Thank you for the very prompt response, and apologies for my delayed one. I had trouble getting the PC to start.
OK, I did all the steps you recommended. However, a few problems:
1) OTL did not create a log when performing the fix (I tried a couple of times). I did another scan after that and saved the log from it, so I will be posting that.
2) Before running Combofix, I disabled my AV, but I forgot to disable a program called WinPatrol. As Combofix was finishing up and creating a report, WinPatrol popped up and warned of host file having been replaced with a new one. Hopefully this has not created an interference.
3) I could not use VEW, because it said it is not compatible with the language of my OS. So instead, I included some entries both from the system event viewer and application, and I tried to translate them from my native language to English.
4) OTL did indeed hang up at "034 - HKLM BootExecute: (Partizan)", so I did the fix without it.
Logs are below.
OTL Log 1 (scanned right after the fix):
---------------------------------
OTL logfile created on: 9.9.2012 22:51:53 - Run 3
OTL by OldTimer - Version 3.2.61.2 Folder = C:\Documents and Settings\tilapainen\Työpöytä\OTL
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 0000040B | Country: Suomi | Language: FIN | Date Format: d.M.yyyy
1022,48 Mb Total Physical Memory | 476,46 Mb Available Physical Memory | 46,60% Memory free
2,40 Gb Paging File | 1,86 Gb Available in Paging File | 77,38% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 115,30 Gb Free Space | 77,36% Space Free | Partition Type: NTFS
Computer Name: EMT-F8A04F66186 | User Name: tilapainen | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2012.09.09 03:57:20 | 000,599,552 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\tilapainen\Työpöytä\OTL\OTL.exe
PRC - [2012.07.03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.07.03 13:46:44 | 000,462,920 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.03.12 00:13:21 | 001,983,232 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2012.03.12 00:13:00 | 006,749,512 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
PRC - [2011.12.20 18:12:18 | 000,068,896 | ---- | M] (Nalpeiron Ltd.) -- C:\WINDOWS\system32\NLSSRV32.EXE
PRC - [2011.08.12 02:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2010.05.07 19:35:22 | 000,165,208 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
PRC - [2008.06.15 15:34:20 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
PRC - [2007.04.19 20:33:01 | 000,271,936 | ---- | M] (BillP Studios) -- C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
PRC - [2005.01.10 05:36:22 | 000,077,824 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe
PRC - [2004.09.15 15:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004.09.15 15:00:00 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows NT\Accessories\wordpad.exe
========== Modules (No Company Name) ========== MOD - [2011.12.19 21:59:43 | 000,068,424 | ---- | M] () -- C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav
MOD - [2010.05.07 19:37:40 | 000,126,808 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll
MOD - [2010.05.07 19:37:40 | 000,027,480 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll
MOD - [2010.05.07 19:36:54 | 000,340,824 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTXml4.dll
MOD - [2010.05.07 19:36:20 | 000,921,944 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QtNetwork4.dll
MOD - [2010.05.07 19:35:56 | 007,954,776 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTGui4.dll
MOD - [2010.05.07 19:35:44 | 002,143,576 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTCore4.dll
MOD - [2008.06.15 15:34:20 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
MOD - [2007.06.03 10:05:20 | 000,159,744 | ---- | M] () -- C:\Program Files\Haali\MatroskaSplitter\mmfinfo.dll
MOD - [2007.06.03 10:04:14 | 000,023,552 | ---- | M] () -- C:\Program Files\Haali\MatroskaSplitter\mkunicode.dll
MOD - [2004.09.15 15:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
========== Services (SafeList) ========== SRV - [2012.08.25 05:00:40 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.07.03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.03.12 00:13:21 | 001,983,232 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2011.12.20 18:12:18 | 000,068,896 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\WINDOWS\system32\NLSSRV32.EXE -- (nlsX86cc)
SRV - [2011.08.12 02:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
SRV - [2010.09.01 15:52:56 | 000,066,112 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper)
SRV - [2009.12.01 20:43:02 | 000,051,384 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper)
SRV - [2008.06.15 15:34:20 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU)
SRV - [2006.11.03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\DOCUME~1\TILAPA~1\LOCALS~1\Temp\aswMBR.sys -- (aswMBR)
DRV - [2012.07.03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012.03.12 00:13:46 | 000,097,760 | ---- | M] (COMODO) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\inspect.sys -- (Inspect)
DRV - [2012.03.12 00:13:45 | 000,031,704 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2012.03.12 00:13:44 | 000,494,968 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cmdGuard.sys -- (cmdGuard)
DRV - [2012.03.12 00:13:43 | 000,018,056 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cmderd.sys -- (cmderd)
DRV - [2011.07.22 19:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011.07.13 00:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010.05.15 01:04:20 | 000,023,904 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService)
DRV - [2010.05.15 01:04:02 | 006,842,592 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC)
DRV - [2010.05.15 01:02:26 | 000,276,448 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)
DRV - [2010.05.15 01:02:14 | 000,114,784 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvpopflt.sys -- (lvpopflt)
DRV - [2010.04.09 16:24:12 | 000,063,616 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2010.03.25 11:08:30 | 000,105,728 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2010.03.20 12:56:04 | 000,101,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - [2010.03.20 11:28:00 | 000,117,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2009.07.02 14:49:32 | 004,125,696 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.02.12 03:42:38 | 000,232,472 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\VMM.sys -- (vmm)
DRV - [2008.02.09 04:40:41 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2008.02.05 01:50:44 | 000,059,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VMNetSrv.sys -- (VPCNetS2)
DRV - [2008.01.26 14:55:04 | 000,000,000 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\regguard.sys -- (RegGuard)
DRV - [2007.09.08 02:48:56 | 000,096,704 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2007.08.16 17:26:12 | 000,278,728 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2007.08.16 17:26:10 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2005.11.04 11:14:22 | 000,033,408 | ---- | M] (IC Plus Corp. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ipgdnd51.sys -- (ipgd)
DRV - [2005.01.11 20:17:04 | 002,306,304 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM)
DRV - [2004.09.15 15:00:00 | 000,223,616 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2004.09.10 12:15:00 | 000,007,680 | ---- | M] (ABIT Computer Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\ABIT-IO.SYS -- (ABIT-IO)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://search.live.c...ferrer:source?} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
http://fi.msn.com/?ocid=iehpIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fi
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E4 E7 D3 6B 0A 7F CD 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/...Box&FORM=IE8SRCIE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ========== FF - prefs.js..extensions.enabledAddons: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.9
FF - prefs.js..extensions.enabledAddons: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.10
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.5
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.91
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.8
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.4
FF - prefs.js..extensions.enabledItems:
FF - prefs.js..extensions.enabledItems:
FF - prefs.js..extensions.enabledItems:
FF - prefs.js..extensions.enabledItems:
FF - prefs.js..extensions.enabledItems:
FF - prefs.js..extensions.enabledItems:
FF - prefs.js..extensions.enabledItems:
[email protected]:0.6.20101009
FF - prefs.js..network.proxy.http: "localhost"
FF - prefs.js..network.proxy.http_port: ""
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: J:\iTunes\Mozilla Plugins\npitunes.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\Program Files\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.6.2: C:\WINDOWS\system32\npDeployJava1.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nosltd.com/getPlus+®,version=1.6.2.91: C:\Program Files\NOS\bin\np_gp.dll (NOS Microsystems Ltd.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2852: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.2910: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1662: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll File not found
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll File not found
FF - HKCU\Software\MozillaPlugins\@octoshape.com/Octoshape Streaming Services,version=1.0: C:\Documents and Settings\tilapainen\Application Data\Octoshape\Octoshape Streaming Services\sua-0910050-0-npoctoshape.dll (Octoshape ApS)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Documents and Settings\tilapainen\Application Data\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Documents and Settings\tilapainen\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\tilapainen\Local Settings\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\tilapainen\Local Settings\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\
[email protected]: C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.08.30 20:24:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.09.09 21:05:11 | 000,000,000 | ---D | M]
[2008.09.06 14:04:57 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\tilapainen\Application Data\Mozilla\Extensions
[2012.09.09 21:05:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\tilapainen\Application Data\Mozilla\Firefox\Profiles\22u9jtko.default\extensions
[2008.01.26 22:37:43 | 000,000,000 | ---D | M] (chinup) -- C:\Documents and Settings\tilapainen\Application Data\Mozilla\Firefox\Profiles\22u9jtko.default\extensions\{28fe3db0-1945-11db-a98b-0800200c9a66}
[2012.03.30 15:59:37 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\tilapainen\Application Data\Mozilla\Firefox\Profiles\22u9jtko.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2009.08.15 22:19:56 | 000,000,000 | ---D | M] (Browser Defender Toolbar) -- C:\Documents and Settings\tilapainen\Application Data\Mozilla\Firefox\Profiles\22u9jtko.default\extensions\{cb84136f-9c44-433a-9048-c5cd9df1dc16}
[2012.08.18 01:18:34 | 000,000,000 | ---D | M] ("Xmarks") -- C:\Documents and Settings\tilapainen\Application Data\Mozilla\Firefox\Profiles\22u9jtko.default\extensions\
[email protected][2012.09.09 21:05:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\TILAPAINEN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\22U9JTKO.DEFAULT\EXTENSIONS\{D4DD63FA-01E4-46A7-B6B1-EDAB7D6AD389}.XPI
[2012.08.25 05:01:06 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.08.25 05:00:22 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.08.25 05:00:22 | 000,002,253 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
O1 HOSTS File: ([2009.05.08 17:25:12 | 000,305,915 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 10536 more lines...
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\imekrmig.exe (Microsoft Corporation)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MP10_EnsureFileVer] C:\WINDOWS\inf\unregmp2.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe (BillP Studios)
O4 - HKCU..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe (Phoenix Labs)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files\PPLive\PPLive.exe ()
O9 - Extra 'Tools' menuitem : PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files\PPLive\PPLive.exe ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: hotmail.com ([]* in Luotettavat sivustot)
O15 - HKCU\..Trusted Domains: live.com ([]* in Luotettavat sivustot)
O15 - HKCU\..Trusted Domains: msn.com ([]* in Luotettavat sivustot)
O15 - HKCU\..Trusted Domains: passport.com ([]* in Luotettavat sivustot)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75}
http://www.kaspersky...can_unicode.cab (CKAVWebScan Object)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700}
http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501}
http://messenger.zon...kr.cab56986.cab (Checkers Class)
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE}
http://security.syma...bin/AvSniff.cab (Symantec AntiVirus scanner)
O16 - DPF: {59DBDDA6-9A80-42A4-B824-9BC50CC172F5}
http://www.programch...m/dll/nixon.cab (Zenturi ConfigMgrEx Class)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5}
http://security.syma...n/bin/cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {8EEB54D5-CC70-40E4-B015-AC478C02ECC8}
http://playple.com/v...ab/SLViewer.cab (SLViewer Control)
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876}
http://support.f-sec...m/ols/fscax.cab (F-Secure Online Scanner 3.3)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072}
http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48}
http://messenger.zon...er.cab56986.cab (Minesweeper Flags Class)
O20 - AppInit_DLLs: (C:\WINDOWS\system32\guard32.dll) - C:\WINDOWS\system32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Nykyinen kotisivu) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\tilapainen\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\tilapainen\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.04.01 22:19:39 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ========== [2012.09.09 21:12:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\tilapainen\Työpöytä\OTL
[2012.09.09 21:05:00 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.09.09 20:54:30 | 004,747,716 | ---- | C] (Swearware) -- C:\Documents and Settings\tilapainen\Työpöytä\ComboFix.exe
[2012.09.09 20:54:30 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Documents and Settings\tilapainen\Työpöytä\aswMBR.exe
[2012.09.09 20:54:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\tilapainen\Työpöytä\polt
[2012.09.09 20:32:40 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\tilapainen\Recent
[2012.09.09 05:23:39 | 000,599,552 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\tilapainen\Työpöytä\OTL.exe
[2012.09.07 07:19:29 | 002,306,304 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\ALCXWDM.SYS
[2012.09.07 00:25:16 | 000,000,000 | -H-D | C] -- C:\VritualRoot
[2012.09.06 05:24:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\tilapainen\Työpöytä\ProcessMonitor
[2012.09.06 05:23:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\tilapainen\Työpöytä\apps
[2012.09.01 06:55:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2012.09.01 06:50:48 | 000,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2012.09.01 06:50:48 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2012.09.01 06:50:46 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wam51.dll
[2012.09.01 06:50:46 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamreg51.dll
[2012.09.01 06:50:46 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamps51.dll
[2012.09.01 06:50:44 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svc.dll
[2012.09.01 06:50:44 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ext.dll
[2012.09.01 06:50:44 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svapi.dll
[2012.09.01 06:50:44 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ctrs51.dll
[2012.09.01 06:50:43 | 000,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2012.09.01 06:50:32 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uihelper.dll
[2012.09.01 06:50:30 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2012.09.01 06:50:28 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2012.09.01 06:50:28 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tools.dll
[2012.09.01 06:50:28 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2012.09.01 06:50:27 | 000,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2012.09.01 06:50:27 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2012.09.01 06:50:27 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2012.09.01 06:50:26 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2012.09.01 06:50:26 | 000,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2012.09.01 06:50:26 | 000,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2012.09.01 06:50:23 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\svcext51.dll
[2012.09.01 06:50:22 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sspifilt.dll
[2012.09.01 06:50:22 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\status.dll
[2012.09.01 06:50:21 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2012.09.01 06:50:21 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssinc51.dll
[2012.09.01 06:50:17 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpsmir.dll
[2012.09.01 06:50:17 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpthrd.dll
[2012.09.01 06:50:17 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2012.09.01 06:50:17 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmptrap.exe
[2012.09.01 06:50:17 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2012.09.01 06:50:17 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpmib.dll
[2012.09.01 06:50:16 | 000,457,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsvc.dll
[2012.09.01 06:50:16 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpincl.dll
[2012.09.01 06:50:16 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpcl.dll
[2012.09.01 06:50:16 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmp.exe
[2012.09.01 06:50:15 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2012.09.01 06:50:15 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2012.09.01 06:50:14 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smi2smir.exe
[2012.09.01 06:50:14 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2012.09.01 06:50:14 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2012.09.01 06:50:14 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2012.09.01 06:50:14 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2012.09.01 06:50:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2012.09.01 06:50:13 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2012.09.01 06:50:13 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2012.09.01 06:50:13 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2012.09.01 06:50:13 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2012.09.01 06:50:13 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2012.09.01 06:50:13 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2012.09.01 06:50:13 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2012.09.01 06:50:12 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2012.09.01 06:50:12 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2012.09.01 06:50:12 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2012.09.01 06:50:09 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2012.09.01 06:50:03 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2012.09.01 06:50:02 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2012.09.01 06:50:00 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2012.09.01 06:49:59 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2012.09.01 06:49:59 | 000,026,624 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2012.09.01 06:49:59 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rw001ext.dll
[2012.09.01 06:49:57 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcref.dll
[2012.09.01 06:49:55 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2012.09.01 06:49:55 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2012.09.01 06:49:52 | 000,020,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ramdisk.sys
[2012.09.01 06:49:52 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2012.09.01 06:49:51 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2012.09.01 06:49:50 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pwsdata.dll
[2012.09.01 06:49:47 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2012.09.01 06:49:47 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2012.09.01 06:49:47 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2012.09.01 06:49:47 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2012.09.01 06:49:46 | 000,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2012.09.01 06:49:46 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2012.09.01 06:49:45 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\permchk.dll
[2012.09.01 06:49:44 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pagecnt.dll
[2012.09.01 06:49:36 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2012.09.01 06:49:35 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nsepm.dll
[2012.09.01 06:49:33 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nextlink.dll
[2012.09.01 06:49:27 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtstocom.exe
[2012.09.01 06:49:10 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2012.09.01 06:49:10 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migregdb.exe
[2012.09.01 06:49:09 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2012.09.01 06:49:09 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\metada51.dll
[2012.09.01 06:49:09 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdsync.dll
[2012.09.01 06:49:08 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\md5filt.dll
[2012.09.01 06:49:07 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2012.09.01 06:49:06 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpdsvc.dll
[2012.09.01 06:49:06 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logscrpt.dll
[2012.09.01 06:49:06 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lprmon.dll
[2012.09.01 06:49:06 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lonsint.dll
[2012.09.01 06:49:05 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lmmib2.dll
[2012.09.01 06:49:01 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2012.09.01 06:49:01 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2012.09.01 06:49:01 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2012.09.01 06:49:00 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2012.09.01 06:49:00 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2012.09.01 06:49:00 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2012.09.01 06:49:00 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2012.09.01 06:49:00 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2012.09.01 06:49:00 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2012.09.01 06:48:58 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2012.09.01 06:48:58 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2012.09.01 06:48:58 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2012.09.01 06:48:58 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2012.09.01 06:48:58 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2012.09.01 06:48:57 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2012.09.01 06:48:57 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2012.09.01 06:48:57 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2012.09.01 06:48:57 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2012.09.01 06:48:56 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2012.09.01 06:48:56 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2012.09.01 06:48:56 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2012.09.01 06:48:56 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2012.09.01 06:48:55 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2012.09.01 06:48:55 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2012.09.01 06:48:55 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2012.09.01 06:48:54 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2012.09.01 06:48:54 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iwrps.dll
[2012.09.01 06:48:54 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2012.09.01 06:48:54 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2012.09.01 06:48:53 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iscomlog.dll
[2012.09.01 06:48:53 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isapips.dll
[2012.09.01 06:48:51 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iprip.dll
[2012.09.01 06:48:50 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infocomm.dll
[2012.09.01 06:48:50 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoctrs.dll
[2012.09.01 06:48:49 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetin51.exe
[2012.09.01 06:48:44 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iislog51.dll
[2012.09.01 06:48:44 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisclex4.dll
[2012.09.01 06:48:44 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iiscrmap.dll
[2012.09.01 06:48:44 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisfecnv.dll
[2012.09.01 06:48:44 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iissync.exe
[2012.09.01 06:48:44 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismui.dll
[2012.09.01 06:48:43 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iische51.dll
[2012.09.01 06:48:43 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisadmin.dll
[2012.09.01 06:48:25 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2012.09.01 06:48:24 | 000,268,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpext.dll
[2012.09.01 06:48:24 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpod51.dll
[2012.09.01 06:48:24 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpmb51.dll
[2012.09.01 06:48:22 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hostmib.dll
[2012.09.01 06:48:20 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gzip.dll
[2012.09.01 06:48:19 | 000,400,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsxp32.dll
[2012.09.01 06:48:18 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsst.dll
[2012.09.01 06:48:18 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxstiff.dll
[2012.09.01 06:48:18 | 000,268,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssvc.exe
[2012.09.01 06:48:18 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxst30.dll
[2012.09.01 06:48:18 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxswzrd.dll
[2012.09.01 06:48:18 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsui.dll
[2012.09.01 06:48:18 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2012.09.01 06:48:17 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscover.exe
[2012.09.01 06:48:17 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsevent.dll
[2012.09.01 06:48:17 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2012.09.01 06:48:17 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsdrv.dll
[2012.09.01 06:48:17 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsmon.dll
[2012.09.01 06:48:17 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsext32.dll
[2012.09.01 06:48:17 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsperf.dll
[2012.09.01 06:48:17 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsres.dll
[2012.09.01 06:48:16 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsapi.dll
[2012.09.01 06:48:16 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscomex.dll
[2012.09.01 06:48:16 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclnt.exe
[2012.09.01 06:48:16 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2012.09.01 06:48:16 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2012.09.01 06:48:16 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscom.dll
[2012.09.01 06:48:15 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsv251.dll
[2012.09.01 06:48:15 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpctrs2.dll
[2012.09.01 06:48:15 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpmib.dll
[2012.09.01 06:48:15 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2012.09.01 06:48:14 | 000,024,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmcgi.exe
[2012.09.01 06:48:14 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmdll.dll
