Koneen käynnistys takkuilee ja kestää kauan

Discussion in 'Virukset ja haittaohjelmat - HijackThis -logit' started by odie01, Apr 14, 2013.

  1. odie01

    odie01 Regular member

    Joined:
    Oct 31, 2004
    Messages:
    299
    Likes Received:
    0
    Trophy Points:
    26
    Kone käynnistyy todella hitaasti, pari ensinmäistä kertaa kun availin ilmoitteli että jotkin ohjelmat eivät vastaa Esim: Avast,Spotify,Explorer.exe.


    Tässä logi jos löytyisi jokin selitys.

    Kiitos.

    ---------------------------------------------

    OTL logfile created on: 14.4.2013 19:26:15 - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = D:\Documents and Settings\odie\Työpöytä
    Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 0000040B | Country: Suomi | Language: FIN | Date Format: d.M.yyyy

    3,12 Gb Total Physical Memory | 2,52 Gb Available Physical Memory | 80,82% Memory free
    4,96 Gb Paging File | 4,48 Gb Available in Paging File | 90,32% Paging File free
    Paging file location(s): D:\pagefile.sys 2046 4092 [binary data]

    %SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files
    Drive C: | 100,00 Mb Total Space | 73,32 Mb Free Space | 73,32% Space Free | Partition Type: NTFS
    Drive D: | 931,41 Gb Total Space | 475,49 Gb Free Space | 51,05% Space Free | Partition Type: NTFS
    Drive F: | 931,51 Gb Total Space | 127,43 Gb Free Space | 13,68% Space Free | Partition Type: NTFS

    Computer Name: TEHOMYLLY | User Name: odie | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2013.04.14 19:24:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\odie\Työpöytä\OTL.exe
    PRC - [2013.04.14 18:59:50 | 000,059,964 | ---- | M] (Macrovision Europe Ltd.) -- D:\Documents and Settings\odie\Local Settings\Temp\Sound_Blaster_X-Fi_MB_Cleanup.0001
    PRC - [2013.04.12 10:55:42 | 000,920,472 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\firefox.exe
    PRC - [2013.04.06 17:42:50 | 001,104,280 | ---- | M] (Spotify Ltd) -- D:\Program Files\Spotify\Data\SpotifyWebHelper.exe
    PRC - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- D:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
    PRC - [2012.06.15 15:44:04 | 000,548,264 | ---- | M] (Splashtop Inc.) -- D:\Program Files\Splashtop\Splashtop Remote\Server\SRService.exe
    PRC - [2012.03.15 08:20:30 | 000,370,504 | ---- | M] (Splashtop Inc.) -- D:\Program Files\Splashtop\Splashtop Software Updater\SSUService.exe
    PRC - [2010.09.03 22:44:43 | 000,079,360 | ---- | M] (Creative Labs) -- D:\Program Files\Common Files\Creative Labs Shared\Service\XMBLicensing.exe
    PRC - [2010.06.28 23:57:18 | 002,837,864 | ---- | M] (AVAST Software) -- D:\Program Files\Alwil Software\Avast5\AvastUI.exe
    PRC - [2010.01.22 12:29:40 | 000,106,496 | ---- | M] (NEC Electronics Corporation) -- C:\Program Files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
    PRC - [2009.07.08 15:32:50 | 001,233,195 | ---- | M] (Creative Technology Ltd) -- D:\Program Files\InstallShield Installation Information\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}\AMBSPISyncService.exe
    PRC - [2009.05.04 19:05:04 | 000,241,789 | ---- | M] (Creative Technology Ltd) -- D:\Program Files\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe
    PRC - [2009.04.26 18:34:00 | 002,187,264 | ---- | M] (CD Art Display) -- D:\Program Files\CD Art Display\CAD.exe
    PRC - [2009.02.23 06:43:56 | 000,307,200 | ---- | M] (Creative Technology Ltd) -- D:\Program Files\Creative\Shared Files\CTAudSvc.exe
    PRC - [2007.06.13 16:22:06 | 001,033,728 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\explorer.exe
    PRC - [2007.05.11 02:09:48 | 001,050,120 | ---- | M] (O&O Software GmbH) -- D:\WINDOWS\system32\oodag.exe
    PRC - [2007.05.11 02:08:54 | 002,512,392 | ---- | M] (O&O Software GmbH) -- D:\WINDOWS\system32\oodtray.exe
    PRC - [2006.11.14 19:19:08 | 002,860,792 | ---- | M] (Stardock) -- D:\Program Files\Stardock\ObjectDock\ObjectDock.exe
    PRC - [2006.05.24 21:31:06 | 000,372,736 | ---- | M] () -- D:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
    PRC - [2005.05.10 12:31:22 | 000,241,664 | ---- | M] (Stardock) -- D:\Program Files\Common Files\Stardock\SDMCP.exe
    PRC - [2005.01.19 17:44:22 | 000,140,288 | ---- | M] ( ) -- D:\Program Files\CursorXP\CursorXP.exe
    PRC - [2004.08.13 19:05:56 | 002,532,576 | ---- | M] (Sygate Technologies, Inc.) -- D:\Program Files\Sygate\SPF\Smc.exe


