Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Computer suddenly really slow, infected?

Started by Ducon , May 02 2012 01:28 PM

Please log in to reply

#1
Ducon

Posted 02 May 2012 - 01:28 PM

Member

Member
17 posts

Everything I do is slow. Even closing a window or changing tabs on Firefox takes like 2-3 seconds.OTL log follows.

Edit: Seems there is something called wsearch running which shouldnt be there?

Edit 2: Managed to stop wsearch from running and it helped. Also comp is not doing something all the time anymore.

OTL logfile created on: 2.5.2012 21:43:26 - Run 1
OTL by OldTimer - Version 3.2.42.2 Folder = C:\Users\Jussi\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040B | Country: Suomi | Language: FIN | Date Format: d.M.yyyy

3,25 Gb Total Physical Memory | 1,80 Gb Available Physical Memory | 55,56% Memory free
6,73 Gb Paging File | 5,04 Gb Available in Paging File | 74,86% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 584,17 Gb Total Space | 289,40 Gb Free Space | 49,54% Space Free | Partition Type: NTFS
Drive D: | 596,17 Gb Total Space | 198,29 Gb Free Space | 33,26% Space Free | Partition Type: NTFS
Drive I: | 6,04 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: JUSSI-PC | User Name: Jussi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.05.02 21:42:42 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Jussi\Desktop\OTL.exe
PRC - [2012.04.26 10:02:39 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012.04.24 17:23:03 | 001,242,448 | ---- | M] (Valve Corporation) -- D:\Steam\Steam.exe
PRC - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.02.29 23:58:46 | 000,857,408 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2012.02.29 14:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012.01.24 18:24:26 | 002,416,480 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe
PRC - [2012.01.03 16:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.11.28 02:19:04 | 001,229,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe
PRC - [2011.10.12 07:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
PRC - [2011.10.10 07:23:34 | 000,973,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgemcx.exe
PRC - [2011.09.23 04:30:04 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
PRC - [2011.09.08 21:53:26 | 000,743,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe
PRC - [2011.08.15 07:21:40 | 000,337,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe
PRC - [2011.08.02 07:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2011.06.02 17:02:50 | 000,605,520 | ---- | M] (WinZip Computing, S.L. (WinZip Computing)) -- C:\Program Files\WinZip System Utilities Suite\WINZIPSSDefragSrv.exe
PRC - [2010.01.27 17:14:10 | 000,286,720 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe
PRC - [2009.04.11 09:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.11 09:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2001.11.12 14:31:48 | 000,020,480 | ---- | M] (X10) -- C:\Program Files\Common Files\X10\Common\X10nets.exe

========== Modules (No Company Name) ==========

MOD - [2012.04.27 17:31:29 | 008,797,344 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_2_202_233.dll
MOD - [2012.04.26 10:02:39 | 001,952,696 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012.04.24 17:24:53 | 020,297,512 | ---- | M] () -- D:\Steam\bin\libcef.dll
MOD - [2012.04.24 17:24:53 | 001,099,576 | ---- | M] () -- D:\Steam\bin\avcodec-53.dll
MOD - [2012.04.24 17:24:53 | 000,907,048 | ---- | M] () -- D:\Steam\bin\chromehtml.dll
MOD - [2012.04.24 17:24:53 | 000,190,776 | ---- | M] () -- D:\Steam\bin\avformat-53.dll
MOD - [2012.04.24 17:24:53 | 000,123,192 | ---- | M] () -- D:\Steam\bin\avutil-51.dll
MOD - [2012.02.29 14:26:28 | 000,360,768 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll

========== Win32 Services (SafeList) ==========

SRV - [2012.04.27 17:31:30 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.04.26 10:02:39 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.04.24 17:24:53 | 000,489,256 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.03.01 02:59:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.02.29 14:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012.01.20 16:52:04 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2012.01.03 16:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.10.12 07:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011.09.27 22:03:28 | 000,295,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2011.09.23 04:30:04 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2011.08.02 07:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011.06.13 22:09:22 | 000,267,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe -- (MatSvc)
SRV - [2011.06.02 17:02:50 | 000,605,520 | ---- | M] (WinZip Computing, S.L. (WinZip Computing)) [Auto | Running] -- C:\Program Files\WinZip System Utilities Suite\WINZIPSSDefragSrv.exe -- (WINZIPSSDiskOptimizer)
SRV - [2011.02.24 02:42:54 | 000,025,832 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Origin Games\Dragon Age\\bin_ship\DAUpdaterSvc.Service.exe -- (DAUpdaterSvc)
SRV - [2010.01.27 17:14:10 | 000,286,720 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2008.02.03 13:00:00 | 000,129,992 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\System32\ezsvc7.dll -- (ezSharedSvc)
SRV - [2008.01.21 05:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2001.11.12 14:31:48 | 000,020,480 | ---- | M] (X10) [Auto | Running] -- C:\Program Files\Common Files\X10\Common\X10nets.exe -- (x10nets)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | System | Stopped] -- C:\Windows\system32\drivers\vlcycgpk.sys -- (vlcycgpk)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\usbser_lowerflt.sys -- (upperdev)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010c\WNt500x86\Sandra.sys -- (SANDRA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\pccsmcfd.sys -- (pccsmcfd)
DRV - File not found [Kernel | System | Stopped] -- C:\Windows\system32\Drivers\nvport.sys -- (nvport)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - File not found [Kernel | System | Stopped] -- C:\Windows\system32\drivers\facicvgu.sys -- (facicvgu)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleXNt.sys -- (EagleXNt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\TEMP\cpuz135\cpuz135_x32.sys -- (cpuz135)
DRV - [2012.04.04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012.03.01 02:59:00 | 010,819,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2012.02.14 20:05:50 | 000,012,288 | ---- | M] (Philips PTCL) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MassDfu.sys -- (DFU)
DRV - [2011.10.07 07:23:48 | 000,230,608 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2011.10.04 07:21:16 | 000,016,720 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011.09.23 04:29:51 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011.09.23 04:29:51 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2011.09.13 07:30:10 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2011.09.02 09:31:28 | 000,039,192 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2011.09.02 09:31:28 | 000,030,360 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2011.09.02 09:31:20 | 000,041,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2011.08.08 07:08:58 | 000,040,016 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011.07.20 10:46:04 | 000,181,432 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm) SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.)
DRV - [2011.07.20 10:46:04 | 000,077,624 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus) SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.)
DRV - [2011.07.11 02:14:38 | 000,295,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011.07.11 02:14:02 | 000,024,272 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011.07.11 02:14:00 | 000,023,120 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV - [2011.07.11 02:13:58 | 000,134,736 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011.01.18 18:16:46 | 000,197,224 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2010.09.22 13:00:10 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2010.09.22 11:36:11 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2010.07.12 11:55:39 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\System32\drivers\Lbd.sys -- (Lbd)
DRV - [2010.06.30 19:01:04 | 000,011,832 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\amdide.sys -- (amdide)
DRV - [2010.06.03 11:33:54 | 001,596,672 | ---- | M] (Hauppauge Computer Works) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HCW85BDA.sys -- (HCW85BDA)
DRV - [2009.07.31 11:39:58 | 000,017,920 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\XENfiltv.sys -- (XENfiltv)
DRV - [2008.08.14 09:48:22 | 000,017,408 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\skfiltv.sys -- (skfiltv)
DRV - [2008.04.28 10:26:42 | 000,014,352 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO)
DRV - [2007.07.23 10:56:58 | 000,042,624 | ---- | M] (Ideazon Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Alpham1.sys -- (Alpham1)
DRV - [2007.06.29 15:47:34 | 000,034,304 | ---- | M] (AMD, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AmdLLD.sys -- (AmdLLD)
DRV - [2007.03.20 12:49:52 | 000,018,432 | ---- | M] (Ideazon Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Alpham2.sys -- (Alpham2)
DRV - [2006.11.17 10:31:04 | 000,013,976 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\x10hid.sys -- (X10Hid)
DRV - [2006.03.29 08:49:26 | 000,009,856 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\pfc.sys -- (pfc)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.pack...media_a6500_ncd
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...ng}&rlz=1I7ACPW