[2012.09.01 06:48:13 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2012.09.01 06:48:12 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2012.09.01 06:48:12 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exstrace.dll
[2012.09.01 06:48:11 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntagnt.dll
[2012.09.01 06:48:11 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntwin.exe
[2012.09.01 06:48:11 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2012.09.01 06:48:11 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntcmd.exe
[2012.09.01 06:48:10 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2012.09.01 06:48:10 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2012.09.01 06:48:10 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2012.09.01 06:48:00 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\davcdata.exe
[2012.09.01 06:47:58 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convlog.exe
[2012.09.01 06:47:58 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\counters.dll
[2012.09.01 06:47:58 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2012.09.01 06:47:57 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\controt.dll
[2012.09.01 06:47:56 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\compfilt.dll
[2012.09.01 06:47:54 | 000,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2012.09.01 06:47:54 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2012.09.01 06:47:54 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2012.09.01 06:47:53 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2012.09.01 06:47:53 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2012.09.01 06:47:52 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2012.09.01 06:47:52 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2012.09.01 06:47:52 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2012.09.01 06:47:52 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2012.09.01 06:47:50 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2012.09.01 06:47:49 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2012.09.01 06:47:40 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browscap.dll
[2012.09.01 06:47:38 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\authfilt.dll
[2012.09.01 06:47:28 | 000,369,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asp51.dll
[2012.09.01 06:47:28 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asptxn.dll
[2012.09.01 06:47:28 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aspperf.dll
[2012.09.01 06:47:27 | 000,331,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aqueue.dll
[2012.09.01 06:47:27 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\appconf.dll
[2012.09.01 06:47:27 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2012.09.01 06:47:24 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040d.dll
[2012.09.01 06:47:24 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0401.dll
[2012.09.01 06:47:17 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2012.09.01 06:47:16 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adrot.dll
[2012.09.01 06:47:16 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admexs.dll
[2012.09.01 06:47:16 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admxprox.dll
[2012.09.01 06:47:11 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamregps.dll
[2012.09.01 06:47:10 | 000,032,827 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptest.exe
[2012.09.01 06:47:10 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptsat.dll
[2012.09.01 06:47:09 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\staxmem.dll
[2012.09.01 06:47:08 | 000,020,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.dll
[2012.09.01 06:47:08 | 000,016,437 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.exe
[2012.09.01 06:47:02 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logui.ocx
[2012.09.01 06:47:01 | 000,832,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.dll
[2012.09.01 06:47:01 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isatq.dll
[2012.09.01 06:47:01 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetsloc.dll
[2012.09.01 06:47:01 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoadmn.dll
[2012.09.01 06:47:01 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.exe
[2012.09.01 06:47:00 | 000,171,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisui.dll
[2012.09.01 06:47:00 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrtl.dll
[2012.09.01 06:47:00 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisext51.dll
[2012.09.01 06:47:00 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismap.dll
[2012.09.01 06:47:00 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstas.exe
[2012.09.01 06:47:00 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisreset.exe
[2012.09.01 06:47:00 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstap.dll
[2012.09.01 06:46:59 | 000,598,071 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmc.dll
[2012.09.01 06:46:59 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmcsat.dll
[2012.09.01 06:46:59 | 000,020,538 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpremadm.exe
[2012.09.01 06:46:59 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsapi2.dll
[2012.09.01 06:46:58 | 000,876,653 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awel.dll
[2012.09.01 06:46:58 | 000,188,494 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpcount.exe
[2012.09.01 06:46:58 | 000,109,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98swin.exe
[2012.09.01 06:46:58 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpexedll.dll
[2012.09.01 06:46:58 | 000,014,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98sadm.exe
[2012.09.01 06:46:57 | 000,147,513 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4apws.dll
[2012.09.01 06:46:57 | 000,102,509 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4atxt.dll
[2012.09.01 06:46:57 | 000,082,035 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4anscp.dll
[2012.09.01 06:46:57 | 000,049,212 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awebs.dll
[2012.09.01 06:46:57 | 000,049,210 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4areg.dll
[2012.09.01 06:46:57 | 000,041,020 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avnb.dll
[2012.09.01 06:46:57 | 000,032,826 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avss.dll
[2012.09.01 06:46:56 | 000,184,435 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4amsft.dll
[2012.09.01 06:46:55 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certwiz.ocx
[2012.09.01 06:46:55 | 000,188,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgwiz.exe
[2012.09.01 06:46:55 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certmap.ocx
[2012.09.01 06:46:55 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cnfgprts.ocx
[2012.09.01 06:46:55 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\coadmin.dll
[2012.09.01 06:46:54 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adsiis51.dll
[2012.09.01 06:46:54 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.dll
[2012.09.01 06:46:54 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.exe
[2012.09.01 06:46:53 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admwprox.dll
[2012.09.01 06:46:53 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.exe
[2012.09.01 06:46:52 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.dll
[2012.09.01 06:44:39 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2012.09.01 06:25:40 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2012.09.01 06:25:40 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2012.09.01 06:25:40 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2012.09.01 06:25:40 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2012.09.01 01:31:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\tilapainen\Työpöytä\test
[2012.09.01 00:59:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Käynnistä-valikko\Ohjelmat\HitmanPro
[2012.09.01 00:58:20 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro
[2012.09.01 00:57:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\HitmanPro
[2012.08.31 22:40:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\tilapainen\Application Data\SUPERAntiSpyware.com
[2012.08.31 22:38:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\SUPERAntiSpyware.com
[2012.08.31 22:38:53 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2012.08.31 22:23:05 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012.08.31 21:50:26 | 000,000,000 | ---D | C] -- C:\Program Files\NirSoft
[2012.08.31 21:35:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Käynnistä-valikko\Ohjelmat\Seagate
[2012.08.31 21:35:45 | 000,000,000 | ---D | C] -- C:\Program Files\Seagate
[2012.08.31 21:09:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\tilapainen\Työpöytä\Autoruns
[2012.08.31 21:02:34 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2012.08.31 20:59:23 | 050,449,456 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\tilapainen\Työpöytä\dotNetFx40_Full_x86_x64.exe
[2012.08.31 20:51:55 | 007,758,424 | ---- | C] (SurfRight B.V.) -- C:\Documents and Settings\tilapainen\Työpöytä\HitmanPro36.exe
[2012.08.31 20:51:10 | 002,211,928 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\tilapainen\Työpöytä\tdsskiller.exe
[2012.08.31 20:50:53 | 019,519,528 | ---- | C] (SUPERAntiSpyware.com) -- C:\Documents and Settings\tilapainen\Työpöytä\SUPERAntiSpyware.exe
[2012.08.31 20:50:45 | 019,519,728 | ---- | C] (SUPERAntiSpyware.com) -- C:\Documents and Settings\tilapainen\Työpöytä\SUPERAntiSpywarePro.exe
[2012.08.31 15:18:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Käynnistä-valikko\Ohjelmat\CrystalDiskInfo
[2012.08.31 15:18:54 | 000,000,000 | ---D | C] -- C:\Program Files\CrystalDiskInfo
[2012.08.31 15:15:04 | 003,103,776 | ---- | C] (Crystal Dew World ) -- C:\Documents and Settings\tilapainen\Työpöytä\CrystalDiskInfo5_0_3Shizuku-en.exe
[2012.08.31 15:14:59 | 000,000,000 | ---D | C] -- C:\Downloads
[2012.08.30 20:39:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\tilapainen\Application Data\Malwarebytes
[2012.08.30 20:38:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Käynnistä-valikko\Ohjelmat\Malwarebytes' Anti-Malware
[2012.08.30 20:38:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes
[2012.08.30 20:38:24 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012.08.30 20:38:24 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.08.30 20:29:31 | 010,652,120 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\tilapainen\Työpöytä\mbam-setup-1.62.0.1300.exe
[2012.08.30 20:29:31 | 000,080,456 | ---- | C] (Malwarebytes Corporation) -- C:\Documents and Settings\tilapainen\Työpöytä\mbam-clean-1.60.2.0003.exe
[2012.08.30 19:54:12 | 000,000,000 | R--D | C] -- C:\Documents and Settings\tilapainen\Käynnistä-valikko\Ohjelmat\Valvontatyökalut
[2012.08.30 19:54:12 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy
[2012.08.30 07:34:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2012.08.29 23:33:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\tilapainen\Omat tiedostot
[2012.08.29 23:26:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\tilapainen\Työpöytä\Downloads
[2012.08.15 00:31:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\tilapainen\Local Settings\Application Data\Google
[14 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[132 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2012.09.09 22:40:00 | 000,000,520 | ---- | M] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 86a31f33-2771-40e0-bf19-220dfd227e8c.job
[2012.09.09 22:31:01 | 000,219,120 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap
[2012.09.09 22:31:01 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.09.09 22:18:18 | 000,050,688 | ---- | M] () -- C:\Documents and Settings\tilapainen\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.09.09 08:38:20 | 000,013,581 | ---- | M] () -- C:\Documents and Settings\tilapainen\Työpöytä\ohjeet.rtf
[2012.09.09 08:37:30 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Documents and Settings\tilapainen\Työpöytä\aswMBR.exe
[2012.09.09 08:33:38 | 000,061,440 | ---- | M] ( ) -- C:\Documents and Settings\tilapainen\Työpöytä\VEW.exe
[2012.09.09 08:32:00 | 004,747,716 | ---- | M] (Swearware) -- C:\Documents and Settings\tilapainen\Työpöytä\ComboFix.exe
[2012.09.09 03:57:20 | 000,599,552 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\tilapainen\Työpöytä\OTL.exe
[2012.09.07 09:59:30 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.09.06 07:35:58 | 000,002,329 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Työpöytä\SeaTools for Windows.lnk
[2012.09.05 23:32:21 | 005,836,954 | ---- | M] () -- C:\Documents and Settings\tilapainen\Työpöytä\AutoRuns log.arn
[2012.09.03 22:32:56 | 000,302,592 | ---- | M] () -- C:\Documents and Settings\tilapainen\Työpöytä\ws8rc1kx.exe
[2012.09.01 06:59:07 | 000,000,779 | ---- | M] () -- C:\Documents and Settings\tilapainen\Application Data\Microsoft\Internet Explorer\Quick Launch\Käynnistä Internet Explorer -selain.lnk
[2012.09.01 06:58:56 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.bak
[2012.09.01 06:57:12 | 000,496,486 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.09.01 06:57:12 | 000,472,338 | ---- | M] () -- C:\WINDOWS\System32\perfh00B.dat
[2012.09.01 06:57:12 | 000,102,616 | ---- | M] () -- C:\WINDOWS\System32\perfc00B.dat
[2012.09.01 06:57:12 | 000,085,928 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.09.01 06:54:57 | 000,176,264 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.09.01 06:52:48 | 000,000,288 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2012.09.01 06:46:22 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2012.09.01 06:46:21 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2012.09.01 06:46:21 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2012.09.01 06:46:07 | 000,004,381 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2012.09.01 06:42:45 | 000,022,736 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012.09.01 06:40:21 | 000,000,222 | -HS- | M] () -- C:\boot.ini
[2012.09.01 05:29:41 | 000,054,949 | ---- | M] () -- C:\WINDOWS\setupapi.old
[2012.09.01 02:32:20 | 000,000,000 | ---- | M] () -- C:\WindowsLiveMessenger-uccapi-0.uccapilog
[2012.09.01 00:59:31 | 000,001,610 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Työpöytä\HitmanPro.lnk
[2012.08.31 22:39:05 | 000,001,678 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Työpöytä\SUPERAntiSpyware Professional.lnk
[2012.08.31 21:07:09 | 000,537,139 | ---- | M] () -- C:\Documents and Settings\tilapainen\Työpöytä\Autoruns.zip
[2012.08.31 21:00:05 | 050,449,456 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\tilapainen\Työpöytä\dotNetFx40_Full_x86_x64.exe
[2012.08.31 20:52:01 | 007,758,424 | ---- | M] (SurfRight B.V.) -- C:\Documents and Settings\tilapainen\Työpöytä\HitmanPro36.exe
[2012.08.31 20:51:29 | 019,519,528 | ---- | M] (SUPERAntiSpyware.com) -- C:\Documents and Settings\tilapainen\Työpöytä\SUPERAntiSpyware.exe
[2012.08.31 20:51:23 | 019,519,728 | ---- | M] (SUPERAntiSpyware.com) -- C:\Documents and Settings\tilapainen\Työpöytä\SUPERAntiSpywarePro.exe
[2012.08.31 20:51:22 | 002,211,928 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\tilapainen\Työpöytä\tdsskiller.exe
[2012.08.31 20:50:26 | 021,476,536 | ---- | M] () -- C:\Documents and Settings\tilapainen\Työpöytä\SeaToolsforWindowsSetup-1206.exe
[2012.08.31 20:49:51 | 000,130,247 | ---- | M] () -- C:\Documents and Settings\tilapainen\Työpöytä\bluescreenview_setup.exe
[2012.08.31 15:18:58 | 000,001,650 | ---- | M] () -- C:\Documents and Settings\tilapainen\Työpöytä\CrystalDiskInfo.lnk
[2012.08.31 15:15:29 | 003,103,776 | ---- | M] (Crystal Dew World ) -- C:\Documents and Settings\tilapainen\Työpöytä\CrystalDiskInfo5_0_3Shizuku-en.exe
[2012.08.30 20:38:32 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\tilapainen\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2012.08.30 20:38:32 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Työpöytä\Malwarebytes Anti-Malware.lnk
[2012.08.30 20:27:06 | 010,652,120 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\tilapainen\Työpöytä\mbam-setup-1.62.0.1300.exe
[2012.08.30 20:26:28 | 000,080,456 | ---- | M] (Malwarebytes Corporation) -- C:\Documents and Settings\tilapainen\Työpöytä\mbam-clean-1.60.2.0003.exe
[2012.08.30 20:24:38 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Työpöytä\Mozilla Firefox.lnk
[2012.08.26 03:28:51 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012.08.15 17:57:23 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\logiflt.iad
[14 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[132 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ========== [2012.09.09 20:54:30 | 000,061,440 | ---- | C] ( ) -- C:\Documents and Settings\tilapainen\Työpöytä\VEW.exe
[2012.09.09 20:54:30 | 000,013,581 | ---- | C] () -- C:\Documents and Settings\tilapainen\Työpöytä\ohjeet.rtf
[2012.09.08 00:33:19 | 000,302,592 | ---- | C] () -- C:\Documents and Settings\tilapainen\Työpöytä\ws8rc1kx.exe
[2012.09.05 23:32:16 | 005,836,954 | ---- | C] () -- C:\Documents and Settings\tilapainen\Työpöytä\AutoRuns log.arn
[2012.09.01 06:48:48 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2012.09.01 06:48:14 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2012.09.01 06:47:53 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2012.09.01 06:25:28 | 001,014,139 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT
[2012.09.01 06:25:28 | 000,809,684 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2012.09.01 06:25:28 | 000,399,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2012.09.01 06:25:28 | 000,141,702 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat
[2012.09.01 06:25:28 | 000,102,826 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat
[2012.09.01 06:25:28 | 000,037,509 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2012.09.01 06:25:28 | 000,031,965 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat
[2012.09.01 06:25:28 | 000,030,983 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2012.09.01 06:25:28 | 000,014,043 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2012.09.01 06:25:28 | 000,013,497 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2012.09.01 06:25:28 | 000,009,581 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2012.09.01 06:25:28 | 000,008,599 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2012.09.01 06:25:28 | 000,007,407 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2012.09.01 06:25:28 | 000,007,245 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2012.09.01 06:25:27 | 001,895,804 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2012.09.01 06:25:27 | 000,620,210 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2012.09.01 05:14:40 | 000,000,520 | ---- | C] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 86a31f33-2771-40e0-bf19-220dfd227e8c.job
[2012.09.01 02:23:17 | 000,000,000 | ---- | C] () -- C:\WindowsLiveMessenger-uccapi-0.uccapilog
[2012.09.01 00:59:31 | 000,001,610 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Työpöytä\HitmanPro.lnk
[2012.08.31 22:39:05 | 000,001,678 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Työpöytä\SUPERAntiSpyware Professional.lnk
[2012.08.31 21:35:50 | 000,002,329 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Työpöytä\SeaTools for Windows.lnk
[2012.08.31 21:07:00 | 000,537,139 | ---- | C] () -- C:\Documents and Settings\tilapainen\Työpöytä\Autoruns.zip
[2012.08.31 20:50:08 | 021,476,536 | ---- | C] () -- C:\Documents and Settings\tilapainen\Työpöytä\SeaToolsforWindowsSetup-1206.exe
[2012.08.31 20:49:46 | 000,130,247 | ---- | C] () -- C:\Documents and Settings\tilapainen\Työpöytä\bluescreenview_setup.exe
[2012.08.31 15:18:58 | 000,001,650 | ---- | C] () -- C:\Documents and Settings\tilapainen\Työpöytä\CrystalDiskInfo.lnk
[2012.08.31 00:58:44 | 000,054,949 | ---- | C] () -- C:\WINDOWS\setupapi.old
[2012.08.30 20:38:32 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\tilapainen\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2012.08.30 20:38:32 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Työpöytä\Malwarebytes Anti-Malware.lnk
[2012.02.16 21:21:08 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011.11.08 19:08:38 | 000,508,224 | ---- | C] () -- C:\WINDOWS\System32\ICCProfiles.dll
[2011.10.24 12:49:28 | 000,001,724 | ---- | C] () -- C:\WINDOWS\System32\.ini
[2011.07.13 07:20:04 | 000,023,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2011.07.11 22:47:08 | 000,268,952 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2011.07.11 22:46:57 | 000,075,136 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2009.07.06 21:23:40 | 000,001,324 | ---- | C] () -- C:\Documents and Settings\tilapainen\Local Settings\Application Data\d3d9caps.dat
[2008.10.26 20:05:41 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\tilapainen\userprefs.prop
[2008.01.26 16:49:28 | 000,050,688 | ---- | C] () -- C:\Documents and Settings\tilapainen\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.08.25 14:51:54 | 000,000,040 | -HS- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\.zreglib
[2006.04.03 16:50:45 | 000,040,960 | ---- | C] () -- C:\Program Files\Uninstall_CDS.exe
< End of report >
-----------------------------------
aswMBR log:
----------------------------------
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-09 23:55:08
-----------------------------
23:55:08.407 OS Version: Windows 5.1.2600 Service Pack 2
23:55:08.407 Number of processors: 1 586 0x2F02
23:55:08.423 ComputerName: EMT-F8A04F66186 UserName: tilapainen
23:55:09.657 Initialize success
23:57:49.001 AVAST engine defs: 12090900
23:58:32.547 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
23:58:32.547 Disk 0 Vendor: ST3160023A 8.01 Size: 152627MB BusType: 3
23:58:32.563 Disk 0 MBR read successfully
23:58:32.563 Disk 0 MBR scan
23:58:32.657 Disk 0 Windows XP default MBR code
23:58:32.657 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 152617 MB offset 63
23:58:32.735 Disk 0 scanning sectors +312560640
23:58:32.844 Disk 0 scanning C:\WINDOWS\system32\drivers
23:59:16.282 Service scanning
23:59:56.891 Modules scanning
00:00:04.313 AVAST engine scan C:\
02:52:22.266 File: C:\Program Files\COMODO\COMODO Internet Security\Quarantine\089DE196-CC48-44E4-B465-250EC4B7E505.data **HIDDEN**
02:52:25.688 File: C:\Program Files\COMODO\COMODO Internet Security\Quarantine\26ADFDCC-5E4A-4D1B-9FF9-5869102BD1BA.data **HIDDEN**
02:52:29.157 File: C:\Program Files\COMODO\COMODO Internet Security\Quarantine\AB651CE5-47F2-437A-A17C-35E463B1FE77.data **HIDDEN**
02:52:32.672 File: C:\Program Files\COMODO\COMODO Internet Security\Quarantine\C1795771-B03B-4E87-A4D2-964E1A2CB0EA.data **HIDDEN**
02:52:32.954 File: C:\Program Files\COMODO\COMODO Internet Security\Quarantine\C3BCE802-5896-4CF6-B870-94AD3BCA17FF.data **HIDDEN**
02:52:36.547 File: C:\Program Files\COMODO\COMODO Internet Security\Quarantine\C3DED227-DC85-4F93-B261-A74E9CB1AEA1.data **HIDDEN**
02:52:40.032 File: C:\Program Files\COMODO\COMODO Internet Security\Quarantine\CDEB193B-2A0F-4871-99A0-948619C3CFF9.data **HIDDEN**
02:52:40.235 File: C:\Program Files\COMODO\COMODO Internet Security\Quarantine\D76D0231-5C2B-46DB-973F-022520F62797.data **HIDDEN**
02:52:59.594 Scan finished successfully
02:54:24.766 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\tilapainen\Työpöytä\MBR.dat"
02:54:24.829 The log file has been saved successfully to "C:\Documents and Settings\tilapainen\Työpöytä\aswMBR.txt"
-------------------------------------------
ComboFix log:
-------------------------------------------
ComboFix 12-09-09.02 - tilapainen 10.09.2012 3:32.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.2.1252.358.1035.18.1022.492 [GMT 3:00]
Sijainti: c:\documents and settings\tilapainen\Ty÷p÷ytõ\ComboFix.exe
AV: COMODO Antivirus *Disabled/Outdated* {043803A5-4F86-4ef7-AFC5-F6E02A79969B}
FW: COMODO Firewall *Disabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.
.
(((((((((((((((((((((((((((((((((((((( Muut poistot ))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users.WINDOWS\Application Data\TEMP
c:\documents and settings\All Users.WINDOWS\Application Data\TEMP\DFC5A2B2.TMP
c:\documents and settings\NetworkService.NT-HALLINTA.000\ntuser.tmp
c:\documents and settings\tilapainen\WINDOWS
c:\windows\daemon.dll
c:\windows\system32\_000003_.tmp.dll
c:\windows\system32\_000006_.tmp.dll
c:\windows\system32\_000007_.tmp.dll
c:\windows\system32\_000008_.tmp.dll
c:\windows\system32\_000009_.tmp.dll
c:\windows\system32\_000012_.tmp.dll
c:\windows\system32\_000013_.tmp.dll
c:\windows\system32\_000014_.tmp.dll
c:\windows\system32\_000015_.tmp.dll
c:\windows\system32\_000044_.tmp.dll
c:\windows\system32\drivers\etc\hosts.ics
c:\windows\system32\SET10.tmp
c:\windows\system32\SET10E.tmp
c:\windows\system32\SET11.tmp
c:\windows\system32\SET117.tmp
c:\windows\system32\SET11B.tmp
c:\windows\system32\SET120.tmp
c:\windows\system32\SET121.tmp
c:\windows\system32\SET12C.tmp
c:\windows\system32\SET13D.tmp
c:\windows\system32\SET148.tmp
c:\windows\system32\SET149.tmp
c:\windows\system32\SET14A.tmp
c:\windows\system32\SET14B.tmp
c:\windows\system32\SET14C.tmp
c:\windows\system32\SET14E.tmp
c:\windows\system32\SET150.tmp
c:\windows\system32\SET151.tmp
c:\windows\system32\SET153.tmp
c:\windows\system32\SET154.tmp
c:\windows\system32\SET16.tmp
c:\windows\system32\SET19D.tmp
c:\windows\system32\SET19F.tmp
c:\windows\system32\SET1AC.tmp
c:\windows\system32\SET1B0.tmp
c:\windows\system32\SET1B1.tmp
c:\windows\system32\SET1B2.tmp
c:\windows\system32\SET1B3.tmp
c:\windows\system32\SET1B4.tmp
c:\windows\system32\SET1B6.tmp
c:\windows\system32\SET1B7.tmp
c:\windows\system32\SET1B8.tmp
c:\windows\system32\SET1BB.tmp
c:\windows\system32\SET1BC.tmp
c:\windows\system32\SET1BD.tmp
c:\windows\system32\SET1C0.tmp
c:\windows\system32\SET1C2.tmp
c:\windows\system32\SET1E.tmp
c:\windows\system32\SET1EE.tmp
c:\windows\system32\SET1EF.tmp
c:\windows\system32\SET1F0.tmp
c:\windows\system32\SET1F4.tmp
c:\windows\system32\SET1F5.tmp
c:\windows\system32\SET1F9.tmp
c:\windows\system32\SET1FA.tmp
c:\windows\system32\SET1FB.tmp
c:\windows\system32\SET1FF.tmp
c:\windows\system32\SET20.tmp
c:\windows\system32\SET203.tmp
c:\windows\system32\SET206.tmp
c:\windows\system32\SET20A.tmp
c:\windows\system32\SET20F.tmp
c:\windows\system32\SET217.tmp
c:\windows\system32\SET218.tmp
c:\windows\system32\SET219.tmp
c:\windows\system32\SET21C.tmp
c:\windows\system32\SET21E.tmp
c:\windows\system32\SET222.tmp
c:\windows\system32\SET226.tmp
c:\windows\system32\SET227.tmp
c:\windows\system32\SET22F.tmp
c:\windows\system32\SET234.tmp
c:\windows\system32\SET23C.tmp
c:\windows\system32\SET23D.tmp
c:\windows\system32\SET241.tmp
c:\windows\system32\SET245.tmp
c:\windows\system32\SET24E.tmp
c:\windows\system32\SET24F.tmp
c:\windows\system32\SET250.tmp
c:\windows\system32\SET251.tmp
c:\windows\system32\SET252.tmp
c:\windows\system32\SET253.tmp
c:\windows\system32\SET254.tmp
c:\windows\system32\SET255.tmp
c:\windows\system32\SET256.tmp
c:\windows\system32\SET257.tmp
c:\windows\system32\SET258.tmp
c:\windows\system32\SET25C.tmp
c:\windows\system32\SET25D.tmp
c:\windows\system32\SET261.tmp
c:\windows\system32\SET265.tmp
c:\windows\system32\SET266.tmp
c:\windows\system32\SET267.tmp
c:\windows\system32\SET268.tmp
c:\windows\system32\SET26A.tmp
c:\windows\system32\SET26B.tmp
c:\windows\system32\SET26E.tmp
c:\windows\system32\SET273.tmp
c:\windows\system32\SET275.tmp
c:\windows\system32\SET27B.tmp
c:\windows\system32\SET27F.tmp
c:\windows\system32\SET283.tmp
c:\windows\system32\SET284.tmp
c:\windows\system32\SET289.tmp
c:\windows\system32\SET28C.tmp
c:\windows\system32\SET290.tmp
c:\windows\system32\SET291.tmp
c:\windows\system32\SET295.tmp
c:\windows\system32\SET29B.tmp
c:\windows\system32\SET29E.tmp
c:\windows\system32\SET2A6.tmp
c:\windows\system32\SET2D.tmp
c:\windows\system32\SET2F.tmp
c:\windows\system32\SET31.tmp
c:\windows\system32\SET38.tmp
c:\windows\system32\SET58.tmp
c:\windows\system32\SET59.tmp
c:\windows\system32\SET5A.tmp
c:\windows\system32\SET5C.tmp
c:\windows\system32\SET66.tmp
c:\windows\system32\SET67.tmp
c:\windows\system32\SET68.tmp
c:\windows\system32\SET6E.tmp
c:\windows\system32\SET74.tmp
c:\windows\system32\SET75.tmp
c:\windows\system32\SET83.tmp
c:\windows\system32\SET84.tmp
c:\windows\system32\SET85.tmp
c:\windows\system32\SETA1.tmp
c:\windows\system32\SETB1.tmp
c:\windows\system32\SETB4.tmp
c:\windows\system32\SETB8.tmp
c:\windows\system32\SETDC.tmp
c:\windows\system32\SETDD.tmp
c:\windows\system32\SETDE.tmp
c:\windows\system32\SETDF.tmp
c:\windows\system32\SETE.tmp
c:\windows\system32\SETEE.tmp
c:\windows\system32\SETF.tmp
c:\windows\system32\SETF2.tmp
c:\windows\system32\SETFA.tmp
c:\windows\system32\SETFB.tmp
.
.
((((( Tiedostot, jotka on luotu seuraavalla aikavälillä: 2012-08-10 to 2012-09-10 )))))))))))))))))
.
.
