1. Tämä sivusto käyttää keksejä (cookie). Jatkamalla sivuston käyttämistä hyväksyt keksien käyttämisen. Lue lisää.

Pienestä se pienen ihmisen ilo on kiinni

Viestiketju Virukset ja haittaohjelmat - HijackThis -logit -osiossa. Ketjun avasi Ferti 19.12.2010.

  1. Ferti

    Ferti Member

    Liittynyt:
    24.06.2008
    Viestejä:
    64
    Kiitokset:
    0
    Pisteet:
    16
    Asensin koneelle advanced system care ja siinä samalla tuli kylkiäisinä Yahoosta kaikki mahdollinen. Sain nyt suurinpiirtein poistettua kaikki muut PAITSI yahoon hakukonetta.
    Nyt kun kirjoittaa firefoxin osoite palkkiin vaikka telkku niin ennen se meni oikeille sivuille, mutta nyt se menee jonnekkin yahoon hakusivuille. Luiskelin jonkinverran nettiä ja aikamonella on sama ongelma, mutta ratkaisua en löytänyt.

    Ehkä tästä olisi apua?

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 20:45:42, on 19.12.2010
    Platform: Windows 7 (WinNT 6.00.3504)
    MSIE: Internet Explorer v8.00 (8.00.7600.16700)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
    C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe
    C:\Program Files\Norman\Npm\Bin\Zlh.exe
    C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
    C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
    C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
    C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
    C:\windows\SysWOW64\RunDll32.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
    D:\Ohjelmat\Steam\steam.exe
    C:\Program Files\Norman\Nvc\Bin\cclaw.exe
    C:\Program Files (x86)\IObit\IObit SmartDefrag\IObit SmartDefrag.exe
    C:\windows\SysWOW64\NOTEPAD.EXE
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    D:\Ohjelmat\Hjt.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: Windows Live ID -kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
    O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
    O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
    O4 - HKLM\..\Run: [UpdatePDRShortCut] "C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "Software\CyberLink\PowerDirector\7.0"
    O4 - HKLM\..\Run: [RemoteControl8] "C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe"
    O4 - HKLM\..\Run: [PDVD8LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe"
    O4 - HKLM\..\Run: [UpdatePPShortCut] "C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerProducer" UpdateWithCreateOnce "Software\CyberLink\PowerProducer\5.0"
    O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
    O4 - HKLM\..\Run: [APLangApp] "C:\Program Files (x86)\AnyPC Client\APLangApp.exe"
    O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
    O4 - HKLM\..\Run: [Norman ZANDA] "C:\Program Files\Norman\Npm\Bin\ZLH.EXE" /LOAD /SPLASH
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Paikallinen palvelu')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Paikallinen palvelu')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Verkkopalvelu')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Verkkopalvelu')
    O4 - Global Startup: Bluetooth.lnk = ?
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
    O8 - Extra context menu item: Lähetä kuva &Bluetooth-laitteeseen... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O8 - Extra context menu item: Lähetä sivu &Bluetooth-laitteeseen... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
    O8 - Extra context menu item: V&ie Microsoft Exceliin - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: Lähetä Bluetooth-laitteeseen - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: Lähetä &Bluetooth-laitteeseen... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.1.71.0.cab
    O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
    O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
    O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (file missing)
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
    O23 - Service: SAMSUNG AllShare Service (AllShare) - Unknown owner - D:\Ohjelmat\Samsung\PC share manager\WiselinkPro.exe
    O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
    O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: Dragon Age: Origins - Content Updater (DAUpdaterSvc) - BioWare - D:\Pelit\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
    O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\windows\ehome\ehRecvr.exe
    O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\windows\ehome\ehsched.exe
    O23 - Service: Norman eLogger Service (eLoggerSvc6) - Norman ASA - C:\Program Files\Norman\Npm\Bin\elogsvc.exe
    O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
    O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
    O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\windows\system32\msiexec.exe
    O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: Norman Network Filtering service (NNFSVC) - Norman ASA - C:\Program Files\Norman\Ngs\Bin\Nnf.exe
    O23 - Service: Norman NJeeves - Unknown owner - C:\Program Files\Norman\Npm\Bin\Njeeves.exe
    O23 - Service: Norman ZANDA - Norman ASA - C:\Program Files\Norman\Npm\Bin\Zanda.exe
    O23 - Service: Norman Scanner Engine Service (nsesvc) - Norman ASA - C:\Program Files\Norman\Nse\Bin\NSESVC.EXE
    O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Program Files\Norman\Nvc\Bin\nvcoas.exe
    O23 - Service: Norman Resource Provider (NVOY) - Norman ASA - C:\Program Files\Norman\npm\bin\nvoy.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\windows\SysWow64\perfhost.exe
    O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe
    O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: Rezip - Unknown owner - C:\windows\SysWOW64\Rezip.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
    O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
    O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: Norman Scheduler Service (Scheduler) - Norman ASA - C:\Program Files\Norman\Npm\Bin\scheduler.exe
    O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\windows\servicing\TrustedInstaller.exe
    O23 - Service: TurboBoost - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\windows\system32\SearchIndexer.exe
    O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\windows\system32\svchost.exe

    --
    End of file - 24978 bytes
     
  2.  
  3. kalminen

    kalminen Regular member

    Liittynyt:
    04.05.2007
    Viestejä:
    3,915
    Kiitokset:
    0
    Pisteet:
    46
    .
    Firefox-selaimen mahdollisia vapaamatkustajia voi etsiskellä
    kirjoittamalla selaimen osoiteriville about:plugins ja tarkistelemalla
    esiin tulevien ohjelmien nimiä. Onko kaikki sinun tarkkoittamia ???
    Onko Yahoota ja mikä sen *.dll nimi on.

    FF:n työkalut välilehti => Lisäosat siellä
    Laajennukset ja Liitännäiset poistele kaikkia turhia.

    Selaimen sivun oikeassa ylä osassa on oletushakukone.
    mikä sinne on asetettu ???

    ---------------------------------------------------------------------------

    Lataa SystemLook by. jpshortstuff TÄÄLTÄ. ja tallenna se työpöydälle.

    Tupla-klikkaa SystemLook.exe ajaaksesi sen.

    Kopioi(CTRL+C) alla olevasta laatikosta kaikki teksti, tekstialueeseen.

    Koodi:
    :dir
    C:\WINDOWS\system32\drivers\etc /s
    C:\Program Files\Mozilla Firefox\plugins /s
    :reg
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults
    
    Klikkaa nappulaa Look aloittaaksesi skannauksen.

    Kun skannaus on valmis avautuu muistio joka sisältää lokitiedot
    Klikkaa lokia hiiren oikealla painikkeella ja valitse "Valitse kaikki"
    Kopio ja liitä se seuraavaan viestiisi.
    (Loki löytyy myös työpöydältäsi nimellä SystemLook.txt)

    *******************************************************************

    Lähetä tiedot ja
    SystemLook.txt
     
  4. Ferti

    Ferti Member

    Liittynyt:
    24.06.2008
    Viestejä:
    64
    Kiitokset:
    0
    Pisteet:
    16
    SystemLook 04.09.10 by jpshortstuff
    Log created at 22:23 on 19/12/2010 by Janne
    Administrator - Elevation successful
    WARNING: SystemLook running under WOW64. Use SystemLook_x64 for accurate results.

    ========== dir ==========

    C:\WINDOWS\system32\drivers\etc - Parameters: "/s"

    ---Files---
    hosts --a---- 824 bytes [02:34 14/07/2009] [21:00 10/06/2009]
    lmhosts.sam --a---- 3683 bytes [02:35 14/07/2009] [21:00 10/06/2009]
    networks --a---- 407 bytes [02:34 14/07/2009] [21:00 10/06/2009]
    protocol --a---- 1358 bytes [02:34 14/07/2009] [21:00 10/06/2009]
    services --a---- 17463 bytes [02:34 14/07/2009] [21:00 10/06/2009]

    No folders found.

    C:\Program Files\Mozilla Firefox\plugins - Unable to find folder.

    ========== reg ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults]
    "file"= 0x0000000003 (3)
    "ftp"= 0x0000000003 (3)
    "http"= 0x0000000003 (3)
    "https"= 0x0000000003 (3)
    "@ivt"= 0x0000000001 (1)
    "shell"= 0x0000000000 (0)
    "ldap"= 0x0000000004 (4)
    "news"= 0x0000000004 (4)
    "snews"= 0x0000000004 (4)
    "nntp"= 0x0000000004 (4)
    "oecmd"= 0x0000000004 (4)


    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults]
    @=""
    "http"= 0x0000000003 (3)
    "https"= 0x0000000003 (3)
    "ftp"= 0x0000000003 (3)
    "file"= 0x0000000003 (3)
    "@ivt"= 0x0000000001 (1)
    "shell"= 0x0000000000 (0)


    -= EOF =-


    Kyllä kaikki ohjelmat oli tai no ei ainakaan viitannut yahoohon mitenkään.

    Oikeassa yläkulmassa oli google, mutta sieltä löyty myös toi kiusankappale. Poistin sen jo aikaisemmin sieltä toivottavasti kokonaan.
     
    Viimeksi muokattu: 19.12.2010
  5. Ferti

    Ferti Member

    Liittynyt:
    24.06.2008
    Viestejä:
    64
    Kiitokset:
    0
    Pisteet:
    16
    Kokeilin etsiä regeditistä yahoo nimelle olevia niin löyty vaatimattomasti 137kpl osumia.
    Mitähän niistä vois poistella, kun en ainakaan suoralta kädeltä uskalla poistaa kaikkia missä vähänkin viitataan yahoohon.
     
  6. kalminen

    kalminen Regular member

    Liittynyt:
    04.05.2007
    Viestejä:
    3,915
    Kiitokset:
    0
    Pisteet:
    46
    .
    Rekisteriin ei kannata mennä !!!
    (ainakaan vielä)
    -------------------------------------------

    * Lataa HOSTS: Täältä Työpöydällesi.
    * Vanha HOSTS tiedosto poistetaan. Käynnistä kone vikasietotilaan => OHJE
    Tämä C:\WINDOWS\system32\drivers\etc\HOSTS tiedosto pois
    * Pura: hosts.zip C:\WINDOWS\system32\drivers\etc kansioon.
    * Käynnistä koneesi normaalitilaan.


    Lopuksi Voit varmistaa, että siellä on HOSTS niminen tiedosto ilman tiedostopäätettä. Koko n.700 kt.
    Suoja activoituu seuraavan käynnistyksen yhteydessä.(ei kuormita muistia)

    Houstiin päivitykset: Täältä
    Mitä HOSTS tekee: Opas Täällä

    -----------------------------------------------------

    Mozillan pluginille olin laittanut väärän kansion.

    Aja system look =>
    Koodi:
    :dir
    C:\WINDOWS\system32\drivers\etc /s
    C:\Program Files (x86)\Mozilla Firefox\plugins /s
    
    -----------------------------------------------------------------

    Lataa työpöydälle => TÄMÄ
    * Sulje kaikki päälläolevat ikkunat ja sovellukset.
    * Tuplaklikkaa OTL.exeä käynnistääksesi OTListIt:n.
    * Valitse Scan All Users (laita siihen ruxi).
    * Klikkaa Run Scan nappulaa.
    * Kun tarkistus on valmis, OTListIt luo kaksi tekstitiedostoa työpöydälle, tai alapalkkiin OTListIt.Txt ja Extras.txt

    * Kopioi ja lähetä tiedostojen sisältö tänne. + SystemLook.txt
    :)
     
  7. Ferti

    Ferti Member

    Liittynyt:
    24.06.2008
    Viestejä:
    64
    Kiitokset:
    0
    Pisteet:
    16
    Tässä näitä sitten olisi.

