1. Tämä sivusto käyttää keksejä (cookie). Jatkamalla sivuston käyttämistä hyväksyt keksien käyttämisen. Lue lisää.

Hidastunut kone, F-Securen poisto, virustorjunnan asennus

Viestiketju Virukset ja haittaohjelmat - HijackThis -logit -osiossa. Ketjun avasi _n00bie_ 01.01.2015.

  1. _n00bie_

    _n00bie_ Member

    Liittynyt:
    16.08.2009
    Viestejä:
    18
    Kiitokset:
    0
    Pisteet:
    11
    Hei!

    Otin tuossa erään vanhan läppärin käyttöön ja kone tuntuu olevan jo lähtökohtaisesti erittäin solmussa. Lisäksi koneen F-Securen virustorjunta on vanhentunut.

    Olisin erittäin kiitollinen ohjeista joilla saisin poistettua F-Securen totaalisesti ja lopullisesti koneeltani, kuinka se tulisi tehd? Lisäksi kaikki vinkit helppokäyttöisistä virustorjuntaohjelmista otettaisiin kiitollisena vastaan.

    Tässä alla myös HiJackThis -logini, jos listalla olisi jotakin turhuuksia jotka voisi suoraan poistaa. En käytä koneella mitään muuta kuin perusohjelmia työskentelyyn (en kuuntele musaa, käytä pikaviestimiä tms.) joten aivan kaiken turhan voisi poistaa.

    Arvostaisin ohjeita joilla saisin vaihe vaiheelta nuo hommat hoitoon.

    Suurkiitos avusta! : ) Kone saisi ihan uuden elämän :D

    Logfile of Trend Micro HijackThis v2.0.5
    Scan saved at 16:55:14, on 1.1.2015
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v11.0 (11.00.9600.17280)
    CHROME: 37.0.2062.124
    FIREFOX: 24.0 (fi)
    Boot mode: Normal
    Running processes:
    C:\ProgramData\DatacardService\DCSHelper.exe
    C:\ProgramData\DatacardService\DCSHelper.exe
    C:\Program Files (x86)\Mobile Partner\Mobile Partner.exe
    C:\Users\HC-MS\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
    C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    C:\Program Files (x86)\Nokia\Nokia Internet Modem\NokiaInternetModem_AppStart.exe
    C:\Program Files (x86)\F-Secure\fshoster32.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
    C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
    C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe
    C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    C:\Users\HC-MS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1KEMST6M\HijackThis.exe
    C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    C:\Users\HC-MS\HijackThis.exe
    C:\windows\SysWOW64\DllHost.exe
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung.msn.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.elisa.net/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
    O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
    O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [NokiaInternetModem_AppStart.exe] "C:\Program Files (x86)\Nokia\Nokia Internet Modem\NokiaInternetModem_AppStart.exe" "-start" "C:\Program Files (x86)\Nokia\Nokia Internet Modem\NokiaInternetModem.exe"
    O4 - HKLM\..\Run: [F-Secure Hoster (666)] "C:\Program Files (x86)\F-Secure\fshoster32.exe" -app -hosterid:1
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [Google Update] "C:\Users\HC-MS\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\HC-MS\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
    O4 - HKCU\..\Run: [Spotify] "C:\Users\HC-MS\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart
    O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
    O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\windows\system32\Macromed\Flash\FlashUtil64_15_0_0_223_ActiveX.exe -update activex
    O8 - Extra context menu item: Läh&etä OneNoteen - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
    O8 - Extra context menu item: V&ie Microsoft Exceliin - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Lähetä OneNoteen - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Läh&etä OneNoteen - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra button: OneNoten linkitetyt &muistiinpanot - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra 'Tools' menuitem: OneNoten linkitetyt &muistiinpanot - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O17 - HKLM\System\CCS\Services\Tcpip\..\{829F0BDB-6AF4-4621-A1EB-BD5BFB352839}: NameServer = 192.89.123.230 192.89.123.231
    O17 - HKLM\System\CCS\Services\Tcpip\..\{C91AF864-07EE-4F8A-90DD-6550155D24AF}: NameServer = 62.241.198.245 62.241.198.246
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
    O23 - Service: Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
    O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: BecHelperService - Unknown owner - C:\Program Files (x86)\Mobiililaajakaista\Mobiililaajakaista\BecHelperService.exe
    O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
    O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
    O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
    O23 - Service: Bonjour-palvelu (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
    O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: DCService.exe - Unknown owner - C:\ProgramData\DatacardService\DCService.exe
    O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\windows\ehome\ehRecvr.exe
    O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\windows\ehome\ehsched.exe
    O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    O23 - Service: ExpressCache - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: F-Secure Dll Hoster (fshoster) - F-Secure Corporation - C:\Program Files (x86)\F-Secure\fshoster32.exe
    O23 - Service: FSMA - F-Secure Corporation - C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE
    O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files (x86)\F-Secure\apps\CCF_Reputation\fsorsp.exe
    O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\WildGames\Game Console - WildGames\GameConsoleService.exe
    O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: Google Päivitä-palvelu (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Päivitä-palvelu (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: HWDeviceService64.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService64.exe
    O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: FF Install Filter Service (InstallFilterService) - Unknown owner - C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe
    O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: iPod-palvelu (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Intel(R) Rapid Start Technology Service (irstrtsv) - Intel Corporation - C:\windows\SysWOW64\irstrtsv.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
    O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: Mobile Broadband. OUC (Mobile Broadband. RunOuc) - Unknown owner - C:\Program Files (x86)\Mobile Broadband\UpdateDog\ouc.exe
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\windows\system32\msiexec.exe
    O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
    O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
    O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\windows\SysWow64\perfhost.exe
    O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
    O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\windows\servicing\TrustedInstaller.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
    O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\windows\system32\SearchIndexer.exe
    O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\windows\system32\svchost.exe
    --
    End of file - 27174 bytes
     
  2.  
  3. Nanna_86

    Nanna_86 Active member

    Liittynyt:
    03.09.2014
    Viestejä:
    561
    Kiitokset:
    124
    Pisteet:
    53
    1. Lataa F-secure Uninstallion Tool tästä.
    * Sulkee mahdolliset käynnissä olevat palvelut
    * Poistaa ohjelman rekisterimerkinnät
    * Poistaa tiedostot ja hakemistot
    * Lopuksi käynnistää tietokoneen uudelleen.


