1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

BaiduHipsBugRpt haittaohjlema

Discussion in 'Virukset ja haittaohjelmat' started by djjari, Jun 1, 2015.

  1. djjari

    djjari Active member

    Joined:
    Dec 17, 2010
    Messages:
    1,142
    Likes Received:
    6
    Trophy Points:
    68
    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-05-2015
    Ran by Jarppa at 2015-06-04 14:46:43
    Running from C:\Users\Jarppa\Desktop
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Jarppa (S-1-5-21-1612976865-2593797464-2764036050-1000 - Administrator - Enabled) => C:\Users\Jarppa
    Järjestelmänvalvoja (S-1-5-21-1612976865-2593797464-2764036050-500 - Administrator - Disabled)
    Vieras (S-1-5-21-1612976865-2593797464-2764036050-501 - Limited - Enabled)

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: 百度杀毒 (Enabled - Up to date) {FDA918B3-27C7-3B2B-33D0-343EAE5EB318}
    AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
    AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: 百度杀毒 (Enabled - Up to date) {46C8F957-01FD-34A5-0960-0F4CD5D9F9A5}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    µTorrent (HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
    2007 Office Systemin yhteensopivuuspaketti (HKLM-x32\...\{90120000-0020-040B-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Acer Arcade Deluxe (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 3.2.6929 - CyberLink Corp.)
    Acer Arcade Deluxe (x32 Version: 3.2.6929 - CyberLink Corp.) Hidden
    Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3005 - Acer Incorporated)
    Acer GameZone Console (HKLM-x32\...\{8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1) (Version: 5.1.0.2 - Oberon Media, Inc.)
    Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.02.3006 - Acer Incorporated)
    Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0812 - Acer Incorporated)
    Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.188 - Adobe Systems Incorporated)
    Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.95 - Adobe Systems Incorporated)
    Adobe Reader XI (11.0.11) - Suomi (HKLM-x32\...\{AC76BA86-7AD7-1035-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
    Alice Greenfingers (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}) (Version: - Oberon Media)
    Amazonia (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}) (Version: - Oberon Media)
    AMD Catalyst Install Manager (HKLM\...\{C2956908-53A3-88FC-B795-B16508296FC4}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
    ASUS RT-N10E Wireless Router Utilities (HKLM-x32\...\{580CA891-08DB-4B6F-B0C1-DF1D149671D7}) (Version: 4.2.3.5 - ASUS)
    Bandicam (HKLM-x32\...\Bandicam) (Version: 2.1.2.739 - Bandisoft.com)
    Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com)
    CCleaner (HKLM\...\CCleaner) (Version: 5.06 - Piriform)
    Chicken Invaders 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}) (Version: - Oberon Media)
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    Dairy Dash (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}) (Version: - Oberon Media)
    Dracula 4 and 5 - Special Steam Edition (HKLM-x32\...\Dracula 4 and 5 - Special Steam Edition_is1) (Version: - )
    Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version: - Oberon Media)
    DVBViewer Pro (HKLM-x32\...\{C3C5F907-CF6E-4A55-93A4-6F65E978263D}_is1) (Version: 5.3.2 - Takki & Ahmad)
    ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
    eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
    eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden
    Farm Frenzy 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}) (Version: - Oberon Media)
    ffdshow v1.3.4533 [2014-09-29] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4533.0 - )
    First Class Flurry (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115208410}) (Version: - Oberon Media)
    FlashFXP 5 (HKLM-x32\...\FlashFXP 5) (Version: 5.0.0.3795 - OpenSight Software LLC)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2414.0 - Google Inc.)
    Google Earth Plug-in (HKLM-x32\...\{ADA8583A-C20B-414B-8CB7-3AA7A89F7952}) (Version: 7.1.4.1529 - Google)
    Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
    Granny In Paradise (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}) (Version: - Oberon Media)
    Heroes of Hellas (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}) (Version: - Oberon Media)
    HiVision DVB-T Hybrid BDA Drivers (HKLM-x32\...\TVEpaDrv) (Version: - )
    Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 1.00.3004 - Acer Incorporated)
    HP Photosmart 5510 series Ohje (HKLM-x32\...\{E02964EA-0E1B-4620-A26E-CBAB0341B1BB}) (Version: 140.0.2.2 - Hewlett Packard)
    HP Photosmart 5510 series -peruslaiteohjelmisto (HKLM\...\{F7803315-9424-4433-9DE8-94D8011D87D9}) (Version: 25.0.621.0 - Hewlett-Packard Co.)
    HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
    Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3002 - Acer Incorporated)
    ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
    ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
    Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
    Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
    JMicron 1394 Filter Driver (HKLM-x32\...\{13C96625-28E4-4c58-ADE0-CDAFC64752EB}) (Version: 1.00.25.03 - JMicron Technology Corp.)
    Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    LSI PCI-SV92PP Soft Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.95 - LSI Corporation)
    Malwarebytes Anti-Malware versio 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
    Marvell Miniport Driver (HKLM-x32\...\Marvell Miniport Driver) (Version: 11.45.4.3 - Marvell)
    Merriam Websters Spell Jam (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}) (Version: - Oberon Media)
    Microsoft .NET Framework 4.5.2 (suomi) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1035) (Version: 4.5.51209 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.3 Preview (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.53349 - Microsoft Corporation)
    Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
    Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0100-040B-0000-0000000FF1CE}_OMUI.fi-fi_{FA5CC73F-DD50-44F9-9530-DCB3C4C453F1}) (Version: - Microsoft)
    Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
    Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
    Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Office Language Pack 2007 - Finnish/suomi (HKLM-x32\...\OMUI.fi-fi) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Office PowerPoint Viewer 2007 (Finnish) (HKLM-x32\...\{95120000-00AF-040B-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
    Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Works (HKLM-x32\...\{7D9EF8C1-1B76-44AF-A918-86CBA6FD24C8}) (Version: 9.7.0621 - Microsoft Corporation)
    Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Mozilla Firefox 39.0 (x86 fi) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 fi)) (Version: 39.0 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0 - Mozilla)
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    Nancy Drew: Sea of Darkness (HKLM-x32\...\{241C6D36-570D-4616-B07F-E460AF6E59D2}) (Version: 8.0.0.30162 - Her Interactive, Inc.)
    Next Generation Visualisations (HKLM-x32\...\{2E376AD9-5C49-4F7D-A0BA-6A44E8FA5A3B}) (Version: 1.0.0 - Microsoft)
    NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.9 - NVIDIA Corporation)
    NVIDIA GeForce Experience 2.1.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.4 - NVIDIA Corporation)
    NVIDIA Grafiikkaohjain 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.44 - NVIDIA Corporation)
    NVIDIA HD-ääniohjain 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
    NVIDIA PhysX-järjestelmäohjelmisto 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
    NVIDIA System Monitor (HKLM-x32\...\InstallShield_{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}) (Version: 6.5 - NVIDIA Corporation)
    Ohjelman Microsoft Office Excel 2007 Help päivitys (KB963678) (HKLM-x32\...\{90120000-0016-040B-0000-0000000FF1CE}_OMUI.fi-fi_{2C35886E-A67C-494A-8E1C-C6B4E415BBDD}) (Version: - Microsoft)
    Ohjelman Microsoft Office Powerpoint 2007 Help päivitys (KB963669) (HKLM-x32\...\{90120000-0018-040B-0000-0000000FF1CE}_OMUI.fi-fi_{BD88D384-046E-4E6F-A48B-BC3757C01BA5}) (Version: - Microsoft)
    Ohjelman Microsoft Office Word 2007 Help päivitys (KB963665) (HKLM-x32\...\{90120000-001B-040B-0000-0000000FF1CE}_OMUI.fi-fi_{3D728445-D30E-4E78-BCC6-722FE68CB22B}) (Version: - Microsoft)
    OpenAL (HKLM-x32\...\OpenAL) (Version: - )
    PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
    RAIDXpert (HKLM-x32\...\InstallShield_{8A4A80C2-87B1-44FB-BC24-9168930EB150}) (Version: 3.3.1540.38 - AMD)
    RAIDXpert (x32 Version: 3.3.1540.38 - AMD) Hidden
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5898 - Realtek Semiconductor Corp.)
    SHIELD Streaming (Version: 3.1.2000 - NVIDIA Corporation) Hidden
    SHIELD Wireless Controller Driver (Version: 16.13.65 - NVIDIA Corporation) Hidden
    Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
    Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
    Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
    Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
    Valokuvavalikoima (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.00.3008 - Acer Incorporated)
    Windows Liven peruspaketti (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
    Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
    WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
    VirtualDJ PRO Full (HKLM-x32\...\{EDA76D78-8C23-4245-A4B1-4A9217AC9CF3}) (Version: 7.4.1 - Atomix Productions)
    X-Chat 2.8.6-2 (HKLM-x32\...\X-Chat 2_is1) (Version: 2.8.6-2 - SilvereX)
    百度杀毒3.0 (HKLM-x32\...\百度杀毒) (Version: 3.0.0.4605 - 百度在线网络技术(北京)有限公司)

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== Restore Points =========================

    01-06-2015 16:12:51 Removed MSXML 4.0 SP3 Parser
    01-06-2015 16:15:13 Removed Nero Video 2015.
    01-06-2015 16:21:37 Windows Update
    01-06-2015 16:24:17 Removed Nero 2015 Content Pack.
    01-06-2015 16:44:09 Removed Nero 2014.
    01-06-2015 16:55:27 Removed Nero 2014.
    01-06-2015 17:04:12 Removed MSXML 4.0 SP3 Parser (KB2758694)

