Ongelma HJT- ja OTL-logit, kone tökkii, selain sekoilee

Viestiketju Virukset ja haittaohjelmat - HijackThis -logit -osiossa. Ketjun avasi olenpelle 25.11.2014.

  1. olenpelle

    olenpelle Member

    Liittynyt:
    05.06.2006
    Viestejä:
    31
    Kiitokset:
    0
    Pisteet:
    11
    Otsikon mukaisesti koneeni on ruvennut välillä hidastelemaan oikein urakalla. Selaimessa on sellainen kummallisuus, että tökkimisen lisäksi YouTube vaihtaa itsestään videoa, ts. noin 10 sek katselemisen jälkeen video vaihtuu itsestään. Alla HJT-logi:


    Logfile of Trend Micro HijackThis v2.0.5
    Scan saved at 21:10:12, on 25.11.2014
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v11.0 (11.00.9600.17420)

    FIREFOX: 33.1.1 (x86 fi)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
    C:\Program Files (x86)\ASUS\APRP\aprp.exe
    C:\Program Files (x86)\ASUS\AI Suite III\Remote GO!\AssistTools\WiFi GO! Server.exe
    C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
    C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
    C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
    C:\Users\Juha\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
    C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
    C:\Program Files (x86)\F-Secure\Common\FSM32.EXE
    C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe
    C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\EPUShortCut.exe
    A:\Tiedostot\Lataukset\HijackThis.exe
    C:\Program Files (x86)\ASUS\AI Suite III\Remote GO!\AsDLNAServerReal.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fi/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe,
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files (x86)\F-Secure\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files (x86)\F-Secure\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
    O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Juha\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Paikallinen palvelu')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Paikallinen palvelu')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Verkkopalvelu')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Verkkopalvelu')
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
    O23 - Service: ASUS HM Com Service (asHmComSvc) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
    O23 - Service: AsusFanControlService - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsusFanControlService\1.04.01\AsusFanControlService.exe
    O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
    O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: DTSAudioSvc - DTS, Inc - C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
    O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
    O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
    O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files (x86)\F-Secure\Anti-Virus\fsgk32st.exe
    O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files (x86)\F-Secure\Common\FNRB32.EXE
    O23 - Service: Fast Track Pro Audio Device Monitor (FastTrackProAudioDevMon) - M-Audio - C:\Program Files (x86)\M-Audio\Fast Track Pro\AudioDevMon.exe
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: F-Secure Device Control Daemon (fsdevcon) - F-Secure Corporation - C:\Program Files (x86)\F-Secure\Device Control\\fsdevcon64.exe
    O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files (x86)\F-Secure\FWES\Program\fsdfwd.exe
    O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files (x86)\F-Secure\Common\FSMA32.EXE
    O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files (x86)\F-Secure\ORSP Client\fsorsp.exe
    O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
    O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
    O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
    O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
    O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe
    O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
    O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe

    --
    End of file - 22777 bytes
     
  2.  
  3. olenpelle

    olenpelle Member

    Liittynyt:
    05.06.2006
    Viestejä:
    31
    Kiitokset:
    0
    Pisteet:
    11
    Ja tässä vielä OTL-logi:



    OTL logfile created on: 25.11.2014 21:15:17 - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = A:\Tiedostot\Lataukset
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.11.9600.17420)
    Locale: 0000040b | Country: Suomi | Language: FIN | Date Format: d.M.yyyy
    7,69 Gb Total Physical Memory | 5,62 Gb Available Physical Memory | 73,06% Memory free
    15,37 Gb Paging File | 13,13 Gb Available in Paging File | 85,40% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]
    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 223,47 Gb Total Space | 158,48 Gb Free Space | 70,92% Space Free | Partition Type: NTFS
    Drive K: | 48,83 Gb Total Space | 48,73 Gb Free Space | 99,80% Space Free | Partition Type: NTFS
    Computer Name: JUHA-PC | User Name: Juha | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
    ========== Processes (SafeList) ==========
    PRC - [2014.11.25 21:14:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- A:\Tiedostot\Lataukset\OTL.exe
    PRC - [2014.11.25 21:02:31 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- A:\Tiedostot\Lataukset\HijackThis.exe
    PRC - [2014.11.24 08:57:38 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    PRC - [2014.11.20 23:17:43 | 000,573,992 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\F-Secure\Anti-Virus\fsav32.exe
    PRC - [2014.11.20 23:16:53 | 001,236,008 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\F-Secure\Anti-Virus\fssm32.exe
    PRC - [2014.11.20 23:16:53 | 000,687,656 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\F-Secure\Anti-Virus\fsgk32.exe
    PRC - [2014.11.12 14:09:03 | 001,880,752 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_223.exe
    PRC - [2014.10.18 14:14:46 | 001,514,040 | ---- | M] (Spotify Ltd) -- C:\Users\Juha\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
    PRC - [2014.09.04 04:50:02 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    PRC - [2014.02.01 15:14:48 | 000,060,352 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\F-Secure\ORSP Client\fsorsp.exe
    PRC - [2013.11.21 12:18:04 | 000,217,128 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\F-Secure\Common\FNRB32.exe
    PRC - [2013.11.21 12:18:04 | 000,153,640 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\F-Secure\Common\FIH32.exe
    PRC - [2013.11.21 12:17:58 | 000,348,712 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\F-Secure\Common\FSM32.EXE
    PRC - [2013.11.21 12:17:58 | 000,206,888 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\F-Secure\Common\FSMA32.EXE
    PRC - [2013.11.21 12:17:56 | 000,144,936 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\F-Secure\Common\FSHDLL32.EXE
    PRC - [2013.11.21 12:17:38 | 000,224,296 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\F-Secure\Anti-Virus\FSGK32ST.exe
    PRC - [2013.10.24 13:00:38 | 000,936,728 | ---- | M] () -- C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
    PRC - [2013.09.03 16:52:56 | 000,390,616 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    PRC - [2013.09.03 16:52:14 | 000,169,432 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    PRC - [2013.08.26 10:46:04 | 000,967,480 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite III\Remote GO!\AssistTools\WiFi GO! Server.exe
    PRC - [2013.08.26 09:55:06 | 000,696,632 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite III\Remote GO!\AsDLNAServerReal.exe
    PRC - [2013.08.13 20:55:30 | 001,225,528 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
    PRC - [2013.08.13 20:55:30 | 001,221,912 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\EPUShortCut.exe
    PRC - [2013.08.13 14:55:28 | 001,656,464 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsusFanControlService\1.04.01\AsusFanControlService.exe
    PRC - [2013.08.07 19:12:58 | 001,454,224 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
    PRC - [2013.08.07 14:24:00 | 000,287,592 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    PRC - [2013.08.07 14:24:00 | 000,015,720 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    PRC - [2013.08.01 04:57:22 | 000,954,648 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
    PRC - [2013.07.24 10:16:48 | 001,425,208 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
    PRC - [2013.05.23 07:56:34 | 001,688,336 | ---- | M] (M-Audio) -- C:\Program Files (x86)\M-Audio\Fast Track Pro\AudioDevMon.exe
    PRC - [2013.04.26 10:25:54 | 000,292,848 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
    ========== Modules (No Company Name) ==========
    MOD - [2014.11.24 08:57:37 | 003,649,648 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
    MOD - [2014.11.12 14:09:03 | 016,840,880 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll
    MOD - [2014.10.18 15:12:05 | 002,997,248 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\92a3b88ac6300af062edd6503bc5903c\System.IdentityModel.ni.dll
    MOD - [2014.10.18 15:12:04 | 019,696,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\316b149dbb031d0e35c9d57bb2fc4b6e\System.ServiceModel.ni.dll
    MOD - [2014.10.18 15:11:56 | 001,091,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servf73e6522#\8c9f9e94e93956d68b43e34324790c6d\System.ServiceModel.Web.ni.dll
    MOD - [2014.10.17 19:03:38 | 001,889,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\8b133e0d94535a7534719f70873ca7fe\System.Xaml.ni.dll
    MOD - [2014.10.17 19:03:36 | 012,894,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\db563d596d76daed04e9b5d25b2f4cb9\System.Windows.Forms.ni.dll
    MOD - [2014.10.17 19:03:34 | 007,668,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\7147fa233a070283dba824da40089bf1\System.Xml.ni.dll
    MOD - [2014.10.17 19:03:34 | 006,990,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\691c1ad89d16f49d80e84fa06a79089a\System.Core.ni.dll