    Look

    SystemLook 04.09.10 by jpshortstuff
    Log created at 18:32 on 21/12/2010 by Janne
    Administrator - Elevation successful
    WARNING: SystemLook running under WOW64. Use SystemLook_x64 for accurate results.

    ========== dir ==========

    C:\WINDOWS\system32\drivers\etc - Parameters: "/s"

    ---Files---
    hosts.zip --a---- 153699 bytes [15:56 21/12/2010] [15:56 21/12/2010]
    License.txt --a---- 794 bytes [15:58 21/12/2010] [02:09 12/01/2010]
    lmhosts.sam --a---- 3683 bytes [15:58 21/12/2010] [21:00 10/06/2009]
    mvps.bat --a---- 1615 bytes [15:58 21/12/2010] [02:07 24/12/2008]
    networks --a---- 407 bytes [15:58 21/12/2010] [21:00 10/06/2009]
    PrivacyPolicy.txt --a---- 1420 bytes [15:58 21/12/2010] [02:08 12/01/2010]
    protocol --a---- 1358 bytes [15:58 21/12/2010] [21:00 10/06/2009]
    readme.txt --a---- 6464 bytes [15:58 21/12/2010] [01:51 12/01/2010]
    services --a---- 17463 bytes [15:58 21/12/2010] [21:00 10/06/2009]

    No folders found.

    C:\Program Files (x86)\Mozilla Firefox\plugins - Parameters: "/s"

    ---Files---
    npnul32.dll --a---- 66520 bytes [14:39 17/09/2010] [18:40 10/12/2010]
    NPOFF12.DLL --a---- 16192 bytes [18:12 26/10/2006] [18:12 26/10/2006]
    npOGAPlugin.dll --a---- 373104 bytes [15:04 03/10/2010] [12:07 03/08/2009]
    nppdf32.dll --a---- 103864 bytes [09:37 06/11/2010] [09:37 06/11/2010]
    npwachk.dll --a---- 12800 bytes [16:33 12/07/2010] [16:33 12/07/2010]

    No folders found.

    -= EOF =-


    OTL logfile created on: 12/20/2010 10:08:47 PM - Run 1
    OTL by OldTimer - Version 3.2.17.4 Folder = C:\Users\Janne\Desktop
    64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.7600.16385)
    Locale: 00000409 | Country: Suomi | Language: FIN | Date Format: d.M.yyyy

    4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 65.00% Memory free
    8.00 Gb Paging File | 6.00 Gb Available in Paging File | 81.00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 104.59 Gb Total Space | 69.88 Gb Free Space | 66.81% Space Free | Partition Type: NTFS
    Drive D: | 476.48 Gb Total Space | 318.40 Gb Free Space | 66.82% Space Free | Partition Type: NTFS

    Computer Name: JANNE-PC | User Name: Janne | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2010/12/20 21:41:39 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Janne\Desktop\OTL.exe
    PRC - [2010/12/10 20:40:53 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    PRC - [2010/11/22 14:45:30 | 000,308,408 | ---- | M] (Norman ASA) -- C:\Program Files\Norman\Npm\Bin\Zanda.exe
    PRC - [2010/11/20 11:53:08 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
    PRC - [2010/11/17 16:28:59 | 000,403,240 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    PRC - [2010/11/17 06:49:04 | 001,242,448 | ---- | M] (Valve Corporation) -- D:\Ohjelmat\Steam\Steam.exe
    PRC - [2010/11/11 13:43:28 | 000,075,104 | ---- | M] (Norman ASA) -- C:\Program Files\Norman\Npm\Bin\elogsvc.exe
    PRC - [2010/11/10 14:48:32 | 000,223,000 | ---- | M] (Norman ASA) -- C:\Program Files\Norman\Ngs\Bin\nnf.exe
    PRC - [2010/11/08 18:02:27 | 000,111,912 | ---- | M] () -- C:\Program Files\Norman\Npm\Bin\Njeeves.exe
    PRC - [2010/11/08 17:56:34 | 000,198,168 | ---- | M] (Norman ASA) -- C:\Program Files\Norman\Nvc\Bin\Nvcoas.exe
    PRC - [2010/11/08 17:56:34 | 000,100,336 | ---- | M] (Norman ASA) -- C:\Program Files\Norman\Npm\Bin\nvoy.exe
    PRC - [2010/11/08 17:56:34 | 000,074,592 | ---- | M] (Norman ASA) -- C:\Program Files\Norman\Nvc\Bin\CClaw.exe
    PRC - [2010/10/27 14:08:09 | 000,189,824 | ---- | M] (Norman ASA) -- C:\Program Files\Norman\Npm\Bin\Zlh.exe
    PRC - [2010/10/08 21:24:30 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
    PRC - [2010/01/19 04:34:48 | 002,201,192 | ---- | M] (SEC) -- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
    PRC - [2009/12/14 09:17:48 | 000,091,136 | ---- | M] (SAMSUNG Electronics) -- C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
    PRC - [2009/11/04 06:11:48 | 000,835,072 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
    PRC - [2009/10/13 12:03:04 | 000,716,800 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
    PRC - [2009/06/03 13:59:02 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
    PRC - [2009/04/15 16:52:06 | 000,091,432 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe
    PRC - [2009/03/05 11:54:50 | 000,311,296 | ---- | M] () -- C:\Windows\SysWOW64\Rezip.exe
    PRC - [2009/01/23 03:46:14 | 000,203,280 | ---- | M] () -- C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe


    ========== Modules (SafeList) ==========

    MOD - [2010/12/20 21:41:39 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Janne\Desktop\OTL.exe
    MOD - [2010/08/21 07:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
    MOD - [2009/01/23 03:46:18 | 000,013,840 | ---- | M] () -- C:\Program Files (x86)\McAfee\SiteAdvisor\sahook.dll


    ========== Win32 Services (SafeList) ==========

    SRV:64bit: - File not found [Auto | Running] -- C:\windows\SysNative\PnkBstrA.exe -- (PnkBstrA)
    SRV:64bit: - [2010/11/22 14:45:30 | 000,308,408 | ---- | M] (Norman ASA) [Auto | Running] -- C:\Program Files\Norman\Npm\Bin\Zanda.exe -- (Norman ZANDA)
    SRV:64bit: - [2010/11/18 10:39:16 | 000,424,264 | ---- | M] (Norman ASA) [On_Demand | Stopped] -- C:\Program Files\Norman\Nse\Bin\NSESVC.EXE -- (nsesvc)
    SRV:64bit: - [2010/11/11 13:43:28 | 000,075,104 | ---- | M] (Norman ASA) [Auto | Running] -- C:\Program Files\Norman\Npm\Bin\elogsvc.exe -- (eLoggerSvc6)
    SRV:64bit: - [2010/11/10 14:48:32 | 000,223,000 | ---- | M] (Norman ASA) [Auto | Running] -- C:\Program Files\Norman\Ngs\Bin\Nnf.exe -- (NNFSVC)
    SRV:64bit: - [2010/11/08 18:26:16 | 000,148,240 | ---- | M] (Norman ASA) [On_Demand | Running] -- C:\Program Files\Norman\Npm\Bin\scheduler.exe -- (Scheduler)
    SRV:64bit: - [2010/11/08 18:02:27 | 000,111,912 | ---- | M] () [On_Demand | Running] -- C:\Program Files\Norman\Npm\Bin\Njeeves.exe -- (Norman NJeeves)
    SRV:64bit: - [2010/11/08 17:56:34 | 000,198,168 | ---- | M] (Norman ASA) [On_Demand | Running] -- C:\Program Files\Norman\Nvc\Bin\nvcoas.exe -- (nvcoas)
    SRV:64bit: - [2010/11/08 17:56:34 | 000,100,336 | ---- | M] (Norman ASA) [Auto | Running] -- C:\Program Files\Norman\npm\bin\nvoy.exe -- (NVOY)
    SRV:64bit: - [2010/10/08 21:24:28 | 000,953,632 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
    SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
    SRV:64bit: - [2009/09/29 16:25:48 | 000,126,392 | ---- | M] (Intel(R) Corporation) [On_Demand | Running] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
    SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
    SRV - [2010/11/20 11:53:08 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
    SRV - [2010/11/17 16:28:59 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
    SRV - [2010/07/16 17:23:30 | 006,638,080 | ---- | M] () [On_Demand | Stopped] -- D:\Ohjelmat\Samsung\PC share manager\WiselinkPro.exe -- (AllShare)
    SRV - [2009/12/15 22:07:16 | 000,025,832 | ---- | M] (BioWare) [Auto | Running] -- D:\Pelit\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc)
    SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
    SRV - [2009/03/05 11:54:50 | 000,311,296 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\Rezip.exe -- (Rezip)
    SRV - [2009/01/23 03:46:14 | 000,203,280 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)


    ========== Driver Services (SafeList) ==========

    DRV:64bit: - [2010/11/17 16:42:46 | 000,348,712 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (BTWAMPFL)
    DRV:64bit: - [2010/11/17 16:42:46 | 000,138,280 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
    DRV:64bit: - [2010/11/17 16:42:46 | 000,106,536 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
    DRV:64bit: - [2010/11/17 16:42:46 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
    DRV:64bit: - [2010/11/17 16:42:46 | 000,021,416 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
    DRV:64bit: - [2010/11/11 14:01:49 | 000,028,560 | ---- | M] (Norman ASA) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvcv64mf.sys -- (NvcMFlt)
    DRV:64bit: - [2010/11/10 15:48:22 | 000,039,360 | ---- | M] (Norman ASA) [Kernel | Auto | Running] -- C:\Program Files\Norman\Ngs\Bin\nregsec64.sys -- (nregsec)
    DRV:64bit: - [2010/09/23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
    DRV:64bit: - [2010/09/18 15:50:42 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
    DRV:64bit: - [2010/09/07 22:08:55 | 000,155,752 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
    DRV:64bit: - [2010/02/26 20:32:58 | 000,316,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
    DRV:64bit: - [2010/02/11 01:02:00 | 000,158,720 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
    DRV:64bit: - [2010/01/04 15:44:49 | 000,022,368 | ---- | M] (Norman ASA) [Kernel | System | Running] -- c:\Program Files\Norman\Ngs\Bin\ngs64.sys -- (NGS)
    DRV:64bit: - [2009/12/30 11:21:24 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)
    DRV:64bit: - [2009/12/14 22:46:56 | 001,573,888 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
    DRV:64bit: - [2009/11/20 08:09:48 | 000,537,112 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
    DRV:64bit: - [2009/09/29 16:25:50 | 000,012,728 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
    DRV:64bit: - [2009/09/28 11:22:00 | 000,395,264 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
    DRV:64bit: - [2009/07/14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
    DRV:64bit: - [2009/07/14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
    DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
    DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
    DRV:64bit: - [2009/07/14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
    DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
    DRV:64bit: - [2009/07/01 22:46:58 | 000,052,264 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt)
    DRV:64bit: - [2009/06/10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
    DRV:64bit: - [2009/06/10 22:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
    DRV:64bit: - [2009/06/10 22:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
    DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
    DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
    DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
    DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
    DRV:64bit: - [2009/05/28 08:38:04 | 000,013,824 | ---- | M] (SAMSUNG ELECTRONICS) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SABI.sys -- (SABI)
    DRV - [2010/06/25 16:48:14 | 000,015,144 | ---- | M] (Windows (R) 2003 DDK 3790 provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\rtport.sys -- (rtport)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm


    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



    IE - HKU\S-1-5-21-2933140333-1029565451-4078333767-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
    IE - HKU\S-1-5-21-2933140333-1029565451-4078333767-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
    IE - HKU\S-1-5-21-2933140333-1029565451-4078333767-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    ========== FireFox ==========

    FF - prefs.js..browser.search.defaultenginename: "Yahoo"
    FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=382950"
    FF - prefs.js..browser.startup.homepage: "http://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn"
    FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
    FF - prefs.js..keyword.URL: "http://fi.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=382950&p="
    FF - prefs.js..network.proxy.type: 0

    FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files (x86)\McAfee\SiteAdvisor [2010/12/19 20:26:07 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/12/10 20:40:54 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/12/10 20:40:54 | 000,000,000 | ---D | M]

    [2010/09/17 17:01:15 | 000,000,000 | ---D | M] -- C:\Users\Janne\AppData\Roaming\mozilla\Extensions
    [2010/12/20 16:10:02 | 000,000,000 | ---D | M] -- C:\Users\Janne\AppData\Roaming\mozilla\Firefox\Profiles\bazgz3vn.default\extensions
    [2010/09/17 18:21:13 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Janne\AppData\Roaming\mozilla\Firefox\Profiles\bazgz3vn.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
    [2010/12/19 19:44:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
    [2009/08/03 14:07:42 | 000,373,104 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npOGAPlugin.dll
    [2010/07/12 18:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
    [2010/10/27 07:48:46 | 000,002,062 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\bookplus-fi.xml
    [2010/10/27 07:48:46 | 000,001,069 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\creativecommons-fi.xml
    [2010/10/27 07:48:46 | 000,002,677 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\huuto-fi.xml
    [2010/10/27 07:48:46 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-fi.xml
    [2010/10/27 07:48:46 | 000,001,100 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-fi.xml

    O1 HOSTS File: ([2010/12/04 03:36:48 | 000,625,169 | ---- | M]) - C:\Windows\SysNative\drivers\etc\HOSTS
    O1 - Hosts: 127.0.0.1 localhost
    O1 - Hosts: 127.0.0.1 fr.a2dfp.net
    O1 - Hosts: 127.0.0.1 m.fr.a2dfp.net
    O1 - Hosts: 127.0.0.1 ad.a8.net
    O1 - Hosts: 127.0.0.1 asy.a8ww.net
    O1 - Hosts: 127.0.0.1 abcstats.com
    O1 - Hosts: 127.0.0.1 a.abv.bg
    O1 - Hosts: 127.0.0.1 adserver.abv.bg
    O1 - Hosts: 127.0.0.1 adv.abv.bg
    O1 - Hosts: 127.0.0.1 bimg.abv.bg
    O1 - Hosts: 127.0.0.1 ca.abv.bg
    O1 - Hosts: 127.0.0.1 www2.a-counter.kiev.ua
    O1 - Hosts: 127.0.0.1 track.acclaimnetwork.com
    O1 - Hosts: 127.0.0.1 accuserveadsystem.com
    O1 - Hosts: 127.0.0.1 www.accuserveadsystem.com
    O1 - Hosts: 127.0.0.1 achmedia.com
    O1 - Hosts: 127.0.0.1 aconti.net
    O1 - Hosts: 127.0.0.1 secure.aconti.net
    O1 - Hosts: 127.0.0.1 www.aconti.net #[Dialer.Aconti]
    O1 - Hosts: 127.0.0.1 ads.active.com
    O1 - Hosts: 127.0.0.1 am1.activemeter.com
    O1 - Hosts: 127.0.0.1 www.activemeter.com #[Tracking.Cookie]
    O1 - Hosts: 127.0.0.1 ads.activepower.net
    O1 - Hosts: 127.0.0.1 stat.active24stats.nl #[Tracking.Cookie]
    O1 - Hosts: 127.0.0.1 ad2games.com
    O1 - Hosts: 16507 more lines...
    O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll ()
    O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll ()
    O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
    O4 - HKLM..\Run: [APLangApp] C:\Program Files (x86)\AnyPC Client\APLangApp.exe (DoctorSoft)
    O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
    O4 - HKLM..\Run: [Norman ZANDA] C:\Program Files\Norman\Npm\Bin\ZLH.EXE (Norman ASA)
    O4 - HKLM..\Run: [PDVD8LanguageShortcut] C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe (CyberLink Corp.)
    O4 - HKLM..\Run: [RemoteControl8] C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe (CyberLink Corp.)
    O4 - HKLM..\Run: [UCam_Menu] C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
    O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
    O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
    O4 - HKLM..\Run: [UpdatePDRShortCut] C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
    O4 - HKLM..\Run: [UpdatePPShortCut] C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
    O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
    O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-21-2933140333-1029565451-4078333767-1001..\Run: [DAEMON Tools Lite] D:\Ohjelmat\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
    O4 - HKU\S-1-5-21-2933140333-1029565451-4078333767-1001..\Run: [OfficeSyncProcess] C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE File not found
    O4 - HKU\S-1-5-21-2933140333-1029565451-4078333767-1001..\Run: [Steam] d:\ohjelmat\steam\steam.exe (Valve Corporation)
    O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\windows\SysWow64\mctadmin.exe File not found
    O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\windows\SysWow64\mctadmin.exe File not found
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O8:64bit: - Extra context menu item: Lähetä kuva &Bluetooth-laitteeseen... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
    O8:64bit: - Extra context menu item: Lähetä sivu &Bluetooth-laitteeseen... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
    O8 - Extra context menu item: Lähetä kuva &Bluetooth-laitteeseen... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
    O8 - Extra context menu item: Lähetä sivu &Bluetooth-laitteeseen... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
    O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
    O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
    O9 - Extra Button: Lähetä Bluetooth-laitteeseen - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
    O9 - Extra 'Tools' menuitem : Lähetä &Bluetooth-laitteeseen... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
    O13 - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/C/B/F/CBF23A2C-3E55-4664-BC5C-762780D79BA0/OGAControl.cab (Office Genuine Advantage Validation Tool)
    O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.1.71.0.cab (SysInfo Class)
    O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)
    O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx (WRC Class)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 193.229.0.40 193.229.0.42
    O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
    O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
    O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
    O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
    O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
    O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll ()
    O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
    O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
    O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll File not found
    O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
    O32 - HKLM CDRom: AutoRun - 1
    O33 - MountPoints2\{1ca656fb-c32d-11df-b7f7-b482fe668f92}\Shell - "" = AutoRun
    O33 - MountPoints2\{1ca656fb-c32d-11df-b7f7-b482fe668f92}\Shell\AutoRun\command - "" = F:\AUTORUN.EXE -- File not found
    O33 - MountPoints2\{2db6d40d-cfb9-11df-9e5f-b482fe668f92}\Shell - "" = AutoRun
    O33 - MountPoints2\{2db6d40d-cfb9-11df-9e5f-b482fe668f92}\Shell\AutoRun\command - "" = G:\SETUP.EXE -- File not found
    O33 - MountPoints2\{2db6d40d-cfb9-11df-9e5f-b482fe668f92}\Shell\configure\command - "" = G:\SETUP.EXE -- File not found
    O33 - MountPoints2\{2db6d40d-cfb9-11df-9e5f-b482fe668f92}\Shell\install\command - "" = G:\SETUP.EXE -- File not found
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    ========== Files/Folders - Created Within 30 Days ==========