    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-14 05:34 - 2015-02-26 20:24 - 00000083 ____A C:\Windows\system32\Drivers\etc\hosts
    127.0.0.1 localhost
    127.0.0.1 www.iobit.com
    127.0.0.1 www.asc55.iobit.com


    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {0F15D670-BC6C-4A3C-9770-763C6A9E6594} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-17] (Google Inc.)
    Task: {12424B64-EB2A-45D1-9770-139BAED6D0F1} - System32\Tasks\{664D6F67-9983-4470-80C2-6AA334899751} => pcalua.exe -a E:\FinnishDemoShield\Setup.exe -d E:\FinnishDemoShield
    Task: {47C48FA0-25EB-49B1-B683-B3160B7C3D0E} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
    Task: {490B98F1-2111-4A1F-BFA2-08DB4EAFF15A} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-08] (Microsoft Corporation)
    Task: {5262BE67-49C0-44BF-A2F1-1CEA6FE805AA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-17] (Adobe Systems Incorporated)
    Task: {604080EF-9307-4CFF-A807-221A091FAA71} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
    Task: {8759FB06-606C-4B35-B308-AE45F259C1B0} - System32\Tasks\{98B96767-07C3-4C31-BD84-FA3DD7B583DB} => pcalua.exe -a "C:\Program Files (x86)\Acer GameZone\Farm Frenzy 2\Uninstall.exe" -c "C:\Program Files (x86)\Acer GameZone\Farm Frenzy 2\install.log"
    Task: {9FEBF27B-AAFC-42E3-8ADF-6A2FC9D2908E} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2014-11-27] (Microsoft Corporation)
    Task: {AEAC2C2C-F482-4B98-8F52-ED8AC0A8C0A2} - System32\Tasks\{9C1F9D67-55EA-4078-B2E1-6F3E9FFCC882} => pcalua.exe -a E:\FinnishDemoShield\Driver\Setup.exe -d E:\FinnishDemoShield\Driver
    Task: {BB9E1894-4AB0-47AE-A330-995552077DE1} - System32\Tasks\{F1269FB4-4F5F-4865-AC8D-565D84C9AAED} => pcalua.exe -a C:\Users\Jarppa\Desktop\flashplayer18_install_win_pi.exe -d C:\Users\Jarppa\Desktop
    Task: {C3AD3EAC-9866-45DB-B504-6F39878B8886} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-05-08] (Piriform Ltd)
    Task: {D9D24DE5-9D5E-4513-A269-06BF628F1F71} - System32\Tasks\{BF13D931-85E4-4162-B077-C3B63A7254EF} => pcalua.exe -a C:\Users\Jarppa\Desktop\blazingcolorsviz.exe -d C:\Users\Jarppa\Desktop
    Task: {DE3AD2B6-F8D3-4A6F-99D8-42119D481B5E} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-08] (Microsoft Corporation)
    Task: {ED9BF83E-4066-49FD-856A-F2784A5FB9AA} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe
    Task: {FBCBD40E-61D8-4523-A855-B6266AC2F69C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-17] (Google Inc.)
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    ==================== Loaded Modules (Whitelisted) ==============

    2014-11-26 16:52 - 2015-02-04 05:21 - 00115400 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
    2015-06-01 11:46 - 2015-06-01 11:46 - 00124296 _____ () C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BDKVDeskBand64.dll
    2010-07-15 07:44 - 2010-07-15 07:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
    2015-05-08 21:50 - 2015-05-08 21:50 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1035.dll
    2015-06-01 11:46 - 2015-06-01 11:46 - 00403848 _____ () C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BDMCommon.dll
    2014-03-31 22:35 - 2014-03-31 22:35 - 00278208 _____ () C:\Program Files (x86)\Windows Live\Writer\fi\WindowsLive.Writer.Localization.resources.dll
    2015-04-25 09:39 - 2015-04-25 09:40 - 17083568 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_95.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)


    ==================== Safe Mode (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"

    ==================== EXE Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)

    IE restricted site: HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\008i.com -> 008i.com
    IE restricted site: HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\008k.com -> 008k.com
    IE restricted site: HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\00hq.com -> 00hq.com
    IE restricted site: HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\0190-dialers.com -> 0190-dialers.com
    IE restricted site: HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\01i.info -> 01i.info
    IE restricted site: HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
    IE restricted site: HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\05p.com -> 05p.com
    IE restricted site: HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
    IE restricted site: HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
    IE restricted site: HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
    IE restricted site: HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\0calories.net -> 0calories.net
    IE restricted site: HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\0cj.net -> 0cj.net
    IE restricted site: HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\0scan.com -> 0scan.com
    IE restricted site: HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
    IE restricted site: HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
    IE restricted site: HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\1-se.com -> 1-se.com
    IE restricted site: HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\1001movie.com -> 1001movie.com
    IE restricted site: HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\1001night.biz -> 1001night.biz
    IE restricted site: HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\100gal.net -> 100gal.net
    IE restricted site: HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\100sexlinks.com -> 100sexlinks.com

    There are 4788 more restricted sites.

    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Jarppa\AppData\Roaming\Mozilla\Firefox\Työpöydän taustakuva.bmp
    DNS Servers: 109.204.194.2 - 109.204.194.3

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)