2012-09-01 03:50 . 2004-09-15 12:00 41600 -c--a-w- c:\windows\system32\dllcache\weitekp9.dll
2012-09-01 03:49 . 2004-09-15 12:00 79872 -c--a-w- c:\windows\system32\dllcache\rwia001.dll
2012-09-01 03:48 . 2004-09-15 12:00 6144 -c--a-w- c:\windows\system32\dllcache\kbdinpun.dll
2012-09-01 03:47 . 2004-09-15 12:00 56320 -c--a-w- c:\windows\system32\dllcache\convlog.exe
2012-09-01 03:46 . 2004-09-15 12:00 6144 -c--a-w- c:\windows\system32\dllcache\ftpsapi2.dll
2012-09-01 03:44 . 2004-09-15 12:00 16384 -c--a-w- c:\windows\system32\dllcache\isignup.exe
2012-09-01 03:44 . 2004-09-15 12:00 16384 ----a-w- c:\program files\Internet Explorer\Connection Wizard\isignup.exe
2012-09-01 03:25 . 2004-09-15 12:00 24661 -c--a-w- c:\windows\system32\dllcache\spxcoins.dll
2012-09-01 03:25 . 2004-09-15 12:00 24661 ----a-w- c:\windows\system32\spxcoins.dll
2012-09-01 03:25 . 2004-09-15 12:00 13312 -c--a-w- c:\windows\system32\dllcache\irclass.dll
2012-09-01 03:25 . 2004-09-15 12:00 13312 ----a-w- c:\windows\system32\irclass.dll
2012-09-01 03:25 . 2004-09-15 12:00 14043 ----a-r- c:\windows\SET166.tmp
2012-09-01 03:25 . 2004-09-15 12:00 1086058 ----a-r- c:\windows\SET15A.tmp
2012-09-01 03:25 . 2004-09-15 12:00 1014139 ----a-r- c:\windows\SET157.tmp
2012-09-01 01:23 . 2012-09-01 01:23 -------- d-----w- c:\documents and settings\Järjestelmänvalvoja.EMT-F8A04F66186\Application Data\SUPERAntiSpyware.com
2012-08-31 23:23 . 2012-08-31 23:23 -------- d-----w- c:\documents and settings\TT\Tracing
2012-08-31 21:58 . 2012-08-31 21:59 -------- d-----w- c:\program files\HitmanPro
2012-08-31 21:57 . 2012-08-31 21:59 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\HitmanPro
2012-08-31 19:40 . 2012-08-31 19:40 -------- d-----w- c:\documents and settings\tilapainen\Application Data\SUPERAntiSpyware.com
2012-08-31 19:38 . 2012-08-31 19:40 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-08-31 19:38 . 2012-08-31 19:38 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\SUPERAntiSpyware.com
2012-08-31 19:23 . 2012-08-31 19:23 -------- d-----w- C:\TDSSKiller_Quarantine
2012-08-31 18:50 . 2012-08-31 18:50 -------- d-----w- c:\program files\NirSoft
2012-08-31 18:35 . 2012-08-31 18:35 -------- d-----w- c:\program files\Seagate
2012-08-31 18:02 . 2012-08-31 18:02 -------- d-----w- c:\program files\Microsoft.NET
2012-08-31 12:18 . 2012-08-31 12:19 -------- d-----w- c:\program files\CrystalDiskInfo
2012-08-31 12:14 . 2012-08-31 12:14 -------- d-----w- C:\Downloads
2012-08-30 18:29 . 2012-08-30 18:29 -------- d-----w- c:\documents and settings\Järjestelmänvalvoja.EMT-F8A04F66186\Application Data\vlc
2012-08-30 17:39 . 2012-08-30 17:39 -------- d-----w- c:\documents and settings\tilapainen\Application Data\Malwarebytes
2012-08-30 17:38 . 2012-08-30 17:38 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Malwarebytes
2012-08-30 17:38 . 2012-08-30 17:38 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-08-30 17:38 . 2012-07-03 10:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-30 17:24 . 2012-08-25 02:00 73696 ----a-w- c:\program files\Mozilla Firefox\breakpadinjector.dll
2012-08-30 16:54 . 2012-08-30 16:54 -------- d--h--w- c:\windows\system32\GroupPolicy
2012-08-30 16:54 . 2012-08-30 16:54 -------- d-----w- c:\documents and settings\TT\Local Settings\Application Data\COMODO
2012-08-30 16:54 . 2012-08-30 16:54 -------- d-----w- c:\documents and settings\LocalService.NT-HALLINTA.000\Application Data\TightVNC
2012-08-30 15:46 . 2012-08-30 15:46 -------- d-----w- c:\documents and settings\Järjestelmänvalvoja.EMT-F8A04F66186\Application Data\Malwarebytes
2012-08-30 04:34 . 2012-08-30 04:38 -------- d-----w- c:\windows\system32\NtmsData
2012-08-30 00:55 . 2012-08-30 00:55 -------- d-sh--w- c:\documents and settings\TT\IETldCache
2012-08-29 20:33 . 2012-08-29 20:33 -------- d-----w- c:\documents and settings\tilapainen\Omat tiedostot
2012-08-14 21:31 . 2012-08-14 21:32 -------- d-----w- c:\documents and settings\tilapainen\Local Settings\Application Data\Google
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-08 17:24 . 2012-07-08 17:24 2 ----a-w- c:\windows\system32\TempWmicBatchFile.bat
2005-03-31 19:17 . 2006-04-03 13:50 40960 ----a-w- c:\program files\Uninstall_CDS.exe
2012-08-25 02:01 . 2011-11-11 08:58 266720 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PeerGuardian"="c:\program files\PeerGuardian2\pg2.exe" [2007-01-29 1432064]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2003-10-31 32768]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"MP10_EnsureFileVer"="c:\windows\inf\unregmp2.exe" [2004-09-15 208896]
"WinPatrol"="c:\program files\BillP Studios\WinPatrol\winpatrol.exe" [2007-04-19 271936]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-18 421888]
"LWS"="c:\program files\Logitech\LWS\Webcam Software\LWS.exe" [2010-05-07 165208]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-09-15 110592]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2012-03-11 6749512]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-09-15 208952]
"IMEKRMIG6.1"="c:\windows\ime\imkr6_1\IMEKRMIG.EXE" [2004-09-15 44032]
"SoundMan"="SOUNDMAN.EXE" [2005-01-10 77824]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-09-15 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-25 437160]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\guard32.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ \0autocheck autochk *
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Käynnistä-valikko^Ohjelmat^Käynnistys^Start GeekBuddy.lnk]
path=c:\documents and settings\All Users.WINDOWS\Käynnistä-valikko\Ohjelmat\Käynnistys\Start GeekBuddy.lnk
backup=c:\windows\pss\Start GeekBuddy.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^tilapainen^Käynnistä-valikko^Ohjelmat^Käynnistys^OpenOffice.org 3.3.lnk]
path=c:\documents and settings\tilapainen\Käynnistä-valikko\Ohjelmat\Käynnistys\OpenOffice.org 3.3.lnk
backup=c:\windows\pss\OpenOffice.org 3.3.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AntiLogger]
2011-11-28 15:58 2976200 ----a-w- c:\program files\AntiLogger\AntiLogger.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools-1033]
2004-08-22 14:05 81920 ----a-w- c:\program files\D-Tools\daemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2012-08-14 21:31 116648 ----atw- c:\documents and settings\tilapainen\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 07:12 1695232 ------w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2010-04-16 20:12 3872080 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\openvpn-gui]
2005-08-18 19:55 99328 ----a-w- c:\program files\SurfBouncer OpenVPN\bin\openvpn-gui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2009-07-02 10:32 98304 ----a-w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ZemanaAntiMalware]
2011-09-22 15:16 6430528 ----a-w- c:\program files\Zemana AntiMalware\ZemanaAntiMalware.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Bonjour Service"=2 (0x2)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\SopCast\\SopCast.exe"=
"c:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"c:\\Warcraft III\\Warcraft III.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Pelit\\Wolfenstein - Enemy Territory\\ET.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Documents and Settings\\tilapainen\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
"c:\\Program Files\\PPLive\\PPLive.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\system32\\sessmgr.exe"=
.
R0 ABIT-IO;ABIT-IO;c:\windows\system32\drivers\ABIT-IO.SYS [17.7.2007 23:40 7680]
R1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\drivers\cmderd.sys [7.10.2011 18:48 18056]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [7.10.2011 18:48 494968]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [7.10.2011 18:48 31704]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [22.7.2011 19:27 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [13.7.2011 0:55 67664]
R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCore.exe [12.8.2011 2:38 116608]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [30.8.2012 20:38 655944]
R2 nlsX86cc;NLS Service;c:\windows\system32\NLSSRV32.EXE [20.12.2011 18:12 68896]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\drivers\ew_jubusenum.sys [13.12.2010 18:22 63616]
R3 ipgd;IC Plus IP1000 Family Gigabit Ethernet Adapter Driver;c:\windows\system32\drivers\ipgdnd51.sys [17.7.2007 23:45 33408]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [30.8.2012 20:38 22344]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [9.9.2012 23:54 40776]
S2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3.11.2006 19:19 13592]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\drivers\ew_hwusbdev.sys [13.12.2010 18:22 101504]
S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys [13.12.2010 18:22 117504]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [12.5.2012 22:55 114144]
S3 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\System32\svchost.exe -k nosGetPlusHelper [15.9.2004 15:00 14336]
S3 RegGuard;RegGuard;c:\windows\system32\drivers\regguard.sys [18.7.2007 11:59 0]
.
--- Muut muistissa olevat ajurit/palvelut ---
.
*NewlyCreated* - ASWMBR
*NewlyCreated* - MBAMSWISSARMY
*Deregistered* - aswMBR
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper
eapsvcs REG_MULTI_SZ
dot3svc REG_MULTI_SZ
.
'Ajoitetut tehtävät'-kansion sisältö
.
2012-09-09 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 86a31f33-2771-40e0-bf19-220dfd227e8c.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2011-05-04 17:52]
.
.
------- Täydentävä tarkistus -------
.
uInternet Settings,ProxyOverride = *.local
Trusted Zone: hotmail.com
Trusted Zone: live.com
Trusted Zone: msn.com
Trusted Zone: passport.com
DPF: {59DBDDA6-9A80-42A4-B824-9BC50CC172F5} - hxxp://www.programchecker.com/dll/nixon.cab
DPF: {8EEB54D5-CC70-40E4-B015-AC478C02ECC8} - hxxp://playple.com/viewer/cab/SLViewer.cab
FF - ProfilePath - c:\documents and settings\tilapainen\Application Data\Mozilla\Firefox\Profiles\22u9jtko.default\
.
- - - - POISTETUT JÄMÄRIVIT - - - -
.
SafeBoot-00033441.sys
SafeBoot-29853978.sys
SafeBoot-50378511.sys
SafeBoot-72731589.sys
SafeBoot-WudfPf
SafeBoot-WudfRd
MSConfigStartUp-Adobe ARM - c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe
AddRemove-BSPlayer1 - c:\bsplayer\uninstall.exe
AddRemove-DC++ - c:\dc++\uninstall.exe
AddRemove-E.M. Total Video Player 1.31_is1 - d:\program files\Total Video Player\unins000.exe
AddRemove-Easy Video Capture_is1 - c:\program files\Easy Video Capture\unins000.exe
AddRemove-eVer-Craft_is1 - c:\ever-craft\unins000.exe
AddRemove-Fallout 2 Restoration Project_is1 - j:\fallout2\unins000.exe
AddRemove-Fraps - c:\frapsuus\uninstall.exe
AddRemove-Garena - c:\program files\Garena\uninst.exe
AddRemove-HijackThis - c:\hijackthis\HijackThis.exe
AddRemove-Hospital - c:\program files\Bullfrog\Hospital\DeIsL1.isu
AddRemove-MAME32k - c:\mame32k\uninst.exe
AddRemove-Mount&Blade Warband - d:\pelit\Mount&Blade Warband\uninstall.exe
AddRemove-PAF Diamond Poker - c:\casino\PAFDIA~1\UNWISE.EXE
AddRemove-PartyPoker - c:\program files\PartyGaming\PartyPoker\Uninstall\Setup.exe
AddRemove-Texas Calculatem 4 with "AutoRead"_is1 - c:\texascalculatem\unins000.exe
AddRemove-TVUPlayer - c:\tvuplayer\uninst.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2012-09-10 03:50
Windows 5.1.2600 Service Pack 2 NTFS
.
detected NTDLL code modification:
ZwClose
.
tarkistaa piilotettuja prosesseja ...
.
tarkistaa piilotettuja käynnistysarvoja ...
.
tarkistaa piilotettuja tiedostoja ...
.
tarkistus on valmis
piilotetut tiedostot: 0
.
**************************************************************************
.
--------------------- LUKITUT REKISTERIAVAIMET ---------------------
.
[HKEY_USERS\S-1-5-21-1659004503-854245398-839522115-1005\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{1112859E-B974-2507-3FC0-A99156EBA95C}*]
"iaanhmkdbbcnlaggjf"=hex:69,61,67,65,61,6d,62,63,69,6d,69,61,66,6b,62,68,6e,70,
00,00
"haknceaebpojcipg"=hex:69,61,67,65,61,6d,62,63,69,6d,69,61,66,6b,62,68,6e,70,
00,00
.
--------------------- Prosesseihin ladatut DLLt ---------------------
.
- - - - - - - > 'winlogon.exe'(1084)
c:\windows\system32\guard32.dll
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'lsass.exe'(1140)
c:\windows\system32\guard32.dll
.
- - - - - - - > 'csrss.exe'(1048)
c:\windows\system32\cmdcsr.dll
.
Valmistumisajankohta: 2012-09-10 03:55:14
ComboFix-quarantined-files.txt 2012-09-10 00:55
.
Ennen ajoa: 123 331 072 000 tavua vapaana
Ajon jälkeen: 123 758 243 840 tavua vapaana
.
WindowsXP-KB310994-SP2-Pro-BootDisk-FIN.EXE
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /noguiboot
.
- - End Of File - - 73B87CE23F8428851DB69F597495CD77
---------------------------------------------
TDSSKiller log:
---------------------------------------------
04:01:03.0297 1836 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
04:01:03.0438 1836 ============================================================
04:01:03.0438 1836 Current date / time: 2012/09/10 04:01:03.0438
04:01:03.0438 1836 SystemInfo:
04:01:03.0438 1836
04:01:03.0438 1836 OS Version: 5.1.2600 ServicePack: 2.0
04:01:03.0438 1836 Product type: Workstation
04:01:03.0438 1836 ComputerName: EMT-F8A04F66186
04:01:03.0438 1836 UserName: tilapainen
04:01:03.0438 1836 Windows directory: C:\WINDOWS
04:01:03.0438 1836 System windows directory: C:\WINDOWS
04:01:03.0438 1836 Processor architecture: Intel x86
04:01:03.0438 1836 Number of processors: 1
04:01:03.0438 1836 Page size: 0x1000
04:01:03.0438 1836 Boot type: Normal boot
04:01:03.0438 1836 ============================================================
04:01:04.0704 1836 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
04:01:04.0719 1836 ============================================================
04:01:04.0719 1836 \Device\Harddisk0\DR0:
04:01:04.0719 1836 MBR partitions:
04:01:04.0719 1836 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x12A14BC1
04:01:04.0735 1836 ============================================================
04:01:04.0907 1836 C: <-> \Device\Harddisk0\DR0\Partition1
04:01:04.0907 1836 ============================================================
04:01:04.0907 1836 Initialize success
04:01:04.0907 1836 ============================================================
04:01:23.0422 2768 ============================================================
04:01:23.0422 2768 Scan started
04:01:23.0422 2768 Mode: Manual; SigCheck; TDLFS;
04:01:23.0422 2768 ============================================================
04:01:23.0797 2768 ================ Scan system memory ========================
04:01:23.0797 2768 System memory - ok
04:01:23.0797 2768 ================ Scan services =============================
04:01:23.0891 2768 [ C0393EB99A6C72C6BEF9BFC4A72B33A6 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
04:01:23.0938 2768 !SASCORE - ok
04:01:24.0079 2768 [ CB3B8E3EBC8BD5CD86A69BC1C9AFD701 ] 6to4 C:\WINDOWS\System32\6to4svc.dll
04:01:24.0266 2768 6to4 - ok
04:01:24.0266 2768 Abiosdsk - ok
04:01:24.0297 2768 [ BC034F074ADE82723F0B57F287980725 ] ABIT-IO C:\WINDOWS\system32\Drivers\ABIT-IO.sys
04:01:24.0313 2768 ABIT-IO ( UnsignedFile.Multi.Generic ) - warning
04:01:24.0313 2768 ABIT-IO - detected UnsignedFile.Multi.Generic (1)
04:01:24.0329 2768 abp480n5 - ok
04:01:24.0344 2768 [ 3F2DA24794471A2D1EB69123E8AFF1FF ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
04:01:24.0501 2768 ACPI - ok
04:01:24.0516 2768 [ 9322A12C6362FD4CE1F6ADCA40EDECED ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
04:01:24.0626 2768 ACPIEC - ok
04:01:24.0641 2768 adpu160m - ok
04:01:24.0672 2768 [ 841F385C6CFAF66B58FBD898722BB4F0 ] aec C:\WINDOWS\system32\drivers\aec.sys
04:01:24.0797 2768 aec - ok
04:01:24.0829 2768 [ 5AC495F4CB807B2B98AD2AD591E6D92E ] AFD C:\WINDOWS\System32\drivers\afd.sys
04:01:24.0969 2768 AFD - ok
04:01:24.0969 2768 Aha154x - ok
04:01:24.0985 2768 aic78u2 - ok
04:01:24.0985 2768 aic78xx - ok
04:01:25.0141 2768 [ 07531E558FDE570A84D027576BA9FD7C ] ALCXWDM C:\WINDOWS\system32\drivers\ALCXWDM.SYS
04:01:25.0360 2768 ALCXWDM ( UnsignedFile.Multi.Generic ) - warning
04:01:25.0360 2768 ALCXWDM - detected UnsignedFile.Multi.Generic (1)
04:01:25.0376 2768 [ 4B765F50024529394CCB8E2E4357E36B ] Alerter C:\WINDOWS\system32\alrsvc.dll
04:01:25.0485 2768 Alerter - ok
04:01:25.0532 2768 [ 68276E67DA0274CA30DB2FC0E42C38C5 ] ALG C:\WINDOWS\System32\alg.exe
04:01:25.0579 2768 ALG - ok
04:01:25.0579 2768 AliIde - ok
04:01:25.0594 2768 amsint - ok
04:01:25.0626 2768 [ 11D97D2F61C57488892104C4FA59C24C ] AnyDVD C:\WINDOWS\system32\Drivers\AnyDVD.sys
04:01:25.0657 2768 AnyDVD - ok
04:01:25.0719 2768 [ 2E3E53A6AEF23E24F402C7855B9B1542 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
04:01:25.0751 2768 Apple Mobile Device - ok
04:01:25.0782 2768 [ 939B53DBDE82172120667D3AFE4BBDEA ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
04:01:25.0844 2768 AppMgmt - ok
04:01:25.0891 2768 [ F0D692B0BFFB46E30EB3CEA168BBC49F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
04:01:26.0016 2768 Arp1394 - ok
04:01:26.0016 2768 asc - ok
04:01:26.0032 2768 asc3350p - ok
04:01:26.0032 2768 asc3550 - ok
04:01:26.0157 2768 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
04:01:26.0172 2768 aspnet_state - ok
04:01:26.0204 2768 [ 02000ABF34AF4C218C35D257024807D6 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
04:01:26.0313 2768 AsyncMac - ok
04:01:26.0360 2768 [ CDFE4411A69C224BD1D11B2DA92DAC51 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
04:01:26.0485 2768 atapi - ok
04:01:26.0485 2768 Atdisk - ok
04:01:26.0547 2768 [ 38C7D3DA2AFC6FEA137BA5708D1B6FC1 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
04:01:26.0657 2768 Ati HotKey Poller - ok
04:01:26.0719 2768 [ 474623F2E0BDA43BE1E8C80BF373F65A ] ATI Smart C:\WINDOWS\system32\ati2sgag.exe
04:01:26.0813 2768 ATI Smart ( UnsignedFile.Multi.Generic ) - warning
04:01:26.0813 2768 ATI Smart - detected UnsignedFile.Multi.Generic (1)
04:01:27.0032 2768 [ 02B985FC4D5BA17E528F7C9F889F7D22 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
04:01:27.0438 2768 ati2mtag - ok
04:01:27.0485 2768 [ 72BC628AF75C4C3250F2A3BAC260265A ] atksgt C:\WINDOWS\system32\DRIVERS\atksgt.sys
04:01:27.0501 2768 atksgt - ok
04:01:27.0532 2768 [ EC88DA854AB7D7752EC8BE11A741BB7F ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
04:01:27.0657 2768 Atmarpc - ok
04:01:27.0688 2768 [ 02C9FCC2C72CF62E9F7E4BF14A8194D7 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
04:01:27.0797 2768 AudioSrv - ok
04:01:27.0844 2768 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
04:01:27.0985 2768 audstub - ok
04:01:28.0016 2768 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
04:01:28.0126 2768 Beep - ok
04:01:28.0204 2768 [ C6C0336D77C70C3DB06A9D5FE49425DE ] BITS C:\WINDOWS\system32\qmgr.dll
04:01:28.0360 2768 BITS - ok
04:01:28.0422 2768 [ 5AB58C337AC65837FE404462AD6265AB ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
04:01:28.0469 2768 Bonjour Service - ok
04:01:28.0485 2768 [ 774FF17E93E97499C2F1B5BDC1916BF5 ] Browser C:\WINDOWS\System32\browser.dll
04:01:28.0626 2768 Browser - ok
04:01:28.0641 2768 [ D24B8D1784C68A25060FFFBE8ED34B76 ] BthEnum C:\WINDOWS\system32\DRIVERS\BthEnum.sys
04:01:28.0766 2768 BthEnum - ok
04:01:28.0797 2768 [ 9DF0ADF74CE1D6371ED60CF92EB1D9A6 ] BTHMODEM C:\WINDOWS\system32\DRIVERS\bthmodem.sys
04:01:28.0938 2768 BTHMODEM - ok
04:01:28.0985 2768 [ 10355270BE12641B9764235DA39DCF0F ] BthPan C:\WINDOWS\system32\DRIVERS\bthpan.sys
04:01:29.0094 2768 BthPan - ok
04:01:29.0141 2768 [ 2AB10C5B2F10F6C4452BDE647A22F6AD ] BTHPORT C:\WINDOWS\system32\Drivers\BTHport.sys
04:01:29.0297 2768 BTHPORT - ok
04:01:29.0329 2768 [ 31FA7BE8D393BE75974E2264C0C58AE9 ] BthServ C:\WINDOWS\System32\bthserv.dll
04:01:29.0454 2768 BthServ - ok
04:01:29.0485 2768 [ F06D4CB9918B462A84D9AC00027EFC30 ] BTHUSB C:\WINDOWS\system32\Drivers\BTHUSB.sys
04:01:29.0594 2768 BTHUSB - ok
04:01:29.0719 2768 catchme - ok
04:01:29.0766 2768 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
04:01:29.0891 2768 cbidf2k - ok
04:01:29.0907 2768 [ 6163ED60B684BAB19D3352AB22FC48B2 ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
04:01:30.0032 2768 CCDECODE - ok
04:01:30.0047 2768 cd20xrnt - ok
04:01:30.0079 2768 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
04:01:30.0219 2768 Cdaudio - ok
04:01:30.0251 2768 [ CD7D5152DF32B47F4E36F710B35AAE02 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
04:01:30.0391 2768 Cdfs - ok
04:01:30.0438 2768 [ AF9C19B3100FE010496B1A27181FBF72 ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
04:01:30.0579 2768 Cdrom - ok
04:01:30.0579 2768 Changer - ok
04:01:30.0610 2768 [ 2C40989F9CEE5B9EA6D6737C7C654D42 ] CiSvc C:\WINDOWS\system32\cisvc.exe
04:01:30.0751 2768 CiSvc - ok
04:01:30.0766 2768 [ 702C1C3CB294B5D9760B0713407273DC ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
04:01:30.0907 2768 ClipSrv - ok
04:01:30.0969 2768 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
04:01:30.0985 2768 clr_optimization_v2.0.50727_32 - ok
04:01:31.0016 2768 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
04:01:31.0032 2768 clr_optimization_v4.0.30319_32 - ok
04:01:31.0204 2768 [ 907324001AE25AC5959C91EAA34CABAE ] cmdAgent C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
04:01:31.0422 2768 cmdAgent - ok
04:01:31.0469 2768 [ 0EC8D44534D96776B04C6908E0B5F4B3 ] cmderd C:\WINDOWS\system32\DRIVERS\cmderd.sys
04:01:31.0469 2768 cmderd - ok
