entinta
-
Posts
9 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by entinta
-
-
Heres the OTL.Txt:
OTL logfile created on: 29.12.2012 6:06:23 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Piia\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 0000040b | Country: Suomi | Language: FIN | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 2,27 Gb Available Physical Memory | 56,79% Memory free
8,00 Gb Paging File | 6,01 Gb Available in Paging File | 75,19% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 707,64 Gb Free Space | 75,97% Space Free | Partition Type: NTFS
Computer Name: PIIA-PC | User Name: Piia | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Piia\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
PRC - C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
PRC - C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Mobiililaajakaista\Mobiililaajakaista\BecHelperService.exe ()
PRC - C:\Program Files (x86)\Mobiililaajakaista\Mobiililaajakaista\LoggerServer.exe ()
PRC - C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe (Nero AG)
========== Modules (No Company Name) ==========
MOD - C:\Program Files (x86)\Steam\sdl.dll ()
MOD - C:\Program Files (x86)\Steam\bin\libcef.dll ()
MOD - C:\Program Files (x86)\Steam\bin\mssvoice.asi ()
MOD - C:\Program Files (x86)\Steam\bin\mssmp3.asi ()
MOD - C:\Program Files (x86)\Steam\bin\avcodec-53.dll ()
MOD - C:\Program Files (x86)\Steam\bin\chromehtml.dll ()
MOD - C:\Program Files (x86)\Steam\bin\avformat-53.dll ()
MOD - C:\Program Files (x86)\Steam\bin\avutil-51.dll ()
MOD - C:\Program Files (x86)\Steam\bin\audio.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (NisSrv) -- c:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (MsMpSvc) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
SRV:64bit: - (AMD Reservation Manager) -- C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe (Advanced Micro Devices)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (NAUpdate) -- C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (BecHelperService) -- C:\Program Files (x86)\Mobiililaajakaista\Mobiililaajakaista\BecHelperService.exe ()
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (NeroMediaHomeService.4) -- C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe (Nero AG)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (EPSON_EB_RPCV4_01) -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE (SEIKO EPSON CORPORATION)
SRV - (EPSON_PM_RPCV4_01) -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE (SEIKO EPSON CORPORATION)
========== Driver Services (SafeList) ==========
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)
DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (huawei_enumerator) -- C:\Windows\SysNative\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (ewusbnet) -- C:\Windows\SysNative\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (ew_hwusbdev) -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (VIAHdAudAddService) -- C:\Windows\SysNative\drivers\viahduaa.sys (VIA Technologies, Inc.)
DRV:64bit: - (NVNET) -- C:\Windows\SysNative\drivers\nvmf6264.sys (NVIDIA Corporation)
DRV:64bit: - (amdiox64) -- C:\Windows\SysNative\drivers\amdiox64.sys (Advanced Micro Devices)
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys ()
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (NVENETFD) -- C:\Windows\SysNative\drivers\nvm62x64.sys (NVIDIA Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2790392
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-107849261-2250990614-1379679070-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fi
IE - HKU\S-1-5-21-107849261-2250990614-1379679070-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 30 56 2F A7 0A 1B CC 01 [binary data]
IE - HKU\S-1-5-21-107849261-2250990614-1379679070-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-107849261-2250990614-1379679070-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-107849261-2250990614-1379679070-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2790392
IE - HKU\S-1-5-21-107849261-2250990614-1379679070-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-107849261-2250990614-1379679070-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\S-1-5-21-107849261-2250990614-1379679070-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "www.facebook.com"
FF - prefs.js..extensions.enabledAddons: %7B2458abc0-f443-11dd-87af-0800200c9a66%7D:16.0.26.10.12
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_135.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.12.12 05:11:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.12.12 05:11:37 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2011.03.30 15:12:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Piia\AppData\Roaming\mozilla\Extensions
[2012.12.02 17:44:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Piia\AppData\Roaming\mozilla\Firefox\Profiles\k1xcre4k.default\extensions
[2012.12.01 18:22:40 | 000,000,000 | ---D | M] (Bloody Red) -- C:\Users\Piia\AppData\Roaming\mozilla\Firefox\Profiles\k1xcre4k.default\extensions\{2458abc0-f443-11dd-87af-0800200c9a66}
[2012.12.02 17:44:33 | 000,000,000 | ---D | M] (BitTorrentBar Community Toolbar) -- C:\Users\Piia\AppData\Roaming\mozilla\Firefox\Profiles\k1xcre4k.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
[2012.12.01 17:49:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012.12.01 17:50:30 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.08.31 15:08:05 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.12.01 17:50:01 | 000,002,275 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bookplus-fi.xml
[2012.12.01 17:50:01 | 000,001,185 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-fi.xml
[2012.12.01 17:50:01 | 000,001,396 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-fi.xml
[2012.12.01 17:50:01 | 000,001,313 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-fi.xml
O1 HOSTS File: ([2012.12.27 22:27:44 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [Nero MediaHome 4] C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe (Nero AG)
O4 - HKLM..\Run: [startCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-107849261-2250990614-1379679070-1000..\Run: [Nero MediaHome 4] C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe (Nero AG)
O4 - HKU\S-1-5-21-107849261-2250990614-1379679070-1000..\Run: [steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-107849261-2250990614-1379679070-1007..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-107849261-2250990614-1379679070-1007..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-107849261-2250990614-1379679070-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-107849261-2250990614-1379679070-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-107849261-2250990614-1379679070-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-107849261-2250990614-1379679070-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-107849261-2250990614-1379679070-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O7 - HKU\S-1-5-21-107849261-2250990614-1379679070-1007\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A8809B2D-3988-416F-B189-6E0C6FBD6BA0}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012.12.29 06:03:40 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Piia\Desktop\OTL.exe
[2012.12.28 04:44:29 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012.12.27 22:48:06 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012.12.27 22:11:27 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012.12.27 22:11:27 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012.12.27 22:11:27 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012.12.27 22:11:19 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012.12.27 22:10:59 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012.12.27 16:02:04 | 000,000,000 | ---D | C] -- C:\Users\Piia\AppData\Roaming\Malwarebytes
[2012.12.27 16:01:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.12.12 05:21:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012.12.12 05:19:53 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012.12.12 05:19:53 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012.12.12 05:19:53 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2012.12.12 05:11:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012.12.12 05:11:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2012.12.12 05:08:40 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2012.12.05 11:56:09 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Core
[2012.12.01 17:49:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
========== Files - Modified Within 30 Days ==========
[2012.12.29 06:03:45 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Piia\Desktop\OTL.exe
[2012.12.29 05:51:01 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.12.28 17:01:01 | 000,000,250 | ---- | M] () -- C:\Windows\tasks\Epson Printer Software Downloader.job
[2012.12.28 04:54:01 | 000,015,344 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.12.28 04:54:01 | 000,015,344 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.12.28 04:44:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.12.28 04:43:42 | 3220,615,168 | -HS- | M] () -- C:\hiberfil.sys
[2012.12.27 22:27:44 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012.12.27 20:03:49 | 001,240,258 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.12.27 20:03:49 | 000,616,484 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.12.27 20:03:49 | 000,442,004 | ---- | M] () -- C:\Windows\SysNative\perfh00B.dat
[2012.12.27 20:03:49 | 000,106,606 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.12.27 20:03:49 | 000,082,516 | ---- | M] () -- C:\Windows\SysNative\perfc00B.dat
[2012.12.22 03:17:20 | 000,276,256 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.12.12 05:21:15 | 000,001,818 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.12.12 05:11:32 | 000,001,880 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