    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [{B26C53FA-71FD-412F-9D01-CB6AC22B8A74}] => (Allow) svchost.exe
    FirewallRules: [TCP Query User{4E0E41A8-0CBD-4673-957A-420F1A2C43BF}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
    FirewallRules: [UDP Query User{ADB41BDA-6DE4-42FD-AAAC-D240DA048025}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
    FirewallRules: [TCP Query User{7FC65B90-DAC0-4A23-9A96-359E3F6D56F4}C:\program files (x86)\x-chat 2\xchat.exe] => (Allow) C:\program files (x86)\x-chat 2\xchat.exe
    FirewallRules: [UDP Query User{CFD38D2F-AE9B-415B-BE42-770B989350D3}C:\program files (x86)\x-chat 2\xchat.exe] => (Allow) C:\program files (x86)\x-chat 2\xchat.exe
    FirewallRules: [{35C76088-698B-48B8-AC66-FB235A653D66}] => (Allow) C:\Users\Jarppa\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{FBEED914-DA33-4C7B-99E2-EC140C884CC1}] => (Allow) C:\Users\Jarppa\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{8B55A6B3-B09B-43DC-A944-03C4F6FB2E4F}] => (Allow) C:\Program Files\HP\HP Photosmart 5510 series\Bin\DeviceSetup.exe
    FirewallRules: [{DB11579C-29AC-44A5-BD27-5FA6B8221670}] => (Allow) C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPNetworkCommunicator.exe
    FirewallRules: [{8A6303EB-EB84-4118-8C66-DDD00F29ECC9}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
    FirewallRules: [{E0C7CC0E-A1D4-44D2-BDFA-1EF03439F003}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    FirewallRules: [{EDA3C3F1-35F5-4A5D-A924-3D2F50054AC2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    FirewallRules: [{DF476EF7-53F1-444B-B47E-065320D806DE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    FirewallRules: [{5161FBE4-FB51-458A-A5A3-AEE886D1F580}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    FirewallRules: [{94A30895-5BBC-4E7D-88D0-1D4FDB3ED385}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [{0AD2EA0E-533D-4B49-B27C-644A2BA00469}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [{96EB9145-9B29-43B8-9943-1C00CE3B2382}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    FirewallRules: [{38C2196B-66C3-454D-A02F-F81D13A6C328}] => (Allow) LPort=2869
    FirewallRules: [{9F569AD5-DD37-47DA-AD3C-AFA0ECCA14F3}] => (Allow) LPort=1900
    FirewallRules: [TCP Query User{DE2E59FE-5D0A-4FAF-A6AB-8EF6C748558B}C:\program files (x86)\virtualdj\virtualdj_pro.exe] => (Allow) C:\program files (x86)\virtualdj\virtualdj_pro.exe
    FirewallRules: [UDP Query User{B0F44EBA-7A8D-4025-BA74-FA4CF4017EFF}C:\program files (x86)\virtualdj\virtualdj_pro.exe] => (Allow) C:\program files (x86)\virtualdj\virtualdj_pro.exe
    FirewallRules: [{71B98B4D-7858-4BC1-B671-E885299F5F9E}] => (Allow) E:\RouterSetup\QISWizard.exe
    FirewallRules: [{95779A72-2F1D-4E05-B1F6-D092B62ECEC5}] => (Allow) E:\RouterSetup\QISWizard.exe
    FirewallRules: [TCP Query User{7C750146-AF51-4CC7-B2AB-B13FBD6CD49D}E:\routersetup\qiswizard.exe] => (Allow) E:\routersetup\qiswizard.exe
    FirewallRules: [UDP Query User{159231D8-6EF5-46F9-9627-847BFC539E9A}E:\routersetup\qiswizard.exe] => (Allow) E:\routersetup\qiswizard.exe
    FirewallRules: [{BDC38DFD-E5E7-4942-8B49-220104351B9D}] => (Allow) C:\Program Files (x86)\ASUS\RT-N10E Wireless Router Utilities\Discovery.exe
    FirewallRules: [{6F93FDE5-3743-4573-B475-E04BDC4F943F}] => (Allow) C:\Program Files (x86)\ASUS\RT-N10E Wireless Router Utilities\Discovery.exe
    FirewallRules: [{69E23BCE-99E6-497B-895D-E667CEF0FA56}] => (Allow) C:\Program Files (x86)\ASUS\RT-N10E Wireless Router Utilities\Rescue.exe
    FirewallRules: [{1CD8D523-5CBA-4CCC-89ED-DF67CEA40F68}] => (Allow) C:\Program Files (x86)\ASUS\RT-N10E Wireless Router Utilities\Rescue.exe
    FirewallRules: [{D9680AB5-3A33-4A70-AB8B-7511FA78E2BA}] => (Allow) C:\Program Files (x86)\ASUS\RT-N10E Wireless Router Utilities\LiveUpdate.exe
    FirewallRules: [{B4F64B14-2865-4B19-B530-C659B0DC45EE}] => (Allow) C:\Program Files (x86)\ASUS\RT-N10E Wireless Router Utilities\LiveUpdate.exe
    FirewallRules: [{6194F14A-92F7-49A1-96E2-0BB8DD892A03}] => (Allow) C:\Program Files (x86)\ASUS\RT-N10E Wireless Router Utilities\QISWizard.exe
    FirewallRules: [{F4D8E856-F4CE-4B01-85A6-DD5073444A87}] => (Allow) C:\Program Files (x86)\ASUS\RT-N10E Wireless Router Utilities\QISWizard.exe
    FirewallRules: [{49AA5B7D-0D53-4526-9C8D-18E2BB99165D}] => (Allow) LPort=8743
    FirewallRules: [{3119989A-D186-4A7F-A7F3-2EB1E5AE7850}] => (Allow) LPort=8643
    FirewallRules: [{B03AF8C7-19C0-4298-A6C3-C78F99E28A5D}] => (Allow) LPort=7676
    FirewallRules: [{F90CA059-7DCF-4FD5-9FD7-5781D18450DD}] => (Allow) LPort=7679
    FirewallRules: [{BBB88789-823C-48A0-B704-7E1A0D17FBB3}] => (Allow) LPort=24234
    FirewallRules: [{2388E8F0-DDBE-4863-A231-10B1FE833A21}] => (Allow) LPort=7900
    FirewallRules: [{EE282F1F-97A8-4306-AA60-F37C113A4080}] => (Allow) LPort=1900
    FirewallRules: [{D3AA6A16-BE95-44F6-9EA0-DEB504500FCA}] => (Allow) C:\Program Files (x86)\DVBViewer\dvbviewer.exe
    FirewallRules: [{9F7B07E5-1156-4ABC-9A5B-4F1575D29A59}] => (Allow) C:\Program Files (x86)\DVBViewer\dvbviewer.exe
    FirewallRules: [{AF3A353A-71B3-44F6-9B57-26A96538B59D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{F2A16BE9-D7AD-43D1-9407-4123D25AC555}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{660C8DA8-E592-492E-A3FB-2FF843A1EDD2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    FirewallRules: [{80D71E04-3F27-441C-B0A2-B53837868670}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdTray.exe
    FirewallRules: [{115A5209-1D1B-49BF-97A7-B0E9B6F8FA15}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdTray.exe
    FirewallRules: [{EE94DDF4-0B16-4E8D-8EFB-6957AE8BD3D2}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdTray.exe
    FirewallRules: [{32756EA8-AE4E-4F3A-95B8-DF543F1F6FAB}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdTray.exe
    FirewallRules: [{21CD26B2-52B0-4E63-972E-B414DAE86C80}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdSvc.exe
    FirewallRules: [{BAE60FE3-B599-43A1-97A9-D57D9C40A101}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdSvc.exe
    FirewallRules: [{7199E027-F761-4203-8A6E-7A79DB0BE7EB}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdSvc.exe
    FirewallRules: [{E86A4F47-CB98-484E-98DD-7D3C0772F730}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdSvc.exe
    FirewallRules: [{7D7D6ED8-18C5-48D2-BAAC-C2B7D91FFD25}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdUpdate.exe
    FirewallRules: [{98F5F786-38DC-4AF8-8814-9BC4E10E9635}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdUpdate.exe
    FirewallRules: [{BA9042FD-2644-4B3E-9DB1-D0EBD49FDEA5}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdUpdate.exe
    FirewallRules: [{228D584C-1831-4BA4-A426-6115B88BD5D0}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdUpdate.exe
    FirewallRules: [{127EB36C-6390-4F25-B27F-5B05E713619C}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdBugRpt.exe
    FirewallRules: [{2C2F264D-C271-451F-B3E1-96E106A9F719}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdBugRpt.exe
    FirewallRules: [{8AC0B284-DBBF-43FB-9C1D-0F9524F382C1}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdBugRpt.exe
    FirewallRules: [{7CFFE76F-42B9-4F4F-87DC-A7F1B0537C00}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdBugRpt.exe
    FirewallRules: [{3FC0D2E0-4A5A-4066-B15C-4A25E2B7DFA6}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdUProxy64.exe
    FirewallRules: [{56EC007E-22F6-40DF-BA17-43B3FBF13A3D}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdUProxy64.exe
    FirewallRules: [{F07004E1-045F-4CC5-81E9-4AEFED9067D9}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdUProxy64.exe
    FirewallRules: [{DD186DED-BF3E-40EF-89CD-13BB6A5CFC2D}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdUProxy64.exe
    FirewallRules: [{8CF5C823-276B-4528-BD6C-58E7D3D8515E}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BdBro.exe
    FirewallRules: [{A3474619-A4BE-46FC-A94D-11E2AFAD25F7}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BdBro.exe
    FirewallRules: [{BFF77186-7CD9-474E-ABAB-F9DD4E37EA2F}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BdBro.exe
    FirewallRules: [{AE923EF1-6299-4866-8D2B-DEE5059CF8CE}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BdBro.exe
    FirewallRules: [{360A737F-77A9-4F38-9FA1-BD0FC891D733}] => (Allow) C:\Program Files (x86)\Common Files\Baidu\BDDownload\108\bddownloader.exe
    FirewallRules: [{EB2F709D-1332-4250-9EAA-6CBF84558B94}] => (Allow) C:\Program Files (x86)\Common Files\Baidu\BDDownload\108\bddownloader.exe
    FirewallRules: [{382A18B9-7808-4F9B-BC23-D852B01518BC}] => (Allow) C:\Program Files (x86)\Common Files\Baidu\BDDownload\108\bddownloader.exe
    FirewallRules: [{5469FDB0-1320-4BEC-9A57-EB274B9ABA7C}] => (Allow) C:\Program Files (x86)\Common Files\Baidu\BDDownload\108\bddownloader.exe
    FirewallRules: [{530762C8-17B6-43C7-AA08-141CD462FB9C}] => (Allow) C:\Program Files (x86)\Common Files\Baidu\BDDownload\108\bddownloader.exe
    FirewallRules: [{B50B1C42-E301-469D-9D0C-DABC51D73E98}] => (Allow) C:\Users\Jarppa\AppData\Local\Temp\fbivn_71280.exe
    FirewallRules: [{66A4C166-CBAE-444B-9178-805C44A92C26}] => (Allow) C:\Users\Jarppa\AppData\Local\Temp\fbivn_71280.exe
    FirewallRules: [{810B44AC-AC93-41CB-B5C7-7C9935F03F1B}] => (Allow) C:\Users\Jarppa\AppData\Local\Temp\fbivn_71280.exe
    FirewallRules: [{D7BC2522-C772-4DDD-890F-FA0632C6D3CA}] => (Allow) C:\Users\Jarppa\AppData\Local\Temp\fbivn_71280.exe
    FirewallRules: [{3BDD233C-B9AD-4C84-99DD-245E60F61CE8}] => (Allow) C:\Users\Jarppa\AppData\Local\Temp\nsf7699.tmp\shzlf.dll
    FirewallRules: [{656E7852-3A93-4615-AEF4-C56B9BCEAAA2}] => (Allow) C:\Users\Jarppa\AppData\Local\Temp\nsf7699.tmp\shzlf.dll
    FirewallRules: [{845E5F11-4BB9-4F3A-82E1-AB696A8C572A}] => (Allow) C:\Users\Jarppa\AppData\Local\Temp\nsf7699.tmp\shzlf.dll
    FirewallRules: [{81214A4B-DC6C-4152-9E34-9D5FF7ADBEF2}] => (Allow) C:\Users\Jarppa\AppData\Local\Temp\nsf7699.tmp\shzlf.dll

    ==================== Faulty Device Manager Devices =============

    Name: Microsoft PS/2-hiiri
    Description: Microsoft PS/2-hiiri
    Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: i8042prt
    Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
    Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
    Devices stay in this state if they have been prepared for removal.
    After you remove the device, this error disappears.Remove the device, and this error should be resolved.

    Name: Microsoft 6to4 -sovitin
    Description: Microsoft 6to4 -sovitin
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: tunnel
    Problem: : This device cannot start. (Code10)
    Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
    On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

    Name: Microsoft ISATAP -sovitin
    Description: Microsoft ISATAP -sovitin
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: tunnel
    Problem: : This device cannot start. (Code10)
    Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
    On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

    Name: Teredo Tunneling Pseudo-Interface
    Description: Microsoft Teredo -tunnelointisovitin
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: tunnel
    Problem: : This device cannot start. (Code10)
    Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
    On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

    Name: PS/2-vakionäppäimistö
    Description: PS/2-vakionäppäimistö
    Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Vakionäppäimistöt)
    Service: i8042prt
    Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
    Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
    Devices stay in this state if they have been prepared for removal.
    After you remove the device, this error disappears.Remove the device, and this error should be resolved.


