.sys
    c:\windows\system32\Packet.dll
    c:\windows\system32\pthreadVC.dll
    c:\windows\system32\WanPacket.dll
    c:\windows\system32\VB6KO.DLL
    c:\windows\system32\wpcap.dll

    ----- BITS: Mahdollisesti saastuneet sivut -----

    hxxp://sync.avustaja.sonera.fi
    .
    ((((((((((((((((((((((((((((((((((((((( Ajurit/Palvelut )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    -------\Service_NPF


    ((((( Tiedostot, jotka on luotu seuraavalla aikavälillä: 2010-02-11 to 2010-03-11 )))))))))))))))))
    .

    2010-03-11 20:53 . 2010-03-11 20:53 -------- d-----w- c:\users\Default\AppData\Local\temp
    2010-03-11 20:21 . 2010-03-11 20:21 5115824 ----a-w- c:\programdata\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
    2010-03-10 14:49 . 2010-03-11 16:40 -------- d-----w- c:\users\Sini\Tracing
    2010-03-09 18:58 . 2009-08-05 14:10 6136 ----a-w- c:\windows\system32\drivers\nvphy.bin
    2010-03-09 18:58 . 2009-07-30 14:48 705536 ----a-w- c:\windows\system32\cohelper.dll
    2010-03-09 17:14 . 2010-01-27 09:11 2622496 ----a-w- c:\windows\system32\RtkHDMI.dll
    2010-03-09 17:14 . 2010-01-27 09:04 183584 ----a-w- c:\windows\system32\drivers\RtHDMIV.sys
    2010-03-09 17:14 . 2009-12-15 16:26 73928 ----a-w- c:\windows\system32\RTEEL32H.dll
    2010-03-09 17:14 . 2009-12-15 16:26 355528 ----a-w- c:\windows\system32\RTEEP32H.dll
    2010-03-09 17:14 . 2009-12-15 16:26 62664 ----a-w- c:\windows\system32\RTEEG32H.dll
    2010-03-09 17:14 . 2009-12-15 16:26 168648 ----a-w- c:\windows\system32\RTEED32H.dll
    2010-03-09 17:14 . 2010-03-09 17:14 -------- dc----w- c:\program files\Realtek
    2010-03-09 17:14 . 2010-01-27 09:11 57376 ----a-w- c:\windows\system32\RHCoInst.dll
    2010-03-09 17:14 . 2010-01-27 09:11 1640480 ----a-w- c:\windows\system32\RHDMIExt.dll
    2010-03-09 17:14 . 2010-01-11 06:41 293600 ----a-w- c:\windows\system32\RH3DHT32.dll
    2010-03-09 17:14 . 2010-01-11 06:40 293600 ----a-w- c:\windows\system32\RH3DAA32.dll
    2010-03-09 17:11 . 2010-03-09 17:11 -------- dc----w- C:\SMU
    2010-03-09 17:11 . 2010-03-09 17:11 -------- dc----w- C:\SMBUS
    2010-03-09 17:11 . 2010-03-09 17:11 -------- dc----w- C:\IDE
    2010-03-09 17:11 . 2010-03-09 17:11 -------- dc----w- C:\Ethernet
    2010-03-09 15:57 . 2010-03-09 16:35 118375 ----a-w- c:\windows\system32\MSF_RIUNyS3.exe
    2010-03-09 15:03 . 2010-03-09 15:03 -------- dc----w- c:\program files\Driver-Soft
    2010-03-09 05:09 . 2009-12-08 11:40 3955288 ----a-w- c:\windows\system32\ntkrnlpa.exe
    2010-03-09 05:09 . 2009-12-08 11:40 3899464 ----a-w- c:\windows\system32\ntoskrnl.exe
    2010-03-09 05:09 . 2009-12-08 11:32 292864 ----a-w- c:\windows\system32\apphelp.dll
    2010-03-08 18:27 . 2010-03-08 18:27 -------- dc----w- c:\program files\Trend Micro
    2010-03-08 15:22 . 2010-03-08 15:22 -------- dc----w- c:\program files\TrendMicro
    2010-03-08 02:51 . 2010-03-08 15:32 -------- dc----w- C:\SDFix
    2010-03-08 02:47 . 2010-03-08 02:47 -------- d-----w- c:\windows\Sun
    2010-03-07 17:54 . 2010-03-08 15:32 -------- d-----w- c:\users\Sini\AppData\Local\Stay Secure
    2010-03-07 14:43 . 2010-02-11 07:10 293376 ----a-w- c:\windows\system32\browserchoice.exe
    2010-03-07 14:37 . 2010-01-07 14:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2010-03-07 14:37 . 2010-03-11 20:34 -------- dc----w- c:\program files\Malwarebytes' Anti-Malware
    2010-03-07 14:37 . 2010-01-07 14:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
    2010-03-06 08:24 . 2010-03-06 08:37 33920 ----a-w- c:\windows\system32\drivers\fsbts.sys
    2010-03-06 08:24 . 2009-08-05 15:57 35680 ----a-w- c:\windows\system32\drivers\fses.sys
    2010-03-06 08:24 . 2009-08-05 15:59 572512 ----a-w- c:\windows\system32\msvcp50.dll