    [2010/12/20 21:41:34 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Janne\Desktop\OTL.exe
    [2010/12/19 19:49:57 | 000,000,000 | ---D | C] -- C:\Users\Janne\Desktop\Ohj
    [2010/12/19 19:25:00 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
    [2010/12/19 19:25:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit
    [2010/12/19 19:23:36 | 000,000,000 | ---D | C] -- C:\Users\Janne\AppData\Roaming\IObit
    [2010/12/15 16:08:49 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysNative\atmfd.dll
    [2010/12/15 16:08:49 | 000,294,400 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\atmfd.dll
    [2010/12/15 16:08:49 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\windows\SysNative\atmlib.dll
    [2010/12/15 16:08:49 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\windows\SysWow64\atmlib.dll
    [2010/12/15 16:08:48 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskschd.dll
    [2010/12/15 16:08:48 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmicmiplugin.dll
    [2010/12/15 16:08:48 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\taskschd.dll
    [2010/12/15 16:08:48 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskcomp.dll
    [2010/12/15 16:08:48 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskeng.exe
    [2010/12/15 16:08:48 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\taskcomp.dll
    [2010/12/15 16:08:48 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\schtasks.exe
    [2010/12/15 16:08:48 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\schtasks.exe
    [2010/12/15 16:08:45 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\webio.dll
    [2010/12/15 16:08:45 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\webio.dll
    [2010/12/15 16:08:41 | 000,112,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\consent.exe
    [2010/12/15 16:08:28 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
    [2010/12/15 16:08:27 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msfeeds.dll
    [2010/12/15 16:08:27 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iepeers.dll
    [2010/12/15 16:08:27 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
    [2010/12/15 16:08:27 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iepeers.dll
    [2010/12/15 16:08:27 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
    [2010/12/15 16:08:27 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
    [2010/12/15 16:08:27 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
    [2010/12/15 16:08:26 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\html.iec
    [2010/12/15 16:08:26 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\html.iec
    [2010/12/15 16:08:26 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\licmgr10.dll
    [2010/12/15 16:08:26 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\licmgr10.dll
    [2010/12/15 16:08:26 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msfeedssync.exe
    [2010/12/15 16:08:26 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeedssync.exe
    [2010/12/11 23:33:45 | 000,000,000 | ---D | C] -- C:\Users\Janne\Desktop\Pelit
    [2010/12/08 21:27:43 | 000,000,000 | ---D | C] -- C:\Users\Janne\AppData\Roaming\CyberLink
    [2010/12/07 16:12:20 | 000,378,000 | ---- | C] (Norman ASA) -- C:\windows\SysNative\drivers\tdi_nf.sys
    [2010/12/07 16:12:20 | 000,068,176 | ---- | C] (Norman ASA) -- C:\windows\SysNative\drivers\ale_nf64.sys
    [2010/12/07 16:12:20 | 000,061,472 | ---- | C] (Norman ASA) -- C:\windows\SysNative\drivers\ale_nf.sys
    [2010/12/07 16:12:19 | 000,028,560 | ---- | C] (Norman ASA) -- C:\windows\SysNative\drivers\nvcv64mf.sys
    [2010/12/02 21:40:48 | 000,000,000 | ---D | C] -- C:\Users\Janne\Documents\Criterion Games
    [2010/12/02 21:40:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
    [2010/12/02 21:40:46 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Core
    [2010/12/02 21:26:53 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAudio2_6.dll
    [2010/12/02 21:26:53 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAudio2_6.dll
    [2010/12/02 21:26:53 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine3_6.dll
    [2010/12/02 21:26:53 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine3_6.dll
    [2010/12/02 21:26:53 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAPOFX1_4.dll
    [2010/12/02 21:26:53 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAPOFX1_4.dll
    [2010/12/02 21:26:53 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\X3DAudio1_7.dll
    [2010/12/02 21:26:53 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\X3DAudio1_7.dll
    [2010/12/02 21:26:52 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAudio2_5.dll
    [2010/12/02 21:26:52 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine3_5.dll
    [2010/12/02 21:26:52 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine3_5.dll
    [2010/12/02 21:26:51 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_42.dll
    [2010/12/02 21:26:51 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_42.dll
    [2010/12/02 21:26:49 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dcsx_42.dll
    [2010/12/02 21:26:49 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dcsx_42.dll
    [2010/12/02 21:26:48 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx11_42.dll
    [2010/12/02 21:26:48 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx11_42.dll
    [2010/12/02 21:26:47 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DX9_42.dll
    [2010/12/02 21:26:47 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DX9_42.dll
    [2010/12/02 21:26:45 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_41.dll
    [2010/12/02 21:26:45 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_41.dll
    [2010/12/02 21:26:45 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_41.dll
    [2010/12/02 21:26:45 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_41.dll
    [2010/12/02 21:26:42 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DX9_41.dll
    [2010/12/02 21:26:42 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DX9_41.dll
    [2010/12/02 21:26:42 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAudio2_4.dll
    [2010/12/02 21:26:42 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAudio2_4.dll
    [2010/12/02 21:26:42 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAPOFX1_3.dll
    [2010/12/02 21:26:41 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine3_4.dll
    [2010/12/02 21:26:41 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine3_4.dll
    [2010/12/02 21:26:41 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\X3DAudio1_6.dll
    [2010/12/02 21:26:41 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\X3DAudio1_6.dll
    [2010/12/02 21:26:39 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_40.dll
    [2010/12/02 21:26:39 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_40.dll
    [2010/12/02 21:26:39 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_40.dll
    [2010/12/02 21:26:39 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_40.dll
    [2010/12/02 21:26:38 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DX9_40.dll
    [2010/12/02 21:26:38 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DX9_40.dll
    [2010/12/02 21:26:37 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAudio2_3.dll
    [2010/12/02 21:26:37 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAudio2_3.dll
    [2010/12/02 21:26:37 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine3_3.dll
    [2010/12/02 21:26:37 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine3_3.dll
    [2010/12/02 21:26:37 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAPOFX1_2.dll
    [2010/12/02 21:26:37 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAPOFX1_2.dll
    [2010/12/02 21:26:36 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAudio2_2.dll
    [2010/12/02 21:26:36 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAudio2_2.dll
    [2010/12/02 21:26:36 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAPOFX1_1.dll
    [2010/12/02 21:26:36 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAPOFX1_1.dll
    [2010/12/02 21:26:36 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\X3DAudio1_5.dll
    [2010/12/02 21:26:36 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\X3DAudio1_5.dll
    [2010/12/02 21:26:35 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine3_2.dll
    [2010/12/02 21:26:35 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine3_2.dll
    [2010/12/02 21:26:34 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_39.dll
    [2010/12/02 21:26:34 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_39.dll
    [2010/12/02 21:26:34 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_39.dll
    [2010/12/02 21:26:34 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_39.dll
    [2010/12/02 21:26:33 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DX9_39.dll
    [2010/12/02 21:26:33 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DX9_39.dll
    [2010/12/02 21:26:32 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAudio2_1.dll
    [2010/12/02 21:26:32 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAudio2_1.dll
    [2010/12/02 21:26:32 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine3_1.dll
    [2010/12/02 21:26:32 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine3_1.dll
    [2010/12/02 21:26:32 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAPOFX1_0.dll
    [2010/12/02 21:26:32 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAPOFX1_0.dll
    [2010/12/02 21:26:32 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\X3DAudio1_4.dll
    [2010/12/02 21:26:32 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\X3DAudio1_4.dll
    [2010/12/02 21:26:30 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_38.dll
    [2010/12/02 21:26:30 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_38.dll
    [2010/12/02 21:26:30 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_38.dll
    [2010/12/02 21:26:30 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_38.dll
    [2010/12/02 21:26:29 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DX9_38.dll
    [2010/12/02 21:26:29 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DX9_38.dll
    [2010/12/02 21:26:28 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAudio2_0.dll
    [2010/12/02 21:26:28 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAudio2_0.dll
    [2010/12/02 21:26:28 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine3_0.dll
    [2010/12/02 21:26:28 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine3_0.dll
    [2010/12/02 21:26:28 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\X3DAudio1_3.dll
    [2010/12/02 21:26:28 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\X3DAudio1_3.dll
    [2010/12/02 21:26:27 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_37.dll
    [2010/12/02 21:26:27 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_37.dll
    [2010/12/02 21:26:27 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_37.dll
    [2010/12/02 21:26:27 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_37.dll
    [2010/12/02 21:26:25 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DX9_37.dll
    [2010/12/02 21:26:25 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DX9_37.dll
    [2010/12/02 21:26:24 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_10.dll
    [2010/12/02 21:26:24 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_10.dll
    [2010/12/02 21:26:23 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_36.dll
    [2010/12/02 21:26:23 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_36.dll
    [2010/12/02 21:26:23 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_36.dll
    [2010/12/02 21:26:23 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_36.dll
    [2010/12/02 21:26:22 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_36.dll
    [2010/12/02 21:26:22 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_36.dll
    [2010/12/02 21:26:21 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_9.dll
    [2010/12/02 21:26:21 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_9.dll
    [2010/12/02 21:26:20 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_35.dll
    [2010/12/02 21:26:20 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_35.dll
    [2010/12/02 21:26:20 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_35.dll
    [2010/12/02 21:26:20 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_35.dll
    [2010/12/02 21:26:19 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_35.dll
    [2010/12/02 21:26:19 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_35.dll
    [2010/12/02 21:26:18 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_8.dll
    [2010/12/02 21:26:18 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_8.dll
    [2010/12/02 21:26:18 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\X3DAudio1_2.dll
    [2010/12/02 21:26:18 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\X3DAudio1_2.dll
    [2010/12/02 21:26:17 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_34.dll
    [2010/12/02 21:26:17 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_34.dll
    [2010/12/02 21:26:17 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_34.dll
    [2010/12/02 21:26:17 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_34.dll
    [2010/12/02 21:26:16 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_34.dll
    [2010/12/02 21:26:16 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_34.dll
    [2010/12/02 21:26:16 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xinput1_3.dll
    [2010/12/02 21:26:16 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xinput1_3.dll
    [2010/12/02 21:26:15 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_7.dll
    [2010/12/02 21:26:15 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_7.dll
    [2010/12/02 21:26:14 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_33.dll
    [2010/12/02 21:26:14 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_33.dll
    [2010/12/02 21:26:14 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_33.dll
    [2010/12/02 21:26:14 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_33.dll
    [2010/12/02 21:26:12 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_33.dll
    [2010/12/02 21:26:12 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_33.dll
    [2010/12/02 21:26:11 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_6.dll
    [2010/12/02 21:26:11 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_5.dll
    [2010/12/02 21:26:11 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_6.dll
    [2010/12/02 21:26:11 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_5.dll
    [2010/12/02 21:26:10 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10.dll
    [2010/12/02 21:26:10 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10.dll
    [2010/12/02 21:26:08 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_4.dll
    [2010/12/02 21:26:08 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_4.dll
    [2010/12/02 21:26:08 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\x3daudio1_1.dll
    [2010/12/02 21:26:08 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\x3daudio1_1.dll
    [2010/12/02 21:26:07 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_31.dll
    [2010/12/02 21:26:07 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_31.dll
    [2010/12/02 21:26:06 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_3.dll
    [2010/12/02 21:26:06 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_3.dll
    [2010/12/02 21:26:06 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xinput1_2.dll
    [2010/12/02 21:26:06 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xinput1_2.dll
    [2010/12/02 21:26:05 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_2.dll
    [2010/12/02 21:26:05 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_1.dll
    [2010/12/02 21:26:05 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_2.dll
    [2010/12/02 21:26:05 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_1.dll
    [2010/12/02 21:26:05 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xinput1_1.dll
    [2010/12/02 21:26:05 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xinput1_1.dll
    [2010/12/02 21:25:58 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_30.dll
    [2010/12/02 21:25:58 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_30.dll
    [2010/12/02 21:25:56 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_29.dll
    [2010/12/02 21:25:56 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_29.dll
    [2010/12/02 21:25:56 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_0.dll
    [2010/12/02 21:25:56 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_0.dll
    [2010/12/02 21:25:56 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\x3daudio1_0.dll
    [2010/12/02 21:25:56 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\x3daudio1_0.dll
    [2010/12/02 21:25:55 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_28.dll
    [2010/12/02 21:25:55 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_28.dll
    [2010/12/02 21:25:54 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_27.dll
    [2010/12/02 21:25:54 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_27.dll
    [2010/12/02 21:25:53 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_26.dll
    [2010/12/02 21:25:53 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_26.dll
    [2010/12/02 21:25:52 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_25.dll
    [2010/12/02 21:25:52 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_25.dll
    [2010/12/02 21:25:51 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_24.dll
    [2010/12/02 21:25:51 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_24.dll
    [2010/11/28 15:52:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
    [2010/11/27 20:44:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio
    [2010/11/27 20:44:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
    [2010/11/27 20:43:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
    [2010/11/24 19:39:44 | 000,000,000 | ---D | C] -- C:\Users\Janne\Videot
    [2010/11/24 19:39:05 | 000,000,000 | ---D | C] -- C:\Videot
    [2010/11/22 20:55:07 | 000,048,272 | ---- | C] (Norman ASA) -- C:\windows\SysNative\drivers\nnetsec.sys
    [2010/11/22 20:55:07 | 000,034,192 | ---- | C] (Norman ASA) -- C:\windows\SysNative\drivers\nnetsecl64.sys
    [2010/11/22 20:55:07 | 000,030,584 | ---- | C] (Norman ASA) -- C:\windows\SysNative\drivers\nnetsecl.sys
    [2010/11/22 20:54:40 | 000,000,000 | ---D | C] -- C:\Program Files\Norman
    [2010/11/21 19:15:51 | 000,000,000 | ---D | C] -- C:\Users\Janne\AppData\Local\CrashDumps
    [2010/11/21 14:37:33 | 000,574,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msvcp50.dll
    [2010/11/21 14:36:41 | 000,000,000 | ---D | C] -- C:\ProgramData\fssg
    [2010/11/21 14:30:10 | 000,000,000 | ---D | C] -- C:\ProgramData\f-secure
    [2010/11/21 10:16:42 | 000,000,000 | ---D | C] -- C:\Users\Janne\AppData\Local\Diagnostics
    [2 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2010/12/20 22:08:10 | 000,014,144 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2010/12/20 22:08:10 | 000,014,144 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2010/12/20 22:00:31 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
    [2010/12/20 22:00:24 | 4141,481,984 | -HS- | M] () -- C:\hiberfil.sys
    [2010/12/20 21:41:39 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Janne\Desktop\OTL.exe
    [2010/12/20 21:37:25 | 000,153,699 | ---- | M] () -- C:\Users\Janne\Desktop\hosts.zip
    [2010/12/20 19:48:59 | 000,268,720 | ---- | M] () -- C:\windows\SysWow64\PnkBstrB.xtr
    [2010/12/20 19:48:59 | 000,268,720 | ---- | M] () -- C:\windows\SysWow64\PnkBstrB.exe
    [2010/12/20 19:47:24 | 000,218,496 | ---- | M] () -- C:\windows\SysWow64\PnkBstrB.ex0
    [2010/12/20 06:24:04 | 000,000,408 | ---- | M] () -- C:\windows\tasks\SmartDefrag.job
    [2010/12/19 22:19:25 | 000,075,264 | ---- | M] () -- C:\Users\Janne\Desktop\SystemLook.exe
    [2010/12/19 19:25:02 | 000,001,100 | ---- | M] () -- C:\Users\Janne\Application Data\Microsoft\Internet Explorer\Quick Launch\Game Booster.lnk
    [2010/12/16 06:11:00 | 000,436,264 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
    [2010/12/12 19:42:23 | 000,000,056 | ---- | M] () -- C:\windows\sierra.ini
    [2010/12/08 21:14:04 | 001,221,652 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
    [2010/12/08 21:14:04 | 000,609,806 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
    [2010/12/08 21:14:04 | 000,435,696 | ---- | M] () -- C:\windows\SysNative\perfh00B.dat
    [2010/12/08 21:14:04 | 000,104,782 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
    [2010/12/08 21:14:04 | 000,079,962 | ---- | M] () -- C:\windows\SysNative\perfc00B.dat
    [2010/12/06 22:43:51 | 000,000,657 | ---- | M] () -- C:\Users\Janne\Application Data\Microsoft\Internet Explorer\Quick Launch\BS.Player FREE.lnk
    [2010/12/04 03:36:48 | 000,625,169 | ---- | M] () -- C:\windows\SysNative\drivers\etc\HOSTS
    [2010/12/04 03:36:48 | 000,625,169 | ---- | M] () -- C:\Users\Janne\Desktop\HOSTS
    [2010/11/21 14:39:29 | 000,041,624 | ---- | M] () -- C:\windows\SysWow64\drivers\fsbts.sys
    [2010/11/21 14:37:35 | 001,256,262 | ---- | M] () -- C:\windows\SysWow64\PerfStringBackup.INI
    [2010/11/21 14:36:51 | 000,574,632 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msvcp50.dll
    [2 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2010/12/20 21:57:42 | 000,625,169 | ---- | C] () -- C:\Users\Janne\Desktop\HOSTS
    [2010/12/20 21:57:42 | 000,001,615 | ---- | C] () -- C:\Users\Janne\Desktop\mvps.bat
    [2010/12/20 21:37:24 | 000,153,699 | ---- | C] () -- C:\Users\Janne\Desktop\hosts.zip
    [2010/12/19 22:19:25 | 000,075,264 | ---- | C] () -- C:\Users\Janne\Desktop\SystemLook.exe
    [2010/12/19 19:31:17 | 000,000,408 | ---- | C] () -- C:\windows\tasks\SmartDefrag.job
    [2010/12/19 19:25:02 | 000,001,100 | ---- | C] () -- C:\Users\Janne\Application Data\Microsoft\Internet Explorer\Quick Launch\Game Booster.lnk
    [2010/12/19 13:01:17 | 000,217,088 | ---- | C] () -- C:\windows\SysWow64\libmySQL.dll
    [2010/12/19 13:01:17 | 000,102,400 | ---- | C] () -- C:\windows\SysWow64\TrackerNET.dll
    [2010/12/12 19:42:23 | 000,000,056 | ---- | C] () -- C:\windows\sierra.ini
    [2010/12/07 16:12:19 | 000,222,352 | ---- | C] () -- C:\windows\SysNative\nscrnsav.scr
    [2010/12/06 22:43:51 | 000,000,657 | ---- | C] () -- C:\Users\Janne\Application Data\Microsoft\Internet Explorer\Quick Launch\BS.Player FREE.lnk
    [2010/11/21 14:37:49 | 000,041,624 | ---- | C] () -- C:\windows\SysWow64\drivers\fsbts.sys
    [2010/11/21 14:37:25 | 001,256,262 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
    [2010/09/17 15:35:33 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe
    [2010/04/25 07:55:20 | 000,000,426 | ---- | C] () -- C:\windows\HotFixList.ini
    [2010/04/25 07:34:12 | 000,000,109 | ---- | C] () -- C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
    [2010/04/25 07:33:18 | 000,000,110 | ---- | C] () -- C:\ProgramData\{B7A0CE06-068E-11D6-97FD-0050BACBF861}.log
    [2010/04/25 07:32:18 | 000,000,106 | ---- | C] () -- C:\ProgramData\{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}.log
    [2010/04/25 07:30:11 | 000,000,110 | ---- | C] () -- C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
    [2010/04/25 07:29:04 | 000,000,105 | ---- | C] () -- C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
    [2010/04/25 07:28:35 | 000,000,107 | ---- | C] () -- C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
    [2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\windows\SysWow64\OGACheckControl.DLL
    [2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll
    [2009/07/13 23:03:59 | 000,364,544 | ---- | C] () -- C:\windows\SysWow64\msjetoledb40.dll
    [2006/10/08 18:33:54 | 000,000,000 | ---- | C] () -- C:\windows\R-series.ini