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (06/04/2015 00:34:40 PM) (Source: SideBySide) (EventID: 80) (User: )
    Description: Aktivointikontekstin luonti kohteelle C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest1 epäonnistui. Virhe luettelo- tai käytäntötiedoston C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest2 rivillä C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest3.
    Sovelluksen edellyttämä osaversio on ristiriidassa jo aktiivisena olevan osaversion kanssa.
    Ristiriitaiset osat:
    Osa 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest.
    Osa 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest.

    Error: (06/04/2015 00:34:36 PM) (Source: SideBySide) (EventID: 80) (User: )
    Description: Aktivointikontekstin luonti kohteelle C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest1 epäonnistui. Virhe luettelo- tai käytäntötiedoston C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest2 rivillä C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest3.
    Sovelluksen edellyttämä osaversio on ristiriidassa jo aktiivisena olevan osaversion kanssa.
    Ristiriitaiset osat:
    Osa 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest.
    Osa 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest.

    Error: (06/04/2015 00:34:35 PM) (Source: SideBySide) (EventID: 80) (User: )
    Description: Aktivointikontekstin luonti kohteelle C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest1 epäonnistui. Virhe luettelo- tai käytäntötiedoston C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest2 rivillä C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest3.
    Sovelluksen edellyttämä osaversio on ristiriidassa jo aktiivisena olevan osaversion kanssa.
    Ristiriitaiset osat:
    Osa 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest.
    Osa 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest.

    Error: (06/04/2015 01:25:28 AM) (Source: SideBySide) (EventID: 80) (User: )
    Description: Aktivointikontekstin luonti kohteelle C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest1 epäonnistui. Virhe luettelo- tai käytäntötiedoston C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest2 rivillä C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest3.
    Sovelluksen edellyttämä osaversio on ristiriidassa jo aktiivisena olevan osaversion kanssa.
    Ristiriitaiset osat:
    Osa 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest.
    Osa 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest.

    Error: (06/03/2015 11:40:12 PM) (Source: SideBySide) (EventID: 80) (User: )
    Description: Aktivointikontekstin luonti kohteelle C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest1 epäonnistui. Virhe luettelo- tai käytäntötiedoston C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest2 rivillä C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest3.
    Sovelluksen edellyttämä osaversio on ristiriidassa jo aktiivisena olevan osaversion kanssa.
    Ristiriitaiset osat:
    Osa 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest.
    Osa 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest.

    Error: (06/03/2015 11:08:26 PM) (Source: SideBySide) (EventID: 80) (User: )
    Description: Aktivointikontekstin luonti kohteelle C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest1 epäonnistui. Virhe luettelo- tai käytäntötiedoston C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest2 rivillä C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest3.
    Sovelluksen edellyttämä osaversio on ristiriidassa jo aktiivisena olevan osaversion kanssa.
    Ristiriitaiset osat:
    Osa 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest.
    Osa 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest.

    Error: (06/03/2015 11:08:22 PM) (Source: SideBySide) (EventID: 80) (User: )
    Description: Aktivointikontekstin luonti kohteelle C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest1 epäonnistui. Virhe luettelo- tai käytäntötiedoston C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest2 rivillä C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest3.
    Sovelluksen edellyttämä osaversio on ristiriidassa jo aktiivisena olevan osaversion kanssa.
    Ristiriitaiset osat:
    Osa 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest.
    Osa 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest.

    Error: (06/03/2015 11:08:21 PM) (Source: SideBySide) (EventID: 80) (User: )
    Description: Aktivointikontekstin luonti kohteelle C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest1 epäonnistui. Virhe luettelo- tai käytäntötiedoston C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest2 rivillä C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest3.
    Sovelluksen edellyttämä osaversio on ristiriidassa jo aktiivisena olevan osaversion kanssa.
    Ristiriitaiset osat:
    Osa 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest.
    Osa 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest.

    Error: (06/03/2015 11:07:58 PM) (Source: SideBySide) (EventID: 80) (User: )
    Description: Aktivointikontekstin luonti kohteelle C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest1 epäonnistui. Virhe luettelo- tai käytäntötiedoston C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest2 rivillä C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest3.
    Sovelluksen edellyttämä osaversio on ristiriidassa jo aktiivisena olevan osaversion kanssa.
    Ristiriitaiset osat:
    Osa 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest.
    Osa 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest.

    Error: (06/03/2015 09:29:45 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Viallisen sovelluksen nimi: plugin-container.exe, versio: 39.0.0.5621, aikaleima: 0x5561325d
    Viallisen moduulin nimi: mozglue.dll, versio: 39.0.0.5621, aikaleima: 0x556121d2
    Poikkeuskoodi: 0x80000003
    Virhepoikkeama: 0x0000f10d
    Viallisen prosessin tunnus: 0x19ec
    Viallisen sovelluksen käynnistysaika: 0xplugin-container.exe0
    Viallisen sovelluksen polku: plugin-container.exe1
    Viallisen moduulin polku: plugin-container.exe2
    Raportin tunnus: plugin-container.exe3


    System errors:
    =============
    Error: (06/04/2015 00:40:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: Palvelua eapihdrv ei voi käynnistää. Virhekoodi on
    %%1275

    Error: (06/04/2015 00:40:15 PM) (Source: Application Popup) (EventID: 1060) (User: )
    Description: \??\C:\Users\Jarppa\AppData\Local\Temp\ehdrv.sys ei voi latautua, koska se ei ole yhteensopiva tämän järjestelmän kanssa. Pyydä yhteensopiva ohjainversio ohjelmistotoimittajalta.

    Error: (06/04/2015 00:40:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: Palvelua eapihdrv ei voi käynnistää. Virhekoodi on
    %%1275

    Error: (06/04/2015 00:40:14 PM) (Source: Application Popup) (EventID: 1060) (User: )
    Description: \??\C:\Users\Jarppa\AppData\Local\Temp\ehdrv.sys ei voi latautua, koska se ei ole yhteensopiva tämän järjestelmän kanssa. Pyydä yhteensopiva ohjainversio ohjelmistotoimittajalta.

    Error: (06/04/2015 00:40:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: Palvelua eapihdrv ei voi käynnistää. Virhekoodi on
    %%1275

    Error: (06/04/2015 00:40:13 PM) (Source: Application Popup) (EventID: 1060) (User: )
    Description: \??\C:\Users\Jarppa\AppData\Local\Temp\ehdrv.sys ei voi latautua, koska se ei ole yhteensopiva tämän järjestelmän kanssa. Pyydä yhteensopiva ohjainversio ohjelmistotoimittajalta.

    Error: (06/04/2015 00:39:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: Palvelua eapihdrv ei voi käynnistää. Virhekoodi on
    %%1275

    Error: (06/04/2015 00:39:57 PM) (Source: Application Popup) (EventID: 1060) (User: )
    Description: \??\C:\Users\Jarppa\AppData\Local\Temp\ehdrv.sys ei voi latautua, koska se ei ole yhteensopiva tämän järjestelmän kanssa. Pyydä yhteensopiva ohjainversio ohjelmistotoimittajalta.

    Error: (06/04/2015 00:39:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: Palvelua eapihdrv ei voi käynnistää. Virhekoodi on
    %%1275

    Error: (06/04/2015 00:39:56 PM) (Source: Application Popup) (EventID: 1060) (User: )
    Description: \??\C:\Users\Jarppa\AppData\Local\Temp\ehdrv.sys ei voi latautua, koska se ei ole yhteensopiva tämän järjestelmän kanssa. Pyydä yhteensopiva ohjainversio ohjelmistotoimittajalta.


    Microsoft Office:
    =========================

    CodeIntegrity Errors:
    ===================================
    Date: 2015-02-19 22:00:39.076
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\RltkAPO64.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-02-19 22:00:38.935
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\RltkAPO64.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-02-19 22:00:33.885
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\RltkAPO64.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-02-19 22:00:33.760
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\RltkAPO64.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-02-19 21:59:44.040
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\RltkAPO64.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-02-19 21:59:43.916
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\RltkAPO64.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-02-19 21:58:23.379
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\RltkAPO64.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-02-19 21:58:23.254
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\RltkAPO64.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-02-19 21:58:07.022
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\RltkAPO64.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-02-19 21:58:06.887
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\RltkAPO64.dll because the set of per-page image hashes could not be found on the system.


    ==================== Memory info ===========================

    Processor: AMD Athlon(tm) II X2 240 Processor
    Percentage of memory in use: 54%
    Total physical RAM: 4079.88 MB
    Available physical RAM: 1848.73 MB
    Total Pagefile: 8457.96 MB
    Available Pagefile: 5264.52 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.8 MB

    ==================== Drives ================================

    Drive c: (Acer) (Fixed) (Total:458.95 GB) (Free:278.72 GB) NTFS
    Drive d: (Asema) (Fixed) (Total:459.27 GB) (Free:340.51 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (Size: 931.3 GB) (Disk ID: 92775668)
    Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
    Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=459 GB) - (Type=07 NTFS)
    Partition 4: (Not Active) - (Size=459.3 GB) - (Type=OF Extended)

    ==================== End of log ============================
     
  2. *Trinity*

    *Trinity* Senior member

    Joined:
    Dec 15, 2014
    Messages:
    6,934
    Likes Received:
    1,258
    Trophy Points:
    243
    Ei kun sun piti tehdä seuraavasti.