    2010-03-06 08:24 . 2009-08-05 15:57 71040 ----a-w- c:\windows\system32\drivers\fsdfw.sys
    2010-03-05 08:24 . 2010-03-06 08:44 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
    2010-03-05 08:24 . 2009-11-10 12:55 52240 ----a-w- c:\windows\system32\LMouFiltCoInst.dll
    2010-03-05 08:24 . 2009-11-10 12:55 37392 ----a-w- c:\windows\system32\drivers\LMouFilt.Sys
    2010-03-05 08:24 . 2009-11-10 12:55 1581072 ----a-w- c:\windows\system32\LkmdfCoInst.dll
    2010-03-05 08:24 . 2009-11-10 12:54 35984 ----a-w- c:\windows\system32\drivers\LHidFilt.Sys
    2010-03-04 15:28 . 2010-03-04 15:28 85504 ----a-w- c:\users\Sini\AppData\Roaming\SystemRequirementsLab\srlproxy_cyri_4.1.71.0A.dll
    2010-03-04 13:38 . 2010-03-04 13:38 -------- dc----w- c:\program files\The Sims Resource
    2010-03-04 12:50 . 2010-03-04 12:50 -------- dc----w- c:\program files\iPod
    2010-03-04 12:40 . 2010-03-04 12:40 -------- dc----w- c:\program files\Opera
    2010-03-03 11:23 . 2010-03-03 11:23 0 ----a-w- c:\windows\system32\phar_unmip.dat
    2010-03-03 10:59 . 2010-03-03 10:59 -------- d-----w- c:\program files\Common Files\Protexis
    2010-03-03 10:58 . 2010-03-03 10:58 -------- dc----w- c:\program files\Corel
    2010-03-03 09:22 . 2010-03-03 09:39 -------- dc----w- C:\KU990
    2010-03-03 09:19 . 2010-03-03 09:19 -------- dc----w- C:\LG_USB
    2010-03-03 09:15 . 2010-01-15 03:24 59328 ----a-w- c:\programdata\LGMOBILEAX\LGMLauncher.exe
    2010-03-03 09:15 . 2006-05-04 06:33 53248 ----a-w- c:\windows\system32\CommonDL.dll
    2010-03-03 09:15 . 2005-10-03 23:39 44544 ----a-w- c:\windows\system32\msxml4a.dll
    2010-03-03 09:15 . 2010-03-02 07:15 1025984 ----a-w- c:\programdata\LGMOBILEAX\B2C_Client\LGUserCSTool.exe
    2010-03-03 09:15 . 2010-03-02 07:11 507904 ----a-w- c:\programdata\LGMOBILEAX\B2C_Client\LGMUpgradeDL.dll
    2010-03-03 09:15 . 2010-02-24 03:16 90112 ----a-w- c:\programdata\LGMOBILEAX\B2C_Client\LGMobileDL.dll
    2010-03-03 09:15 . 2009-11-04 02:57 206792 ----a-w- c:\programdata\LGMOBILEAX\B2C_Client\B2CAppUninstall.exe
    2010-03-03 09:15 . 2009-10-06 05:12 24576 ----a-w- c:\programdata\LGMOBILEAX\B2C_Client\LGMobileDLRapi.dll
    2010-03-03 09:15 . 2009-06-15 05:21 182208 ----a-w- c:\programdata\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe
    2010-03-03 09:15 . 2010-03-03 09:15 -------- d-----w- c:\programdata\LGMOBILEAX
    2010-03-03 08:34 . 2010-03-03 08:34 -------- d-----w- c:\temp\HS2_191
    2010-03-03 08:34 . 2009-06-17 10:55 55824 ----a-w- c:\windows\KHALMNPR.Exe
    2010-03-03 08:18 . 2010-03-08 15:32 -------- d-----w- c:\program files\Common Files\xing shared
    2010-03-03 08:05 . 2010-02-25 09:56 21320 ----a-w- c:\windows\system32\authuitu.dll
    2010-03-03 08:05 . 2010-02-25 09:56 30024 ----a-w- c:\windows\system32\uxtuneup.dll
    2010-02-20 15:06 . 2010-02-20 15:07 278984 ----a-w- c:\windows\system32\drivers\atksgt.sys
    2010-02-20 15:06 . 2010-02-20 15:06 25416 ----a-w- c:\windows\system32\drivers\lirsgt.sys
    2010-02-18 11:42 . 2010-02-18 11:42 1290240 ----a-w- c:\windows\system32\p0_aPIH.dll
    2010-02-09 21:30 . 2010-02-09 21:30 -------- d-----w- c:\users\Sini\AppData\Roaming\InstallShield
    2010-02-09 21:23 . 2010-02-09 21:24 -------- dc----w- C:\LG3G
    2010-02-09 21:20 . 2010-02-09 21:20 -------- dc----w- C:\lgupload
    2010-02-09 21:00 . 2010-01-20 23:59 20864 ----a-w- c:\windows\system32\drivers\lgusbdiag.sys
    2010-02-09 21:00 . 2010-01-20 23:59 24960 ----a-w- c:\windows\system32\drivers\lgusbmodem.sys
    2010-02-09 21:00 . 2010-01-20 23:59 13056 ----a-w- c:\windows\system32\drivers\lgusbbus.sys
    2010-02-09 21:00 . 2010-02-09 21:00 -------- dc----w- c:\program files\LG Electronics
    2010-02-09 20:58 . 2010-02-09 21:32 -------- dc----w- c:\program files\LG PC Suite 2