========== Files Created - No Company Name ==========
[2012.12.27 22:11:27 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012.12.27 22:11:27 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012.12.27 22:11:27 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012.12.27 22:11:27 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012.12.27 22:11:27 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012.12.12 05:21:15 | 000,001,818 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.12.12 05:11:32 | 000,001,880 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012.06.10 16:25:53 | 000,000,660 | RHS- | C] () -- C:\Users\Piia\ntuser.pol
[2012.05.02 17:50:11 | 000,262,865 | ---- | C] () -- C:\Windows\IPUI_DivXG400.exe
[2012.04.02 21:06:24 | 000,067,156 | ---- | C] () -- C:\Windows\Huawei ModemsUninstall.exe
[2011.12.30 16:57:34 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini
[2011.12.30 16:57:33 | 000,111,932 | ---- | C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat
[2011.12.30 16:57:33 | 000,031,053 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern131.dat
[2011.12.30 16:57:33 | 000,027,417 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern121.dat
[2011.12.30 16:57:33 | 000,026,154 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern1.dat
[2011.12.30 16:57:33 | 000,024,903 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern3.dat
[2011.12.30 16:57:33 | 000,021,390 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern5.dat
[2011.12.30 16:57:33 | 000,020,148 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern2.dat
[2011.12.30 16:57:33 | 000,011,811 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern4.dat
[2011.12.30 16:57:33 | 000,004,943 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern6.dat
[2011.12.30 16:57:33 | 000,001,146 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_DU.dat
[2011.12.30 16:57:33 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_PT.dat
[2011.12.30 16:57:33 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_BP.dat
[2011.12.30 16:57:33 | 000,001,136 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_ES.dat
[2011.12.30 16:57:33 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_FR.dat
[2011.12.30 16:57:33 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_CF.dat
[2011.12.30 16:57:33 | 000,001,120 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_IT.dat
[2011.12.30 16:57:33 | 000,001,107 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_GE.dat
[2011.12.30 16:57:33 | 000,001,104 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_EN.dat
[2011.03.25 14:01:00 | 001,266,034 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.03.25 13:49:18 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.03.25 13:19:26 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2011.03.25 13:19:21 | 000,023,381 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2012.07.28 15:05:16 | 000,000,000 | ---D | M] -- C:\Users\Piia\AppData\Roaming\.minecraft
[2012.04.02 21:07:40 | 000,000,000 | ---D | M] -- C:\Users\Piia\AppData\Roaming\Birdstep Technology
[2012.07.21 17:35:50 | 000,000,000 | ---D | M] -- C:\Users\Piia\AppData\Roaming\DAEMON Tools Lite
[2012.03.10 21:51:01 | 000,000,000 | ---D | M] -- C:\Users\Piia\AppData\Roaming\LolClient
[2012.07.21 17:54:52 | 000,000,000 | ---D | M] -- C:\Users\Piia\AppData\Roaming\Origin
[2011.11.05 14:51:11 | 000,000,000 | ---D | M] -- C:\Users\Piia\AppData\Roaming\PhotoFiltre
[2012.10.26 18:12:53 | 000,000,000 | ---D | M] -- C:\Users\Piia\AppData\Roaming\SoftGrid Client
[2012.01.09 14:22:59 | 000,000,000 | ---D | M] -- C:\Users\Piia\AppData\Roaming\TP
[2012.05.12 20:45:58 | 000,000,000 | ---D | M] -- C:\Users\Piia\AppData\Roaming\TS3Client
[2012.12.27 17:34:24 | 000,000,000 | ---D | M] -- C:\Users\Piia\AppData\Roaming\uTorrent
[2012.06.10 17:09:01 | 000,000,000 | ---D | M] -- C:\Users\Tissit\AppData\Roaming\PhotoFiltre
[2011.11.27 08:53:14 | 000,000,000 | ---D | M] -- C:\Users\Vieras\AppData\Roaming\.minecraft
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:63238B95
< End of report >
-
SystemLook 30.07.11 by jpshortstuff
Log created at 15:20 on 28/12/2012 by Piia
Administrator - Elevation successful
========== filefind ==========
Searching for "Drivers.exe"
No files found.
-= EOF =-
-
containerfile:C:\$Recycle.Bin\S-1-5-21-107849261-2250990614-1379679070-1000\$RE3R4F8.zip
file:C:\$Recycle.Bin\S-1-5-21-107849261-2250990614-1379679070-1000\$RE3R4F8.zip->Drivers/Drivers.exe
System is running pretty slow, but the mouse seems to be acting normal after the third time MSE deleted it. Sounds like it is actually sounding good, I hope?
-
Finished, and heres the report (altough it seems to be in finnish)_
ComboFix 12-12-27.03 - Piia 27.12.2012 22:14:00.1.3 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.358.1035.18.4095.2060 [GMT 2:00]
Sijainti: c:\users\Piia\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((( Muut poistot ))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Piia\Music\Music\Insomnium\Since The Day it all came down\Desktop_.ini
.
.
((((( Tiedostot, jotka on luotu seuraavalla aikavälillä: 2012-11-27 to 2012-12-27 )))))))))))))))))
.
.
2012-12-27 20:27 . 2012-12-27 20:30 -------- d-----w- c:\users\NeroMediaHomeUser.4\AppData\Local\temp
2012-12-27 20:27 . 2012-12-27 20:27 -------- d-----w- c:\users\Vieras\AppData\Local\temp
2012-12-27 20:27 . 2012-12-27 20:27 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-27 20:27 . 2012-12-27 20:27 -------- d-----w- c:\users\Tissit\AppData\Local\temp
2012-12-27 14:02 . 2012-12-27 14:02 -------- d-----w- c:\users\Piia\AppData\Roaming\Malwarebytes
2012-12-27 14:01 . 2012-12-27 14:01 -------- d-----w- c:\programdata\Malwarebytes
2012-12-27 14:01 . 2012-09-29 17:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-12-27 14:01 . 2012-12-27 14:01 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-12-27 02:32 . 2012-12-27 18:05 76232 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{CCF9A293-1ED6-4A6D-82F7-1D22D4FE846A}\offreg.dll
2012-12-27 01:27 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{CCF9A293-1ED6-4A6D-82F7-1D22D4FE846A}\mpengine.dll
2012-12-26 01:27 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-12-23 07:40 . 2012-12-23 07:41 -------- d-----w- c:\users\Piia\Mors Principium Est - ...And Death Said Live (2012)[320]
2012-12-22 01:00 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-22 01:00 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-22 01:00 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-22 01:00 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-12 07:40 . 2012-10-04 17:45 215040 ----a-w- c:\windows\system32\winsrv.dll
2012-12-12 03:19 . 2012-12-12 03:21 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2012-12-12 03:19 . 2012-12-12 03:21 -------- d-----w- c:\program files\iTunes
2012-12-12 03:19 . 2012-12-12 03:19 -------- d-----w- c:\program files\iPod
2012-12-12 03:11 . 2012-12-12 03:11 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
2012-12-12 03:11 . 2012-12-12 03:11 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
2012-12-12 03:11 . 2012-12-12 03:11 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2012-12-12 03:11 . 2012-12-12 03:11 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2012-12-12 03:11 . 2012-12-12 03:11 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2012-12-12 03:11 . 2012-12-12 03:11 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2012-12-12 03:11 . 2012-12-12 03:11 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2012-12-12 03:11 . 2012-12-12 03:11 -------- d-----w- c:\program files (x86)\QuickTime
2012-12-05 09:56 . 2012-12-05 09:56 -------- d-----w- c:\programdata\EA Core
2012-11-29 01:30 . 2012-11-29 01:30 972264 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F9BFFC77-BC81-4C48-93E8-8BC64D0522BA}\gapaengine.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-13 01:01 . 2011-03-25 12:58 67413224 ----a-w- c:\windows\system32\MRT.exe
2012-12-12 14:51 . 2012-05-02 15:16 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-12-12 14:51 . 2011-05-17 11:27 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-25 01:12 . 2012-10-25 01:12 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx
2012-10-25 01:12 . 2012-10-25 01:12 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts
2012-10-16 08:38 . 2012-11-27 21:57 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-11-27 21:57 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-11-27 21:57 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-09 18:17 . 2012-11-14 03:32 226816 ----a-w- c:\windows\system32\dhcpcore6.dll
2012-10-09 18:17 . 2012-11-14 03:32 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2012-10-09 17:40 . 2012-11-14 03:32 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll
2012-10-09 17:40 . 2012-11-14 03:32 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll
2012-10-04 16:40 . 2012-12-12 07:40 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-10-03 17:56 . 2012-11-14 03:32 1914248 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-10-03 17:44 . 2012-11-14 03:32 303104 ----a-w- c:\windows\system32\nlasvc.dll
2012-10-03 17:44 . 2012-11-14 03:32 70656 ----a-w- c:\windows\system32\nlaapi.dll
2012-10-03 17:44 . 2012-11-14 03:32 246272 ----a-w- c:\windows\system32\netcorehc.dll
2012-10-03 17:44 . 2012-11-14 03:32 18944 ----a-w- c:\windows\system32\netevent.dll
2012-10-03 17:44 . 2012-11-14 03:32 216576 ----a-w- c:\windows\system32\ncsi.dll
2012-10-03 17:42 . 2012-11-14 03:32 569344 ----a-w- c:\windows\system32\iphlpsvc.dll
2012-10-03 16:42 . 2012-11-14 03:32 175104 ----a-w- c:\windows\SysWow64\netcorehc.dll
2012-10-03 16:42 . 2012-11-14 03:32 18944 ----a-w- c:\windows\SysWow64\netevent.dll
2012-10-03 16:42 . 2012-11-14 03:32 156672 ----a-w- c:\windows\SysWow64\ncsi.dll
2012-10-03 16:07 . 2012-11-14 03:32 45568 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2012-10-02 00:19 . 2011-03-25 12:15 972192 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
.