    MOD - [2014.10.17 19:03:32 | 002,822,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f9f13cd8fe1cefaad78579a7c3a41464\System.Runtime.Serialization.ni.dll
    MOD - [2014.10.17 19:03:32 | 001,644,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b4c08872c259018b17b2801da33ac80f\System.Drawing.ni.dll
    MOD - [2014.10.17 19:03:32 | 000,794,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\35d3a1b878542de59cb4fc0593992404\System.ServiceModel.Internals.ni.dll
    MOD - [2014.10.17 19:03:32 | 000,122,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\046058f81b039ab6fd839e03e67595f8\SMDiagnostics.ni.dll
    MOD - [2014.10.17 19:03:31 | 010,100,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\17a393b77ae757f0768501fb95ff5af6\System.ni.dll
    MOD - [2014.10.17 19:03:31 | 000,976,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\0648dbecb7e3fb9523565107e04a5caf\System.Configuration.ni.dll
    MOD - [2014.02.12 20:33:38 | 016,953,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll
    MOD - [2013.11.21 12:16:30 | 000,601,128 | ---- | M] () -- C:\Program Files (x86)\F-Secure\FSGUI\gres.dll
    MOD - [2013.11.21 12:16:18 | 000,089,128 | ---- | M] () -- C:\Program Files (x86)\F-Secure\FSGUI\aboutres.dll
    MOD - [2013.11.21 12:16:16 | 000,642,088 | ---- | M] () -- C:\Program Files (x86)\F-Secure\FSGUI\about.dll
    MOD - [2013.11.21 11:37:02 | 000,118,784 | ---- | M] () -- C:\Program Files (x86)\F-Secure\FSGUI\strres.eng
    MOD - [2013.11.21 11:37:00 | 000,045,056 | ---- | M] () -- C:\Program Files (x86)\F-Secure\FSGUI\fsavures.eng
    MOD - [2013.11.21 11:36:58 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\F-Secure\FSGUI\flyerres.eng
    MOD - [2013.08.29 15:59:58 | 001,138,176 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EasyUpdt.dll
    MOD - [2013.08.13 20:55:30 | 001,225,528 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
    MOD - [2013.08.13 20:55:30 | 001,221,912 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\EPUShortCut.exe
    MOD - [2013.08.13 20:55:30 | 000,825,344 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4EpuAction.dll
    MOD - [2013.08.13 20:55:30 | 000,776,704 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4TurboVEVOAction.dll
    MOD - [2013.08.13 20:55:30 | 000,765,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4FanAction.dll
    MOD - [2013.08.13 20:55:30 | 000,685,056 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4DIGIPowerControlAction.dll
    MOD - [2013.08.13 20:46:12 | 002,745,344 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\DIP4\dip4.dll
    MOD - [2013.08.07 19:11:34 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll
    MOD - [2013.08.07 19:11:34 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\cpuutil.dll
    MOD - [2013.08.06 20:04:58 | 002,502,656 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\Remote GO!\AssistTools\xH264E.dll
    MOD - [2013.08.05 11:14:32 | 000,176,128 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\Remote GO!\AssistTools\DLCapPP.dll
    MOD - [2013.07.31 20:05:12 | 005,773,588 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzULIB.dll
    MOD - [2013.07.24 10:16:48 | 001,425,208 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
    MOD - [2013.06.24 17:48:46 | 002,055,168 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\Remote GO!\WiFiGO.dll
    MOD - [2013.06.24 15:59:32 | 001,173,504 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\Network iControl\Network iControl.dll
    MOD - [2013.06.13 17:37:48 | 000,156,160 | ---- | M] () -- C:\Program Files (x86)\InstallShield Installation Information\{104BE4B8-D1DB-4170-977B-364960893DC8}\CloudAPI\CloudAPI.dll
    MOD - [2013.06.11 12:06:06 | 000,425,984 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\Remote GO!\AssistTools\awiscale.dll
    MOD - [2013.06.04 11:41:00 | 000,662,016 | R--- | M] () -- C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMLib.dll
    MOD - [2013.03.21 19:38:04 | 000,716,800 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\Remote GO!\AssistTools\WiMoveHelp.dll
    MOD - [2012.05.02 18:04:30 | 000,233,472 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\Remote GO!\AssistTools\AudioProjection.dll
    MOD - [2012.04.25 14:47:54 | 000,659,456 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\Remote GO!\AssistTools\PhoneCtrlAPI.dll
    MOD - [2012.01.12 16:44:02 | 000,475,136 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\Remote GO!\AssistTools\WiFiGO_HookKey.dll
    MOD - [2010.12.14 17:46:32 | 000,067,584 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\Remote GO!\AssistTools\CoreAudioCap.dll
    MOD - [2010.10.29 18:58:02 | 000,221,184 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\Remote GO!\AssistTools\JpegCD.dll
    MOD - [2010.06.21 15:21:22 | 000,208,896 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\ImageHelper.dll
    ========== Services (SafeList) ==========
    SRV:64bit: - [2014.11.06 05:30:08 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
    SRV:64bit: - [2013.08.07 14:24:00 | 000,015,720 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
    SRV:64bit: - [2013.05.27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
    SRV:64bit: - [2013.05.11 17:45:54 | 000,822,232 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe -- (Intel(R)
    SRV:64bit: - [2013.05.11 17:45:38 | 000,733,696 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
    SRV:64bit: - [2012.10.02 14:41:44 | 000,240,584 | ---- | M] (DTS, Inc) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe -- (DTSAudioSvc)
    SRV - [2014.11.24 08:57:37 | 000,114,288 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
    SRV - [2014.11.12 14:09:03 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