    ----------------

    Lataa CCleaner tästä.

    * Aloita asennus ja valitse käyttökieleksi " Suomi " ja jatka painamalla " Seuraava "
    * Seuraavaksi avautuu asennusvalinnat ( valitse itsellesi sopivat ) ja paina " Seuraava "
    * Asennus alkaa. Kun asennus on valmis saat tästä ilmoituksen
    * Valitse Käynnistä CCleaner V.5.xx. Poista merkintä " Näytä versiomuutokset" kohdasta.

    - Puhdistaja / Siivooja ( uusissa versioissa )
    Voit muuttaa tarkistettavia kohteita, lisäämällä tai poistamalla ruksit haluamastasi kohdista.
    tai suorittaa tarkistuksen oletusarvoin, muuttamatta mitään.

    - Tutki (= Analysoi, tämä ei vielä poista tiedostoja )

    - Aja CCleaner ( Etsii ja poistaa löydetyt turhakkeet )

    Esimerkki kuva:
    [​IMG]

    Muita CCleanerin ominaisuuksia:

    * Rekisterin korjaus ( Tämä omalla vastuulla ).

    Työkalut:
    * Ohjelmistojen poisto - korjaus ( lähes sama kuin Windowsin Lisää poista sovellus työkalu )
    * Käynnistys ( Windowsin käynnistyksen yhteydessä käynnistettävät sovellukset ). Sisältää myös eri selainten kuten ( IE , Chrome , Mozilla pienoisohjelmien säädöt.
    * Tiedostohaku ( Etsii tiedostoista kaksoiskappaleita ).
    * Järjestelmän palautus ( Sama kuin ominaisuus löytyy Windowsista. )
    * Kiintolevyn pyyhintä ( Nimikin kertoo jo hyvin paljon eli se ns. Viimeinen vaihtoehto ).

    Asetukset/Valinnat:
    * Hienosäätöä jos sitä haluaa.

    +

    Levyn eheytys jos se katsotaan tarpeelliseksi.

    ----------------------

    Lataa OTL ( OldTimerListIt ) tästä.
    - OTL, monikäyttöinen diagnostinen haittaohjelmien poistotyökalu. Tunnistaa järjestelmässä tapahtuneet muutokset. Tunnistaa mm. eri haitta- ja vakoiluohjelmia. Luo yksityiskohtaisen raportin tiedostoista, rekistereistä.

    * Tallenna ohjelma työpöydällesi
    * käynnistä OTL.exe
    * Vaihda File age kohtaan " 30 days " jos ei tämä ollut jo vakiona ja aloita tarkistus " Run Scan ".
    * Kun tarkistus on valmis , saat näkyviin tekstitiedoston (OTL.txt) ja (Extras.txt), joissa on listattu muutoksia/tapahtumia 30 päivän ajan.
    * Lähetä OTL.txt ja Extras.txt tarkastustulokset seuraavassa viestissäsi.

    [​IMG]
     
  4. _n00bie_

    _n00bie_ Member

    Liittynyt:
    16.08.2009
    Viestejä:
    18
    Kiitokset:
    0
    Pisteet:
    11
    Mahtavaa, kiitos Nanna!

    F-Secure poistui, OTL:stä sain tällaisen tulosteen :)

    OTL logfile created on: 2.1.2015 7:26:53 - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\HC-MS\Downloads
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.11.9600.17501)
    Locale: 0000040B | Country: Suomi | Language: FIN | Date Format: d.M.yyyy

    3,90 Gb Total Physical Memory | 2,31 Gb Available Physical Memory | 59,32% Memory free
    7,79 Gb Paging File | 6,07 Gb Available in Paging File | 77,94% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 443,06 Gb Total Space | 384,15 Gb Free Space | 86,71% Space Free | Partition Type: NTFS
    Drive D: | 23,05 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

    Computer Name: HC-MS-PC-N | User Name: HC-MS | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2015.01.02 07:26:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\HC-MS\Downloads\OTL.exe
    PRC - [2014.09.04 14:50:02 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    PRC - [2014.08.28 10:40:50 | 001,140,736 | ---- | M] (Spotify Ltd) -- C:\Users\HC-MS\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
    PRC - [2014.03.11 22:36:06 | 000,193,696 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE
    PRC - [2013.09.11 20:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    PRC - [2012.11.24 17:52:17 | 000,655,712 | ---- | M] () -- C:\ProgramData\Mobile Broadband\OnlineUpdate\ouc.exe
    PRC - [2011.12.09 06:37:32 | 002,273,160 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe
    PRC - [2011.12.09 06:37:06 | 003,471,240 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Easy Settings\SCCSpeedBoot.exe
    PRC - [2011.12.09 06:35:30 | 000,783,240 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe
    PRC - [2011.12.09 06:33:30 | 001,639,304 | ---- | M] (Samsung Electronics) -- C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe
    PRC - [2011.12.09 06:32:42 | 001,087,368 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
    PRC - [2011.12.06 10:12:38 | 002,798,160 | ---- | M] (Samsung) -- C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe
    PRC - [2011.11.09 16:37:22 | 001,961,856 | ---- | M] () -- C:\Program Files (x86)\Mobiililaajakaista\Mobiililaajakaista\BecHelperService.exe
    PRC - [2011.11.09 16:31:22 | 000,294,400 | ---- | M] () -- C:\Program Files (x86)\Mobiililaajakaista\Mobiililaajakaista\LoggerServer.exe
    PRC - [2011.10.18 10:50:10 | 001,001,808 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
    PRC - [2011.10.18 10:50:04 | 001,354,064 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
    PRC - [2011.10.18 10:49:52 | 000,936,272 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
    PRC - [2011.10.18 10:49:48 | 000,846,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
    PRC - [2011.09.08 12:43:02 | 004,449,360 | ---- | M] (SEC) -- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
    PRC - [2011.08.17 09:19:18 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
    PRC - [2011.08.09 03:44:56 | 002,656,536 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    PRC - [2011.08.09 03:44:54 | 000,325,912 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    PRC - [2011.07.06 09:24:24 | 000,184,320 | ---- | M] (Intel Corporation) -- C:\Windows\SysWOW64\irstrtsv.exe
    PRC - [2011.03.14 17:27:28 | 000,236,384 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe
    PRC - [2010.06.24 15:12:18 | 000,129,536 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Internet Modem\NokiaInternetModem_AppStart.exe
    PRC - [2010.06.19 19:46:12 | 000,114,688 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\Mobile Partner.exe