    ========== Modules (No Company Name) ==========

    MOD - [2013.04.14 18:59:53 | 000,592,896 | ---- | M] () -- D:\Documents and Settings\odie\Local Settings\Temp\Sound_Blaster_X-Fi_MB_Cleanup.0001.dir.0000\~de6248.tmp
    MOD - [2013.04.14 18:59:50 | 000,697,884 | ---- | M] () -- D:\Documents and Settings\odie\Local Settings\Temp\Sound_Blaster_X-Fi_MB_Cleanup.0001.dir.0000\~df394b.tmp
    MOD - [2013.04.12 10:55:42 | 003,133,336 | ---- | M] () -- D:\Program Files\Mozilla Firefox\mozjs.dll
    MOD - [2012.02.20 21:29:04 | 000,087,912 | ---- | M] () -- D:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
    MOD - [2012.02.20 21:28:42 | 001,242,472 | ---- | M] () -- D:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
    MOD - [2011.03.02 13:40:51 | 000,140,288 | ---- | M] () -- D:\Program Files\WinRAR\RarExt.dll
    MOD - [2010.09.05 13:41:38 | 011,797,504 | ---- | M] () -- D:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\d987cf1de4ba688da92e212a374232c2\System.Web.ni.dll
    MOD - [2010.09.05 13:40:53 | 000,971,264 | ---- | M] () -- D:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\631b3eba1ba5bd3c3f027f34011cadeb\System.Configuration.ni.dll
    MOD - [2010.09.05 13:40:49 | 000,025,600 | ---- | M] () -- D:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\e63d6d26b8a664cfdfbd4ad75e03c14d\Accessibility.ni.dll
    MOD - [2010.09.05 13:10:08 | 005,450,752 | ---- | M] () -- D:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\563a54b98adb70fae862974042298348\System.Xml.ni.dll
    MOD - [2010.09.05 13:10:05 | 012,430,848 | ---- | M] () -- D:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\2dfe045e4b1577fdea9a2f456db0afc2\System.Windows.Forms.ni.dll
    MOD - [2010.09.05 13:09:59 | 001,587,200 | ---- | M] () -- D:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\f3440ea00eb3c40dc073b2fe03843638\System.Drawing.ni.dll
    MOD - [2010.09.05 13:09:24 | 007,949,824 | ---- | M] () -- D:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\37217abe2c5164e59aba251860f4c79e\System.ni.dll
    MOD - [2010.09.05 13:09:21 | 011,486,720 | ---- | M] () -- D:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\7124a40b9998f7b63c86bd1a2125ce26\mscorlib.ni.dll
    MOD - [2010.09.05 13:08:56 | 000,303,104 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
    MOD - [2010.05.27 12:40:48 | 000,270,336 | ---- | M] () -- D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
    MOD - [2010.04.16 14:20:06 | 000,016,384 | R--- | M] () -- D:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
    MOD - [2010.03.16 12:22:12 | 000,014,848 | ---- | M] () -- D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AxInterop.WBOCXLib.dll
    MOD - [2006.11.14 19:19:02 | 000,026,288 | ---- | M] () -- D:\Program Files\Stardock\ObjectDock\DockShellHook.dll
    MOD - [2006.11.14 18:15:38 | 000,059,568 | ---- | M] () -- D:\Program Files\Stardock\ObjectDock\zlib.dll
    MOD - [2006.11.14 18:15:08 | 000,095,920 | ---- | M] () -- D:\Program Files\Stardock\ObjectDock\CrashRpt.dll
    MOD - [2006.05.24 21:31:06 | 000,372,736 | ---- | M] () -- D:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
    MOD - [2004.09.14 16:11:52 | 000,014,336 | ---- | M] () -- D:\WINDOWS\system32\msdmo.dll
    MOD - [2004.08.11 22:19:44 | 000,828,656 | ---- | M] () -- D:\Program Files\Sygate\SPF\SyLink.dll
    MOD - [2004.08.10 17:05:34 | 001,381,616 | ---- | M] () -- D:\Program Files\Sygate\SPF\tse.dll
    MOD - [2004.08.10 17:05:32 | 000,890,088 | ---- | M] () -- D:\Program Files\Sygate\SPF\SpNet.dll
    MOD - [2002.11.19 13:11:40 | 000,139,264 | ---- | M] () -- D:\Program Files\Common Files\Stardock\ODimg.dll