    SRV - [2014.09.04 04:50:02 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
    SRV - [2014.03.21 00:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
    SRV - [2014.02.01 15:14:48 | 000,060,352 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files (x86)\F-Secure\ORSP Client\fsorsp.exe -- (FSORSPClient)
    SRV - [2013.11.21 12:18:04 | 000,217,128 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files (x86)\F-Secure\Common\FNRB32.exe -- (F-Secure Network Request Broker)
    SRV - [2013.11.21 12:17:58 | 000,206,888 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files (x86)\F-Secure\Common\FSMA32.EXE -- (FSMA)
    SRV - [2013.11.21 12:17:38 | 000,224,296 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files (x86)\F-Secure\Anti-Virus\FSGK32ST.exe -- (F-Secure Gatekeeper Handler Starter)
    SRV - [2013.11.21 12:17:26 | 000,853,032 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files (x86)\F-Secure\FWES\program\fsdfwd.exe -- (FSDFWD)
    SRV - [2013.11.21 12:17:10 | 000,527,912 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\F-Secure\Device Control\\fsdevcon64.exe -- (fsdevcon)
    SRV - [2013.10.24 13:00:38 | 000,936,728 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe -- (asComSvc)
    SRV - [2013.09.11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
    SRV - [2013.09.03 16:52:56 | 000,390,616 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
    SRV - [2013.09.03 16:52:14 | 000,169,432 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
    SRV - [2013.08.13 14:55:28 | 001,656,464 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsusFanControlService\1.04.01\AsusFanControlService.exe -- (AsusFanControlService)
    SRV - [2013.08.01 04:57:22 | 000,954,648 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe -- (asHmComSvc)
    SRV - [2013.05.24 08:07:38 | 000,279,024 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
    SRV - [2013.05.23 07:56:34 | 001,688,336 | ---- | M] (M-Audio) [Auto | Running] -- C:\Program Files (x86)\M-Audio\Fast Track Pro\AudioDevMon.exe -- (FastTrackProAudioDevMon)
    SRV - [2013.01.02 17:11:16 | 000,171,632 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)
    ========== Driver Services (SafeList) ==========
    DRV:64bit: - [2014.02.01 15:22:58 | 000,056,016 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fsbts.sys -- (fsbts)
    DRV:64bit: - [2013.11.21 12:18:22 | 000,044,328 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\fses.sys -- (FSES)
    DRV:64bit: - [2013.11.21 12:17:24 | 000,094,056 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\fsdfw.sys -- (FSFW)
    DRV:64bit: - [2013.09.03 16:52:14 | 000,099,288 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverx64.sys -- (MEIx64)
    DRV:64bit: - [2013.08.07 14:23:46 | 000,644,968 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
    DRV:64bit: - [2013.08.07 14:23:46 | 000,028,008 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorF.sys -- (iaStorF)
    DRV:64bit: - [2013.05.23 07:56:32 | 000,184,592 | ---- | M] (M-Audio) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MAudioFastTrackPro.sys -- (MAUSBFASTTRACKPRO)
    DRV:64bit: - [2013.05.17 07:25:18 | 000,442,368 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
    DRV:64bit: - [2013.05.17 07:20:46 | 004,433,696 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
    DRV:64bit: - [2013.04.26 04:24:58 | 000,020,464 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
    DRV:64bit: - [2013.04.26 04:24:56 | 000,786,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
    DRV:64bit: - [2013.04.26 04:24:56 | 000,368,112 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
    DRV:64bit: - [2013.02.21 05:40:38 | 000,032,840 | R--- | M] (NT Kernel Resources) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ndisrd.sys -- (ndisrd)
    DRV:64bit: - [2012.12.26 19:26:12 | 000,805,088 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
    DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
    DRV:64bit: - [2011.07.08 17:17:24 | 000,122,960 | ---- | M] (High Criteria inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TotRec8.sys -- (TotRec8)
    DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
    DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
    DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
    DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
    DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
    DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
    DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
    DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
    DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
    DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
    DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
    DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
    DRV - [2014.11.20 23:17:36 | 000,207,400 | ---- | M] (F-Secure Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\F-Secure\Anti-Virus\minifilter\fsgk.sys -- (F-Secure Gatekeeper)
    DRV - [2014.11.20 23:16:53 | 000,071,112 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\F-Secure\HIPS\drivers\fshs.sys -- (F-Secure HIPS)
    DRV - [2014.07.09 14:21:53 | 000,089,640 | ---- | M] (F-Secure Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\F-Secure\NIF\bin\fsni64.sys -- (fsni)
    DRV - [2014.04.21 10:07:10 | 000,017,208 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\ASUS\AI Suite III\690b33e1-0462-4e84-9bea-c7552b45432a.sys -- (MbswMailbox)
    DRV - [2013.11.21 12:17:46 | 000,013,352 | ---- | M] () [Kernel | System | Running] -- C:\Program Files (x86)\F-Secure\Anti-Virus\minifilter\fsvista.sys -- (fsvista)
    DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
    ========== Standard Registry (SafeList) ==========
    ========== Internet Explorer ==========

    IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fi/
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fi.msn.com/?ocid=iehp
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fi
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E4 6A 67 97 4E 1F CF 01 [binary data]
    IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
    IE - HKCU\..\SearchScopes\{71155DD5-D9CE-4A45-B6A8-FCF76DA3ED6B}: "URL" = http://search.us.com/serp?guid={B908CEE0-2FE3-4996-84F9-ACA39DCBEDF0}&k={searchTerms}
    IE - HKCU\..\SearchScopes\{BA41DAB9-9870-4746-A9F6-39B24FB4484E}: "URL" = http://search.yahoo.com/search?p={searchTerms}&fr=tightropetb&type=10827
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    ========== FireFox ==========
    FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:33.1.1
    FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
    FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
    FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.65.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.65.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 33.1.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 33.1.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
    FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 33.1.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
    FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 33.1.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
    [2014.02.01 15:30:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Juha\AppData\Roaming\mozilla\Extensions
    [2014.11.15 14:03:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Juha\AppData\Roaming\mozilla\Firefox\Profiles\ztvsflfp.default\extensions
    [2014.11.15 14:03:56 | 000,979,699 | ---- | M] () (No name found) -- C:\Users\Juha\AppData\Roaming\mozilla\firefox\profiles\ztvsflfp.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
    [2014.11.24 08:57:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
    [2014.11.24 08:57:38 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
    O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
    O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2FEBFB6B-B79D-4FB9-9A16-91F88911EC28} - No CLSID value found.
    O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [RtHDVBg_DTS] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
    O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
    O4 - HKLM..\Run: [F-Secure Manager] C:\Program Files (x86)\F-Secure\Common\FSM32.EXE (F-Secure Corporation)
    O4 - HKLM..\Run: [F-Secure TNB] C:\Program Files (x86)\F-Secure\FSGUI\TNBUtil.exe (F-Secure Corporation)
    O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
    O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Juha\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
    O1364bit: - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.241.198.245 62.241.198.246
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E4A04AA4-524D-46A9-8EBE-339DE5A2C24E}: DhcpNameServer = 62.241.198.245 62.241.198.246
    O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
    O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O32 - HKLM CDRom: AutoRun - 1
    O33 - MountPoints2\{75607f48-8b36-11e3-87b5-806e6f6e6963}\Shell - "" = AutoRun
    O33 - MountPoints2\{75607f48-8b36-11e3-87b5-806e6f6e6963}\Shell\AutoRun\command - "" = D:\.\Bin\ASSETUP.exe
    O33 - MountPoints2\{b13ee17f-dcf6-11e3-96ff-bcee7b88a653}\Shell - "" = AutoRun
    O33 - MountPoints2\{b13ee17f-dcf6-11e3-96ff-bcee7b88a653}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
    O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
    ========== Files/Folders - Created Within 30 Days ==========
    [2014.11.24 08:57:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
    [2014.11.11 22:03:27 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
    [2014.11.11 22:03:27 | 000,304,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
    [2014.11.11 22:03:27 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
    [2014.11.11 22:03:25 | 001,460,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
    [2014.11.11 22:03:25 | 000,681,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
    [2014.11.11 22:03:25 | 000,681,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
    [2014.11.11 22:03:25 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
    [2014.11.11 22:03:25 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
    [2014.11.11 22:03:21 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
    [2014.11.11 22:03:21 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
    [2014.11.11 22:03:20 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
    [2014.11.11 22:03:20 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
    [2014.11.11 22:03:20 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
    [2014.11.11 22:03:20 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
    [2014.11.11 22:03:20 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
    [2014.11.11 22:03:20 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
    [2014.11.11 22:03:20 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
    [2014.11.11 22:03:19 | 000,708,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
    [2014.11.11 22:03:19 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
    [2014.11.11 22:03:18 | 002,051,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
    [2014.11.11 22:03:18 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
    [2014.11.11 22:03:18 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
    [2014.11.11 22:03:18 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
    [2014.11.11 22:03:18 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
    [2014.11.11 22:03:17 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
    [2014.11.11 22:03:17 | 000,799,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
    [2014.11.11 22:03:17 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
    [2014.11.11 22:03:17 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
    [2014.11.11 22:03:17 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
    [2014.11.11 22:03:16 | 002,124,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
    [2014.11.11 22:03:16 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
    [2014.11.11 22:03:16 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
    [2014.11.11 22:03:15 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
    [2014.11.11 22:03:15 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
    [2014.11.11 22:03:15 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
    [2014.11.11 22:03:15 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
    [2014.11.11 22:03:14 | 006,040,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
    [2014.11.11 22:03:14 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
    [2014.11.11 22:03:14 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
    [2014.11.11 22:03:14 | 000,580,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
    [2014.11.11 22:03:14 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
    [2014.11.11 22:03:13 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
    [2014.11.11 22:03:13 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
    [2014.11.11 22:03:04 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
    [2014.11.11 22:03:04 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
    [2014.11.11 22:03:03 | 000,878,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IMJP10K.DLL
    [2014.11.11 22:03:03 | 000,701,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IMJP10K.DLL
    [2014.11.11 22:03:02 | 000,500,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AUDIOKSE.dll
    [2014.11.11 22:03:02 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AUDIOKSE.dll
    [2014.11.11 22:03:02 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioEng.dll
    [2014.11.11 22:03:02 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioSes.dll
    [2014.11.11 22:03:02 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDump.dll
    [2014.11.11 22:03:00 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
    [2014.11.11 22:02:57 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
    [2014.11.11 22:02:57 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
    [2014.11.11 22:02:56 | 003,241,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
    [2014.11.11 22:02:55 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
    [2014.11.04 08:26:52 | 000,129,752 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
    [2014.11.04 08:26:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    [2014.11.04 08:26:45 | 000,093,400 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
    [2014.11.04 08:26:45 | 000,063,704 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
    [2014.11.04 08:26:45 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