04:01:31.0501 2768 [ BEE235831F8E3F0BAACA18B39D285CF5 ] cmdGuard C:\WINDOWS\system32\DRIVERS\cmdguard.sys
04:01:31.0547 2768 cmdGuard - ok
04:01:31.0579 2768 [ DE548946F36CAB62FEC2E6AA0149A619 ] cmdHlp C:\WINDOWS\system32\DRIVERS\cmdhlp.sys
04:01:31.0594 2768 cmdHlp - ok
04:01:31.0594 2768 CmdIde - ok
04:01:31.0610 2768 COMSysApp - ok
04:01:31.0626 2768 Cpqarray - ok
04:01:31.0672 2768 [ 9549BFE9CFFEBF1081D62F7966605303 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
04:01:31.0813 2768 CryptSvc - ok
04:01:31.0829 2768 dac2w2k - ok
04:01:31.0829 2768 dac960nt - ok
04:01:31.0891 2768 [ 7FDA594FEA090E1110E2CAEDBBB52F30 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
04:01:32.0047 2768 DcomLaunch - ok
04:01:32.0063 2768 [ F2609A5DAA6581CC7E8C491FE1494596 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
04:01:32.0188 2768 Dhcp - ok
04:01:32.0235 2768 [ 00CA44E4534865F8A3B64F7C0984BFF0 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
04:01:32.0376 2768 Disk - ok
04:01:32.0376 2768 dmadmin - ok
04:01:32.0438 2768 [ AEB95D1F9F4DA7752E0F8FAEAD198D56 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
04:01:32.0657 2768 dmboot - ok
04:01:32.0672 2768 [ 0AE86D0DC83BB91ADBCBD84A1A91D542 ] dmio C:\WINDOWS\system32\DRIVERS\dmio.sys
04:01:32.0829 2768 dmio - ok
04:01:32.0844 2768 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
04:01:32.0969 2768 dmload - ok
04:01:33.0001 2768 [ 5E184AAA0BA050636CAB274FD1EDB64E ] dmserver C:\WINDOWS\System32\dmserver.dll
04:01:33.0141 2768 dmserver - ok
04:01:33.0157 2768 [ A6F881284AC1150E37D9AE47FF601267 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
04:01:33.0282 2768 DMusic - ok
04:01:33.0329 2768 [ EDB51C1FCFDE02EE7A08B10D71B88811 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
04:01:33.0469 2768 Dnscache - ok
04:01:33.0485 2768 dpti2o - ok
04:01:33.0516 2768 [ 1ED4DBBAE9F5D558DBBA4CC450E3EB2E ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
04:01:33.0626 2768 drmkaud - ok
04:01:33.0641 2768 [ AAA8999A169E39FB8B48AE49CD6AC30A ] ElbyCDIO C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
04:01:33.0657 2768 ElbyCDIO - ok
04:01:33.0672 2768 [ F38C24B3BE746F6B6142FBE04C47E87E ] ERSvc C:\WINDOWS\System32\ersvc.dll
04:01:33.0813 2768 ERSvc - ok
04:01:33.0844 2768 [ C2F8F8343435FC080C2DE25A410E09E8 ] Eventlog C:\WINDOWS\system32\services.exe
04:01:33.0969 2768 Eventlog - ok
04:01:34.0016 2768 [ D7D835F6155F275D50C3EF4E05612DA8 ] EventSystem C:\WINDOWS\system32\es.dll
04:01:34.0141 2768 EventSystem - ok
04:01:34.0188 2768 [ 4FD02E31EAC2CBC81EB08A1CE81E73A2 ] ewusbnet C:\WINDOWS\system32\DRIVERS\ewusbnet.sys
04:01:34.0235 2768 ewusbnet - ok
04:01:34.0266 2768 [ E98A64C7F106740A38FB2B78197816F8 ] ew_hwusbdev C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys
04:01:34.0313 2768 ew_hwusbdev - ok
04:01:34.0360 2768 [ 3117F595E9615E04F05A54FC15A03B20 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
04:01:34.0485 2768 Fastfat - ok
04:01:34.0516 2768 [ 3B8A4FFB1D0E36584429CB97F664FAE7 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
04:01:34.0672 2768 FastUserSwitchingCompatibility - ok
04:01:34.0704 2768 [ CED2E8396A8838E59D8FD529C680E02C ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
04:01:34.0829 2768 Fdc - ok
04:01:34.0860 2768 [ 20FE03294AC1429AE88A64C2F754B0D4 ] FilterService C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys
04:01:34.0860 2768 FilterService - ok
04:01:34.0907 2768 [ 4DE756DB8C203DFAA58B165EDECDB593 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
04:01:35.0016 2768 Fips - ok
04:01:35.0032 2768 [ 0DD1DE43115B93F4D85E889D7A86F548 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
04:01:35.0157 2768 Flpydisk - ok
04:01:35.0188 2768 [ 157754F0DF355A9E0A6F54721914F9C6 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
04:01:35.0313 2768 FltMgr - ok
04:01:35.0376 2768 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
04:01:35.0376 2768 FontCache3.0.0.0 - ok
04:01:35.0391 2768 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
04:01:35.0501 2768 Fs_Rec - ok
04:01:35.0516 2768 [ 30E0982506281508703C99115CEE520C ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
04:01:35.0657 2768 Ftdisk - ok
04:01:35.0672 2768 [ 4216CD545E5C30807B560C5DCAA812E6 ] gagp30kx C:\WINDOWS\system32\DRIVERS\gagp30kx.sys
04:01:35.0797 2768 gagp30kx - ok
04:01:35.0829 2768 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
04:01:35.0844 2768 GEARAspiWDM - ok
04:01:35.0907 2768 [ A72034228A6D8DCD9A1CD70107556E40 ] getPlusHelper C:\Program Files\NOS\bin\getPlus_Helper.dll
04:01:35.0922 2768 getPlusHelper - ok
04:01:35.0938 2768 [ C0F1D4A21DE5A415DF8170616703DEBF ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
04:01:36.0063 2768 Gpc - ok
04:01:36.0110 2768 [ 7929A161F9951D173CA9900FE7067391 ] hamachi C:\WINDOWS\system32\DRIVERS\hamachi.sys
04:01:36.0126 2768 hamachi - ok
04:01:36.0188 2768 [ F9C5D0E0AF453F6E09544D069C0F5165 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
04:01:36.0297 2768 helpsvc - ok
04:01:36.0313 2768 [ 713F643C67AEAEC3C48B0F581C8C5CA2 ] HidServ C:\WINDOWS\System32\hidserv.dll
04:01:36.0438 2768 HidServ - ok
04:01:36.0485 2768 [ 1DE6783B918F540149AA69943BDFEBA8 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
04:01:36.0579 2768 hidusb - ok
04:01:36.0594 2768 hpn - ok
04:01:36.0626 2768 [ C19B522A9AE0BBC3293397F3055E80A1 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
04:01:36.0782 2768 HTTP - ok
04:01:36.0797 2768 [ B67BF4F0BF54242767CEC6B5C2145E29 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
04:01:36.0922 2768 HTTPFilter - ok
04:01:36.0969 2768 [ 22A4B14530194FC57C1C849FB5AFEE17 ] huawei_enumerator C:\WINDOWS\system32\DRIVERS\ew_jubusenum.sys
04:01:37.0219 2768 huawei_enumerator - ok
04:01:37.0282 2768 [ 3E3BFE85B9FE3720BF4C108F57C945FB ] hwdatacard C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys
04:01:37.0376 2768 hwdatacard - ok
04:01:37.0391 2768 i2omgmt - ok
04:01:37.0391 2768 i2omp - ok
04:01:37.0422 2768 [ 46DC147FAEC564DB21A46094C0CA31F6 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
04:01:37.0547 2768 i8042prt - ok
04:01:37.0641 2768 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
04:01:37.0766 2768 idsvc - ok
04:01:37.0797 2768 [ F8AA320C6A0409C0380E5D8A99D76EC6 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
04:01:37.0922 2768 Imapi - ok
04:01:37.0969 2768 [ C8BB3BDD77A8A73FF6CA4B9C336E4D93 ] ImapiService C:\WINDOWS\system32\imapi.exe
04:01:38.0141 2768 ImapiService - ok
04:01:38.0157 2768 ini910u - ok
04:01:38.0188 2768 [ F89849CF13805EF49DA64A8A63193AF7 ] Inspect C:\WINDOWS\system32\DRIVERS\inspect.sys
04:01:38.0204 2768 Inspect - ok
04:01:38.0219 2768 IntelIde - ok
04:01:38.0235 2768 [ 4448006B6BC60E6C027932CFC38D6855 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
04:01:38.0344 2768 Ip6Fw - ok
04:01:38.0391 2768 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
04:01:38.0516 2768 IpFilterDriver - ok
04:01:38.0547 2768 [ 318A3A825B24FF4C99A073AB38955A6E ] ipgd C:\WINDOWS\system32\DRIVERS\ipgdnd51.sys
04:01:38.0594 2768 ipgd - ok
04:01:38.0626 2768 [ E1EC7F5DA720B640CD8FB8424F1B14BB ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
04:01:38.0751 2768 IpInIp - ok
04:01:38.0766 2768 [ B5A8E215AC29D24D60B4D1250EF05ACE ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
04:01:38.0891 2768 IpNat - ok
04:01:38.0954 2768 [ 630D74599070824AF3DC63A894ADCDFC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
04:01:39.0016 2768 iPod Service - ok
04:01:39.0047 2768 [ 64537AA5C003A6AFEEE1DF819062D0D1 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
04:01:39.0172 2768 IPSec - ok
04:01:39.0204 2768 [ 50708DAA1B1CBB7D6AC1CF8F56A24410 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
04:01:39.0266 2768 IRENUM - ok
04:01:39.0297 2768 [ A550404CAAE475D5BAC4C09B6B34F42E ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
04:01:39.0407 2768 isapnp - ok
04:01:39.0438 2768 [ CDB969144F97B0BC19FB944D7714EDC5 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
04:01:39.0579 2768 Kbdclass - ok
04:01:39.0579 2768 [ 04281FB0D9AE6F61BB4DC711791C80C4 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
04:01:39.0704 2768 kbdhid - ok
04:01:39.0735 2768 [ D93CAD07C5683DB066B0B2D2D3790EAD ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
04:01:39.0876 2768 kmixer - ok
04:01:39.0876 2768 [ EB7FFE87FD367EA8FCA0506F74A87FBB ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
04:01:40.0001 2768 KSecDD - ok
04:01:40.0032 2768 [ 8477B6BD6C3DA97AE7BCB6F35FEB84EA ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
04:01:40.0172 2768 lanmanserver - ok
04:01:40.0188 2768 [ 730613444DB4A3CF366DAF6FEC371585 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
04:01:40.0329 2768 lanmanworkstation - ok
04:01:40.0329 2768 lbrtfdc - ok
04:01:40.0360 2768 [ 4127E8B6DDB4090E815C1F8852C277D3 ] lirsgt C:\WINDOWS\system32\DRIVERS\lirsgt.sys
04:01:40.0376 2768 lirsgt - ok
04:01:40.0407 2768 [ 621F5FF8A9C71A4028C28BA2FEC159E0 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
04:01:40.0547 2768 LmHosts - ok
04:01:40.0579 2768 [ AF280405C10F0D20F37670B7432E5C2F ] lvpopflt C:\WINDOWS\system32\DRIVERS\lvpopflt.sys
04:01:40.0594 2768 lvpopflt - ok
04:01:40.0626 2768 [ E52F5A2CADCF08D07F559962F807A0A2 ] LVRS C:\WINDOWS\system32\DRIVERS\lvrs.sys
04:01:40.0657 2768 LVRS - ok
04:01:40.0985 2768 [ C3D02260BEB2B48DEA1EFDFCA91E4B69 ] LVUVC C:\WINDOWS\system32\DRIVERS\lvuvc.sys
04:01:41.0626 2768 LVUVC - ok
04:01:41.0657 2768 [ 6DFE7F2E8E8A337263AA5C92A215F161 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
04:01:41.0672 2768 MBAMProtector - ok
04:01:41.0766 2768 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
04:01:41.0829 2768 MBAMService - ok
04:01:41.0860 2768 [ 0DB7527DB188C7D967A37BB51BBF3963 ] MBAMSwissArmy C:\WINDOWS\system32\drivers\mbamswissarmy.sys
04:01:41.0876 2768 MBAMSwissArmy - ok
04:01:41.0907 2768 [ 41B35E6833C28433CB2DBAD9A4005872 ] Messenger C:\WINDOWS\System32\msgsvc.dll
04:01:42.0032 2768 Messenger - ok
04:01:42.0047 2768 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
04:01:42.0172 2768 mnmdd - ok
04:01:42.0204 2768 [ 4992B0F91E8D53AF1951C2B62B10BEF7 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
04:01:42.0360 2768 mnmsrvc - ok
04:01:42.0391 2768 [ 396B58441395E59BEDB1A9CD068B5FD4 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
04:01:42.0516 2768 Modem - ok
04:01:42.0547 2768 [ 0B9ACEB4262682820B2D1FCA72AA117C ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
04:01:42.0688 2768 Mouclass - ok
04:01:42.0719 2768 [ CECBFA0343E2A9C7CFEF3B999E7BA52C ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
04:01:42.0844 2768 mouhid - ok
04:01:42.0876 2768 [ 65653F3B4477F3C63E68A9659F85EE2E ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
04:01:43.0001 2768 MountMgr - ok
04:01:43.0047 2768 [ E8D79312373F254DC13F3965BDB3D521 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
04:01:43.0063 2768 MozillaMaintenance - ok
04:01:43.0063 2768 mraid35x - ok
04:01:43.0079 2768 [ 46EDCC8F2DB2F322C24F48785CB46366 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
04:01:43.0188 2768 MRxDAV - ok
04:01:43.0251 2768 [ 1FD607FC67F7F7C633C3DA65BFC53D18 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
04:01:43.0422 2768 MRxSmb - ok
04:01:43.0438 2768 [ 54703DE019F1556A098E23A898317583 ] MSDTC C:\WINDOWS\system32\msdtc.exe
04:01:43.0547 2768 MSDTC - ok
04:01:43.0579 2768 [ 561B3A4333CA2DBDBA28B5B956822519 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
04:01:43.0688 2768 Msfs - ok
04:01:43.0704 2768 MSIServer - ok
04:01:43.0751 2768 [ AE431A8DD3C1D0D0610CDBAC16057AD0 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
04:01:43.0860 2768 MSKSSRV - ok
04:01:43.0907 2768 [ 13E75FEF9DFEB08EEDED9D0246E1F448 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
04:01:44.0001 2768 MSPCLOCK - ok
04:01:44.0032 2768 [ 1988A33FF19242576C3D0EF9CE785DA7 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
04:01:44.0157 2768 MSPQM - ok
04:01:44.0188 2768 [ 469541F8BFD2B32659D5D463A6714BCE ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
04:01:44.0282 2768 mssmbios - ok
04:01:44.0313 2768 [ BF13612142995096AB084F2DB7F40F77 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
04:01:44.0438 2768 MSTEE - ok
04:01:44.0454 2768 [ 82035E0F41C2DD05AE41D27FE6CF7DE1 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
04:01:44.0579 2768 Mup - ok
04:01:44.0610 2768 [ 5C8DC6429C43DC6177C1FA5B76290D1A ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
04:01:44.0735 2768 NABTSFEC - ok
04:01:44.0782 2768 [ 558635D3AF1C7546D26067D5D9B6959E ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
04:01:44.0891 2768 NDIS - ok
04:01:44.0938 2768 [ 520CE427A8B298F54112857BCF6BDE15 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
04:01:45.0032 2768 NdisIP - ok
04:01:45.0079 2768 [ 08D43BBDACDF23F34D79E44ED35C1B4C ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
04:01:45.0204 2768 NdisTapi - ok
04:01:45.0235 2768 [ 34D6CD56409DA9A7ED573E1C90A308BF ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
04:01:45.0344 2768 Ndisuio - ok
04:01:45.0376 2768 [ 0B90E255A9490166AB368CD55A529893 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
04:01:45.0485 2768 NdisWan - ok
04:01:45.0516 2768 [ 59FC3FB44D2669BC144FD87826BB571F ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
04:01:45.0641 2768 NDProxy - ok
04:01:45.0657 2768 [ 3A2ACA8FC1D7786902CA434998D7CEB4 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
04:01:45.0782 2768 NetBIOS - ok
04:01:45.0829 2768 [ 0C80E410CD2F47134407EE7DD19CC86B ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
04:01:45.0954 2768 NetBT - ok
04:01:45.0985 2768 [ 8D500EF5563E1107CD2F7A98B8A7C5CF ] NetDDE C:\WINDOWS\system32\netdde.exe
04:01:46.0094 2768 NetDDE - ok
04:01:46.0110 2768 [ 8D500EF5563E1107CD2F7A98B8A7C5CF ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
04:01:46.0219 2768 NetDDEdsdm - ok
04:01:46.0251 2768 [ 39726087F99C7775B2EA1F2990709817 ] Netlogon C:\WINDOWS\system32\lsass.exe
04:01:46.0360 2768 Netlogon - ok
04:01:46.0407 2768 [ 9278CEE2A86EC252ED7C3F839DB3DC59 ] Netman C:\WINDOWS\System32\netman.dll
04:01:46.0547 2768 Netman - ok
04:01:46.0594 2768 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
04:01:46.0610 2768 NetTcpPortSharing - ok
04:01:46.0641 2768 [ 5C5C53DB4FEF16CF87B9911C7E8C6FBC ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
04:01:46.0766 2768 NIC1394 - ok
04:01:46.0813 2768 [ 5981BE8B1C04A740662D088A82E11F4A ] Nla C:\WINDOWS\System32\mswsock.dll
04:01:46.0954 2768 Nla - ok
04:01:46.0985 2768 [ 9A5F53B55E09ECC2DAB8C74E4DD18B8D ] nlsX86cc C:\WINDOWS\system32\NLSSRV32.EXE
04:01:47.0001 2768 nlsX86cc - ok
04:01:47.0079 2768 [ FD306FBCCE7ADB1077B709742E7148E9 ] NMSAccessU C:\Program Files\CDBurnerXP\NMSAccessU.exe
04:01:47.0094 2768 NMSAccessU - ok
04:01:47.0126 2768 [ F44ADDBF29905CB19F52FC9FE6A0EFA1 ] nosGetPlusHelper C:\Program Files\NOS\bin\getPlus_Helper_3004.dll
04:01:47.0141 2768 nosGetPlusHelper - ok
04:01:47.0188 2768 [ 4F601BCB8F64EA3AC0994F98FED03F8E ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
04:01:47.0282 2768 Npfs - ok
04:01:47.0313 2768 [ B78BE402C3F63DD55521F73876951CDD ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
04:01:47.0454 2768 Ntfs - ok
04:01:47.0469 2768 [ 39726087F99C7775B2EA1F2990709817 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
04:01:47.0579 2768 NtLmSsp - ok
04:01:47.0641 2768 [ 79C1392C1CB183EA9E577037C046BE9F ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
04:01:47.0751 2768 NtmsSvc - ok
04:01:47.0782 2768 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
04:01:47.0907 2768 Null - ok
04:01:47.0938 2768 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
04:01:48.0047 2768 NwlnkFlt - ok
04:01:48.0079 2768 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
04:01:48.0204 2768 NwlnkFwd - ok
04:01:48.0219 2768 [ 0951DB8E5823EA366B0E408D71E1BA2A ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
04:01:48.0329 2768 ohci1394 - ok
04:01:48.0360 2768 [ 6D6EB80C26F8EB8A6EE13C51D371C4E6 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
04:01:48.0485 2768 Parport - ok
04:01:48.0516 2768 [ 3334430C29DC338092F79C38EF7B4CD0 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
04:01:48.0610 2768 PartMgr - ok
04:01:48.0657 2768 [ 4EADD72430FFFE9046353E9B5C733871 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
04:01:48.0782 2768 ParVdm - ok
04:01:48.0813 2768 [ FD2041E9BA03DB7764B2248F02475079 ] pccsmcfd C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
04:01:48.0844 2768 pccsmcfd - ok
04:01:48.0876 2768 [ 0943DB751BE2C13C9713637BF0B45CE2 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
04:01:48.0985 2768 PCI - ok
04:01:49.0001 2768 PCIDump - ok
04:01:49.0001 2768 PCIIde - ok
04:01:49.0047 2768 [ 5D27AA4D6E869EB97C261141421D5B84 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
04:01:49.0172 2768 Pcmcia - ok
04:01:49.0172 2768 PDCOMP - ok
04:01:49.0188 2768 PDFRAME - ok
04:01:49.0188 2768 PDRELI - ok
04:01:49.0204 2768 PDRFRAME - ok
04:01:49.0204 2768 perc2 - ok
04:01:49.0219 2768 perc2hib - ok
04:01:49.0266 2768 [ C2F8F8343435FC080C2DE25A410E09E8 ] PlugPlay C:\WINDOWS\system32\services.exe
04:01:49.0376 2768 PlugPlay - ok
04:01:49.0422 2768 [ 3A2BDD76E7D2A5F40A7174793D1BA794 ] PnkBstrA C:\WINDOWS\system32\PnkBstrA.exe
04:01:49.0422 2768 PnkBstrA - ok
04:01:49.0438 2768 [ 39726087F99C7775B2EA1F2990709817 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
04:01:49.0547 2768 PolicyAgent - ok
04:01:49.0579 2768 [ 1C5CC65AAC0783C344F16353E60B72AC ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
04:01:49.0704 2768 PptpMiniport - ok
04:01:49.0719 2768 [ A420BBE17B719FA2EB9760E56BA02190 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
04:01:49.0829 2768 Processor - ok
04:01:49.0829 2768 [ 39726087F99C7775B2EA1F2990709817 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
04:01:49.0938 2768 ProtectedStorage - ok
04:01:49.0969 2768 [ 48671F327553DCF1D27F6197F622A668 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
04:01:50.0094 2768 PSched - ok
04:01:50.0141 2768 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
04:01:50.0251 2768 Ptilink - ok
04:01:50.0282 2768 [ D86B4A68565E444D76457F14172C875A ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
04:01:50.0297 2768 PxHelp20 - ok
04:01:50.0297 2768 ql1080 - ok
04:01:50.0313 2768 Ql10wnt - ok
04:01:50.0313 2768 ql12160 - ok
04:01:50.0329 2768 ql1240 - ok
04:01:50.0344 2768 ql1280 - ok
04:01:50.0360 2768 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
04:01:50.0485 2768 RasAcd - ok
04:01:50.0516 2768 [ 92BE8C82E2F96279D91636729A5344CF ] RasAuto C:\WINDOWS\System32\rasauto.dll
04:01:50.0641 2768 RasAuto - ok
04:01:50.0672 2768 [ 98FAEB4A4DCF812BA1C6FCA4AA3E115C ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
04:01:50.0766 2768 Rasl2tp - ok
04:01:50.0797 2768 [ 498DB793857ACD922485FCF725A019FC ] RasMan C:\WINDOWS\System32\rasmans.dll
04:01:50.0938 2768 RasMan - ok
04:01:50.0969 2768 [ 7306EEED8895454CBED4669BE9F79FAA ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
04:01:51.0079 2768 RasPppoe - ok
04:01:51.0079 2768 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
04:01:51.0204 2768 Raspti - ok
04:01:51.0251 2768 [ 29D66245ADBA878FFF574CD66ABD2884 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
04:01:51.0391 2768 Rdbss - ok
04:01:51.0391 2768 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
04:01:51.0501 2768 RDPCDD - ok
04:01:51.0547 2768 [ A2CAE2C60BC37E0751EF9DDA7CEAF4AD ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
04:01:51.0672 2768 rdpdr - ok
04:01:51.0719 2768 [ D4F5643D7714EF499AE9527FDCD50894 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
04:01:51.0860 2768 RDPWD - ok
04:01:51.0907 2768 [ 2CC502541283457AB05BAFCBDB5E80BC ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
04:01:52.0047 2768 RDSessMgr - ok
04:01:52.0079 2768 [ A62CBD5FD8C091A4CF3D7D4425506FE8 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
04:01:52.0219 2768 redbook - ok
04:01:52.0251 2768 RegGuard - ok
04:01:52.0297 2768 [ AE802E68ABD857179DA05028B7C88042 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
04:01:52.0407 2768 RemoteAccess - ok
04:01:52.0454 2768 [ 37984FDE8934D3FBA095BCF67EA2ED7B ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
04:01:52.0563 2768 RemoteRegistry - ok
04:01:52.0594 2768 [ 99C4B74981A1413F142A3903130088CB ] RFCOMM C:\WINDOWS\system32\DRIVERS\rfcomm.sys
04:01:52.0704 2768 RFCOMM - ok
04:01:52.0735 2768 [ 69E2A97F9160DEE13A4695790D8A8FB4 ] RpcLocator C:\WINDOWS\system32\locator.exe
04:01:52.0860 2768 RpcLocator - ok
04:01:52.0907 2768 [ 7FDA594FEA090E1110E2CAEDBBB52F30 ] RpcSs C:\WINDOWS\System32\rpcss.dll
04:01:53.0016 2768 RpcSs - ok
04:01:53.0047 2768 [ DC3C8532614B66CDA851C70A6AF49A5D ] RSVP C:\WINDOWS\system32\rsvp.exe
04:01:53.0172 2768 RSVP - ok
04:01:53.0188 2768 [ 39726087F99C7775B2EA1F2990709817 ] SamSs C:\WINDOWS\system32\lsass.exe
04:01:53.0297 2768 SamSs - ok
04:01:53.0344 2768 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
04:01:53.0344 2768 SASDIFSV - ok
04:01:53.0360 2768 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
04:01:53.0376 2768 SASKUTIL - ok
04:01:53.0407 2768 [ 53D2EC94DCECFA4FA8E3415BA8787429 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
04:01:53.0532 2768 SCardSvr - ok
04:01:53.0563 2768 [ 316CE4BD8EE9DE841F8657A734A87FE7 ] Schedule C:\WINDOWS\system32\schedsvc.dll
04:01:53.0704 2768 Schedule - ok