    ========== Modules (No Company Name) ==========

    MOD - [2013.04.21 20:44:32 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
    MOD - [2013.04.21 20:44:04 | 001,242,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
    MOD - [2011.09.08 12:40:10 | 001,645,056 | ---- | M] () -- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Resdll.dll
    MOD - [2011.02.16 18:03:20 | 000,203,776 | ---- | M] () -- C:\Program Files (x86)\Samsung\Easy Settings\WinCRT.dll
    MOD - [2010.06.24 15:12:50 | 000,026,112 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Internet Modem\ressources\plugins\DiscoveryGeneric.plugin
    MOD - [2010.06.24 15:12:50 | 000,017,408 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Internet Modem\ressources\plugins\DiscoveryNdis.plugin
    MOD - [2010.06.24 15:12:20 | 001,048,064 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Internet Modem\wxmsw28u_core_vc_custom.dll
    MOD - [2010.06.24 15:12:20 | 000,726,528 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Internet Modem\wxbase28u_vc_custom.dll
    MOD - [2010.06.24 15:12:20 | 000,662,016 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Internet Modem\UIToolkit.dll
    MOD - [2010.06.24 15:12:18 | 000,476,160 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Internet Modem\Toolkit.dll
    MOD - [2010.06.24 15:12:18 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Internet Modem\pcre3.dll
    MOD - [2010.06.24 15:12:18 | 000,129,536 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Internet Modem\NokiaInternetModem_AppStart.exe
    MOD - [2010.06.24 15:12:18 | 000,049,664 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Internet Modem\Preferences.dll
    MOD - [2010.06.24 15:12:16 | 000,282,112 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Internet Modem\Device.dll
    MOD - [2010.06.24 15:12:16 | 000,246,272 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Internet Modem\DB.dll
    MOD - [2010.06.24 15:12:16 | 000,117,248 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Internet Modem\Discovery.dll
    MOD - [2010.06.24 15:12:16 | 000,045,568 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Internet Modem\DriveDetector.dll
    MOD - [2010.06.24 15:12:14 | 000,084,480 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Internet Modem\ComCore.dll
    MOD - [2010.06.19 19:46:12 | 000,114,688 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\Mobile Partner.exe
    MOD - [2010.06.19 19:45:54 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\LocaleMgrPlugin.dll
    MOD - [2010.06.19 19:45:38 | 000,159,744 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\SMSPlugin.dll
    MOD - [2010.06.19 19:45:18 | 000,032,768 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\NotifyServicePlugin.dll
    MOD - [2010.06.19 19:44:32 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\ConfigFilePlugin.dll
    MOD - [2010.06.19 19:44:06 | 000,122,880 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\DeviceMgrPlugin.dll
    MOD - [2010.06.19 19:43:14 | 000,118,784 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\NetInfoPlugin.dll
    MOD - [2010.06.19 19:42:16 | 000,086,016 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\DialUpPlugin.dll
    MOD - [2010.06.19 19:41:50 | 000,180,224 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\DeviceMgrUIPlugin.dll
    MOD - [2010.06.19 19:38:42 | 001,019,904 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\NDISAPI.dll
    MOD - [2009.11.03 14:29:48 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\XCodec.dll
    MOD - [2008.11.08 15:15:38 | 000,061,440 | R--- | M] () -- C:\Program Files (x86)\Mobile Partner\DeviceOperate.dll
    MOD - [2008.11.08 15:15:32 | 000,151,552 | R--- | M] () -- C:\Program Files (x86)\Mobile Partner\DetectDev.dll
    MOD - [2008.11.08 15:15:26 | 000,552,960 | R--- | M] () -- C:\Program Files (x86)\Mobile Partner\atcomm.dll
    MOD - [2007.08.23 16:39:30 | 000,014,848 | R--- | M] () -- C:\Program Files (x86)\Mobile Partner\isaputrace.dll
    MOD - [2007.07.31 15:50:04 | 000,090,112 | R--- | M] () -- C:\Program Files (x86)\Mobile Partner\FileManager.dll
    MOD - [2006.08.12 05:48:40 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\Samsung\Easy Settings\HookDllPS2.dll


    ========== Services (SafeList) ==========

    SRV:64bit: - [2014.11.22 04:35:29 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
    SRV:64bit: - [2013.05.27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
    SRV:64bit: - [2011.09.23 08:20:42 | 000,079,664 | ---- | M] (Diskeeper Corporation) [Auto | Running] -- C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe -- (ExpressCache)
    SRV:64bit: - [2011.09.15 11:41:28 | 001,518,352 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
    SRV:64bit: - [2011.09.15 11:28:06 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
    SRV:64bit: - [2011.09.15 11:24:52 | 000,844,560 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
    SRV:64bit: - [2011.09.15 02:54:46 | 001,166,848 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
    SRV:64bit: - [2011.06.03 05:51:38 | 000,134,928 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
    SRV:64bit: - [2010.09.22 11:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
    SRV - [2015.01.02 07:16:53 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
    SRV - [2014.11.14 10:21:41 | 000,118,680 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
    SRV - [2014.09.04 14:50:02 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
    SRV - [2014.03.21 00:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
    SRV - [2014.03.11 22:36:06 | 000,247,968 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE -- (BBUpdate)
    SRV - [2014.03.11 22:36:06 | 000,193,696 | ---- | M] (Microsoft Corporation.) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE -- (BBSvc)
    SRV - [2013.10.23 07:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
    SRV - [2013.09.11 20:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
    SRV - [2012.11.24 17:52:17 | 000,655,712 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Mobile Broadband\UpdateDog\ouc.exe -- (Mobile Broadband. RunOuc)
    SRV - [2011.11.09 16:37:22 | 001,961,856 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Mobiililaajakaista\Mobiililaajakaista\BecHelperService.exe -- (BecHelperService)
    SRV - [2011.10.18 10:50:10 | 001,001,808 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
    SRV - [2011.10.18 10:50:04 | 001,354,064 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service)
    SRV - [2011.10.18 10:49:52 | 000,936,272 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
    SRV - [2011.08.09 03:44:56 | 002,656,536 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
    SRV - [2011.08.09 03:44:54 | 000,325,912 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
    SRV - [2011.07.06 09:24:24 | 000,184,320 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysWOW64\irstrtsv.exe -- (irstrtsv)
    SRV - [2011.03.14 17:27:34 | 000,346,976 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\HWDeviceService64.exe -- (HWDeviceService64.exe)
    SRV - [2011.03.14 17:27:26 | 000,142,688 | ---- | M] () [Auto | Stopped] -- C:\ProgramData\DatacardService\DCService.exe -- (DCService.exe)
    SRV - [2010.12.17 06:18:38 | 000,060,928 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe -- (InstallFilterService)
    SRV - [2010.06.01 08:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)