    Sulla on FRST työoöydällä
    Nyt luo työpöydälle tekstitiedosto ja kopioi siihen alla olevassa laatikossa olevat tiedot.
    Kun olet kopioinut tiedot tekstitiedostoon
    Tallenna tiekstitiedosto nimellä fixlist työpöydälle
    Aukaise FRST ja klikkaa Fix
    Kun poisto on valmis niin työpöydäle tallentuu Fixlog niminen tekstitiedosto liitä se tänne

    Code:
    AV: 百度杀毒 (Enabled - Up to date) {FDA918B3-27C7-3B2B-33D0-343EAE5EB318}
    AS: 百度杀毒 (Enabled - Up to date) {46C8F957-01FD-34A5-0960-0F4CD5D9F9A5}
    AlternateDataStreams: C:\ProgramData\Temp:AB689DEA
    AlternateDataStreams: C:\ProgramData\Temp:E1F04E8D
    (百度在线网络技术(北京)有限公司) C:\Program Files (x86)\Common Files\Baidu\BaiduHips\1.2.0.751\BaiduHips.exe
    (百度在线网络技术(北京)有限公司) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdSvc.exe
    (百度在线网络技术(北京)有限公司) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdTray.exe
    (百度在线网络技术(北京)有限公司) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdTray.exe
    HKLM\...\Run: [baidusdTray] => C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\baidusdTray.exe [2474952 2015-06-01] (百度在线网络技术(北京)有限公司)
    HKLM-x32\...\Run: [baidusdTray] => C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdTray.exe [2474952 2015-06-01] (百度在线网络技术(北京)有限公司)
    HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\Run: [apphide] => C:\Program Files (x86)\baidu\baidu.exe
    FF Plugin-x32: @baidu.com/BaidusdDetectNPPlugin -> C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\explugin\npBaiduSDDetectPlug.dll [2015-06-01] ()
    R2 BaiduHips; C:\Program Files (x86)\Common Files\Baidu\BaiduHips\1.2.0.751\BaiduHips.exe [64008 2015-06-01] (百度在线网络技术(北京)有限公司)
    R2 BDKVRTP; C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdSvc.exe [793096 2015-06-01] (百度在线网络技术(北京)有限公司)
    R1 bd0001; C:\Windows\System32\DRIVERS\bd0001.sys [202576 2015-06-01] (Baidu)
    R1 bd0002; C:\Windows\System32\DRIVERS\bd0002.sys [196936 2015-06-01] (Baidu)
    R1 bd0003; C:\Windows\System32\DRIVERS\bd0003.sys [67400 2015-06-01] (Baidu)
    R2 BDArKit; C:\Windows\System32\DRIVERS\BDArKit.sys [152392 2015-06-01] (Baidu Technology)
    R2 BDDefense; C:\Windows\system32\drivers\BDDefense.sys [103752 2015-06-01] (Baidu)
    R1 BDMWrench_x64; C:\Windows\System32\DRIVERS\BDMWrench_x64.sys [56136 2015-06-01] (Baidu)
    2015-06-01 11:59 - 2015-06-01 13:35 - 00000000 ____D () C:\Users\Jarppa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
    2015-06-01 11:47 - 2015-06-01 11:46 - 00056136 _____ (Baidu) C:\Windows\system32\Drivers\BDMWrench_x64.sys
    2015-06-01 11:46 - 2015-06-01 15:59 - 00103752 _____ (Baidu) C:\Windows\system32\Drivers\BDDefense.sys
    2015-06-01 11:46 - 2015-06-01 11:46 - 00202576 _____ (Baidu) C:\Windows\system32\Drivers\bd0001.sys
    2015-06-01 11:46 - 2015-06-01 11:46 - 00196936 _____ (Baidu) C:\Windows\system32\Drivers\bd0002.sys
    2015-06-01 11:46 - 2015-06-01 11:46 - 00152392 _____ (Baidu Technology) C:\Windows\system32\Drivers\BDArKit.SYS
    2015-06-01 11:46 - 2015-06-01 11:46 - 00067400 _____ (Baidu) C:\Windows\system32\Drivers\bd0003.sys
    2015-06-01 11:45 - 2015-06-02 02:33 - 00000000 ____D () C:\Users\Jarppa\AppData\Roaming\4BA6FB90-1433148335-1020-0308-142347000000
    2015-06-01 11:45 - 2015-06-01 11:45 - 00000000 ____D () C:\ProgramData\BDSReport
    2015-06-01 11:45 - 2015-06-01 11:45 - 00000000 ____D () C:\Program Files (x86)\BaiduSd3.0
    2015-06-01 11:44 - 2015-06-03 00:46 - 00000000 ____D () C:\ProgramData\Baidu
    2015-06-01 11:44 - 2015-06-02 02:33 - 00000000 ____D () C:\Users\Jarppa\AppData\Roaming\4BA6FB90-1433148298-1020-0308-142347000000
    127.0.0.1 www.iobit.com
    127.0.0.1 www.asc55.iobit.com
     
    djjari likes this.
  3. djjari

    djjari Active member

    Joined:
    Dec 17, 2010
    Messages:
    1,142
    Likes Received:
    6
    Trophy Points:
    68
    Fix result of Farbar Recovery Scan Tool (x64) Version: 29-05-2015
    Ran by Jarppa at 2015-06-04 15:28:29 Run:3
    Running from C:\Users\Jarppa\Desktop
    Loaded Profiles: Jarppa (Available Profiles: Jarppa)
    Boot Mode: Normal
    ==============================================

    fixlist content:
    *****************
    AV: ???? (Enabled - Up to date) {FDA918B3-27C7-3B2B-33D0-343EAE5EB318}
    AS: ???? (Enabled - Up to date) {46C8F957-01FD-34A5-0960-0F4CD5D9F9A5}
    AlternateDataStreams: C:\ProgramData\Temp:AB689DEA
    AlternateDataStreams: C:\ProgramData\Temp:E1F04E8D
    (????????(??)????) C:\Program Files (x86)\Common Files\Baidu\BaiduHips\1.2.0.751\BaiduHips.exe
    (????????(??)????) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdSvc.exe
    (????????(??)????) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdTray.exe
    (????????(??)????) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdTray.exe
    HKLM\...\Run: [baidusdTray] => C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\baidusdTray.exe [2474952 2015-06-01] (????????(??)????)
    HKLM-x32\...\Run: [baidusdTray] => C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdTray.exe [2474952 2015-06-01] (????????(??)????)
    HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\Run: [apphide] => C:\Program Files (x86)\baidu\baidu.exe
    FF Plugin-x32: @baidu.com/BaidusdDetectNPPlugin -> C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\explugin\npBaiduSDDetectPlug.dll [2015-06-01] ()
    R2 BaiduHips; C:\Program Files (x86)\Common Files\Baidu\BaiduHips\1.2.0.751\BaiduHips.exe [64008 2015-06-01] (????????(??)????)
    R2 BDKVRTP; C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdSvc.exe [793096 2015-06-01] (????????(??)????)
    R1 bd0001; C:\Windows\System32\DRIVERS\bd0001.sys [202576 2015-06-01] (Baidu)
    R1 bd0002; C:\Windows\System32\DRIVERS\bd0002.sys [196936 2015-06-01] (Baidu)
    R1 bd0003; C:\Windows\System32\DRIVERS\bd0003.sys [67400 2015-06-01] (Baidu)
    R2 BDArKit; C:\Windows\System32\DRIVERS\BDArKit.sys [152392 2015-06-01] (Baidu Technology)
    R2 BDDefense; C:\Windows\system32\drivers\BDDefense.sys [103752 2015-06-01] (Baidu)
    R1 BDMWrench_x64; C:\Windows\System32\DRIVERS\BDMWrench_x64.sys [56136 2015-06-01] (Baidu)
    2015-06-01 11:59 - 2015-06-01 13:35 - 00000000 ____D () C:\Users\Jarppa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\????
    2015-06-01 11:47 - 2015-06-01 11:46 - 00056136 _____ (Baidu) C:\Windows\system32\Drivers\BDMWrench_x64.sys
    2015-06-01 11:46 - 2015-06-01 15:59 - 00103752 _____ (Baidu) C:\Windows\system32\Drivers\BDDefense.sys
    2015-06-01 11:46 - 2015-06-01 11:46 - 00202576 _____ (Baidu) C:\Windows\system32\Drivers\bd0001.sys
    2015-06-01 11:46 - 2015-06-01 11:46 - 00196936 _____ (Baidu) C:\Windows\system32\Drivers\bd0002.sys
    2015-06-01 11:46 - 2015-06-01 11:46 - 00152392 _____ (Baidu Technology) C:\Windows\system32\Drivers\BDArKit.SYS
    2015-06-01 11:46 - 2015-06-01 11:46 - 00067400 _____ (Baidu) C:\Windows\system32\Drivers\bd0003.sys
    2015-06-01 11:45 - 2015-06-02 02:33 - 00000000 ____D () C:\Users\Jarppa\AppData\Roaming\4BA6FB90-1433148335-1020-0308-142347000000
    2015-06-01 11:45 - 2015-06-01 11:45 - 00000000 ____D () C:\ProgramData\BDSReport
    2015-06-01 11:45 - 2015-06-01 11:45 - 00000000 ____D () C:\Program Files (x86)\BaiduSd3.0
    2015-06-01 11:44 - 2015-06-03 00:46 - 00000000 ____D () C:\ProgramData\Baidu
    2015-06-01 11:44 - 2015-06-02 02:33 - 00000000 ____D () C:\Users\Jarppa\AppData\Roaming\4BA6FB90-1433148298-1020-0308-142347000000
    127.0.0.1 www.iobit.com
    127.0.0.1 www.asc55.iobit.com



