Fixed it! (The problem was in Windows Security Policy settings. A common problem with Firefox 3, appearently.) Here are the contents of the logfiles:
Logfile of random's system information tool 1.05 (written by random/random)
Run by Auri at 2009-01-10 17:12:38
Microsoft® Windows Vista™ Home Premium
System drive C: has 82 GB (54%) free of 152 GB
Total RAM: 1918 MB (50% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:12:51, on 10.1.2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16764)
Boot mode: Normal
Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Norman\Npm\bin\ELOGSVC.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Program Files\Norman\Npm\Bin\Zanda.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Wacom_Tablet.exe
C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Norman\Npm\bin\NJEEVES.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Norman\nse\bin\NSESVC.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\WTablet\Wacom_TabletUser.exe
C:\Windows\system32\Wacom_Tablet.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Norman\Npm\Bin\Zlh.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Norman\Nvc\bin\nvcoas.exe
C:\Program Files\Norman\Nvc\BIN\NVCSCHED.EXE
C:\Program Files\Norman\Nvc\BIN\NIP.EXE
C:\Program Files\Norman\Nvc\bin\cclaw.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Auri\Desktop\RSIT.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Trend Micro\HijackThis\Auri.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O1 - Hosts: ::1 localhost
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Norman ZANDA] "C:\Program Files\Norman\Npm\bin\ZLH.EXE" /LOAD /SPLASH
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\Auri\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Verkkopalvelu')
O4 - Startup: runit_32.lnk = C:\Program Files\runit\runit_32.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Windows Live Search -
res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: V&ie Microsoft Exceliin -
res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Lähetä OneNoteen - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Läh&etä OneNoteen - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: HP-leikekirja - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Smart -valitse - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Norman eLogger service 6 (eLoggerSvc6) - Norman ASA - C:\Program Files\Norman\Npm\bin\ELOGSVC.EXE
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Norman NJeeves - Norman ASA - C:\Program Files\Norman\Npm\bin\NJEEVES.EXE
O23 - Service: Norman ZANDA - Norman ASA - C:\Program Files\Norman\Npm\Bin\Zanda.exe
O23 - Service: Norman Scanner Engine Service (nsesvc) - Norman ASA - C:\Program Files\Norman\nse\bin\NSESVC.EXE
O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Program Files\Norman\Nvc\bin\nvcoas.exe
O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman ASA - C:\Program Files\Norman\Nvc\BIN\NVCSCHED.EXE
O23 - Service: TabletServiceWacom - Wacom Technology, Corp. - C:\Windows\system32\Wacom_Tablet.exe
O23 - Service: Fujitsu Siemens Computers Diagnostic Testhandler (TestHandler) - Fujitsu Siemens Computers - C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe
--
End of file - 8718 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Tarkistetaan Windows Live -työkalurivin päivitykset.job
C:\Windows\tasks\WebReg Deskjet D2400 series.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}]
HP Print Clips - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll [2007-03-02 177768]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader -linkkiavustaja - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll [2007-12-14 509328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Liven kirjautumisapuohjelma - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2007-08-21 1006264]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-04-10 4431872]
"SMSERIAL"=C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [2006-11-22 630784]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-02-26 153136]