    .
    (((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2010-03-11 20:59 . 2007-11-25 17:51 -------- d-----w- c:\users\Sini\AppData\Roaming\uTorrent
    2010-03-11 20:57 . 2010-01-21 21:04 -------- d-----w- c:\users\Sini\AppData\Roaming\LimeWire
    2010-03-11 20:57 . 2009-11-25 16:36 -------- d-----w- c:\program files\Common Files\Akamai
    2010-03-11 20:49 . 2009-07-14 07:36 83000 ----a-w- c:\windows\system32\perfc00B.dat
    2010-03-11 20:49 . 2009-07-14 07:36 442586 ----a-w- c:\windows\system32\perfh00B.dat
    2010-03-11 15:16 . 2009-11-25 20:45 -------- d-----w- c:\users\Sini\AppData\Roaming\Spotify
    2010-03-11 08:56 . 2009-11-28 19:11 -------- d-----w- c:\program files\Common Files\Real
    2010-03-11 08:53 . 2010-01-21 21:02 -------- d-----w- c:\program files\LimeWire
    2010-03-11 08:52 . 2009-12-21 11:51 -------- d-----w- c:\program files\Common Files\Adobe AIR
    2010-03-11 08:52 . 2009-12-21 11:52 38784 ----a-w- c:\users\Sini\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
    2010-03-11 08:52 . 2009-12-21 11:51 38784 ----a-w- c:\users\Default\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
    2010-03-11 08:51 . 2007-11-25 17:51 -------- d-----w- c:\program files\uTorrent
    2010-03-10 21:19 . 2009-12-07 16:08 -------- d-----w- c:\users\Sini\AppData\Roaming\vlc
    2010-03-10 16:33 . 2010-01-20 19:29 2516 --sha-w- c:\programdata\KGyGaAvL.sys
    2010-03-10 16:33 . 2010-01-20 19:29 2516 --sha-w- c:\programdata\KGyGaAvL.sys
    2010-03-10 14:16 . 2009-07-13 23:11 21584 ----a-w- c:\windows\system32\drivers\atapi.sys
    2010-03-09 19:01 . 2009-11-25 20:09 -------- d--h--w- c:\program files\InstallShield Installation Information
    2010-03-09 19:01 . 2009-12-26 16:14 -------- d-----w- c:\program files\NVIDIA Corporation
    2010-03-08 15:32 . 2009-11-28 19:11 -------- d-----w- c:\program files\Real
    2010-03-08 15:32 . 2009-11-25 17:37 -------- d-----w- c:\program files\FileHippo.com
    2010-03-08 15:31 . 2009-11-29 21:32 -------- d-----w- c:\programdata\Malwarebytes
    2010-03-08 15:31 . 2009-11-26 20:37 -------- d--h--w- c:\programdata\CanonBJ
    2010-03-06 08:33 . 2010-01-05 22:55 -------- d-----w- c:\programdata\BitDefender
    2010-03-06 08:33 . 2010-01-05 22:52 -------- d-----w- c:\program files\Common Files\BitDefender
    2010-03-06 08:24 . 2009-11-25 16:35 -------- d-----w- c:\programdata\f-secure
    2010-03-06 08:22 . 2009-11-25 16:38 -------- d-----w- c:\program files\Sonera
    2010-03-06 08:22 . 2009-11-25 16:37 -------- d-----w- c:\programdata\fssg
    2010-03-04 15:28 . 2009-12-02 18:12 -------- d-----w- c:\program files\SystemRequirementsLab
    2010-03-04 15:28 . 2009-12-21 23:49 -------- d-----w- c:\users\Sini\AppData\Roaming\SystemRequirementsLab
    2010-03-04 12:50 . 2009-11-28 13:26 -------- d-----w- c:\program files\iTunes
    2010-03-04 12:50 . 2009-11-26 18:29 -------- d-----w- c:\programdata\Apple Computer
    2010-03-04 12:50 . 2009-11-26 18:29 -------- d-----w- c:\program files\Common Files\Apple
    2010-03-04 11:10 . 2009-12-02 14:12 -------- d-----w- c:\program files\Mad Scientist Productions
    2010-03-03 13:37 . 2009-12-01 13:31 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
