Kun yrittää avata koneella millä tahansa selaimella menee suoraan ihme sivulle apuvaaa jos sais... kiitokset Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:05:00, on 1.3.2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.17095) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Mobiililaajakaista\Mobiililaajakaista\BecHelperService.exe C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE C:\Program Files\F-Secure\Common\FSMA32.EXE C:\Program Files\F-Secure\Common\FSMB32.EXE C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\StkASv2K.exe C:\Program Files\F-Secure\Common\FCH32.EXE C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe C:\Program Files\F-Secure\Anti-Virus\fsqh.exe C:\Program Files\F-Secure\Common\FAMEH32.EXE C:\Program Files\F-Secure\Common\FNRB32.EXE C:\Program Files\F-Secure\FSAUA\program\fsaua.exe C:\Program Files\F-Secure\Anti-Virus\fssm32.exe C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe C:\Program Files\F-Secure\Common\FIH32.EXE C:\Program Files\F-Secure\Anti-Virus\fsav32.exe C:\WINDOWS\Explorer.EXE C:\Program Files\F-Secure\Common\FSM32.EXE C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe C:\Program Files\Analog Devices\SoundMAX\Smax4.exe C:\Program Files\F-Secure\FSGUI\fsguidll.exe C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe C:\Program Files\Logitech\SetPoint\KEM.exe C:\Program Files\ArcSoft\TotalMedia 3\TMMonitor.exe C:\Program Files\PC Connectivity Solution\ServiceLayer.exe C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe C:\Program Files\Mobiililaajakaista\Mobiililaajakaista\Wilog.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\WINDOWS\system32\msiexec.exe C:\Documents and Settings\Reijo\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Reijo\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Reijo\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit R3 - URLSearchHook: (no name) - {7c5c0f58-e061-457d-9033-77307f5ed00c} - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: (no name) - {7c5c0f58-e061-457d-9033-77307f5ed00c} - (no file) O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [AVFX Engine] C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe O4 - HKLM\..\Run: [EPSON Stylus DX4800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADE.EXE /P26 "EPSON Stylus DX4800 Series" /O6 "USB001" /M "Stylus DX4800" O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u O4 - HKCU\..\Run: [Creative Live! Cam Manager] "C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [EPSON Stylus DX4800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADE.EXE /P26 "EPSON Stylus DX4800 Series" /M "Stylus DX4800" /EF "HKCU" O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Reijo\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Paikallinen palve') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Verkkopalve') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe O4 - Global Startup: TMMonitor.lnk = C:\Program Files\ArcSoft\TotalMedia 3\TMMonitor.exe O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1226986142375 O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareupdate/su2/ocx/15106/CTPID.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{3DBF8F56-C2CB-4B89-90CE-D910DDF0289F}: NameServer = 195.197.54.100 195.74.0.47 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: BecHelperService - Unknown owner - C:\Program Files\Mobiililaajakaista\Mobiililaajakaista\BecHelperService.exe O23 - Service: Loogisen levyn hallinnan valvontapalvelu (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe O23 - Service: Tapahtumaloki (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\F-Secure\FSAUA\program\fsaua.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE O23 - Service: Google-päivityspalvelu (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: CD-levyjen kirjoittamisen IMAPI COM -palvelu (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NetMeeting etätyöpöydän jakaminen (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Plug and Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Etätyöpöydän ohjeen istunnonhallinta (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe O23 - Service: Älykortti (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: Syntek STK1160 Service (StkASSrv) - Syntek America Inc. - C:\WINDOWS\System32\StkASv2K.exe O23 - Service: Resurssilokit ja -hälytykset (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: Aseman tilannevedos (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe O23 - Service: WMI resurssisovitin (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe O23 - Service: Windows Media Playerin verkkojakamispalvelu (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe -- End of file - 11515 bytes