    *Trinity*, 4 minuuttia sitten
    Raportoi
    #22
    Kiitä viestistä
    + Lainaa
    Vastaa

    *****************

    AV: ???? (Enabled - Up to date) {FDA918B3-27C7-3B2B-33D0-343EAE5EB318} => The item is protected. Make sure the software is uninstalled and its services is removed.
    AS: ???? (Enabled - Up to date) {46C8F957-01FD-34A5-0960-0F4CD5D9F9A5} => The item is protected. Make sure the software is uninstalled and its services is removed.
    "C:\ProgramData\Temp" => ":AB689DEA" ADS not found.
    "C:\ProgramData\Temp" => ":E1F04E8D" ADS not found.
    (????????(??)????) C:\Program Files (x86)\Common Files\Baidu\BaiduHips\1.2.0.751\BaiduHips.exe => Error: No automatic fix found for this entry.
    (????????(??)????) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdSvc.exe => Error: No automatic fix found for this entry.
    (????????(??)????) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdTray.exe => Error: No automatic fix found for this entry.
    (????????(??)????) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdTray.exe => Error: No automatic fix found for this entry.
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\baidusdTray => value Removed successfully
    HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\baidusdTray => value could not remove.
    HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\Software\Microsoft\Windows\CurrentVersion\Run\\apphide => value not found.
    HKLM\Software\Wow6432Node\MozillaPlugins\@baidu.com/BaidusdDetectNPPlugin => key not found.
    C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\explugin\npBaiduSDDetectPlug.dll not found.
    BaiduHips => Unable to stop service.
    BaiduHips => Service could not remove
    BDKVRTP => Unable to stop service.
    BDKVRTP => Service could not remove
    bd0001 => Unable to stop service.
    bd0001 => Service could not remove
    bd0002 => Unable to stop service.
    bd0002 => Service could not remove
    bd0003 => Unable to stop service.
    bd0003 => Service could not remove
    BDArKit => Unable to stop service.
    BDArKit => Service could not remove
    BDDefense => Unable to stop service.
    BDDefense => Service could not remove
    BDMWrench_x64 => Unable to stop service.
    BDMWrench_x64 => Service could not remove

    "C:\Users\Jarppa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\????" folder move:

    Could not move "C:\Users\Jarppa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\????" folder => Scheduled to move on reboot.

    Could not move "C:\Windows\system32\Drivers\BDMWrench_x64.sys" => Scheduled to move on reboot.
    Could not move "C:\Windows\system32\Drivers\BDDefense.sys" => Scheduled to move on reboot.
    Could not move "C:\Windows\system32\Drivers\bd0001.sys" => Scheduled to move on reboot.
    Could not move "C:\Windows\system32\Drivers\bd0002.sys" => Scheduled to move on reboot.
    Could not move "C:\Windows\system32\Drivers\BDArKit.SYS" => Scheduled to move on reboot.
    Could not move "C:\Windows\system32\Drivers\bd0003.sys" => Scheduled to move on reboot.
    "C:\Users\Jarppa\AppData\Roaming\4BA6FB90-1433148335-1020-0308-142347000000" => File/Folder not found.
    "C:\ProgramData\BDSReport" => File/Folder not found.

    "C:\Program Files (x86)\BaiduSd3.0" folder move:

    Could not move "C:\Program Files (x86)\BaiduSd3.0" folder => Scheduled to move on reboot.


    "C:\ProgramData\Baidu" folder move:

    Could not move "C:\ProgramData\Baidu" folder => Scheduled to move on reboot.

    "C:\Users\Jarppa\AppData\Roaming\4BA6FB90-1433148298-1020-0308-142347000000" => File/Folder not found.
    127.0.0.1 www.iobit.com => Error: No automatic fix found for this entry.
    127.0.0.1 www.asc55.iobit.com => Error: No automatic fix found for this entry.
    *Trinity*, 4 minuuttia sitten => Error: No automatic fix found for this entry.
    Raportoi => Error: No automatic fix found for this entry.
    #22 => Error: No automatic fix found for this entry.
    Kiitä viestistä => Error: No automatic fix found for this entry.
    + Lainaa => Error: No automatic fix found for this entry.
    Vastaa => Error: No automatic fix found for this entry.



    sori tämä mun sählääminen näiden kans
     
  4. *Trinity*

    *Trinity* Senior member

    Joined:
    Dec 15, 2014
    Messages:
    6,934
    Likes Received:
    1,258
    Trophy Points:
    243
    Käynnistä kone uudelleen
    Kerro miten se vaikutti
    FRST ei pystynyt näköjään poistamaan kaikkea koska se virustorjunta on käytössä.

    Aja vielä kertaalleen JRT ja adwcleaner
     
    Last edited: Jun 4, 2015
    djjari likes this.
  5. djjari

    djjari Active member

    Joined:
    Dec 17, 2010
    Messages:
    1,142
    Likes Received:
    6
    Trophy Points:
    68


    Fix result of Farbar Recovery Scan Tool (x64) Version: 29-05-2015
    Ran by Jarppa at 2015-06-04 15:28:29 Run:3
    Running from C:\Users\Jarppa\Desktop
    Loaded Profiles: Jarppa (Available Profiles: Jarppa)
    Boot Mode: Normal
    ==============================================

    fixlist content:
    *****************
    AV: ???? (Enabled - Up to date) {FDA918B3-27C7-3B2B-33D0-343EAE5EB318}
    AS: ???? (Enabled - Up to date) {46C8F957-01FD-34A5-0960-0F4CD5D9F9A5}
    AlternateDataStreams: C:\ProgramData\Temp:AB689DEA
    AlternateDataStreams: C:\ProgramData\Temp:E1F04E8D
    (????????(??)????) C:\Program Files (x86)\Common Files\Baidu\BaiduHips\1.2.0.751\BaiduHips.exe
    (????????(??)????) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdSvc.exe
    (????????(??)????) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdTray.exe
    (????????(??)????) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdTray.exe
    HKLM\...\Run: [baidusdTray] => C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\baidusdTray.exe [2474952 2015-06-01] (????????(??)????)
    HKLM-x32\...\Run: [baidusdTray] => C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdTray.exe [2474952 2015-06-01] (????????(??)????)
    HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\Run: [apphide] => C:\Program Files (x86)\baidu\baidu.exe
    FF Plugin-x32: @baidu.com/BaidusdDetectNPPlugin -> C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\explugin\npBaiduSDDetectPlug.dll [2015-06-01] ()
    R2 BaiduHips; C:\Program Files (x86)\Common Files\Baidu\BaiduHips\1.2.0.751\BaiduHips.exe [64008 2015-06-01] (????????(??)????)
    R2 BDKVRTP; C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdSvc.exe [793096 2015-06-01] (????????(??)????)
    R1 bd0001; C:\Windows\System32\DRIVERS\bd0001.sys [202576 2015-06-01] (Baidu)
    R1 bd0002; C:\Windows\System32\DRIVERS\bd0002.sys [196936 2015-06-01] (Baidu)
    R1 bd0003; C:\Windows\System32\DRIVERS\bd0003.sys [67400 2015-06-01] (Baidu)
    R2 BDArKit; C:\Windows\System32\DRIVERS\BDArKit.sys [152392 2015-06-01] (Baidu Technology)
    R2 BDDefense; C:\Windows\system32\drivers\BDDefense.sys [103752 2015-06-01] (Baidu)
    R1 BDMWrench_x64; C:\Windows\System32\DRIVERS\BDMWrench_x64.sys [56136 2015-06-01] (Baidu)
    2015-06-01 11:59 - 2015-06-01 13:35 - 00000000 ____D () C:\Users\Jarppa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\????
    2015-06-01 11:47 - 2015-06-01 11:46 - 00056136 _____ (Baidu) C:\Windows\system32\Drivers\BDMWrench_x64.sys
    2015-06-01 11:46 - 2015-06-01 15:59 - 00103752 _____ (Baidu) C:\Windows\system32\Drivers\BDDefense.sys
    2015-06-01 11:46 - 2015-06-01 11:46 - 00202576 _____ (Baidu) C:\Windows\system32\Drivers\bd0001.sys
    2015-06-01 11:46 - 2015-06-01 11:46 - 00196936 _____ (Baidu) C:\Windows\system32\Drivers\bd0002.sys
    2015-06-01 11:46 - 2015-06-01 11:46 - 00152392 _____ (Baidu Technology) C:\Windows\system32\Drivers\BDArKit.SYS
    2015-06-01 11:46 - 2015-06-01 11:46 - 00067400 _____ (Baidu) C:\Windows\system32\Drivers\bd0003.sys
    2015-06-01 11:45 - 2015-06-02 02:33 - 00000000 ____D () C:\Users\Jarppa\AppData\Roaming\4BA6FB90-1433148335-1020-0308-142347000000
    2015-06-01 11:45 - 2015-06-01 11:45 - 00000000 ____D () C:\ProgramData\BDSReport
    2015-06-01 11:45 - 2015-06-01 11:45 - 00000000 ____D () C:\Program Files (x86)\BaiduSd3.0
    2015-06-01 11:44 - 2015-06-03 00:46 - 00000000 ____D () C:\ProgramData\Baidu
    2015-06-01 11:44 - 2015-06-02 02:33 - 00000000 ____D () C:\Users\Jarppa\AppData\Roaming\4BA6FB90-1433148298-1020-0308-142347000000
    127.0.0.1 www.iobit.com
    127.0.0.1 www.asc55.iobit.com