    [2014.11.04 08:26:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
    [2014.11.04 08:26:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
    [2014.11.03 23:45:19 | 000,000,000 | ---D | C] -- C:\ProgramData\e25f457c-9287-4f2d-b5a8-8cd714c55009
    [2014.11.03 20:14:14 | 000,000,000 | ---D | C] -- C:\Users\Juha\Documents\My CamStudio Videos
    [2014.11.03 20:14:11 | 000,000,000 | ---D | C] -- C:\Users\Juha\Documents\My CamStudio Temp Files
    ========== Files - Modified Within 30 Days ==========
    [2014.11.25 21:15:24 | 001,366,708 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
    [2014.11.25 21:15:24 | 000,657,908 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
    [2014.11.25 21:15:24 | 000,485,214 | ---- | M] () -- C:\Windows\SysNative\perfh00B.dat
    [2014.11.25 21:15:24 | 000,123,876 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
    [2014.11.25 21:15:24 | 000,103,402 | ---- | M] () -- C:\Windows\SysNative\perfc00B.dat
    [2014.11.25 21:09:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2014.11.25 21:09:27 | 1895,469,055 | -HS- | M] () -- C:\hiberfil.sys
    [2014.11.25 21:09:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
    [2014.11.25 19:35:25 | 000,029,120 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2014.11.25 19:35:25 | 000,029,120 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2014.11.12 14:09:03 | 000,701,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
    [2014.11.12 14:09:03 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    [2014.11.12 09:29:28 | 000,307,760 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
    [2014.11.06 06:03:50 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
    [2014.11.06 05:47:03 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
    [2014.11.06 05:46:12 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
    [2014.11.06 05:46:12 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
    [2014.11.06 05:44:28 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
    [2014.11.06 05:35:59 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
    [2014.11.06 05:31:48 | 000,633,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
    [2014.11.06 05:30:22 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
    [2014.11.06 05:30:08 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
    [2014.11.06 05:29:18 | 000,814,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
    [2014.11.06 05:23:57 | 006,040,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
    [2014.11.06 05:20:18 | 000,968,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
    [2014.11.06 05:16:23 | 000,490,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
    [2014.11.06 05:13:36 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
    [2014.11.06 05:12:44 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
    [2014.11.06 05:10:58 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
    [2014.11.06 05:07:29 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
    [2014.11.06 05:03:56 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
    [2014.11.06 05:02:05 | 000,199,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
    [2014.11.06 05:00:56 | 000,478,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
    [2014.11.06 05:00:51 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
    [2014.11.06 04:59:36 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
    [2014.11.06 04:58:38 | 000,620,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
    [2014.11.06 04:57:38 | 000,316,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
    [2014.11.06 04:42:36 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
    [2014.11.06 04:41:26 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
    [2014.11.06 04:41:26 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
    [2014.11.06 04:39:39 | 001,359,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
    [2014.11.06 04:38:25 | 002,124,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
    [2014.11.06 04:37:58 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
    [2014.11.06 04:36:47 | 000,076,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
    [2014.11.06 04:21:25 | 002,051,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
    [2014.11.06 04:20:37 | 001,155,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
    [2014.11.06 03:53:19 | 000,799,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
    [2014.11.06 03:47:17 | 000,708,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
    [2014.11.05 19:56:54 | 000,304,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
    [2014.11.05 19:56:36 | 000,228,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
    [2014.11.05 19:52:22 | 000,424,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
    [2014.11.04 08:38:01 | 000,129,752 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
    [2014.11.03 20:15:02 | 000,004,535 | ---- | M] () -- C:\Users\Juha\AppData\Roaming\CamStudio.cfg
    [2014.11.03 20:15:02 | 000,000,408 | ---- | M] () -- C:\Users\Juha\AppData\Roaming\CamShapes.ini
    [2014.11.03 20:15:02 | 000,000,408 | ---- | M] () -- C:\Users\Juha\AppData\Roaming\CamLayout.ini
    [2014.11.03 20:15:02 | 000,000,046 | ---- | M] () -- C:\Users\Juha\AppData\Roaming\Camdata.ini
    [2014.11.03 20:13:16 | 000,000,096 | ---- | M] () -- C:\Users\Juha\AppData\Roaming\version2.xml
    [2014.10.28 23:15:09 | 000,000,988 | ---- | M] () -- C:\Users\Juha\AppData\Local\recently-used.xbel
    [2014.10.28 23:15:08 | 000,127,046 | ---- | M] () -- C:\Users\Juha\Desktop\cleaning-with-vinegar.jpg
    ========== Files Created - No Company Name ==========
    [2014.11.03 20:15:02 | 000,004,535 | ---- | C] () -- C:\Users\Juha\AppData\Roaming\CamStudio.cfg
    [2014.11.03 20:15:02 | 000,000,408 | ---- | C] () -- C:\Users\Juha\AppData\Roaming\CamShapes.ini
    [2014.11.03 20:15:02 | 000,000,408 | ---- | C] () -- C:\Users\Juha\AppData\Roaming\CamLayout.ini
    [2014.11.03 20:15:02 | 000,000,046 | ---- | C] () -- C:\Users\Juha\AppData\Roaming\Camdata.ini
    [2014.11.03 20:13:16 | 000,000,096 | ---- | C] () -- C:\Users\Juha\AppData\Roaming\version2.xml
    [2014.10.28 23:15:09 | 000,000,988 | ---- | C] () -- C:\Users\Juha\AppData\Local\recently-used.xbel
    [2014.10.28 23:11:12 | 000,127,046 | ---- | C] () -- C:\Users\Juha\Desktop\cleaning-with-vinegar.jpg
    [2014.04.05 13:11:55 | 000,002,892 | ---- | C] () -- C:\Windows\SysWow64\audcon.sys
    [2014.04.05 13:11:39 | 000,000,051 | ---- | C] () -- C:\Windows\SysWow64\SYNSOPOS.exe.cfg
    [2014.04.05 13:11:38 | 000,086,016 | ---- | C] () -- C:\Windows\SysWow64\SYNSOPOS.exe
    [2014.02.25 22:43:32 | 000,003,055 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Windows Media Audio 10 Codec.dat
    [2014.02.25 22:41:55 | 000,013,082 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp DSP Effects.dat
    [2014.02.25 22:41:46 | 000,963,008 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall.exe
    [2014.02.25 22:41:46 | 000,017,950 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Music Converter.dat
    [2014.02.09 16:33:52 | 000,000,027 | ---- | C] () -- C:\Users\Juha\.gtk-bookmarks
    [2014.02.01 15:03:32 | 004,217,312 | ---- | C] () -- C:\Windows\PE_Rom.dll
    [2014.02.01 14:34:00 | 000,000,094 | ---- | C] () -- C:\Windows\scd.ini
    [2014.02.01 14:33:59 | 000,061,620 | ---- | C] () -- C:\Windows\Ascd_log.ini
    [2014.02.01 14:33:59 | 000,000,000 | ---- | C] () -- C:\Windows\Ascd_err.ini
    [2014.02.01 14:11:55 | 019,587,072 | ---- | C] () -- C:\Windows\SysWow64\igdfcl32.dll
    [2014.02.01 14:11:55 | 000,241,152 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
    [2014.02.01 14:11:55 | 000,103,936 | ---- | C] () -- C:\Windows\SysWow64\igdail32.dll
    [2014.02.01 14:06:21 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
    [2014.02.01 14:05:24 | 001,340,220 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
    [2014.02.01 13:57:52 | 000,015,232 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
    [2014.02.01 13:57:34 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
    [2014.02.01 13:57:32 | 000,045,908 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
    [2013.05.11 17:17:52 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
    ========== ZeroAccess Check ==========
    [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
    "" = C:\Windows\SysNative\shell32.dll -- [2014.06.25 04:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment
    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shell32.dll -- [2014.06.25 03:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment
    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free
    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free
    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both
    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