OTL logfile created on: 1.3.2011 13:48:53 - Run 1 OTL by OldTimer - Version 3.2.22.2 Folder = e:\Downloads Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 0000040B | Country: Suomi | Language: FIN | Date Format: d.M.yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 66,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 83,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 38,28 Gb Total Space | 22,46 Gb Free Space | 58,68% Space Free | Partition Type: NTFS Drive D: | 2,75 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Drive E: | 186,30 Gb Total Space | 38,42 Gb Free Space | 20,62% Space Free | Partition Type: NTFS Drive F: | 27,40 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: WINGS | User Name: Reijo | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011.03.01 13:48:35 | 000,581,120 | ---- | M] (OldTimer Tools) -- e:\Downloads\OTL.exe PRC - [2011.02.18 10:22:03 | 000,995,896 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Reijo\Local Settings\Application Data\Google\Chrome\Application\chrome.exe PRC - [2010.12.08 14:31:06 | 000,628,736 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe PRC - [2010.11.16 14:48:32 | 000,152,576 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe PRC - [2010.04.21 14:37:28 | 010,135,960 | ---- | M] (Elisa) -- C:\Program Files\Mobiililaajakaista\Mobiililaajakaista\Wilog.exe PRC - [2010.04.21 14:37:14 | 001,837,464 | ---- | M] () -- C:\Program Files\Mobiililaajakaista\Mobiililaajakaista\BecHelperService.exe PRC - [2009.10.27 09:15:02 | 000,120,832 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe PRC - [2008.04.14 18:12:11 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007.08.27 15:28:20 | 000,162,472 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\common\FNRB32.exe PRC - [2007.08.27 15:28:20 | 000,101,032 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\common\FIH32.exe PRC - [2007.08.27 15:28:00 | 000,391,792 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\common\FAMEH32.EXE PRC - [2007.08.27 15:28:00 | 000,232,104 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\common\FSMB32.EXE PRC - [2007.08.27 15:28:00 | 000,182,952 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\common\FSM32.EXE PRC - [2007.08.27 15:28:00 | 000,125,608 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\common\FCH32.EXE PRC - [2007.08.27 15:28:00 | 000,113,320 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\common\FSMA32.EXE PRC - [2007.08.27 15:27:48 | 000,473,712 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\FSGUI\fsguidll.exe PRC - [2007.08.27 15:27:34 | 000,461,424 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\FWES\program\fsdfwd.exe PRC - [2007.08.27 15:27:12 | 000,425,584 | ---- | M] (F-Secure Corp.) -- C:\Program Files\F-Secure\Anti-Virus\fssm32.exe PRC - [2007.08.27 15:27:12 | 000,047,816 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe PRC - [2007.08.27 15:27:12 | 000,043,696 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\Anti-Virus\fsqh.exe PRC - [2007.08.27 15:27:10 | 000,366,704 | ---- | M] (F-Secure Corp.) -- C:\Program Files\F-Secure\Anti-Virus\fsgk32.exe PRC - [2007.08.27 15:27:10 | 000,324,208 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\Anti-Virus\fsav32.exe PRC - [2007.08.27 15:26:56 | 000,461,424 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\FSAUA\program\fsaua.exe PRC - [2007.04.24 08:30:20 | 000,258,048 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files\ArcSoft\TotalMedia 3\TMMonitor.exe PRC - [2006.09.28 11:20:00 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe PRC - [2006.06.09 01:11:00 | 000,024,576 | ---- | M] (Creative Technology Ltd.) -- C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe PRC - [2006.05.23 23:49:14 | 000,024,576 | ---- | M] (Syntek America Inc.) -- C:\WINDOWS\system32\StkASv2K.exe PRC - [2004.07.27 13:48:04 | 001,388,544 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe PRC - [2004.05.14 09:42:32 | 000,573,440 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\SetPoint\KEM.exe PRC - [2002.09.20 15:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe ========== Modules (SafeList) ========== MOD - [2011.03.01 13:48:35 | 000,581,120 | ---- | M] (OldTimer Tools) -- e:\Downloads\OTL.exe MOD - [2010.08.23 18:12:31 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll MOD - [2004.05.14 09:39:36 | 000,086,016 | ---- | M] () -- C:\Program Files\Logitech\SetPoint\lgscroll.dll ========== Win32 Services (SafeList) ========== SRV - [2010.12.08 14:31:06 | 000,628,736 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2010.04.21 14:37:14 | 001,837,464 | ---- | M] () [Auto | Running] -- C:\Program Files\Mobiililaajakaista\Mobiililaajakaista\BecHelperService.exe -- (BecHelperService) SRV - [2007.08.27 15:28:20 | 000,162,472 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files\F-Secure\Common\FNRB32.EXE -- (F-Secure Network Request Broker) SRV - [2007.08.27 15:28:00 | 000,113,320 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files\F-Secure\Common\FSMA32.EXE -- (FSMA) SRV - [2007.08.27 15:27:34 | 000,461,424 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe -- (FSDFWD) SRV - [2007.08.27 15:27:12 | 000,047,816 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe -- (F-Secure Gatekeeper Handler Starter) SRV - [2007.08.27 15:26:56 | 000,461,424 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files\F-Secure\FSAUA\program\fsaua.exe -- (FSAUA) SRV - [2006.09.28 11:20:00 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper) SRV - [2006.05.23 