.
(((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2012-12-11 1354736]
"Nero MediaHome 4"="c:\program files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe" [2009-06-23 4891944]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-04-17 3671872]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-01-26 336384]
"ATICustomerCare"="c:\program files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-05-04 311296]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2010-06-25 2441840]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-07-31 38872]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-11 919008]
"Nero MediaHome 4"="c:\program files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe" [2009-06-23 4891944]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-11-28 151952]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [2011-03-09 117248]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [2011-03-09 256000]
R3 hwdatacard;Huawei DataCard USB Modem and USB Serial;c:\windows\system32\DRIVERS\ewusbmdm.sys [2011-03-09 121600]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-30 128456]
R3 NisSrv;Microsoftin verkon tarkastus;c:\program files\Microsoft Security Client\NisSrv.exe [2012-09-12 368896]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-09-28 53760]
R3 WatAdminSvc;Windowsin aktivointitekniikoiden palvelu;c:\windows\system32\Wat\WatAdminSvc.exe [2011-03-25 1255736]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-07-21 283200]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-01-26 203776]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-01-26 354304]
S2 AMD Reservation Manager;AMD Reservation Manager;c:\program files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [2010-06-17 194496]
S2 BecHelperService;BecHelperService;c:\program files (x86)\Mobiililaajakaista\Mobiililaajakaista\BecHelperService.exe [2011-03-09 1958272]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-29 399432]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-29 676936]
S2 NAUpdate;Nero-päivitys;c:\program files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2010-11-17 115216]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [2011-03-09 86016]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-29 25928]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
.
.
--- Muut muistissa olevat ajurit/palvelut ---
.
*NewlyCreated* - ASWMBR
*Deregistered* - aswMBR
.
'Ajoitetut tehtävät'-kansion sisältö
.
2012-12-27 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-02 14:52]
.
2012-12-27 c:\windows\Tasks\Epson Printer Software Downloader.job
- c:\program files (x86)\EPSON\EPAPDL\E_SAPDL2.EXE [2009-01-23 13:03]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 1289704]
.
------- Täydentävä tarkistus -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Piia\AppData\Roaming\Mozilla\Firefox\Profiles\k1xcre4k.default\
FF - prefs.js: browser.startup.homepage - www.facebook.com
.
- - - - POISTETUT JÄMÄRIVIT - - - -
.
URLSearchHooks-{88c7f2aa-f93f-432c-8f0e-b7d85967a527} - (no file)
Wow6432Node-HKCU-Run-EA Core - c:\program files (x86)\Electronic Arts\EADM\Core.exe
WebBrowser-{88C7F2AA-F93F-432C-8F0E-B7D85967A527} - (no file)
.
.
.
--------------------- LUKITUT REKISTERIAVAIMET ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Valmistumisajankohta: 2012-12-27 22:47:42
ComboFix-quarantined-files.txt 2012-12-27 20:47
.
Ennen ajoa: 717 217 546 240 tavua vapaana
Ajon jälkeen: 718 130 937 856 tavua vapaana
.
- - End Of File - - D057D0FDE52E51AA4901950CE7055EA7
-
Scan finished succesfully:
aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-12-27 18:13:27
-----------------------------
18:13:27.537 OS Version: Windows x64 6.1.7601 Service Pack 1
18:13:27.537 Number of processors: 3 586 0x503
18:13:27.537 ComputerName: PIIA-PC UserName: Piia
18:13:35.550 Initialize success
18:14:14.970 AVAST engine defs: 12122701
18:14:20.417 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000005e
18:14:20.422 Disk 0 Vendor: SAMSUNG_ 1AJ1 Size: 953869MB BusType: 3
18:14:20.431 Disk 0 MBR read successfully
18:14:20.434 Disk 0 MBR scan
18:14:20.506 Disk 0 Windows 7 default MBR code
18:14:20.519 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
18:14:20.553 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 953767 MB offset 206848
18:14:20.702 Disk 0 scanning C:\Windows\system32\drivers
18:14:55.028 Service scanning
18:15:42.619 Modules scanning
18:15:42.645 Disk 0 trace - called modules:
18:15:42.662 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll nvstor64.sys
18:15:42.665 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004bfd060]
18:15:43.005 3 CLASSPNP.SYS[fffff8800180143f] -> nt!IofCallDriver -> [0xfffffa800475cd30]
18:15:43.017 5 ACPI.sys[fffff88000f817a1] -> nt!IofCallDriver -> \Device\0000005e[0xfffffa8004759060]
18:15:50.534 AVAST engine scan C:\Windows
18:16:11.264 AVAST engine scan C:\Windows\system32
18:23:44.635 AVAST engine scan C:\Windows\system32\drivers
18:26:04.459 AVAST engine scan C:\Users\Piia
19:05:35.197 AVAST engine scan C:\ProgramData
19:09:00.442 Scan finished successfully
19:12:02.836 Disk 0 MBR has been saved successfully to "C:\Users\Piia\Desktop\MBR.dat"
19:12:02.903 The log file has been saved successfully to "C:\Users\Piia\Desktop\aswMBR.txt"
-
So heres the dds
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_29
Run by Piia at 17:46:50 on 2012-12-27
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.358.1035.18.4095.2080 [GMT 2:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\spoolsv.exe
C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Mobiililaajakaista\Mobiililaajakaista\BecHelperService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Mobiililaajakaista\Mobiililaajakaista\LoggerServer.exe
C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\taskmgr.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Steam\Steam.exe
C:\Windows\System32\spool\drivers\x64\3\E_IATIFME.EXE
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe
C:\Windows\notepad.exe
C:\Users\Piia\AppData\Local\Temp\nsqC12E.tmp\PEV.DAT
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
C:\Windows\system32\NOTEPAD.EXE
.
