Jump to content

Can someone check my logs?


Guest TheAncientWitch

Recommended Posts

Guest TheAncientWitch

Here are my log files. I would appreciate if someone can take a look if theres something malicious in them...

DDS (Ver_2012-11-07.01) - NTFS_x86

Internet Explorer: 8.0.6001.18702

Run by Mikko at 18:29:00 on 2012-11-13

Microsoft Windows XP Home Edition 5.1.2600.3.1252.358.1035.18.1791.832 [GMT 2:00]

.

AV: digital-defender Antivirus *Enabled/Updated* {F16C9013-991A-461a-A680-841CCEE65E7D}

.

============== Running Processes ================

.

.

============== Pseudo HJT Report ===============

.

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

mRun: [NokiaInternetModem_AppStart.exe] "c:\program files\nokia\nokia internet modem\nokiainternetmodem_appstart.exe" "-start" "c:\program files\nokia\nokia internet modem\NokiaInternetModem.exe"

mRun: [soundMan] SOUNDMAN.EXE

mRun: [startCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun

mRun: [Ad-Aware Browsing Protection] "c:\documents and settings\all users.windows\application data\ad-aware browsing protection\adawarebp.exe"

mRun: [AVTray] c:\program files\digital-defender antivirus\AVTray.exe

dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE

uPolicies-Explorer: NoDriveTypeAutoRun = dword:323

uPolicies-Explorer: NoDriveAutoRun = dword:67108863

uPolicies-Explorer: NoDrives = dword:0

mPolicies-Explorer: NoDriveAutoRun = dword:67108863

mPolicies-Explorer: NoDriveTypeAutoRun = dword:323

mPolicies-Explorer: NoDrives = dword:0

mPolicies-Explorer: NoDriveTypeAutoRun = dword:323

mPolicies-Explorer: NoDriveAutoRun = dword:67108863

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1351692344162

DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1352622269750

TCP: Interfaces\{BE7C26E0-F411-4C62-B671-22DA50AD0602} : NameServer = 62.241.198.245 62.241.198.246

Notify: AtiExtEvent - Ati2evxx.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\mikko\application data\mozilla\firefox\profiles\kv8hk0n4.default\

FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll

FF - plugin: c:\program files\tracker software\pdf viewer\npPDFXCviewNPPlugin.dll

FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_4_402_287.dll

FF - ExtSQL: 2012-11-11 16:05; jid1-yZwVFzbsyfMrqQ@jetpack; c:\documents and settings\mikko\application data\mozilla\firefox\profiles\kv8hk0n4.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack

.

============= SERVICES / DRIVERS ===============

.

R1 a2util;a-squared Malware-IDS utility driver;c:\program files\digital-defender antivirus\a2util32.sys [2012-9-13 11776]

R1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO32.SYS [2012-11-1 21624]

R2 AV Assistant Service;digital-defender AV Assistant Service;c:\program files\digital-defender antivirus\AVAssistant.exe [2012-10-4 837792]

R2 AV Scanning Service;digital-defender AV Scanning Service;c:\program files\digital-defender antivirus\AVScanningService.exe [2012-10-4 1339008]

R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-11-11 399432]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-11-11 676936]

R3 AVFSFilter;AVFSFilter;c:\windows\system32\drivers\avfsfilter.sys [2012-9-7 10264]

R3 cpuz135;cpuz135;c:\docume~1\mikko\locals~1\temp\cpuz135\cpuz135_x32.sys [2012-11-13 24328]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-11-11 22856]

R3 nokia_cs1x_cdc_acm;Nokia Internet Stick CDC-ACM driver;c:\windows\system32\drivers\nokia_cs1x_cdc_acm.sys [2010-4-22 85888]

R3 nokia_cs1x_dc_enum;Nokia Internet Stick DC Enumerator;c:\windows\system32\drivers\nokia_cs1x_dc_enum.sys [2010-4-22 81408]

RUnknown a2injectiondriver;a2injectiondriver; [x]

S1 SBRE;SBRE;\??\c:\windows\system32\drivers\sbredrv.sys --> c:\windows\system32\drivers\SBREdrv.sys [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S3 nokia_cs1x_cpo;Nokia Internet Stick Mass Storage Device;c:\windows\system32\drivers\nokia_cs1x_cpo.sys [2010-4-22 9856]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

.

=============== Created Last 30 ================

.

2012-11-13 15:41:10 -------- d-----w- c:\program files\Hmonitor

2012-11-13 15:19:51 -------- d-----w- c:\program files\Motherboard Monitor 5

2012-11-12 18:44:29 -------- d-----w- c:\program files\CCleaner

2012-11-12 16:12:02 -------- d-----w- c:\program files\uTorrent

2012-11-12 16:11:04 -------- d-----w- c:\documents and settings\mikko\application data\uTorrent

2012-11-12 15:37:46 -------- d-----w- c:\program files\MWSnap

2012-11-12 10:44:49 -------- d-----w- c:\program files\SecurityXploded

2012-11-12 09:50:01 -------- d-----w- c:\program files\UnHackMe

2012-11-12 09:42:49 171136 ----a-w- c:\program files\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll

2012-11-12 09:42:35 -------- d-----w- c:\program files\Tracker Software

2012-11-12 08:14:21 -------- d-----w- c:\documents and settings\all users.windows\application data\clp

2012-11-12 08:12:12 -------- d-----w- c:\documents and settings\all users.windows\application data\DigitalDefender

2012-11-12 08:11:55 -------- d-----w- c:\program files\digital-defender Antivirus

2012-11-12 07:37:40 -------- d-----w- c:\documents and settings\mikko\local settings\application data\Help

2012-11-11 15:01:26 -------- d-----w- c:\documents and settings\mikko\application data\LavasoftStatistics

2012-11-11 14:32:42 -------- d-----w- c:\documents and settings\mikko\local settings\application data\Downloaded Installations

2012-11-11 14:05:23 -------- d-----w- c:\documents and settings\mikko\local settings\application data\adawarebp

2012-11-11 14:05:23 -------- d-----w- c:\documents and settings\all users.windows\application data\blekko toolbars

2012-11-11 14:05:19 -------- d-----w- c:\documents and settings\all users.windows\application data\Ad-Aware Browsing Protection

2012-11-11 14:05:15 -------- d-----w- c:\program files\adawaretb

2012-11-11 14:05:15 -------- d-----w- c:\documents and settings\mikko\application data\adawaretb

2012-11-11 14:05:13 -------- d-----w- c:\program files\Toolbar Cleaner

2012-11-11 11:44:40 -------- d-----w- c:\documents and settings\all users.windows\application data\RegRun

2012-11-11 11:38:36 2 --shatr- c:\windows\winstart.bat

2012-11-11 11:38:27 -------- d-----w- c:\program files\Greatis

2012-11-11 07:31:10 -------- d-----w- c:\documents and settings\mikko\application data\Malwarebytes

2012-11-11 07:30:57 -------- d-----w- c:\documents and settings\all users.windows\application data\Malwarebytes

2012-11-11 07:30:56 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-11-11 07:30:56 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2012-11-11 07:28:43 222448 ----a-w- c:\windows\system32\muweb.dll

2012-11-11 07:28:42 275696 ----a-w- c:\windows\system32\mucltui.dll

2012-11-11 07:28:42 17648 ----a-w- c:\windows\system32\mucltui.dll.mui

2012-11-10 18:11:09 -------- d-sh--w- c:\documents and settings\mikko\PrivacIE

2012-11-10 17:16:35 237072 ------w- c:\windows\system32\MpSigStub.exe

2012-11-10 15:40:31 98816 ----a-w- c:\windows\sed.exe

2012-11-10 15:40:31 256000 ----a-w- c:\windows\PEV.exe

2012-11-10 15:40:31 208896 ----a-w- c:\windows\MBR.exe

2012-11-10 14:45:18 0 ----a-w- c:\windows\ativpsrm.bin

2012-11-10 11:27:20 593920 ------w- c:\windows\system32\ati2sgag.exe

2012-11-04 19:52:55 -------- d-----w- c:\documents and settings\mikko\application data\Ashampoo

2012-11-04 19:41:37 -------- d-----w- c:\documents and settings\mikko\local settings\application data\ashampoo

2012-11-04 19:41:36 -------- d-----w- c:\documents and settings\all users.windows\application data\ashampoo

2012-11-04 19:41:29 -------- d-----w- c:\program files\Ashampoo

2012-11-03 10:59:22 -------- d-----w- c:\documents and settings\all users.windows\application data\CPA_VA

2012-11-03 10:52:46 -------- d-----w- c:\documents and settings\all users.windows\application data\Comodo

2012-11-03 10:51:59 348160 ----a-w- c:\windows\system32\msvcr71.dll

2012-11-03 10:51:59 1700352 ----a-w- c:\windows\system32\gdiplus.dll

2012-11-03 10:51:59 1060864 ----a-w- c:\windows\system32\mfc71.dll

2012-11-02 14:57:34 -------- d-----w- c:\documents and settings\mikko\local settings\application data\Google

2012-11-02 14:31:44 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-11-02 14:31:43 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-11-01 17:40:02 21624 ----a-w- c:\windows\system32\drivers\HWiNFO32.SYS

2012-11-01 17:39:50 -------- d-----w- c:\program files\HWiNFO32

2012-11-01 16:59:58 10528768 ----a-w- c:\windows\system32\RTLCPL.exe

2012-11-01 16:59:56 577536 ----a-w- c:\windows\soundman.exe

2012-11-01 16:59:56 4122368 ----a-w- c:\windows\system32\drivers\alcxwdm.sys

2012-11-01 16:59:56 18804736 ----a-w- c:\windows\system32\alsndmgr.cpl

2012-11-01 16:59:56 147456 ----a-w- c:\windows\system32\RtlCPAPI.dll

2012-11-01 16:59:55 315392 ----a-w- c:\windows\alcupd.exe

2012-11-01 16:59:55 217088 ----a-w- c:\windows\Alcrmv.exe

2012-11-01 16:32:49 331184 ------w- c:\windows\system32\difxapi.dll

2012-11-01 15:58:13 -------- d-----w- c:\documents and settings\mikko\local settings\application data\SlimWare Utilities Inc

2012-11-01 15:53:44 -------- d-----w- c:\program files\SlimDrivers

2012-10-31 16:12:33 -------- d-sh--w- c:\documents and settings\mikko\IETldCache

2012-10-31 15:47:26 521728 -c----w- c:\windows\system32\dllcache\jsdbgui.dll

2012-10-31 15:45:41 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll

2012-10-31 15:45:41 630272 -c----w- c:\windows\system32\dllcache\msfeeds.dll

2012-10-31 15:45:41 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll

2012-10-31 15:45:41 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll

2012-10-31 15:45:41 2000384 -c----w- c:\windows\system32\dllcache\iertutil.dll

2012-10-31 15:45:41 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll

2012-10-31 15:45:41 11111424 -c----w- c:\windows\system32\dllcache\ieframe.dll

2012-10-31 15:31:44 3072 ----a-w- c:\windows\system32\drivers\audstub.sys

2012-10-31 15:31:05 57472 ----a-w- c:\windows\system32\drivers\redbook.sys

2012-10-31 15:30:33 10624 ----a-w- c:\windows\system32\drivers\gameenum.sys

2012-10-31 15:30:29 44672 ----a-w- c:\windows\system32\drivers\UAGP35.SYS

2012-10-31 15:30:12 20992 ----a-w- c:\windows\system32\drivers\RTL8139.sys

2012-10-31 15:30:00 6400 ----a-w- c:\windows\system32\drivers\enum1394.sys

2012-10-31 15:29:55 74240 ----a-w- c:\windows\system32\usbui.dll

2012-10-31 15:18:24 -------- d--h--w- c:\windows\inf

2012-10-31 15:18:24 -------- d-----w- c:\windows\system32\drivers\etc

2012-10-31 15:18:24 -------- d-----w- c:\windows\system32\drivers\disdn

2012-10-31 15:18:24 -------- d-----w- c:\windows\system32\drivers

2012-10-31 14:55:38 272128 -c----w- c:\windows\system32\dllcache\bthport.sys

2012-10-31 14:55:38 272128 ------w- c:\windows\system32\drivers\bthport.sys

2012-10-31 14:50:51 456320 -c----w- c:\windows\system32\dllcache\mrxsmb.sys

2012-10-31 14:36:23 293376 ------w- c:\windows\system32\browserchoice.exe

2012-10-31 14:22:40 2151424 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe

2012-10-31 14:22:39 2195200 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe

2012-10-31 14:22:37 2071936 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe

2012-10-31 14:22:37 2030080 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe

2012-10-31 14:20:50 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll

2012-10-31 14:20:50 3072 ------w- c:\windows\system32\iacenc.dll

2012-10-31 14:10:59 96224 ----a-w- c:\program files\mozilla firefox\nssdbm3.dll

2012-10-31 14:05:35 -------- d-sh--w- c:\documents and settings\mikko\UserData

2012-10-31 13:51:31 -------- d-----w- c:\documents and settings\mikko\local settings\application data\NokiaInternetModem

2012-10-31 13:51:08 -------- d-----w- c:\documents and settings\mikko\local settings\application data\NokiaInternetModem_AppStart

2012-10-31 13:51:03 32128 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys

2012-10-31 13:51:03 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys

2012-10-31 13:51:02 -------- d-----w- c:\documents and settings\all users.windows\application data\f-secure

2012-10-31 13:50:29 26144 ----a-w- c:\windows\system32\spupdsvc.exe

2012-10-31 13:50:29 16928 ------w- c:\windows\system32\spmsgXP_2k3.dll

2012-10-31 13:48:09 26368 -c--a-w- c:\windows\system32\dllcache\usbstor.sys

2012-10-31 13:47:07 -------- d-----r- c:\documents and settings\mikko\Omat tiedostot

2012-10-31 13:46:59 -------- d--h--w- c:\documents and settings\mikko\Verkkoympäristö

2012-10-31 13:46:59 -------- d--h--w- c:\documents and settings\mikko\Tulostinympäristö

2012-10-31 13:46:59 -------- d--h--w- c:\documents and settings\mikko\Mallit

2012-10-31 13:46:59 -------- d-----w- c:\documents and settings\mikko\Työpöytä

2012-10-31 13:46:59 -------- d-----w- c:\documents and settings\mikko\local settings\application data\Microsoft

2012-10-31 13:46:59 -------- d-----r- c:\documents and settings\mikko\Suosikit

2012-10-31 13:46:59 -------- d-----r- c:\documents and settings\mikko\Käynnistä-valikko

2012-10-31 13:41:59 33792 -c--a-w- c:\windows\system32\dllcache\lmmib2.dll

2012-10-31 13:40:52 45056 -c--a-w- c:\windows\system32\dllcache\EXCH_aqadmin.dll

2012-10-31 13:38:41 -------- d-sh--w- c:\documents and settings\all users.windows\DRM

2012-10-31 13:36:58 151040 -c--a-w- c:\windows\system32\dllcache\uploadm.exe

2012-10-31 13:35:11 83968 ----a-w- c:\program files\messenger\msgsc.dll

2012-10-31 13:34:55 605696 -c--a-w- c:\windows\system32\dllcache\getuname.dll

2012-10-30 18:07:12 -------- d-sh--w- C:\DrWeb Quarantine

2012-10-27 10:54:09 -------- d-----w- c:\program files\Five magical amulets

2012-10-27 09:12:08 -------- d-----w- c:\program files\common files\Doctor Web

2012-10-16 14:03:43 -------- d-----w- c:\program files\common files\Coranti

.

==================== Find3M ====================

.

2012-09-07 05:39:36 10264 ----a-w- c:\windows\system32\drivers\avfsfilter.sys

2012-08-28 15:18:57 916992 ----a-w- c:\windows\system32\wininet.dll

2012-08-28 15:18:51 43520 ------w- c:\windows\system32\licmgr10.dll

2012-08-28 15:18:50 1469440 ------w- c:\windows\system32\inetcpl.cpl

2012-08-28 12:07:32 385024 ------w- c:\windows\system32\html.iec

2012-08-24 13:53:17 177664 ----a-w- c:\windows\system32\wintrust.dll

2012-08-23 06:27:11 2071936 ----a-w- c:\windows\system32\ntkrnlpa.exe

2012-08-23 06:27:10 2195200 ----a-w- c:\windows\system32\ntoskrnl.exe

.

============= FINISH: 18:31:25,59 ===============

And here is the attach file attach.rar

Also see this post that i have made http://forums.malwarebytes.org/index.php?showtopic=118032

Link to post
Share on other sites

Hello TheAncientWitch! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.

Could you please click on Export button to export the results and then to attach them to your next reply here.

Link to post
Share on other sites

Guest TheAncientWitch

I could press the export button but the program seems to now crash everytime before the scan if finished and also it crashes if i stop the scan before it's finished i just got this message...

stream_armor.jpg

I dont know maybe i should try some other tool to scan for the ads.

Link to post
Share on other sites

Download OTL to your Desktop

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Please tick the Scan All users. Next, click the Quick Scan button. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic.

Link to post
Share on other sites

Guest TheAncientWitch

Here are the log files.

OTL logfile created on: 15.11.2012 10:14:22 - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Mikko\Työpöytä

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 0000040B | Country: Suomi | Language: FIN | Date Format: d.M.yyyy

1,75 Gb Total Physical Memory | 1,12 Gb Available Physical Memory | 64,07% Memory free

3,60 Gb Paging File | 3,11 Gb Available in Paging File | 86,44% Paging File free

Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 111,79 Gb Total Space | 83,47 Gb Free Space | 74,67% Space Free | Partition Type: NTFS

Computer Name: YRITYS-E6A67C9C | User Name: Mikko | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.11.15 10:02:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mikko\Työpöytä\OTL.exe

PRC - [2012.10.04 09:47:06 | 001,243,776 | ---- | M] (digital-defender) -- C:\Program Files\digital-defender Antivirus\AVTray.exe

PRC - [2012.10.04 09:46:58 | 001,339,008 | ---- | M] (digital-defender) -- C:\Program Files\digital-defender Antivirus\AVScanningService.exe

PRC - [2012.10.04 09:46:58 | 000,837,792 | ---- | M] (digital-defender) -- C:\Program Files\digital-defender Antivirus\AVAssistant.exe

PRC - [2012.09.29 19:54:26 | 000,766,536 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

PRC - [2012.09.29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

PRC - [2012.09.29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

PRC - [2012.08.08 10:17:00 | 000,540,056 | ---- | M] (Lavasoft) -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Ad-Aware Browsing Protection\adawarebp.exe

PRC - [2011.01.13 14:02:34 | 000,178,688 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia Internet Modem\NokiaInternetModem.exe

PRC - [2011.01.13 14:00:56 | 000,129,536 | ---- | M] () -- C:\Program Files\Nokia\Nokia Internet Modem\NokiaInternetModem_AppStart.exe

PRC - [2008.04.15 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2000.01.01 02:00:00 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe

========== Modules (No Company Name) ==========

MOD - [2012.02.20 20:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll

MOD - [2012.02.20 20:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll

MOD - [2011.01.13 14:01:36 | 000,195,584 | ---- | M] () -- C:\Program Files\Nokia\Nokia Internet Modem\Ressources\plugins\UISMS.gip

MOD - [2011.01.13 14:01:36 | 000,097,280 | ---- | M] () -- C:\Program Files\Nokia\Nokia Internet Modem\Ressources\plugins\VistaContactsAdapter.plugin

MOD - [2011.01.13 14:01:34 | 000,143,872 | ---- | M] () -- C:\Program Files\Nokia\Nokia Internet Modem\Ressources\plugins\UILiveUpdate.gip

MOD - [2011.01.13 14:01:34 | 000,101,888 | ---- | M] () -- C:\Program Files\Nokia\Nokia Internet Modem\Ressources\plugins\OutlookContactsAdapter.plugin

MOD - [2011.01.13 14:01:34 | 000,098,816 | ---- | M] () -- C:\Program Files\Nokia\Nokia Internet Modem\Ressources\plugins\UIFirmwareUpgrade.gip

MOD - [2011.01.13 14:01:34 | 000,072,704 | ---- | M] () -- C:\Program Files\Nokia\Nokia Internet Modem\Ressources\plugins\UIShortcut.gip

MOD - [2011.01.13 14:01:34 | 000,071,680 | ---- | M] () -- C:\Program Files\Nokia\Nokia Internet Modem\Ressources\plugins\UIEula.gip

MOD - [2011.01.13 14:01:34 | 000,069,120 | ---- | M] () -- C:\Program Files\Nokia\Nokia Internet Modem\Ressources\plugins\SmsAdapter.plugin

MOD - [2011.01.13 14:01:32 | 000,169,472 | ---- | M] () -- C:\Program Files\Nokia\Nokia Internet Modem\Ressources\plugins\IContact.gip

MOD - [2011.01.13 14:01:32 | 000,138,240 | ---- | M] () -- C:\Program Files\Nokia\Nokia Internet Modem\Ressources\plugins\GsmSettings.gip

MOD - [2011.01.13 14:01:32 | 000,129,536 | ---- | M] () -- C:\Program Files\Nokia\Nokia Internet Modem\Ressources\plugins\GsmConnect.gip

MOD - [2011.01.13 14:01:32 | 000,069,632 | ---- | M] () -- C:\Program Files\Nokia\Nokia Internet Modem\Ressources\plugins\DeviceUnlock.gip

MOD - [2011.01.13 14:01:32 | 000,051,712 | ---- | M] () -- C:\Program Files\Nokia\Nokia Internet Modem\Ressources\plugins\ModemConnection.plugin

MOD - [2011.01.13 14:01:32 | 000,026,112 | ---- | M] () -- C:\Program Files\Nokia\Nokia Internet Modem\Ressources\plugins\DiscoveryGeneric.plugin

MOD - [2011.01.13 14:01:32 | 000,017,408 | ---- | M] () -- C:\Program Files\Nokia\Nokia Internet Modem\Ressources\plugins\DiscoveryNdis.plugin

MOD - [2011.01.13 14:01:30 | 000,261,632 | ---- | M] () -- C:\Program Files\Nokia\Nokia Internet Modem\Ressources\plugins\CommonCtrls.gip

MOD - [2011.01.13 14:01:30 | 000,065,536 | ---- | M] () -- C:\Program Files\Nokia\Nokia Internet Modem\Ressources\plugins\CellBroadcast.gip

MOD - [2011.01.13 14:01:30 | 000,061,952 | ---- | M] () -- C:\Program Files\Nokia\Nokia Internet Modem\Ressources\plugins\DeviceInfo.plugin

MOD - [2011.01.13 14:01:30 | 000,051,200 | ---- | M] () -- C:\Program Files\Nokia\Nokia Internet Modem\Ressources\plugins\Browser.gip

MOD - [2011.01.13 14:01:30 | 000,050,688 | ---- | M] () -- C:\Program Files\Nokia\Nokia Internet Modem\Ressources\plugins\DeviceSimContactsAdapter.plugin

MOD - [2011.01.13 14:00:58 | 001,048,064 | ---- | M] () -- C:\Program Files\Nokia\Nokia Internet Modem\wxmsw28u_core_vc_custom.dll