    2010-03-03 13:36 . 2009-11-27 15:21 460592 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
    2010-03-03 10:59 . 2009-12-01 16:22 115248 ----a-w- c:\users\Sini\AppData\Local\GDIPFONTCACHEV1.DAT
    2010-03-03 10:58 . 2009-11-28 19:10 -------- d-----w- c:\programdata\Corel
    2010-03-03 10:27 . 2009-11-28 15:44 53319 ----a-w- c:\programdata\Temp\{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}\PostBuild.exe
    2010-03-03 08:42 . 2010-01-05 23:10 132 ----a-w- c:\windows\system32\rezumatenoi.dat
    2010-03-03 08:38 . 2010-03-03 08:38 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
    2010-03-03 08:18 . 2003-03-18 18:14 499712 ----a-w- c:\windows\system32\msvcp71.dll
    2010-03-03 08:18 . 2003-02-21 02:42 348160 ----a-w- c:\windows\system32\msvcr71.dll
    2010-03-03 08:16 . 2009-11-25 17:38 -------- d-----w- c:\program files\Defraggler
    2010-03-03 08:14 . 2009-11-25 17:37 -------- d-----w- c:\program files\CCleaner
    2010-03-03 08:05 . 2009-11-25 16:31 -------- d-----w- c:\program files\TuneUp Utilities 2010
    2010-03-02 09:51 . 2007-12-02 13:47 -------- d-----w- c:\program files\Electronic Arts
    2010-02-25 10:03 . 2009-11-25 16:31 30536 ----a-w- c:\windows\system32\TURegOpt.exe
    2010-02-24 07:16 . 2009-11-25 16:58 181632 ------w- c:\windows\system32\MpSigStub.exe
    2010-02-08 18:26 . 2010-02-08 18:26 -------- d-----w- c:\programdata\BDJ
    2010-02-06 14:30 . 2010-02-06 14:30 -------- d-----w- c:\programdata\InstallShield
    2010-02-06 14:30 . 2010-02-06 14:30 -------- dc----w- c:\program files\LG Soft India
    2010-02-06 14:30 . 2009-11-25 20:09 -------- d-----w- c:\program files\Common Files\InstallShield
    2010-02-02 18:54 . 2010-03-03 18:00 5313536 ----a-w- c:\windows\system32\drivers\atipmdag.sys
    2010-02-02 18:54 . 2010-03-03 18:00 5313536 ----a-w- c:\windows\system32\drivers\atikmdag.sys
    2010-02-02 18:23 . 2010-03-03 18:00 426496 ----a-w- c:\windows\system32\aticfx32.dll
    2010-02-02 18:19 . 2010-03-03 18:00 143360 ----a-w- c:\windows\system32\atiapfxx.exe
    2010-02-02 18:17 . 2010-03-03 18:00 446464 ----a-w- c:\windows\system32\ATIDEMGX.dll
    2010-02-02 18:17 . 2009-12-02 14:40 372736 ----a-w- c:\windows\system32\atieclxx.exe
    2010-02-02 18:16 . 2009-12-02 14:40 172032 ----a-w- c:\windows\system32\atiesrxx.exe
    2010-02-02 18:15 . 2010-03-03 18:00 159744 ----a-w- c:\windows\system32\atitmmxx.dll
    2010-02-02 18:15 . 2010-03-03 18:00 356352 ----a-w- c:\windows\system32\atipdlxx.dll
    2010-02-02 18:15 . 2010-03-03 18:00 274432 ----a-w- c:\windows\system32\Oemdspif.dll
    2010-02-02 18:14 . 2010-03-03 18:00 11776 ----a-w- c:\windows\system32\atimuixx.dll
    2010-02-02 18:14 . 2010-03-03 18:00 43520 ----a-w- c:\windows\system32\ati2edxx.dll
    2010-02-02 18:12 . 2009-12-19 11:31 3073024 ----a-w- c:\windows\system32\atidxx32.dll
    2010-02-02 18:01 . 2010-03-03 18:00 14147072 ----a-w- c:\windows\system32\atioglxx.dll
    2010-02-02 17:55 . 2009-12-02 14:40 3653632 ----a-w- c:\windows\system32\atiumdag.dll
    2010-02-02 17:52 . 2010-03-03 18:00 53248 ----a-w- c:\windows\system32\aticalrt.dll
    2010-02-02 17:52 . 2010-03-03 18:00 53248 ----a-w- c:\windows\system32\aticalcl.dll