============== Pseudo HJT Report ===============
.
uURLSearchHooks: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - <orphaned>
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Windows Live ID -kirjautumisapuohjelma: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
uRun: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
uRun: [EPSON PX650 Series] C:\Windows\System32\spool\DRIVERS\x64\3\E_IATIFME.EXE /FU "C:\Windows\TEMP\E_S57D0.tmp" /EF "HKCU"
uRun: [Nero MediaHome 4] "C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe" /AUTORUN
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
mRun: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Nero MediaHome 4] "C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe" /AUTORUN
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{A8809B2D-3988-416F-B189-6E0C6FBD6BA0} : DHCPNameServer = 192.168.1.1
SSODL: WebCheck - <orphaned>
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Piia\AppData\Roaming\Mozilla\Firefox\Profiles\k1xcre4k.default\
FF - prefs.js: browser.startup.homepage - www.facebook.com
FF - plugin: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\npBrowserPlugin.dll
FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Windows\System32\Wat\npWatWeb.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2012-8-30 228768]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-7-21 283200]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-1-27 203776]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-1-26 354304]
R2 AMD Reservation Manager;AMD Reservation Manager;C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [2010-6-17 194496]
R2 BecHelperService;BecHelperService;C:\Program Files (x86)\Mobiililaajakaista\Mobiililaajakaista\BecHelperService.exe [2012-4-2 1958272]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-27 399432]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-27 676936]
R2 NAUpdate;Nero-päivitys;C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2010-10-24 128456]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2011-3-25 46136]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2010-11-17 115216]
R3 huawei_enumerator;huawei_enumerator;C:\Windows\System32\drivers\ew_jubusenum.sys [2012-4-2 86016]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-12-27 25928]
R3 NisSrv;Microsoftin verkon tarkastus;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-9-12 368896]
R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]
R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]
R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]
R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\System32\drivers\viahduaa.sys [2011-3-25 1327520]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;C:\Windows\System32\drivers\ew_hwusbdev.sys [2012-4-2 117248]
S3 ewusbnet;HUAWEI USB-NDIS miniport;C:\Windows\System32\drivers\ewusbnet.sys [2012-4-2 256000]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial;C:\Windows\System32\drivers\ewusbmdm.sys [2012-4-2 121600]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-3-25 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-9-28 53760]
S3 WatAdminSvc;Windowsin aktivointitekniikoiden palvelu;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-3-25 1255736]
.
=============== Created Last 30 ================
.
2012-12-27 14:02:04 -------- d-----w- C:\Users\Piia\AppData\Roaming\Malwarebytes
2012-12-27 14:01:44 -------- d-----w- C:\ProgramData\Malwarebytes
2012-12-27 14:01:41 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-12-27 14:01:40 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-12-27 02:32:23 76232 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CCF9A293-1ED6-4A6D-82F7-1D22D4FE846A}\offreg.dll
2012-12-27 01:27:47 9125352 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CCF9A293-1ED6-4A6D-82F7-1D22D4FE846A}\mpengine.dll
2012-12-26 01:27:42 9125352 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-12-23 07:40:12 -------- d-----w- C:\Users\Piia\Mors Principium Est - ...And Death Said Live (2012)[320]
2012-12-22 01:00:31 46080 ----a-w- C:\Windows\System32\atmlib.dll
2012-12-22 01:00:31 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2012-12-22 01:00:30 367616 ----a-w- C:\Windows\System32\atmfd.dll
2012-12-22 01:00:30 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2012-12-12 07:40:53 424960 ----a-w- C:\Windows\System32\KernelBase.dll
2012-12-12 03:19:53 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2012-12-12 03:19:53 -------- d-----w- C:\Program Files\iTunes
2012-12-12 03:19:53 -------- d-----w- C:\Program Files\iPod
2012-12-12 03:11:37 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
2012-12-12 03:11:37 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
2012-12-12 03:11:37 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2012-12-12 03:11:37 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2012-12-12 03:11:37 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2012-12-12 03:11:37 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2012-12-12 03:11:37 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2012-12-05 09:56:09 -------- d-----w- C:\ProgramData\EA Core
2012-11-29 01:30:21 972264 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F9BFFC77-BC81-4C48-93E8-8BC64D0522BA}\gapaengine.dll
.
==================== Find3M ====================
.
2012-12-12 14:51:59 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-12 14:51:59 697272 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-11-22 03:26:40 3149824 ----a-w- C:\Windows\System32\win32k.sys
2012-11-12 12:28:37 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2012-11-12 11:52:18 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-11-09 05:45:09 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-11-09 04:42:49 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-11-02 05:59:11 478208 ----a-w- C:\Windows\System32\dpnet.dll
2012-11-02 05:11:31 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll
2012-10-27 06:26:55 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-10-27 05:51:21 1188864 ----a-w- C:\Windows\System32\wininet.dll
2012-10-25 01:12:26 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
2012-10-25 01:12:26 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
2012-10-16 08:38:37 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38:34 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39:52 561664 ----a-w- C:\Windows\apppatch\AcLayers.dll
2012-10-09 18:17:13 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll
2012-10-09 18:17:13 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll
2012-10-09 17:40:31 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll
2012-10-09 17:40:31 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll
2012-10-04 17:46:16 362496 ----a-w- C:\Windows\System32\wow64win.dll
2012-10-04 17:46:15 243200 ----a-w- C:\Windows\System32\wow64.dll
2012-10-04 17:46:15 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2012-10-04 17:45:55 215040 ----a-w- C:\Windows\System32\winsrv.dll
2012-10-04 17:43:28 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2012-10-04 16:47:41 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2012-10-04 16:47:41 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2012-10-04 15:21:55 338432 ----a-w- C:\Windows\System32\conhost.exe
2012-10-04 14:46:46 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2012-10-04 14:46:46 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2012-10-04 14:46:44 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2012-10-04 14:46:43 2048 ----a-w- C:\Windows\SysWow64\user.exe
2012-10-04 14:41:50 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-10-04 14:41:50 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-04 14:41:50 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-10-04 14:41:50 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-10-03 17:56:54 1914248 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-10-03 17:44:21 70656 ----a-w- C:\Windows\System32\nlaapi.dll
2012-10-03 17:44:21 303104 ----a-w- C:\Windows\System32\nlasvc.dll
2012-10-03 17:44:17 246272 ----a-w- C:\Windows\System32\netcorehc.dll
2012-10-03 17:44:17 18944 ----a-w- C:\Windows\System32\netevent.dll
2012-10-03 17:44:16 216576 ----a-w- C:\Windows\System32\ncsi.dll
2012-10-03 17:42:16 569344 ----a-w- C:\Windows\System32\iphlpsvc.dll
2012-10-03 16:42:24 18944 ----a-w- C:\Windows\SysWow64\netevent.dll
2012-10-03 16:42:24 175104 ----a-w- C:\Windows\SysWow64\netcorehc.dll
2012-10-03 16:42:23 156672 ----a-w- C:\Windows\SysWow64\ncsi.dll
2012-10-03 16:07:26 45568 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys
.
============= FINISH: 17:56:22,67 ===============
And heres attach:
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 25.3.2011 13:11:50
System Uptime: 27.12.2012 17:13:14 (0 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | M4N68T V2
Processor: AMD Athlon II X3 455 Processor | AM3 | 792/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 931 GiB total, 668,521 GiB free.
D: is CDROM ()
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP251: 13.12.2012 3:00:15 - Windows Update
RP252: 16.12.2012 16:58:26 - Windows Update
RP253: 20.12.2012 16:58:27 - Windows Update
RP254: 22.12.2012 3:00:12 - Windows Update
RP255: 25.12.2012 3:28:24 - Windows Update
RP256: 26.12.2012 19:02:52 - Asennettu TheSims3EP7
RP257: 27.12.2012 17:35:39 - Poistettu The Sims 3 Ambitions
.