    < End of report >
     
  4. Nanna_86

    Nanna_86 Active member

    Liittynyt:
    03.09.2014
    Viestejä:
    561
    Kiitokset:
    124
    Pisteet:
    53
    Käynnistä uudelleen OTL.exe
    Kopioi ja Liitä alla oleva teksti, " Custom Scans/ Fixes tekstilaatikkoon ".


    Koodi:
    :otl
    
    IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKCU\..\SearchScopes\{71155DD5-D9CE-4A45-B6A8-FCF76DA3ED6B}: "URL" = http://search.us.com/serp?guid={B908CEE0-2FE3-4996-84F9-ACA39DCBEDF0}&k={searchTerms}
    FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2FEBFB6B-B79D-4FB9-9A16-91F88911EC28} - No CLSID value found.
    O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
    O1364bit: - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    
    :commands
    [emptytemp]
    [emptyjava]
    [emptyflash]
    [reboot]
    

    Paina " Run Fix " .
    Ja lähetä tulokset seuraavassa postissasi.
    Jos OTL haluaa käynnistää tietokoneen uudelleen, anna sen tehdä niin.

    Löytyy polusta:
    c:\_OTL\MovedFiles

    ----------------------------------------------------------------------------


    Lataa RogueKiller (64bit) tästä. / (32bit) tästä.
    • Kun lataus on valmis, käynnistä RogueKiller.exe
    • Anna ohjelman tehdä esitarkistus ja paina sitten Accept.
    • Valitse Scan, aloittaaksesi tarkistuksen.
    • Kun tarkistus on valmis, Poista löydetyt haitakkeet Delete - painikkeesta.
    Esitarkastus?
    Esitarkistus aloitetaan heti kun käynnistät roguekiller.exe'n. Se tarkistaa ja pysäyttää mahdolliset haitalliset prosessit, palvelut, ajurit. Se ei tässä vaiheessa vielä poista mitään.

    RogueKiller voi huomauttaa uudemmasta ohjelma versiosta ja pyytämään lataamaan sen.