MOD - [2011.01.13 14:00:58 | 000,726,528 | ---- | M] () -- C:\Program Files\Nokia\Nokia Internet Modem\wxbase28u_vc_custom.dll

MOD - [2011.01.13 14:00:58 | 000,662,016 | ---- | M] () -- C:\Program Files\Nokia\Nokia Internet Modem\UIToolkit.dll

MOD - [2011.01.13 14:00:58 | 000,272,896 | ---- | M] () -- C:\Program Files\Nokia\Nokia Internet Modem\WebClient.dll

MOD - [2011.01.13 14:00:56 | 000,476,160 | ---- | M] () -- C:\Program Files\Nokia\Nokia Internet Modem\Toolkit.dll

MOD - [2011.01.13 14:00:56 | 000,202,752 | ---- | M] () -- C:\Program Files\Nokia\Nokia Internet Modem\Sms.dll

MOD - [2011.01.13 14:00:56 | 000,147,456 | ---- | M] () -- C:\Program Files\Nokia\Nokia Internet Modem\pcre3.dll

MOD - [2011.01.13 14:00:56 | 000,129,536 | ---- | M] () -- C:\Program Files\Nokia\Nokia Internet Modem\NokiaInternetModem_AppStart.exe

MOD - [2011.01.13 14:00:56 | 000,049,664 | ---- | M] () -- C:\Program Files\Nokia\Nokia Internet Modem\Preferences.dll

MOD - [2011.01.13 14:00:54 | 000,282,112 | ---- | M] () -- C:\Program Files\Nokia\Nokia Internet Modem\Device.dll

MOD - [2011.01.13 14:00:54 | 000,246,272 | ---- | M] () -- C:\Program Files\Nokia\Nokia Internet Modem\DB.dll

MOD - [2011.01.13 14:00:54 | 000,117,248 | ---- | M] () -- C:\Program Files\Nokia\Nokia Internet Modem\Discovery.dll

MOD - [2011.01.13 14:00:54 | 000,067,584 | ---- | M] () -- C:\Program Files\Nokia\Nokia Internet Modem\Encoding.dll

MOD - [2011.01.13 14:00:54 | 000,045,568 | ---- | M] () -- C:\Program Files\Nokia\Nokia Internet Modem\DriveDetector.dll

MOD - [2011.01.13 14:00:54 | 000,012,800 | ---- | M] () -- C:\Program Files\Nokia\Nokia Internet Modem\Data.dll

MOD - [2011.01.13 14:00:52 | 000,179,712 | ---- | M] () -- C:\Program Files\Nokia\Nokia Internet Modem\Contacts.dll

MOD - [2011.01.13 14:00:52 | 000,124,416 | ---- | M] () -- C:\Program Files\Nokia\Nokia Internet Modem\Connection.dll

MOD - [2011.01.13 14:00:52 | 000,084,480 | ---- | M] () -- C:\Program Files\Nokia\Nokia Internet Modem\ComCore.dll

MOD - [2011.01.13 14:00:52 | 000,039,424 | ---- | M] () -- C:\Program Files\Nokia\Nokia Internet Modem\CommonPims.dll

========== Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)

SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)

SRV - [2012.11.02 16:31:45 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2012.10.24 19:49:17 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2012.10.04 09:46:58 | 001,339,008 | ---- | M] () [Auto | Running] -- C:/Program Files/digital-defender Antivirus/AVScanningService.exe -- (AV Scanning Service)

SRV - [2012.10.04 09:46:58 | 000,837,792 | ---- | M] () [Auto | Running] -- C:/Program Files/digital-defender Antivirus/AVAssistant.exe -- (AV Assistant Service)

SRV - [2012.09.29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)

SRV - [2012.09.29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)

DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\SBREdrv.sys -- (SBRE)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)

DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)

DRV - File not found [Kernel | Boot | Unknown] -- system32\drivers\Partizan.sys -- (Partizan)

DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)

DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)

DRV - File not found [Kernel | System | Stopped] -- -- (Changer)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Mikko\LOCALS~1\Temp\catchme.sys -- (catchme)

DRV - [2012.11.13 20:08:56 | 000,019,920 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\MANDIANT\Memoryze\mktools.sys -- (Mandiant_Tools)

DRV - [2012.11.13 17:20:48 | 000,024,328 | ---- | M] (CPUID) [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\Mikko\Local Settings\Temp\cpuz135\cpuz135_x32.sys -- (cpuz135)

DRV - [2012.11.01 19:40:02 | 000,021,624 | ---- | M] (REALiX) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\HWiNFO32.SYS -- (HWiNFO32)

DRV - [2012.09.29 19:54:26 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)

DRV - [2012.09.13 08:32:36 | 000,041,928 | ---- | M] (Emsi Software GmbH) [File_System | System | Running] -- C:\Program Files\digital-defender Antivirus\a2dix86.sys -- (a2injectiondriver)

DRV - [2012.09.13 08:32:36 | 000,011,776 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- C:\Program Files\digital-defender Antivirus\a2util32.sys -- (a2util)

DRV - [2012.09.07 07:39:36 | 000,010,264 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avfsfilter.sys -- (AVFSFilter)

DRV - [2010.04.22 15:07:24 | 000,085,888 | ---- | M] (Nokia) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nokia_cs1x_cdc_acm.sys -- (nokia_cs1x_cdc_acm)

DRV - [2010.04.22 15:07:24 | 000,081,408 | ---- | M] (Nokia) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nokia_cs1x_dc_enum.sys -- (nokia_cs1x_dc_enum)

DRV - [2010.04.22 15:07:24 | 000,009,856 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nokia_cs1x_cpo.sys -- (nokia_cs1x_cpo)

DRV - [2010.02.11 09:38:10 | 003,565,056 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)

DRV - [2008.04.13 13:45:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)

DRV - [2008.04.13 11:35:40 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139)

DRV - [2000.01.01 02:00:00 | 004,122,368 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-842925246-573735546-1417001333-1004\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-842925246-573735546-1417001333-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC

IE - HKU\S-1-5-21-842925246-573735546-1417001333-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)

FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.11.11 16:05:24 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.11.12 11:42:49 | 000,000,000 | ---D | M]

[2012.10.31 16:11:27 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mikko\Application Data\Mozilla\Extensions

[2012.11.11 16:05:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mikko\Application Data\Mozilla\Firefox\Profiles\kv8hk0n4.default\extensions

[2012.11.11 16:05:11 | 000,000,000 | ---D | M] (Lavasoft Search Plugin) -- C:\Documents and Settings\Mikko\Application Data\Mozilla\Firefox\Profiles\kv8hk0n4.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack

[2012.10.31 16:11:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2012.10.24 19:50:04 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll

[2012.10.11 10:48:18 | 000,171,136 | ---- | M] (Tracker Software Products (Canada) Ltd.) -- C:\Program Files\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll

[2012.10.24 20:41:53 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

[2012.10.24 20:41:53 | 000,002,062 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bookplus-fi.xml

[2012.10.24 20:41:53 | 000,000,972 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-fi.xml

[2012.10.24 20:41:53 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fi.xml

[2012.10.24 20:41:53 | 000,001,100 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-fi.xml

========== Chrome ==========

CHR - homepage:

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}

CHR - homepage:

CHR - Extension: Gmail = C:\Documents and Settings\Mikko\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\

CHR - Extension: Gmail = C:\Documents and Settings\Mikko\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\

CHR - Extension: Gmail = C:\Documents and Settings\Mikko\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2008.04.15 14:00:00 | 000,000,665 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\Documents and Settings\All Users.WINDOWS\Application Data\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)

O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [AVTray] C:\Program Files\digital-defender Antivirus\AVTray.exe (digital-defender)

O4 - HKLM..\Run: [NokiaInternetModem_AppStart.exe] C:\Program Files\Nokia\Nokia Internet Modem\NokiaInternetModem_AppStart.exe ()

O4 - HKLM..\Run: [soundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKLM..\RunOnceEx: [Flags] Reg Error: Invalid data type. File not found

O4 - HKLM..\RunOnceEx: [Title] UnHackMe Rootkit Check File not found

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-842925246-573735546-1417001333-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-21-842925246-573735546-1417001333-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKU\S-1-5-21-842925246-573735546-1417001333-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKU\S-1-5-21-842925246-573735546-1417001333-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1351692344162 (WUWebControl Class)

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1352622269750 (MUWebControl Class)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BE7C26E0-F411-4C62-B671-22DA50AD0602}: NameServer = 62.241.198.245 62.241.198.246

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)

O24 - Desktop Components:0 (Nykyinen kotisivu) - About:Home

O24 - Desktop WallPaper: C:\Documents and Settings\Mikko\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\Mikko\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2004.05.26 09:24:41 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *)

O34 - HKLM BootExecute: (MACHINE BootExecut)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = ComFile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012.11.15 10:01:57 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Mikko\Työpöytä\OTL.exe

[2012.11.14 16:01:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikko\Local Settings\Application Data\Apple Computer

[2012.11.14 16:01:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikko\Application Data\Apple Computer

[2012.11.14 16:01:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Käynnistä-valikko\Ohjelmat\iTunes

[2012.11.14 15:59:44 | 000,000,000 | ---D | C] -- C:\Program Files\iPod

[2012.11.14 15:59:35 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes

[2012.11.14 15:59:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple Computer

[2012.11.14 15:59:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1

[2012.11.14 15:59:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikko\Local Settings\Application Data\Apple

[2012.11.14 15:58:55 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update

[2012.11.14 15:57:32 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour

[2012.11.14 15:56:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple

[2012.11.14 13:54:31 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Mikko\Recent

[2012.11.14 12:49:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikko\Omat tiedostot\StreamArmor_v1

[2012.11.14 12:48:04 | 000,494,510 | ---- | C] (UltraDefrag Development Team) -- C:\Documents and Settings\Mikko\Omat tiedostot\ultradefrag-5.1.1.bin.i386.exe

[2012.11.14 10:48:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikko\Työpöytä\RK_Quarantine

[2012.11.14 10:13:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikko\Työpöytä\alternatestreamview

[2012.11.13 20:14:44 | 008,349,632 | ---- | C] (SurfRight B.V.) -- C:\Documents and Settings\Mikko\Työpöytä\HitmanPro36.exe

[2012.11.13 20:08:48 | 000,000,000 | ---D | C] -- C:\Program Files\MANDIANT

[2012.11.13 20:08:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\MANDIANT

[2012.11.13 20:08:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikko\Työpöytä\Memoryze

[2012.11.13 18:55:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikko\Local Settings\Application Data\NPE

[2012.11.13 18:55:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Norton

[2012.11.13 18:28:22 | 000,688,901 | R--- | C] (Swearware) -- C:\Documents and Settings\Mikko\Työpöytä\dds.scr

[2012.11.13 17:41:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Käynnistä-valikko\Ohjelmat\Hmonitor

[2012.11.13 17:41:10 | 000,000,000 | ---D | C] -- C:\Program Files\Hmonitor

[2012.11.13 17:19:51 | 000,000,000 | ---D | C] -- C:\Program Files\Motherboard Monitor 5

[2012.11.12 20:44:29 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner

[2012.11.12 19:06:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikko\Työpöytä\psk3212

[2012.11.12 18:21:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikko\Omat tiedostot\Downloads

[2012.11.12 18:12:02 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent

[2012.11.12 18:11:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikko\Application Data\uTorrent

[2012.11.12 17:37:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikko\Käynnistä-valikko\Ohjelmat\MWSnap

[2012.11.12 17:37:46 | 000,000,000 | ---D | C] -- C:\Program Files\MWSnap

[2012.11.12 12:44:49 | 000,000,000 | ---D | C] -- C:\Program Files\SecurityXploded