    ========== Alternate Data Streams ==========

    @Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:5C270C64
    @Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:2430E4FC
    @Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:E7BA7168

    < End of report >


    Sekä

    OTL Extras logfile created on: 12/20/2010 10:08:47 PM - Run 1
    OTL by OldTimer - Version 3.2.17.4 Folder = C:\Users\Janne\Desktop
    64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.7600.16385)
    Locale: 00000409 | Country: Suomi | Language: FIN | Date Format: d.M.yyyy

    4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 65.00% Memory free
    8.00 Gb Paging File | 6.00 Gb Available in Paging File | 81.00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 104.59 Gb Total Space | 69.88 Gb Free Space | 66.81% Space Free | Partition Type: NTFS
    Drive D: | 476.48 Gb Total Space | 318.40 Gb Free Space | 66.82% Space Free | Partition Type: NTFS

    Computer Name: JANNE-PC | User Name: Janne | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
    .url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)

    [HKEY_USERS\S-1-5-21-2933140333-1029565451-4078333767-1001\SOFTWARE\Classes\<extension>]
    .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

    ========== Shell Spawning ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %* File not found
    cmdfile [open] -- "%1" %* File not found
    comfile [open] -- "%1" %* File not found
    exefile [open] -- "%1" %* File not found
    helpfile [open] -- Reg Error: Key error.
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %* File not found
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1" File not found
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
    scrfile [open] -- "%1" /S File not found
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    ========== Authorized Applications List ==========


    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{1685AE50-97ED-485B-80F6-145071EE14B0}" = Windows Live Remote Service Resources
    "{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
    "{2C1A6191-9804-4FDC-AB01-6F9183C91A13}" = Windows Live Remote Client Resources
    "{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}" = Intel® Turbo Boost -tekniikan valvontaohjelma
    "{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = WIDCOMM Bluetooth Software
    "{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
    "{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
    "{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 2.4.1
    "{79214B92-A439-4841-B160-0896E977A383}" = Norman Security Suite
    "{856A0713-BB96-4192-B48A-2488A0B871E1}" = Windows Live Family Safety
    "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
    "{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
    "{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
    "{90140000-0015-040B-1000-0000000FF1CE}" = Microsoft Office Access MUI (Finnish) 2010
    "{90140000-0016-040B-1000-0000000FF1CE}" = Microsoft Office Excel MUI (Finnish) 2010
    "{90140000-0017-040B-1000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (Finnish) 2010
    "{90140000-0018-040B-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Finnish) 2010
    "{90140000-0019-040B-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (Finnish) 2010
    "{90140000-001A-040B-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (Finnish) 2010
    "{90140000-001B-040B-1000-0000000FF1CE}" = Microsoft Office Word MUI (Finnish) 2010
    "{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
    "{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
    "{90140000-001F-040B-1000-0000000FF1CE}" = Microsoft Office Proof (Finnish) 2010
    "{90140000-001F-0419-1000-0000000FF1CE}" = Microsoft Office Proof (Russian) 2010
    "{90140000-001F-041D-1000-0000000FF1CE}" = Microsoft Office Proof (Swedish) 2010
    "{90140000-002C-040B-1000-0000000FF1CE}" = Microsoft Office Proofing (Finnish) 2010
    "{90140000-0043-040B-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Finnish) 2010
    "{90140000-0044-040B-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Finnish) 2010
    "{90140000-006E-040B-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Finnish) 2010
    "{90140000-00A1-040B-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (Finnish) 2010
    "{90140000-00BA-040B-1000-0000000FF1CE}" = Microsoft Office Groove MUI (Finnish) 2010
    "{90140000-0100-040B-1000-0000000FF1CE}" = Microsoft Office O MUI (Finnish) 2010
    "{90140000-0101-040B-1000-0000000FF1CE}" = Microsoft Office X MUI (Finnish) 2010
    "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA-ohjauspaneeli 260.89
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiikkaohjain 260.89
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-järjestelmäohjelmisto 9.10.0514
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-ääniohjain 1.1.9.0
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
    "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
    "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
    "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
    "3932CA781A7894D20116FDF60F878301800EA8AB" = Windows Driver Package - Broadcom Bluetooth (09/11/2009 6.2.0.9407)
    "3BA80AB4C7E9F8497C115C844953A3D4BEB84D21" = Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)
    "6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1" = Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405)
    "Office14.OMUI.fi-fi" = Microsoft Office Language Pack 2010 - Finnish/suomi
    "SynTPDeinstKey" = Synaptics Pointing Device Driver
    "WinRAR archiver" = WinRAR-pakkausohjelma