04:01:53.0735 2768 [ D26E26EA516450AF9D072635C60387F4 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
04:01:53.0797 2768 Secdrv - ok
04:01:53.0844 2768 [ E53478792360C02BE4EFCFAF53DA319D ] seclogon C:\WINDOWS\System32\seclogon.dll
04:01:53.0938 2768 seclogon - ok
04:01:53.0969 2768 [ C4E551C58AC88ED3C97E48C698536AB9 ] SENS C:\WINDOWS\system32\sens.dll
04:01:54.0094 2768 SENS - ok
04:01:54.0126 2768 [ A2D868AEEFF612E70E213C451A70CAFB ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
04:01:54.0219 2768 serenum - ok
04:01:54.0235 2768 [ F19E7D2F294AB71D41F6746D322CF0D3 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
04:01:54.0376 2768 Serial - ok
04:01:54.0422 2768 [ 0D13B6DF6E9E101013A7AFB0CE629FE0 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
04:01:54.0532 2768 Sfloppy - ok
04:01:54.0579 2768 [ 5E0564612C7593F7CD8572D5AB454B54 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
04:01:54.0719 2768 SharedAccess - ok
04:01:54.0735 2768 [ 3B8A4FFB1D0E36584429CB97F664FAE7 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
04:01:54.0860 2768 ShellHWDetection - ok
04:01:54.0860 2768 Simbad - ok
04:01:54.0907 2768 [ 5CAEED86821FA2C6139E32E9E05CCDC9 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
04:01:55.0001 2768 SLIP - ok
04:01:55.0016 2768 Sparrow - ok
04:01:55.0063 2768 [ 8E186B8F23295D1E42C573B82B80D548 ] splitter C:\WINDOWS\system32\drivers\splitter.sys
04:01:55.0157 2768 splitter - ok
04:01:55.0188 2768 [ 977DB6827AD7C3EAA1F9E83A22483611 ] Spooler C:\WINDOWS\system32\spoolsv.exe
04:01:55.0313 2768 Spooler - ok
04:01:55.0360 2768 [ 196F0682F8857065163DB731A4A512B8 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
04:01:55.0407 2768 sr - ok
04:01:55.0454 2768 [ CA7225F8DF8D6D938EF7926499019D42 ] srservice C:\WINDOWS\system32\srsvc.dll
04:01:55.0501 2768 srservice - ok
04:01:55.0532 2768 [ 20B7E396720353E4117D64D9DCB926CA ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
04:01:55.0672 2768 Srv - ok
04:01:55.0704 2768 [ AEA7ED5320772DB5CB4AF0223EC8FC6D ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
04:01:55.0751 2768 SSDPSRV - ok
04:01:55.0813 2768 [ F8855A0B4EF72D4BF036A01DEA7F40BC ] stisvc C:\WINDOWS\system32\wiaservc.dll
04:01:55.0938 2768 stisvc - ok
04:01:55.0969 2768 [ 284C57DF5DC7ABCA656BC2B96A667AFB ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
04:01:56.0079 2768 streamip - ok
04:01:56.0110 2768 [ 03C1BAE4766E2450219D20B993D6E046 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
04:01:56.0204 2768 swenum - ok
04:01:56.0251 2768 [ 94ABC808FC4B6D7D2BBF42B85E25BB4D ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
04:01:56.0344 2768 swmidi - ok
04:01:56.0360 2768 SwPrv - ok
04:01:56.0376 2768 symc810 - ok
04:01:56.0376 2768 symc8xx - ok
04:01:56.0391 2768 sym_hi - ok
04:01:56.0407 2768 sym_u3 - ok
04:01:56.0438 2768 [ 650AD082D46BAC0E64C9C0E0928492FD ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
04:01:56.0579 2768 sysaudio - ok
04:01:56.0610 2768 [ E4A8FF6A62B4923F9FC5A01C376160B0 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
04:01:56.0704 2768 SysmonLog - ok
04:01:56.0751 2768 [ AF402D097422264C17F665362B0BEE0D ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
04:01:56.0876 2768 TapiSrv - ok
04:01:56.0938 2768 [ 9F4B36614A0FC234525BA224957DE55C ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
04:01:57.0047 2768 Tcpip - ok
04:01:57.0079 2768 [ 4D58BB1AE8841AAFD8790AD7E1E3B8EA ] Tcpip6 C:\WINDOWS\system32\DRIVERS\tcpip6.sys
04:01:57.0219 2768 Tcpip6 - ok
04:01:57.0235 2768 [ 38D437CF2D98965F239B0ABCD66DCB0F ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
04:01:57.0329 2768 TDPIPE - ok
04:01:57.0360 2768 [ ED0580AF02502D00AD8C4C066B156BE9 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
04:01:57.0501 2768 TDTCP - ok
04:01:57.0516 2768 [ A540A99C281D933F3D69D55E48727F47 ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
04:01:57.0641 2768 TermDD - ok
04:01:57.0672 2768 [ 8AF34B80AA02111D3368DB236C315281 ] TermService C:\WINDOWS\System32\termsrv.dll
04:01:57.0782 2768 TermService - ok
04:01:57.0813 2768 [ 3B8A4FFB1D0E36584429CB97F664FAE7 ] Themes C:\WINDOWS\System32\shsvcs.dll
04:01:57.0922 2768 Themes - ok
04:01:57.0954 2768 [ 348883489DCE53F86EFFE260F979A0B4 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
04:01:58.0001 2768 TlntSvr - ok
04:01:58.0016 2768 TosIde - ok
04:01:58.0032 2768 [ A3EE3AC916EAA0D650E6FBC20EA4E6D9 ] TrkWks C:\WINDOWS\system32\trkwks.dll
04:01:58.0157 2768 TrkWks - ok
04:01:58.0188 2768 [ 87A0E9E18C10A9E454238E3330E2A26D ] tunmp C:\WINDOWS\system32\DRIVERS\tunmp.sys
04:01:58.0297 2768 tunmp - ok
04:01:58.0329 2768 [ 12F70256F140CD7D52C58C7048FDE657 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
04:01:58.0454 2768 Udfs - ok
04:01:58.0469 2768 ultra - ok
04:01:58.0501 2768 [ AB0A7CA90D9E3D6A193905DC1715DED0 ] UMWdf C:\WINDOWS\system32\wdfmgr.exe
04:01:58.0547 2768 UMWdf - ok
04:01:58.0579 2768 [ AFF2E5045961BBC0A602BB6F95EB1345 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
04:01:58.0704 2768 Update - ok
04:01:58.0751 2768 [ 22C377DFE55DA6D9751895E18AAC6111 ] upnphost C:\WINDOWS\System32\upnphost.dll
04:01:58.0813 2768 upnphost - ok
04:01:58.0813 2768 [ DBFEAD87735F657C4A359FA2821D23B1 ] UPS C:\WINDOWS\System32\ups.exe
04:01:58.0938 2768 UPS - ok
04:01:58.0985 2768 [ 45A0D14B26C35497AD93BCE7E15C9941 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
04:01:59.0079 2768 usbaudio - ok
04:01:59.0110 2768 [ BFFD9F120CC63BCBAA3D840F3EEF9F79 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
04:01:59.0219 2768 usbccgp - ok
04:01:59.0235 2768 [ 15E993BA2F6946B2BFBBFCD30398621E ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
04:01:59.0344 2768 usbehci - ok
04:01:59.0376 2768 [ C72F40947F92CEA56A8FB532EDF025F1 ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
04:01:59.0516 2768 usbhub - ok
04:01:59.0532 2768 [ A6BC71402F4F7DD5B77FD7F4A8DDBA85 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
04:01:59.0626 2768 usbscan - ok
04:01:59.0657 2768 [ 49106EE29074E6A3D3AC9E24C6D791D8 ] usbser C:\WINDOWS\system32\drivers\usbser.sys
04:01:59.0782 2768 usbser - ok
04:01:59.0797 2768 [ 6CD7B22193718F1D17A47A1CD6D37E75 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
04:01:59.0907 2768 USBSTOR - ok
04:01:59.0938 2768 [ F8FD1400092E23C8F2F31406EF06167B ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
04:02:00.0047 2768 usbuhci - ok
04:02:00.0079 2768 [ 8A60EDD72B4EA5AEA8202DAF0E427925 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
04:02:00.0204 2768 VgaSave - ok
04:02:00.0235 2768 [ 59CB1338AD3654417BEA49636457F65D ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
04:02:00.0344 2768 ViaIde - ok
04:02:00.0376 2768 [ B0FD6E31ED4ACD87EB852C5DAC27734A ] vmm C:\WINDOWS\system32\Drivers\vmm.sys
04:02:00.0407 2768 vmm - ok
04:02:00.0407 2768 [ 8B2E0FED00389A181EC2397143C0F6DB ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
04:02:00.0532 2768 VolSnap - ok
04:02:00.0547 2768 [ 2ABE8281DB609D8BB1BD1B2F93800D5F ] VPCNetS2 C:\WINDOWS\system32\DRIVERS\VMNetSrv.sys
04:02:00.0563 2768 VPCNetS2 - ok
04:02:00.0610 2768 [ EAF591B8CF0787EEBA08C43CC840304F ] VSS C:\WINDOWS\System32\vssvc.exe
04:02:00.0688 2768 VSS - ok
04:02:00.0735 2768 [ BEBCA93AC625039321444F7ACA6439BB ] W32Time C:\WINDOWS\system32\w32time.dll
04:02:00.0844 2768 W32Time - ok
04:02:00.0860 2768 [ 984EF0B9788ABF89974CFED4BFBAACBC ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
04:02:00.0985 2768 Wanarp - ok
04:02:01.0047 2768 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
04:02:01.0094 2768 Wdf01000 - ok
04:02:01.0110 2768 WDICA - ok
04:02:01.0141 2768 [ 2797F33EBF50466020C430EE4F037933 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
04:02:01.0266 2768 wdmaud - ok
04:02:01.0297 2768 [ D93BE7C8C4F7514A8C94A7881B995250 ] WebClient C:\WINDOWS\System32\webclnt.dll
04:02:01.0422 2768 WebClient - ok
04:02:01.0485 2768 [ F45DD1E1365D857DD08BC23563370D0E ] WinDefend C:\Program Files\Windows Defender\MsMpEng.exe
04:02:01.0485 2768 WinDefend - ok
04:02:01.0579 2768 [ 70666C75615E856312120EB4ED71B18C ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
04:02:01.0704 2768 winmgmt - ok
04:02:01.0735 2768 [ 140EF97B64F560FD78643CAE2CDAD838 ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
04:02:01.0751 2768 WmdmPmSN - ok
04:02:01.0813 2768 [ 045C9FD3822764FD3655820B9154A7E8 ] Wmi C:\WINDOWS\System32\advapi32.dll
04:02:02.0016 2768 Wmi - ok
04:02:02.0063 2768 [ 53239057F5B85FE6AE29C95C5F7A29D1 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
04:02:02.0172 2768 WmiApSrv - ok
04:02:02.0204 2768 [ 1385E5AA9C9821790D33A9563B8D2DD0 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
04:02:02.0235 2768 WpdUsb - ok
04:02:02.0329 2768 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
04:02:02.0407 2768 WPFFontCache_v0400 - ok
04:02:02.0454 2768 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
04:02:02.0563 2768 WS2IFSL - ok
04:02:02.0594 2768 [ EDFDA9BB9B808008999F328FD2E17C5E ] wscsvc C:\WINDOWS\system32\wscsvc.dll
04:02:02.0735 2768 wscsvc - ok
04:02:02.0766 2768 [ D5842484F05E12121C511AA93F6439EC ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
04:02:02.0860 2768 WSTCODEC - ok
04:02:02.0891 2768 [ 6136C6E594AC3CAEB789E8092699688C ] wuauserv C:\WINDOWS\system32\wuauserv.dll
04:02:03.0001 2768 wuauserv - ok
04:02:03.0047 2768 [ EAA6324F51214D2F6718977EC9CE0DEF ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
04:02:03.0079 2768 WudfPf - ok
04:02:03.0110 2768 [ F91FF1E51FCA30B3C3981DB7D5924252 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
04:02:03.0126 2768 WudfRd - ok
04:02:03.0157 2768 [ DDEE3682FE97037C45F4D7AB467CB8B6 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
04:02:03.0188 2768 WudfSvc - ok
04:02:03.0235 2768 [ 16BCEBAB57C9DFE8FAE1FD2F811350A1 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
04:02:03.0391 2768 WZCSVC - ok
04:02:03.0422 2768 [ 899DE43D1086753C0E8DDED16057FDA2 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
04:02:03.0532 2768 xmlprov - ok
04:02:03.0563 2768 ================ Scan global ===============================
04:02:03.0610 2768 [ 1FA52C2A23B850D99276D30524C10CA5 ] C:\WINDOWS\system32\basesrv.dll
04:02:03.0626 2768 [ 56A8C138ED3ACB5A9546E0490A80E504 ] C:\WINDOWS\system32\winsrv.dll
04:02:03.0657 2768 [ 56A8C138ED3ACB5A9546E0490A80E504 ] C:\WINDOWS\system32\winsrv.dll
04:02:03.0672 2768 [ C2F8F8343435FC080C2DE25A410E09E8 ] C:\WINDOWS\system32\services.exe
04:02:03.0672 2768 [Global] - ok
04:02:03.0672 2768 ================ Scan MBR ==================================
04:02:03.0704 2768 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
04:02:04.0047 2768 \Device\Harddisk0\DR0 - ok
04:02:04.0047 2768 ================ Scan VBR ==================================
04:02:04.0063 2768 [ 391DEBDCCAD2C0BF943EE4CA4A312B2A ] \Device\Harddisk0\DR0\Partition1
04:02:04.0063 2768 \Device\Harddisk0\DR0\Partition1 - ok
04:02:04.0063 2768 ============================================================
04:02:04.0063 2768 Scan finished
04:02:04.0063 2768 ============================================================
04:02:04.0172 0680 Detected object count: 3
04:02:04.0172 0680 Actual detected object count: 3
04:02:12.0938 0680 ABIT-IO ( UnsignedFile.Multi.Generic ) - skipped by user
04:02:12.0938 0680 ABIT-IO ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:02:12.0938 0680 ALCXWDM ( UnsignedFile.Multi.Generic ) - skipped by user
04:02:12.0938 0680 ALCXWDM ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:02:12.0954 0680 ATI Smart ( UnsignedFile.Multi.Generic ) - skipped by user
04:02:12.0954 0680 ATI Smart ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:02:16.0266 2080 Deinitialize success
-------------------------------------------------------
MBAM log:
-------------------------------------------------------
Malwarebytes Anti-Malware (Kokeiluversio) 1.62.0.1300
www.malwarebytes.org
Tietokantaversio: v2012.09.09.06
Windows XP Service Pack 2 x86 NTFS
Internet Explorer 6.0.2900.2180
tilapainen :: EMT-F8A04F66186 [järjestelmänvalvoja]
Suojaus: Käytössä
10.9.2012 4:04:45
mbam-log-2012-09-10 (05-57-05).txt
Tarkistustyyppi: Täysi tarkistus (C:\|)
Tarkistussuodattimia valittu: Muisti | Käynnistys | Rekisteri | Tietojärjestelmä | Heuristinen/Ylimäärinen | Heuristinen/Shuriken | Mahdollisesti haitallinen ohjelma | Mahdollisesti haitallinen muutos | Vertaisverkko (Peer-to-Peer)
Käytöstä poistetut tarkistusvalinnat:
Tarkistettuja kohteita: 472495
Kulunut aika: 1 tunti(a), 52 minuutti(a), 15 sekunti(a)
Epäilyttäviä muistiprosesseja: 0
(Ei haitallisia kohteita)
Epäilyttäviä muistimoduuleja: 0
(Ei haitallisia kohteita)
Epäilyttäviä rekisteriavaimia: 1
HKCU\SOFTWARE\32 Vegas Casino (Adware.21Nova) -> Toimintoja ei suoritettu.
Epäilyttäviä rekisteriarvoja: 0
(Ei haitallisia kohteita)
Epäilyttäviä rekisterikohteita: 0
(Ei haitallisia kohteita)
Epäilyttäviä kansioita: 0
(Ei haitallisia kohteita)
Epäilyttäviä tiedostoja: 0
(Ei haitallisia kohteita)
(loppu)
------------------------------------------------
Events log:
------------------------------------------------
System:
Type: Information
Source: EventLog
Class: None
ID: 6006
Time: 06:08:12
User - TietokoneEMT-F8A04F66186
Description:
Eventlog service has been stopped.
Type: Information
Source: EventLog
Class: None
ID: 6009
Time: 06:09:11
User: -
Computer: EMT-F8A04F66186
Description:
Microsoft ® Windows ® 5.01. 2600 Service Pack 2 Uniprocessor Free.
Type: Information
Source: EventLog
Class: None
ID: 6009
Time: 06:09:11
User: -
Computer: EMT-F8A04F66186
Description:
Eventlog was started.
Type: Information
Source: Service Control manager
Class: None
ID: 7035
Time: 06:09:15
User: NT-HALLINTA\SYSTEM
Computer: EMT-F8A04F66186
Description:
Service NLA (Network Location Awareness) has been requested to start.
Type: Information
Source: Service Control manager
Class: None
ID: 7035
Time: 06:09:15
User: -
Computer: EMT-F8A04F66186
Description:
Service NLA (Network Location Awareness) was started.
Type: Information
Source: redbook
Class: None
ID: 10
Time: 06:08:53
User: -
Computer: EMT-F8A04F66186
Description:
This device does not appear to support replaying digital sound.
Information:
0000: ff 00 04 00 01 00 5c 00 ÿ.....\.
0008: 00 00 00 00 0a 00 ff 4f ......ÿO
0010: 00 00 00 00 00 00 00 00 ........
0018: 01 00 00 00 ff ff ff ff ....ÿÿÿÿ
0020: 00 00 00 00 00 00 00 00 ........
0028: 01 00 00 00 ....
Type: Information
Source: Tcpip6
Class: None
ID: 3100
Time: 06:08:58
User: -
Computer: EMT-F8A04F66186
Description:
Microsoft IPv6 Developer Edition driver was started.
Information:
0000: 00 00 00 00 01 00 56 00 ......V.
0008: 00 00 00 00 1c 0c 00 40 .......@
0010: 00 00 00 00 00 00 00 00 ........
0018: 00 00 00 00 00 00 00 00 ........
0020: 00 00 00 00 00 00 00 00 ........
Type: Information
Source: Service Control Manager
Class: None
ID: 7036
Time: 06:09:32
User: -
Computer: EMT-F8A04F66186
Description:
TermServices was started.
Type: Information
Source: Service Control Manager
Class: None
ID: 7035
Time: 06:09:32
User: NT-HALLINTA\SYSTEM
Computer: EMT-F8A04F66186
Description:
Fast User Switch Compatibility service was requested to start.
Type: Information
Source: Service Control Manager
Class: None
ID: 7035
Time: 06:09:32
User: -
Computer: EMT-F8A04F66186
Description:
Fast User Switch Compatibility service was started.
Type: Information
Source: Service Control Manager
Class: None
ID: 7035
Time: 06:09:32
User: NT-HALLINTA\SYSTEM
Computer: EMT-F8A04F66186
Description:
Service ALG was requested to start.
Type: Information
Source: Service Control Manager
Class: None
ID: 7035
Time: 06:09:32
User:
Computer: EMT-F8A04F66186
Description:
Service Application Layer Gateway was started.
Type: Error
Source: Service Control Manager
Class: None
ID: 7001
Time: 06:09:32
User: -
Comptuer: EMT-F8A04F66186
Description:
Service Remote Access Connection Manager (RAS) is dependent on the service Telephony, which failed to start due to an error:
Service could not be started because it has been disabled.
Type: Information
Source: Service Control Manager
Class: None
ID: 7035
Time: 06:09:34
User: NT-HALLINTA\SYSTEM
Computer: EMT-F8A04F66186
Description:
Service SSDP (Simple Service Discovery Protocol) was requested to start.
Type: Information
Source: Service Control Manager
Class: None
ID: 7035
Time: 06:09:34
User: -
Computer: EMT-F8A04F66186
Description:
Service SSDP (Simple Service Discovery Protocol) was started.
Type: Information
Source: Service Control Manager
Class: None
ID: 7035
Time: 06:09:35
User: NT-HALLINTA\SYSTEM
Computer: EMT-F8A04F66186
Description:
Service IP Traffic Filter Driver was requested to start.
Type: Error
Source: Service Control Manager
Class: None
ID: 7000
Time: 06:09:35
User: -
Computer: EMT-F8A04F66186
Description:
Service pgfilter could not be started. Errorcode is:
Defined file could not be found.
Type: Error
Source: Service Control Manager
Class: None
ID: 7001
Time: 06:09:35
User: -
Comptuer: EMT-F8A04F66186
Description:
Service Remote Access Connection Manager (RAS) is dependent on the service Telephony, which failed to start due to an error:
Service could not be started because it has been disabled.
Type: Error
Source: Service Control Manager
Class: None
ID: 7001
Time: 06:09:36
User: -
Comptuer: EMT-F8A04F66186
Description:
Service Remote Access Connection Manager (RAS) is dependent on the service Telephony, which failed to start due to an error:
Service could not be started because it has been disabled.
Type: Information
Source: Service Control Manager
Class: None
ID: 7035
Time: 06:09:48
User: NT-HALLINTA\SYSTEM
Computer: EMT-F8A04F66186
Description:
Service IP Traffic Filter Driver was requested to start.
Type: Error
Source: Service Control Manager
Class: None
ID: 7001
Time: 06:14:30
User: -
Comptuer: EMT-F8A04F66186
Description:
Service Remote Access Connection Manager (RAS) is dependent on the service Telephony, which failed to start due to an error:
Service could not be started because it has been disabled.
Type: Error
Source: Service Control Manager
Class: None
ID: 7001
Time: 06:16:47
User: -
Comptuer: EMT-F8A04F66186
Description:
Service Remote Access Connection Manager (RAS) is dependent on the service Telephony, which failed to start due to an error:
Service could not be started because it has been disabled.
Type: Error
Source: Service Control Manager
Class: None
ID: 7001
Time: 06:16:49
User: -
Comptuer: EMT-F8A04F66186
Description:
Service Remote Access Connection Manager (RAS) is dependent on the service Telephony, which failed to start due to an error:
Service could not be started because it has been disabled.
Type: Error
Source: Service Control Manager
Class: None
ID: 7001
Time: 06:16:51
User: -
Comptuer: EMT-F8A04F66186
Description:
Service Remote Access Connection Manager (RAS) is dependent on the service Telephony, which failed to start due to an error:
Service could not be started because it has been disabled.
Type: Error
Source: Service Control Manager
Class: None
ID: 7001
Time: 06:19:45
User: -
Comptuer: EMT-F8A04F66186
Description:
Service Remote Access Connection Manager (RAS) is dependent on the service Telephony, which failed to start due to an error:
Service could not be started because it has been disabled.
Type: Error
Source: Service Control Manager
Class: None
ID: 7001
Time: 06:25:01
User: -
Comptuer: EMT-F8A04F66186
Description:
Service Remote Access Connection Manager (RAS) is dependent on the service Telephony, which failed to start due to an error:
Service could not be started because it has been disabled.
Type: Error
Source: Service Control Manager
Class: None
ID: 7001
Time: 06:30:16
User: -
Comptuer: EMT-F8A04F66186
Description:
Service Remote Access Connection Manager (RAS) is dependent on the service Telephony, which failed to start due to an error:
Service could not be started because it has been disabled.
Type: Error
Source: Service Control Manager
Class: None
ID: 7001
Time: 06:35:32
User: -
Comptuer: EMT-F8A04F66186
Description:
Service Remote Access Connection Manager (RAS) is dependent on the service Telephony, which failed to start due to an error:
Service could not be started because it has been disabled.
Type: Error
Source: Service Control Manager
Class: None
ID: 7001
Time: 06:40:48
User: -
Comptuer: EMT-F8A04F66186
Description:
Service Remote Access Connection Manager (RAS) is dependent on the service Telephony, which failed to start due to an error:
Service could not be started because it has been disabled.
Application:
Type: Information
Source: ATI Smart
Class: None
ID: 105
Time: 06:09:14
User: -
Comptuer: EMT-F8A04F66186
Description:
The service was started.
Type: Information
Source: SecurityCenter
Class: None
ID: 1800
Time: 06:09:15
User: -
Comptuer: EMT-F8A04F66186
Description:
Windows Security Center service was started.
Type: Information
Source: ESENT
Class: General
ID: 100
Time: 06:10:02
User: -
Comptuer: EMT-F8A04F66186
Description:
wuauclt (3248) The database engine 5.01.2600.2180 started.
Type: Information
Source: ESENT
Class: General
ID: 102
Time: 06:10:02
User: -
Comptuer: EMT-F8A04F66186
Description:
wuaueng.dll (3248) SUS20ClientDataStore: The database engine started a new instance (0).
Type: Information
Source: ESENT
Class: General
ID: 103
Time: 06:10:03
User: -
Comptuer: EMT-F8A04F66186
Description:
wuaueng.dll (3248) SUS20ClientDataStore: The database engine stopped the instance (0).
Type: Information
Source: ESENT
Class: General
ID: 101
Time: 06:15:03
User: -
Comptuer: EMT-F8A04F66186
Description:
wuauclt (3248) The database engine stopped.