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.eset.com/...online-scanner/
IE - HKCU\..\SearchScopes,DefaultScope = {D6FC6DE7-6E20-4DD0-96B4-702A3517D535}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6454E83C-02FB-4BA5-969E-C1A616DDE186}: "URL" = http://search.yahoo....p={SearchTerms}
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...ng}&rlz=1I7ACPW
IE - HKCU\..\SearchScopes\{D6FC6DE7-6E20-4DD0-96B4-702A3517D535}: "URL" = http://www.google.co...ie7&rlz=1I7ACPW
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Turvalliset hakutoiminnot"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.newhorizonwow.com/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: [email protected]:5.0.1
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.9.9
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20110323
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.5
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.5
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.6
FF - prefs.js..keyword.URL: "http://search.yahoo....h?fr=mcafee&p="
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_233.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll File not found
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.2.72: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.2.72: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.2.72: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.2.72: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.2.72: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@fancyguo.com/FancyGame,version=1.0.0.1: C:\Users\Jussi\AppData\Local\Fancy\npfancygame.dll (Beijing FancyGuo Tech Ltd)
FF - HKCU\Software\MozillaPlugins\@onlive.com/OnLiveGameClientDetector,version=1.0.0: File not found
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Jussi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.02.21 06:14:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2012.02.28 02:10:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.04.26 10:02:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.04.11 12:41:30 | 000,000,000 | ---D | M]

[2009.02.22 19:15:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jussi\AppData\Roaming\mozilla\Extensions
[2012.04.27 17:32:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jussi\AppData\Roaming\mozilla\Firefox\Profiles\w7a81fei.default\extensions
[2011.03.11 21:41:52 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\Jussi\AppData\Roaming\mozilla\Firefox\Profiles\w7a81fei.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}(198)
[2012.03.02 23:06:58 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Jussi\AppData\Roaming\mozilla\Firefox\Profiles\w7a81fei.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2012.03.29 23:30:43 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Jussi\AppData\Roaming\mozilla\Firefox\Profiles\w7a81fei.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011.03.12 20:02:53 | 000,000,000 | ---D | M] (Element Hiding Helper for Adblock Plus) -- C:\Users\Jussi\AppData\Roaming\mozilla\Firefox\Profiles\w7a81fei.default\extensions\elemhidehelper@adblockplus(197).org
[2011.01.17 02:49:47 | 000,000,000 | ---D | M] (United States English Spellchecker) -- C:\Users\Jussi\AppData\Roaming\mozilla\Firefox\Profiles\w7a81fei.default\extensions\[email protected]
[2012.02.18 00:44:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
() (No name found) -- C:\USERS\JUSSI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W7A81FEI.DEFAULT\EXTENSIONS\{19503E42-CA3C-4C27-B1E2-9CDB2170EE34}.XPI
() (No name found) -- C:\USERS\JUSSI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W7A81FEI.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI
() (No name found) -- C:\USERS\JUSSI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W7A81FEI.DEFAULT\EXTENSIONS\{987311C6-B504-4AA2-90BF-60CC49808D42}.XPI
() (No name found) -- C:\USERS\JUSSI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W7A81FEI.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\JUSSI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W7A81FEI.DEFAULT\EXTENSIONS\[email protected]
[2009.07.02 03:01:20 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2012.04.26 10:02:39 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2009.03.31 22:47:26 | 000,324,976 | ---- | M] (Symantec Corporation) -- C:\Program Files\mozilla firefox\components\coFFPlgn.dll
[2012.02.17 19:58:20 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011.10.02 15:08:02 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011.10.02 15:08:02 | 000,002,062 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bookplus-fi.xml
[2011.03.05 09:38:32 | 000,001,069 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons-fi.xml
[2011.10.02 15:08:02 | 000,000,972 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-fi.xml
[2011.03.05 09:38:32 | 000,002,677 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\huuto-fi.xml
[2010.08.09 10:04:46 | 000,002,036 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2011.10.02 15:08:02 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fi.xml
[2011.10.02 15:08:02 | 000,001,100 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-fi.xml