[2012.11.12 12:24:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikko\Työpöytä\cports

[2012.11.12 11:50:01 | 000,000,000 | ---D | C] -- C:\Program Files\UnHackMe

[2012.11.12 11:42:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Käynnistä-valikko\Ohjelmat\PDF-XChange PDF Viewer

[2012.11.12 11:42:35 | 000,000,000 | ---D | C] -- C:\Program Files\Tracker Software

[2012.11.12 10:14:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\clp

[2012.11.12 10:12:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Käynnistä-valikko\Ohjelmat\digital-defender Antivirus

[2012.11.12 10:12:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\DigitalDefender

[2012.11.12 10:11:55 | 000,000,000 | ---D | C] -- C:\Program Files\digital-defender Antivirus

[2012.11.12 09:37:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikko\Local Settings\Application Data\Help

[2012.11.12 09:37:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikko\Application Data\Help

[2012.11.11 17:01:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikko\Application Data\LavasoftStatistics

[2012.11.11 16:32:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikko\Local Settings\Application Data\Downloaded Installations

[2012.11.11 16:05:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\blekko toolbars

[2012.11.11 16:05:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikko\Local Settings\Application Data\adawarebp

[2012.11.11 16:05:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Ad-Aware Browsing Protection

[2012.11.11 16:05:15 | 000,000,000 | ---D | C] -- C:\Program Files\adawaretb

[2012.11.11 16:05:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikko\Application Data\adawaretb

[2012.11.11 16:05:13 | 000,000,000 | ---D | C] -- C:\Program Files\Toolbar Cleaner

[2012.11.11 13:44:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\RegRun

[2012.11.11 13:41:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Tiedostot\RegRunInfo

[2012.11.11 13:38:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikko\Omat tiedostot\RegRun2

[2012.11.11 13:38:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Käynnistä-valikko\Ohjelmat\Reanimator

[2012.11.11 13:38:27 | 000,000,000 | ---D | C] -- C:\Program Files\Greatis

[2012.11.11 10:41:33 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET

[2012.11.11 09:31:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikko\Application Data\Malwarebytes

[2012.11.11 09:30:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Käynnistä-valikko\Ohjelmat\Malwarebytes' Anti-Malware

[2012.11.11 09:30:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes

[2012.11.11 09:30:56 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2012.11.11 09:30:56 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2012.11.10 21:23:32 | 000,000,000 | -HSD | C] -- C:\RECYCLER

[2012.11.10 20:11:09 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Mikko\PrivacIE

[2012.11.10 18:00:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Windows Genuine Advantage

[2012.11.10 17:51:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp

[2012.11.10 17:40:31 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe

[2012.11.10 17:40:31 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe

[2012.11.10 17:40:31 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe

[2012.11.10 17:40:31 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe

[2012.11.10 17:40:18 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Mikko\Käynnistä-valikko\Ohjelmat\Valvontatyökalut

[2012.11.10 17:40:18 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Mikko\Omat tiedostot\Omat videotiedostot

[2012.11.10 17:40:18 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users.WINDOWS\Tiedostot\Omat videotiedostot

[2012.11.10 17:25:11 | 000,070,352 | ---- | C] (Comodo Security Solutions Inc.) -- C:\Documents and Settings\Mikko\Työpöytä\launcher_service.exe

[2012.11.10 17:24:16 | 000,877,264 | ---- | C] (Comodo Security Solutions, Inc.) -- C:\Documents and Settings\Mikko\Työpöytä\unit.exe

[2012.11.10 13:48:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Käynnistä-valikko\Ohjelmat\Catalyst Control Center

[2012.11.04 21:52:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikko\Application Data\Ashampoo

[2012.11.04 21:41:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikko\Local Settings\Application Data\ashampoo

[2012.11.04 21:41:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\ashampoo

[2012.11.04 21:41:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Käynnistä-valikko\Ohjelmat\Ashampoo

[2012.11.04 21:41:29 | 000,000,000 | ---D | C] -- C:\Program Files\Ashampoo

[2012.11.04 21:40:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikko\Käynnistä-valikko\Ohjelmat\WinRAR

[2012.11.04 21:40:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikko\Application Data\WinRAR

[2012.11.04 21:40:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Käynnistä-valikko\Ohjelmat\WinRAR

[2012.11.04 21:40:46 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR

[2012.11.03 12:59:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\CPA_VA

[2012.11.03 12:58:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Tiedostot\COMODO

[2012.11.03 12:52:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Comodo

[2012.11.03 12:52:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Käynnistä-valikko\Ohjelmat\Comodo

[2012.11.02 17:05:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Käynnistä-valikko\Ohjelmat\Google Chrome

[2012.11.02 16:57:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikko\Local Settings\Application Data\Google

[2012.11.02 16:47:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikko\Application Data\Macromedia

[2012.11.02 16:47:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikko\Application Data\Adobe

[2012.11.02 16:29:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikko\Omat tiedostot\musiikki

[2012.11.02 16:28:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Adobe

[2012.11.02 16:19:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikko\Omat tiedostot\videot

[2012.11.02 15:52:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikko\Omat tiedostot\tiedostot

[2012.11.02 14:31:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikko\Omat tiedostot\Anti-Malware

[2012.11.01 19:40:02 | 000,021,624 | ---- | C] (REALiX) -- C:\WINDOWS\System32\drivers\HWiNFO32.SYS

[2012.11.01 19:39:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Käynnistä-valikko\Ohjelmat\HWiNFO32

[2012.11.01 19:39:50 | 000,000,000 | ---D | C] -- C:\Program Files\HWiNFO32

[2012.11.01 19:02:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Käynnistä-valikko\Ohjelmat\Speccy

[2012.11.01 17:58:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikko\Local Settings\Application Data\SlimWare Utilities Inc

[2012.11.01 17:53:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Käynnistä-valikko\Ohjelmat\SlimDrivers

[2012.11.01 17:53:44 | 000,000,000 | ---D | C] -- C:\Program Files\SlimDrivers

[2012.11.01 17:53:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Tiedostot\Downloaded Installers

[2012.10.31 19:16:45 | 000,000,000 | ---D | C] -- C:\Program Files\Recuva

[2012.10.31 18:12:33 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Mikko\IETldCache

[2012.10.31 17:26:30 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users.WINDOWS\Tiedostot

[2012.10.31 17:26:30 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users.WINDOWS\Käynnistä-valikko

[2012.10.31 17:26:30 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users.WINDOWS\Käynnistä-valikko\Ohjelmat\Käynnistys

[2012.10.31 17:26:30 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users.WINDOWS\Mallit

[2012.10.31 17:26:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Työpöytä

[2012.10.31 17:26:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Suosikit

[2012.10.31 17:26:08 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft

[2012.10.31 17:26:08 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data

[2012.10.31 17:18:24 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf

[2012.10.31 17:18:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc

[2012.10.31 17:18:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers

[2012.10.31 17:18:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn

[2012.10.31 16:32:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikko\Omat tiedostot\Lataukset

[2012.10.31 16:11:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikko\Local Settings\Application Data\Mozilla

[2012.10.31 16:11:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikko\Application Data\Mozilla

[2012.10.31 16:11:10 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service

[2012.10.31 16:11:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Mozilla

[2012.10.31 16:10:59 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox

[2012.10.31 16:05:35 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Mikko\UserData

[2012.10.31 15:51:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikko\Local Settings\Application Data\NokiaInternetModem

[2012.10.31 15:51:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikko\Local Settings\Application Data\NokiaInternetModem_AppStart

[2012.10.31 15:51:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\f-secure

[2012.10.31 15:50:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Käynnistä-valikko\Ohjelmat\Nokia

[2012.10.31 15:47:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikko\Application Data\Identities

[2012.10.31 15:47:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Mikko\Omat tiedostot

[2012.10.31 15:47:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Mikko\Omat tiedostot\Omat musiikkitiedostot

[2012.10.31 15:47:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Mikko\Omat tiedostot\Omat kuvatiedostot

[2012.10.31 15:46:59 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Mikko\Application Data\Microsoft

[2012.10.31 15:46:59 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Mikko\SendTo

[2012.10.31 15:46:59 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Mikko\Application Data

[2012.10.31 15:46:59 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Mikko\Suosikit

[2012.10.31 15:46:59 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Mikko\Käynnistä-valikko

[2012.10.31 15:46:59 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Mikko\Käynnistä-valikko\Ohjelmat\Käynnistys

[2012.10.31 15:46:59 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Mikko\Käynnistä-valikko\Ohjelmat\Apuohjelmat

[2012.10.31 15:46:59 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Mikko\Cookies

[2012.10.31 15:46:59 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Mikko\Verkkoympäristö

[2012.10.31 15:46:59 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Mikko\Tulostinympäristö

[2012.10.31 15:46:59 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Mikko\Mallit

[2012.10.31 15:46:59 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Mikko\Local Settings

[2012.10.31 15:46:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikko\Työpöytä

[2012.10.31 15:46:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikko\Local Settings\Application Data\Microsoft

[2012.10.31 15:45:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch

[2012.10.31 15:42:33 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll

[2012.10.31 15:42:33 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll

[2012.10.31 15:42:33 | 000,029,184 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll

[2012.10.31 15:41:04 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys

[2012.10.31 15:38:41 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users.WINDOWS\DRM

[2012.10.31 15:36:36 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users.WINDOWS\Tiedostot\Omat kuvatiedostot

[2012.10.31 15:36:09 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users.WINDOWS\Käynnistä-valikko\Ohjelmat\Valvontatyökalut

[2012.10.31 15:35:19 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users.WINDOWS\Käynnistä-valikko\Ohjelmat\Pelit

[2012.10.31 15:35:18 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users.WINDOWS\Tiedostot\Omat musiikkitiedostot

[2012.10.31 15:33:41 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users.WINDOWS\Käynnistä-valikko\Ohjelmat\Apuohjelmat

[2012.10.30 20:07:12 | 000,000,000 | -HSD | C] -- C:\DrWeb Quarantine

[2012.10.27 12:54:09 | 000,000,000 | ---D | C] -- C:\Program Files\Five magical amulets

[2012.10.27 11:12:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Doctor Web

[2012.10.18 09:09:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\ESET

[2012.10.16 16:03:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Coranti

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012.11.15 10:02:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mikko\Työpöytä\OTL.exe

[2012.11.15 10:02:00 | 000,000,994 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2012.11.15 09:34:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job

[2012.11.15 08:06:27 | 000,000,990 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2012.11.15 08:06:19 | 000,000,266 | ---- | M] () -- C:\WINDOWS\tasks\AVTray.job

[2012.11.15 08:06:09 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2012.11.14 16:48:47 | 000,011,076 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat

[2012.11.14 16:02:01 | 000,015,203 | ---- | M] () -- C:\removable drive.jpg

[2012.11.14 16:01:22 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Työpöytä\iTunes.lnk

[2012.11.14 12:49:13 | 001,326,082 | ---- | M] () -- C:\Documents and Settings\Mikko\Omat tiedostot\StreamArmor_v1.zip

[2012.11.14 12:48:05 | 000,494,510 | ---- | M] (UltraDefrag Development Team) -- C:\Documents and Settings\Mikko\Omat tiedostot\ultradefrag-5.1.1.bin.i386.exe

[2012.11.14 10:48:21 | 000,673,280 | ---- | M] () -- C:\Documents and Settings\Mikko\Työpöytä\RogueKiller.exe

[2012.11.14 10:39:18 | 000,000,052 | ---- | M] () -- C:\Documents and Settings\Mikko\Omat tiedostot\WMA8Connect.dll_coranti.dat