    Normaali tarkistus ( Scan )
    Tarkistus käynnistyy kun käyttäjä painaa ( " Scan " ) painiketta.
    Se etsii mahdollisia ongelmia ( prosesseista, rekistereistä, käynnistettävistä sovelluksista, selaimista, tiedostoista jne. )



    [​IMG]
     
    Viimeksi muokattu: 25.11.2014
    olenpelle kiitti tästä.
  5. olenpelle

    olenpelle Member

    Liittynyt:
    05.06.2006
    Viestejä:
    31
    Kiitokset:
    0
    Pisteet:
    11
    Moro, sori että kesti! Tein tuon OTL-fixin, tulos alla. Tuo RogueKiller sen sijaan ei toiminut, antamasi linkki ei avautunut joten latasin sen täältä. Olen kolmeen otteeseen yrittänyt avata tuon RogueKillerin ja joka kerta kone on jumittunut (hiiri ei liiku, kone ei reagoi mihinkään), jonka jälkeen olen joutunut buuttaamaan.

    OTL-tulos (toivottavasti se oikea):

    All processes killed
    ========== OTL ==========
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{71155DD5-D9CE-4A45-B6A8-FCF76DA3ED6B}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{71155DD5-D9CE-4A45-B6A8-FCF76DA3ED6B}\ not found.
    64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
    64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
    Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2FEBFB6B-B79D-4FB9-9A16-91F88911EC28} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2FEBFB6B-B79D-4FB9-9A16-91F88911EC28}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
    64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
    ========== COMMANDS ==========
    [EMPTYTEMP]
    User: All Users
    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes
    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    User: Juha
    ->Temp folder emptied: 12275699 bytes
    ->Temporary Internet Files folder emptied: 7493 bytes
    ->Java cache emptied: 318259 bytes
    ->FireFox cache emptied: 369525538 bytes
    ->Flash cache emptied: 5748 bytes
    User: Public
    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32 (64bit) .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 441 bytes
    %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 79384193 bytes
    RecycleBin emptied: 1229601886 bytes
    Total Files Cleaned = 1 613,00 mb
    [EMPTYJAVA]
    User: All Users
    User: Default
    User: Default User
    User: Juha
    ->Java cache emptied: 0 bytes
    User: Public
    Total Java Files Cleaned = 0,00 mb
    [EMPTYFLASH]
    User: All Users
    User: Default
    User: Default User
    User: Juha
    ->Flash cache emptied: 0 bytes
    User: Public
    Total Flash Files Cleaned = 0,00 mb
    OTL by OldTimer - Version 3.2.69.0 log created on 12072014_134524

    Files\Folders moved on Reboot...
    C:\Users\Juha\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
    C:\Users\Juha\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

    PendingFileRenameOperations files...

    Registry entries deleted on Reboot...

    Files\Folders moved on Reboot...
    C:\Users\Juha\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
    C:\Users\Juha\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

    PendingFileRenameOperations files...

    Registry entries deleted on Reboot...

    Files\Folders moved on Reboot...
    C:\Users\Juha\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
    C:\Users\Juha\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

    PendingFileRenameOperations files...

    Registry entries deleted on Reboot...
     
  6. Nanna_86

    Nanna_86 Active member

    Liittynyt:
    03.09.2014
    Viestejä:
    561
    Kiitokset:
    124
    Pisteet:
    53
    Monet virustorjunta ohjelmat luettelevat ohjelman haittaohjelmiin ja estävät käytön.
    Johtuuko ongelma sitten ohjelman nimestä niin en tiedä, mutta kun itse kun koitin käyttää sitä läppärillä , tuli myös vastaan samanlaatuinen ongelma.

    Lataa AdwCleaner tästä.
    • Sulje kaikki avoimet ohjelmat ja Internet-selain tarkistuksen ajaksi.
    • Tuplaklikkaa AdwCleaner.exe auki ja valitse " Scan ".
    • Kun tarkistus on valmis, Valitse " Clean ".
    • Tietokone käynnistyy automaattisesti ohjelman valmistuttua.
    • Käynnistyessään, Saat näkyviin lokitiedoston. Lähetä se seuraavassa viestissäsi.

    [​IMG]
     
    olenpelle kiitti tästä.
  7. olenpelle

    olenpelle Member

    Liittynyt:
    05.06.2006
    Viestejä:
    31
    Kiitokset:
    0
    Pisteet:
    11
    Tattista, tuo toimi! Alla loki:

    # AdwCleaner v4.104 - Report created 07/12/2014 at 16:57:40
    # Updated 05/12/2014 by Xplode
    # Database : 2014-12-01.1 [Local]
    # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Username : Juha - JUHA-PC
    # Running from : A:\Tiedostot\Lataukset\AdwCleaner.exe
    # Option : Clean

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****

    File Deleted : C:\END
    File Deleted : C:\Users\Juha\AppData\Roaming\Mozilla\Firefox\Profiles\ztvsflfp.default\user.js

    ***** [ Scheduled Tasks ] *****


    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
    Key Deleted : HKCU\Software\Conduit
    Key Deleted : HKCU\Software\Optimizer Pro
    Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
    Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
    Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect

    ***** [ Browsers ] *****

    -\\ Internet Explorer v11.0.9600.17420


    -\\ Mozilla Firefox v33.1.1 (x86 fi)


    *************************

    AdwCleaner[R0].txt - [2594 octets] - [07/12/2014 16:56:33]
    AdwCleaner[S0].txt - [2449 octets] - [07/12/2014 16:57:40]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2509 octets] ##########
     

Jaa tämä sivu