"Norman ZANDA"=C:\Program Files\Norman\Npm\bin\ZLH.EXE [2008-06-02 273520]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe [2007-12-14 144784]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-09 1232896]
"WindowsWelcomeCenter"=C:\Windows\system32\oobefldr.dll [2006-11-02 2159104]
""= []
"StartCCC"=c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
"BitTorrent DNA"=C:\Users\Auri\Program Files\DNA\btdna.exe []
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-09-16 1833296]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Gamma Loader.exe.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Users\Auri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
runit_32.lnk - C:\Program Files\runit\runit_32.exe
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3a150461-b28e-11dc-ba92-806e6f6e6963}]
shell\AutoRun\command - E:\autorun.exe
======List of files/folders created in the last 1 months======
2009-01-10 17:12:38 ----D---- C:\rsit
2008-12-26 00:27:19 ----D---- C:\Program Files\Trend Micro
2008-12-25 16:54:31 ----A---- C:\Windows\wininit.ini
2008-12-25 15:35:20 ----D---- C:\Users\Auri\AppData\Roaming\Mozilla
2008-12-25 15:35:07 ----D---- C:\Program Files\Mozilla Firefox
2008-12-23 13:32:27 ----D---- C:\ProgramData\Spybot - Search & Destroy
2008-12-23 13:32:27 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-12-23 12:05:21 ----A---- C:\Windows\pn8.exe
2008-12-23 12:05:18 ----A---- C:\Windows\hw5305.exe
2008-12-23 12:05:11 ----A---- C:\Windows\ykgee3362.exe
2008-12-23 12:05:02 ----A---- C:\Windows\nohh06760.exe
2008-12-23 12:02:41 ----D---- C:\Program Files\IEToolbar
2008-12-23 12:02:34 ----A---- C:\Windows\xmovb6426.exe
2008-12-23 12:02:32 ----D---- C:\Program Files\runit
2008-12-23 12:02:31 ----A---- C:\Windows\vmqq64340.exe
2008-12-23 12:02:28 ----A---- C:\Windows\gpna8081.exe
2008-12-23 12:02:20 ----A---- C:\Windows\kdiue732.txt
2008-12-22 23:59:18 ----A---- C:\kdiue732.txt
2008-12-18 22:07:48 ----A---- C:\Windows\system32\mshtml.dll
2008-12-16 18:29:54 ----A---- C:\Windows\system32\qfhmidsgszwwva.dll
2008-12-12 23:48:27 ----A---- C:\Windows\system32\tzres.dll
2008-12-12 18:46:57 ----A---- C:\Windows\system32\gdi32.dll
2008-12-12 18:46:52 ----A---- C:\Windows\system32\gameux.dll
2008-12-12 18:46:52 ----A---- C:\Windows\system32\Apphlpdm.dll
2008-12-12 18:46:51 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2008-12-12 18:46:41 ----A---- C:\Windows\system32\shell32.dll
2008-12-12 18:46:27 ----A---- C:\Windows\explorer.exe
2008-12-12 18:46:22 ----A---- C:\Windows\system32\urlmon.dll
2008-12-12 18:46:22 ----A---- C:\Windows\system32\ieframe.dll
2008-12-12 18:46:21 ----A---- C:\Windows\system32\wininet.dll
2008-12-12 18:46:21 ----A---- C:\Windows\system32\pngfilt.dll
2008-12-12 18:46:21 ----A---- C:\Windows\system32\mstime.dll
2008-12-12 18:46:21 ----A---- C:\Windows\system32\mshtmled.dll
2008-12-12 18:46:21 ----A---- C:\Windows\system32\jsproxy.dll
2008-12-12 18:46:21 ----A---- C:\Windows\system32\ieUnatt.exe
2008-12-12 18:46:21 ----A---- C:\Windows\system32\ieui.dll
2008-12-12 18:46:21 ----A---- C:\Windows\system32\iesetup.dll
2008-12-12 18:46:21 ----A---- C:\Windows\system32\iertutil.dll
2008-12-12 18:46:21 ----A---- C:\Windows\system32\iernonce.dll
2008-12-12 18:46:21 ----A---- C:\Windows\system32\ieapfltr.dll
2008-12-12 18:46:21 ----A---- C:\Windows\system32\ie4uinit.exe
2008-12-12 18:46:21 ----A---- C:\Windows\system32\icardie.dll
2008-12-12 18:46:21 ----A---- C:\Windows\system32\dxtrans.dll
2008-12-12 18:46:21 ----A---- C:\Windows\system32\dxtmsft.dll
2008-12-12 18:46:21 ----A---- C:\Windows\system32\advpack.dll
2008-12-12 18:46:13 ----A---- C:\Windows\system32\WMVCORE.DLL
2008-12-12 18:46:13 ----A---- C:\Windows\system32\WMNetMgr.dll
2008-12-12 18:46:13 ----A---- C:\Windows\system32\rrinstaller.exe
2008-12-12 18:46:13 ----A---- C:\Windows\system32\mfps.dll
2008-12-12 18:46:13 ----A---- C:\Windows\system32\mfpmp.exe
2008-12-12 18:46:13 ----A---- C:\Windows\system32\mferror.dll
2008-12-12 18:46:13 ----A---- C:\Windows\system32\mf.dll