    ========== Services (SafeList) ==========

    SRV - File not found [Auto | Stopped] -- D:\Program Files\Voddler\service\voddler.exe -- (VoddlerNet)
    SRV - [2013.04.12 10:55:42 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- D:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
    SRV - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
    SRV - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- D:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
    SRV - [2012.06.15 15:44:04 | 000,548,264 | ---- | M] (Splashtop Inc.) [Auto | Running] -- D:\Program Files\Splashtop\Splashtop Remote\Server\SRService.exe -- (SplashtopRemoteService)
    SRV - [2012.03.15 08:20:30 | 000,370,504 | ---- | M] (Splashtop Inc.) [Auto | Running] -- D:\Program Files\Splashtop\Splashtop Software Updater\SSUService.exe -- (SSUService)
    SRV - [2010.09.03 22:44:54 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- D:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
    SRV - [2010.09.03 22:44:43 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Running] -- D:\Program Files\Common Files\Creative Labs Shared\Service\XMBLicensing.exe -- (Sound Blaster X-Fi MB Licensing Service)
    SRV - [2010.06.28 23:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Stopped] -- D:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
    SRV - [2010.06.28 23:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Stopped] -- D:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
    SRV - [2010.06.28 23:57:15 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Stopped] -- D:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
    SRV - [2009.02.23 06:43:56 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- D:\Program Files\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
    SRV - [2007.05.11 02:09:48 | 001,050,120 | ---- | M] (O&O Software GmbH) [Auto | Running] -- D:\WINDOWS\system32\oodag.exe -- (O&O Defrag)
    SRV - [2006.05.24 21:31:06 | 000,372,736 | ---- | M] () [Auto | Running] -- D:\Program Files\TGTSoft\StyleXP\StyleXPService.exe -- (StyleXPService)
    SRV - [2004.08.13 19:05:56 | 002,532,576 | ---- | M] (Sygate Technologies, Inc.) [Auto | Running] -- D:\Program Files\Sygate\SPF\Smc.exe -- (SmcService)