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
    "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
    "{0A353130-D22C-41DD-8C67-1B02A05F2CE0}" = Samsung Support Center
    "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
    "{0C975FCC-A06E-4CB6-8F54-A9B52CF37781}" = Windows Liven sähköposti
    "{0F796312-289C-40CA-856C-9FBCF5E83342}" = REALTEK Wireless LAN Software
    "{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution 4
    "{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager
    "{178EE5F4-0F86-4BF0-A0D1-9790AFF409D1}" = EasyBatteryManager
    "{1A72337E-D126-4BAF-AC89-E6122DB71866}" = Windows Liven valokuvavalikoima
    "{1AFA1FEF-8CF9-4A51-AC46-64FAA7F3D9E2}" = AnyPC Client
    "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
    "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
    "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
    "{2A2E822B-3B0E-46C1-9E3B-ACD7D1E95139}" = SAMSUNG PC Share Manager
    "{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
    "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
    "{34B76DCB-BF7C-440F-B058-C84172C1E338}" = Easy Network Manager
    "{39BDD209-5704-480C-9F4A-B69D0370DDBB}" = Windows Live Messenger
    "{39F95B0B-A0B7-4FA7-BB6C-197DA2546468}" = Windows Live Mesh
    "{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
    "{3B27F4EF-23C4-4D9F-871C-B284E8CDA97A}" = Windows Live Sync
    "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
    "{3EED7541-55F8-4DC6-B9CD-28762D71310E}" = Samsung R-Series
    "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
    "{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
    "{4CF6F287-5121-483C-A5A2-07BDE19D8B4E}" = Windows Live Meshin etäyhteyksien ActiveX-komponentti
    "{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
    "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
    "{6EF2BE2C-3121-48B7-B7A6-C56046B3A588}" = Windows Live Movie Maker
    "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
    "{734104DE-C2BF-412F-BB97-FCCE1EC94229}" = Windows Live Writer Resources
    "{7D9EF8C1-1B76-44AF-A918-86CBA6FD24C8}" = Microsoft Works
    "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110109903}" = Flip Words
    "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110160733}" = Slingo
    "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110245793}" = Insaniquarium Deluxe
    "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110521483}" = Gem Shop
    "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}" = Mahjong Escape Ancient China
    "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago
    "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
    "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
    "{853F8A41-A3C9-43FA-87FA-1AE74FC6F3F7}" = BatteryLifeExtender
    "{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
    "{8909CFA8-97BF-4077-AC0F-6925243FFE08}" = Windows Liven asennustyökalu
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
    "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
    "{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
    "{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
    "{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
    "{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
    "{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
    "{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
    "{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
    "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
    "{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
    "{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
    "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
    "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
    "{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
    "{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
    "{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
    "{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
    "{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
    "{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
    "{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
    "{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{92D50865-FC60-4EA8-BA7A-5581B0D13EFB}" = ChargeableUSB
    "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
    "{9E1BAB75-EB78-440D-94C0-A3857BE2E733}" = System Requirements Lab
    "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
    "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
    "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
    "{AC76BA86-7AD7-1035-7B44-A94000000001}" = Adobe Reader 9.4.1 - Suomi
    "{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Origins
    "{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
    "{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
    "{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide
    "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
    "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
    "{CD7CB1E6-267A-408F-877D-B532AD2C882E}" = Windows Live Photo Common
    "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
    "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
    "{D1434266-0486-4469-B338-A60082CC04E1}" = Atheros Client Installation Program
    "{D1F6FBBB-B204-459A-9BF8-D06FFAB96CCC}_is1" = Game Pack
    "{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}" = Samsung Update Plus
    "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
    "{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver
    "{DA29F644-2420-4448-8128-1331BE588999}" = Windows Live Writer
    "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
    "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
    "{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
    "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
    "{EF367AA4-070B-493C-9575-85BE59D789C9}" = Easy SpeedUp Manager
    "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
    "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
    "{F4EE283A-4851-43D4-887C-1932D55DE740}" = Windows Live UX Platform Language Pack
    "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
    "BSPlayerf" = BS.Player FREE
    "ENTERPRISE" = Microsoft Office Enterprise 2007
    "Fallout New Vegas_is1" = Fallout New Vegas
    "Game Booster_is1" = Game Booster
    "Half-Life" = Half-Life
    "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
    "InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
    "InstallShield_{2A2E822B-3B0E-46C1-9E3B-ACD7D1E95139}" = SAMSUNG PC Share Manager
    "InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
    "InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
    "InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
    "InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
    "InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
    "KTT-Transcribe_is1" = KTT-Transcribe 1.1
    "Marvell Miniport Driver" = Marvell Miniport Driver
    "Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
    "PunkBusterSvc" = PunkBuster Services
    "Smart Defrag_is1" = Smart Defrag
    "Steam App 220" = Half-Life 2
    "Steam App 240" = Counter-Strike: Source
    "Steam App 380" = Half-Life 2: Episode One
    "Steam App 400" = Portal
    "Steam App 420" = Half-Life 2: Episode Two
    "Steam App 47790" = Medal of Honor(TM) Single Player
    "Steam App 47830" = Medal of Honor(TM) Multiplayer
    "SystemRequirementsLab" = System Requirements Lab
    "uTorrent" = µTorrent
    "Winamp" = Winamp
    "WinLiveSuite" = Windows Liven asennustyökalu
    "Worms Reloaded_is1" = Worms Reloaded

    ========== HKEY_USERS Uninstall List ==========

    [HKEY_USERS\S-1-5-21-2933140333-1029565451-4078333767-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "Winamp Detect" = Winamp Detector Plug-in

    ========== Last 10 Event Log Errors ==========

    [ Application Events ]
    Error - 12/1/2010 11:47:46 AM | Computer Name = Janne-PC | Source = Application Error | ID = 1000
    Description = Viallisen sovelluksen nimi: winamp.exe, versio: 5.5.8.2985, aikaleima:
    0x4c3b43ea Viallisen moduulin nimi: jscript.dll, versio: 5.8.7600.16475, aikaleima:
    0x4b1620f9 Poikkeuskoodi: 0xc0000005 Virhepoikkeama: 0x00015fd0 Viallisen prosessin
    tunnus: 0xc40 Viallisen sovelluksen käynnistysaika: 0x01cb916ccf0a2780 Viallisen
    sovelluksen polku: D:\Ohjelmat\Winamp\winamp.exe Viallisen moduulin polku: C:\windows\SysWow64\jscript.dll
    Raportin
    tunnus: 5743d081-fd62-11df-825d-b482fe668f92

    Error - 12/2/2010 3:31:31 PM | Computer Name = Janne-PC | Source = Nvcoas | ID = 131073
    Description = NVC OnAccess scanner error: Messaging system received and unknown
    alert

    Error - 12/2/2010 3:31:31 PM | Computer Name = Janne-PC | Source = Nvcoas | ID = 131073
    Description = NVC OnAccess scanner error: Messaging system received and unknown
    alert

    Error - 12/2/2010 3:31:31 PM | Computer Name = Janne-PC | Source = Nvcoas | ID = 131073
    Description = NVC OnAccess scanner error: Messaging system received and unknown
    alert

    Error - 12/2/2010 3:31:31 PM | Computer Name = Janne-PC | Source = Nvcoas | ID = 131073
    Description = NVC OnAccess scanner error: Messaging system received and unknown
    alert

    Error - 12/2/2010 3:31:33 PM | Computer Name = Janne-PC | Source = Nvcoas | ID = 131073
    Description = NVC OnAccess scanner error: Messaging system received and unknown
    alert

    Error - 12/3/2010 12:40:33 PM | Computer Name = Janne-PC | Source = Application Error | ID = 1000
    Description = Viallisen sovelluksen nimi: OfficeLiveSignIn.exe, versio: 2.0.2313.0,
    aikaleima: 0x491c0a79 Viallisen moduulin nimi: OfficeLiveSignIn.exe, versio: 2.0.2313.0,
    aikaleima: 0x491c0a79 Poikkeuskoodi: 0xc0000005 Virhepoikkeama: 0x00003ce7 Viallisen
    prosessin tunnus: 0xe5c Viallisen sovelluksen käynnistysaika: 0x01cb93066a67ca94
    Viallisen
    sovelluksen polku: C:\Program Files (x86)\Microsoft\Office Live\OfficeLiveSignIn.exe
    Viallisen
    moduulin polku: C:\Program Files (x86)\Microsoft\Office Live\OfficeLiveSignIn.exe
    Raportin
    tunnus: 0b7c3eb6-fefc-11df-99b0-b482fe668f92

    Error - 12/4/2010 2:07:24 PM | Computer Name = Janne-PC | Source = Application Error | ID = 1000
    Description = Viallisen sovelluksen nimi: OfficeLiveSignIn.exe, versio: 2.0.2313.0,
    aikaleima: 0x491c0a79 Viallisen moduulin nimi: OfficeLiveSignIn.exe, versio: 2.0.2313.0,
    aikaleima: 0x491c0a79 Poikkeuskoodi: 0xc0000005 Virhepoikkeama: 0x00003ce7 Viallisen
    prosessin tunnus: 0x72c Viallisen sovelluksen käynnistysaika: 0x01cb93d886e08ecf
    Viallisen
    sovelluksen polku: C:\Program Files (x86)\Microsoft\Office Live\OfficeLiveSignIn.exe
    Viallisen
    moduulin polku: C:\Program Files (x86)\Microsoft\Office Live\OfficeLiveSignIn.exe
    Raportin
    tunnus: 584a0384-ffd1-11df-8b1c-b482fe668f92

    Error - 12/4/2010 4:35:13 PM | Computer Name = Janne-PC | Source = Application Error | ID = 1000
    Description = Viallisen sovelluksen nimi: OfficeLiveSignIn.exe, versio: 2.0.2313.0,
    aikaleima: 0x491c0a79 Viallisen moduulin nimi: OfficeLiveSignIn.exe, versio: 2.0.2313.0,
    aikaleima: 0x491c0a79 Poikkeuskoodi: 0xc0000005 Virhepoikkeama: 0x00003ce7 Viallisen
    prosessin tunnus: 0x1034 Viallisen sovelluksen käynnistysaika: 0x01cb93f26e92225d
    Viallisen
    sovelluksen polku: C:\Program Files (x86)\Microsoft\Office Live\OfficeLiveSignIn.exe
    Viallisen
    moduulin polku: C:\Program Files (x86)\Microsoft\Office Live\OfficeLiveSignIn.exe
    Raportin
    tunnus: fe1bd56e-ffe5-11df-8b1c-b482fe668f92

    Error - 12/7/2010 10:12:54 AM | Computer Name = Janne-PC | Source = Application Error | ID = 1000
    Description = Viallisen sovelluksen nimi: Ginstall.exe, versio: 1.6.0.4, aikaleima:
    0x4cd81bae Viallisen moduulin nimi: Ginstall.exe, versio: 1.6.0.4, aikaleima: 0x4cd81bae
    Poikkeuskoodi:
    0xc0000005 Virhepoikkeama: 0x0000000000003d2a Viallisen prosessin tunnus: 0x12dc Viallisen
    sovelluksen käynnistysaika: 0x01cb9618d51ba31c Viallisen sovelluksen polku: C:\windows\TEMP\~$ZAN01\Ginstall.exe
    Viallisen
    moduulin polku: C:\windows\TEMP\~$ZAN01\Ginstall.exe Raportin tunnus: 14b08ccc-020c-11e0-b1ca-b482fe668f92

    [ System Events ]
    Error - 12/7/2010 1:56:55 PM | Computer Name = Janne-PC | Source = Schannel | ID = 36888
    Description = Luotiin seuraava vakava ilmoitus: 10. Sisäinen virhetila on 10.

    Error - 12/8/2010 9:52:42 AM | Computer Name = Janne-PC | Source = DCOM | ID = 10010
    Description =

    Error - 12/9/2010 10:53:40 AM | Computer Name = Janne-PC | Source = Schannel | ID = 36888
    Description = Luotiin seuraava vakava ilmoitus: 10. Sisäinen virhetila on 10.

    Error - 12/9/2010 11:41:20 AM | Computer Name = Janne-PC | Source = Schannel | ID = 36888
    Description = Luotiin seuraava vakava ilmoitus: 10. Sisäinen virhetila on 10.

    Error - 12/10/2010 3:26:37 PM | Computer Name = Janne-PC | Source = Schannel | ID = 36888
    Description = Luotiin seuraava vakava ilmoitus: 10. Sisäinen virhetila on 10.

    Error - 12/10/2010 4:18:33 PM | Computer Name = Janne-PC | Source = Schannel | ID = 36888
    Description = Luotiin seuraava vakava ilmoitus: 10. Sisäinen virhetila on 10.

    Error - 12/10/2010 5:54:16 PM | Computer Name = Janne-PC | Source = Schannel | ID = 36888
    Description = Luotiin seuraava vakava ilmoitus: 10. Sisäinen virhetila on 10.

    Error - 12/11/2010 10:41:02 AM | Computer Name = Janne-PC | Source = Service Control Manager | ID = 7011
    Description = Aikakatkaisu (30000 millisekuntia) odotettaessa tapahtuman vastausta
    IPBusEnum-palvelusta.

    Error - 12/11/2010 10:46:58 AM | Computer Name = Janne-PC | Source = Schannel | ID = 36888
    Description = Luotiin seuraava vakava ilmoitus: 10. Sisäinen virhetila on 10.