[2012.11.14 10:13:25 | 000,047,447 | ---- | M] () -- C:\Documents and Settings\Mikko\Työpöytä\alternatestreamview.zip

[2012.11.14 10:12:05 | 000,527,244 | ---- | M] () -- C:\Documents and Settings\Mikko\Työpöytä\hwmonitor_1.21-32bit.zip

[2012.11.14 10:07:21 | 000,302,592 | ---- | M] () -- C:\Documents and Settings\Mikko\Työpöytä\g5rhizpq.exe

[2012.11.14 09:59:20 | 000,023,894 | ---- | M] () -- C:\stream armor.jpg

[2012.11.14 09:24:36 | 000,093,480 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2012.11.14 09:09:00 | 000,405,012 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2012.11.14 09:09:00 | 000,377,914 | ---- | M] () -- C:\WINDOWS\System32\perfh00B.dat

[2012.11.14 09:09:00 | 000,066,300 | ---- | M] () -- C:\WINDOWS\System32\perfc00B.dat

[2012.11.14 09:09:00 | 000,054,356 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2012.11.13 20:16:50 | 008,349,632 | ---- | M] (SurfRight B.V.) -- C:\Documents and Settings\Mikko\Työpöytä\HitmanPro36.exe

[2012.11.13 20:10:16 | 000,000,606 | ---- | M] () -- C:\Documents and Settings\Mikko\Työpöytä\Pikakuvake Memoryze.lnk

[2012.11.13 20:08:11 | 007,150,987 | ---- | M] () -- C:\Documents and Settings\Mikko\Työpöytä\Memoryze.zip

[2012.11.13 20:04:10 | 000,470,564 | ---- | M] () -- C:\Documents and Settings\Mikko\Omat tiedostot\uhr4jdskovmhutk5n94np6u15250a28ac3859fa.jpeg

[2012.11.13 19:50:17 | 000,687,927 | ---- | M] () -- C:\Documents and Settings\Mikko\Työpöytä\RedCurtain.zip

[2012.11.13 18:34:36 | 000,003,794 | ---- | M] () -- C:\Documents and Settings\Mikko\Työpöytä\attach.rar

[2012.11.13 18:28:29 | 000,688,901 | R--- | M] (Swearware) -- C:\Documents and Settings\Mikko\Työpöytä\dds.scr

[2012.11.13 18:20:05 | 000,026,434 | ---- | M] () -- C:\cpu.jpg

[2012.11.13 18:13:26 | 000,022,888 | ---- | M] () -- C:\mcafee.jpg

[2012.11.13 17:41:12 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Työpöytä\Hmonitor.lnk

[2012.11.12 20:44:34 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Työpöytä\CCleaner.lnk

[2012.11.12 18:12:07 | 000,000,630 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Työpöytä\µTorrent.lnk

[2012.11.12 17:39:46 | 000,173,832 | ---- | M] () -- C:\coronto.jpg

[2012.11.12 17:39:40 | 002,068,566 | ---- | M] () -- C:\coronto.bmp

[2012.11.12 17:37:49 | 000,000,606 | ---- | M] () -- C:\Documents and Settings\Mikko\Työpöytä\MWSnap 3.lnk

[2012.11.12 12:44:49 | 000,000,876 | ---- | M] () -- C:\Documents and Settings\Mikko\Työpöytä\StreamArmor.lnk

[2012.11.12 11:42:44 | 000,000,866 | ---- | M] () -- C:\Documents and Settings\Mikko\Työpöytä\PDF-Viewer.lnk

[2012.11.12 10:14:00 | 000,001,802 | ---- | M] () -- C:\Documents and Settings\Mikko\Application Data\Microsoft\Internet Explorer\Quick Launch\digital-defender Antivirus.lnk

[2012.11.12 10:13:59 | 000,001,784 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Työpöytä\digital-defender Antivirus.lnk

[2012.11.11 17:04:09 | 000,000,944 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Antivirus Scheduled Scan.job

[2012.11.11 13:38:36 | 000,002,518 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT

[2012.11.11 13:38:36 | 000,001,636 | ---- | M] () -- C:\WINDOWS\System32\AUTOEXEC.NT

[2012.11.11 13:38:36 | 000,000,002 | RHS- | M] () -- C:\WINDOWS\winstart.bat

[2012.11.11 13:38:32 | 000,000,734 | ---- | M] () -- C:\Documents and Settings\Mikko\Työpöytä\Reanimator.lnk

[2012.11.11 13:34:17 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2012.11.11 09:31:00 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Työpöytä\Malwarebytes Anti-Malware.lnk

[2012.11.10 20:14:41 | 000,001,912 | ---- | M] () -- C:\WINDOWS\epplauncher.mif

[2012.11.10 17:57:55 | 003,564,662 | ---- | M] () -- C:\Qoobox.rar

[2012.11.10 16:45:18 | 000,000,000 | ---- | M] () -- C:\WINDOWS\ativpsrm.bin

[2012.11.10 13:49:00 | 000,001,189 | ---- | M] () -- C:\WINDOWS\ATICIM.INI

[2012.11.04 21:41:36 | 000,000,988 | ---- | M] () -- C:\Documents and Settings\Mikko\Application Data\Microsoft\Internet Explorer\Quick Launch\Ashampoo Burning Studio 6 FREE.lnk

[2012.11.04 21:41:36 | 000,000,970 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Työpöytä\Ashampoo Burning Studio 6 FREE.lnk

[2012.11.04 20:00:43 | 000,026,725 | ---- | M] () -- C:\Documents and Settings\Mikko\Työpöytä\scoped_dir_3436_22125.zip

[2012.11.04 20:00:15 | 000,028,368 | ---- | M] () -- C:\Documents and Settings\Mikko\Työpöytä\WERcdc5.zip

[2012.11.03 12:52:46 | 000,000,947 | ---- | M] () -- C:\Documents and Settings\Mikko\Application Data\Microsoft\Internet Explorer\Quick Launch\COMODO GeekBuddy.lnk

[2012.11.03 09:15:06 | 000,000,626 | ---- | M] () -- C:\Documents and Settings\Mikko\Työpöytä\1by1.lnk

[2012.11.03 07:31:48 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat

[2012.11.02 17:06:05 | 000,001,807 | ---- | M] () -- C:\Documents and Settings\Mikko\Työpöytä\Google Chrome.lnk

[2012.11.02 17:06:05 | 000,001,791 | ---- | M] () -- C:\Documents and Settings\Mikko\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk

[2012.11.02 15:55:06 | 000,005,120 | ---- | M] () -- C:\Documents and Settings\Mikko\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2012.11.02 14:30:35 | 000,000,441 | ---- | M] () -- C:\Documents and Settings\Mikko\Työpöytä\Pikakuvake Lataukset.lnk

[2012.11.01 19:40:02 | 000,021,624 | ---- | M] (REALiX) -- C:\WINDOWS\System32\drivers\HWiNFO32.SYS

[2012.11.01 19:02:05 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Työpöytä\Speccy.lnk

[2012.11.01 17:53:47 | 000,001,854 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Työpöytä\SlimDrivers.lnk

[2012.11.01 08:52:52 | 000,877,264 | ---- | M] (Comodo Security Solutions, Inc.) -- C:\Documents and Settings\Mikko\Työpöytä\unit.exe

[2012.11.01 08:52:52 | 000,070,352 | ---- | M] (Comodo Security Solutions Inc.) -- C:\Documents and Settings\Mikko\Työpöytä\launcher_service.exe

[2012.10.31 19:16:46 | 000,001,512 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Työpöytä\Recuva.lnk

[2012.10.31 18:12:50 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Mikko\Application Data\Microsoft\Internet Explorer\Quick Launch\Käynnistä Internet Explorer -selain.lnk

[2012.10.31 17:32:17 | 000,005,208 | ---- | M] () -- C:\WINDOWS\System32\pid.PNF

[2012.10.31 16:11:13 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Mikko\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk

[2012.10.31 16:11:12 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Työpöytä\Mozilla Firefox.lnk

[2012.10.31 16:10:22 | 000,042,285 | ---- | M] () -- C:\Documents and Settings\Mikko\Työpöytä\mbrfix.zip

[2012.10.31 15:54:22 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.bak

[2012.10.31 15:51:31 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_nokia_cs1x_cdc_acm_01009.Wdf

[2012.10.31 15:50:42 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_nokia_cs1x_dc_enum_01009.Wdf

[2012.10.31 15:50:41 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf

[2012.10.31 15:50:21 | 000,002,171 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Työpöytä\Asenna DNA Nettiturva tästä.lnk

[2012.10.31 15:50:21 | 000,000,902 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Työpöytä\Nokia Internet Modem.lnk

[2012.10.31 15:49:04 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\Mikko\Työpöytä\Internet.lnk

[2012.10.31 15:47:20 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Mikko\Application Data\Microsoft\Internet Explorer\Quick Launch\Näytä työpöytä.scf

[2012.10.31 15:43:19 | 000,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf

[2012.10.31 15:39:59 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx

[2012.10.31 15:39:58 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb

[2012.10.31 15:39:58 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb

[2012.10.31 15:39:38 | 000,004,381 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI

[2012.10.31 15:36:34 | 000,021,672 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat

[2012.10.31 15:32:56 | 000,000,282 | -HS- | M] () -- C:\boot.ini

[2012.10.25 16:16:22 | 000,001,788 | ---- | M] () -- C:\o.xml

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.11.14 16:48:47 | 000,011,076 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat

[2012.11.14 16:02:01 | 000,015,203 | ---- | C] () -- C:\removable drive.jpg

[2012.11.14 16:01:22 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Työpöytä\iTunes.lnk

[2012.11.14 15:58:56 | 000,001,830 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Käynnistä-valikko\Ohjelmat\Apple Software Update.lnk

[2012.11.14 12:49:04 | 001,326,082 | ---- | C] () -- C:\Documents and Settings\Mikko\Omat tiedostot\StreamArmor_v1.zip

[2012.11.14 10:48:15 | 000,673,280 | ---- | C] () -- C:\Documents and Settings\Mikko\Työpöytä\RogueKiller.exe

[2012.11.14 10:39:18 | 000,000,052 | ---- | C] () -- C:\Documents and Settings\Mikko\Omat tiedostot\WMA8Connect.dll_coranti.dat

[2012.11.14 10:13:25 | 000,047,447 | ---- | C] () -- C:\Documents and Settings\Mikko\Työpöytä\alternatestreamview.zip

[2012.11.14 10:12:00 | 000,527,244 | ---- | C] () -- C:\Documents and Settings\Mikko\Työpöytä\hwmonitor_1.21-32bit.zip

[2012.11.14 10:07:20 | 000,302,592 | ---- | C] () -- C:\Documents and Settings\Mikko\Työpöytä\g5rhizpq.exe

[2012.11.14 09:59:20 | 000,023,894 | ---- | C] () -- C:\stream armor.jpg

[2012.11.13 20:09:42 | 000,000,606 | ---- | C] () -- C:\Documents and Settings\Mikko\Työpöytä\Pikakuvake Memoryze.lnk

[2012.11.13 20:03:59 | 000,470,564 | ---- | C] () -- C:\Documents and Settings\Mikko\Omat tiedostot\uhr4jdskovmhutk5n94np6u15250a28ac3859fa.jpeg

[2012.11.13 19:50:32 | 007,150,987 | ---- | C] () -- C:\Documents and Settings\Mikko\Työpöytä\Memoryze.zip

[2012.11.13 19:50:03 | 000,687,927 | ---- | C] () -- C:\Documents and Settings\Mikko\Työpöytä\RedCurtain.zip

[2012.11.13 18:34:36 | 000,003,794 | ---- | C] () -- C:\Documents and Settings\Mikko\Työpöytä\attach.rar