==== Installed Programs ======================
.
Acrobat.com
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader 9.5.2
Advertising Center
AMD Drag and Drop Transcoding
AMD Fuel
Apple Mobile Device Support
Apple Software Update
Applen ohjelmatuki
ATI Catalyst Install Manager
ATI Catalyst Registration
ATI Stream SDK v2 Developer
Bonjour
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
ccc-core-static
ccc-utility64
CCC Help English
Counter-Strike: Source
D3DX10
DAEMON Tools Lite
DivXG400
Epson Easy Photo Print 2
Epson Print CD
Epson Printer Software Downloader
EPSON PX650 Series Printer Uninstall
EPSON Scan
Epson Stylus Photo PX650_TX650 Ohjekirja
Fallout: New Vegas
Fallout2
High-Definition Video Playback
Huawei modem
iTunes
Java Auto Updater
Java 6 Update 29
Last.fm 1.5.4.27091
Malwarebytes Anti-Malware versio 1.65.1.1000
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile FIN Language Pack
Microsoft .NET Framework 4 Client Profilen suomen kielipaketti
Microsoft Antimalware Service FI-FI Language Pack
Microsoft Application Error Reporting
Microsoft Office Click-to-Run 2010
Microsoft Office Home and Student 2010 - English
Microsoft Security Client
Microsoft Security Client FI-FI Language Pack
Microsoft Security Essentials
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft WSE 3.0 Runtime
Mobiililaajakaista
Mozilla Firefox 17.0.1 (x86 fi)
Mozilla Maintenance Service
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
Nero 10 Movie ThemePack Basic
Nero Audio Pack 1
Nero ControlCenter
Nero Core Components 10
Nero Installer
Nero Kwik Media
Nero MediaHome 4
Nero MediaHome 4 Essentials
Nero MediaHome 4 Help
Nero Online Upgrade
Nero Update
NeroKwikMedia Help (CHM)
NVIDIA Drivers
OpenAL
Origin
Pando Media Booster
PhotoFiltre
Platform
QuickTime
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profilen suomen kielipaketti (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profilen suomen kielipaketti (KB2518870)
Steam
TeamSpeak 3 Client
The Sims™ 3
The Sims™ 3 Baana auki Kamasetti
The Sims™ 3 Iltahuvit
The Sims™ 3 Keskustan kuhinaa Kamasetti
The Sims™ 3 Lemmikit
The Sims™ 3 Luksuslukaali Kamasetti
The Sims™ 3 Maailmanmatkaaja
The Sims™ 3 Pihaparatiisi Kamasetti
The Sims™ 3 Supernatural
The Sims™ 3 Superstara
The Sims™ 3 Täyttä Elämää
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
VIA Ohjelmistoalustan laitehallinta
Windows Live Communications Platform
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Messenger
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Liven asennustyökalu
WinRAR 4.00 (64-bit)
WMV9/VC-1 Video Playback
World of Warcraft
.
==== End Of File ===========================
-
Hey! I found this virus yesterday when scanning with microsoft security essentials: Backdoor:Win32/Fynloski.A which it cant delete.
I would like to manually try to remove it, but lack the skills. Could you give me a helping hand? Malwarebytes antimalware doesnt seem to find it with quick scan, but it definitely is still there. Ive got DDS running, but it doesnt seem
to do anything, "DDS is running in silent mode" it says.
-
Hey! Yesterday I found this virus on microsoft security essentials, and it can not remove it: Backdoor:Win32/Fynloski.A
I would like to try to delete it manually, and definitely require help with it. What should I do?
Backdoor:Win32/Fynloski.A found, wont get removed
in Resolved Malware Removal Logs
Posted
For some reason it wont let me post the other one, well lets try again..
And heres the Extras.Txt:
OTL Extras logfile created on: 29.12.2012 6:06:23 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Piia\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 0000040b | Country: Suomi | Language: FIN | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 2,27 Gb Available Physical Memory | 56,79% Memory free
8,00 Gb Paging File | 6,01 Gb Available in Paging File | 75,19% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 707,64 Gb Free Space | 75,97% Space Free | Partition Type: NTFS
Computer Name: PIIA-PC | User Name: Piia | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-107849261-2250990614-1379679070-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06E26413-3A78-4667-ADD4-B53AC355DC58}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0BEBBD85-8ADC-4C8D-BEDE-A410FF959804}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{0D6C4BE1-AA41-4A81-BDD1-640F1AA8D417}" = lport=445 | protocol=6 | dir=in | app=system |
"{16555654-09AF-4280-82A3-EC805A602632}" = lport=138 | protocol=17 | dir=in | app=system |
"{1FB60D1D-15BF-4F29-A974-7E760A9729D9}" = rport=138 | protocol=17 | dir=out | app=system |
"{20BB6DD7-7C88-4DC3-9E71-7CFF6119BE71}" = rport=139 | protocol=6 | dir=out | app=system |
"{4EEAF64A-09DD-4534-8F17-EC136AE703D7}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{67A9195F-4BAD-48EA-A69E-74840B097AAA}" = lport=10243 | protocol=6 | dir=in | app=system |
"{70187DDF-C8AE-4A2F-8B7B-8DBABCD9BCE3}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{71FDB968-4A7C-4F29-A03B-3179FEB4E712}" = rport=137 | protocol=17 | dir=out | app=system |
"{841BFB71-FCE7-4C4B-9342-66C90A3264DB}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{93B3A048-98D3-48A2-9698-65527DE7CE82}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{96E16A5C-7734-4BA0-B2E0-D81CD4D6B9C8}" = lport=137 | protocol=17 | dir=in | app=system |
"{A3AC247A-BA81-4C76-A7D7-6CCF15C0682C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A8B43191-BEBA-4E7D-AC46-AA503401C9C7}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AD6378AD-4D87-4425-B23A-D4C0F7C50F7F}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 |
"{AF69B62E-4546-4C12-8DB7-BA9142039A95}" = lport=139 | protocol=6 | dir=in | app=system |
"{AFC8B682-0B07-4B32-B8D2-360B857D5399}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B1AD9CA2-B1A2-4139-9BDF-5A0C0BB78E79}" = rport=10243 | protocol=6 | dir=out | app=system |
"{CC527B20-D343-46DE-A9DF-5817A3FEADAF}" = rport=445 | protocol=6 | dir=out | app=system |
"{CC8F23E3-40A4-44FC-BAFE-BD38257A68CE}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DDCA8AF4-396C-449C-8D40-93C17ECC79FB}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E34B7AB2-2B76-476A-BDF4-BF12F8B99D47}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{EA82B3A4-796D-419D-85F5-48F7E4AD1394}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{ECED6ED8-40D7-4D39-87AB-1627D5303B15}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FED73572-2DDB-49B5-8205-71971E9FB9E7}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{008B7CCF-D150-4D02-B9B5-8892DDA97C81}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{022FE372-DB3C-4E0A-A7BA-49AFB85630F2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fallout new vegas\falloutnvlauncher.exe |
"{02EA2BCE-06CC-4A51-AD96-CF97FD205BD5}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{0AE2BF74-CA9B-410B-B75E-AAFF5FD2B12F}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{0B76C593-E155-41ED-8F5C-94BA5C34C2EA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{0FA01246-BE5E-4DF6-BA55-59E4A41CD4EF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{111107C5-E0DD-4CBB-B9F5-A3E2ECB21B3E}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{128DC98B-CA63-4A96-AEEF-1587B3201801}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{1C9A2442-A1B8-4F37-B84C-C796F924F2D7}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{1F65745D-8649-4167-84C4-612613155D86}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{245F48F9-6CB6-4693-B6A5-7C1F0A38A932}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{24B7C199-7B39-4810-A10F-D20E71BE6559}" = protocol=6 | dir=out | app=system |