    ========== Driver Services (SafeList) ==========

    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
    DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
    DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
    DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
    DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
    DRV - [2013.04.04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- D:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
    DRV - [2012.06.21 17:04:52 | 000,407,368 | ---- | M] () [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\SRS_AE_i386.sys -- (SRS_AE_Service)
    DRV - [2010.06.28 23:37:52 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- D:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
    DRV - [2010.06.28 23:37:30 | 000,165,456 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- D:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
    DRV - [2010.06.28 23:33:13 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
    DRV - [2010.06.28 23:32:45 | 000,100,176 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- D:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
    DRV - [2010.06.28 23:32:33 | 000,017,744 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- D:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
    DRV - [2010.06.28 23:32:16 | 000,028,880 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- D:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
    DRV - [2010.05.27 20:37:06 | 004,830,720 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
    DRV - [2010.03.09 13:09:24 | 002,116,480 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\viahduaa.sys -- (VIAHdAudAddService)
    DRV - [2010.03.08 13:41:48 | 000,220,112 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
    DRV - [2010.01.28 04:12:02 | 000,095,232 | R--- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
    DRV - [2010.01.22 12:21:48 | 000,139,648 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\nusb3xhc.sys -- (nusb3xhc)
    DRV - [2010.01.22 12:21:46 | 000,059,904 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\nusb3hub.sys -- (nusb3hub)
    DRV - [2009.06.26 10:29:34 | 001,656,960 | R--- | M] (Creative) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\Ambfilt.sys -- (AMBFilt)
    DRV - [2008.12.02 09:56:00 | 001,389,056 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\Monfilt.sys -- (MonFilt)
    DRV - [2007.04.16 16:46:34 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)
    DRV - [2005.11.01 00:44:39 | 000,010,880 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | System | Running] -- D:\Program Files\TGTSoft\StyleXP\StyleXPHelper.exe -- (StyleXPHelper)
    DRV - [2004.08.10 17:05:44 | 000,014,240 | ---- | M] (Sygate Technologies, Inc.) [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\wg6n.sys -- (wg6n)
    DRV - [2004.08.10 17:05:42 | 000,014,240 | ---- | M] (Sygate Technologies, Inc.) [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\wg5n.sys -- (wg5n)
    DRV - [2004.08.10 17:05:42 | 000,014,240 | ---- | M] (Sygate Technologies, Inc.) [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\wg4n.sys -- (wg4n)
    DRV - [2004.08.10 17:05:42 | 000,014,240 | ---- | M] (Sygate Technologies, Inc.) [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\wg3n.sys -- (wg3n)
    DRV - [2004.08.10 16:53:14 | 000,021,075 | ---- | M] (Sygate Technologies, Inc.) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\wpsdrvnt.sys -- (wpsdrvnt)
    DRV - [2004.08.10 16:51:30 | 000,059,984 | ---- | M] (Sygate Technologies, Inc.) [Kernel | Boot | Running] -- D:\WINDOWS\system32\drivers\Teefer.sys -- (Teefer)


    ========== Standard Registry (All) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = D:\WINDOWS\system32\blank.htm
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
    IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}


    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



    IE - HKU\S-1-5-21-842925246-1454471165-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = D:\WINDOWS\system32\blank.htm
    IE - HKU\S-1-5-21-842925246-1454471165-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    IE - HKU\S-1-5-21-842925246-1454471165-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/
    IE - HKU\S-1-5-21-842925246-1454471165-725345543-1003\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - No CLSID value found
    IE - HKU\S-1-5-21-842925246-1454471165-725345543-1003\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - D:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
    IE - HKU\S-1-5-21-842925246-1454471165-725345543-1003\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKU\S-1-5-21-842925246-1454471165-725345543-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
    IE - HKU\S-1-5-21-842925246-1454471165-725345543-1003\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3220468
    IE - HKU\S-1-5-21-842925246-1454471165-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKU\S-1-5-21-842925246-1454471165-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

    ========== FireFox ==========

    FF - prefs.js..browser.startup.homepage: "http://fi-fi.facebook.com/"
    FF - prefs.js..extensions.enabledAddons: gmailwatcher%40sonthakit:1.57
    FF - prefs.js..extensions.enabledAddons: %7Bd47a9f51-8281-43fa-f450-f28ef8735e9a%7D:2.1.1
    FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
    FF - user.js - File not found

    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: D:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: D:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: d:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: D:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: d:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2010.09.05 13:06:17 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2013.04.12 10:55:42 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2013.04.13 09:26:12 | 000,000,000 | ---D | M]