    *Trinity*, 4 minuuttia sitten
    Raportoi
    #22
    Kiitä viestistä
    + Lainaa
    Vastaa

    *****************

    AV: ???? (Enabled - Up to date) {FDA918B3-27C7-3B2B-33D0-343EAE5EB318} => The item is protected. Make sure the software is uninstalled and its services is removed.
    AS: ???? (Enabled - Up to date) {46C8F957-01FD-34A5-0960-0F4CD5D9F9A5} => The item is protected. Make sure the software is uninstalled and its services is removed.
    "C:\ProgramData\Temp" => ":AB689DEA" ADS not found.
    "C:\ProgramData\Temp" => ":E1F04E8D" ADS not found.
    (????????(??)????) C:\Program Files (x86)\Common Files\Baidu\BaiduHips\1.2.0.751\BaiduHips.exe => Error: No automatic fix found for this entry.
    (????????(??)????) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdSvc.exe => Error: No automatic fix found for this entry.
    (????????(??)????) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdTray.exe => Error: No automatic fix found for this entry.
    (????????(??)????) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdTray.exe => Error: No automatic fix found for this entry.
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\baidusdTray => value Removed successfully
    HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\baidusdTray => value could not remove.
    HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\Software\Microsoft\Windows\CurrentVersion\Run\\apphide => value not found.
    HKLM\Software\Wow6432Node\MozillaPlugins\@baidu.com/BaidusdDetectNPPlugin => key not found.
    C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\explugin\npBaiduSDDetectPlug.dll not found.
    BaiduHips => Unable to stop service.
    BaiduHips => Service could not remove
    BDKVRTP => Unable to stop service.
    BDKVRTP => Service could not remove
    bd0001 => Unable to stop service.
    bd0001 => Service could not remove
    bd0002 => Unable to stop service.
    bd0002 => Service could not remove
    bd0003 => Unable to stop service.
    bd0003 => Service could not remove
    BDArKit => Unable to stop service.
    BDArKit => Service could not remove
    BDDefense => Unable to stop service.
    BDDefense => Service could not remove
    BDMWrench_x64 => Unable to stop service.
    BDMWrench_x64 => Service could not remove

    "C:\Users\Jarppa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\????" folder move:

    Could not move "C:\Users\Jarppa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\????" folder => Scheduled to move on reboot.

    Could not move "C:\Windows\system32\Drivers\BDMWrench_x64.sys" => Scheduled to move on reboot.
    Could not move "C:\Windows\system32\Drivers\BDDefense.sys" => Scheduled to move on reboot.
    Could not move "C:\Windows\system32\Drivers\bd0001.sys" => Scheduled to move on reboot.
    Could not move "C:\Windows\system32\Drivers\bd0002.sys" => Scheduled to move on reboot.
    Could not move "C:\Windows\system32\Drivers\BDArKit.SYS" => Scheduled to move on reboot.
    Could not move "C:\Windows\system32\Drivers\bd0003.sys" => Scheduled to move on reboot.
    "C:\Users\Jarppa\AppData\Roaming\4BA6FB90-1433148335-1020-0308-142347000000" => File/Folder not found.
    "C:\ProgramData\BDSReport" => File/Folder not found.

    "C:\Program Files (x86)\BaiduSd3.0" folder move:

    Could not move "C:\Program Files (x86)\BaiduSd3.0" folder => Scheduled to move on reboot.


    "C:\ProgramData\Baidu" folder move:

    Could not move "C:\ProgramData\Baidu" folder => Scheduled to move on reboot.

    "C:\Users\Jarppa\AppData\Roaming\4BA6FB90-1433148298-1020-0308-142347000000" => File/Folder not found.
    127.0.0.1 www.iobit.com => Error: No automatic fix found for this entry.
    127.0.0.1 www.asc55.iobit.com => Error: No automatic fix found for this entry.
    *Trinity*, 4 minuuttia sitten => Error: No automatic fix found for this entry.
    Raportoi => Error: No automatic fix found for this entry.
    #22 => Error: No automatic fix found for this entry.
    Kiitä viestistä => Error: No automatic fix found for this entry.
    + Lainaa => Error: No automatic fix found for this entry.
    Vastaa => Error: No automatic fix found for this entry.


    Junkware Removal Tool (JRT) by Thisisu
    Version: 6.8.8 (06.03.2015:1)
    OS: Windows 7 Home Premium x64
    Ran by Jarppa on to 04.06.2015 at 19:07:09,74
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    ~~~ Services

    Failed to stop: [Service] baiduhips
    Failed to stop: [Service] bd0001
    Failed to stop: [Service] bd0002
    Failed to stop: [Service] bd0003
    Failed to stop: [Service] bdarkit
    Failed to stop: [Service] bdkvrtp
    Failed to stop: [Service] bdmwrench_x64



    ~~~ Tasks



    ~~~ Registry Values



    ~~~ Registry Keys

    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1B2639A9-EE25-4AE7-A2E3-B308F08125C4}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1B2639A9-EE25-4AE7-A2E3-B308F08125C4}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{1B2639A9-EE25-4AE7-A2E3-B308F08125C4}



    ~~~ Files

    Successfully deleted: [File] C:\Windows\prefetch\BAIDUHIPSBUGRPT.EXE-7ACFF3B7.pf
    Successfully deleted: [File] C:\Windows\prefetch\BAIDUHIPSUPDATE.EXE-9B1FE042.pf
    Successfully deleted: [File] C:\Windows\prefetch\BAIDUSD.EXE-7DD3944B.pf
    Successfully deleted: [File] C:\Windows\prefetch\BAIDUSDTRAY.EXE-63F54563.pf
    Successfully deleted: [File] C:\Windows\prefetch\BAIDUSDUPDATE.EXE-BC5CBC32.pf
    Successfully deleted: [File] C:\Windows\prefetch\BAIDUSDUPROXY64.EXE-FA566AE8.pf



    ~~~ Folders

    Failed to delete: [Folder] C:\ProgramData\baidu
    Successfully deleted: [Folder] C:\Users\Jarppa\AppData\Roaming\baidu



    ~~~ FireFox

    Successfully deleted the following from C:\Users\Jarppa\AppData\Roaming\mozilla\firefox\profiles\sadgjijk.default\prefs.js

    user_pref(plugin.state.npbaidusddetectplug, 0);



    ~~~ Chrome


    [C:\Users\Jarppa\appdata\local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

    [C:\Users\Jarppa\appdata\local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

    [C:\Users\Jarppa\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

    [C:\Users\Jarppa\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
    []





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on to 04.06.2015 at 19:11:17,13
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    tässä vielä nämä lokit,ei vaikuttanut mitään,se on edelleen koneellani riesana
     
  6. verovanki

    verovanki Regular member

    Joined:
    Aug 15, 2007
    Messages:
    594
    Likes Received:
    86
    Trophy Points:
    38
    Sun pitäisi varmaan sulkea toi baidun prosessi.. Sillä näyttäisi olevan root oikeudet eli et voi pysäyttää sitä normaaleilla konsteilla.
    Tossa on malliksi yhden prosessin sulkeminen, eli komentokehoite cmd.exe suorita järjestelmänvalvojana:
    Kopsaa noi rivit yksi kerrallaan komentokehoitteeseen ja paina enteriä

    sc stop "BHipsSvc"

    sc config "BHipsSvc" start= disabled

    sc delete "BHipsSvc"
     
    *Trinity* likes this.
  7. *Trinity*

    *Trinity* Senior member

    Joined:
    Dec 15, 2014
    Messages:
    6,934
    Likes Received:
    1,258
    Trophy Points:
    243
    Tosiaan enpäs ajatellut järkevästi
    dijari sen jälkeen kun olet pysäyttänyt noi prosessit aja FRST fix uudelleen
    Ja sen jälkeen vielä varmuudeksi JRT ja Adwcleaner
     
    djjari likes this.
  8. verovanki

    verovanki Regular member

    Joined:
    Aug 15, 2007
    Messages:
    594
    Likes Received:
    86
    Trophy Points:
    38
    Win nappi hakukenttään msconfig
    Käynnistä se
    palvelut kohdasta piilota kaikki microsotin palvelut. etsi baidua ensin sieltä, mikäli löytyy pysäytä palvelu.

    sitten msconfigin ohjelmat kohdasta täppä pois jos on joku baiduun viittaava siellä.