"{259E0D11-92D8-4981-B633-CF2D48E0B418}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{25C6DB04-A526-4DDB-8A7D-0FA26BAD375E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fallout new vegas\falloutnvlauncher.exe |
"{2A694B37-DF5D-4EBB-B8BC-8FA1B16A1C12}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{34692709-C21D-49ED-992B-CB609F753AFC}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{3BADFF36-F8F9-494F-A163-613173C174BB}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{3CFD216A-C7F5-4E23-9590-92FB966515D4}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{3E7B3F1E-24FB-4F52-94EE-D2370C80AD6C}" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.exe |
"{41B8FFEC-7128-4CF0-B410-F6F263E4BA71}" = protocol=6 | dir=in | app=c:\program files (x86)\nero\nero mediahome 4\nmmediaserverservice.exe |
"{53B97AF6-5119-41C4-9484-1DEDFBF9577F}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe |
"{5A0EB74C-CC10-4D56-8B55-B745A889D0C7}" = protocol=17 | dir=in | app=c:\program files (x86)\nero\nero mediahome 4\nmmediaserverservice.exe |
"{704F3DCC-46E0-4A1C-A169-6478DAEAB42C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{7561993B-3C3B-42FE-8413-89DAFC5B647F}" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.patch.exe |
"{85718020-272B-4435-95ED-266CDF59E098}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8B50151B-3946-4669-BCF5-0060A69159DF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{90F95EC9-9A59-4100-8B98-A8874F0445FE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{9155D6BA-9A66-4B35-AFB4-29B2C6321FA1}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{94876C07-E0C2-45D0-A168-1643D9F9F058}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{99130E83-2FDF-4C01-9928-77C78D5E31D0}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{AA6D8331-87E0-47A7-A78F-BBB25E9A5E5C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BC914311-224A-42FC-8A62-DFE5BC30F28E}" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.patch.exe |
"{BCE2A2EF-749D-4CB6-8853-E272689E2AE5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{C2CC7911-A654-4959-B791-F1D80171AAEE}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{C70461A7-836C-469E-9786-F50F14D340A1}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{CA15DC7E-DD0C-4A64-8AFD-0C858E12CA7B}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe |
"{CAFD3E1F-A66A-4310-A2D3-A0AA2579B709}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{CC4C15DA-0E10-437E-A128-C96B3D8813E6}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CEC314D0-5B44-46A2-8A73-25653237981E}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{D5F3E2A9-344B-427A-BB25-C11BE3B6048A}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{D8464C78-76C2-44BA-A2F7-09539C8DD27C}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{E028E63A-4841-4C23-8217-547BEC9CA839}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{E3D761C7-F760-439C-8957-1AC436A198DB}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{E491875E-21CA-49B8-A88C-8ACC2AEE8228}" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.exe |
"{E4DE6364-6E79-4B77-AA04-97B9DEFC1985}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{E8E2EE6F-EE9E-4D4F-96AD-C01812C565D6}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{E986B053-D744-454A-A598-0C148294E4F1}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F2E2F1ED-0653-40B5-A7D5-2FB50441329E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F7901F8C-73ED-430D-A934-73CC64DC5FB9}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{F8B33346-F541-4534-BA54-3A9A31A6C3A8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{04D73E52-310D-4799-A930-76AD2E59812C}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2736-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.1.2736-enus-tools-downloader.exe |
"TCP Query User{0F41CDA9-82B0-4A0B-AFC1-486C94CCCD56}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"TCP Query User{3D1F7A1D-2738-4E15-A933-DFBE420A31BD}C:\program files (x86)\steam\steamapps\anaalisaukko\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\anaalisaukko\team fortress 2\hl2.exe |
"TCP Query User{5978F7D8-0E4A-42B3-9963-0BAA3D5052CD}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2730-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.1.2730-enus-tools-downloader.exe |
"TCP Query User{69DC92E1-D608-4E73-9DAA-1C9417D37CCC}C:\program files (x86)\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe |
"TCP Query User{AABC1BA2-2A01-4C6D-BDC5-2394985DEE96}C:\program files (x86)\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\backgrounddownloader.exe |
"TCP Query User{E78870FE-261E-4B78-9259-34BD76E102A8}C:\program files (x86)\steam\steamapps\anaalisaukko\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\anaalisaukko\counter-strike source\hl2.exe |
"TCP Query User{EEAC417E-0777-4C39-B69B-814A6FB17185}C:\program files (x86)\microsoft games\halo\halo.exe" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\halo\halo.exe |
"TCP Query User{FFD448F0-CECE-4617-8981-096A1A49F2A9}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2727-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.1.2727-enus-tools-downloader.exe |
"UDP Query User{1DD3E9AD-1AF0-4382-98B1-5B23C951CDE0}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2736-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.1.2736-enus-tools-downloader.exe |
"UDP Query User{614C9617-2D65-4F12-9F53-F7596D3B6CDA}C:\program files (x86)\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\backgrounddownloader.exe |
"UDP Query User{9ACC13C9-0603-467E-8F23-D85910E50464}C:\program files (x86)\steam\steamapps\anaalisaukko\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\anaalisaukko\counter-strike source\hl2.exe |
"UDP Query User{9D713B2B-A905-42FE-B80F-8A41CD571472}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2730-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.1.2730-enus-tools-downloader.exe |
"UDP Query User{A6F0C33B-5297-4233-8D59-1A490E30EC4C}C:\program files (x86)\microsoft games\halo\halo.exe" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\halo\halo.exe |
"UDP Query User{B0D81C33-FB55-4F0F-A83D-2857C841AA50}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2727-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.1.2727-enus-tools-downloader.exe |
"UDP Query User{CA6DF23C-E99F-4BAC-9AB6-BF2F1D50E261}C:\program files (x86)\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe |
"UDP Query User{D39C267A-B532-4D62-87C8-4CEB34917ECB}C:\program files (x86)\steam\steamapps\anaalisaukko\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\anaalisaukko\team fortress 2\hl2.exe |
"UDP Query User{DAB1032C-AB7F-4400-8590-BEE50EAB141F}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{22441735-5983-AD2A-5CC5-FA2CCD7EF732}" = ATI Stream SDK v2 Developer
"{22D8AE6F-3C6B-47E8-8F04-629F23DBE978}" = iTunes
"{3D4BCAF1-DDA5-3E92-9143-1133D125B071}" = Microsoft .NET Framework 4 Client Profile FIN Language Pack
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5E2BDF97-E0C7-75AE-29E1-5EA9DA262F2F}" = WMV9/VC-1 Video Playback
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6A9B5F9E-CAF3-2264-9DA0-E374F9A34279}" = AMD Drag and Drop Transcoding
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{AE57C044-8912-A181-A0E4-BC2DAB3A092A}" = ATI Catalyst Install Manager
"{B2C5B378-546F-75A7-7757-C1EAAFAF9E33}" = ccc-utility64
"{BBA7005D-8C56-FFD3-81AE-D0481829BC70}" = AMD Fuel
"{C78D3032-9DFD-41D0-9DE9-58EAE750CBA4}" = Microsoft Security Client
"{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support
"{D80C85CD-B007-4B8E-9C35-1EF837C555ED}" = Microsoft Antimalware Service FI-FI Language Pack
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client FI-FI Language Pack
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"EPSON PX650 Series" = EPSON PX650 Series Printer Uninstall