    [2010.09.03 22:55:30 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\odie\Application Data\Mozilla\Extensions
    [2010.09.03 22:55:30 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\odie\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
    [2013.03.23 22:16:21 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\odie\Application Data\Mozilla\Firefox\Profiles\4aecbmbb.default-1347798560546\extensions
    [2013.03.20 13:01:36 | 000,226,606 | ---- | M] () (No name found) -- D:\Documents and Settings\odie\Application Data\Mozilla\Firefox\Profiles\4aecbmbb.default-1347798560546\extensions\gmailwatcher@sonthakit.xpi
    [2013.03.23 22:16:20 | 000,221,336 | ---- | M] () (No name found) -- D:\Documents and Settings\odie\Application Data\Mozilla\Firefox\Profiles\4aecbmbb.default-1347798560546\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
    [2012.09.16 19:31:39 | 000,088,908 | ---- | M] () (No name found) -- D:\Documents and Settings\odie\Application Data\Mozilla\Firefox\Profiles\4aecbmbb.default-1347798560546\extensions\{d47a9f51-8281-43fa-f450-f28ef8735e9a}.xpi
    [2013.04.12 10:55:36 | 000,000,000 | ---D | M] (No name found) -- D:\Program Files\Mozilla Firefox\extensions
    [2013.04.12 10:55:42 | 000,000,000 | ---D | M] (Default) -- D:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    [2013.04.12 10:55:42 | 000,263,064 | ---- | M] (Mozilla Foundation) -- D:\Program Files\mozilla firefox\components\browsercomps.dll
    [2003.07.15 06:56:52 | 000,013,888 | ---- | M] (Microsoft Corporation) -- D:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL
    [2013.02.16 01:04:52 | 000,208,448 | ---- | M] (Adobe Systems Inc.) -- D:\Program Files\mozilla firefox\plugins\nppdf32.dll
    [2012.12.21 23:34:16 | 000,159,744 | ---- | M] (Apple Inc.) -- D:\Program Files\mozilla firefox\plugins\npqtplugin.dll
    [2012.12.21 23:34:16 | 000,159,744 | ---- | M] (Apple Inc.) -- D:\Program Files\mozilla firefox\plugins\npqtplugin2.dll
    [2012.12.21 23:34:16 | 000,159,744 | ---- | M] (Apple Inc.) -- D:\Program Files\mozilla firefox\plugins\npqtplugin3.dll
    [2012.12.21 23:34:16 | 000,159,744 | ---- | M] (Apple Inc.) -- D:\Program Files\mozilla firefox\plugins\npqtplugin4.dll
    [2012.12.21 23:34:16 | 000,159,744 | ---- | M] (Apple Inc.) -- D:\Program Files\mozilla firefox\plugins\npqtplugin5.dll
    [2012.12.21 23:34:16 | 000,159,744 | ---- | M] (Apple Inc.) -- D:\Program Files\mozilla firefox\plugins\npqtplugin6.dll
    [2012.12.21 23:34:16 | 000,159,744 | ---- | M] (Apple Inc.) -- D:\Program Files\mozilla firefox\plugins\npqtplugin7.dll
    [2010.06.29 07:01:22 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- D:\Program Files\mozilla firefox\plugins\npwachk.dll
    [2012.09.06 07:49:33 | 000,002,465 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\bing.xml
    [2012.12.06 12:31:41 | 000,002,275 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\bookplus-fi.xml
    [2012.12.06 12:31:41 | 000,001,185 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\eBay-fi.xml
    [2013.01.11 15:19:23 | 000,002,669 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\google.xml
    [2012.12.06 12:31:41 | 000,001,396 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\wikipedia-fi.xml
    [2012.12.06 12:31:41 | 000,001,313 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\yahoo-fi.xml