2008-12-12 18:46:13 ----A---- C:\Windows\system32\logagent.exe
======List of files/folders modified in the last 1 months======
2009-01-10 17:12:51 ----D---- C:\Windows\Prefetch
2009-01-10 17:12:45 ----D---- C:\Windows\Temp
2009-01-10 15:09:05 ----D---- C:\Windows\System32
2009-01-10 15:05:50 ----RD---- C:\Program Files
2009-01-10 11:54:09 ----D---- C:\Windows\system32\drivers
2009-01-10 11:53:54 ----D---- C:\Users\Auri\AppData\Roaming\WTablet
2009-01-10 11:53:32 ----D---- C:\Program Files\Norman
2009-01-10 11:15:41 ----SD---- C:\ProgramData\Microsoft
2009-01-08 21:00:28 ----SHD---- C:\System Volume Information
2009-01-05 16:58:09 ----D---- C:\Windows\inf
2009-01-05 16:58:09 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-01-03 21:43:35 ----D---- C:\Windows
2009-01-03 10:48:47 ----D---- C:\Windows\system32\catroot2
2009-01-02 17:46:00 ----D---- C:\Program Files\Adobe
2009-01-01 01:26:20 ----D---- C:\Windows\system32\Tasks
2009-01-01 01:26:19 ----D---- C:\Windows\Tasks
2008-12-27 18:45:48 ----D---- C:\Program Files\Tablet
2008-12-27 18:44:26 ----D---- C:\Windows\system32\catroot
2008-12-27 18:43:26 ----D---- C:\Windows\system32\WTablet
2008-12-23 13:32:27 ----HD---- C:\ProgramData
2008-12-23 11:43:26 ----D---- C:\Users\Auri\AppData\Roaming\LimeWire
2008-12-18 22:08:19 ----D---- C:\Windows\winsxs
2008-12-13 14:11:23 ----ASH---- C:\Program Files\desktop.ini
2008-12-13 14:10:07 ----D---- C:\Windows\AppPatch
2008-12-13 14:10:07 ----D---- C:\Program Files\Windows Mail
2008-12-13 14:10:06 ----D---- C:\Windows\system32\fi-FI
2008-12-13 14:10:05 ----D---- C:\Windows\system32\migration
2008-12-13 14:10:05 ----D---- C:\Program Files\Internet Explorer
2008-12-12 23:51:41 ----SHD---- C:\Windows\Installer
2008-12-12 23:51:34 ----HD---- C:\Config.Msi
2008-12-12 23:51:33 ----D---- C:\ProgramData\Microsoft Help
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2008-04-26 278728]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2008-04-26 25416]
R2 Ndiskio;Ndiskio; \??\C:\Program Files\Norman\Nse\bin\NDISKIO.SYS [2007-01-02 20448]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2007-02-01 690176]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2007-12-29 14208]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-04-10 1764960]
R3 NvcMFlt;NvcMFlt; C:\Windows\system32\DRIVERS\nvcv32mf.sys [2008-09-02 19512]
R3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2007-02-02 2385920]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2007-01-15 70144]
R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2006-11-22 982272]
R3 wacommousefilter;Wacom Mouse Filter Driver; C:\Windows\system32\DRIVERS\wacommousefilter.sys [2007-02-16 11312]
R3 wacomvhid;Wacom Virtual Hid Driver; C:\Windows\system32\DRIVERS\wacomvhid.sys [2008-07-11 13352]
R3 WacomVKHid;Virtual Keyboard Driver; C:\Windows\system32\DRIVERS\WacomVKHid.sys [2007-02-15 11440]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 5632]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 6016]
S3 nvcfsr;nvcfsr; \??\C:\Program Files\Norman\Nvc\bin\nvcfsr.sys [2007-01-09 6712]
S3 nvcoafl4;nvcoafl4; \??\C:\Program Files\Norman\Nvc\bin\nvcoafl4.sys [2007-01-09 36472]
S3 nvcoaft4;nvcoaft4; \??\C:\Program Files\Norman\Nvc\bin\nvcoaft4.sys [2007-01-09 104288]
S3 nvcoarc4;nvcoarc4; \??\C:\Program Files\Norman\Nvc\bin\nvcoarc4.sys [2007-01-09 25528]
S3 wacmoumonitor;Wacom Mode Helper; C:\Windows\system32\DRIVERS\wacmoumonitor.sys [2008-10-06 15656]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2006-11-02 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2006-11-02 82560]
S4 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iastor.sys [2006-05-11 247808]
S4 nvatabus;nvatabus; C:\Windows\system32\drivers\nvatabus.sys [2006-07-14 105088]
S4 viamraid;viamraid; C:\Windows\system32\drivers\viamraid.sys [2006-03-31 100992]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2007-02-02 565248]
R2 eLoggerSvc6;Norman eLogger service 6; C:\Program Files\Norman\Npm\bin\ELOGSVC.EXE [2007-08-30 150584]