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile FIN Language Pack" = Microsoft .NET Framework 4 Client Profilen suomen kielipaketti
"Microsoft Security Client" = Microsoft Security Essentials
"NVIDIA Drivers" = NVIDIA Drivers
"WinRAR archiver" = WinRAR 4.00 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{02FCAA8F-59D3-4198-822E-135C61EE4F0B}" = NeroKwikMedia Help (CHM)
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0682ecbd-72eb-4164-a6f4-71c77729f742}" = Nero MediaHome 4 Essentials
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{117B6BF6-82C3-420C-B284-9247C8568E53}" = The Sims™ 3 Pihaparatiisi Kamasetti
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F7D9F37-C39C-486C-BDF8-8F440FFB3352}" = Nero Kwik Media
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java 6 Update 29
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{3BBFD444-5FAB-49F6-98B1-A1954E831399}" = The Sims™ 3 Superstara
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{58CB9A9A-1EFB-4EA8-B50C-3097E754AC21}" = High-Definition Video Playback
"{5FD89EA1-99C2-40EE-BBF5-20F8991ED756}" = Catalyst Control Center - Branding
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{664D6E1D-2A6C-D54D-31A5-B6BC30CEB0C6}" = CCC Help English
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69fc3b9a-4149-43db-a557-6ed0c8d8ba44}" = Nero MediaHome 4 Help
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{71828142-5A24-4BD0-97E7-976DA08CE6CF}" = The Sims™ 3 Luksuslukaali Kamasetti
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7B9F5775-8C8C-2A4E-0CAB-74EA7AF5CB09}" = ccc-core-static
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{87C2248A-C7DD-49ED-9BCD-B312A9D0819E}" = Epson Easy Photo Print 2
"{8909CFA8-97BF-4077-AC0F-6925243FFE08}" = Windows Liven asennustyökalu
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8CF5D47D-27B7-49D6-A14F-10550B92749D}" = Windows Live UX Platform Language Pack
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140011-0061-0409-0000-0000000FF1CE}" = Microsoft Office Home and Student 2010 - English
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{99ef387e-633e-4cfb-bfa3-ab961b685ddf}" = Nero MediaHome 4
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A899DA1F-D626-401C-8651-F2921E3B4CB3}" = Mobiililaajakaista
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA945C94-285E-DE48-A30F-70105C6580DE}" = Catalyst Control Center Graphics Previews Common
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.2
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}" = The Sims™ 3 Supernatural
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF4434001}" = Epson Printer Software Downloader
"{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = The Sims™ 3 Maailmanmatkaaja
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{BFC47A0B-D487-4DF0-889E-D6D392DF31E0}" = Windows Live Messenger
"{C12631C6-804D-4B32-B0DD-8A496462F106}" = The Sims™ 3 Lemmikit
"{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Audio Pack 1
"{CC29B835-95A5-3CD9-087B-F94D7B9ECC9B}" = Catalyst Control Center InstallProxy
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Applen ohjelmatuki
"{CD7CB1E6-267A-408F-877D-B532AD2C882E}" = Windows Live Photo Common
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D16A31F9-276D-4968-A753-FFEAC56995D0}" = Epson Print CD
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D9B5AE52-FEF9-4E5C-A63E-06A6638B2935}" = Nero Kwik Media
"{dba84796-8503-4ff0-af57-1747dd9a166d}" = Nero Online Upgrade
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}" = The Sims™ 3 Täyttä Elämää
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{f4041dce-3fe1-4e18-8a9e-9de65231ee36}" = Nero ControlCenter
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"DivXG400" = DivXG400
"Epson Printer Software Downloader" = Epson Printer Software Downloader
"EPSON Scanner" = EPSON Scan
"Epson Stylus Photo PX650_TX650 Käyttöopas" = Epson Stylus Photo PX650_TX650 Ohjekirja
"Fallout2" = Fallout2
"Huawei Modems" = Huawei modem
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Ohjelmistoalustan laitehallinta
"LastFM_is1" = Last.fm 1.5.4.27091
"Mozilla Firefox 17.0.1 (x86 fi)" = Mozilla Firefox 17.0.1 (x86 fi)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"OpenAL" = OpenAL
"Origin" = Origin
"Steam App 22380" = Fallout: New Vegas
"Steam App 240" = Counter-Strike: Source
"WinLiveSuite" = Windows Liven asennustyökalu
"World of Warcraft" = World of Warcraft
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-107849261-2250990614-1379679070-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"PhotoFiltre" = PhotoFiltre
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 19.12.2012 22:52:11 | Computer Name = Piia-PC | Source = Application Error | ID = 1000
Description = Viallisen sovelluksen nimi: Wow-64.exe, versio: 5.1.0.16357, aikaleima:
0x50bd644f Viallisen moduulin nimi: ntdll.dll, versio: 6.1.7601.17725, aikaleima:
0x4ec4aa8e Poikkeuskoodi: 0xc0000374 Virhepoikkeama: 0x00000000000c40f2 Viallisen
prosessin tunnus: 0x758 Viallisen sovelluksen käynnistysaika: 0x01cdde5c77478de0 Viallisen
sovelluksen polku: C:\Program Files (x86)\World of Warcraft\Wow-64.exe Viallisen
moduulin polku: C:\Windows\SYSTEM32\ntdll.dll Raportin tunnus: 40336f80-4a50-11e2-a894-bcaec5ac6a60
Error - 20.12.2012 18:31:11 | Computer Name = Piia-PC | Source = SideBySide | ID = 16842815
Description = Aktivointikontekstin luonti epäonnistui (c:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll). Virhe luettelo- tai käytäntötiedoston
c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll rivillä
3. Määritteen version arvo (MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR)
ei kelpaa elementissä assemblyIdentity.
Error - 21.12.2012 12:19:04 | Computer Name = Piia-PC | Source = Application Hang | ID = 1002
Description = Ohjelman Wow-64.exe versio 5.1.0.16357, lakkasi olemasta yhteydessä
Windowsiin, joten se suljettiin. Voit tarkistaa, onko ongelmasta saatavilla lisätietoja,
ohjauspaneelin Toimintokeskus-kohdasta. Prosessin tunnus: 924 Alkamisaika: 01cddf96b46477c0
Päättymisaika:
382 Sovelluksen polku: C:\Program Files (x86)\World of Warcraft\Wow-64.exe Raportin
tunnus: 204e3ac1-4b8a-11e2-bdff-bcaec5ac6a60
Error - 21.12.2012 18:31:15 | Computer Name = Piia-PC | Source = SideBySide | ID = 16842815
Description = Aktivointikontekstin luonti epäonnistui (c:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll). Virhe luettelo- tai käytäntötiedoston
c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll rivillä
3. Määritteen version arvo (MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR)
ei kelpaa elementissä assemblyIdentity.
Error - 22.12.2012 2:25:48 | Computer Name = Piia-PC | Source = Application Error | ID = 1000
Description = Viallisen sovelluksen nimi: Wow-64.exe, versio: 5.1.0.16357, aikaleima:
0x50bd644f Viallisen moduulin nimi: ntdll.dll, versio: 6.1.7601.17725, aikaleima:
0x4ec4aa8e Poikkeuskoodi: 0xc0000374 Virhepoikkeama: 0x00000000000c40f2 Viallisen
prosessin tunnus: 0x158c Viallisen sovelluksen käynnistysaika: 0x01cde00876a334e0
Viallisen
sovelluksen polku: C:\Program Files (x86)\World of Warcraft\Wow-64.exe Viallisen
moduulin polku: C:\Windows\SYSTEM32\ntdll.dll Raportin tunnus: 6c24fad0-4c00-11e2-8988-bcaec5ac6a60
Error - 22.12.2012 18:31:29 | Computer Name = Piia-PC | Source = SideBySide | ID = 16842815
Description = Aktivointikontekstin luonti epäonnistui (c:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll). Virhe luettelo- tai käytäntötiedoston
c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll rivillä
3. Määritteen version arvo (MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR)
ei kelpaa elementissä assemblyIdentity.