--------------------------------------------------------
OTL log 2:
--------------------------------------------------------
OTL logfile created on: 10.9.2012 6:50:23 - Run 4
OTL by OldTimer - Version 3.2.61.2 Folder = C:\Documents and Settings\tilapainen\Työpöytä\OTL
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 0000040B | Country: Suomi | Language: FIN | Date Format: d.M.yyyy
1022,48 Mb Total Physical Memory | 490,05 Mb Available Physical Memory | 47,93% Memory free
2,40 Gb Paging File | 1,88 Gb Available in Paging File | 78,10% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 115,29 Gb Free Space | 77,35% Space Free | Partition Type: NTFS
Computer Name: EMT-F8A04F66186 | User Name: tilapainen | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2012.09.09 03:57:20 | 000,599,552 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\tilapainen\Työpöytä\OTL\OTL.exe
PRC - [2012.07.03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.07.03 13:46:44 | 000,462,920 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.03.12 00:13:21 | 001,983,232 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2012.03.12 00:13:00 | 006,749,512 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
PRC - [2011.12.20 18:12:18 | 000,068,896 | ---- | M] (Nalpeiron Ltd.) -- C:\WINDOWS\system32\NLSSRV32.EXE
PRC - [2011.08.12 02:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2010.05.07 19:35:22 | 000,165,208 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
PRC - [2008.06.15 15:34:20 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
PRC - [2007.04.19 20:33:01 | 000,271,936 | ---- | M] (BillP Studios) -- C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
PRC - [2005.01.10 05:36:22 | 000,077,824 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe
PRC - [2004.09.15 15:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004.09.15 15:00:00 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows NT\Accessories\wordpad.exe
========== Modules (No Company Name) ========== MOD - [2011.12.19 21:59:43 | 000,068,424 | ---- | M] () -- C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav
MOD - [2010.05.07 19:37:40 | 000,126,808 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll
MOD - [2010.05.07 19:37:40 | 000,027,480 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll
MOD - [2010.05.07 19:36:54 | 000,340,824 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTXml4.dll
MOD - [2010.05.07 19:36:20 | 000,921,944 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QtNetwork4.dll
MOD - [2010.05.07 19:35:56 | 007,954,776 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTGui4.dll
MOD - [2010.05.07 19:35:44 | 002,143,576 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTCore4.dll
MOD - [2008.06.15 15:34:20 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
MOD - [2008.03.25 19:58:06 | 000,408,064 | ---- | M] () -- C:\Program Files\TrojanHunter 5.1\contmenu.dll
MOD - [2007.06.03 10:05:20 | 000,159,744 | ---- | M] () -- C:\Program Files\Haali\MatroskaSplitter\mmfinfo.dll
MOD - [2007.06.03 10:04:14 | 000,023,552 | ---- | M] () -- C:\Program Files\Haali\MatroskaSplitter\mkunicode.dll
MOD - [2007.05.22 10:59:22 | 000,128,512 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
========== Services (SafeList) ========== SRV - [2012.08.25 05:00:40 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.07.03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.03.12 00:13:21 | 001,983,232 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2011.12.20 18:12:18 | 000,068,896 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\WINDOWS\system32\NLSSRV32.EXE -- (nlsX86cc)
SRV - [2011.08.12 02:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
SRV - [2010.09.01 15:52:56 | 000,066,112 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper)
SRV - [2009.12.01 20:43:02 | 000,051,384 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper)
SRV - [2008.06.15 15:34:20 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU)
SRV - [2006.11.03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\TILAPA~1\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2012.07.03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012.03.12 00:13:46 | 000,097,760 | ---- | M] (COMODO) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\inspect.sys -- (Inspect)
DRV - [2012.03.12 00:13:45 | 000,031,704 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2012.03.12 00:13:44 | 000,494,968 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cmdGuard.sys -- (cmdGuard)
DRV - [2012.03.12 00:13:43 | 000,018,056 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cmderd.sys -- (cmderd)
DRV - [2011.07.22 19:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011.07.13 00:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010.05.15 01:04:20 | 000,023,904 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService)
DRV - [2010.05.15 01:04:02 | 006,842,592 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC)
DRV - [2010.05.15 01:02:26 | 000,276,448 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)
DRV - [2010.05.15 01:02:14 | 000,114,784 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvpopflt.sys -- (lvpopflt)
DRV - [2010.04.09 16:24:12 | 000,063,616 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2010.03.25 11:08:30 | 000,105,728 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2010.03.20 12:56:04 | 000,101,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - [2010.03.20 11:28:00 | 000,117,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2009.07.02 14:49:32 | 004,125,696 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.02.12 03:42:38 | 000,232,472 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\VMM.sys -- (vmm)
DRV - [2008.02.09 04:40:41 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2008.02.05 01:50:44 | 000,059,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VMNetSrv.sys -- (VPCNetS2)
DRV - [2008.01.26 14:55:04 | 000,000,000 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\regguard.sys -- (RegGuard)
DRV - [2007.09.08 02:48:56 | 000,096,704 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2007.08.16 17:26:12 | 000,278,728 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2007.08.16 17:26:10 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2005.11.04 11:14:22 | 000,033,408 | ---- | M] (IC Plus Corp. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ipgdnd51.sys -- (ipgd)
DRV - [2005.01.11 20:17:04 | 002,306,304 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM)
DRV - [2004.09.15 15:00:00 | 000,223,616 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2004.09.10 12:15:00 | 000,007,680 | ---- | M] (ABIT Computer Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\ABIT-IO.SYS -- (ABIT-IO)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://search.live.c...ferrer:source?} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fi
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E4 E7 D3 6B 0A 7F CD 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/...Box&FORM=IE8SRCIE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ========== FF - prefs.js..extensions.enabledAddons: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.9
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: J:\iTunes\Mozilla Plugins\npitunes.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\Program Files\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.6.2: C:\WINDOWS\system32\npDeployJava1.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nosltd.com/getPlus+®,version=1.6.2.91: C:\Program Files\NOS\bin\np_gp.dll (NOS Microsystems Ltd.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2852: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.2910: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1662: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll File not found
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll File not found
FF - HKCU\Software\MozillaPlugins\@octoshape.com/Octoshape Streaming Services,version=1.0: C:\Documents and Settings\tilapainen\Application Data\Octoshape\Octoshape Streaming Services\sua-0910050-0-npoctoshape.dll (Octoshape ApS)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Documents and Settings\tilapainen\Application Data\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Documents and Settings\tilapainen\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\tilapainen\Local Settings\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\tilapainen\Local Settings\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\
[email protected]: C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.08.30 20:24:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.09.09 21:05:11 | 000,000,000 | ---D | M]
[2008.09.06 14:04:57 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\tilapainen\Application Data\Mozilla\Extensions
[2012.09.09 21:05:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\tilapainen\Application Data\Mozilla\Firefox\Profiles\22u9jtko.default\extensions
[2008.01.26 22:37:43 | 000,000,000 | ---D | M] (chinup) -- C:\Documents and Settings\tilapainen\Application Data\Mozilla\Firefox\Profiles\22u9jtko.default\extensions\{28fe3db0-1945-11db-a98b-0800200c9a66}
[2012.03.30 15:59:37 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\tilapainen\Application Data\Mozilla\Firefox\Profiles\22u9jtko.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2009.08.15 22:19:56 | 000,000,000 | ---D | M] (Browser Defender Toolbar) -- C:\Documents and Settings\tilapainen\Application Data\Mozilla\Firefox\Profiles\22u9jtko.default\extensions\{cb84136f-9c44-433a-9048-c5cd9df1dc16}
[2012.08.18 01:18:34 | 000,000,000 | ---D | M] ("Xmarks") -- C:\Documents and Settings\tilapainen\Application Data\Mozilla\Firefox\Profiles\22u9jtko.default\extensions\
[email protected][2012.09.09 21:05:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.08.25 05:01:06 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.08.25 05:00:22 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.08.25 05:00:22 | 000,002,253 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
O1 HOSTS File: ([2012.09.10 03:49:48 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\imekrmig.exe (Microsoft Corporation)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MP10_EnsureFileVer] C:\WINDOWS\inf\unregmp2.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe (BillP Studios)
O4 - HKCU..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe (Phoenix Labs)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files\PPLive\PPLive.exe ()
O9 - Extra 'Tools' menuitem : PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files\PPLive\PPLive.exe ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: hotmail.com ([]* in Luotettavat sivustot)
O15 - HKCU\..Trusted Domains: live.com ([]* in Luotettavat sivustot)
O15 - HKCU\..Trusted Domains: msn.com ([]* in Luotettavat sivustot)
O15 - HKCU\..Trusted Domains: passport.com ([]* in Luotettavat sivustot)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75}
http://www.kaspersky...can_unicode.cab (CKAVWebScan Object)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700}
http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501}
http://messenger.zon...kr.cab56986.cab (Checkers Class)
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE}
http://security.syma...bin/AvSniff.cab (Symantec AntiVirus scanner)
O16 - DPF: {59DBDDA6-9A80-42A4-B824-9BC50CC172F5}
http://www.programch...m/dll/nixon.cab (Zenturi ConfigMgrEx Class)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5}
http://security.syma...n/bin/cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {8EEB54D5-CC70-40E4-B015-AC478C02ECC8}
http://playple.com/v...ab/SLViewer.cab (SLViewer Control)
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876}
http://support.f-sec...m/ols/fscax.cab (F-Secure Online Scanner 3.3)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072}
http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48}
http://messenger.zon...er.cab56986.cab (Minesweeper Flags Class)
O20 - AppInit_DLLs: (C:\WINDOWS\system32\guard32.dll) - C:\WINDOWS\system32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Nykyinen kotisivu) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\tilapainen\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\tilapainen\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.04.01 22:19:39 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
MsConfig - Services: "Bonjour Service"
MsConfig - StartUpFolder: C:^Documents and Settings^All Users.WINDOWS^Käynnistä-valikko^Ohjelmat^Käynnistys^Start GeekBuddy.lnk - - File not found
MsConfig - StartUpFolder: C:^Documents and Settings^tilapainen^Käynnistä-valikko^Ohjelmat^Käynnistys^OpenOffice.org 3.3.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe - ()
MsConfig - StartUpReg:
AntiLogger - hkey= - key= - C:\Program Files\AntiLogger\AntiLogger.exe (Zemana Ltd.)
MsConfig - StartUpReg:
DAEMON Tools-1033 - hkey= - key= - C:\Program Files\D-Tools\daemon.exe (DAEMON'S HOME)
MsConfig - StartUpReg:
Google Update - hkey= - key= - C:\Documents and Settings\tilapainen\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)
MsConfig - StartUpReg:
KernelFaultCheck - hkey= - key= - File not found
MsConfig - StartUpReg:
MSMSGS - hkey= - key= - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
MsConfig - StartUpReg:
msnmsgr - hkey= - key= - C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe (Microsoft Corporation)
MsConfig - StartUpReg:
openvpn-gui - hkey= - key= - C:\Program Files\SurfBouncer OpenVPN\bin\openvpn-gui.exe ()
MsConfig - StartUpReg:
StartCCC - hkey= - key= - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
MsConfig - StartUpReg:
ZemanaAntiMalware - hkey= - key= - C:\Program Files\Zemana AntiMalware\ZemanaAntiMalware.exe (Zemana)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 2
MsConfig - State: "startup" - 2
SafeBootMin: !SASCORE - C:\Program Files\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: hitmanpro36 - Reg Error: Value error.
SafeBootMin: hitmanpro36.sys - Reg Error: Value error.
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: !SASCORE - C:\Program Files\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: hitmanpro35 - Reg Error: Value error.
SafeBootNet: hitmanpro35.sys - Reg Error: Value error.
SafeBootNet: hitmanpro36 - Reg Error: Value error.
SafeBootNet: hitmanpro36.sys - Reg Error: Value error.
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
ActiveX: {08E05FA4-4370-3862-B199-5CD0420910E5} - .NET Framework
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 11.0.3
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 11.0.3
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynaamisen HTML:n tietosidonta Javaa varten
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline-selauspaketti
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Kehittynyt sisältötuottaminen
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Ohje
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation-Java-luokat
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorerin asennustyökalut
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Selainlaajennukset
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN-sivuston käyttö
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - %SystemRoot%\system32\ie4uinit.exe
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynaamisen HTML:n tietosidonta
ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} -
ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C3C986D6-06B1-43BF-90DD-BE30756C00DE} - RevokedRootsUpdate
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorerin perusfontit
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Tehtävien ajoitus
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Ohje
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: VIDC.FPS1 - C:\WINDOWS\System32\frapsvid.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.X264 - C:\WINDOWS\System32\x264vfw.dll ()
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ========== [2012.09.10 03:55:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2012.09.10 03:24:05 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012.09.10 03:19:48 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012.09.10 03:19:48 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012.09.10 03:19:48 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012.09.10 03:19:48 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012.09.10 03:19:28 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012.09.10 03:19:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2012.09.09 21:12:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\tilapainen\Työpöytä\OTL
[2012.09.09 21:05:00 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.09.09 20:54:30 | 004,747,716 | R--- | C] (Swearware) -- C:\Documents and Settings\tilapainen\Työpöytä\ComboFix.exe
[2012.09.09 20:54:30 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Documents and Settings\tilapainen\Työpöytä\aswMBR.exe
[2012.09.09 20:54:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\tilapainen\Työpöytä\polt
[2012.09.09 20:32:40 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\tilapainen\Recent
[2012.09.09 05:23:39 | 000,599,552 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\tilapainen\Työpöytä\OTL.exe
[2012.09.07 07:19:29 | 002,306,304 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\ALCXWDM.SYS
[2012.09.07 00:25:16 | 000,000,000 | ---D | C] -- C:\VritualRoot
[2012.09.06 05:24:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\tilapainen\Työpöytä\ProcessMonitor
[2012.09.06 05:23:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\tilapainen\Työpöytä\apps
[2012.09.01 06:55:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2012.09.01 06:50:48 | 000,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2012.09.01 06:50:48 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2012.09.01 06:50:46 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wam51.dll
[2012.09.01 06:50:46 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamreg51.dll
[2012.09.01 06:50:46 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamps51.dll
[2012.09.01 06:50:44 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svc.dll
[2012.09.01 06:50:44 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ext.dll
[2012.09.01 06:50:44 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svapi.dll
[2012.09.01 06:50:44 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ctrs51.dll
[2012.09.01 06:50:43 | 000,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2012.09.01 06:50:32 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uihelper.dll
[2012.09.01 06:50:30 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2012.09.01 06:50:28 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2012.09.01 06:50:28 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tools.dll
[2012.09.01 06:50:28 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2012.09.01 06:50:27 | 000,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2012.09.01 06:50:27 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2012.09.01 06:50:27 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2012.09.01 06:50:26 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2012.09.01 06:50:26 | 000,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2012.09.01 06:50:26 | 000,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2012.09.01 06:50:23 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\svcext51.dll
[2012.09.01 06:50:22 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sspifilt.dll
[2012.09.01 06:50:22 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\status.dll
[2012.09.01 06:50:21 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2012.09.01 06:50:21 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssinc51.dll
[2012.09.01 06:50:17 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpsmir.dll
[2012.09.01 06:50:17 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpthrd.dll
[2012.09.01 06:50:17 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2012.09.01 06:50:17 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmptrap.exe
[2012.09.01 06:50:17 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2012.09.01 06:50:17 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpmib.dll
[2012.09.01 06:50:16 | 000,457,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsvc.dll
[2012.09.01 06:50:16 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpincl.dll
[2012.09.01 06:50:16 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpcl.dll
[2012.09.01 06:50:16 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmp.exe
[2012.09.01 06:50:15 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2012.09.01 06:50:15 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2012.09.01 06:50:14 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smi2smir.exe
[2012.09.01 06:50:14 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2012.09.01 06:50:14 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2012.09.01 06:50:14 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2012.09.01 06:50:14 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2012.09.01 06:50:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2012.09.01 06:50:13 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2012.09.01 06:50:13 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2012.09.01 06:50:13 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2012.09.01 06:50:13 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2012.09.01 06:50:13 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2012.09.01 06:50:13 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2012.09.01 06:50:13 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2012.09.01 06:50:12 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2012.09.01 06:50:12 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2012.09.01 06:50:12 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2012.09.01 06:50:09 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2012.09.01 06:50:03 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2012.09.01 06:50:02 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2012.09.01 06:50:00 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2012.09.01 06:49:59 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2012.09.01 06:49:59 | 000,026,624 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2012.09.01 06:49:59 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rw001ext.dll
[2012.09.01 06:49:57 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcref.dll
[2012.09.01 06:49:55 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2012.09.01 06:49:55 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2012.09.01 06:49:52 | 000,020,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ramdisk.sys
[2012.09.01 06:49:52 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2012.09.01 06:49:51 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2012.09.01 06:49:50 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pwsdata.dll
[2012.09.01 06:49:47 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2012.09.01 06:49:47 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2012.09.01 06:49:47 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2012.09.01 06:49:47 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2012.09.01 06:49:46 | 000,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2012.09.01 06:49:46 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2012.09.01 06:49:45 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\permchk.dll
[2012.09.01 06:49:44 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pagecnt.dll
[2012.09.01 06:49:36 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2012.09.01 06:49:35 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nsepm.dll
[2012.09.01 06:49:33 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nextlink.dll
[2012.09.01 06:49:27 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtstocom.exe
[2012.09.01 06:49:10 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2012.09.01 06:49:10 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migregdb.exe
[2012.09.01 06:49:09 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2012.09.01 06:49:09 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\metada51.dll
[2012.09.01 06:49:09 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdsync.dll
[2012.09.01 06:49:08 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\md5filt.dll
[2012.09.01 06:49:07 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2012.09.01 06:49:06 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpdsvc.dll
[2012.09.01 06:49:06 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logscrpt.dll
[2012.09.01 06:49:06 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lprmon.dll
[2012.09.01 06:49:06 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lonsint.dll
[2012.09.01 06:49:05 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lmmib2.dll
[2012.09.01 06:49:01 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2012.09.01 06:49:01 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2012.09.01 06:49:01 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2012.09.01 06:49:00 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2012.09.01 06:49:00 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2012.09.01 06:49:00 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2012.09.01 06:49:00 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2012.09.01 06:49:00 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2012.09.01 06:49:00 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2012.09.01 06:48:58 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2012.09.01 06:48:58 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2012.09.01 06:48:58 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2012.09.01 06:48:58 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2012.09.01 06:48:58 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2012.09.01 06:48:57 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2012.09.01 06:48:57 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2012.09.01 06:48:57 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2012.09.01 06:48:57 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2012.09.01 06:48:56 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2012.09.01 06:48:56 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2012.09.01 06:48:56 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2012.09.01 06:48:56 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2012.09.01 06:48:55 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2012.09.01 06:48:55 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2012.09.01 06:48:55 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2012.09.01 06:48:54 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2012.09.01 06:48:54 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iwrps.dll
[2012.09.01 06:48:54 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2012.09.01 06:48:54 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2012.09.01 06:48:53 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iscomlog.dll
[2012.09.01 06:48:53 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isapips.dll
[2012.09.01 06:48:51 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iprip.dll
[2012.09.01 06:48:50 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infocomm.dll
[2012.09.01 06:48:50 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoctrs.dll
[2012.09.01 06:48:49 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetin51.exe
[2012.09.01 06:48:44 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iislog51.dll
[2012.09.01 06:48:44 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisclex4.dll
[2012.09.01 06:48:44 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iiscrmap.dll
[2012.09.01 06:48:44 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisfecnv.dll
[2012.09.01 06:48:44 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iissync.exe
[2012.09.01 06:48:44 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismui.dll
[2012.09.01 06:48:43 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iische51.dll
[2012.09.01 06:48:43 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisadmin.dll
[2012.09.01 06:48:25 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2012.09.01 06:48:24 | 000,268,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpext.dll
[2012.09.01 06:48:24 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpod51.dll
[2012.09.01 06:48:24 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpmb51.dll
[2012.09.01 06:48:22 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hostmib.dll
[2012.09.01 06:48:20 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gzip.dll
[2012.09.01 06:48:19 | 000,400,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsxp32.dll
[2012.09.01 06:48:18 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsst.dll
[2012.09.01 06:48:18 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxstiff.dll