O1 HOSTS File: ([2012.02.24 11:01:43 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [VolPanel] C:\Program Files\Creative\USB Headsets\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitd...can8/oscan8.cab (Reg Error: Key error.)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creat...13/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} http://ccfiles.creat...015/CTSUEng.cab (Creative Software AutoUpdate 2)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creat...10926/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{57D29552-3B29-4A65-8D61-D4E458B114ED}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{57D29552-3B29-4A65-8D61-D4E458B114ED}: NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img31.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img31.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.19 00:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (sasnative32)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012.05.02 21:42:40 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Users\Jussi\Desktop\OTL.exe
[2012.05.02 01:42:46 | 000,000,000 | ---D | C] -- C:\Users\Jussi\AppData\Local\SniperV2 Demo
[2012.04.30 08:53:30 | 103,572,582 | ---- | C] (Basilisk Games ) -- C:\Users\Jussi\eb1_setup_106.exe
[2012.04.29 21:26:49 | 000,000,000 | ---D | C] -- C:\getnzb-segment
[2012.04.29 08:20:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eschalon Book II
[2012.04.29 08:20:03 | 000,000,000 | ---D | C] -- C:\Program Files\Eschalon Book II
[2012.04.28 02:44:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Digital - A Love Story
[2012.04.27 16:40:49 | 000,000,000 | ---D | C] -- C:\Users\Jussi\Documents\Usenet Downloads
[2012.04.27 16:39:32 | 000,000,000 | ---D | C] -- C:\Users\Jussi\AppData\Local\GetNZB
[2012.04.27 16:39:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GetNZB
[2012.04.27 16:39:30 | 000,000,000 | ---D | C] -- C:\Program Files\GetNZB
[2012.04.26 10:02:45 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012.04.26 10:02:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012.04.26 03:01:34 | 000,000,000 | ---D | C] -- C:\Users\Jussi\AppData\Local\BladesOfTimeDemo
[2012.04.25 23:31:02 | 000,092,176 | ---- | C] (VideoSoft) -- C:\Windows\System\VSVBX.VBX
[2012.04.25 23:31:02 | 000,064,432 | ---- | C] (Sheridan Software Systems, Inc.) -- C:\Windows\System\THREED.VBX
[2012.04.25 23:29:54 | 005,443,072 | ---- | C] (Decklin's Domain) -- C:\Users\Jussi\MordorV1-1_DepthsSetup.exe
[2012.04.24 23:43:42 | 000,000,000 | ---D | C] -- C:\Users\Jussi\AppData\Roaming\crawl
[2012.04.24 23:05:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dungeon Crawl Stone Soup
[2012.04.24 23:05:55 | 000,000,000 | ---D | C] -- C:\Program Files\Crawl
[2012.04.24 05:23:35 | 000,000,000 | ---D | C] -- C:\Program Files\AVWW
[2012.04.24 04:45:03 | 000,000,000 | -HSD | C] -- C:\ProgramData\SecuROM
[2012.04.24 04:45:01 | 000,000,000 | ---D | C] -- C:\Users\Jussi\Documents\ArcaniA - Gothic 4 Demo
[2012.04.24 04:29:37 | 392,017,154 | ---- | C] (Arcen Games, LLC) -- C:\Users\Jussi\AVWWSetup-windows.exe
[2012.04.23 20:38:30 | 000,000,000 | ---D | C] -- C:\Users\Jussi\AppData\Local\amd
[2012.04.23 20:38:23 | 000,161,280 | ---- | C] (Firelight Technologies Pty, Ltd) -- C:\Windows\System32\fmod.dll
[2012.04.23 20:38:00 | 000,220,672 | ---- | C] (JB) -- C:\Windows\System32\vbskfr2.ocx