Error - 26.12.2012 10:17:58 | Computer Name = Piia-PC | Source = Application Error | ID = 1000
Description = Viallisen sovelluksen nimi: TS3W.exe, versio: 0.1.0.27, aikaleima:
0x4f2b35b6 Viallisen moduulin nimi: TS3W.exe, versio: 0.1.0.27, aikaleima: 0x4f2b35b6
Poikkeuskoodi:
0xc0000005 Virhepoikkeama: 0x000e54c9 Viallisen prosessin tunnus: 0x2ffc Viallisen
sovelluksen käynnistysaika: 0x01cde373c84a2920 Viallisen sovelluksen polku: C:\Program
Files (x86)\Electronic Arts\The Sims 3\Game\Bin\TS3W.exe Viallisen moduulin polku:
C:\Program Files (x86)\Electronic Arts\The Sims 3\Game\Bin\TS3W.exe Raportin tunnus:
0bb9d4d0-4f67-11e2-8988-bcaec5ac6a60
Error - 26.12.2012 10:18:53 | Computer Name = Piia-PC | Source = Application Error | ID = 1000
Description = Viallisen sovelluksen nimi: TS3W.exe, versio: 0.1.0.27, aikaleima:
0x4f2b35b6 Viallisen moduulin nimi: TS3W.exe, versio: 0.1.0.27, aikaleima: 0x4f2b35b6
Poikkeuskoodi:
0xc0000005 Virhepoikkeama: 0x000e6146 Viallisen prosessin tunnus: 0x3240 Viallisen
sovelluksen käynnistysaika: 0x01cde373ed6054f0 Viallisen sovelluksen polku: C:\Program
Files (x86)\Electronic Arts\The Sims 3\Game\Bin\TS3W.exe Viallisen moduulin polku:
C:\Program Files (x86)\Electronic Arts\The Sims 3\Game\Bin\TS3W.exe Raportin tunnus:
2c8f49b0-4f67-11e2-8988-bcaec5ac6a60
Error - 26.12.2012 13:08:55 | Computer Name = Piia-PC | Source = Application Error | ID = 1000
Description = Viallisen sovelluksen nimi: TS3W.exe, versio: 0.2.0.165, aikaleima:
0x50171e18 Viallisen moduulin nimi: TS3W.exe, versio: 0.2.0.165, aikaleima: 0x50171e18
Poikkeuskoodi:
0xc0000005 Virhepoikkeama: 0x000e5cdc Viallisen prosessin tunnus: 0x3244 Viallisen
sovelluksen käynnistysaika: 0x01cde38babccd6e0 Viallisen sovelluksen polku: C:\Program
Files (x86)\Electronic Arts\The Sims 3\Game\Bin\TS3W.exe Viallisen moduulin polku:
C:\Program Files (x86)\Electronic Arts\The Sims 3\Game\Bin\TS3W.exe Raportin tunnus:
edb7b750-4f7e-11e2-8988-bcaec5ac6a60
Error - 27.12.2012 1:45:55 | Computer Name = Piia-PC | Source = SideBySide | ID = 16842815
Description = Aktivointikontekstin luonti epäonnistui (c:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll). Virhe luettelo- tai käytäntötiedoston
c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll rivillä
3. Määritteen version arvo (MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR)
ei kelpaa elementissä assemblyIdentity.
Error - 27.12.2012 23:35:18 | Computer Name = Piia-PC | Source = SideBySide | ID = 16842815
Description = Aktivointikontekstin luonti epäonnistui (c:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll). Virhe luettelo- tai käytäntötiedoston
c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll rivillä
3. Määritteen version arvo (MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR)
ei kelpaa elementissä assemblyIdentity.
[ System Events ]
Error - 20.12.2012 23:19:19 | Computer Name = Piia-PC | Source = Service Control Manager | ID = 7000
Description = Palvelua Steam Client Service ei voi käynnistää. Virhekoodi on %%1053
Error - 25.12.2012 3:34:55 | Computer Name = Piia-PC | Source = Disk | ID = 262155
Description = Ohjain havaitsi korttivirheen laitteella \Device\Harddisk1\DR10.
Error - 25.12.2012 3:34:55 | Computer Name = Piia-PC | Source = Disk | ID = 262155
Description = Ohjain havaitsi korttivirheen laitteella \Device\Harddisk1\DR10.
Error - 25.12.2012 3:34:56 | Computer Name = Piia-PC | Source = Disk | ID = 262155
Description = Ohjain havaitsi korttivirheen laitteella \Device\Harddisk1\DR10.
Error - 25.12.2012 3:34:57 | Computer Name = Piia-PC | Source = Disk | ID = 262155
Description = Ohjain havaitsi korttivirheen laitteella \Device\Harddisk1\DR10.
Error - 26.12.2012 13:24:06 | Computer Name = Piia-PC | Source = Microsoft Antimalware | ID = 1119
Description = %%860 on kohdannut ei-kriittisen virheen ryhtyessään toimiin haittaohjelman
tai muun mahdollisesti ei-halutun ohjelman kohdalla. Katso lisätietoja seuraavasta:
http://go.microsoft.com/fwlink/?linkid=37020&name=Backdoor:Win32/Fynloski.A&threatid=2147640184
Nimi:
Backdoor:Win32/Fynloski.A Tunnus: 2147640184 Vakavuus: Vakava Luokka: Takaoviohjelma
Polku:
file:_C:\Users\Piia\Downloads\asd\Drivers\Drivers.exe Tunnistuksen alkuperä: %%845
Tunnistustyyppi:
%%822 Tunnistuksen lähde: %%818 Käyttäjä: NT-HALLINTA\SYSTEM Prosessin nimi: C:\Windows\System32\SearchProtocolHost.exe
Toiminto:
%%809 Toiminnon tila: No additional actions required Virhekoodi: 0x80070490 Virheen
kuvaus: Elementtiä ei löydy. Allekirjoitusversio: AV: 1.141.2573.0, AS: 1.141.2573.0,
NIS: 18.36.0.0 Moottoriversio: AM: 1.1.9002.0, NIS: 2.1.8904.0
Error - 27.12.2012 11:19:37 | Computer Name = Piia-PC | Source = Service Control Manager | ID = 7022
Description = Palvelu Windows Update lukkiutui käynnistyksessä.
Error - 27.12.2012 16:17:15 | Computer Name = Piia-PC | Source = Service Control Manager | ID = 7030
Description = Palvelu PEVSystemStart on määritetty vuorovaikutteiseksi palveluksi.
Järjestelmän kokoonpanoa ei kuitenkaan ole määritetty sallimaan vuorovaikutteisia
palveluja. Palvelun toiminta saattaa olla epätäydellistä.
Error - 27.12.2012 16:21:18 | Computer Name = Piia-PC | Source = Application Popup | ID = 1060
Description = \??\C:\ComboFix\catchme.sys ei voi latautua, koska se ei ole yhteensopiva
tämän järjestelmän kanssa. Pyydä yhteensopiva ohjainversio ohjelmistotoimittajalta.
Error - 27.12.2012 16:28:01 | Computer Name = Piia-PC | Source = Service Control Manager | ID = 7030
Description = Palvelu PEVSystemStart on määritetty vuorovaikutteiseksi palveluksi.
Järjestelmän kokoonpanoa ei kuitenkaan ole määritetty sallimaan vuorovaikutteisia
palveluja. Palvelun toiminta saattaa olla epätäydellistä.
< End of report >