R2 hpqddsvc;HP CUE DeviceDiscovery -palvelu; C:\Windows\system32\svchost.exe [2006-11-02 22016]
R2 Norman ZANDA;Norman ZANDA; C:\Program Files\Norman\Npm\Bin\Zanda.exe [2008-04-23 408696]
R2 TabletServiceWacom;TabletServiceWacom; C:\Windows\system32\Wacom_Tablet.exe [2008-10-30 2749224]
R2 TestHandler;Fujitsu Siemens Computers Diagnostic Testhandler; C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe [2006-12-08 204800]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2006-11-02 22016]
R3 Norman NJeeves;Norman NJeeves; C:\Program Files\Norman\Npm\bin\NJEEVES.EXE [2008-03-27 150584]
R3 nsesvc;Norman Scanner Engine Service; C:\Program Files\Norman\nse\bin\NSESVC.EXE [2008-06-19 322616]
R3 nvcoas;Norman Virus Control on-access component; C:\Program Files\Norman\Nvc\bin\nvcoas.exe [2008-04-29 183352]
R3 NVCScheduler;Norman Virus Control Scheduler; C:\Program Files\Norman\Nvc\BIN\NVCSCHED.EXE [2008-03-11 146488]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-02-26 267824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 usnjsvc;Messengerin jaettavien kansioiden USN Journal -lokin lukupalvelu; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.05 2009-01-10 17:12:56
======Uninstall list======
-->C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\Windows\UNNeroMediaHome.exe /UNINSTALL
-->C:\Windows\UNNeroShowTime.exe /UNINSTALL
-->C:\Windows\UNNeroVision.exe /UNINSTALL
-->C:\Windows\UNRecode.exe /UNINSTALL
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040B-0000-0000000FF1CE} /uninstall {E2697EE8-D953-4482-8A30-D6A4D07DE5FB}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040B-0000-0000000FF1CE} /uninstall {E2697EE8-D953-4482-8A30-D6A4D07DE5FB}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040B-0000-0000000FF1CE} /uninstall {E2697EE8-D953-4482-8A30-D6A4D07DE5FB}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040B-0000-0000000FF1CE} /uninstall {F14C929B-E0E6-4EB5-8BFD-FC71AAC7D39C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-041D-0000-0000000FF1CE} /uninstall {A8626CEF-CB0A-4BC2-8F51-210A43B6158D}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040B-0000-0000000FF1CE} /uninstall {E8865B68-C2A1-4B9D-BBA7-782E8FC2E52F}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-040B-0000-0000000FF1CE} /uninstall {E2697EE8-D953-4482-8A30-D6A4D07DE5FB}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Photoshop Elements-->C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Adobe\Photoshop Elements\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop Elements\Uninst.dll"
Adobe Reader 8.1.2 - Suomi-->MsiExec.exe /I{AC76BA86-7AD7-1035-7B44-A81200000003}
Adobe SVG Viewer-->C:\Windows\IsUninst.exe -f"C:\Windows\System32\Adobe\SVG Viewer\Uninst.isu"
Ajokorttikoulu-->C:\Program Files\Ajokorttikoulu\Uninstall.exe
ATI Uninstaller-->C:\Program Files\ATI\CIM\Bin\Atisetup.exe -uninstall all
Automaattiset valikot (Windows Live Toolbar)-->MsiExec.exe /X{B01DC672-EA23-4FF8-BA22-F622AAF00EAD}
FirstSteps Diagnostics-->MsiExec.exe /X{94D66D71-12F0-48A5-B46A-D4B835A0F1B7}
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
HP Customer Participation Program 9.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Deskjet Printer Driver Software 9.0-->C:\Program Files\HP\Digital Imaging\{F5936267-D467-4e7b-8940-A7D9F0398EF3}\setup\hpzscr01.exe -datfile hphscr15.dat -showdisconnect -forcereboot
HP Imaging Device Functions 9.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart Essential 2.01-->C:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat
HP Product Assistant-->MsiExec.exe /I{36FDBE6E-6684-462B-AE98-9A39A1B200CC}
HP Smart Web Printing-->MsiExec.exe /X{415CDA53-9100-476F-A7B2-476691E117C7}
HP Solution Center 9.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Update-->MsiExec.exe /X{FE57DE70-95DE-4B64-9266-84DA811053DB}
HPSSupply-->MsiExec.exe /X{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}
Java(TM) 6 Update 4-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160040}
Korostuksen katselu (Windows Live Toolbar)-->MsiExec.exe /X{90E65178-09D9-44DB-9506-361FD59B731B}