[2012.11.13 18:20:05 | 000,026,434 | ---- | C] () -- C:\cpu.jpg

[2012.11.13 18:13:26 | 000,022,888 | ---- | C] () -- C:\mcafee.jpg

[2012.11.13 17:41:12 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Työpöytä\Hmonitor.lnk

[2012.11.12 20:44:34 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Työpöytä\CCleaner.lnk

[2012.11.12 18:12:07 | 000,000,630 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Työpöytä\µTorrent.lnk

[2012.11.12 17:39:46 | 000,173,832 | ---- | C] () -- C:\coronto.jpg

[2012.11.12 17:39:40 | 002,068,566 | ---- | C] () -- C:\coronto.bmp

[2012.11.12 17:37:49 | 000,000,606 | ---- | C] () -- C:\Documents and Settings\Mikko\Työpöytä\MWSnap 3.lnk

[2012.11.12 12:44:49 | 000,000,876 | ---- | C] () -- C:\Documents and Settings\Mikko\Työpöytä\StreamArmor.lnk

[2012.11.12 11:42:44 | 000,000,866 | ---- | C] () -- C:\Documents and Settings\Mikko\Työpöytä\PDF-Viewer.lnk

[2012.11.12 10:14:00 | 000,001,802 | ---- | C] () -- C:\Documents and Settings\Mikko\Application Data\Microsoft\Internet Explorer\Quick Launch\digital-defender Antivirus.lnk

[2012.11.12 10:13:59 | 000,001,784 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Työpöytä\digital-defender Antivirus.lnk

[2012.11.12 10:12:12 | 000,000,266 | ---- | C] () -- C:\WINDOWS\tasks\AVTray.job

[2012.11.11 17:04:09 | 000,000,944 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Antivirus Scheduled Scan.job

[2012.11.11 13:38:36 | 000,000,002 | RHS- | C] () -- C:\WINDOWS\winstart.bat

[2012.11.11 13:38:32 | 000,000,734 | ---- | C] () -- C:\Documents and Settings\Mikko\Työpöytä\Reanimator.lnk

[2012.11.11 09:31:00 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Työpöytä\Malwarebytes Anti-Malware.lnk

[2012.11.10 18:02:40 | 000,001,912 | ---- | C] () -- C:\WINDOWS\epplauncher.mif

[2012.11.10 17:57:49 | 003,564,662 | ---- | C] () -- C:\Qoobox.rar

[2012.11.10 17:40:31 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe

[2012.11.10 17:40:31 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe

[2012.11.10 17:40:31 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe

[2012.11.10 17:40:31 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe

[2012.11.10 17:40:31 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe

[2012.11.10 16:45:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin

[2012.11.10 13:27:20 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe

[2012.11.10 13:20:44 | 000,001,189 | ---- | C] () -- C:\WINDOWS\ATICIM.INI

[2012.11.04 21:41:36 | 000,000,988 | ---- | C] () -- C:\Documents and Settings\Mikko\Application Data\Microsoft\Internet Explorer\Quick Launch\Ashampoo Burning Studio 6 FREE.lnk

[2012.11.04 21:41:36 | 000,000,970 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Työpöytä\Ashampoo Burning Studio 6 FREE.lnk

[2012.11.04 20:02:43 | 000,043,008 | ---- | C] () -- C:\Documents and Settings\Mikko\Työpöytä\pstubxx.exe

[2012.11.04 20:00:53 | 000,028,368 | ---- | C] () -- C:\Documents and Settings\Mikko\Työpöytä\WERcdc5.zip

[2012.11.04 20:00:53 | 000,026,725 | ---- | C] () -- C:\Documents and Settings\Mikko\Työpöytä\scoped_dir_3436_22125.zip

[2012.11.03 12:52:46 | 000,000,947 | ---- | C] () -- C:\Documents and Settings\Mikko\Application Data\Microsoft\Internet Explorer\Quick Launch\COMODO GeekBuddy.lnk

[2012.11.02 17:22:50 | 000,000,626 | ---- | C] () -- C:\Documents and Settings\Mikko\Työpöytä\1by1.lnk

[2012.11.02 17:06:05 | 000,001,807 | ---- | C] () -- C:\Documents and Settings\Mikko\Työpöytä\Google Chrome.lnk

[2012.11.02 17:06:05 | 000,001,791 | ---- | C] () -- C:\Documents and Settings\Mikko\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk

[2012.11.02 16:57:49 | 000,000,994 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2012.11.02 16:57:47 | 000,000,990 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2012.11.02 16:31:52 | 000,000,830 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job

[2012.11.02 15:38:50 | 000,005,120 | ---- | C] () -- C:\Documents and Settings\Mikko\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2012.11.02 14:30:35 | 000,000,441 | ---- | C] () -- C:\Documents and Settings\Mikko\Työpöytä\Pikakuvake Lataukset.lnk

[2012.11.01 19:20:08 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat

[2012.11.01 19:02:05 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Työpöytä\Speccy.lnk

[2012.11.01 19:00:58 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe

[2012.11.01 18:59:58 | 000,141,016 | ---- | C] () -- C:\WINDOWS\System32\alsndmgr.wav

[2012.11.01 18:59:56 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll

[2012.11.01 17:53:47 | 000,001,854 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Työpöytä\SlimDrivers.lnk

[2012.10.31 19:16:46 | 000,001,512 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Työpöytä\Recuva.lnk

[2012.10.31 17:32:17 | 000,005,208 | ---- | C] () -- C:\WINDOWS\System32\pid.PNF

[2012.10.31 17:27:02 | 000,004,381 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

[2012.10.31 17:26:42 | 000,001,636 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT

[2012.10.31 17:26:28 | 000,171,588 | ---- | C] () -- C:\WINDOWS\System32\dllcache\startoc.cat

[2012.10.31 17:26:28 | 000,037,509 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT

[2012.10.31 17:26:28 | 000,033,765 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT

[2012.10.31 17:26:28 | 000,016,825 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT

[2012.10.31 17:26:28 | 000,013,497 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT

[2012.10.31 17:26:28 | 000,012,363 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT

[2012.10.31 17:26:28 | 000,010,027 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT

[2012.10.31 17:26:28 | 000,008,599 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT

[2012.10.31 17:26:28 | 000,007,407 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT

[2012.10.31 17:26:28 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat

[2012.10.31 17:26:27 | 002,033,017 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT

[2012.10.31 17:26:27 | 001,245,715 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP3.CAT

[2012.10.31 17:26:27 | 000,809,684 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT

[2012.10.31 17:26:27 | 000,399,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT

[2012.10.31 17:26:26 | 000,545,008 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT

[2012.10.31 17:25:36 | 000,093,480 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2012.10.31 17:24:23 | 000,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf

[2012.10.31 16:20:50 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll

[2012.10.31 16:20:50 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll

[2012.10.31 16:11:13 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\Mikko\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk

[2012.10.31 16:11:12 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Käynnistä-valikko\Ohjelmat\Mozilla Firefox.lnk

[2012.10.31 16:11:12 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Työpöytä\Mozilla Firefox.lnk

[2012.10.31 16:10:22 | 000,042,285 | ---- | C] () -- C:\Documents and Settings\Mikko\Työpöytä\mbrfix.zip

[2012.10.31 15:54:23 | 000,013,646 | ---- | C] () -- C:\WINDOWS\System32\wpa.bak

[2012.10.31 15:51:31 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_nokia_cs1x_cdc_acm_01009.Wdf

[2012.10.31 15:50:42 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_nokia_cs1x_dc_enum_01009.Wdf

[2012.10.31 15:50:41 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf

[2012.10.31 15:50:21 | 000,002,171 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Työpöytä\Asenna DNA Nettiturva tästä.lnk

[2012.10.31 15:50:21 | 000,000,902 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Työpöytä\Nokia Internet Modem.lnk

[2012.10.31 15:49:04 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\Mikko\Työpöytä\Internet.lnk

[2012.10.31 15:47:20 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\Mikko\Application Data\Microsoft\Internet Explorer\Quick Launch\Näytä työpöytä.scf

[2012.10.31 15:47:12 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\Mikko\Käynnistä-valikko\Ohjelmat\Outlook Express.lnk

[2012.10.31 15:47:10 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\Mikko\Application Data\Microsoft\Internet Explorer\Quick Launch\Käynnistä Internet Explorer -selain.lnk

[2012.10.31 15:47:10 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\Mikko\Käynnistä-valikko\Ohjelmat\Internet Explorer.lnk

[2012.10.31 15:47:00 | 000,001,599 | ---- | C] () -- C:\Documents and Settings\Mikko\Käynnistä-valikko\Ohjelmat\Etätuki.lnk

[2012.10.31 15:47:00 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\Mikko\Käynnistä-valikko\Ohjelmat\Windows Media Player.lnk

[2012.10.31 15:43:19 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat

[2012.10.31 15:42:25 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll

[2012.10.31 15:41:58 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex

[2012.10.31 15:41:48 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe

[2012.10.31 15:41:47 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe

[2012.10.31 15:41:45 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex

[2012.10.31 15:41:37 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll

[2012.10.31 15:41:31 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex

[2012.10.31 15:41:26 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll

[2012.10.31 15:41:07 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll

[2012.10.31 15:40:09 | 000,002,518 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT

[2012.10.31 15:39:58 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb

[2012.10.31 15:39:58 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb

[2012.10.31 15:39:56 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx

[2012.10.31 15:38:04 | 000,000,786 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Käynnistä-valikko\Ohjelmat\Windows Movie Maker.lnk

[2012.10.31 15:37:46 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex

[2012.10.31 15:37:32 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp

[2012.10.31 15:37:32 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp

[2012.10.31 15:37:27 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf

[2012.10.31 15:36:53 | 000,376,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll

[2012.10.31 15:36:34 | 000,021,672 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

[2012.10.31 15:35:19 | 000,000,671 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Käynnistä-valikko\Ohjelmat\Windows Messenger.lnk

[2012.10.31 15:34:57 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fen stukko.bmp

[2012.10.31 15:34:57 | 000,026,680 | ---- | C] () -- C:\WINDOWS\Viuhkat.bmp

[2012.10.31 15:34:57 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapoteekki.bmp

[2012.10.31 15:34:56 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Saippuakuplat.bmp

[2012.10.31 15:34:56 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Preeriatuuli.bmp

[2012.10.31 15:34:56 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Viherkivi.bmp

[2012.10.31 15:34:56 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Alppiruusu.bmp

[2012.10.31 15:34:56 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Kalassa.bmp

[2012.10.31 15:34:56 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Kahvikuppi.bmp

[2012.10.31 15:34:56 | 000,016,730 | ---- | C] () -- C:\WINDOWS\Höyhenkuvio.bmp

[2012.10.31 15:34:56 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Pitsikuvio 16.bmp

[2012.10.31 15:34:53 | 000,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd

[2012.10.31 15:34:52 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h

[2012.10.31 15:34:51 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h

[2012.10.31 15:34:46 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc

[2012.10.25 16:16:22 | 000,001,788 | ---- | C] () -- C:\o.xml

[2012.09.07 07:39:36 | 000,010,264 | ---- | C] () -- C:\WINDOWS\System32\drivers\avfsfilter.sys

========== ZeroAccess Check ==========

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shdocvw.dll -- [2012.08.30 22:33:09 | 001,509,888 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 12:54:17 | 000,473,600 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.15 14:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

========== LOP Check ==========

[2011.11.21 16:51:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ashampoo

[2012.09.24 16:00:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software

[2012.09.16 14:11:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2013

[2012.08.22 06:48:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BitDefender

[2012.05.01 13:53:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ

[2012.03.03 17:14:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CheckPoint