    2010-02-02 17:51 . 2010-03-03 18:00 3649536 ----a-w- c:\windows\system32\aticaldd.dll
    2010-02-02 17:40 . 2010-03-03 18:00 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
    2010-02-02 17:37 . 2009-12-02 14:40 2934272 ----a-w- c:\windows\system32\atiumdva.dll
    2010-02-02 17:25 . 2010-03-03 18:00 52224 ----a-w- c:\windows\system32\atimpc32.dll
    2010-02-02 17:25 . 2010-03-03 18:00 52224 ----a-w- c:\windows\system32\amdpcom32.dll
    2010-02-02 17:24 . 2009-12-02 14:40 229376 ----a-w- c:\windows\system32\atiadlxx.dll
    2010-02-02 17:24 . 2010-03-03 18:00 12800 ----a-w- c:\windows\system32\atiglpxx.dll
    2010-02-02 17:24 . 2010-03-03 18:00 14848 ----a-w- c:\windows\system32\atigktxx.dll
    2010-02-02 17:23 . 2010-03-03 18:00 150016 ----a-w- c:\windows\system32\drivers\atikmpag.sys
    2010-02-02 17:23 . 2010-03-03 18:00 50176 ----a-w- c:\windows\system32\coinst.dll
    2010-02-02 17:23 . 2010-03-03 18:00 27136 ----a-w- c:\windows\system32\atiuxpag.dll
    2010-02-02 17:22 . 2010-03-03 18:00 20480 ----a-w- c:\windows\system32\atiu9pag.dll
    2010-02-02 07:45 . 2010-03-03 08:01 2048 ----a-w- c:\windows\system32\tzres.dll
    2010-01-29 22:30 . 2010-01-24 16:49 -------- d-----w- c:\program files\Audible
    2010-01-29 20:29 . 2009-11-28 15:44 -------- d-----w- c:\users\Sini\AppData\Roaming\dvdcss
    2010-01-28 21:51 . 2009-12-29 20:42 -------- d-----w- c:\programdata\Autodesk
    2010-01-28 13:33 . 2010-03-03 18:00 100352 ----a-w- c:\windows\system32\drivers\AtiHdmi.sys
    2010-01-24 18:24 . 2010-01-24 16:54 -------- d-----w- c:\users\Sini\AppData\Roaming\Creative
    2010-01-24 18:22 . 2010-01-24 16:46 -------- d-----w- c:\program files\Creative
    2010-01-24 18:21 . 2010-01-24 18:20 -------- d--h--w- c:\program files\Creative Installation Information
    2010-01-24 18:20 . 2010-01-24 18:20 -------- d-----w- c:\program files\Common Files\Creative
    2010-01-24 17:44 . 2010-01-24 17:44 10134 ----a-r- c:\users\Sini\AppData\Roaming\Microsoft\Installer\{E2F29FCA-126F-48DF-A9B5-BEBE8F0F1610}\_C78F0D128D61AE102A1FD8.exe
    2010-01-24 17:44 . 2010-01-24 17:44 -------- d-----w- c:\program files\Default Company Name
    2010-01-24 17:05 . 2010-01-24 16:50 2719920 ----a-w- c:\programdata\Creative\Software Update\cache\Creative Software Update 1.02.01__\SoftwareUpdate_PCApp_LA_1_02_01.exe
    2010-01-24 16:58 . 2010-01-24 16:41 -------- d-----w- c:\programdata\Microsoft Help
    2010-01-24 16:53 . 2010-01-24 16:53 -------- d-----w- c:\programdata\{F40E9D30-5DFC-4B21-BFDB-A5CDEE6440A6}
    2010-01-24 16:52 . 2010-01-24 16:48 -------- d--h--w- c:\programdata\{4D18D6A0-D216-4470-B464-1F2DC271458B}
    2010-01-24 16:52 . 2009-07-14 04:52 -------- d-----w- c:\program files\MSBuild
    2010-01-24 16:51 . 2010-01-24 16:51 -------- d-----w- c:\program files\Microsoft Visual Studio .NET 2008
    2010-01-24 16:51 . 2010-01-24 16:51 -------- d-----w- c:\program files\Microsoft Visual Studio .NET 2005
    2010-01-24 16:51 . 2010-01-24 16:51 -------- d-----w- c:\program files\Microsoft Synchronization Services
    2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
    2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
    .