Microsoft Office Excel MUI (Finnish) 2007-->MsiExec.exe /X{90120000-0016-040B-0000-0000000FF1CE}
Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Finnish) 2007-->MsiExec.exe /X{90120000-00A1-040B-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Finnish) 2007-->MsiExec.exe /X{90120000-0018-040B-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (Finnish) 2007-->MsiExec.exe /X{90120000-001F-040B-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Swedish) 2007-->MsiExec.exe /X{90120000-001F-041D-0000-0000000FF1CE}
Microsoft Office Proofing (Finnish) 2007-->MsiExec.exe /X{90120000-002C-040B-0000-0000000FF1CE}
Microsoft Office Shared MUI (Finnish) 2007-->MsiExec.exe /X{90120000-006E-040B-0000-0000000FF1CE}
Microsoft Office Word MUI (Finnish) 2007-->MsiExec.exe /X{90120000-001B-040B-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Works-->MsiExec.exe /I{6495D83E-3A5B-4674-A17F-3A6DDCDC0F89}
Motorola SM56 Data Fax Modem-->rundll32.exe sm56co6a.dll,SM56UnInstaller
Mozilla Firefox (3.0.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Nero 7 Essentials-->MsiExec.exe /X{81CD6232-10F5-4832-B3DA-1B88B1571035}
Norman Virus Control-->C:\Program Files\Norman\NVC\BIN\DelNVC5.exe
PAP 4.0-->"C:\Program Files\PAP40\unins000.exe"
PAP project files-->c:\pap_projects\unins000.exe
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
Run It-->"C:\Program Files\runit\runitu_32.exe"
RUNAWAY - A road adventure-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0816004-8FFF-40D5-9699-23A14BAF07A4}\setup.exe"
RUNAWAY - The dream of the turtle-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1C16547A-D666-4971-B37E-D0B2FEC828D8}\setup.exe"
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB958439)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {6491B8AA-D11C-4648-A461-6234B31EB7E2}
Security Update for Microsoft Office Excel 2007 (KB958437)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {648FC016-2D6B-4A16-8D87-404533642F4B}
Security Update for Microsoft Office OneNote 2007 (KB950130)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}
Security Update for Microsoft Office Word 2007 (KB956358)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C}
Security Update for Visio 2007 (KB947590)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {6BAD036C-261F-4BEF-96CF-C20678D07A41}
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
The Sims 2 Nightlife-->C:\Program Files\EA GAMES\The Sims 2 Nightlife\EAUninstall.exe
The Sims 2 Pets-->C:\Program Files\EA GAMES\The Sims 2 Pets\EAUninstall.exe
The Sims 2-->C:\Program Files\EA GAMES\The Sims 2\EAUninstall.exe
Update for Office 2007 (KB946691)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Wacom Tablet-->C:\Program Files\Tablet\Wacom\Remove.exe /u
Warcraft III-->C:\Windows\War3Unin.exe C:\Windows\War3Unin.dat
Windows Live installer-->MsiExec.exe /X{5C29C5F5-A9C9-4E89-A606-13E165E7C55F}
Windows Live Messenger-->MsiExec.exe /X{A9174A72-1B46-445B-B3CF-90ED2C63D83B}
Windows Live Toolbar-->"C:\Program Files\Windows Live Toolbar\UnInstall.exe" {3D24EE33-20D9-44A8-BFEE-5EEBC812E715}
Windows Live Toolbar-->MsiExec.exe /X{3D24EE33-20D9-44A8-BFEE-5EEBC812E715}
Windows Live Toolbarin laajennus (Windows Live Toolbar)-->MsiExec.exe /X{E3D1082C-6A34-46BC-88AD-2775C8035FB5}
Windows Liven kirjautumisavustaja-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
Vista Codec Package-->MsiExec.exe /I{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}
=====HijackThis Backups=====
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896======Hosts File======
127.0.0.1
www.007guard.com127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1
www.008k.com127.0.0.1 008k.com
127.0.0.1
www.00hq.com127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1
www.032439.com127.0.0.1 032439.com
======Security center information======
AV: Norman Virus Control ver. 5.99
AS: Windows Defender
System event log
Computer Name: Auri-PC
Event Code: 7036
Message: Palvelu Ongelmien raportit ja ratkaisut -ohjauspaneelin tuki on tilassa käynnissä.