23:49:14 | 000,024,576 | ---- | M] (Syntek America Inc.) [Auto | Running] -- C:\WINDOWS\system32\StkASv2K.exe -- (StkASSrv) SRV - [2002.09.20 15:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Running] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default)) ========== Driver Services (SafeList) ========== DRV - [2010.07.09 12:18:54 | 000,020,328 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\cpuz134_x32.sys -- (cpuz134) DRV - [2010.04.21 15:22:22 | 000,114,432 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ewusbnet.sys -- (ewusbnet) DRV - [2010.04.21 15:22:22 | 000,102,912 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2010.04.21 15:22:22 | 000,100,736 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbdev.sys -- (hwusbdev) DRV - [2010.04.21 14:23:20 | 000,010,240 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\mdvrmng.sys -- (mdvrmng) DRV - [2008.08.26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2008.04.13 20:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE) DRV - [2007.08.27 15:27:54 | 000,070,768 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Program Files\F-Secure\HIPS\fshs.sys -- (F-Secure HIPS) DRV - [2007.08.27 15:27:32 | 000,060,272 | ---- | M] (F-Secure Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\fsdfw.sys -- (FSFW) DRV - [2007.08.27 15:27:12 | 000,062,064 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\F-Secure\Anti-Virus\minifilter\fsgk.sys -- (F-Secure Gatekeeper) DRV - [2007.08.27 15:27:12 | 000,039,792 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Program Files\F-Secure\Anti-Virus\win2k\fsfilter.sys -- (F-Secure Filter) DRV - [2007.08.27 15:27:12 | 000,025,200 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Program Files\F-Secure\Anti-Virus\win2k\fsrec.sys -- (F-Secure Recognizer) DRV - [2007.07.11 15:51:48 | 000,019,840 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbdiag.sys -- (UsbDiag) DRV - [2007.07.11 10:45:00 | 000,021,632 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbmodem.sys -- (USBModem) DRV - [2007.07.11 10:40:18 | 000,012,416 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbbus.sys -- (usbbus) DRV - [2007.03.20 09:13:38 | 000,300,544 | R--- | M] (AfaTech ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AF15BDA.sys -- (AF15BDA) DRV - [2006.11.15 17:32:44 | 000,242,139 | ---- | M] (Syntek America Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\StkAMini.sys -- (StkAMini) DRV - [2006.11.10 15:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc) DRV - [2006.06.27 18:27:18 | 000,004,772 | ---- | M] (Syntek America Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\StkScan.sys -- (StkScan) DRV - [2006.05.24 10:55:30 | 000,145,472 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\V0220Dev.sys -- (V0220Dev) DRV - [2006.03.24 10:24:32 | 000,006,272 | R--- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\V0220Vfx.sys -- (V0220Vfx) DRV - [2005.08.02 12:16:32 | 000,019,200 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AnyDVD.sys -- (AnyDVD) DRV - [2005.05.03 17:34:02 | 000,027,392 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys -- (ElbyCDFL) DRV - [2005.04.12 10:41:20 | 000,004,608 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ElbyDelay.sys -- (ElbyDelay) DRV - [2004.08.28 13:54:38 | 000,033,995 | ---- | M] (Sonic Focus, Inc) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\sf.sys -- (sf) DRV - [2004.04.26 10:49:56 | 000,381,056 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt) DRV - [2004.04.26 07:10:00 | 000,038,081 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidUsbK.sys -- (LHidUsbK) DRV - [2004.04.26 07:09:42 | 000,071,405 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE) DRV - [2004.04.26 07:09:24 | 000,024,605 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidKE.Sys -- (LHidKe) DRV - [2002.09.20 11:53:34 | 000,235,100 | ---- | M] (Analog Devices Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MidiSyn.sys -- (MidiSyn) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/ IE - HKCU\..\URLSearchHook: {7c5c0f58-e061-457d-9033-77307f5ed00c} - Reg Error: Key error. File not found IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKLM\software\mozilla\Firefox\extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2011.02.24 07:58:49 | 000,000,000 | ---D | M] [2011.03.01 11:44:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions O1 HOSTS File: ([2010.03.02 11:29:21 | 000,348,850 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 www.123haustiereundmehr.com O1 - Hosts: 127.0.0.1 123haustiereundmehr.com O1 - Hosts: 11964 more lines... O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.) O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O3 - HKLM\..\Toolbar: (no name) - {7c5c0f58-e061-457d-9033-77307f5ed00c} - No CLSID value found. O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7C5C0F58-E061-457D-9033-77307F5ED00C} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [AVFX Engine] C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe (Creative Technology Ltd.) O4 - HKLM..\Run: [CloneCDTray] C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.) O4 - HKLM..