[2011.12.12 20:40:42 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files

[2012.10.16 16:04:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Coranti

[2012.02.13 07:29:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CPA_VA

[2012.03.22 19:12:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite

[2012.10.27 11:11:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Doctor Web

[2012.03.21 16:59:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations

[2012.03.21 16:25:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\F-Secure

[2012.02.15 15:21:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\F-Secure uninstallationtool

[2012.03.02 20:09:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FRISK Software

[2012.03.04 12:07:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\fssg

[2012.09.11 08:07:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hi-Rez Studios

[2012.07.02 18:03:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HitmanPro

[2011.10.12 10:35:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations

[2012.10.29 15:47:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IObit

[2012.02.22 20:35:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IsolatedStorage

[2012.10.14 16:05:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\kingsoft

[2012.01.04 19:52:08 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\KRSHistory

[2012.04.25 14:53:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MANDIANT

[2012.09.16 14:12:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData

[2012.05.17 10:10:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MicroWorld

[2012.06.09 16:15:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Panda Security

[2012.09.11 09:59:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files

[2012.09.11 13:25:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PrevxCSI

[2012.02.22 20:28:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Privacyware

[2012.02.12 22:09:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RegRun

[2012.07.13 14:10:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Rising

[2012.10.16 14:22:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Roboscan

[2012.04.13 09:48:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sophos

[2012.02.22 20:29:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\White Sky, Inc

[2012.05.09 17:30:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}

[2012.07.29 17:21:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{6F2F3866-38AD-4f48-852C-2FF5DE7A7588}

[2012.07.29 17:22:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{D76294E6-03B8-4971-AF2E-3F846161A690}

[2012.11.14 16:01:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1

[2012.11.15 08:06:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Ad-Aware Browsing Protection

[2012.11.04 21:41:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\ashampoo

[2012.11.11 16:05:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\blekko toolbars

[2012.11.12 10:44:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\clp

[2012.11.05 06:33:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\CPA_VA

[2012.11.12 10:12:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\DigitalDefender

[2012.10.31 15:51:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\f-secure

[2012.11.13 20:08:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\MANDIANT

[2012.11.12 12:08:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\RegRun

[2012.07.14 09:58:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\esiasennettu\Application Data\Anvisoft

[2011.11.21 18:46:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\esiasennettu\Application Data\Ashampoo

[2012.03.27 19:10:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\esiasennettu\Application Data\Audacity

[2011.11.19 15:11:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\esiasennettu\Application Data\Autorun Analyzer

[2012.08.30 19:46:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\esiasennettu\Application Data\BlueSprig

[2012.03.22 16:41:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\esiasennettu\Application Data\CheckPoint

[2012.03.22 20:46:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\esiasennettu\Application Data\DAEMON Tools Lite

[2006.12.18 19:45:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\esiasennettu\Application Data\Datalayer

[2012.03.12 20:40:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\esiasennettu\Application Data\Dev-Cpp

[2012.07.18 12:23:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\esiasennettu\Application Data\DiskSpaceFan

[2012.04.13 09:09:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\esiasennettu\Application Data\ElevatedDiagnostics

[2012.10.18 09:09:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\esiasennettu\Application Data\ESET

[2012.05.15 19:48:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\esiasennettu\Application Data\EurekaLog

[2012.07.07 12:39:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\esiasennettu\Application Data\f-secure

[2011.10.28 10:47:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\esiasennettu\Application Data\Foxit Software

[2012.10.25 19:43:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\esiasennettu\Application Data\Free Download Manager

[2012.06.08 20:06:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\esiasennettu\Application Data\FreeFixer

[2012.01.25 15:00:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\esiasennettu\Application Data\GlarySoft

[2012.02.15 21:13:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\esiasennettu\Application Data\gtk-2.0

[2012.02.22 20:38:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\esiasennettu\Application Data\ID Vault

[2012.10.29 15:48:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\esiasennettu\Application Data\IObit

[2011.11.19 15:12:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\esiasennettu\Application Data\KillSwitch

[2008.07.01 15:41:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\esiasennettu\Application Data\Leadertech

[2012.04.29 11:04:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\esiasennettu\Application Data\LolClient

[2012.07.18 10:39:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\esiasennettu\Application Data\NCH Swift Sound

[2006.12.28 18:06:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\esiasennettu\Application Data\Nokia Multimedia Player

[2011.11.22 16:53:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\esiasennettu\Application Data\OpenOffice.org

[2012.01.28 11:12:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\esiasennettu\Application Data\Opera

[2012.06.09 16:19:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\esiasennettu\Application Data\Panda Security

[2012.07.07 15:22:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\esiasennettu\Application Data\Runscanner.net

[2012.08.14 20:41:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\esiasennettu\Application Data\Systweak

[2012.09.30 07:56:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\esiasennettu\Application Data\TeamViewer

[2004.10.29 19:11:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\esiasennettu\Application Data\Template

[2012.01.23 20:36:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\esiasennettu\Application Data\TestApp

[2012.09.15 17:12:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\esiasennettu\Application Data\TuneUp Software

[2012.10.27 20:24:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\esiasennettu\Application Data\uTorrent

[2011.09.25 17:36:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\esiasennettu\Application Data\WinPatrol

[2012.10.27 12:54:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\esiasennettu\Application Data\Wise Game Booster

[2012.10.13 10:12:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\IObit

[2012.09.13 18:09:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\iolo

[2012.11.11 17:02:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService.NT-HALLINTA\Application Data\Ad-Aware Antivirus

[2012.11.05 06:38:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService.NT-HALLINTA\Application Data\GeekBuddyRSP

[2012.11.11 16:05:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mikko\Application Data\adawaretb

[2012.11.04 21:52:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mikko\Application Data\Ashampoo

[2012.11.14 13:54:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mikko\Application Data\uTorrent

[2012.02.20 20:24:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Ad-Aware Antivirus

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 52 bytes -> C:\trojan.jpg:coranti

@Alternate Data Stream - 52 bytes -> C:\TIETOKONE.rtf:coranti

@Alternate Data Stream - 52 bytes -> C:\Thumbs.db:coranti

@Alternate Data Stream - 52 bytes -> C:\test.log:coranti

@Alternate Data Stream - 52 bytes -> C:\TDSSKiller.2.8.7.0_22.08.2012_20.15.09_log.txt:coranti

@Alternate Data Stream - 52 bytes -> C:\TDSSKiller.2.8.7.0_22.08.2012_20.12.26_log.txt:coranti

@Alternate Data Stream - 52 bytes -> C:\TDSSKiller.2.8.7.0_22.08.2012_20.11.48_log.txt:coranti

@Alternate Data Stream - 52 bytes -> C:\TDSSKiller.2.8.6.0_22.08.2012_19.52.46_log.txt:coranti

@Alternate Data Stream - 52 bytes -> C:\TDSSKiller.2.8.6.0_22.08.2012_19.48.36_log.txt:coranti

@Alternate Data Stream - 52 bytes -> C:\TDSSKiller.2.8.6.0_19.08.2012_10.26.20_log.txt:coranti

@Alternate Data Stream - 52 bytes -> C:\TDSSKiller.2.8.6.0_14.08.2012_17.27.42_log.txt:coranti

@Alternate Data Stream - 52 bytes -> C:\TDSSKiller.2.8.10.0_18.09.2012_16.26.12_log.txt:coranti

@Alternate Data Stream - 52 bytes -> C:\systweak2.jpg:coranti

@Alternate Data Stream - 52 bytes -> C:\systweak1.jpg:coranti

@Alternate Data Stream - 52 bytes -> C:\sound3.mid:coranti

@Alternate Data Stream - 52 bytes -> C:\sound2.mid:coranti

@Alternate Data Stream - 52 bytes -> C:\sound.mid:coranti

@Alternate Data Stream - 52 bytes -> C:\rescue-system_scan.log:coranti

@Alternate Data Stream - 52 bytes -> C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe:coranti

@Alternate Data Stream - 52 bytes -> C:\mylog.txt:coranti

@Alternate Data Stream - 52 bytes -> C:\lvcoinst.log:coranti

@Alternate Data Stream - 52 bytes -> C:\Install.log.txt:coranti

@Alternate Data Stream - 52 bytes -> C:\CONFIG.SYS:coranti

@Alternate Data Stream - 52 bytes -> C:\cmldr:coranti

< End of report >

Link to post
Share on other sites

Guest TheAncientWitch

OTL Extras logfile created on: 15.11.2012 10:14:22 - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Mikko\Työpöytä

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 0000040B | Country: Suomi | Language: FIN | Date Format: d.M.yyyy

1,75 Gb Total Physical Memory | 1,12 Gb Available Physical Memory | 64,07% Memory free

3,60 Gb Paging File | 3,11 Gb Available in Paging File | 86,44% Paging File free

Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 111,79 Gb Total Space | 83,47 Gb Free Space | 74,67% Space Free | Partition Type: NTFS

Computer Name: YRITYS-E6A67C9C | User Name: Mikko | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-842925246-573735546-1417001333-1004\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

exefile [open] -- "%1" %*

htmlfile [edit] -- Reg Error: Key error.

InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"UpdatesDisableNotify" = 0

"AntiVirusOverride" = 1

"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]

"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]

"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)

"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)

"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour-palvelu -- (Apple Inc.)

"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{03ADC8AB-C130-0C3D-1FF9-2C385DF25689}" = CCC Help Czech

"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center

"{07021185-008D-ABF9-7716-475AC035F8B3}" = CCC Help Spanish

"{0F6F6876-6334-4977-B5DD-CFC12E193420}" = iTunes

"{0F8D0406-7755-AC37-6529-73AD649DBE32}" = Catalyst Control Center Graphics Previews Common

"{22072CC8-7230-96F8-52F4-05EAF3F906B6}" = CCC Help Polish

"{2368ADBD-6FDF-4B9F-FE41-E20B4D78E79E}" = CCC Help Chinese Standard

"{25EF0DC4-B072-2E04-4581-A13C91423CE6}" = CCC Help Portuguese

"{26F7855C-443B-00A6-F7B8-A97A5403F617}" = CCC Help Danish

"{2CB4A925-48A7-DA65-DCEE-D4DE224B7D84}" = CCC Help English

"{306D75B9-7FFF-FF65-0C76-57F2FE4FE1D6}" = Catalyst Control Center Core Implementation

"{32B12FE4-5A51-751A-1FB6-A14E97EBDD5C}" = CCC Help German

"{350C940b-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{351512E5-01BD-E878-6F57-AA3E517D9ECE}" = Skins

"{354A387E-0374-21A3-6832-335674A6D7D1}" = CCC Help French

"{3C00BEE9-26D0-D9E0-A2D1-62F70D412A12}" = CCC Help Turkish

"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile

"{4346F7AA-3D56-0941-424C-4454E04D37F6}" = CCC Help Italian

"{4CAE2F2C-75CD-A0DE-7520-449BCBBCC833}" = CCC Help Korean

"{57F7F0A5-8F22-8E63-E819-803B5C9CA3A5}" = CCC Help Dutch

"{5EA437D2-7A57-B60E-E8F2-76BFAC0895A5}" = CCC Help Chinese Traditional

"{61AF4E75-050E-0304-3417-8BC16417FEB1}" = CCC Help Greek

"{632005DA-C291-5275-284C-5EE96B05C714}" = Catalyst Control Center HydraVision Full

"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Applen ohjelmatuki

"{6C72BE0C-3E25-CACD-0070-2FD9C02ABA14}" = ccc-core-preinstall

"{780262B9-4578-3727-97D3-62DE7B9F5F82}" = Microsoft .NET Framework 4 Client Profile FIN Language Pack

"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update

"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour

"{87C8819F-338A-4A2E-91C3-2C18E89FA44F}" = Nokia Internet Modem

"{880BB617-914E-17E8-D877-A96BAC5794D2}" = Catalyst Control Center Graphics Full New