    O1 HOSTS File: ([2001.10.09 15:00:00 | 000,000,665 | ---- | M]) - D:\WINDOWS\system32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
    O2 - BHO: (no name) - {687578b9-7132-4a7a-80e4-30ee31099e03} - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - {687578b9-7132-4a7a-80e4-30ee31099e03} - No CLSID value found.
    O3 - HKU\S-1-5-21-842925246-1454471165-725345543-1003\..\Toolbar\ShellBrowser: (&Lähiosoite) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - D:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
    O3 - HKU\S-1-5-21-842925246-1454471165-725345543-1003\..\Toolbar\WebBrowser: (&Lähiosoite) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - D:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
    O3 - HKU\S-1-5-21-842925246-1454471165-725345543-1003\..\Toolbar\WebBrowser: (&Linkit) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - D:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
    O4 - HKLM..\Run: [Adobe ARM] D:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [APSDaemon] D:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
    O4 - HKLM..\Run: [avast5] D:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
    O4 - HKLM..\Run: [CTSyncService] D:\Program Files\InstallShield Installation Information\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}\AMBSPISyncService.exe (Creative Technology Ltd)
    O4 - HKLM..\Run: [HDAudDeck] D:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe (VIA Technologies, Inc.)
    O4 - HKLM..\Run: [iTunesHelper] D:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
    O4 - HKLM..\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
    O4 - HKLM..\Run: [NUSB3MON] C:\Program Files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
    O4 - HKLM..\Run: [OODefragTray] D:\WINDOWS\system32\oodtray.exe (O&O Software GmbH)
    O4 - HKLM..\Run: [QuickTime Task] D:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
    O4 - HKLM..\Run: [SmcService] D:\Program Files\Sygate\SPF\Smc.exe (Sygate Technologies, Inc.)
    O4 - HKLM..\Run: [StartCCC] D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
    O4 - HKLM..\Run: [UpdReg] D:\WINDOWS\Updreg.EXE (Creative Technology Ltd.)
    O4 - HKLM..\Run: [VolPanel] D:\Program Files\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
    O4 - HKU\.DEFAULT..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-18..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-19..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-20..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-21-842925246-1454471165-725345543-1003..\Run: [ASRockIES] File not found
    O4 - HKU\S-1-5-21-842925246-1454471165-725345543-1003..\Run: [ASRockOCTuner] File not found
    O4 - HKU\S-1-5-21-842925246-1454471165-725345543-1003..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-21-842925246-1454471165-725345543-1003..\Run: [CursorXP] D:\Program Files\CursorXP\CursorXP.exe ( )
    O4 - HKU\S-1-5-21-842925246-1454471165-725345543-1003..\Run: [Spotify] D:\Program Files\Spotify\Spotify.exe (Spotify Ltd)
    O4 - HKU\S-1-5-21-842925246-1454471165-725345543-1003..\Run: [Spotify Web Helper] D:\Program Files\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
    O4 - HKU\S-1-5-21-842925246-1454471165-725345543-1003..\Run: [STYLEXP] D:\Program Files\TGTSoft\StyleXP\StyleXP.exe ()
    O4 - HKU\S-1-5-21-842925246-1454471165-725345543-1003..\Run: [zASRockInstantBoot] File not found
    O4 - Startup: D:\Documents and Settings\All Users\Käynnistä-valikko\Ohjelmat\Käynnistys\CD Art Display.lnk = D:\Program Files\CD Art Display\CAD.exe (CD Art Display)
    O4 - Startup: D:\Documents and Settings\odie\Käynnistä-valikko\Ohjelmat\Käynnistys\Adobe Gamma.lnk = D:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
    O4 - Startup: D:\Documents and Settings\odie\Käynnistä-valikko\Ohjelmat\Käynnistys\Stardock ObjectDock.lnk = D:\Program Files\Stardock\ObjectDock\ObjectDock.exe (Stardock)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-21-842925246-1454471165-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O8 - Extra context menu item: Vie Microsoft E&xceliin - D:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
    O9 - Extra Button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - D:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - D:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - D:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - D:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - D:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - D:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - D:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - D:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - D:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - D:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - D:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - D:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - D:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - D:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - D:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - D:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - D:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.241.198.245 62.241.198.246
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9E2379E5-A833-4CCF-BEDD-752428642931}: DhcpNameServer = 62.241.198.245 62.241.198.246
    O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - D:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
    O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - D:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
    O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - D:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
    O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - D:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
    O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - D:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
    O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - D:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
    O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - D:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
    O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - D:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - D:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - D:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
    O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - D:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - D:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\ipp - No CLSID value found
    O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - D:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - D:\WINDOWS\system32\itss.dll (Microsoft Corporation)
    O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - D:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
    O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - D:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
    O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - D:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
    O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - D:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
    O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - D:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
    O18 - Protocol\Handler\msdaipp - No CLSID value found
    O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - D:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - D:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - D:\WINDOWS\system32\itss.dll (Microsoft Corporation)
    O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - D:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - D:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
    O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - D:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
    O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - D:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
    O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - D:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
    O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - D:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
    O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - D:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
    O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - D:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
    O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - D:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
    O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - D:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
    O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - D:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
    O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - D:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
    O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - D:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
    O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - D:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
    O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - D:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - D:\WINDOWS\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (D:\WINDOWS\system32\userinit.exe) - D:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UIHost - (logonui.exe) - D:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - D:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - D:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
    O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - D:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
    O20 - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - D:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
    O20 - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - D:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
    O20 - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - D:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
    O20 - Winlogon\Notify\MCPClient: DllName - (D:\PROGRA~1\COMMON~1\Stardock\mcpstub.dll) - D:\Program Files\Common Files\Stardock\MCPStub.dll (Stardock)
    O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - D:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
    O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - D:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
    O20 - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - D:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
    O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - D:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
    O20 - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - D:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
    O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - D:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
    O21 - SSODL: 0aMCPClient - {F5DF91F9-15E9-416B-A7C3-7519B11ECBFC} - D:\Program Files\Common Files\Stardock\MCPCore.dll (Stardock)
    O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - D:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
    O21 - SSODL: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - D:\Program Files\Stardock\Object Desktop\IconPackager\iprepair.dll (Stardock.net, Inc)
    O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - D:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
    O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - D:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - D:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
    O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - D:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
    O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - D:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
    O24 - Desktop Components:0 (Nykyinen kotisivu) - About:Home
    O24 - Desktop WallPaper: D:\Documents and Settings\odie\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O24 - Desktop BackupWallPaper: D:\Documents and Settings\odie\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - D:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
    O29 - HKLM SecurityProviders - (msapsspc.dll) - D:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
    O29 - HKLM SecurityProviders - (schannel.dll) - D:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
    O29 - HKLM SecurityProviders - (digest.dll) - D:\WINDOWS\System32\digest.dll (Microsoft Corporation)
    O29 - HKLM SecurityProviders - (msnsspc.dll) - D:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
    O30 - LSA: Authentication Packages - (msv1_0) - D:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
    O30 - LSA: Security Packages - (kerberos) - D:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
    O30 - LSA: Security Packages - (msv1_0) - D:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
    O30 - LSA: Security Packages - (schannel) - D:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
    O30 - LSA: Security Packages - (wdigest) - D:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
    O31 - SafeBoot: AlternateShell - cmd.exe
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2010.09.03 22:21:05 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
    O33 - MountPoints2\{d72e3896-c19c-11df-a6d1-002522522cce}\Shell\Shell00\Command - "" = G:\Start.exe
    O34 - HKLM BootExecute: (autocheck autochk *)
    O34 - HKLM BootExecute: (OODBS)
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