\Run: [EPSON Stylus DX4800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADE.EXE (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [F-Secure Manager] C:\Program Files\F-Secure\Common\FSM32.EXE (F-Secure Corporation) O4 - HKLM..\Run: [F-Secure TNB] C:\Program Files\F-Secure\FSGUI\TNBUtil.exe (F-Secure Corporation) O4 - HKLM..\Run: [Logitech Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech Inc.) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.) O4 - HKLM..\Run: [UserFaultCheck] File not found O4 - HKCU..\Run: [Creative Live! Cam Manager] C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe (Creative Technology Ltd.) O4 - HKCU..\Run: [EPSON Stylus DX4800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADE.EXE (SEIKO EPSON CORPORATION) O4 - HKCU..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia) O4 - Startup: C:\Documents and Settings\All Users\Käynnistä-valikko\Ohjelmat\Käynnistys\InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe () O4 - Startup: C:\Documents and Settings\All Users\Käynnistä-valikko\Ohjelmat\Käynnistys\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe (Logitech Inc.) O4 - Startup: C:\Documents and Settings\All Users\Käynnistä-valikko\Ohjelmat\Käynnistys\TMMonitor.lnk = C:\Program Files\ArcSoft\TotalMedia 3\TMMonitor.exe (ArcSoft, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation) O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab (Office Genuine Advantage Validation Tool) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1226986142375 (WUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} http://office.microsoft.com/officeupdate/content/opuc4.cab (Office Update Installation Engine) O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://www.creative.com/softwareupdate/su2/ocx/15106/CTPID.cab (Creative Software AutoUpdate Support Package) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Nykyinen kotisivu) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Reijo\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Reijo\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008.11.17 19:17:05 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2007.09.10 18:03:04 | 000,000,000 | ---- | M] () - E:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2010.04.22 11:53:52 | 000,148,888 | R--- | M] (Huawei Technologies Co., Ltd.) - F:\AutoRun.exe -- [ CDFS ] O32 - AutoRun File - [2010.04.22 11:53:52 | 000,126,769 | R--- | M] () - F:\AutoRun.ico -- [ CDFS ] O32 - AutoRun File - [2010.04.22 11:53:52 | 000,000,047 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ] O33 - MountPoints2\{494d0149-cdf1-11df-ba47-000cf1b8549d}\Shell - "" = AutoRun O33 - MountPoints2\{494d0149-cdf1-11df-ba47-000cf1b8549d}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2010.04.22 11:53:52 | 000,148,888 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\{9e672fe4-0126-11e0-bab6-000cf1b8549d}\Shell - "" = AutoRun O33 - MountPoints2\{9e672fe4-0126-11e0-bab6-000cf1b8549d}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2010.04.22 11:53:52 | 000,148,888 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\{cad0cd46-c342-11df-ba37-000cf1b8549d}\Shell - "" = AutoRun O33 - MountPoints2\{cad0cd46-c342-11df-ba37-000cf1b8549d}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2010.04.22 11:53:52 | 000,148,888 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\{d362629e-3d04-11e0-bb32-000cf1b8549d}\Shell - "" = AutoRun O33 - MountPoints2\{d362629e-3d04-11e0-bb32-000cf1b8549d}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2010.04.22 11:53:52 | 000,148,888 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\F\Shell - "" = AutoRun O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2010.04.22 11:53:52 | 000,148,888 | R--- | M] (Huawei Technologies Co., Ltd.) O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.03.01 12:02:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Reijo\Käynnistä-valikko\Ohjelmat\HiJackThis [2011.03.01 12:02:27 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro [2011.03.01 12:01:46 | 000,000,000 | ---D | C] -- e:\Downloads [2011.03.01 11:52:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Reijo\Käynnistä-valikko\Ohjelmat\Google Chrome [2011.03.01 11:48:27 | 000,568,672 | ---- | C] (Google Inc.) -- e:\ChromeSetup.exe [2011.03.01 11:37:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss [2011.03.01 11:00:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Reijo\Application Data\Malwarebytes [2011.03.01 10:59:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Käynnistä-valikko\Ohjelmat\Malwarebytes' Anti-Malware [2011.03.01 10:59:57 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2011.03.01 10:59:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2011.03.01 10:59:40 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2011.03.01 10:59:36 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2011.03.01 10:58:33 | 007,734,208 | ---- | C] (Malwarebytes Corporation ) -- e:\mbam-setup.exe [2011.02.24 12:55:29 | 000,300,544 | R--- | C] (AfaTech ) -- C:\WINDOWS\System32\drivers\AF15BDA.sys [2011.02.24 12:43:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Käynnistä-valikko\Ohjelmat\ArcSoft