    ------- Sigcheck -------

    [-] 2010-03-10 14:16 . 536F37C51D16ABE40A24E417148F8942 . 21584 . . [------] . . c:\windows\System32\drivers\atapi.sys
    [7] 2009-07-14 . 338C86357871C167A96AB976519BF59E . 21584 . . [6.1.7600.16385] . . c:\windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
    .
    (((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä
    REGEDIT4

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
    2009-08-17 16:54 564624 ----a-w- c:\progra~1\MICROS~1\Office14\URLREDIR.DLL

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{da9e5a55-a1a2-1b97-026f-b233372fee2e}]
    2010-02-18 11:42 1290240 ----a-w- c:\windows\System32\p0_aPIH.dll

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2010-03-11 319792]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-01-07 1394000]
    "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 55824]
    "F-Secure Manager"="c:\program files\Sonera\Sonera Tietoturva\Common\FSM32.EXE" [2009-08-05 199264]
    "F-Secure TNB"="c:\program files\Sonera\Sonera Tietoturva\FSGUI\TNBUtil.exe" [2009-08-05 2349664]

    c:\users\Sini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    LimeWire On Startup.lnk - c:\program files\LimeWire\LimeWire.exe [2010-3-8 503808]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 0 (0x0)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    "PromptOnSecureDesktop"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
    BootExecute REG_MULTI_SZ autocheck autochk /r \??\f:\0autocheck autochk *\0sasnative32

    [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^forteManager.lnk]
    path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\forteManager.lnk
    backup=c:\windows\pss\forteManager.lnk.CommonStartup
    backupExtension=.CommonStartup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
    2010-03-11 08:51 319792 ----a-w- c:\program files\uTorrent\uTorrent.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
    "EA Core"="c:\program files\Electronic Arts\EADM\Core.exe" -silent
    "uTorrent"="c:\program files\uTorrent\uTorrent.exe"
    "LightScribe Control Panel"=c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
    "SoftAuto.exe"="c:\program files\Creative\Software Update 3\SoftAuto.exe"
    "CTSyncU.exe"="c:\program files\Creative\Sync Manager Unicode\CTSyncU.exe"
    "ISUSPM Startup"=c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
    "Canaveral"=rundll32.exe c:\windows\system32\sshnas21.dll,BackupReadW
    "FileHippo.com"="c:\program files\FileHippo.com\UpdateChecker.exe" /background

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    "ATICustomerCare"="c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe"
    "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    "AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
    "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
    "CmPCIaudio"=RunDll32 CMICNFG3.cpl,CMICtrlWnd
    "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
    "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" -start
    "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"