Record Number: 95111
Source Name: Service Control Manager
Time Written: 20090110130717.000000-000
Event Type: Tietoja
User:
Computer Name: Auri-PC
Event Code: 7036
Message: Palvelu Ongelmien raportit ja ratkaisut -ohjauspaneelin tuki on tilassa pysäytetty.
Record Number: 95112
Source Name: Service Control Manager
Time Written: 20090110130736.000000-000
Event Type: Tietoja
User:
Computer Name: Auri-PC
Event Code: 7036
Message: Palvelu WinHTTP WWW -välityspalvelimen automaattinen etsintäpalvelu on tilassa pysäytetty.
Record Number: 95113
Source Name: Service Control Manager
Time Written: 20090110132324.000000-000
Event Type: Tietoja
User:
Computer Name: Auri-PC
Event Code: 7036
Message: Palvelu WinHTTP WWW -välityspalvelimen automaattinen etsintäpalvelu on tilassa käynnissä.
Record Number: 95114
Source Name: Service Control Manager
Time Written: 20090110145508.000000-000
Event Type: Tietoja
User:
Computer Name: Auri-PC
Event Code: 7036
Message: Palvelu WinHTTP WWW -välityspalvelimen automaattinen etsintäpalvelu on tilassa pysäytetty.
Record Number: 95115
Source Name: Service Control Manager
Time Written: 20090110151138.000000-000
Event Type: Tietoja
User:
Application event log
Computer Name: Auri-PC
Event Code: 102
Message: InputPersonalization (3808) InkStore: The database engine (6.00.6000.0000) started a new instance (0).
Record Number: 14585
Source Name: ESENT
Time Written: 20090110095620.000000-000
Event Type: Tietoja
User:
Computer Name: Auri-PC
Event Code: 1000
Message: Viallinen sovellus iexplore.exe, versio 7.0.6000.16764, aikaleima 0x48f6a2ed, virhemoduuli qfhmidsgszwwva.dll_unloaded, versio 0.0.0.0, aikaleima 0x4947d781, poikkeuskoodi 0xc0000005, virhepoikkeama 0x0402b0ae, prosessin tunnus 0x1620, sovelluksen käynnistysaika 0x01c9732448d26270.
Record Number: 14586
Source Name: Application Error
Time Written: 20090110130651.000000-000
Event Type: Virhe
User:
Computer Name: Auri-PC
Event Code: 1000
Message: Viallinen sovellus iexplore.exe, versio 7.0.6000.16764, aikaleima 0x48f6a2ed, virhemoduuli qfhmidsgszwwva.dll_unloaded, versio 0.0.0.0, aikaleima 0x4947d781, poikkeuskoodi 0xc0000005, virhepoikkeama 0x04ceb0ae, prosessin tunnus 0x1518, sovelluksen käynnistysaika 0x01c9732445f16290.
Record Number: 14587
Source Name: Application Error
Time Written: 20090110130651.000000-000
Event Type: Virhe
User:
Computer Name: Auri-PC
Event Code: 1001
Message: Vikasäiliö 386350582, tyyppi 5
Tapahtuman nimi: WERCWEvent
Vastaus: Ei mitään
Cab Id: 0
Ongelman allekirjoitus:
P1: iexplore.exe
P2: 7.0.6000.16764
P3: 48f6a2ed
P4: 26
P5:
P6:
P7:
P8:
P9:
P10:
Liitetyt tiedostot:
Tiedostot voivat olla käytettävissä kohteessa:
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Report11117062
Record Number: 14588
Source Name: Windows Error Reporting
Time Written: 20090110130657.000000-000
Event Type: Tietoja
User:
Computer Name: Auri-PC
Event Code: 1001
Message: Vikasäiliö 1093830511, tyyppi 1
Tapahtuman nimi: APPCRASH
Vastaus:
http://oca.microsoft.com/resredir.aspx? ... 1093830511Cab Id: 0
Ongelman allekirjoitus:
P1: iexplore.exe
P2: 7.0.6000.16764
P3: 48f6a2ed
P4: qfhmidsgszwwva.dll_unloaded
P5: 0.0.0.0
P6: 4947d781
P7: c0000005
P8: 04ceb0ae
P9:
P10:
Liitetyt tiedostot:
C:\Users\Auri\AppData\Local\Temp\WER59F5.tmp.version.txt
Tiedostot voivat olla käytettävissä kohteessa:
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Report1011adfd
Record Number: 14589
Source Name: Windows Error Reporting
Time Written: 20090110130713.000000-000
Event Type: Tietoja
User:
Security event log
Computer Name: Auri-PC
Event Code: 4624
Message: Tilille kirjauduttiin.