[2012.09.01 06:48:18 | 000,268,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssvc.exe
[2012.09.01 06:48:18 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxst30.dll
[2012.09.01 06:48:18 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxswzrd.dll
[2012.09.01 06:48:18 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsui.dll
[2012.09.01 06:48:18 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2012.09.01 06:48:17 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscover.exe
[2012.09.01 06:48:17 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsevent.dll
[2012.09.01 06:48:17 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2012.09.01 06:48:17 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsdrv.dll
[2012.09.01 06:48:17 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsmon.dll
[2012.09.01 06:48:17 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsext32.dll
[2012.09.01 06:48:17 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsperf.dll
[2012.09.01 06:48:17 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsres.dll
[2012.09.01 06:48:16 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsapi.dll
[2012.09.01 06:48:16 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscomex.dll
[2012.09.01 06:48:16 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclnt.exe
[2012.09.01 06:48:16 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2012.09.01 06:48:16 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2012.09.01 06:48:16 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscom.dll
[2012.09.01 06:48:15 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsv251.dll
[2012.09.01 06:48:15 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpctrs2.dll
[2012.09.01 06:48:15 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpmib.dll
[2012.09.01 06:48:15 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2012.09.01 06:48:14 | 000,024,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmcgi.exe
[2012.09.01 06:48:14 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmdll.dll
[2012.09.01 06:48:13 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2012.09.01 06:48:12 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2012.09.01 06:48:12 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exstrace.dll
[2012.09.01 06:48:11 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntagnt.dll
[2012.09.01 06:48:11 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntwin.exe
[2012.09.01 06:48:11 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2012.09.01 06:48:11 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntcmd.exe
[2012.09.01 06:48:10 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2012.09.01 06:48:10 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2012.09.01 06:48:10 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2012.09.01 06:48:00 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\davcdata.exe
[2012.09.01 06:47:58 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convlog.exe
[2012.09.01 06:47:58 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\counters.dll
[2012.09.01 06:47:58 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2012.09.01 06:47:57 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\controt.dll
[2012.09.01 06:47:56 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\compfilt.dll
[2012.09.01 06:47:54 | 000,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2012.09.01 06:47:54 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2012.09.01 06:47:54 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2012.09.01 06:47:53 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2012.09.01 06:47:53 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2012.09.01 06:47:52 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2012.09.01 06:47:52 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2012.09.01 06:47:52 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2012.09.01 06:47:52 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2012.09.01 06:47:50 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2012.09.01 06:47:49 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2012.09.01 06:47:40 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browscap.dll
[2012.09.01 06:47:38 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\authfilt.dll
[2012.09.01 06:47:28 | 000,369,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asp51.dll
[2012.09.01 06:47:28 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asptxn.dll
[2012.09.01 06:47:28 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aspperf.dll
[2012.09.01 06:47:27 | 000,331,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aqueue.dll
[2012.09.01 06:47:27 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\appconf.dll
[2012.09.01 06:47:27 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2012.09.01 06:47:24 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040d.dll
[2012.09.01 06:47:24 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0401.dll
[2012.09.01 06:47:17 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2012.09.01 06:47:16 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adrot.dll
[2012.09.01 06:47:16 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admexs.dll
[2012.09.01 06:47:16 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admxprox.dll
[2012.09.01 06:47:11 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamregps.dll
[2012.09.01 06:47:10 | 000,032,827 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptest.exe
[2012.09.01 06:47:10 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptsat.dll
[2012.09.01 06:47:09 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\staxmem.dll
[2012.09.01 06:47:08 | 000,020,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.dll
[2012.09.01 06:47:08 | 000,016,437 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.exe
[2012.09.01 06:47:02 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logui.ocx
[2012.09.01 06:47:01 | 000,832,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.dll
[2012.09.01 06:47:01 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isatq.dll
[2012.09.01 06:47:01 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetsloc.dll
[2012.09.01 06:47:01 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoadmn.dll
[2012.09.01 06:47:01 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.exe
[2012.09.01 06:47:00 | 000,171,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisui.dll
[2012.09.01 06:47:00 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrtl.dll
[2012.09.01 06:47:00 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisext51.dll
[2012.09.01 06:47:00 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismap.dll
[2012.09.01 06:47:00 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstas.exe
[2012.09.01 06:47:00 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisreset.exe
[2012.09.01 06:47:00 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstap.dll
[2012.09.01 06:46:59 | 000,598,071 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmc.dll
[2012.09.01 06:46:59 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmcsat.dll
[2012.09.01 06:46:59 | 000,020,538 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpremadm.exe
[2012.09.01 06:46:59 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsapi2.dll
[2012.09.01 06:46:58 | 000,876,653 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awel.dll
[2012.09.01 06:46:58 | 000,188,494 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpcount.exe
[2012.09.01 06:46:58 | 000,109,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98swin.exe
[2012.09.01 06:46:58 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpexedll.dll
[2012.09.01 06:46:58 | 000,014,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98sadm.exe
[2012.09.01 06:46:57 | 000,147,513 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4apws.dll
[2012.09.01 06:46:57 | 000,102,509 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4atxt.dll
[2012.09.01 06:46:57 | 000,082,035 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4anscp.dll
[2012.09.01 06:46:57 | 000,049,212 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awebs.dll
[2012.09.01 06:46:57 | 000,049,210 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4areg.dll
[2012.09.01 06:46:57 | 000,041,020 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avnb.dll
[2012.09.01 06:46:57 | 000,032,826 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avss.dll
[2012.09.01 06:46:56 | 000,184,435 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4amsft.dll
[2012.09.01 06:46:55 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certwiz.ocx
[2012.09.01 06:46:55 | 000,188,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgwiz.exe
[2012.09.01 06:46:55 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certmap.ocx
[2012.09.01 06:46:55 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cnfgprts.ocx
[2012.09.01 06:46:55 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\coadmin.dll
[2012.09.01 06:46:54 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adsiis51.dll
[2012.09.01 06:46:54 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.dll
[2012.09.01 06:46:54 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.exe
[2012.09.01 06:46:53 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admwprox.dll
[2012.09.01 06:46:53 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.exe
[2012.09.01 06:46:52 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.dll
[2012.09.01 06:44:39 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2012.09.01 06:25:40 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2012.09.01 06:25:40 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2012.09.01 06:25:40 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2012.09.01 06:25:40 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2012.09.01 01:31:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\tilapainen\Työpöytä\test
[2012.09.01 00:59:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Käynnistä-valikko\Ohjelmat\HitmanPro
[2012.09.01 00:58:20 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro
[2012.09.01 00:57:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\HitmanPro
[2012.08.31 22:40:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\tilapainen\Application Data\SUPERAntiSpyware.com
[2012.08.31 22:38:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\SUPERAntiSpyware.com
[2012.08.31 22:38:53 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2012.08.31 22:23:05 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012.08.31 21:50:26 | 000,000,000 | ---D | C] -- C:\Program Files\NirSoft
[2012.08.31 21:35:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Käynnistä-valikko\Ohjelmat\Seagate
[2012.08.31 21:35:45 | 000,000,000 | ---D | C] -- C:\Program Files\Seagate
[2012.08.31 21:09:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\tilapainen\Työpöytä\Autoruns
[2012.08.31 21:02:34 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2012.08.31 20:59:23 | 050,449,456 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\tilapainen\Työpöytä\dotNetFx40_Full_x86_x64.exe
[2012.08.31 20:51:55 | 007,758,424 | ---- | C] (SurfRight B.V.) -- C:\Documents and Settings\tilapainen\Työpöytä\HitmanPro36.exe
[2012.08.31 20:51:10 | 002,211,928 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\tilapainen\Työpöytä\tdsskiller.exe
[2012.08.31 20:50:53 | 019,519,528 | ---- | C] (SUPERAntiSpyware.com) -- C:\Documents and Settings\tilapainen\Työpöytä\SUPERAntiSpyware.exe
[2012.08.31 20:50:45 | 019,519,728 | ---- | C] (SUPERAntiSpyware.com) -- C:\Documents and Settings\tilapainen\Työpöytä\SUPERAntiSpywarePro.exe
[2012.08.31 15:18:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Käynnistä-valikko\Ohjelmat\CrystalDiskInfo
[2012.08.31 15:18:54 | 000,000,000 | ---D | C] -- C:\Program Files\CrystalDiskInfo
[2012.08.31 15:15:04 | 003,103,776 | ---- | C] (Crystal Dew World ) -- C:\Documents and Settings\tilapainen\Työpöytä\CrystalDiskInfo5_0_3Shizuku-en.exe
[2012.08.31 15:14:59 | 000,000,000 | ---D | C] -- C:\Downloads
[2012.08.30 20:39:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\tilapainen\Application Data\Malwarebytes
[2012.08.30 20:38:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Käynnistä-valikko\Ohjelmat\Malwarebytes' Anti-Malware
[2012.08.30 20:38:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes
[2012.08.30 20:38:24 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012.08.30 20:38:24 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.08.30 20:29:31 | 010,652,120 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\tilapainen\Työpöytä\mbam-setup-1.62.0.1300.exe
[2012.08.30 20:29:31 | 000,080,456 | ---- | C] (Malwarebytes Corporation) -- C:\Documents and Settings\tilapainen\Työpöytä\mbam-clean-1.60.2.0003.exe
[2012.08.30 19:54:12 | 000,000,000 | R--D | C] -- C:\Documents and Settings\tilapainen\Käynnistä-valikko\Ohjelmat\Valvontatyökalut
[2012.08.30 19:54:12 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy
[2012.08.30 07:34:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2012.08.29 23:33:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\tilapainen\Omat tiedostot
[2012.08.29 23:26:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\tilapainen\Työpöytä\Downloads
[2012.08.15 00:31:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\tilapainen\Local Settings\Application Data\Google
[14 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2012.09.10 06:48:49 | 000,011,088 | ---- | M] () -- C:\Documents and Settings\tilapainen\Työpöytä\events.rtf
[2012.09.10 06:40:00 | 000,000,520 | ---- | M] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 86a31f33-2771-40e0-bf19-220dfd227e8c.job
[2012.09.10 06:09:10 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.09.10 06:09:09 | 000,219,120 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap
[2012.09.10 06:07:38 | 000,524,288 | ---- | M] () -- C:\Documents and Settings\tilapainen\Työpöytä\2.evt
[2012.09.10 06:07:21 | 000,589,824 | ---- | M] () -- C:\Documents and Settings\tilapainen\Työpöytä\1.evt
[2012.09.10 06:07:08 | 000,524,200 | ---- | M] () -- C:\Documents and Settings\tilapainen\Työpöytä\sys event application log.evt
[2012.09.10 06:06:57 | 000,394,052 | ---- | M] () -- C:\Documents and Settings\tilapainen\Työpöytä\sys event log.evt
[2012.09.10 06:06:10 | 000,140,667 | ---- | M] () -- C:\Documents and Settings\tilapainen\Työpöytä\syst.csv
[2012.09.10 03:49:48 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012.09.10 03:24:34 | 000,000,338 | RHS- | M] () -- C:\boot.ini
[2012.09.10 02:54:24 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\tilapainen\Työpöytä\MBR.dat
[2012.09.10 02:42:51 | 000,058,880 | ---- | M] () -- C:\Documents and Settings\tilapainen\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.09.09 23:46:49 | 000,000,754 | ---- | M] () -- C:\WINDOWS\WORDPAD.INI
[2012.09.09 08:38:20 | 000,013,581 | ---- | M] () -- C:\Documents and Settings\tilapainen\Työpöytä\ohjeet.rtf
[2012.09.09 08:37:30 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Documents and Settings\tilapainen\Työpöytä\aswMBR.exe
[2012.09.09 08:33:38 | 000,061,440 | ---- | M] ( ) -- C:\Documents and Settings\tilapainen\Työpöytä\VEW.exe
[2012.09.09 08:32:00 | 004,747,716 | R--- | M] (Swearware) -- C:\Documents and Settings\tilapainen\Työpöytä\ComboFix.exe
[2012.09.09 03:57:20 | 000,599,552 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\tilapainen\Työpöytä\OTL.exe
[2012.09.07 09:59:30 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.09.06 07:35:58 | 000,002,329 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Työpöytä\SeaTools for Windows.lnk
[2012.09.05 23:32:21 | 005,836,954 | ---- | M] () -- C:\Documents and Settings\tilapainen\Työpöytä\AutoRuns log.arn
[2012.09.03 22:32:56 | 000,302,592 | ---- | M] () -- C:\Documents and Settings\tilapainen\Työpöytä\ws8rc1kx.exe
[2012.09.01 06:59:07 | 000,000,779 | ---- | M] () -- C:\Documents and Settings\tilapainen\Application Data\Microsoft\Internet Explorer\Quick Launch\Käynnistä Internet Explorer -selain.lnk
[2012.09.01 06:58:56 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.bak
[2012.09.01 06:57:12 | 000,496,486 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.09.01 06:57:12 | 000,472,338 | ---- | M] () -- C:\WINDOWS\System32\perfh00B.dat
[2012.09.01 06:57:12 | 000,102,616 | ---- | M] () -- C:\WINDOWS\System32\perfc00B.dat
[2012.09.01 06:57:12 | 000,085,928 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.09.01 06:54:57 | 000,176,264 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.09.01 06:52:48 | 000,000,288 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2012.09.01 06:46:22 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2012.09.01 06:46:21 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2012.09.01 06:46:21 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2012.09.01 06:46:07 | 000,004,381 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2012.09.01 06:42:45 | 000,022,736 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012.09.01 06:40:21 | 000,000,222 | ---- | M] () -- C:\Boot.bak
[2012.09.01 05:29:41 | 000,054,949 | ---- | M] () -- C:\WINDOWS\setupapi.old
[2012.09.01 02:32:20 | 000,000,000 | ---- | M] () -- C:\WindowsLiveMessenger-uccapi-0.uccapilog
[2012.09.01 00:59:31 | 000,001,610 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Työpöytä\HitmanPro.lnk
[2012.08.31 22:39:05 | 000,001,678 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Työpöytä\SUPERAntiSpyware Professional.lnk
[2012.08.31 21:07:09 | 000,537,139 | ---- | M] () -- C:\Documents and Settings\tilapainen\Työpöytä\Autoruns.zip
[2012.08.31 21:00:05 | 050,449,456 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\tilapainen\Työpöytä\dotNetFx40_Full_x86_x64.exe
[2012.08.31 20:52:01 | 007,758,424 | ---- | M] (SurfRight B.V.) -- C:\Documents and Settings\tilapainen\Työpöytä\HitmanPro36.exe
[2012.08.31 20:51:29 | 019,519,528 | ---- | M] (SUPERAntiSpyware.com) -- C:\Documents and Settings\tilapainen\Työpöytä\SUPERAntiSpyware.exe
[2012.08.31 20:51:23 | 019,519,728 | ---- | M] (SUPERAntiSpyware.com) -- C:\Documents and Settings\tilapainen\Työpöytä\SUPERAntiSpywarePro.exe
[2012.08.31 20:51:22 | 002,211,928 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\tilapainen\Työpöytä\tdsskiller.exe
[2012.08.31 20:50:26 | 021,476,536 | ---- | M] () -- C:\Documents and Settings\tilapainen\Työpöytä\SeaToolsforWindowsSetup-1206.exe
[2012.08.31 20:49:51 | 000,130,247 | ---- | M] () -- C:\Documents and Settings\tilapainen\Työpöytä\bluescreenview_setup.exe
[2012.08.31 15:18:58 | 000,001,650 | ---- | M] () -- C:\Documents and Settings\tilapainen\Työpöytä\CrystalDiskInfo.lnk
[2012.08.31 15:15:29 | 003,103,776 | ---- | M] (Crystal Dew World ) -- C:\Documents and Settings\tilapainen\Työpöytä\CrystalDiskInfo5_0_3Shizuku-en.exe
[2012.08.30 20:38:32 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\tilapainen\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2012.08.30 20:38:32 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Työpöytä\Malwarebytes Anti-Malware.lnk
[2012.08.30 20:27:06 | 010,652,120 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\tilapainen\Työpöytä\mbam-setup-1.62.0.1300.exe
[2012.08.30 20:26:28 | 000,080,456 | ---- | M] (Malwarebytes Corporation) -- C:\Documents and Settings\tilapainen\Työpöytä\mbam-clean-1.60.2.0003.exe
[2012.08.30 20:24:38 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Työpöytä\Mozilla Firefox.lnk
[2012.08.26 03:28:51 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012.08.15 17:57:23 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\logiflt.iad
[14 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ========== [2012.09.10 06:15:04 | 000,011,088 | ---- | C] () -- C:\Documents and Settings\tilapainen\Työpöytä\events.rtf
[2012.09.10 06:07:37 | 000,524,288 | ---- | C] () -- C:\Documents and Settings\tilapainen\Työpöytä\2.evt
[2012.09.10 06:07:21 | 000,589,824 | ---- | C] () -- C:\Documents and Settings\tilapainen\Työpöytä\1.evt
[2012.09.10 06:07:08 | 000,524,200 | ---- | C] () -- C:\Documents and Settings\tilapainen\Työpöytä\sys event application log.evt
[2012.09.10 06:06:57 | 000,394,052 | ---- | C] () -- C:\Documents and Settings\tilapainen\Työpöytä\sys event log.evt
[2012.09.10 06:06:09 | 000,140,667 | ---- | C] () -- C:\Documents and Settings\tilapainen\Työpöytä\syst.csv
[2012.09.10 03:24:34 | 000,000,222 | ---- | C] () -- C:\Boot.bak
[2012.09.10 03:24:15 | 000,260,352 | RHS- | C] () -- C:\cmldr
[2012.09.10 03:19:48 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012.09.10 03:19:48 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012.09.10 03:19:48 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012.09.10 03:19:48 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012.09.10 03:19:48 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012.09.10 02:54:24 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\tilapainen\Työpöytä\MBR.dat
[2012.09.09 20:54:30 | 000,061,440 | ---- | C] ( ) -- C:\Documents and Settings\tilapainen\Työpöytä\VEW.exe
[2012.09.09 20:54:30 | 000,013,581 | ---- | C] () -- C:\Documents and Settings\tilapainen\Työpöytä\ohjeet.rtf
[2012.09.08 00:33:19 | 000,302,592 | ---- | C] () -- C:\Documents and Settings\tilapainen\Työpöytä\ws8rc1kx.exe
[2012.09.05 23:32:16 | 005,836,954 | ---- | C] () -- C:\Documents and Settings\tilapainen\Työpöytä\AutoRuns log.arn
[2012.09.01 06:48:48 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2012.09.01 06:48:14 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2012.09.01 06:47:53 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2012.09.01 06:25:28 | 001,014,139 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT
[2012.09.01 06:25:28 | 000,809,684 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2012.09.01 06:25:28 | 000,399,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2012.09.01 06:25:28 | 000,141,702 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat
[2012.09.01 06:25:28 | 000,102,826 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat
[2012.09.01 06:25:28 | 000,037,509 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2012.09.01 06:25:28 | 000,031,965 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat
[2012.09.01 06:25:28 | 000,030,983 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2012.09.01 06:25:28 | 000,014,043 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2012.09.01 06:25:28 | 000,013,497 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2012.09.01 06:25:28 | 000,009,581 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2012.09.01 06:25:28 | 000,008,599 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2012.09.01 06:25:28 | 000,007,407 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2012.09.01 06:25:28 | 000,007,245 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2012.09.01 06:25:27 | 001,895,804 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2012.09.01 06:25:27 | 000,620,210 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2012.09.01 05:14:40 | 000,000,520 | ---- | C] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 86a31f33-2771-40e0-bf19-220dfd227e8c.job
[2012.09.01 02:23:17 | 000,000,000 | ---- | C] () -- C:\WindowsLiveMessenger-uccapi-0.uccapilog
[2012.09.01 00:59:31 | 000,001,610 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Työpöytä\HitmanPro.lnk
[2012.08.31 22:39:05 | 000,001,678 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Työpöytä\SUPERAntiSpyware Professional.lnk
[2012.08.31 21:35:50 | 000,002,329 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Työpöytä\SeaTools for Windows.lnk
[2012.08.31 21:07:00 | 000,537,139 | ---- | C] () -- C:\Documents and Settings\tilapainen\Työpöytä\Autoruns.zip
[2012.08.31 20:50:08 | 021,476,536 | ---- | C] () -- C:\Documents and Settings\tilapainen\Työpöytä\SeaToolsforWindowsSetup-1206.exe
[2012.08.31 20:49:46 | 000,130,247 | ---- | C] () -- C:\Documents and Settings\tilapainen\Työpöytä\bluescreenview_setup.exe
[2012.08.31 15:18:58 | 000,001,650 | ---- | C] () -- C:\Documents and Settings\tilapainen\Työpöytä\CrystalDiskInfo.lnk
[2012.08.31 00:58:44 | 000,054,949 | ---- | C] () -- C:\WINDOWS\setupapi.old
[2012.08.30 20:38:32 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\tilapainen\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2012.08.30 20:38:32 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Työpöytä\Malwarebytes Anti-Malware.lnk
[2012.02.16 21:21:08 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011.11.08 19:08:38 | 000,508,224 | ---- | C] () -- C:\WINDOWS\System32\ICCProfiles.dll
[2011.10.24 12:49:28 | 000,001,724 | ---- | C] () -- C:\WINDOWS\System32\.ini
[2011.07.13 07:20:04 | 000,023,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2011.07.11 22:47:08 | 000,268,952 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2011.07.11 22:46:57 | 000,075,136 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2009.07.06 21:23:40 | 000,001,324 | ---- | C] () -- C:\Documents and Settings\tilapainen\Local Settings\Application Data\d3d9caps.dat
[2008.10.26 20:05:41 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\tilapainen\userprefs.prop
[2008.01.26 16:49:28 | 000,058,880 | ---- | C] () -- C:\Documents and Settings\tilapainen\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.08.25 14:51:54 | 000,000,040 | -HS- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\.zreglib
[2006.04.03 16:50:45 | 000,040,960 | ---- | C] () -- C:\Program Files\Uninstall_CDS.exe
========== Custom Scans ========== ========== Drive Information ========== Physical Drives
---------------
Drive: \\\\.\\PHYSICALDRIVE0 - Fixed\thard disk media
Interface type: IDE
Media Type: Fixed\thard disk media
Model: ST3160023A
Partitions: 1
Status: OK
Status Info: 0
Partitions
---------------
DeviceID: Disk #0, Partition #0
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 149,00GB
Starting Offset: 32256
Hidden sectors: 0
< %SYSTEMDRIVE%\*.exe >[2007.07.18 12:09:19 | 000,678,680 | ---- | M] (BillP Studios) -- C:\wpsetup.exe
< %systemroot%\assembly\GAC_32\*.ini > < %systemroot%\assembly\GAC_64\*.ini > < %SYSTEMDRIVE%\*.exe >[2007.07.18 12:09:19 | 000,678,680 | ---- | M] (BillP Studios) -- C:\wpsetup.exe
< %ALLUSERSPROFILE%\Application Data\*.exe > < %APPDATA%\*. >[2008.08.10 03:23:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\tilapainen\Application Data\.purple
[2012.08.31 00:48:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\tilapainen\Application Data\Adobe
[2010.08.23 22:31:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\tilapainen\Application Data\Apple Computer
[2010.01.25 23:35:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\tilapainen\Application Data\ATI
[2008.09.20 19:49:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\tilapainen\Application Data\Canneverbe_Limited
[2008.03.04 01:36:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\tilapainen\Application Data\CyberLink
[2009.02.21 02:09:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\tilapainen\Application Data\Darkfall
[2012.02.02 18:54:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\tilapainen\Application Data\Downloaded Installations
[2009.01.28 17:00:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\tilapainen\Application Data\Hamachi
[2009.04.02 18:53:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\tilapainen\Application Data\Help
[2008.01.26 16:36:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\tilapainen\Application Data\Identities
[2011.01.06 04:59:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\tilapainen\Application Data\Leadertech
[2009.09.25 22:33:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\tilapainen\Application Data\Livestation
[2011.05.09 22:31:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\tilapainen\Application Data\Logitech
[2008.01.26 16:53:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\tilapainen\Application Data\Macromedia
[2012.08.30 20:39:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\tilapainen\Application Data\Malwarebytes
[2009.09.25 22:32:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\tilapainen\Application Data\Mchid
[2008.02.01 15:55:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\tilapainen\Application Data\Media Player Classic
[2012.08.31 00:49:47 | 000,000,000 | --SD | M] -- C:\Documents and Settings\tilapainen\Application Data\Microsoft
[2011.12.10 00:26:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\tilapainen\Application Data\Mount&Blade Warband
[2008.09.06 14:04:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\tilapainen\Application Data\Mozilla
[2010.08.05 21:36:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\tilapainen\Application Data\Mozilla-Cache
[2008.01.27 20:05:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\tilapainen\Application Data\NetMedia Providers
[2012.02.02 18:57:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\tilapainen\Application Data\Nitro PDF
[2009.03.04 01:41:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\tilapainen\Application Data\Nokia