[2012.04.23 20:38:00 | 000,040,960 | ---- | C] (Andrew Keat, [email protected], http://aktools.rentmaster.co.nz) -- C:\Windows\System32\akprogressbar.ocx
[2012.04.23 00:19:37 | 000,000,000 | ---D | C] -- C:\Program Files\Driftmoon
[2012.04.20 17:51:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net
[2012.04.19 20:50:26 | 000,000,000 | ---D | C] -- C:\Users\Jussi\Documents\BotaniculaSaves
[2012.04.17 21:06:23 | 000,000,000 | ---D | C] -- C:\Users\Jussi\AppData\Local\Insanely Twisted Shadow Planet
[2012.04.15 15:47:07 | 000,000,000 | ---D | C] -- C:\Users\Jussi\T-Engine
[2012.04.14 16:36:39 | 000,000,000 | ---D | C] -- C:\Users\Jussi\AppData\Local\Driftmoon
[2012.04.14 16:36:36 | 000,000,000 | ---D | C] -- C:\Users\Jussi\Documents\Driftmoon
[2012.04.14 16:34:32 | 102,239,397 | ---- | C] (Instant Kingdom ) -- C:\Users\Jussi\Driftmoon_2012_03_26.exe
[2012.04.11 20:34:31 | 000,000,000 | ---D | C] -- C:\Users\Jussi\Documents\Almost Human
[2012.04.10 08:40:31 | 000,000,000 | ---D | C] -- C:\Program Files\A.I.M 2
[2012.04.10 07:31:29 | 000,000,000 | ---D | C] -- C:\Program Files\1C Company
[2012.04.09 16:21:40 | 000,000,000 | ---D | C] -- C:\Program Files\Pathologic
[2012.04.09 15:07:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project Black Sun
[2012.04.09 15:07:25 | 000,000,000 | ---D | C] -- C:\Program Files\Project Black Sun
[2012.04.08 08:08:50 | 000,000,000 | ---D | C] -- C:\Users\Jussi\Documents\EA Games
[2012.04.08 08:06:39 | 000,000,000 | ---D | C] -- C:\Users\Jussi\AppData\Local\EA Games
[2012.04.08 08:06:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Solidshield
[2012.04.08 06:37:35 | 000,000,000 | ---D | C] -- C:\Users\Jussi\AppData\Roaming\Worthless Bums
[2012.04.08 05:59:55 | 000,000,000 | ---D | C] -- C:\Users\Jussi\AppData\Roaming\3DeadZed
[2012.04.08 05:59:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gentleman Squid
[2012.04.08 05:59:17 | 000,000,000 | ---D | C] -- C:\Program Files\Gentleman Squid
[2012.04.06 22:36:05 | 000,000,000 | ---D | C] -- C:\Users\Jussi\AppData\Local\Demiurge Studios
[2012.04.06 10:26:18 | 000,000,000 | ---D | C] -- C:\Users\Jussi\Documents\ProjectBlackSun
[2012.04.06 00:34:36 | 000,000,000 | ---D | C] -- C:\Users\Jussi\AppData\Local\Targem
[2012.04.06 00:33:37 | 000,000,000 | ---D | C] -- C:\Windows\System32\AGEIA
[2012.04.06 00:08:56 | 000,000,000 | ---D | C] -- C:\Program Files\DevilWhiskey
[2012.04.05 07:26:42 | 000,000,000 | ---D | C] -- C:\Users\Jussi\Documents\TwinSector
[2012.04.04 23:33:31 | 000,000,000 | ---D | C] -- C:\Users\Jussi\.droid_assault_1.90.1
[2012.04.04 23:33:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Droid Assault
[2012.04.04 23:33:02 | 000,000,000 | ---D | C] -- C:\Program Files\Droid Assault
[2012.04.04 23:31:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ultratron
[2012.04.04 20:04:26 | 000,000,000 | ---D | C] -- C:\Users\Jussi\Documents\EXPLODEMON!
[2012.04.04 06:38:40 | 000,000,000 | ---D | C] -- C:\Users\Jussi\AppData\Roaming\LS
[2012.04.04 05:53:42 | 000,000,000 | ---D | C] -- C:\Users\Jussi\AppData\Roaming\offspringfling
[2012.04.04 05:53:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Offspring Fling
[2012.04.04 05:53:35 | 000,000,000 | ---D | C] -- C:\Program Files\Offspring Fling
[2012.04.03 16:59:07 | 000,004,608 | ---- | C] (Halo Shg) -- C:\Users\Jussi\CleanMem.dll
[2012.04.03 16:55:53 | 000,000,000 | ---D | C] -- C:\Users\Jussi\Data