TotalMedia 3 [2011.02.24 12:41:02 | 000,245,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\unicows.dll [2011.02.24 12:41:02 | 000,000,000 | ---D | C] -- C:\Program Files\ArcSoft [2011.02.24 12:19:12 | 000,000,000 | ---D | C] -- e:\ArcSoft ToGo [2011.02.24 08:47:04 | 000,000,000 | ---D | C] -- C:\Program Files\IEToolbar [2011.02.24 07:59:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Käynnistä-valikko\Ohjelmat\Nokia PC Suite [2011.02.24 07:59:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PCSuite [2011.02.24 07:55:34 | 000,018,816 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\pccsmcfd.sys [2011.02.24 07:54:42 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution [5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.03.01 13:54:02 | 000,000,996 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2011.03.01 13:54:01 | 000,000,992 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2011.03.01 13:53:01 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1214440339-515967899-682003330-1003UA.job [2011.03.01 13:41:43 | 000,088,566 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2011.03.01 13:40:47 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011.03.01 13:39:49 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011.03.01 13:39:46 | 2146,222,080 | -HS- | M] () -- C:\hiberfil.sys [2011.03.01 12:02:31 | 000,001,984 | ---- | M] () -- C:\Documents and Settings\Reijo\Työpöytä\HiJackThis.lnk [2011.03.01 11:53:07 | 000,001,036 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1214440339-515967899-682003330-1003Core.job [2011.03.01 11:52:33 | 000,002,284 | ---- | M] () -- C:\Documents and Settings\Reijo\Työpöytä\Google Chrome.lnk [2011.03.01 11:52:33 | 000,002,262 | ---- | M] () -- C:\Documents and Settings\Reijo\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2011.03.01 11:48:30 | 000,568,672 | ---- | M] (Google Inc.) -- e:\ChromeSetup.exe [2011.03.01 11:00:00 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Työpöytä\Malwarebytes' Anti-Malware.lnk [2011.03.01 10:58:47 | 007,734,208 | ---- | M] (Malwarebytes Corporation ) -- e:\mbam-setup.exe [2011.03.01 10:11:07 | 000,228,864 | ---- | M] () -- C:\Documents and Settings\Reijo\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.02.24 12:43:55 | 000,001,643 | ---- | M] () -- C:\Documents and Settings\All Users\Käynnistä-valikko\Ohjelmat\Käynnistys\TMMonitor.lnk [2011.02.12 09:16:54 | 000,142,032 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011.02.11 09:32:27 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2011.02.02 08:53:27 | 000,064,266 | ---- | M] () -- e:\296146.jpg [5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.03.01 12:02:30 | 000,001,984 | ---- | C] () -- C:\Documents and Settings\Reijo\Työpöytä\HiJackThis.lnk [2011.03.01 11:52:33 | 000,002,284 | ---- | C] () -- C:\Documents and Settings\Reijo\Työpöytä\Google Chrome.lnk [2011.03.01 11:52:33 | 000,002,262 | ---- | C] () -- C:\Documents and Settings\Reijo\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2011.03.01 11:48:42 | 000,001,088 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1214440339-515967899-682003330-1003UA.job [2011.03.01 11:48:40 | 000,001,036 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1214440339-515967899-682003330-1003Core.job [2011.03.01 11:00:00 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Työpöytä\Malwarebytes' Anti-Malware.lnk [2011.02.24 12:43:55 | 000,001,643 | ---- | C] () -- C:\Documents and Settings\All Users\Käynnistä-valikko\Ohjelmat\Käynnistys\TMMonitor.lnk [2011.02.02 08:53:26 | 000,064,266 | ---- | C] () -- e:\296146.jpg [2010.07.31 11:15:41 | 000,071,259 | ---- | C] () -- C:\WINDOWS\Huawei ModemsUninstall.exe [2010.07.31 11:15:33 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\drivers\mdvrmng.sys [2010.04.17 16:12:26 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat [2008.11.19 18:30:15 | 000,228,864 | ---- | C] () -- C:\Documents and Settings\Reijo\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008.11.19 14:29:23 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll [2008.11.19 14:27:29 | 000,000,126 | R--- | C] () -- C:\WINDOWS\System32\AF15IRTBL.bin [2008.11.19 14:02:48 | 000,000,099 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini [2008.11.19 14:02:47 | 000,089,430 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat [2008.11.19 14:02:47 | 000,001,120 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_IT.dat [2008.11.19 14:02:47 | 000,001,107 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_GE.dat [2008.11.19 14:02:46 | 000,026,154 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat [2008.11.19 14:02:46 | 000,024,903 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat [2008.11.19 14:02:46 | 000,021,390 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat [2008.11.19 14:02:46 | 000,020,148 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat [2008.11.19 14:02:46 | 000,011,811 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat [2008.11.19 14:02:46 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat [2008.11.19 14:02:46 | 