    ========== Driver Services (SafeList) ==========

    DRV:64bit: - [2013.02.12 06:12:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
    DRV:64bit: - [2012.12.13 12:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
    DRV:64bit: - [2012.11.24 17:52:24 | 000,422,400 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbwwan.sys -- (ewusbmbb)
    DRV:64bit: - [2012.11.24 17:52:24 | 000,223,744 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_juwwanecm.sys -- (huawei_wwanecm)
    DRV:64bit: - [2012.11.24 17:52:24 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
    DRV:64bit: - [2012.11.24 17:52:24 | 000,098,304 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_jucdcacm.sys -- (huawei_cdcacm)
    DRV:64bit: - [2012.11.24 17:52:24 | 000,087,040 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jubusenum.sys -- (huawei_enumerator)
    DRV:64bit: - [2012.11.24 17:52:24 | 000,028,672 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_juextctrl.sys -- (huawei_ext_ctrl)
    DRV:64bit: - [2012.11.24 17:52:24 | 000,013,952 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter)
    DRV:64bit: - [2012.11.24 17:52:23 | 000,223,232 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
    DRV:64bit: - [2012.08.21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
    DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
    DRV:64bit: - [2011.10.11 12:08:00 | 000,059,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iBtFltCoex.sys -- (iBtFltCoex)
    DRV:64bit: - [2011.10.10 15:43:16 | 000,288,768 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf)
    DRV:64bit: - [2011.09.23 08:20:50 | 000,080,688 | ---- | M] (Diskeeper Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\excsd.sys -- (excsd)
    DRV:64bit: - [2011.09.23 08:20:50 | 000,023,344 | ---- | M] (Diskeeper Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\excfs.sys -- (excfs)
    DRV:64bit: - [2011.09.17 19:26:52 | 008,604,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
    DRV:64bit: - [2011.09.15 02:48:24 | 000,299,008 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPALP)
    DRV:64bit: - [2011.09.15 02:48:24 | 000,299,008 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPAL)
    DRV:64bit: - [2011.09.08 09:20:56 | 000,034,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
    DRV:64bit: - [2011.09.08 09:20:56 | 000,025,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
    DRV:64bit: - [2011.08.31 20:02:36 | 000,197,416 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
    DRV:64bit: - [2011.08.29 15:32:18 | 000,053,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux)
    DRV:64bit: - [2011.08.17 09:19:38 | 000,031,216 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
    DRV:64bit: - [2011.07.26 08:22:48 | 012,288,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
    DRV:64bit: - [2011.06.15 22:50:08 | 000,026,504 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\irstrtdv.sys -- (irstrtdv)
    DRV:64bit: - [2011.06.02 03:32:50 | 000,401,896 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
    DRV:64bit: - [2011.06.02 03:32:50 | 000,128,488 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
    DRV:64bit: - [2011.05.17 08:55:28 | 000,533,096 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
    DRV:64bit: - [2011.04.11 12:55:24 | 000,007,680 | ---- | M] (Phoenix Technologies Ltd.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\SGDrv64.sys -- (SGDrv)
    DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
    DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
    DRV:64bit: - [2011.02.18 01:11:54 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
    DRV:64bit: - [2010.12.17 06:18:38 | 000,019,504 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stdflt.sys -- (stdflt)
    DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
    DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
    DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
    DRV:64bit: - [2010.10.20 02:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
    DRV:64bit: - [2010.10.14 17:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
    DRV:64bit: - [2010.04.22 15:07:26 | 000,098,304 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nokia_cs1x_cdc_acm.sys -- (nokia_cs1x_cdc_acm)
    DRV:64bit: - [2010.04.22 15:07:26 | 000,097,280 | ---- | M] (Nokia) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nokia_cs1x_dc_enum.sys -- (nokia_cs1x_dc_enum)
    DRV:64bit: - [2010.04.22 15:07:26 | 000,013,824 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nokia_cs1x_cpo.sys -- (nokia_cs1x_cpo)
    DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
    DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
    DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
    DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
    DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
    DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
    DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
    DRV:64bit: - [2009.05.28 08:38:04 | 000,013,824 | ---- | M] (SAMSUNG ELECTRONICS) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SABI.sys -- (SABI)
    DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung.msn.com
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.elisa.net/
    IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    ========== FireFox ==========

    FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:24.0
    FF - user.js - File not found

    FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\HC-MS\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\HC-MS\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
    FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
    FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

    [2012.05.31 15:32:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\HC-MS\AppData\Roaming\Mozilla\Extensions
    [2015.01.01 14:54:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\HC-MS\AppData\Roaming\Mozilla\Firefox\Profiles\b1wdk9qd.default\extensions
    [2015.01.01 14:54:46 | 000,227,908 | ---- | M] () (No name found) -- C:\Users\HC-MS\AppData\Roaming\Mozilla\Firefox\Profiles\b1wdk9qd.default\extensions\firefox-hotfix@mozilla.org.xpi
    [2014.11.14 10:21:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
    [2014.11.14 10:21:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
    [2014.11.14 10:21:42 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