========== Files - Modified Within 30 Days ==========

[2012.05.02 21:42:42 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Jussi\Desktop\OTL.exe
[2012.05.02 21:33:44 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.05.02 21:33:44 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.05.02 21:30:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\Laajennettu takuu-Jussi.job
[2012.05.02 21:09:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.05.02 17:02:19 | 096,885,911 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2012.05.02 03:16:04 | 000,000,200 | ---- | M] () -- C:\Users\Jussi\Desktop\Sniper Elite.url
[2012.05.01 23:33:15 | 000,000,752 | ---- | M] () -- C:\Users\Public\Desktop\World of Warcraft.lnk
[2012.05.01 21:38:05 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Users\Jussi\TFC.exe
[2012.05.01 21:33:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.05.01 20:15:05 | 000,000,185 | ---- | M] () -- C:\Users\Jussi\Desktop\Crazy Machines Elements.url
[2012.04.30 08:56:50 | 103,572,582 | ---- | M] (Basilisk Games ) -- C:\Users\Jussi\eb1_setup_106.exe
[2012.04.30 04:39:56 | 000,206,336 | ---- | M] () -- C:\Users\Jussi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.04.29 18:11:45 | 000,081,579 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm
[2012.04.29 08:20:54 | 000,000,743 | ---- | M] () -- C:\Users\Public\Desktop\Eschalon Book II.lnk
[2012.04.29 06:27:32 | 298,042,692 | ---- | M] () -- C:\Users\Jussi\eb2_setup_v105.zip
[2012.04.29 01:28:03 | 000,000,202 | ---- | M] () -- C:\Users\Jussi\Desktop\The Walking Dead.url
[2012.04.28 06:46:40 | 148,454,522 | ---- | M] () -- C:\Users\Jussi\Telepath RPG Servants of God.air
[2012.04.28 00:31:46 | 035,890,680 | ---- | M] () -- C:\Users\Jussi\digital-1.1.exe
[2012.04.27 16:45:13 | 005,922,422 | ---- | M] () -- C:\Users\Jussi\set_12.rar
[2012.04.27 16:39:32 | 000,000,739 | ---- | M] () -- C:\Users\Public\Desktop\GetNZB.lnk
[2012.04.27 16:38:16 | 004,428,026 | ---- | M] () -- C:\Users\Jussi\install-getnzb-c35126.zip
[2012.04.27 15:38:49 | 000,000,869 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.04.25 23:33:56 | 000,000,115 | ---- | M] () -- C:\Windows\MORDOR.INI
[2012.04.25 23:29:57 | 005,443,072 | ---- | M] (Decklin's Domain) -- C:\Users\Jussi\MordorV1-1_DepthsSetup.exe
[2012.04.25 00:17:06 | 000,000,757 | ---- | M] () -- C:\Users\Jussi\Desktop\crawl-tiles – Pikakuvake.lnk
[2012.04.24 23:05:00 | 009,577,750 | ---- | M] () -- C:\Users\Jussi\stone_soup-0.10.2-win32-installer.exe
[2012.04.24 04:54:18 | 392,017,154 | ---- | M] (Arcen Games, LLC) -- C:\Users\Jussi\AVWWSetup-windows.exe
[2012.04.23 21:35:55 | 000,000,201 | ---- | M] () -- C:\Users\Jussi\Desktop\Warhammer 40,000 Space Marine.url
[2012.04.22 23:43:40 | 000,290,825 | ---- | M] () -- C:\Users\Jussi\Download Driftmoon (Alpha).exe
[2012.04.22 13:03:04 | 004,257,280 | ---- | M] () -- C:\Users\Jussi\tiggit_setup.exe
[2012.04.20 00:18:59 | 000,000,201 | ---- | M] () -- C:\Users\Jussi\Desktop\MacGuffin's Curse.url
[2012.04.19 20:38:23 | 000,000,172 | ---- | M] () -- C:\Users\Jussi\Desktop\Botanicula.url