Aihe:
Suojaustunnus: S-1-5-18
Tilin nimi: AURI-PC$
Tilin toimialue: WORKGROUP
Kirjautumistunnus: 0x3e7
Kirjautumistyyppi: 7
Uudet kirjautumistiedot:
Suojaustunnus: S-1-5-21-714258529-3474847341-3032381344-1000
Tilin nimi: Auri
Tilin toimialue: Auri-PC
Kirjautumistunnus: 0x52c58c
Kirjautumis-GUID: {00000000-0000-0000-0000-000000000000}
Prosessin tiedot:
Prosessitunnus: 0x294
Prosessin nimi: C:\Windows\System32\winlogon.exe
Verkkotiedot:
Työaseman nimi: AURI-PC
Lähdeverkko-osoite: 127.0.0.1
Lähdeportti: 0
Yksityiskohtaiset todennustiedot:
Kirjausprosessi: User32
Todennuspaketti: Negotiate
Siirretyt palvelut: -
Paketin nimi (vain NTLM): -
Avaimen pituus: 0
Tämä tapahtuma luodaan, kun kirjausistunto muodostetaan. Tapahtuma luodaan käytön kohteena olevaan tietokoneeseen.
Aihekentät ilmaisevat paikallisjärjestelmän tilin, joka pyysi lupaa kirjautua sisään. Kyseessä on yleensä palvelu, kuten palvelinpalvelu, tai paikallinen prosessi, kuten Winlogon.exe tai Services.exe.
Kirjautumistyyppi-kenttä ilmaisee tapahtuneen kirjautumisen tyypin. Yleisimmät tyypit ovat 2 (vuorovaikutteinen) ja 3 (verkko).
Uudet kirjautumistiedot -kentät ilmaisevat tilin, jolle uudet kirjautumistiedot luodaan (tili, joka kirjautui sisään järjestelmään).
Verkkokentät ilmaisevat, mistä etäkirjauspyyntö on peräisin. Työaseman nimi ei ole aina käytettävissä, joten nimikenttä on toisinaan tyhjä.
Todennustietokentät sisältävät yksityiskohtaisia tietoja tästä nimenomaisesta kirjauspyynnöstä.
- Kirjautumis-GUID on yksilöllinen tunnus, jonka avulla tämän tapahtuman voi yhdistää KDC-tapahtumaan.
- Siirretyt palvelut -kenttä ilmaisee, mitkä väliaikaispalvelut ovat osallistuneet tähän kirjauspyyntöön.
- Paketin nimi ilmaisee, mitä aliprotokollaa on käytetty NTLM-protokollien joukossa.
- Avaimen pituus ilmaisee luodun istuntoavaimen pituuden. Tämä arvo on 0, jos istuntoavainta ei ole pyydetty.
Record Number: 32005
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090110121020.317200-000
Event Type: Onnistunut valvonta
User:
Computer Name: Auri-PC
Event Code: 4624
Message: Tilille kirjauduttiin.
Aihe:
Suojaustunnus: S-1-5-18
Tilin nimi: AURI-PC$
Tilin toimialue: WORKGROUP
Kirjautumistunnus: 0x3e7
Kirjautumistyyppi: 7
Uudet kirjautumistiedot:
Suojaustunnus: S-1-5-21-714258529-3474847341-3032381344-1000
Tilin nimi: Auri
Tilin toimialue: Auri-PC
Kirjautumistunnus: 0x52c5ae
Kirjautumis-GUID: {00000000-0000-0000-0000-000000000000}
Prosessin tiedot:
Prosessitunnus: 0x294
Prosessin nimi: C:\Windows\System32\winlogon.exe
Verkkotiedot:
Työaseman nimi: AURI-PC
Lähdeverkko-osoite: 127.0.0.1
Lähdeportti: 0
Yksityiskohtaiset todennustiedot:
Kirjausprosessi: User32
Todennuspaketti: Negotiate
Siirretyt palvelut: -
Paketin nimi (vain NTLM): -
Avaimen pituus: 0
Tämä tapahtuma luodaan, kun kirjausistunto muodostetaan. Tapahtuma luodaan käytön kohteena olevaan tietokoneeseen.