    ========== Files/Folders - Created Within 30 Days ==========

    [2013.04.14 19:24:28 | 000,602,112 | ---- | C] (OldTimer Tools) -- D:\Documents and Settings\odie\Työpöytä\OTL.exe
    [2013.04.14 18:56:20 | 000,326,144 | ---- | C] (AVAST Software) -- D:\Documents and Settings\odie\Työpöytä\aswclear.exe
    [2013.04.14 12:36:38 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\Licenses
    [2013.04.14 12:33:45 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\odie\Recent
    [2013.04.12 10:55:35 | 000,000,000 | ---D | C] -- D:\Program Files\Mozilla Firefox
    [3 D:\WINDOWS\*.tmp files -> D:\WINDOWS\*.tmp -> ]
    [2 D:\WINDOWS\System32\*.tmp files -> D:\WINDOWS\System32\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2013.04.14 19:24:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\odie\Työpöytä\OTL.exe
    [2013.04.14 19:06:05 | 000,493,360 | ---- | M] () -- D:\WINDOWS\System32\perfh009.dat
    [2013.04.14 19:06:05 | 000,468,586 | ---- | M] () -- D:\WINDOWS\System32\perfh00B.dat
    [2013.04.14 19:06:05 | 000,100,620 | ---- | M] () -- D:\WINDOWS\System32\perfc00B.dat
    [2013.04.14 19:06:05 | 000,083,904 | ---- | M] () -- D:\WINDOWS\System32\perfc009.dat
    [2013.04.14 18:57:32 | 000,002,048 | --S- | M] () -- D:\WINDOWS\bootstat.dat
    [2013.04.14 18:57:25 | 002,289,661 | ---- | M] () -- D:\WINDOWS\System32\oodbs.lor
    [2013.04.14 18:56:21 | 000,326,144 | ---- | M] (AVAST Software) -- D:\Documents and Settings\odie\Työpöytä\aswclear.exe
    [2013.04.13 17:30:14 | 000,147,456 | ---- | M] () -- D:\Documents and Settings\odie\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2013.04.13 17:29:00 | 000,000,284 | ---- | M] () -- D:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [2013.04.13 10:01:30 | 000,000,116 | ---- | M] () -- D:\WINDOWS\NeroDigital.ini
    [2013.04.12 10:07:06 | 000,002,206 | ---- | M] () -- D:\WINDOWS\System32\wpa.dbl
    [2013.04.04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- D:\WINDOWS\System32\drivers\mbam.sys
    [3 D:\WINDOWS\*.tmp files -> D:\WINDOWS\*.tmp -> ]
    [2 D:\WINDOWS\System32\*.tmp files -> D:\WINDOWS\System32\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2013.04.13 09:25:47 | 000,002,347 | ---- | C] () -- D:\Documents and Settings\All Users\Käynnistä-valikko\Ohjelmat\Adobe Reader XI.lnk
    [2012.10.29 21:05:44 | 000,139,968 | ---- | C] () -- D:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
    [2012.06.21 17:04:52 | 000,407,368 | ---- | C] () -- D:\WINDOWS\System32\drivers\SRS_AE_i386.sys
    [2011.05.10 17:45:34 | 000,000,000 | ---- | C] () -- D:\Documents and Settings\odie\Application Data\chrtmp
    [2010.09.23 08:23:55 | 000,000,514 | ---- | C] () -- D:\Documents and Settings\odie\Application Data\Poladroid prefs.plist
    [2010.09.04 05:54:24 | 000,147,456 | ---- | C] () -- D:\Documents and Settings\odie\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