    Error - 12/11/2010 12:42:22 PM | Computer Name = Janne-PC | Source = Schannel | ID = 36888
    Description = Luotiin seuraava vakava ilmoitus: 10. Sisäinen virhetila on 10.


    < End of report >
     
  8. kalminen

    kalminen Regular member

    Liittynyt:
    04.05.2007
    Viestejä:
    3,915
    Kiitokset:
    0
    Pisteet:
    46
    .
    Toimiiko sulla WinAmp kunnolla ???

    Käynnistä OTL.EXE ja
    Kopioi Custom scans-kohtaan OTL:ssä
    Alla olevan laatikon sisältö =>

    Koodi:
    :OTL
    FF - prefs.js..browser.search.defaultenginename: "Yahoo"
    FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=382950" 
    FF - prefs.js..keyword.URL: "http://fi.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=382950&p=" 
    [2010/11/21 14:30:10 | 000,000,000 | ---D | C] -- C:\ProgramData\f-secure 
    :commands
    [EMPTYTEMP]
    [emptyflash]
    
    Klikkaat nappia => Run Fix
    Lopuksi se pyytää koneen ReStarttia => OK
    Logi aukeaa muistioon josta kopioit sen viestiisi.

    :)
     
  9. Ferti

    Ferti Member

    Liittynyt:
    24.06.2008
    Viestejä:
    64
    Kiitokset:
    0
    Pisteet:
    16
    Toimiiko sulla WinAmp kunnolla ??? Meinaatko sitä musiikki ohjelmaa?

    Tässä olis tämä

    All processes killed
    ========== OTL ==========
    Prefs.js: "Yahoo" removed from browser.search.defaultenginename
    Prefs.js: "chr-greentree_ff&type=382950" removed from browser.search.param.yahoo-fr
    Prefs.js: "http://fi.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=382950&p=" removed from keyword.URL
    C:\ProgramData\f-secure\setup folder moved successfully.
    C:\ProgramData\f-secure\logs\Setup folder moved successfully.
    C:\ProgramData\f-secure\logs\ORSP Client folder moved successfully.
    C:\ProgramData\f-secure\logs\NRS folder moved successfully.
    C:\ProgramData\f-secure\logs\HIPS folder moved successfully.
    C:\ProgramData\f-secure\logs\FSPC folder moved successfully.
    C:\ProgramData\f-secure\logs\FSMA folder moved successfully.
    C:\ProgramData\f-secure\logs\FSFW folder moved successfully.
    C:\ProgramData\f-secure\logs\FSAV\Users folder moved successfully.
    C:\ProgramData\f-secure\logs\FSAV folder moved successfully.
    C:\ProgramData\f-secure\logs\ExploitShield folder moved successfully.
    C:\ProgramData\f-secure\logs\DAAS2 folder moved successfully.
    C:\ProgramData\f-secure\logs\custom folder moved successfully.
    C:\ProgramData\f-secure\logs folder moved successfully.
    C:\ProgramData\f-secure\Daas2\revocation folder moved successfully.
    C:\ProgramData\f-secure\Daas2\keys folder moved successfully.
    C:\ProgramData\f-secure\Daas2\crl folder moved successfully.
    C:\ProgramData\f-secure\Daas2\cert folder moved successfully.
    C:\ProgramData\f-secure\Daas2\acl folder moved successfully.
    C:\ProgramData\f-secure\Daas2 folder moved successfully.
    C:\ProgramData\f-secure folder moved successfully.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: All Users

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: Janne
    ->Temp folder emptied: 348764 bytes
    ->Temporary Internet Files folder emptied: 2894971 bytes
    ->FireFox cache emptied: 113205749 bytes
    ->Flash cache emptied: 456 bytes

    User: Public

    User: Videot

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 401408 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32 (64bit) .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 207057119 bytes
    %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50499 bytes
    RecycleBin emptied: 2270032 bytes

    Total Files Cleaned = 311.00 mb


    [EMPTYFLASH]

    User: All Users

    User: Default

    User: Default User

    User: Janne
    ->Flash cache emptied: 0 bytes

    User: Public

    User: Videot

    Total Flash Files Cleaned = 0.00 mb


    OTL by OldTimer - Version 3.2.17.4 log created on 12212010_220208

    Files\Folders moved on Reboot...
    C:\Users\Janne\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
    File move failed. C:\windows\temp\nvcbin.def.1cee01c7.tmp scheduled to be moved on reboot.
    C:\windows\temp\sqlite_KdWTGeihxR3MMUj moved successfully.
    C:\windows\temp\sqlite_wCRUnHI2plTLvJc moved successfully.
    C:\windows\temp\sqlite_ZOpDGCL1eGSSuT6 moved successfully.

    Registry entries deleted on Reboot...
     
  10. kalminen

    kalminen Regular member

    Liittynyt:
    04.05.2007
    Viestejä:
    3,915
    Kiitokset:
    0
    Pisteet:
    46
    .
    Toimiiko sulla WinAmp kunnolla ??? Meinaatko sitä musiikki ohjelmaa?
    Tarkoitin.

    Vieläkö Yahoo kummittelee ???
    :)
     
  11. Ferti

    Ferti Member

    Liittynyt:
    24.06.2008
    Viestejä:
    64
    Kiitokset:
    0
    Pisteet:
    16
    Itse asiassa ei nyt, kun näin kysyt. Joskus siitä ei kuulu ääntä vaikka pistää pyörimään jonkun kappaleen. Sen saa kyllä yleensä jo toisella kertaa, kun valitsee vaikka saman kappaleen uudestaan listalta. Usein se ei sitä tee, mutta joskus.
    Toinen mikä tuli nyt mieleen niin ne (en muista oikeata nimeä) näppäimet jotka vaikuttaa winamppiin vaikkei se olisi päällimmäisenä näytöllä. Siis vaikka pelaa netis jotakin ja winamppi on päällä niin voit vaihtaa kappaletta menemättä winamppiin.
    Olikohan jotkut hotkeysit? Tosin missä niitä enemmän tarvittaisiin niin olis toi SoundScriber ohjelma (emäntä ja kuolu juttuja) ne ei toimi siinäkään, että onkohan vika wintoosa seiskassa? Ja jos se olis vika niin mitenkä sen vois korjata vai meneekö ominaisuuden puolelle?

    Ja oi kyllä!! ei kummittele enää. Nyt on taasen pieni tasamaan tallaaja lättäjaloillaan onnellinen! KIITOKSIA siitä jo.
     
  12. Ferti

    Ferti Member

    Liittynyt:
    24.06.2008
    Viestejä:
    64
    Kiitokset:
    0
    Pisteet:
    16
    Ja niin kyseessä olis samsung R780 ja tosiaan seiska vaikka tuolta jostakin sekin on varmasti käynyt selväksi. Siis jos se on koneen ominaisuus.
     
  13. kalminen

    kalminen Regular member

    Liittynyt:
    04.05.2007
    Viestejä:
    3,915
    Kiitokset:
    0
    Pisteet:
    46
    .
    Poistellaan lopuksi noita työkaluja ja roskat.
    Käynnistä OTL ja klikkaa CleanUp nappia.
    Saattaapi vaikka bootata koneen.

    ---------------------------------------------------------

    Siksi kyselin siitä WinAmpista kun se näyttäisi olevan vahingoittunut.
    Asenna se uudelleen.
    :)
     
  14. Ferti

    Ferti Member

    Liittynyt:
    24.06.2008
    Viestejä:
    64
    Kiitokset:
    0
    Pisteet:
    16
    Nyt on tosiaan winamppikin asennettu uudestaan, mutta jos on halua niin voisitko katsoa kakkos koneen login kans?
    Mutta jos on muuta niin suur kiitos edellisestä!

    Siitä vois saada kaikki turhat pois, kun kone on niin perkuleen hidas.

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 17:10:40, on 26.12.2010
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\HPQ\IAM\bin\asghost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\fsgk32st.exe
    C:\Program Files\Elisa Tietoturvapalvelu\Common\FSMA32.EXE
    C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\FSGK32.EXE
    C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    C:\Program Files\Elisa Tietoturvapalvelu\Common\FSHDLL32.EXE
    C:\Program Files\Analog Devices\Core\smax4pnp.exe
    C:\Program Files\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
    C:\WINDOWS\SMINST\Scheduler.exe
    C:\Program Files\Elisa Tietoturvapalvelu\FWES\Program\fsdfwd.exe
    C:\Program Files\Elisa Tietoturvapalvelu\Common\FSM32.EXE
    C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\fssm32.exe
    C:\Program Files\Elisa Tietoturvapalvelu\FSGUI\ispnews.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\fsav32.exe
    C:\PROGRA~1\HPQ\Shared\HPQTOA~1.EXE
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Documents and Settings\Käyttäjä\Työpöytä\HJT.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: HP Credential Manager for ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\HPQ\IAM\Bin\ItIeAddIN.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
    O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
    O4 - HKLM\..\Run: [PTHOSTTR] C:\Program Files\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
    O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\HPQ\IAM\Bin\AsTsVcc.dll,RegisterModule
    O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\Sminst\Recguard.exe
    O4 - HKLM\..\Run: [Scheduler] C:\WINDOWS\SMINST\Scheduler.exe
    O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Elisa Tietoturvapalvelu\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Elisa Tietoturvapalvelu\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
    O4 - HKLM\..\Run: [News Service] "C:\Program Files\Elisa Tietoturvapalvelu\FSGUI\ispnews.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Paikallinen palve')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Verkkopalve')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-09.sun.com/s/ESD7/JS...d/&filename=jinstall-6u13-windows-i586-jc.cab
    O20 - Winlogon Notify: OneCard - C:\Program Files\HPQ\IAM\Bin\AsWlnPkg.dll
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: Loogisen levyn hallinnan valvontapalvelu (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
    O23 - Service: Tapahtumaloki (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
    O23 - Service: F-Secure BlackLight Sensor - F-Secure Corporation - C:\WINDOWS\TEMP\F-Secure\Anti-Virus\fsblsrv.exe
    O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\fsgk32st.exe
    O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Elisa Tietoturvapalvelu\FWES\Program\fsdfwd.exe
    O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Elisa Tietoturvapalvelu\Common\FSMA32.EXE
    O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\Elisa Tietoturvapalvelu\ORSP Client\fsorsp.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: CD-levyjen kirjoittamisen IMAPI COM -palvelu (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
    O23 - Service: Plug and Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
    O23 - Service: Etätyöpöydän ohjeen istunnonhallinta (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
    O23 - Service: Älykortti (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
    O23 - Service: Aseman tilannevedos (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
    O23 - Service: WMI resurssisovitin (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe

    --
    End of file - 7715 bytes
     
  15. kalminen

    kalminen Regular member

    Liittynyt:
    04.05.2007
    Viestejä:
    3,915
    Kiitokset:
    0
    Pisteet:
    46
    .
    OK !!!
    Huomenna (ma)
    :)
     
  16. kalminen

    kalminen Regular member

    Liittynyt:
    04.05.2007
    Viestejä:
    3,915
    Kiitokset:
    0
    Pisteet:
    46
    .
    F-Secure on raskas vanhempiin koneisiin.
    Chrome selaimeen vois IE:n vaihtaa, XP:llehän ei IE:n
    uusinta tulla ikinä saamaankaan.

    ---------------------------------------------------------------

    Onko tämä salausjärjestelmä tarpeen kakkoskoneella =>

    HP ProtectTools ja Credential Manager

    tai

    Cognizance Corp Identity And Access Management ???