    ========== Chrome ==========

    CHR - default_search_provider: Google (Enabled)
    CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:eek:riginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
    CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
    CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
    CHR - plugin: Native Client (Enabled) = C:\Users\HC-MS\AppData\Local\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll
    CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\HC-MS\AppData\Local\Google\Chrome\Application\37.0.2062.124\pdf.dll
    CHR - plugin: Shockwave Flash (Enabled) = C:\Users\HC-MS\AppData\Local\Google\Chrome\Application\37.0.2062.124\gcswf32.dll
    CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
    CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
    CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
    CHR - plugin: Windows Live™ Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    CHR - plugin: Google Update (Enabled) = C:\Users\HC-MS\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
    CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll

    O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
    O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    O2:64bit: - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
    O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
    O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    O3:64bit: - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
    O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)
    O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
    O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
    O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
    O4 - HKLM..\Run: [NokiaInternetModem_AppStart.exe] C:\Program Files (x86)\Nokia\Nokia Internet Modem\NokiaInternetModem_AppStart.exe ()
    O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
    O4 - HKCU..\Run: [Spotify] C:\Users\HC-MS\AppData\Roaming\Spotify\spotify.exe (Spotify Ltd)
    O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\HC-MS\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
    O1364bit: - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{31BCF574-A853-442A-9437-CA1DB4518C78}: DhcpNameServer = 172.20.10.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{829F0BDB-6AF4-4621-A1EB-BD5BFB352839}: NameServer = 192.89.123.230 192.89.123.231
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C91AF864-07EE-4F8A-90DD-6550155D24AF}: NameServer = 62.241.198.245 62.241.198.246
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DE85D4D2-4D87-4FAF-8DCE-9E3B3A068603}: DhcpNameServer = 192.168.1.1 192.168.1.1
    O18:64bit: - Protocol\Handler\livecall - No CLSID value found
    O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
    O18:64bit: - Protocol\Handler\msnim - No CLSID value found
    O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
    O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
    O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
    O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2009.01.20 19:22:18 | 000,126,976 | R--- | M] (Huawei Technologies Co., Ltd.) - D:\AutoRun.exe -- [ CDFS ]
    O32 - AutoRun File - [2008.03.04 18:34:52 | 000,000,047 | R--- | M] () - D:\AUTORUN.INF -- [ CDFS ]
    O33 - MountPoints2\{0c1a0ce7-bd4f-11e2-b79b-e8039a351349}\Shell - "" = AutoRun
    O33 - MountPoints2\{0c1a0ce7-bd4f-11e2-b79b-e8039a351349}\Shell\AutoRun\command - "" = D:\AutoRun.exe -- [2009.01.20 19:22:18 | 000,126,976 | R--- | M] (Huawei Technologies Co., Ltd.)
    O33 - MountPoints2\{1d6b46b1-91b3-11e4-947c-88532eae63e7}\Shell - "" = AutoRun
    O33 - MountPoints2\{1d6b46b1-91b3-11e4-947c-88532eae63e7}\Shell\AutoRun\command - "" = D:\AutoRun.exe -- [2009.01.20 19:22:18 | 000,126,976 | R--- | M] (Huawei Technologies Co., Ltd.)
    O33 - MountPoints2\{31e8b183-3646-11e2-b887-88532eae63e7}\Shell - "" = AutoRun
    O33 - MountPoints2\{31e8b183-3646-11e2-b887-88532eae63e7}\Shell\AutoRun\command - "" = D:\AutoRun.exe -- [2009.01.20 19:22:18 | 000,126,976 | R--- | M] (Huawei Technologies Co., Ltd.)
    O33 - MountPoints2\{31e8b191-3646-11e2-b887-88532eae63e7}\Shell - "" = AutoRun
    O33 - MountPoints2\{31e8b191-3646-11e2-b887-88532eae63e7}\Shell\AutoRun\command - "" = D:\AutoRun.exe -- [2009.01.20 19:22:18 | 000,126,976 | R--- | M] (Huawei Technologies Co., Ltd.)
    O33 - MountPoints2\{7d3921e4-b490-11e1-8581-88532eae63e7}\Shell - "" = AutoRun
    O33 - MountPoints2\{7d3921e4-b490-11e1-8581-88532eae63e7}\Shell\AutoRun\command - "" = D:\AutoRun.exe -- [2009.01.20 19:22:18 | 000,126,976 | R--- | M] (Huawei Technologies Co., Ltd.)
    O33 - MountPoints2\{7d39220f-b490-11e1-8581-88532eae63e7}\Shell - "" = AutoRun
    O33 - MountPoints2\{7d39220f-b490-11e1-8581-88532eae63e7}\Shell\AutoRun\command - "" = D:\AutoRun.exe -- [2009.01.20 19:22:18 | 000,126,976 | R--- | M] (Huawei Technologies Co., Ltd.)
    O33 - MountPoints2\{a59977b3-abfc-11e1-bf9f-88532eae63e7}\Shell - "" = AutoRun
    O33 - MountPoints2\{a59977b3-abfc-11e1-bf9f-88532eae63e7}\Shell\AutoRun\command - "" = D:\AutoRun.exe -- [2009.01.20 19:22:18 | 000,126,976 | R--- | M] (Huawei Technologies Co., Ltd.)
    O33 - MountPoints2\{da3e66b9-b38e-11e1-896d-e8039a351349}\Shell - "" = AutoRun
    O33 - MountPoints2\{da3e66b9-b38e-11e1-896d-e8039a351349}\Shell\AutoRun\command - "" = D:\AutoRun.exe -- [2009.01.20 19:22:18 | 000,126,976 | R--- | M] (Huawei Technologies Co., Ltd.)
    O33 - MountPoints2\{da3e66c6-b38e-11e1-896d-e8039a351349}\Shell - "" = AutoRun
    O33 - MountPoints2\{da3e66c6-b38e-11e1-896d-e8039a351349}\Shell\AutoRun\command - "" = D:\AutoRun.exe -- [2009.01.20 19:22:18 | 000,126,976 | R--- | M] (Huawei Technologies Co., Ltd.)
    O33 - MountPoints2\{da3e6706-b38e-11e1-896d-001e101f21c1}\Shell - "" = AutoRun
    O33 - MountPoints2\{da3e6706-b38e-11e1-896d-001e101f21c1}\Shell\AutoRun\command - "" = D:\AutoRun.exe -- [2009.01.20 19:22:18 | 000,126,976 | R--- | M] (Huawei Technologies Co., Ltd.)
    O33 - MountPoints2\{ff200ca4-2990-11e2-a417-88532eae63e7}\Shell - "" = AutoRun
    O33 - MountPoints2\{ff200ca4-2990-11e2-a417-88532eae63e7}\Shell\AutoRun\command - "" = D:\AutoRun.exe -- [2009.01.20 19:22:18 | 000,126,976 | R--- | M] (Huawei Technologies Co., Ltd.)
    O33 - MountPoints2\D\Shell - "" = AutoRun
    O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\AutoRun.exe -- [2009.01.20 19:22:18 | 000,126,976 | R--- | M] (Huawei Technologies Co., Ltd.)
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
    O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