    sitten lataa MBAM https://www.malwarebytes.org/mwb-download
    aja se
     
    Last edited: Jun 5, 2015
  9. djjari

    djjari Active member

    Joined:
    Dec 17, 2010
    Messages:
    1,142
    Likes Received:
    6
    Trophy Points:
    68
    tuo Malwarebytes löysi 2uhkaa,mutta sain poistettua nyt sen baidun

    kiitos vielä paljon hyvistä neuvoista

    <record severity="debug" LoggingEventType="2" datetime="2015-06-05T11:13:29.288555+03:00" source="Protection" type="Protection" username="SYSTEM" systemname="JARPPA-PC" last_modified_tag="e3236677-9775-4ba1-89e3-c9d3be1f9019" result="Stopping" subtype="Malware Protection"></record>
    <record severity="debug" LoggingEventType="2" datetime="2015-06-05T11:13:29.298555+03:00" source="Protection" type="Protection" username="SYSTEM" systemname="JARPPA-PC" last_modified_tag="3281871a-013d-4bcb-9dca-1430906dc3b4" result="Stopped" subtype="Malware Protection"></record>
    <record severity="debug" LoggingEventType="4" datetime="2015-06-05T15:40:07.391351+03:00" source="Protection" type="Error" username="SYSTEM" systemname="JARPPA-PC" code="13" last_modified_tag="231571ea-726e-4dc0-9e37-5e4f7b31ea41" message="IsLicensed"></record>
    <record severity="debug" LoggingEventType="2" datetime="2015-06-05T15:40:07.438151+03:00" source="Protection" type="Protection" username="SYSTEM" systemname="JARPPA-PC" last_modified_tag="eacf649e-bd5e-4fb9-9577-54c2280d2039" result="Stopping" subtype="Malware Protection"></record>
    <record severity="debug" LoggingEventType="2" datetime="2015-06-05T15:40:07.438151+03:00" source="Protection" type="Protection" username="SYSTEM" systemname="JARPPA-PC" last_modified_tag="4c65bc8f-3236-4c51-b81d-b0562750bc83" result="Stopped" subtype="Malware Protection"></record>
    <record severity="debug" LoggingEventType="4" datetime="2015-06-05T16:16:06.777763+03:00" source="Protection" type="Error" username="SYSTEM" systemname="JARPPA-PC" code="13" last_modified_tag="c31f045e-000c-40b5-bf15-ad49aaddcb5a" message="IsLicensed"></record>
    <record severity="debug" LoggingEventType="2" datetime="2015-06-05T16:16:06.840163+03:00" source="Protection" type="Protection" username="SYSTEM" systemname="JARPPA-PC" last_modified_tag="bc2c9c87-4a0b-40e8-b54d-6abbabc2c897" result="Stopping" subtype="Malware Protection"></record>
    <record severity="debug" LoggingEventType="2" datetime="2015-06-05T16:16:06.840163+03:00" source="Protection" type="Protection" username="SYSTEM" systemname="JARPPA-PC" last_modified_tag="3ec51f93-dee4-4ee3-809e-2ab6b8e81ff5" result="Stopped" subtype="Malware Protection"></record>
    <record severity="debug" LoggingEventType="2" datetime="2015-06-05T20:14:00.689453+03:00" source="Protection" type="Protection" username="SYSTEM" systemname="JARPPA-PC" last_modified_tag="55b6d933-72cf-4e33-ad01-75dbac0dd22b" result="Starting" subtype="Malware Protection"></record>
    <record severity="debug" LoggingEventType="2" datetime="2015-06-05T20:14:00.732455+03:00" source="Protection" type="Protection" username="SYSTEM" systemname="JARPPA-PC" last_modified_tag="3dccf75a-0ef6-4693-8685-0446de00a93b" result="Started" subtype="Malware Protection"></record>
    <record severity="debug" LoggingEventType="2" datetime="2015-06-05T20:14:00.754457+03:00" source="Protection" type="Protection" username="SYSTEM" systemname="JARPPA-PC" last_modified_tag="0a66993c-2b70-47dc-8d74-7530801d0516" result="Starting" subtype="Malicious Website Protection"></record>
    <record severity="debug" LoggingEventType="2" datetime="2015-06-05T20:14:01.199482+03:00" source="Protection" type="Protection" username="SYSTEM" systemname="JARPPA-PC" last_modified_tag="70145971-82b9-4d7d-97ab-7b435bc17d27" result="Started" subtype="Malicious Website Protection"></record>
    <record severity="debug" LoggingEventType="1" datetime="2015-06-05T20:14:03.277601+03:00" source="Manual" type="Update" username="SYSTEM" systemname="JARPPA-PC" fromVersion="2015.3.9.1" last_modified_tag="5f96e8f2-fe7b-41a1-a9cf-940643b3cd2e" name="Remediation Database" toVersion="2015.5.13.1"></record>
    <record severity="debug" LoggingEventType="1" datetime="2015-06-05T20:14:03.681624+03:00" source="Manual" type="Update" username="SYSTEM" systemname="JARPPA-PC" fromVersion="2015.2.25.1" last_modified_tag="322ee4de-6cc5-472b-a378-e682c1dc38ca" name="Rootkit Database" toVersion="2015.6.2.1"></record>
    <record severity="debug" LoggingEventType="1" datetime="2015-06-05T20:14:07.943868+03:00" source="Manual" type="Update" username="SYSTEM" systemname="JARPPA-PC" fromVersion="2015.3.9.5" last_modified_tag="43c675e9-e0ba-4f2a-8aba-5f23e72c0dbd" name="Malware Database" toVersion="2015.6.5.4"></record>
    <record severity="debug" LoggingEventType="2" datetime="2015-06-05T20:14:08.596905+03:00" source="Protection" type="Protection" username="SYSTEM" systemname="JARPPA-PC" last_modified_tag="a328de42-6dec-45c5-9fae-665385efd104" result="Starting" subtype="Refresh"></record>
    <record severity="debug" LoggingEventType="2" datetime="2015-06-05T20:14:08.609906+03:00" source="Protection" type="Protection" username="SYSTEM" systemname="JARPPA-PC" last_modified_tag="4e7b842c-993d-49fd-ac94-5fca8cf3c374" result="Stopping" subtype="Malicious Website Protection"></record>
    <record severity="debug" LoggingEventType="2" datetime="2015-06-05T20:14:08.669909+03:00" source="Protection" type="Protection" username="SYSTEM" systemname="JARPPA-PC" last_modified_tag="9990feeb-0642-4fad-a228-331e65e67990" result="Stopped" subtype="Malicious Website Protection"></record>
    <record severity="debug" LoggingEventType="2" datetime="2015-06-05T20:14:20.455584+03:00" source="Protection" type="Protection" username="SYSTEM" systemname="JARPPA-PC" last_modified_tag="eb0cbf7a-6e45-4ad7-99f3-d282a5a0d5d5" result="Success" subtype="Refresh"></record>
    <record severity="debug" LoggingEventType="2" datetime="2015-06-05T20:14:20.493586+03:00" source="Protection" type="Protection" username="SYSTEM" systemname="JARPPA-PC" last_modified_tag="19688076-7427-40b1-9fed-ee1ab454ba5f" result="Starting" subtype="Malicious Website Protection"></record>
    <record severity="debug" LoggingEventType="2" datetime="2015-06-05T20:14:20.767601+03:00" source="Protection" type="Protection" username="SYSTEM" systemname="JARPPA-PC" last_modified_tag="e91eba23-3d1f-49d0-8afd-dff12a10d991" result="Started" subtype="Malicious Website Protection"></record>
    <record severity="debug" scantype="threat" LoggingEventType="6" starttime="2015-06-05T20:14:02+03:00" datetime="2015-06-05T20:29:10.006463+03:00" source="Context" type="Scan" username="SYSTEM" systemname="JARPPA-PC" last_modified_tag="e96d1725-0007-411d-9eea-053918ef7284" duration="896" malwaredetections="0" nonmalwaredetections="2" scanresult="completed"></record>
    </logs>

    <?xml version="1.0" encoding="UTF-16" ?>
    <mbam-log>
    <header>
    <date>2015/06/05 20:14:02 +0300</date>
    <logfile>mbam-log-2015-06-05 (20-14-01).xml</logfile>
    <isadmin>yes</isadmin>
    </header>
    <engine>
    <version>2.01.6.1022</version>
    <malware-database>v2015.06.05.04</malware-database>
    <rootkit-database>v2015.06.02.01</rootkit-database>
    <license>trial</license>
    <file-protection>enabled</file-protection>
    <web-protection>enabled</web-protection>
    <self-protection>disabled</self-protection>
    </engine>
    <system>
    <osversion>Windows 7 Service Pack 1</osversion>
    <arch>x64</arch>
    <username>Jarppa</username>
    <filesys>NTFS</filesys>
    </system>
    <summary>
    <type>threat</type>
    <result>completed</result>
    <objects>377625</objects>
    <time>896</time>
    <processes>0</processes>
    <modules>0</modules>
    <keys>2</keys>
    <values>0</values>
    <datas>0</datas>
    <folders>0</folders>
    <files>0</files>
    <sectors>0</sectors>
    </summary>
    <options>
    <memory>enabled</memory>
    <startup>enabled</startup>
    <filesystem>enabled</filesystem>
    <archives>enabled</archives>
    <rootkits>disabled</rootkits>
    <deeprootkit>disabled</deeprootkit>
    <heuristics>enabled</heuristics>
    <pup>enabled</pup>
    <pum>enabled</pum>
    </options>
    <items>
    <key><path>HKU\S-1-5-21-1612976865-2593797464-2764036050-1000_Classes\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040}</path><vendor>PUP.Optional.Multiplug</vendor><action>success</action><hash>de9b81c22367f64008c9d545f80b7d83</hash></key>
    <key><path>HKU\S-1-5-21-1612976865-2593797464-2764036050-1000_Classes\INTERFACE\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}</path><vendor>PUP.Optional.Multiplug</vendor><action>success</action><hash>de9b81c22367f64008c9d545f80b7d83</hash></key>
    </items>
    </mbam-log>
     

Share This Page