    ========== ZeroAccess Check ==========

    [2010.09.03 22:28:22 | 000,000,227 | RHS- | M] () -- D:\WINDOWS\assembly\Desktop.ini

    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shdocvw.dll -- [2010.04.16 18:38:01 | 001,505,792 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = D:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 13:20:31 | 000,473,088 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
    "" = D:\WINDOWS\system32\wbem\wbemess.dll -- [2004.09.14 16:12:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both

    ========== LOP Check ==========

    [2012.12.21 23:37:31 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
    [2010.09.04 23:07:56 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Alias
    [2012.03.07 20:22:35 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Alwil Software
    [2012.04.07 10:57:28 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\AVAST Software
    [2012.11.04 12:12:29 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\DFX
    [2013.04.14 12:36:38 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Licenses
    [2012.06.27 19:05:12 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Splashtop
    [2013.04.14 12:37:22 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\TEMP
    [2010.09.04 18:58:52 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
    [2010.09.04 00:09:59 | 000,000,000 | -H-D | M] -- D:\Documents and Settings\All Users\Application Data\{8CC5CF4A-124E-41BA-B58C-A41F05BE09CC}
    [2010.09.04 23:07:57 | 000,000,000 | ---D | M] -- D:\Documents and Settings\odie\Application Data\Alias
    [2013.04.06 17:40:15 | 000,000,000 | ---D | M] -- D:\Documents and Settings\odie\Application Data\BSplayer PRO
    [2012.02.12 21:03:48 | 000,000,000 | ---D | M] -- D:\Documents and Settings\odie\Application Data\Red Alert 3
    [2013.04.14 19:05:09 | 000,000,000 | ---D | M] -- D:\Documents and Settings\odie\Application Data\Spotify
    [2013.04.13 23:29:42 | 000,000,000 | ---D | M] -- D:\Documents and Settings\odie\Application Data\uTorrent
    [2010.11.03 22:30:25 | 000,000,000 | ---D | M] -- D:\Documents and Settings\odie\Application Data\VoddlerPlayer.22AA32E1C519F8FB77514A36DC6C2AE2C623240F.1

    ========== Purity Check ==========



    ========== Alternate Data Streams ==========

    @Alternate Data Stream - 119 bytes -> D:\Documents and Settings\All Users\Application Data\TEMP:5C321E34

    < End of report >
     
  2. odie01

    odie01 Regular member

    Joined:
    Oct 31, 2004
    Messages:
    299
    Likes Received:
    0
    Trophy Points:
    26
    Osaisiko joku auttaa?
     

Share This Page