000,001,146 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_DU.dat [2008.11.19 14:02:46 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat [2008.11.19 14:02:46 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat [2008.11.19 14:02:46 | 000,001,136 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat [2008.11.19 14:02:46 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat [2008.11.19 14:02:46 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat [2008.11.19 14:02:46 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat [2008.11.19 13:56:18 | 000,000,026 | ---- | C] () -- C:\WINDOWS\CDE DX4800CDEFGHNPST.ini [2008.11.18 19:08:32 | 000,037,888 | ---- | C] () -- C:\WINDOWS\System32\setupnt.dll [2008.11.17 22:56:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2008.11.17 22:50:40 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2008.11.17 22:35:45 | 000,000,413 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2008.11.17 21:00:57 | 000,004,381 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2008.11.17 20:59:27 | 000,142,032 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2008.11.17 19:19:25 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2008.11.17 19:13:32 | 000,021,672 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2008.02.04 18:23:10 | 000,693,792 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL [2006.10.22 12:22:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2006.10.22 12:22:00 | 001,622,016 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe [2006.10.22 12:22:00 | 001,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2006.10.22 12:22:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe [2006.10.22 12:22:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2006.10.22 12:22:00 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll [2006.10.22 12:22:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2006.10.22 12:22:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe [2006.10.22 12:22:00 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe [2006.10.22 12:22:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll [2006.10.22 12:22:00 | 000,212,992 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll [2004.09.15 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2004.09.15 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2004.09.15 14:00:00 | 000,318,294 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2004.09.15 14:00:00 | 000,289,714 | ---- | C] () -- C:\WINDOWS\System32\perfh00B.dat [2004.09.15 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2004.09.15 14:00:00 | 000,243,832 | ---- | C] () -- C:\WINDOWS\System32\perfi00B.dat [2004.09.15 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2004.09.15 14:00:00 | 000,051,432 | ---- | C] () -- C:\WINDOWS\System32\perfc00B.dat [2004.09.15 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2004.09.15 14:00:00 | 000,042,976 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2004.09.15 14:00:00 | 000,034,270 | ---- | C] () -- C:\WINDOWS\System32\perfd00B.dat [2004.09.15 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2004.09.15 14:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2004.09.15 14:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2004.09.15 14:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin [2004.09.15 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat < End of report >
OTL Extras logfile created on: 1.3.2011 13:48:53 - Run 1 OTL by OldTimer - Version 3.2.22.2 Folder = e:\Downloads Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 0000040B | Country: Suomi | Language: FIN | Date Format: d.M.yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 66,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 83,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 38,28 Gb Total Space | 22,46 Gb Free Space | 58,68% Space Free | Partition Type: NTFS Drive D: | 2,75 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Drive E: | 186,30 Gb Total Space | 38,42 Gb Free Space | 20,62% Space Free | Partition Type: NTFS Drive F: | 27,40 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: WINGS | User Name: Reijo | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l .js [@ = JSFile] -- C:\WINDOWS\System32\CScript.exe (Microsoft Corporation) .jse [@ = JSEFile] -- C:\WINDOWS\System32\CScript.exe (Microsoft Corporation) .vbe [@ = VBEFile] -- C:\WINDOWS\System32\CScript.exe (Microsoft Corporation) .vbs [@ = VBSFile] -- C:\WINDOWS\System32\CScript.exe (Microsoft Corporation) .wsf [@ = WSFFile] -- C:\WINDOWS\System32\CScript.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l jsfile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation) jsefile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. vbefile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation) vbsfile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation) wsffile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation) Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" () Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\RevConnect\DCPlusPlus.exe" = C:\Program Files\RevConnect\DCPlusPlus.exe:*isabledC++ -- () "C:\Program Files\BitLord\BitLord.exe" = C:\Program Files\BitLord\BitLord.exe:*isabled:BitLord -- (www.BitLord.com) "C:\Program Files\SightSpeed\SightSpeed.exe" = C:\Program Files\SightSpeed\SightSpeed.exe:*:Enabled:SightSpeed -- (SightSpeed Inc.) "C:\Program Files\ArcSoft\TotalMedia 3\TotalMedia.exe" = C:\Program Files\ArcSoft\TotalMedia 3\TotalMedia.exe:LocalSubNet:Enabled:ArcSoft TotalMedia 3 -- (ArcSoft, Inc.) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email "{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86 "{2222B364-0854-4265-B32E-A142DB9DC7BB}" = Intel(R) PRO Network Connections 11.2.0.69 "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java(TM) 6 Update 17 "{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant "{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}" = Logitech SetPoint "{314F6D08-A8B7-11D8-8446-0050BA1D384D}" = EPSON Image Clip Palette "{350C940b-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{4216D328-0FE8-48B8-85B8-BD300E6F080F}" = Nokia Connectivity Cable Driver "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis "{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}" = Nokia Software Updater "{5DA7BC15-18D3-41A0-9F59-838DA3EAEF17}" = EPSON Easy Photo Print "{67EDD823-135A-4D59-87BD-950616D6E857}" = EPSON Copy Utility 3 "{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2 "{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}" = EPSON Web-To-Page "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{8F8D9297-FDD2-405A-97E7-E52C7B2F97B3}" = Ulead VideoStudio SE DVD "{9028040B-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional ja FrontPage "{937EC39C-5583-4180-8077-5C4A795CF28F}" = ArcSoft TotalMedia 3 "{98E8A2EF-4EAE-43B8-A172-74842B764777}" = InterVideo WinDVD 4 "{993960EE-CA4D-443F-8F88-E24260DD5FD2}" = LG PC Suite "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{A899DA1F-D626-401C-8651-F2921E3B4CB3}" = Mobiililaajakaista "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1035-7B44-A94000000001}" = Adobe Reader 9.4.1 - Suomi "{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9 "{B90450DF-E781-46FD-B1F1-0C86DA40E443}" = PIF DESIGNER "{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver "{CD95F661-A5C4-44F5-A6AA-ECDD91C240C0}" = WinZip 15.0 "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2 "{D4AEC53C-1720-41D9-B6D7-6A60DE62D444}" = PC Connectivity Solution "{E337B156-DF81-48D8-8977-B1574EE87BCF}" = USB2.0 Capture Device "{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series "{E86BC406-944E-41F6-ADE6-2C136734C96B}" = EPSON File Manager "{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX "{F38FD0E4-B991-462B-873D-F2115EADD093}" = Nokia PC Suite "504244733D18C8F63FF584AEB290E3904E791693" = Windowsin ohjainpaketti - Nokia pccsmcfd (08/22/2008 7.0.0.0) "6DA48AFDE796708D5A4C9121A83E7617A63A9A15" = Windowsin ohjainpaketti - Nokia Modem (10/07/2010 4.6) "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Photoshop 7.0" = Adobe Photoshop 7.0 "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "Advanced Video FX Engine" = Advanced Video FX Engine "AnyDVD" = AnyDVD "BitLord" = BitLord 1.1 "CCleaner" = CCleaner "CloneCD" = CloneCD "CloneDVD2" = CloneDVD2 "CPUID CPU-Z_is1" = CPUID CPU-Z 1.55 "Creative Live! Cam Center" = Creative Live! Cam Center "Creative Live! Cam Manager" = Creative Live! Cam Manager "Creative Live! Cam Video IM User's Guide English" = Creative Live! Cam Video IM User's Guide (English) "Creative Photo Calendar" = Creative Photo Calendar "Creative Photo Manager" = Creative Photo Manager "Creative Software AutoUpdate" = Creative Software AutoUpdate "Creative VF0220" = Creative Live! Cam Video IM Driver (1.00.07.00) "Destinator Console" = Destinator Console "E5372C32E8562C76C24DBA6525002B1031495F34" = Windowsin ohjainpaketti - Nokia Modem (06/09/2010 7.01.0.8) "eMule" = eMule "EPSON Printer and Utilities" = EPSON-tulostinohjelma "EPSON Scanner" = EPSON Scan "ESDX4800_4200 Käyttöopas" = ESDX4800_4200 Käyttöopas "ffdshow_is1" = ffdshow [rev 2301] [2008-11-05] "F-Secure Anti-Virus" = F-Secure Client Security - Virus- ja vakoilusuojaus "F-Secure E-mail Scanning" = F-Secure Client Security - sähköpostin tarkistus "F-Secure HIPS" = F-Secure Client Security - Järjestelmänhallinta "F-Secure Internet Shield" = F-Secure Client Security - Internet-suojaus "F-Secure Protocol Scanner" = F-Secure Client Security - Web-liikenteen tarkistus "Get Yahoo! Messenger" = Get Yahoo! Messenger "Huawei Modems" = Huawei modem "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie7" = Windows Internet Explorer 7 "InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "Nokia PC Suite" = Nokia PC Suite "NVIDIA Drivers" = NVIDIA Drivers "ReverseConnect" = RevConnect "SightSpeed" = SightSpeed "SysInfo" = Creative System Information "Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 "Windows Media Encoder 9" = Windows Media Encoder 9 Series "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "Windows XP Service Pack" = Windows XP Service Pack 3 "WinRAR archiver" = WinRAR archiver "VLC media player" = VLC media player 0.9.6 "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01007" = Microsoft User-Mode Driver Framework Feature Pack 1.7 ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{373B1718-8CC5-4567-8EE2-9033AD08A680}" = Roblox for Reijo "Google Chrome" = Google Chrome ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 1.3.2011 5:19:46 | Computer Name = WINGS | Source = Application Error | ID = 1000 Description = Virhesovellus xlk.exe, versio 5.0.572.1152, moduuli unknown, versio 0.0.0.0, osoite 0x003cd046. Error - 1.3.2011 5:46:42 | Computer Name = WINGS | Source = Application Hang | ID = 1002 Description = Lukkiutunut sovellus iexplore.exe, versio 7.0.6000.17095, lukkiutumismoduuli hungapp, versio 0.0.0.0, lukkiutumisosoite 0x00000000. Error - 1.3.2011 6:30:36 | Computer Name = WINGS | Source = F-Secure Anti-Virus | ID = 103 Description = 1 2011-03-01 12:30:34+03:00 wings WINGS\Reijo F-Secure Anti-Virus Scanning of \DEVICE\HARDDISKVOLUME1\PROGRAM FILES\F-SECURE\FSAUA\SUBSCRIPTIONS\AVH_PEGDB was aborted due to exceeded scanning time limit. The file may be in use or reading it was too slow (e.g. network connection was under stress). Error - 1.3.2011 7:00:36 | Computer Name = WINGS | Source = F-Secure Anti-Virus | ID = 103 Description = 2 2011-03-01 13:00:36+03:00 wings WINGS\Reijo F-Secure Anti-Virus Malicious code found in file C:\System Volume Information\_restore{ECAB0E09-DEA0-48E9-ADB9-4E4D2B3A7951}\RP418\A0099093.dll. Infection: Trojan.Win32.FraudPack.cocd Error - 1.3.2011 7:00:41 | Computer Name = WINGS | Source = F-Secure Anti-Virus | ID = 103 Description = 3 2011-03-01 13:00:41+03:00 wings WINGS\Reijo F-Secure Anti-Virus Malicious code found in file C:\System Volume Information\_restore{ECAB0E09-DEA0-48E9-ADB9-4E4D2B3A7951}\RP418\A0099105.exe. Infection: Trojan.Win32.Jorik.Fraud.lq Error - 1.3.2011 7:00:48 | Computer Name = WINGS | Source = F-Secure Anti-Virus | ID = 103 Description = 4 2011-03-01 13:00:48+03:00 wings WINGS\Reijo F-Secure Anti-Virus Spyware detected: Type: adware Family: Name: AdWare.Win32.Mostofate Object: C:\System Volume Information\_restore{ECAB0E09-DEA0-48E9-ADB9-4E4D2B3A7951}\RP418\A0099121.dll Error - 1.3.2011 7:00:49 | Computer Name = WINGS | Source = F-Secure Anti-Virus | ID = 103 Description = 5 2011-03-01 13:00:49+03:00 wings WINGS\Reijo F-Secure Anti-Virus Spyware detected: Type: adware Family: Name: AdWare.Win32.Mostofate Object: C:\System Volume Information\_restore{ECAB0E09-DEA0-48E9-ADB9-4E4D2B3A7951}\RP418\A0099122.dll Error - 1.3.2011 7:01:13 | Computer Name = WINGS | Source = F-Secure Anti-Virus | ID = 103 Description = 6 2011-03-01 13:01:13+03:00 wings WINGS\Reijo F-Secure Anti-Virus Malicious code found in file C:\System Volume Information\_restore{ECAB0E09-DEA0-48E9-ADB9-4E4D2B3A7951}\RP418\A0099210.exe. Infection: Packed.Win32.Krap.hc Error - 1.3.2011 7:01:50 | Computer Name = WINGS | Source = F-Secure Anti-Virus | ID = 103 Description = 7 2011-03-01 13:01:50+03:00 wings WINGS\Reijo F-Secure Anti-Virus Crash detected. Error - 1.3.2011 7:01:54 | Computer Name = WINGS | Source = F-Secure Anti-Virus | ID = 103 Description = 8 2011-03-01 13:01:54+03:00 wings WINGS\Reijo F-Secure Anti-Virus No scanner engines loaded and enabled. Virus protection is disabled. [ System Events ] Error - 1.3.2011 7:07:01 | Computer Name = WINGS | Source = F-Secure Gatekeeper | ID = 327681 Description = Error - 1.3.2011 7:07:15 | Computer Name = WINGS | Source = F-Secure Gatekeeper | ID = 327681 Description = Error - 1.3.2011 7:07:38 | Computer Name = WINGS | Source = F-Secure Gatekeeper | ID = 327681 Description = Error - 1.3.2011 7:07:39 | Computer Name = WINGS | Source = F-Secure Gatekeeper | ID = 327681 Description = Error - 1.3.2011 7:09:22 | Computer Name = WINGS | Source = Ftdisk | ID = 262189 Description = Järjestelmä ei voi ladata onnistuneesti kaatumisvedosohjainta. Error - 1.3.2011 7:09:22 | Computer Name = WINGS | Source = Ftdisk | ID = 262193 Description = Sivutustiedoston määrittäminen kaatumisvedosta varten epäonnistui. Varmista, että käynnistysosiossa on sivutustiedosto ja että tiedoston koko riittää kaiken fyysisen muistin tallentamiseen. Error - 1.3.2011 7:39:52 | Computer Name = WINGS | Source = sr | ID = 1 Description = Järjestelmän palauttamisen suodatin havaitsi odottamattoman virheen "0xC0000001" käsiteltäessä tiedostoa "" asemassa "HarddiskVolume1". Aseman tarkkailu on lopetettu. Error - 1.3.2011 7:39:52 | Computer Name = WINGS | Source = Ftdisk | ID = 262189 Description = Järjestelmä ei voi ladata onnistuneesti kaatumisvedosohjainta. Error - 1.3.2011 7:39:52 | Computer Name = WINGS | Source = Ftdisk | ID = 262193 Description = Sivutustiedoston määrittäminen kaatumisvedosta varten epäonnistui. Varmista, että käynnistysosiossa on sivutustiedosto ja että tiedoston koko riittää kaiken fyysisen muistin tallentamiseen. Error - 1.3.2011 7:39:56 | Computer Name = WINGS | Source = Service Control Manager | ID = 7026 Description = Seuraava käynnistys- tai järjestelmäkäynnistysohjain ei latautunut: PCIIde < End of report >
Skannaa kone vaikkapa F-secure online scanner ohjelmalla... silloin näet onko viruksia vai ei.... Jos käytät IE selainta, päivitä se 8 versioon...