"{8897CF22-DB6C-8248-895C-12BFA2677F51}" = CCC Help Hungarian

"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding

"{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1" = PDF-Viewer

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{AF710FDE-2815-8C8D-5281-8004C2654AA6}" = CCC Help Russian

"{AFF2D965-C6F2-A210-FBF7-532612AA1D23}" = CCC Help Swedish

"{B21336EE-4AEF-9940-4AC7-EDB89854B8D3}" = CCC Help Thai

"{BBA69346-61A1-BD34-E75A-4D81232DB1FE}" = Catalyst Control Center Localization All

"{BFD5ED08-F066-92D5-BE67-3B9AE5DCFF0C}" = CCC Help Japanese

"{C4609F15-FB3C-D97E-BAA1-4F10815039C2}" = Catalyst Control Center Graphics Full Existing

"{D01FAC3D-86B4-3A19-9D10-9156A0EB3EBE}" = CCC Help Finnish

"{D4DDFAA1-EC37-4529-AD5B-A433ADE68662}" = Apple Mobile Device Support

"{D73722C8-3F65-C75B-A631-5D36894DAB92}" = ccc-core-static

"{DD350F3A-3620-4185-A5E2-88A6437C8415}" = SlimDrivers

"{DDAD33B6-8C00-428D-087B-A7088355B9BE}" = Catalyst Control Center Graphics Light

"{E333F074-FC7F-596D-3D61-44F0EC28E8C0}" = ccc-utility

"{EBCB5C58-93B9-47FC-B154-AB4267EEA9F1}" = Memoryze

"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

"{F2401566-EC61-4322-9876-6C6D55896AB2}" = digital-defender Antivirus

"{FA38F9E4-BED7-E021-B660-8FDFF7EC6E1A}" = CCC Help Norwegian

"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio

"Ad-Aware Browsing Protection" = Ad-Aware Browsing Protection

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin

"All ATI Software" = ATI-ohjelmiston poisto-ohjelma

"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE v.6.81

"ATI Display Driver" = ATI Display Driver

"CCleaner" = CCleaner

"Google Chrome" = Google Chrome

"Greatis Reanimator_is1" = RegRun Reanimator

"Hardware sensors monitor 4.5_is1" = Hardware sensors monitor 4.5

"HWiNFO32_is1" = HWiNFO32 Version 4.06

"ie8" = Windows Internet Explorer 8

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versio 1.65.1.1000

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile FIN Language Pack" = Microsoft .NET Framework 4 Client Profilen suomen kielipaketti

"Mozilla Firefox 16.0.2 (x86 fi)" = Mozilla Firefox 16.0.2 (x86 fi)

"MozillaMaintenanceService" = Mozilla Maintenance Service

"MWSnap 3" = MWSnap 3

"Recuva" = Recuva

"Speccy" = Speccy

"uTorrent" = µTorrent

"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9

"WinRAR archiver" = WinRAR 4.20 (32-bit)

========== Last 20 Event Log Errors ==========

[ Application Events ]

Error - 14.11.2012 3:21:30 | Computer Name = YRITYS-E6A67C9C | Source = Application Error | ID = 1000

Description = Virhesovellus streamarmor.exe, versio 2.0.0.0, moduuli streamarmor.exe,

versio 2.0.0.0, osoite 0x00005e04.

Error - 14.11.2012 3:23:11 | Computer Name = YRITYS-E6A67C9C | Source = Application Error | ID = 1000

Description = Virhesovellus streamarmor.exe, versio 2.0.0.0, moduuli , versio 0.0.0.0,

osoite 0x00000000.

Error - 14.11.2012 3:35:37 | Computer Name = YRITYS-E6A67C9C | Source = Application Error | ID = 1000

Description = Virhesovellus streamarmor.exe, versio 2.0.0.0, moduuli streamarmor.exe,

versio 2.0.0.0, osoite 0x00005e04.

Error - 14.11.2012 3:36:32 | Computer Name = YRITYS-E6A67C9C | Source = Application Error | ID = 1000

Description = Virhesovellus streamarmor.exe, versio 2.0.0.0, moduuli streamarmor.exe,

versio 2.0.0.0, osoite 0x00005e04.

Error - 14.11.2012 3:37:07 | Computer Name = YRITYS-E6A67C9C | Source = Application Error | ID = 1000

Description = Virhesovellus streamarmor.exe, versio 2.0.0.0, moduuli streamarmor.exe,

versio 2.0.0.0, osoite 0x00005e04.

Error - 14.11.2012 3:41:08 | Computer Name = YRITYS-E6A67C9C | Source = Application Error | ID = 1000

Description = Virhesovellus streamarmor.exe, versio 2.0.0.0, moduuli streamarmor.exe,

versio 2.0.0.0, osoite 0x00005e04.

Error - 14.11.2012 3:58:55 | Computer Name = YRITYS-E6A67C9C | Source = Application Error | ID = 1000

Description = Virhesovellus streamarmor.exe, versio 2.0.0.0, moduuli streamarmor.exe,

versio 2.0.0.0, osoite 0x00005e04.

Error - 14.11.2012 6:56:28 | Computer Name = YRITYS-E6A67C9C | Source = Application Error | ID = 1000

Description = Virhesovellus streamarmor.exe, versio 1.1.0.0, moduuli streamarmor.exe,

versio 1.1.0.0, osoite 0x0004dc32.

Error - 14.11.2012 6:56:37 | Computer Name = YRITYS-E6A67C9C | Source = Application Error | ID = 1001

Description = Vikasäiliö2067239247.

Error - 14.11.2012 6:57:15 | Computer Name = YRITYS-E6A67C9C | Source = Application Error | ID = 1000

Description = Virhesovellus streamarmor.exe, versio 1.1.0.0, moduuli , versio 0.0.0.0,

osoite 0x00000000.

[ System Events ]

Error - 13.11.2012 14:04:19 | Computer Name = YRITYS-E6A67C9C | Source = SideBySide | ID = 16842811

Description = Resolve Partial Assembly epäonnistui. Syy: Microsoft.VC80.CRT. Viitteen

virhesanoma: Mainittua kokoonpanon osaa ei ole asennettu järjestelmään. .

Error - 13.11.2012 14:04:19 | Computer Name = YRITYS-E6A67C9C | Source = SideBySide | ID = 16842811

Description = Generate Activation Context epäonnistui. Syy: C:\WINDOWS\system32\atiadlxx.dll.

Viitteen

virhesanoma: Toiminto on suoritettu. .

Error - 14.11.2012 2:29:47 | Computer Name = YRITYS-E6A67C9C | Source = sr | ID = 1

Description = Järjestelmän palauttamisen suodatin havaitsi odottamattoman virheen

"0xC0000243" käsiteltäessä tiedostoa "SMR311.SYS" asemassa "HarddiskVolume1". Aseman

tarkkailu on lopetettu.

Error - 14.11.2012 2:29:52 | Computer Name = YRITYS-E6A67C9C | Source = PlugPlayManager | ID = 11

Description = Laite Root\LEGACY_SMR311\0000 katosi järjestelmästä ilman, että se

olisi ensin valmisteltu poistamista varten.

Error - 14.11.2012 2:29:54 | Computer Name = YRITYS-E6A67C9C | Source = Service Control Manager | ID = 7026

Description = Seuraava käynnistys- tai järjestelmäkäynnistysohjain ei latautunut:

SBRE

Error - 14.11.2012 3:26:15 | Computer Name = YRITYS-E6A67C9C | Source = Service Control Manager | ID = 7026

Description = Seuraava käynnistys- tai järjestelmäkäynnistysohjain ei latautunut:

SBRE

Error - 14.11.2012 3:39:11 | Computer Name = YRITYS-E6A67C9C | Source = DCOM | ID = 10005

Description = DCOM vastaanotti virheen "%1084" yrittäessään käynnistää palvelun

netman argumenteilla "" suorittaakseen palvelinosan: {BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error - 14.11.2012 3:39:19 | Computer Name = YRITYS-E6A67C9C | Source = DCOM | ID = 10005

Description = DCOM vastaanotti virheen "%1084" yrittäessään käynnistää palvelun

EventSystem argumenteilla "" suorittaakseen palvelinosan: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 14.11.2012 3:41:12 | Computer Name = YRITYS-E6A67C9C | Source = Service Control Manager | ID = 7001

Description = Palvelu DHCP-asiakas on riippuvainen palvelusta NetBIOS TCP/IP:n päällä,

jonka käynnistyminen epäonnistui virheen vuoksi: %%31

Error - 14.11.2012 3:41:12 | Computer Name = YRITYS-E6A67C9C | Source = Service Control Manager | ID = 7001

Description = Palvelu DNS-asiakas on riippuvainen palvelusta TCP/IP-protokollaohjain,

jonka käynnistyminen epäonnistui virheen vuoksi: %%31

< End of report >

Link to post
Share on other sites

The problems which your security product identified are:

========== Alternate Data Streams ==========

@Alternate Data Stream - 52 bytes -> C:\trojan.jpg:coranti

@Alternate Data Stream - 52 bytes -> C:\TIETOKONE.rtf:coranti

@Alternate Data Stream - 52 bytes -> C:\Thumbs.db:coranti

@Alternate Data Stream - 52 bytes -> C:\test.log:coranti

@Alternate Data Stream - 52 bytes -> C:\TDSSKiller.2.8.7.0_22.08.2012_20.15.09_log.txt:coranti

@Alternate Data Stream - 52 bytes -> C:\TDSSKiller.2.8.7.0_22.08.2012_20.12.26_log.txt:coranti

@Alternate Data Stream - 52 bytes -> C:\TDSSKiller.2.8.7.0_22.08.2012_20.11.48_log.txt:coranti

@Alternate Data Stream - 52 bytes -> C:\TDSSKiller.2.8.6.0_22.08.2012_19.52.46_log.txt:coranti

@Alternate Data Stream - 52 bytes -> C:\TDSSKiller.2.8.6.0_22.08.2012_19.48.36_log.txt:coranti

@Alternate Data Stream - 52 bytes -> C:\TDSSKiller.2.8.6.0_19.08.2012_10.26.20_log.txt:coranti

@Alternate Data Stream - 52 bytes -> C:\TDSSKiller.2.8.6.0_14.08.2012_17.27.42_log.txt:coranti

@Alternate Data Stream - 52 bytes -> C:\TDSSKiller.2.8.10.0_18.09.2012_16.26.12_log.txt:coranti

@Alternate Data Stream - 52 bytes -> C:\systweak2.jpg:coranti

@Alternate Data Stream - 52 bytes -> C:\systweak1.jpg:coranti

@Alternate Data Stream - 52 bytes -> C:\sound3.mid:coranti

@Alternate Data Stream - 52 bytes -> C:\sound2.mid:coranti

@Alternate Data Stream - 52 bytes -> C:\sound.mid:coranti

@Alternate Data Stream - 52 bytes -> C:\rescue-system_scan.log:coranti

@Alternate Data Stream - 52 bytes -> C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe:coranti

@Alternate Data Stream - 52 bytes -> C:\mylog.txt:coranti

@Alternate Data Stream - 52 bytes -> C:\lvcoinst.log:coranti

@Alternate Data Stream - 52 bytes -> C:\Install.log.txt:coranti

@Alternate Data Stream - 52 bytes -> C:\CONFIG.SYS:coranti

@Alternate Data Stream - 52 bytes -> C:\cmldr:coranti

They are legitimates and there is nothing to worry about. My suggestion is to change your AV.

Uninstall it and then choose one of these:

http://www.microsoft.com/windows/antivirus-partners/windows-xp.aspx

Link to post
Share on other sites

  • 2 weeks later...

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.