    ========== Files/Folders - Created Within 30 Days ==========

    [2015.01.02 07:32:41 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
    [2015.01.02 07:31:33 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
    [2015.01.02 07:25:33 | 000,000,000 | -HSD | C] -- C:\Users\HC-MS\AppData\Local\EmieBrowserModeList
    [2015.01.02 07:22:46 | 000,000,000 | ---D | C] -- C:\windows\SysNative\appraiser
    [2015.01.02 07:11:48 | 000,000,000 | -HSD | C] -- C:\Config.Msi
    [2015.01.02 07:10:12 | 000,000,000 | ---D | C] -- C:\ProgramData\F-Secure-UninstallationTool
    [2015.01.01 16:47:36 | 001,232,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aitstatic.exe
    [2015.01.01 16:47:36 | 000,830,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\appraiser.dll
    [2015.01.01 16:47:35 | 001,083,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aeinv.dll
    [2015.01.01 16:47:35 | 000,741,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\invagent.dll
    [2015.01.01 16:47:35 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aepic.dll
    [2015.01.01 16:47:34 | 000,413,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\generaltel.dll
    [2015.01.01 16:47:34 | 000,396,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\devinv.dll
    [2015.01.01 16:47:33 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aepdu.dll
    [2015.01.01 16:46:45 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\HC-MS\HijackThis.exe
    [2015.01.01 16:44:01 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WindowsCodecs.dll
    [2015.01.01 16:43:44 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollector.exe
    [2015.01.01 16:43:44 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
    [2015.01.01 16:43:44 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwproxystub.dll
    [2015.01.01 16:43:44 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieetwproxystub.dll
    [2015.01.01 16:43:44 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
    [2015.01.01 16:43:43 | 000,718,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
    [2015.01.01 16:43:43 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
    [2015.01.01 16:43:42 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\JavaScriptCollectionAgent.dll
    [2015.01.01 16:43:42 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
    [2015.01.01 16:43:38 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
    [2015.01.01 16:43:37 | 002,052,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
    [2015.01.01 16:43:37 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll
    [2015.01.01 16:43:36 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript9diag.dll
    [2015.01.01 16:43:36 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollectorres.dll
    [2015.01.01 16:43:35 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
    [2015.01.01 16:43:34 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MsSpellCheckingFacility.exe
    [2015.01.01 16:43:34 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
    [2015.01.01 16:43:34 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
    [2015.01.01 16:43:34 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll
    [2015.01.01 16:43:31 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
    [2015.01.01 16:43:30 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll
    [2015.01.01 16:43:28 | 002,125,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
    [2015.01.01 16:43:26 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmlmedia.dll
    [2015.01.01 16:43:24 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
    [2015.01.01 16:43:23 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
    [2015.01.01 16:43:23 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MshtmlDac.dll
    [2015.01.01 16:43:21 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
    [2015.01.01 16:43:21 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll
    [2015.01.01 16:43:18 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmlmedia.dll
    [2015.01.01 16:43:18 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
    [2015.01.01 16:43:17 | 006,039,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
    [2015.01.01 16:43:17 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9diag.dll
    [2015.01.01 16:43:16 | 000,580,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
    [2015.01.01 16:43:14 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MshtmlDac.dll
    [2015.01.01 16:43:13 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
    [2015.01.01 16:41:18 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\charmap.exe
    [2015.01.01 16:41:18 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\charmap.exe
    [2015.01.01 16:41:16 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WSManMigrationPlugin.dll
    [2015.01.01 16:41:16 | 000,310,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WsmWmiPl.dll
    [2015.01.01 16:41:16 | 000,266,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WSManHTTPConfig.exe
    [2015.01.01 16:41:16 | 000,248,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WSManMigrationPlugin.dll
    [2015.01.01 16:41:16 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WsmWmiPl.dll
    [2015.01.01 16:41:16 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WSManHTTPConfig.exe
    [2015.01.01 16:41:16 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WsmAuto.dll
    [2015.01.01 16:41:15 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WsmAuto.dll
    [2015.01.01 16:40:22 | 001,460,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsasrv.dll
    [2015.01.01 16:39:30 | 000,681,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\adtschema.dll
    [2015.01.01 16:39:30 | 000,681,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\adtschema.dll
    [2015.01.01 16:39:28 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msaudite.dll
    [2015.01.01 16:39:28 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msaudite.dll
    [2015.01.01 15:07:06 | 003,209,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mf.dll
    [2015.01.01 15:07:06 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfps.dll
    [2015.01.01 15:07:06 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfps.dll
    [2015.01.01 15:07:06 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rrinstaller.exe
    [2015.01.01 15:07:06 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rrinstaller.exe
    [2015.01.01 15:07:06 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfpmp.exe
    [2015.01.01 15:07:06 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfpmp.exe
    [2015.01.01 15:07:06 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mferror.dll
    [2015.01.01 15:07:06 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mferror.dll
    [2015.01.01 15:07:05 | 004,121,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mf.dll
    [2015.01.01 14:56:48 | 003,221,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mstscax.dll
    [2015.01.01 14:56:47 | 003,722,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mstscax.dll
    [2015.01.01 14:56:45 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mstsc.exe
    [2015.01.01 14:56:45 | 001,051,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mstsc.exe
    [2015.01.01 14:56:45 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winlogon.exe
    [2015.01.01 14:56:45 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winsta.dll
    [2015.01.01 14:56:45 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcorekmts.dll
    [2015.01.01 14:56:44 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\aaclient.dll