[2009.02.06 19:15:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\tilapainen\Application Data\Nseries
[2009.11.13 06:58:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\tilapainen\Application Data\Octoshape
[2012.05.08 22:27:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\tilapainen\Application Data\OpenOffice.org
[2012.06.05 17:07:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\tilapainen\Application Data\Oracle
[2009.02.06 19:39:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\tilapainen\Application Data\PC Suite
[2008.12.20 20:23:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\tilapainen\Application Data\PC Tools
[2008.12.21 00:10:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\tilapainen\Application Data\PCToolsFirewallPlus
[2010.11.20 19:40:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\tilapainen\Application Data\PPLive
[2008.01.27 20:05:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\tilapainen\Application Data\Publish Providers
[2011.08.13 02:23:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\tilapainen\Application Data\Real
[2011.05.08 22:47:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\tilapainen\Application Data\ReaSoft
[2009.06.13 20:10:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\tilapainen\Application Data\ScanSpyware
[2009.01.23 04:19:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\tilapainen\Application Data\SiteAdvisor
[2008.01.27 20:04:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\tilapainen\Application Data\Sonic Foundry
[2008.01.26 22:22:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\tilapainen\Application Data\Sun
[2012.08.31 22:40:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\tilapainen\Application Data\SUPERAntiSpyware.com
[2009.05.07 21:02:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\tilapainen\Application Data\TrojanHunter
[2008.01.27 00:08:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\tilapainen\Application Data\Ventrilo
[2012.01.02 23:29:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\tilapainen\Application Data\vlc
[2009.05.08 17:28:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\tilapainen\Application Data\WinPatrol
[2008.01.26 22:29:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\tilapainen\Application Data\WinRAR
< MD5 for: ATAPI.SYS >[2004.09.15 15:00:00 | 018,779,439 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.13 21:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\10eb48da774358af515ae0151f383586\atapi.sys
[2004.09.15 15:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\erdnt\cache\atapi.sys
[2004.09.15 15:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
< MD5 for: CSRSS.EXE >[2008.04.14 19:12:06 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=453FD77FF9BEAC8A22F04D68BED53F5E -- C:\WINDOWS\SoftwareDistribution\Download\10eb48da774358af515ae0151f383586\csrss.exe
[2004.09.15 15:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=4EE3B89AC15BC7C19E67B05FC1B1ED57 -- C:\WINDOWS\system32\csrss.exe
[2004.09.15 15:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=4EE3B89AC15BC7C19E67B05FC1B1ED57 -- C:\WINDOWS\system32\dllcache\csrss.exe
< MD5 for: EXPLORER.EXE >[2008.04.14 19:12:11 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=0C35F47295002F8A06419744E945D670 -- C:\WINDOWS\SoftwareDistribution\Download\10eb48da774358af515ae0151f383586\explorer.exe
[2004.09.15 15:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=43C0B3D357F319875A51BC111F393147 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
[2004.09.15 15:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=43C0B3D357F319875A51BC111F393147 -- C:\WINDOWS\erdnt\cache\explorer.exe
[2004.09.15 15:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=43C0B3D357F319875A51BC111F393147 -- C:\WINDOWS\explorer.exe
[2004.09.15 15:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=43C0B3D357F319875A51BC111F393147 -- C:\WINDOWS\system32\dllcache\explorer.exe
[2007.06.13 16:10:34 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=FB53C3B1E17F62E8FCB07CAAF4C4272E -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
< MD5 for: MSWSOCK.DLL >[2008.06.20 20:44:04 | 000,246,784 | ---- | M] (Microsoft Corporation) MD5=341A965B8EC54059D71D176FBE9AF56B -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\mswsock.dll
[2008.06.20 20:44:04 | 000,246,784 | ---- | M] (Microsoft Corporation) MD5=341A965B8EC54059D71D176FBE9AF56B -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\mswsock.dll
[2004.09.15 15:00:00 | 000,246,784 | ---- | M] (Microsoft Corporation) MD5=5981BE8B1C04A740662D088A82E11F4A -- C:\WINDOWS\$NtUninstallKB951748_0$\mswsock.dll
[2004.09.15 15:00:00 | 000,246,784 | ---- | M] (Microsoft Corporation) MD5=5981BE8B1C04A740662D088A82E11F4A -- C:\WINDOWS\erdnt\cache\mswsock.dll
[2004.09.15 15:00:00 | 000,246,784 | ---- | M] (Microsoft Corporation) MD5=5981BE8B1C04A740662D088A82E11F4A -- C:\WINDOWS\system32\dllcache\mswsock.dll
[2004.09.15 15:00:00 | 000,246,784 | ---- | M] (Microsoft Corporation) MD5=5981BE8B1C04A740662D088A82E11F4A -- C:\WINDOWS\system32\mswsock.dll
[2008.06.20 20:37:17 | 000,246,784 | ---- | M] (Microsoft Corporation) MD5=7A47170DC2348F75B61FF6133D437A9E -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\mswsock.dll
[2008.04.14 19:11:42 | 000,246,784 | ---- | M] (Microsoft Corporation) MD5=B2925F88C80FA377A5F00336C30356FA -- C:\WINDOWS\SoftwareDistribution\Download\10eb48da774358af515ae0151f383586\mswsock.dll
[2008.06.20 20:47:56 | 000,246,784 | ---- | M] (Microsoft Corporation) MD5=D0C581F6B33C327010E68418DCE3E3D2 -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\mswsock.dll
< MD5 for: NWPROVAU.DLL >[2006.10.13 15:42:45 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=22B8FEF1C19FD72B99CB602A0C0A5AB3 -- C:\WINDOWS\$hf_mig$\KB923980\SP2QFE\nwprovau.dll
[2004.09.15 15:00:00 | 000,144,384 | ---- | M] (Microsoft Corporation) MD5=26D9E4056A3E877CA242BD0CD73B2102 -- C:\WINDOWS\$NtUninstallKB923980$\nwprovau.dll
[2004.09.15 15:00:00 | 000,144,384 | ---- | M] (Microsoft Corporation) MD5=26D9E4056A3E877CA242BD0CD73B2102 -- C:\WINDOWS\system32\dllcache\nwprovau.dll
[2004.09.15 15:00:00 | 000,144,384 | ---- | M] (Microsoft Corporation) MD5=26D9E4056A3E877CA242BD0CD73B2102 -- C:\WINDOWS\system32\nwprovau.dll
[2008.04.14 19:11:42 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=6ED836723F647EBE49B1DD2696928150 -- C:\WINDOWS\SoftwareDistribution\Download\10eb48da774358af515ae0151f383586\nwprovau.dll
< MD5 for: PNRPNSP.DLL >[2004.09.15 15:00:00 | 000,048,640 | ---- | M] (Microsoft Corporation) MD5=3D0DFB0DD07EBA5CF08E662F592F3C5C -- C:\WINDOWS\system32\dllcache\pnrpnsp.dll
[2004.09.15 15:00:00 | 000,048,640 | ---- | M] (Microsoft Corporation) MD5=3D0DFB0DD07EBA5CF08E662F592F3C5C -- C:\WINDOWS\system32\pnrpnsp.dll
[2008.04.14 19:11:45 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=995348F67FDCBC201E5E7E397C69D828 -- C:\WINDOWS\SoftwareDistribution\Download\10eb48da774358af515ae0151f383586\pnrpnsp.dll
< MD5 for: SERVICES.EXE >[2009.02.09 12:53:26 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=03B62ED6130421EB6D3144BE834FE31A -- C:\WINDOWS\$hf_mig$\KB956572\SP2QFE\services.exe
[2009.02.09 14:25:06 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=BE4CA1A36621248590E80713CFDF20D2 -- C:\WINDOWS\$hf_mig$\KB956572\SP3GDR\services.exe
[2004.09.15 15:00:00 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=C2F8F8343435FC080C2DE25A410E09E8 -- C:\WINDOWS\$NtUninstallKB956572_0$\services.exe
[2004.09.15 15:00:00 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=C2F8F8343435FC080C2DE25A410E09E8 -- C:\WINDOWS\erdnt\cache\services.exe
[2004.09.15 15:00:00 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=C2F8F8343435FC080C2DE25A410E09E8 -- C:\WINDOWS\system32\dllcache\services.exe
[2004.09.15 15:00:00 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=C2F8F8343435FC080C2DE25A410E09E8 -- C:\WINDOWS\system32\services.exe
[2008.04.14 19:12:27 | 000,109,056 | ---- | M] (Microsoft Corporation) MD5=E473263067492FC77F7690D4112CAF16 -- C:\WINDOWS\SoftwareDistribution\Download\10eb48da774358af515ae0151f383586\services.exe
[2009.02.09 14:17:42 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=F679920A924E8435805916C092395732 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
< MD5 for: SVCHOST.EXE >[2004.09.15 15:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=34C8D42B876703B3ABF0562307428561 -- C:\WINDOWS\erdnt\cache\svchost.exe
[2004.09.15 15:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=34C8D42B876703B3ABF0562307428561 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2004.09.15 15:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=34C8D42B876703B3ABF0562307428561 -- C:\WINDOWS\system32\svchost.exe
[2008.04.14 19:12:29 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=6138D30346CF435D2BF32CBC1437F625 -- C:\WINDOWS\SoftwareDistribution\Download\10eb48da774358af515ae0151f383586\svchost.exe
[2012.07.03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
< MD5 for: USERINIT.EXE >[2008.04.14 19:12:31 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=3A5773B946C1B4F0DB1B48A5D8E1D562 -- C:\WINDOWS\SoftwareDistribution\Download\10eb48da774358af515ae0151f383586\userinit.exe
[2004.09.15 15:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=6484E1ECD8BE4011D74FE68A761798FD -- C:\WINDOWS\erdnt\cache\userinit.exe
[2004.09.15 15:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=6484E1ECD8BE4011D74FE68A761798FD -- C:\WINDOWS\system32\dllcache\userinit.exe
[2004.09.15 15:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=6484E1ECD8BE4011D74FE68A761798FD -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >[2004.09.15 15:00:00 | 000,502,784 | ---- | M] (Microsoft Corporation) MD5=5F0714B1447DC0262789C3CC43752418 -- C:\WINDOWS\erdnt\cache\winlogon.exe
[2004.09.15 15:00:00 | 000,502,784 | ---- | M] (Microsoft Corporation) MD5=5F0714B1447DC0262789C3CC43752418 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2004.09.15 15:00:00 | 000,502,784 | ---- | M] (Microsoft Corporation) MD5=5F0714B1447DC0262789C3CC43752418 -- C:\WINDOWS\system32\winlogon.exe
[2008.04.14 19:12:33 | 000,508,416 | ---- | M] (Microsoft Corporation) MD5=76B238743BE82D4CAE1B7C95C898B6B6 -- C:\WINDOWS\SoftwareDistribution\Download\10eb48da774358af515ae0151f383586\winlogon.exe
[2012.07.03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
< MD5 for: WINRNR.DLL >[2004.09.15 15:00:00 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=186C9661A792CD2CF0CBEB455A927E6B -- C:\WINDOWS\system32\dllcache\winrnr.dll
[2004.09.15 15:00:00 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=186C9661A792CD2CF0CBEB455A927E6B -- C:\WINDOWS\system32\winrnr.dll
[2008.04.14 19:11:57 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=F09D3F662857007669F55ABEECDD2C99 -- C:\WINDOWS\SoftwareDistribution\Download\10eb48da774358af515ae0151f383586\winrnr.dll
< %systemroot%\*. /mp /s > < hklm\software\clients\startmenuinternet|command /rs >HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012.08.25 05:01:06 | 000,883,864 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012.08.25 05:01:06 | 000,883,864 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012.08.25 05:01:06 | 000,883,864 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2012.08.25 05:00:39 | 000,917,984 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2012.08.25 05:00:39 | 000,917,984 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2012.08.25 05:00:39 | 000,917,984 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: %systemroot%\system32\shmgrate.exe OCInstallReinstallIE [2004.09.15 15:00:00 | 000,042,496 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: %systemroot%\system32\shmgrate.exe OCInstallHideIE [2004.09.15 15:00:00 | 000,042,496 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: %systemroot%\system32\shmgrate.exe OCInstallShowIE [2004.09.15 15:00:00 | 000,042,496 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2004.09.15 15:00:00 | 000,093,184 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" [2004.09.15 15:00:00 | 000,093,184 | ---- | M] (Microsoft Corporation)
< hklm\software\clients\startmenuinternet|command /64 /rs >HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012.08.25 05:01:06 | 000,883,864 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012.08.25 05:01:06 | 000,883,864 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012.08.25 05:01:06 | 000,883,864 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2012.08.25 05:00:39 | 000,917,984 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2012.08.25 05:00:39 | 000,917,984 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2012.08.25 05:00:39 | 000,917,984 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: %systemroot%\system32\shmgrate.exe OCInstallReinstallIE [2004.09.15 15:00:00 | 000,042,496 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: %systemroot%\system32\shmgrate.exe OCInstallHideIE [2004.09.15 15:00:00 | 000,042,496 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: %systemroot%\system32\shmgrate.exe OCInstallShowIE [2004.09.15 15:00:00 | 000,042,496 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2004.09.15 15:00:00 | 000,093,184 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" [2004.09.15 15:00:00 | 000,093,184 | ---- | M] (Microsoft Corporation)
< %systemroot%\system32\*.dll /lockedfiles >[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\system32\drivers\*.sys /lockedfiles >< End of report >
-------------------------------------------------------------------
OTL Extras:
-------------------------------------------------------------------
OTL Extras logfile created on: 10.9.2012 6:50:23 - Run 4
OTL by OldTimer - Version 3.2.61.2 Folder = C:\Documents and Settings\tilapainen\Työpöytä\OTL
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 0000040B | Country: Suomi | Language: FIN | Date Format: d.M.yyyy
1022,48 Mb Total Physical Memory | 490,05 Mb Available Physical Memory | 47,93% Memory free
2,40 Gb Paging File | 1,88 Gb Available in Paging File | 78,10% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 115,29 Gb Free Space | 77,35% Space Free | Partition Type: NTFS
Computer Name: EMT-F8A04F66186 | User Name: tilapainen | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (All) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = ComFile] -- "%1" %*
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\WINDOWS\System32\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\WINDOWS\System32\mshta.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
.js [@ = JSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SYSTEMROOT%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- winhlp32.exe %1 (Microsoft Corporation)
hlpfile [open] -- %SystemRoot%\System32\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\WINDOWS\system32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- Reg Error: Key error.
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
InternetShortcut [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\SopCast\SopCast.exe" = C:\Program Files\SopCast\SopCast.exe:*:Disabled:SopCast Main Application -- (www.sopcast.com)
"C:\Program Files\SopCast\adv\SopAdver.exe" = C:\Program Files\SopCast\adv\SopAdver.exe:*:Disabled:SopCast Adver -- (www.sopcast.com)
"C:\Warcraft III\Warcraft III.exe" = C:\Warcraft III\Warcraft III.exe:*:Disabled:Warcraft III -- (Blizzard Entertainment)
"C:\Pelit\Wolfenstein - Enemy Territory\ET.exe" = C:\Pelit\Wolfenstein - Enemy Territory\ET.exe:*:Disabled:ET -- ()
"C:\Documents and Settings\tilapainen\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe" = C:\Documents and Settings\tilapainen\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe:*:Disabled:Google Talk Plugin -- (Google)
"C:\Program Files\PPLive\PPLive.exe" = C:\Program Files\PPLive\PPLive.exe:*:Disabled:PPLive -- ()
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0468A4CF-069D-86B6-84BD-F8E4F86E2631}" = Catalyst Control Center Graphics Previews Common
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{089DD780-DB3F-4CDB-A0C2-111360247298}" = PC Connectivity Solution
"{08E05FA4-4370-3862-B199-5CD0420910E5}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - FIN
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0AD84416-63A4-4CF3-BDDF-8FA866711FB0}" = Civilization III
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Liven lataustyökalu
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{25B9C7BE-5CFD-6173-D3E1-6E4C9EBD8658}" = Catalyst Control Center Graphics Light
"{26999308-FF96-5FBF-B2DB-12E66346FA3A}" = CCC Help German
"{2927733E-A961-BA53-03C5-03774A081030}" = ccc-core-static
"{29D3773E-54F4-23C2-D523-236A4453B844}_is1" = FileAlyzer
"{2A38B5AA-EA84-4F87-9937-2FB23982243A}" = Sonic Foundry ACID 4.0
"{30148775-0642-7507-58EA-3CDB7E828BA2}" = Catalyst Control Center Core Implementation
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{31E2413D-8AA1-43EC-8B8D-77B65ADA4611}" = Civilization III v1.29f
"{34C0D982-39B7-3C1D-BA3C-CA77BD029D53}" = Microsoft .NET Framework 3.5 Language Pack - fin
"{350C940b-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3972209B-4946-9B49-1911-0AC122FB8073}" = CCC Help Russian
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D9892BB-A751-4E48-ADC8-E4289956CE1D}" = QuickTime
"{3DA798B8-97EE-39D2-A105-5800EF3351B7}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - FIN
"{3DED3A72-61A8-4B87-98A5-EF0BC8038AA0}" = DAEMON Tools
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{43165058-0CD3-F336-0B4E-879A03DC8F50}" = Catalyst Control Center Graphics Full Existing
"{43DCF766-6838-4F9A-8C91-D92DA586DFA8}" = Microsoft Windows Journal Viewer
"{43F18082-D8A1-5A37-829D-CF1C4ED9ED2A}" = CCC Help Portuguese
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{4905D4CA-7295-F988-AE8A-B04675295133}" = CCC Help Thai
"{4EAB2511-0135-48CA-A47B-CE1E6836793A}" = COMODO Internet Security
"{55A83F62-4CC7-8A5F-0FB0-FE55B53B3ED1}" = CCC Help Finnish
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5B31B7DD-ED2E-F515-C900-B2E91138A34F}" = ccc-core-preinstall
"{5DA6F06A-B389-407B-BF8C-1548767914D8}" = ATI Problem Report Wizard
"{5F032DC8-A020-D42E-F2E6-41C748A92A06}" = Catalyst Control Center Graphics Full New
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{618A812B-3099-8DB2-C8E4-95D15A7B7CD5}" = Catalyst Control Center HydraVision Full
"{6350DFD0-01B0-11DE-87AF-0800200C9A66}" = Livestation
"{6707309D-7FBC-43C9-926F-A66C69054768}" = OpenOffice.org 3.3
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A7E75AF-C2C7-4B1E-FE46-E0979833D6D5}" = CCC Help Spanish
"{6B3CA80E-6AC0-4725-BABF-9B0FEF880CB3}" = Power Tab Editor 1.7
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71AFFCBF-0864-C19D-0C07-5DF67BA0382D}" = CCC Help Turkish
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7876AE8D-08D8-3A1C-A1F4-E7F255DDBBEA}" = ccc-utility
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{8425081E-FEFF-6E4B-408E-53345859896C}" = CCC Help English
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E8B88CB-2B90-455F-85F4-5CDFDA08E168}" = T6poker
"{90FE2C60-A4C3-D61D-790A-9493EE405AEA}" = CCC Help Swedish
"{91F7F3F3-CE80-48C3-8327-7D24A0A5716A}" = iTunes
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{96334581-5554-3E5F-8BC9-924C3C3AC5BE}" = Google Talk Plugin
"{98613C99-1399-416C-A07C-1EE1C585D872}" = SeaTools for Windows
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{A05CF147-BEED-4880-BF9B-4EAF22C77FFD}" = Microsoft Pro Photo Tools
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A1D39316-5F04-44B2-B90B-7834A794D285}" = Windows Liven kirjautumisavustaja
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A8BBAA6B-71BE-4AA2-A9DE-76BF38473E5F}" = ATI AVIVO Codecs
"{AC76BA86-7AD7-1035-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Suomi
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AD483998-2E9A-4405-83FF-6E503AF49CBB}" = Microsoft Virtual PC 2007 SP1
"{ADAA5D11-5D8F-31EC-1992-693239110308}" = CCC Help French
"{B21C00B6-2B53-BB00-B4FE-27316019A9C5}" = CCC Help Chinese Traditional
"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
"{B435AE22-F62A-4402-A4E5-E612631B92C9}" = OnlineLive
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BBB3F622-D848-4CDA-B282-CC53627432F0}" = Microsoft Application Compatibility Toolkit 5.0
"{BD7CDF5A-315E-A085-CF42-921B37D7A507}" = CCC Help Hungarian
"{BE9269F2-562B-7BC7-9BE9-16EF8B52B403}" = Catalyst Control Center Localization All
"{BF243C52-D0D2-A777-D388-DFCCF00FFC23}" = CCC Help Dutch
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = Athlon 64 Processor Driver
"{C325F588-D6B1-4A7F-B6A2-914C75DDA348}" = Morrowind
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C7370250-3AA3-23F8-DE52-21701C911BBD}" = CCC Help Korean
"{C7DA1638-A3B9-0AF6-B1B3-5ACBC08E7204}" = CCC Help Polish
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240D2}" = WinZip 16.5
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D050D7362D214723AD585B541FFB6C11}" = DivX Content Uploader
"{D3B1C799-CB73-42DE-BA0F-2344793A095C}" = Catalyst Control Center - Branding
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{D472CC91-8FFC-B07C-F755-363498CF7724}" = CCC Help Danish
"{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}" = Full Tilt Poker
"{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser
"{D68E33C8-F508-F069-FF15-59B2BF50B0D3}" = CCC Help Japanese
"{DB3C800B-081B-4146-B4E3-EFB5B77AA913}" = TES Construction Set
"{E236A12C-FE29-49C4-C10C-F9AFF2EE8D39}" = CCC Help Chinese Standard
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{EFA83B92-06EA-D90D-1342-A7872D97B89F}" = CCC Help Italian
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F344E188-969B-44D8-9320-518DC25E6926}" = TopSpin Demo
"{F5346614-B7C4-4E94-826A-E2363155233D}" = EasyCleaner
"{FAFD1909-311F-2035-6C97-7151A3B485C5}" = CCC Help Greek
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FD433CFA-5819-54FC-005C-140926CDBB6F}" = CCC Help Czech
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"{FF97034A-E1FE-CC80-E5D4-549796B72E36}" = CCC Help Norwegian
"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Windowsin ohjainpaketti - Nokia pccsmcfd (10/12/2007 6.85.4.0)
"504244733D18C8F63FF584AEB290E3904E791693" = Windowsin ohjainpaketti - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Acoustica Beatcraft" = Acoustica Beatcraft
"Ajokorttikoulu" = Ajokorttikoulu
"All ATI Software" = ATI-ohjelmiston poisto-ohjelma
"ATI Display Driver" = ATI Display Driver
"AudibleManager" = AudibleManager
"BootSkin" = BootSkin
"Bridge Builder" = Bridge Builder
"Capitalism 2_is1" = Capitalism 2
"CCleaner" = CCleaner (remove only)
"CrystalDiskInfo_is1" = CrystalDiskInfo 5.0.3 Shizuku Edition
"Deus Ex - Game of the Year Edition_is1" = Deus Ex - Game of the Year Edition
"DFOTray" = DFOTray
"DreamWorks Interactive: Neverhood" = The Neverhood
"Fallout2" = Fallout2
"FFdshow_is1" = FFdshow [2006-08-21 | rev 2546]
"Finale Reader" = Finale Reader 2010
"FLVPlayer" = FLV Player 1.3.3
"Free WMA to MP3 Converter_is1" = Free WMA to MP3 Converter 1.16
"Freez Screen Video Capture v1.2_is1" = Freez Screen Video Capture v1.2
"Gangsters" = Gangsters
"GIF Animator" = Microsoft GIF Animator
"GTK 2.0" = GTK+ Runtime 2.12.8 rev a (vain poisto)
"Guitar Pro 5_is1" = Guitar Pro 5.2
"HaaliMkx" = Haali Media Splitter
"HitmanPro36" = HitmanPro 3.6
"InstallShield_{C4E2A4A7-B623-40CB-8EEA-72F577E49D56}" = Vampire - The Masquerade Bloodlines
"InstallShield_{F344E188-969B-44D8-9320-518DC25E6926}" = TopSpin Demo
"IrfanView" = IrfanView (remove only)
"Kaspersky Online Scanner" = Kaspersky Online Scanner
"LucasArts' Curse of Monkey Island" = LucasArts' Curse of Monkey Island
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versio 1.62.0.1300
"Microsoft .NET Framework 3.5 Language Pack - fin" = Microsoft .NET Framework 3.5:n kielitukipaketti - FI
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mobile Partner" = Mobile Partner
"Mozilla Firefox 15.0 (x86 en-US)" = Mozilla Firefox 15.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP3 WAV Converter 3.98" = MP3 WAV Converter 3.98
"Nero - Burning Rom!UninstallKey" = Nero OEM
"NirSoft BlueScreenView" = NirSoft BlueScreenView
"OpenAL" = OpenAL
"OpenVPN" = OpenVPN openvpn-2.1_rc19-install
"PAFPoker" = PAF POKER (remove only)
"PeerGuardian_is1" = PeerGuardian 2.0
"PokerStars" = PokerStars
"Police Quest 1+2+3+4_is1" = Police Quest 1+2+3+4
"PPLive" = PPLive 1.9
"QQ¶·µØÖ÷½ÇÉ«°æ" = QQ¶·µØÖ÷½ÇÉ«°æ
"QQÓÎÏ·" = QQÓÎÏ·
"ReaJPEG Pro_is1" = ReaJPEG Pro 4.0
"RealPlayer 6.0" = RealPlayer
"Security Task Manager" = Security Task Manager 1.7e
"SitNGoWizard" = SitNGo Wizard
"SopCast" = SopCast 3.4.0
"SopCore" = SopCore 1.1.2
"SystemRequirementsLab" = System Requirements Lab
"Texas Calculatem_is1" = Texas Calculatem 4 with "AutoRead"
"The Guild Gold_is1" = The Guild Gold
"TrojanHunter_is1" = TrojanHunter 5.1
"UltimaOnline" = Ultima Online: Renaissance
"UOAssist" = UOAssist
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"VentriloMIX" = VentriloMIX
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format Runtime
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinPatrol" = WinPatrol 2007
"WinRAR archiver" = WinRAR archiver
"VLC media player" = VideoLAN VLC media player 0.8.6c
"WMFDist11" = Windows Media Format 11 runtime
"Wolfenstein - Enemy Territory" = Wolfenstein - Enemy Territory
"x264 Revision 564 x264.nl" = x264 Revision 564 x264.nl (remove only)
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Octoshape Streaming Services" = Octoshape Streaming Services
"Warcraft III" = Warcraft III: All Products
========== Last 20 Event Log Errors ========== [ System Events ]
Error - 9.9.2012 23:30:16 | Computer Name = EMT-F8A04F66186 | Source = Service Control Manager | ID = 7001
Description = Palvelu Etäkäytön (RAS) yhteyksienhallinta on riippuvainen palvelusta
Puhelin, jonka käynnistyminen epäonnistui virheen vuoksi: %%1058
Error - 9.9.2012 23:35:32 | Computer Name = EMT-F8A04F66186 | Source = Service Control Manager | ID = 7001
Description = Palvelu Etäkäytön (RAS) yhteyksienhallinta on riippuvainen palvelusta
Puhelin, jonka käynnistyminen epäonnistui virheen vuoksi: %%1058
Error - 9.9.2012 23:40:48 | Computer Name = EMT-F8A04F66186 | Source = Service Control Manager | ID = 7001
Description = Palvelu Etäkäytön (RAS) yhteyksienhallinta on riippuvainen palvelusta
Puhelin, jonka käynnistyminen epäonnistui virheen vuoksi: %%1058
Error - 9.9.2012 23:46:06 | Computer Name = EMT-F8A04F66186 | Source = Service Control Manager | ID = 7001
Description = Palvelu Etäkäytön (RAS) yhteyksienhallinta on riippuvainen palvelusta
Puhelin, jonka käynnistyminen epäonnistui virheen vuoksi: %%1058
Error - 9.9.2012 23:51:24 | Computer Name = EMT-F8A04F66186 | Source = Service Control Manager | ID = 7001
Description = Palvelu Etäkäytön (RAS) yhteyksienhallinta on riippuvainen palvelusta
Puhelin, jonka käynnistyminen epäonnistui virheen vuoksi: %%1058
Error - 9.9.2012 23:58:41 | Computer Name = EMT-F8A04F66186 | Source = Service Control Manager | ID = 7001
Description = Palvelu Etäkäytön (RAS) yhteyksienhallinta on riippuvainen palvelusta
Puhelin, jonka käynnistyminen epäonnistui virheen vuoksi: %%1058
Error - 10.9.2012 0:05:24 | Computer Name = EMT-F8A04F66186 | Source = Service Control Manager | ID = 7001
Description = Palvelu Etäkäytön (RAS) yhteyksienhallinta on riippuvainen palvelusta
Puhelin, jonka käynnistyminen epäonnistui virheen vuoksi: %%1058
Error - 10.9.2012 0:11:47 | Computer Name = EMT-F8A04F66186 | Source = Service Control Manager | ID = 7001
Description = Palvelu Etäkäytön (RAS) yhteyksienhallinta on riippuvainen palvelusta
Puhelin, jonka käynnistyminen epäonnistui virheen vuoksi: %%1058
Error - 10.9.2012 0:18:33 | Computer Name = EMT-F8A04F66186 | Source = Service Control Manager | ID = 7001
Description = Palvelu Etäkäytön (RAS) yhteyksienhallinta on riippuvainen palvelusta
Puhelin, jonka käynnistyminen epäonnistui virheen vuoksi: %%1058
Error - 10.9.2012 0:19:43 | Computer Name = EMT-F8A04F66186 | Source = Service Control Manager | ID = 7001
Description = Palvelu Etäkäytön (RAS) yhteyksienhallinta on riippuvainen palvelusta
Puhelin, jonka käynnistyminen epäonnistui virheen vuoksi: %%1058
< End of report >
-----------------------------------------------------
edit: In your next reply, could you please explain what it means when the Extras log shows entries about FirewallEnabled value being 0 for DomainProfile, but 1 for StandardProfile? On my other computer (XP Pro, SP3), I can see that the values are reversed: there the value is 1 for DomainProfile but 0 for StandardProfile. In addition, the registry entry for the open ports looks a bit odd to me. Should I be concerned? I took a look and noticed that the PC that I'm having issues with, still has Windows firewall enabled alongside Comodo's firewall. In the 'exceptions' tab the following two were checked: UpNp and Xp Net Diagnostic. UpNp accounts for two ports (1900 and 2869 if I recall), does XpNetDiagnostic account for all the rest?
Thank you very much for your time.
Edited by mcs123, 10 September 2012 - 12:57 AM.