    ------------------------------------------------------------------

    Lataa JavaRa ja pura se työpöydällesi.

    ***Sulje kaikki päällä olevat Internet Explorerin ikkunat ennen jatkamista!***

    * Tuplaklikkaa JavaRa.exeä käynnistääksesi ohjelma.
    * Valitse English pudotusvalikosta valitaksesi kieleksi englannin ja klikkaa Select.
    * Klikkaa Remove Older Versions poistaaksesi vanhat Java-versiot koneeltasi.
    * Klikkaa Yes kun pyydetään. Kun JavaRa on valmis, se ilmoittaa, että lokitiedosto on luotu. Klikkaa OK.
    * Lokitiedosto avautuu. Lähetä sen sisältö seuraavassa viestissäsi.

    Mene Käynnistä -> kirjoita hakukenttään Ohjelmat ja toiminnot ja Enter)
    Etsi listasta kaikki entiset Java versiosi. (J2SE Runtime Environment.... )
    Niissä pitäisi olla seuraava kuva vieressä: [​IMG]
    Valitse kaikki entiset Java versiosi ja valitse Poista.

    -> Asenna uusin Java päivitys seuraavasta linkistä..

    http://www.java.com/en/download/manual.jsp

    Klikkaa kohdetta Windows 7/XP/Vista/2000/2003/2008 Offline

    Tallenna tiedosto vaikka työpöydälle sammuta kaikki selaimet ja asenna se.

    -----------------------------------------------------------------------

    Lataus ja siivous ohjeet: TÄÄLLÄ

    ----------------------------------------------------------

    Lataa levyn eheytys: DiskDefrag Työpöydälle ja käynnistä install.
    SP osoitetta ei ole pakko antaa jos ei halua mainoksia.
    Käynnistä työpöydältä AusLogics Disk Defrag ohjelma. Valitse C:\ jos se on
    käyttöjärjestelmä asennus asema. ==> NEXT

    ----------------------------------------------------------------

    Sammuta selain ja muut ohjelmat Fixin ajaksi. (ei virustorjuntaa)
    Käynnistä HijackThis:ja Scan ja ruksaa seuraavat punaisella listatut rivit
    (HJT sammuttaa ohjelman ei poista)

    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\Sminst\Recguard.exe
    O4 - HKLM\..\Run: [Scheduler] C:\WINDOWS\SMINST\Scheduler.exe
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-09.sun.com/s/ESD7/JSCDL/jdk/6u13-b03/jinstall-6u13-windows-i586-j c.cab?e=1242389076425&h=c551a10d6773ed7af7dcdb32a5f6091d/&filename=jinstall-6u13 -windows-i586-jc.cab

    sekä sammuta ne.(fix Chekked) napista.

    ----------------------------------------------------

    Tyhjennä roskakori ja Käynnistä koneesi uudelleen.

    Postita tänne seuraavat lokit:
    * Tuore HijackThis loki (Otetaan viimeisenä ennen postitusta)
    *
    * Mikä on tilanne ???
    *
    :)
     
  17. Ferti

    Ferti Member

    Liittynyt:
    24.06.2008
    Viestejä:
    64
    Kiitokset:
    0
    Pisteet:
    16
    Onko tämä salausjärjestelmä tarpeen kakkoskoneella =>

    HP ProtectTools ja Credential Manager

    tai

    Cognizance Corp Identity And Access Management ???

    ------------------------------------------------------------------
    Yritän tänään tehdä noi muutokset kun pääsen sille koneelle (eri taloudessa)
    Mutta noi ohjelmat ei ole mitenkään tarpeellista.
     
  18. kalminen

    kalminen Regular member

    Liittynyt:
    04.05.2007
    Viestejä:
    3,915
    Kiitokset:
    0
    Pisteet:
    46
    .
    Sammuta sitten nämäkin HJT:llä =>
    O2 - BHO: HP Credential Manager for ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\HPQ\IAM\Bin\ItIeAddIN.dll
    O4 - HKLM\..\Run: [PTHOSTTR] C:\Program Files\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
    O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\HPQ\IAM\Bin\AsTsVcc.dll,RegisterModule

    :)
     
  19. Ferti

    Ferti Member

    Liittynyt:
    24.06.2008
    Viestejä:
    64
    Kiitokset:
    0
    Pisteet:
    16
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 19:32:10, on 28.12.2010
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\HPQ\IAM\bin\asghost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\fsgk32st.exe
    C:\Program Files\Elisa Tietoturvapalvelu\Common\FSMA32.EXE
    C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\FSGK32.EXE
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Elisa Tietoturvapalvelu\Common\FSHDLL32.EXE
    C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    C:\Program Files\Analog Devices\Core\smax4pnp.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
    C:\Program Files\Elisa Tietoturvapalvelu\Common\FSM32.EXE
    C:\Program Files\Elisa Tietoturvapalvelu\FWES\Program\fsdfwd.exe
    C:\Program Files\Elisa Tietoturvapalvelu\FSGUI\ispnews.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\fssm32.exe
    C:\PROGRA~1\HPQ\Shared\HPQTOA~1.EXE
    C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\fsav32.exe
    C:\Program Files\Auslogics\Auslogics Disk Defrag\DiskDefrag.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Documents and Settings\Käyttäjä\Työpöytä\HJT.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
    R3 - URLSearchHook: (no name) - {a95df5b3-97ae-4a89-8e8d-c65ec85f607e} - (no file)
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin0.dll
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: (no name) - {a95df5b3-97ae-4a89-8e8d-c65ec85f607e} - (no file)
    O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin0.dll
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
    O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
    O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Elisa Tietoturvapalvelu\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Elisa Tietoturvapalvelu\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
    O4 - HKLM\..\Run: [News Service] "C:\Program Files\Elisa Tietoturvapalvelu\FSGUI\ispnews.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Paikallinen palve')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Verkkopalve')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com
    O20 - Winlogon Notify: OneCard - C:\Program Files\HPQ\IAM\Bin\AsWlnPkg.dll
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: Loogisen levyn hallinnan valvontapalvelu (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
    O23 - Service: Tapahtumaloki (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
    O23 - Service: F-Secure BlackLight Sensor - F-Secure Corporation - C:\WINDOWS\TEMP\F-Secure\Anti-Virus\fsblsrv.exe
    O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\fsgk32st.exe
    O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Elisa Tietoturvapalvelu\FWES\Program\fsdfwd.exe
    O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Elisa Tietoturvapalvelu\Common\FSMA32.EXE
    O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\Elisa Tietoturvapalvelu\ORSP Client\fsorsp.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: CD-levyjen kirjoittamisen IMAPI COM -palvelu (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Plug and Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
    O23 - Service: Etätyöpöydän ohjeen istunnonhallinta (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
    O23 - Service: Älykortti (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
    O23 - Service: Aseman tilannevedos (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
    O23 - Service: WMI resurssisovitin (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe

    --
    End of file - 7462 bytes


    Kyllä tämä pikkasen nopeutu, mutta hidas vieläkin.
    Tosin vanha kone niin taitaa olla jo ominaisuus.

    Pistän nyt seuraavaksi eheytyksen rullaamaan niin katsotaan sitten taas.
     
  20. kalminen

    kalminen Regular member

    Liittynyt:
    04.05.2007
    Viestejä:
    3,915
    Kiitokset:
    0
    Pisteet:
    46
    .
    Muuten olis hyvä, mutta tänne ilmestyy
    sitämukaa lisää tauhkaa.

    Mene Windowsin ControlPaneliin (Ohjauspaneli) ja sieltä Lisää / Poista sovellus
    Vistassa (7) Ohjelmat ja toiminnot
    Etsi ja poista ohjelma jonka nimessä on:

    Conduit Engine

    -----------------------------------------------------

    Sammuta selain ja muut ohjelmat Fixin ajaksi. (ei virustorjuntaa)
    Käynnistä HijackThis:ja Scan ja ruksaa seuraavat punaisella listatut rivit
    (HJT sammuttaa ohjelman ei poista)

    R3 - URLSearchHook: (no name) - {a95df5b3-97ae-4a89-8e8d-c65ec85f607e} - (no file)
    O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin0.dll
    O3 - Toolbar: (no name) - {a95df5b3-97ae-4a89-8e8d-c65ec85f607e} - (no file)
    O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin0.dll
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

    sekä sammuta ne.(fix Chekked) napista.

    ----------------------------------------------------

    Käynnistä koneesi uudelleen.

    Poista kansio/t, jos löytyy:
    C:\Program Files\ConduitEngine\

    :)
     
  21. Ferti

    Ferti Member

    Liittynyt:
    24.06.2008
    Viestejä:
    64
    Kiitokset:
    0
    Pisteet:
    16
    Pikkasen taas kesti, mutta nyt olis nekin poistettu. Tässä olis vielä kerran uusin loki jos sitä vielä tarvii.

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 14:30:00, on 2.1.2011
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\HPQ\IAM\bin\asghost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\fsgk32st.exe
    C:\Program Files\Elisa Tietoturvapalvelu\Common\FSMA32.EXE
    C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\FSGK32.EXE
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Elisa Tietoturvapalvelu\Common\FSHDLL32.EXE
    C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    C:\Program Files\Analog Devices\Core\smax4pnp.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
    C:\Program Files\Elisa Tietoturvapalvelu\Common\FSM32.EXE
    C:\Program Files\Elisa Tietoturvapalvelu\FSGUI\ispnews.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\fssm32.exe
    C:\Program Files\Elisa Tietoturvapalvelu\FWES\Program\fsdfwd.exe
    C:\PROGRA~1\HPQ\Shared\HPQTOA~1.EXE
    C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\fsav32.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\Documents and Settings\Käyttäjä\Työpöytä\HJT.exe
    C:\WINDOWS\system32\wuauclt.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
    O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
    O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Elisa Tietoturvapalvelu\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Elisa Tietoturvapalvelu\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
    O4 - HKLM\..\Run: [News Service] "C:\Program Files\Elisa Tietoturvapalvelu\FSGUI\ispnews.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Paikallinen palve')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Verkkopalve')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com
    O20 - Winlogon Notify: OneCard - C:\Program Files\HPQ\IAM\Bin\AsWlnPkg.dll
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: Loogisen levyn hallinnan valvontapalvelu (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
    O23 - Service: Tapahtumaloki (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
    O23 - Service: F-Secure BlackLight Sensor - F-Secure Corporation - C:\WINDOWS\TEMP\F-Secure\Anti-Virus\fsblsrv.exe
    O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\fsgk32st.exe
    O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Elisa Tietoturvapalvelu\FWES\Program\fsdfwd.exe
    O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Elisa Tietoturvapalvelu\Common\FSMA32.EXE
    O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\Elisa Tietoturvapalvelu\ORSP Client\fsorsp.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: CD-levyjen kirjoittamisen IMAPI COM -palvelu (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Plug and Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
    O23 - Service: Etätyöpöydän ohjeen istunnonhallinta (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
    O23 - Service: Älykortti (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
    O23 - Service: Aseman tilannevedos (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
    O23 - Service: WMI resurssisovitin (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe

    --
    End of file - 6857 bytes


    Kyllä tämä kone nopeutu selvästi, kun tätä on pikkasen käyttänyt. Enää ei tartte odottaa viittäminuuttia, että pystyy tekemään jotakin, kun pistää päällä. Jälleen kerran kiitoksia! suur kiitos.
     

Jaa tämä sivu