    ========== Files - Modified Within 30 Days ==========

    [2015.01.02 07:29:19 | 000,028,848 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2015.01.02 07:29:19 | 000,028,848 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2015.01.02 07:24:24 | 000,001,004 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
    [2015.01.02 07:23:55 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
    [2015.01.02 07:23:52 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
    [2015.01.02 07:16:49 | 000,701,104 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
    [2015.01.02 07:16:49 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
    [2015.01.02 07:08:45 | 000,001,008 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
    [2015.01.01 16:46:58 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\HC-MS\HijackThis.exe
    [2015.01.01 16:46:12 | 000,001,018 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2032064538-2066404222-2308579751-1000UA.job
    [2015.01.01 14:48:51 | 001,363,006 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
    [2015.01.01 14:48:51 | 000,657,096 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
    [2015.01.01 14:48:51 | 000,484,442 | ---- | M] () -- C:\windows\SysNative\perfh00B.dat
    [2015.01.01 14:48:51 | 000,123,566 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
    [2015.01.01 14:48:51 | 000,103,100 | ---- | M] () -- C:\windows\SysNative\perfc00B.dat
    [2015.01.01 14:39:55 | 000,343,440 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
    [2014.12.04 04:50:55 | 000,413,184 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\generaltel.dll
    [2014.12.04 04:50:45 | 000,741,376 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\invagent.dll
    [2014.12.04 04:50:40 | 000,396,800 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\devinv.dll
    [2014.12.04 04:50:38 | 000,830,976 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\appraiser.dll
    [2014.12.04 04:50:37 | 000,227,328 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\aepdu.dll
    [2014.12.04 04:50:37 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\aepic.dll
    [2014.12.04 04:44:48 | 001,083,392 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\aeinv.dll

    ========== Files Created - No Company Name ==========

    [2012.06.02 10:28:47 | 000,000,048 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
    [2011.08.10 15:19:36 | 000,247,136 | ---- | C] () -- C:\ProgramData\DeleteFile.exe

    ========== ZeroAccess Check ==========

    [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
    "" = C:\Windows\SysNative\shell32.dll -- [2014.06.25 04:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shell32.dll -- [2014.06.25 03:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
    < End of report >
     
  5. Nanna_86

    Nanna_86 Active member

    Liittynyt:
    03.09.2014
    Viestejä:
    561
    Kiitokset:
    124
    Pisteet:
    53
    Käynnistä uudelleen OTL.exe
    Kopioi ja Liitä alla oleva teksti, " Custom Scans/ Fixes tekstilaatikkoon ".


    Koodi:
    :otl
    FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    
    O1364bit: - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O18:64bit: - Protocol\Handler\livecall - No CLSID value found
    O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
    O18:64bit: - Protocol\Handler\msnim - No CLSID value found
    O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
    O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
    O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    
    :commands
    [emptytemp]
    [emptyjava]
    [emptyflash]
    

    Paina " Run Fix " .
    Ja lähetä tulokset seuraavassa postissasi.
    Jos OTL haluaa käynnistää tietokoneen uudelleen, anna sen tehdä niin.

    Löytyy polusta:
    c:\_OTL\MovedFiles
     
  6. _n00bie_

    _n00bie_ Member

    Liittynyt:
    16.08.2009
    Viestejä:
    18
    Kiitokset:
    0
    Pisteet:
    11
    Tänks! tällainen listaus saatiin aikaan:

    All processes killed
    ========== OTL ==========
    64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
    64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
    64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
    File Protocol\Handler\livecall - No CLSID value found not found.
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
    File Protocol\Handler\ms-help - No CLSID value found not found.
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
    File Protocol\Handler\msnim - No CLSID value found not found.
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
    File Protocol\Handler\skype4com - No CLSID value found not found.
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully.
    File Protocol\Handler\wlmailhtml - No CLSID value found not found.
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully.
    File Protocol\Handler\wlpg - No CLSID value found not found.
    64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: All Users

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: HC-MS
    ->Temp folder emptied: 2553726 bytes
    ->Temporary Internet Files folder emptied: 10081194 bytes
    ->FireFox cache emptied: 128951292 bytes
    ->Google Chrome cache emptied: 0 bytes
    ->Flash cache emptied: 689 bytes

    User: Public

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32 (64bit) .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 4036836 bytes
    %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 42313970 bytes
    RecycleBin emptied: 352713696 bytes

    Total Files Cleaned = 516,00 mb


    [EMPTYJAVA]

    User: All Users

    User: Default

    User: Default User

    User: HC-MS

    User: Public

    Total Java Files Cleaned = 0,00 mb


    [EMPTYFLASH]

    User: All Users

    User: Default

    User: Default User

    User: HC-MS
    ->Flash cache emptied: 0 bytes

    User: Public

    Total Flash Files Cleaned = 0,00 mb


    OTL by OldTimer - Version 3.2.69.0 log created on 01022015_203219
    Files\Folders moved on Reboot...
    C:\Users\HC-MS\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
    C:\Users\HC-MS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ZGXZA4A2\fastbutton[1].htm moved successfully.
    C:\Users\HC-MS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ZGXZA4A2\hidastunut-kone-f-securen-poisto-virustorjunnan-asennus[1].htm moved successfully.
    C:\Users\HC-MS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ZGXZA4A2\postmessageRelay[1].htm moved successfully.
    C:\Users\HC-MS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\XJ5NOFYN\7r8gQb8MIqE[1].htm moved successfully.
    C:\Users\HC-MS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DHASDK3D\like[1].htm moved successfully.
    C:\Users\HC-MS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\D1LT716H\auth[1].htm moved successfully.
    C:\Users\HC-MS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\D1LT716H\grlryt2bdKIyfMSOhzd1eA[1].woff moved successfully.
    C:\Users\HC-MS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\3PIIBP4X\tweet_button.c27d2d163408c0fe087fbfe1c687ce2b.fi[1].htm moved successfully.
    C:\Users\HC-MS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1T24NWRU\7r8gQb8MIqE[1].htm moved successfully.
    C:\Users\HC-MS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1T24NWRU\push[1].htm moved successfully.
    C:\Users\HC-MS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0Z8SV01L\container[1].htm moved successfully.
    C:\Users\HC-MS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\4A72F430-B40C-4D36-A068-CE33ADA5ADF9.dat moved successfully.
    C:\Users\HC-MS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.
    C:\Users\HC-MS\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
    File move failed. C:\windows\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.
    PendingFileRenameOperations files...
    Registry entries deleted on Reboot...
     