Aihekentät ilmaisevat paikallisjärjestelmän tilin, joka pyysi lupaa kirjautua sisään. Kyseessä on yleensä palvelu, kuten palvelinpalvelu, tai paikallinen prosessi, kuten Winlogon.exe tai Services.exe.
Kirjautumistyyppi-kenttä ilmaisee tapahtuneen kirjautumisen tyypin. Yleisimmät tyypit ovat 2 (vuorovaikutteinen) ja 3 (verkko).
Uudet kirjautumistiedot -kentät ilmaisevat tilin, jolle uudet kirjautumistiedot luodaan (tili, joka kirjautui sisään järjestelmään).
Verkkokentät ilmaisevat, mistä etäkirjauspyyntö on peräisin. Työaseman nimi ei ole aina käytettävissä, joten nimikenttä on toisinaan tyhjä.
Todennustietokentät sisältävät yksityiskohtaisia tietoja tästä nimenomaisesta kirjauspyynnöstä.
- Kirjautumis-GUID on yksilöllinen tunnus, jonka avulla tämän tapahtuman voi yhdistää KDC-tapahtumaan.
- Siirretyt palvelut -kenttä ilmaisee, mitkä väliaikaispalvelut ovat osallistuneet tähän kirjauspyyntöön.
- Paketin nimi ilmaisee, mitä aliprotokollaa on käytetty NTLM-protokollien joukossa.
- Avaimen pituus ilmaisee luodun istuntoavaimen pituuden. Tämä arvo on 0, jos istuntoavainta ei ole pyydetty.
Record Number: 32006
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090110121020.317200-000
Event Type: Onnistunut valvonta
User:
Computer Name: Auri-PC
Event Code: 4672
Message: Uuteen sisäänkirjaukseen on liitetty erikoisoikeuksia.
Aihe:
Suojaustunnus: S-1-5-21-714258529-3474847341-3032381344-1000
Tilin nimi: Auri
Toimialue: Auri-PC
Kirjautumistunnus: 0x52c58c
Oikeudet: SeSecurityPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeTakeOwnershipPrivilege
SeDebugPrivilege
SeSystemEnvironmentPrivilege
SeLoadDriverPrivilege
SeImpersonatePrivilege
Record Number: 32007
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090110121020.317200-000
Event Type: Onnistunut valvonta
User:
Computer Name: Auri-PC
Event Code: 4634
Message: Tili kirjattiin ulos.
Aihe:
Suojaustunnus: S-1-5-21-714258529-3474847341-3032381344-1000
Tilin nimi: Auri
Tilin toimialue: Auri-PC
Kirjautumistunnus: 0x52c58c
Kirjautumistyyppi: 7
Tämä tapahtuma luodaan, kun kirjausistunto tuhotaan. Se voi korreloida positiivisesti kirjautumistunnuksen arvoa käyttävän kirjaustapahtuman kanssa. Kirjautumistunnukset ovat yksilöllisiä vain saman tietokoneen uudelleenkäynnistysten välillä.
Record Number: 32008
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090110121020.317200-000
Event Type: Onnistunut valvonta
User:
Computer Name: Auri-PC
Event Code: 5032
Message: Windowsin palomuuri ei voinut ilmoittaa käyttäjälle, että se esti sovellusta hyväksymästä saapuvia yhteyksiä verkossa.
Virhekoodi: 2
Record Number: 32009
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090110151332.048200-000
Event Type: Valvontavirhe
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;c:\Program Files\ATI Technologies\ATI.ACE\Core-Static;%NpmLib%
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 104 Stepping 1, AuthenticAMD
"PROCESSOR_REVISION"=6801
"NUMBER_OF_PROCESSORS"=2
"NpmLib"=C:\Program Files\Norman\Npm\Bin
-----------------EOF-----------------