    R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2010/01/20 10:46];c:\program files\CyberLink\PowerDVD9\000.fcl [x]
    R2 1394ohcib;1394ohcib;c:\windows\System32\DRIVERS\1394ohcib.sys [x]
    R3 ADASPROT;SYSTWEAKASO;c:\program files\Advanced System Optimizer 3\adasprot32.sys [x]
    R3 LGDDCDevice;LGDDCDevice;c:\program files\LG Soft India\forteManager\bin\I2CDriver.sys [2008-12-12 14336]
    R3 LGII2CDevice;LGII2CDevice;c:\program files\LG Soft India\forteManager\bin\PII2CDriver.sys [2008-12-12 18432]
    R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2009-08-21 30510960]
    R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-08-21 4639136]
    R4 CTUPnPSv;Creative Centrale Media Server;c:\program files\Creative\Creative Centrale\CTUPnPSv.exe [2008-05-21 64000]
    R4 F-Secure Filter;F-Secure File System Filter;c:\program files\Sonera\Sonera Tietoturva\Anti-Virus\Win2K\FSfilter.sys [2009-08-05 39776]
    R4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files\Sonera\Sonera Tietoturva\Anti-Virus\Win2K\FSrec.sys [2009-08-05 25184]
    S0 fsbts;fsbts;c:\windows\system32\Drivers\fsbts.sys [2010-03-06 33920]
    S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-01-03 722416]
    S1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files\Sonera\Sonera Tietoturva\HIPS\drivers\fshs.sys [2009-08-05 68064]
    S1 FSES;F-Secure Email Scanning Driver;c:\windows\system32\drivers\fses.sys [2009-08-05 35680]
    S1 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [2009-08-05 71040]
    S1 fsvista;F-Secure Vista Support Driver;c:\program files\Sonera\Sonera Tietoturva\Anti-Virus\minifilter\fsvista.sys [2009-08-05 12384]
    S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 20992]
    S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-02-02 172032]
    S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-17 11032]
    S2 sprtsvc_sonera;SupportSoft Sprocket Service (sonera);c:\program files\Sonera\InternetAvustaja\bin\sprtsvc.exe [2008-10-16 202016]
    S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-02-25 1047880]
    S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [2010-02-02 5313536]
    S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-02-02 150016]
    S3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\Sonera\Sonera Tietoturva\Anti-Virus\minifilter\fsgk.sys [2010-03-06 107104]
    S3 FSORSPClient;F-Secure ORSP Client;c:\program files\Sonera\Sonera Tietoturva\ORSP Client\fsorsp.exe [2010-03-06 55992]
    S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064]


    --- Muut muistissa olevat ajurit/palvelut ---

    *Deregistered* - CLBUDFR

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    Akamai REG_MULTI_SZ Akamai

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
    UxTuneUp

    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
    2008-07-30 08:39 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
    .
    'Ajoitetut tehtävät'-kansion sisältö

    2010-03-11 c:\windows\Tasks\Scheduled scanning task.job
    - c:\progra~1\Sonera\SONERA~1\ANTI-V~1\fsav.exe [2010-03-06 15:56]
    .
    .
    ------- Täydentävä tarkistus -------
    .
    uStart Page = hxxp://eu.ask.com?o=15161&l=dis
    IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
    IE: Se&nd to OneNote - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
    LSP: c:\program files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll
    LSP: c:\program files\Sonera\Sonera Tietoturva\FSPS\program\FSLSP.DLL
    Trusted Zone: corel.com
    Trusted Zone: corel.com\www
    Trusted Zone: intervideo.com
    Trusted Zone: intervideo.com\www
    Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
    FF - ProfilePath - c:\users\Sini\AppData\Roaming\Mozilla\Firefox\Profiles\k20tmfqy.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://www3.iamwired.net/websearch.php?src=tops&search=
    FF - prefs.js: browser.search.selectedEngine - Torrents.to
    FF - prefs.js: browser.startup.homepage - hxxp://www.google.fi/
    FF - prefs.js: keyword.URL -
    FF - component: c:\program files\Mozilla Firefox\extensions\{80155943-b083-a2cf-0350-54d3b1be1609}\components\t_3vJRObPy.dll
    FF - plugin: c:\progra~1\MICROS~1\Office14\NPAUTHZ.DLL
    FF - plugin: c:\progra~1\MICROS~1\Office14\NPSPWRAP.DLL
    FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll

    ---- FIREFOXIN KÄYTÄNNÖT ----
    FF - user.js: network.http.max-connections-per-server - 4
    FF - user.js: nglayout.initialpaint.delay - 750
    FF - user.js: content.notify.interval - 750000
    FF - user.js: content.max.tokenizing.time - 2250000
    FF - user.js: network.http.max-persistent-connections-per-server - 2
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
    c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
    c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
    c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
    .
    .
    ------- Tiedostokytkennät -------
    .
    JSEFile=NOTEPAD.EXE %1
    .
    - - - - POISTETUT JÄMÄRIVIT - - - -

    WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
    HKLM-Run-CmPCIaudio - CMICNFG3.cpl
    AddRemove-WinPcapInst - c:\program files\WinPcap\Uninstall.exe



    **************************************************************************

    Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

    device: opened successfully
    user: MBR read successfully
    called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll >>UNKNOWN [0x85D061F8]<<
    kernel: MBR read successfully
    detected MBR rootkit hooks:
    IoDeviceObjectType -> DumpProcedure -> 0xd46a624f
    SecurityProcedure -> 0x85d4bcf8
    QueryNameProcedure -> 0x85d4be88
    user & kernel MBR OK