  7. Nanna_86

    Nanna_86 Active member

    Liittynyt:
    03.09.2014
    Viestejä:
    561
    Kiitokset:
    124
    Pisteet:
    53
    Mikäli vielä haluat, voit tehdä seuraavat tarkistukset,


    Lataa AdwCleaner tästä.
    • Sulje kaikki avoimet ohjelmat ja Internet-selain tarkistuksen ajaksi.
    • Tuplaklikkaa AdwCleaner.exe auki ja valitse " Scan ".
    • Kun tarkistus on valmis, Valitse " Clean ".
    • Tietokone käynnistyy automaattisesti ohjelman valmistuttua.
    • Käynnistyessään, Saat näkyviin lokitiedoston. Lähetä se seuraavassa viestissäsi.

    [​IMG]

    -------------------------------

    1. Lataa ESET ohjelma tietokoneellesi tästä.

    2. Tallenna se työpöydällesi.

    3. Käynnistä ohjelma " esetsmartinstaller_enu.exe ". Saat näkyviin turvavarmenteen paina " Run/ Jatka "

    4. Seuraavassa hyväksyt käyttöehdot ja paina " Start / Next "

    5. Tarkistuksen asetukset, Voit muuttaa niitä halutessasi " Start "

    [​IMG]

    6. Ohjelma lataa ensin uusimmat virustietokannat ja aloittaa sitten tarkistukset.

    [​IMG]

    7. Tarkistus

    [​IMG]

    8. Kun tarkistus on saatu päätökseen, saat tulokset ruutuusi. Ohjelma kertoo jos haittaohjelmia on löytynyt.

    [​IMG]

    Lopuksi, ESET luo loki-tiedoston polkuun:
    " C:\Program Files\ESET\EsetOnlineScanner\log.txt " 64-bittisessä järjestelmässä polku on
    "C:\Program Files (x86)\ESET\Esetonlinescanner\log.txt".

    Lähetä tämän loki-tiedoston sisältö seuraavassa viestissäsi.

    -----------------------
    ESET Online scannerin poisto:

    Käynnistä > Ohjauspaneeli >" Ohjelmat ja toiminnot " tai joissakin järjestelmissä " Lisää poista sovellus " > Valitse " ESET Online Scanner " > poista asennus.

    ------------------------
     
  8. _n00bie_

    _n00bie_ Member

    Liittynyt:
    16.08.2009
    Viestejä:
    18
    Kiitokset:
    0
    Pisteet:
    11
    Eka siivous tehty, puhdasta oli/tuli :)

    # AdwCleaner v4.106 - Report created 03/01/2015 at 17:42:47
    # Updated 21/12/2014 by Xplode
    # Database : 2015-01-03.1 [Live]
    # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Username : HC-MS - HC-MS-PC-N
    # Running from : C:\Users\HC-MS\Downloads\AdwCleaner.exe
    # Option : Clean
    ***** [ Services ] *****

    ***** [ Files / Folders ] *****

    ***** [ Scheduled Tasks ] *****

    ***** [ Shortcuts ] *****

    ***** [ Registry ] *****
    Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
    Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8DCB7100-DF86-4384-8842-8FA844297B3F}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8DCB7100-DF86-4384-8842-8FA844297B3F}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8DCB7100-DF86-4384-8842-8FA844297B3F}
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{8DCB7100-DF86-4384-8842-8FA844297B3F}]
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{8DCB7100-DF86-4384-8842-8FA844297B3F}
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
    Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{8DCB7100-DF86-4384-8842-8FA844297B3F}]
    ***** [ Browsers ] *****
    -\\ Internet Explorer v11.0.9600.17496

    -\\ Mozilla Firefox v33.1.1 (x86 fi)

    -\\ Google Chrome v

    *************************
    AdwCleaner[R0].txt - [2166 octets] - [03/01/2015 17:28:29]
    AdwCleaner[R1].txt - [2226 octets] - [03/01/2015 17:38:04]
    AdwCleaner[S0].txt - [2159 octets] - [03/01/2015 17:42:47]
    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2219 octets] ##########
     
  9. _n00bie_

    _n00bie_ Member

    Liittynyt:
    16.08.2009
    Viestejä:
    18
    Kiitokset:
    0
    Pisteet:
    11
    Ja tässä vielä tuo ESET-setti :) Puhdasta on?

    ESETSmartInstaller@High as downloader log:
    all ok
    # product=EOS
    # version=8
    # OnlineScannerApp.exe=1.0.0.1
    # OnlineScanner.ocx=1.0.0.7623
    # api_version=3.0.2
    # EOSSerial=6f12d008d0f4644ba3b3dbb0e2761d9c
    # engine=21803
    # end=finished
    # remove_checked=false
    # archives_checked=false
    # unwanted_checked=true
    # unsafe_checked=false
    # antistealth_checked=true
    # utc_time=2015-01-03 05:12:33
    # local_time=2015-01-03 07:12:33 (+0200, Suomen normaaliaika)
    # country="Finland"
    # lang=1033
    # osver=6.1.7601 NT Service Pack 1
    # compatibility_mode_1='avast! Antivirus'
    # compatibility_mode=783 16777213 71 94 102145 4934364 0 0
    # compatibility_mode_1=''
    # compatibility_mode=5893 16776574 100 94 46173083 171935003 0 0
    # scanned=185366
    # found=0
    # cleaned=0
    # scan_time=4873
     
  10. Nanna_86

    Nanna_86 Active member

    Liittynyt:
    03.09.2014
    Viestejä:
    561
    Kiitokset:
    124
    Pisteet:
    53
    Kyllä puhtaaksi tuli :).
     
  11. _n00bie_

    _n00bie_ Member

    Liittynyt:
    16.08.2009
    Viestejä:
    18
    Kiitokset:
    0
    Pisteet:
    11
    Suurkiitos avusta Nanna!
     

Jaa tämä sivu