    **************************************************************************

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{B154377D-700F-42cc-9474-23858FBDF4BD}]
    "ImagePath"="\??\c:\program files\CyberLink\PowerDVD9\000.fcl"
    .
    --------------------- LUKITUT REKISTERIAVAIMET ---------------------

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    --------------------- Prosesseihin ladatut DLLt ---------------------

    - - - - - - - > 'Explorer.exe'(2664)
    c:\program files\Sonera\Sonera Tietoturva\Spam Control\fsscoepl.dll
    c:\progra~1\LGPCSU~1\PHONEM~1\Phone.dll
    c:\progra~1\LGPCSU~1\PHONEM~1\MFC42.DLL
    .
    ------------------------ Muut prosessit ------------------------
    .
    c:\windows\system32\atieclxx.exe
    c:\program files\Sonera\Sonera Tietoturva\Anti-Virus\fsgk32st.exe
    c:\program files\Sonera\Sonera Tietoturva\Anti-Virus\FSGK32.EXE
    c:\program files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
    c:\program files\Sonera\Sonera Tietoturva\Common\FSMA32.EXE
    c:\program files\Common Files\Protexis\License Service\PsiService_2.exe
    c:\program files\Sonera\Sonera Tietoturva\Common\FSHDLL32.EXE
    c:\program files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
    c:\windows\system32\taskhost.exe
    c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
    c:\program files\Sonera\Sonera Tietoturva\FWES\Program\fsdfwd.exe
    c:\windows\system32\conhost.exe
    c:\program files\Sonera\Sonera Tietoturva\Anti-Virus\fssm32.exe
    c:\windows\system32\taskhost.exe
    c:\program files\Sonera\Sonera Tietoturva\Anti-Virus\fsav32.exe
    c:\windows\System32\rundll32.exe
    c:\windows\system32\WUDFHost.exe
    c:\windows\system32\sppsvc.exe
    c:\program files\Windows Media Player\wmpnetwk.exe
    .
    **************************************************************************
    .
    Valmistumisajankohta: 2010-03-11 23:00:57 - kone käynnistettiin uudelleen
    ComboFix-quarantined-files.txt 2010-03-11 21:00

    Ennen ajoa: 812 257 939 456 tavua vapaana
    Ajon jälkeen: 812 054 183 936 tavua vapaana

    - - End Of File - - BE9D709D86C6963ABC460E2A4406C775
     
    toope92, 12.03.2010
    #16
  18. Michelola

    Michelola Regular member

    Liittynyt:
    13.04.2009
    Viestejä:
    588
    Kiitokset:
    1
    Pisteet:
    28
    Se että yleensäkään saat päähäsi noin aivokuolleen ajatuksen kuin "postcountin" kasvatus (wtf??), voi tarkoittaa vain ja ainoastaan sitä että harrastat itse moista. Kerro yksikin syy miksi haluaisit olla niin kovasti senior member? Luuletko että saat enemmän e-rispektiä sen takia? Voi hyvä luoja...

    Se oli hyvinkin pätevä kysymys. Ketjun aloittaja ei ollut kertonut mitään ongelman kuvausta.
     
    Michelola, 12.03.2010
    #17
  19. warwas

    warwas Guest

    Sä saat jatkaa tästä kun niin innokas olet tänne vastaamaan, muista myös että vastuu on sulla!

    BTW, topicissa on ongelma kuvattu.
     
    warwas, 12.03.2010
    #18
  20. hannu71

    hannu71 Regular member

    Liittynyt:
    09.02.2006
    Viestejä:
    256
    Kiitokset:
    0
    Pisteet:
    26
    Michelola jospa antaisit warwakselle työrauhan;-) ei warwas mitään tittelii hae täält..
    BTW, topicissa on ongelma kuvattu...
    Sä saat jatkaa tästä kun niin innokas olet tänne vastaamaan, muista myös että vastuu on sulla!
    Michelola hoitaa loppuun?
     
    hannu71, 12.03.2010
    #19
  21. warwas

    warwas Guest

    Miks ihmees edes vastaat ketjuun missä lokeja mistä sulla ei ole hajuakaan???
    Onko sun tyyli vastata joka ketjuun mistä sulla ei ole hajuakaan, aika idioottimaista toimintaa etten sanoisi.
    Nooh, katotaas miten poju pärjää lopun kanssa...
     
    warwas, 12.03.2010
    #20
Sivu 1 / 2

Jaa tämä sivu