[2012.04.19 00:41:03 | 000,641,362 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.04.19 00:41:03 | 000,491,218 | ---- | M] () -- C:\Windows\System32\perfh00B.dat
[2012.04.19 00:41:03 | 000,107,648 | ---- | M] () -- C:\Windows\System32\perfc00B.dat
[2012.04.19 00:41:02 | 000,123,142 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.04.17 21:03:39 | 000,000,202 | ---- | M] () -- C:\Users\Jussi\Desktop\Insanely Twisted Shadow Planet.url
[2012.04.15 15:45:21 | 128,074,260 | ---- | M] () -- C:\Users\Jussi\t-engine4-windows-1.0.0beta38.zip
[2012.04.14 16:35:27 | 102,239,397 | ---- | M] (Instant Kingdom ) -- C:\Users\Jussi\Driftmoon_2012_03_26.exe
[2012.04.14 06:06:47 | 000,001,356 | ---- | M] () -- C:\Users\Jussi\AppData\Local\d3d9caps.dat
[2012.04.11 21:38:02 | 000,000,202 | ---- | M] () -- C:\Users\Jussi\Desktop\Legend of Grimrock.url
[2012.04.11 20:24:42 | 483,918,688 | ---- | M] () -- C:\Users\Jussi\grimrock-rc6-1.1.3-installer.zip
[2012.04.11 20:05:28 | 000,000,202 | ---- | M] () -- C:\Users\Jussi\Desktop\Avernum Escape From the Pit.url
[2012.04.11 07:22:41 | 001,161,823 | ---- | M] () -- C:\Users\Jussi\powder117_win.zip
[2012.04.10 23:14:08 | 000,290,825 | ---- | M] () -- C:\Users\Jussi\Download Theatre of War 2- Battle for Caen Special Edition.exe
[2012.04.10 09:05:44 | 000,290,825 | ---- | M] () -- C:\Users\Jussi\Download Star Wolves.exe
[2012.04.10 08:00:45 | 000,290,825 | ---- | M] () -- C:\Users\Jussi\Download A.I.M 2.exe
[2012.04.10 06:51:31 | 000,290,825 | ---- | M] () -- C:\Users\Jussi\Download NecroVisioN- Lost Company.exe
[2012.04.09 15:07:30 | 000,000,865 | ---- | M] () -- C:\Users\Public\Desktop\Project Black Sun.lnk
[2012.04.08 22:47:46 | 000,000,202 | ---- | M] () -- C:\Users\Jussi\Desktop\Waves.url
[2012.04.08 05:59:22 | 000,001,972 | ---- | M] () -- C:\Users\Public\Desktop\Launch 3DeadZed.exe.lnk
[2012.04.06 22:19:48 | 000,000,201 | ---- | M] () -- C:\Users\Jussi\Desktop\Shoot Many Robots.url
[2012.04.06 18:18:33 | 026,729,858 | ---- | M] () -- C:\Users\Jussi\DWMEGAMOD-v02a.zip
[2012.04.06 04:56:40 | 030,412,800 | ---- | M] () -- C:\Users\Jussi\PhysX-9.12.0213-SystemSoftware.msi
[2012.04.06 03:27:16 | 000,000,202 | ---- | M] () -- C:\Users\Jussi\Desktop\Hack, Slash, Loot.url
[2012.04.06 01:35:24 | 001,199,639 | ---- | M] () -- C:\Users\Jussi\Puckbang.zip
[2012.04.05 06:20:39 | 000,000,201 | ---- | M] () -- C:\Users\Jussi\Desktop\Diamond Dan.url
[2012.04.04 23:32:30 | 051,725,678 | ---- | M] () -- C:\Users\Jussi\SetupDroidAssaultDemo.exe
[2012.04.04 23:31:52 | 000,001,649 | ---- | M] () -- C:\Users\Public\Desktop\Ultratron.lnk
[2012.04.04 23:31:13 | 031,417,946 | ---- | M] () -- C:\Users\Jussi\SetupUltratronDemo.exe
[2012.04.04 19:23:47 | 000,000,202 | ---- | M] () -- C:\Users\Jussi\Desktop\Alien Zombie Megadeath.url
[2012.04.04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.04.04 06:44:48 | 000,000,787 | ---- | M] () -- C:\Users\Jussi\Desktop\LoneSurvivor – Pikakuvake.lnk
[2012.04.04 06:36:39 | 090,416,115 | ---- | M] () -- C:\Users\Jussi\LoneSurvivor-PC.zip
[2012.04.04 05:53:39 | 000,000,929 | ---- | M] () -- C:\Users\Public\Desktop\Offspring Fling.lnk
[2012.04.04 05:48:34 | 053,646,743 | ---- | M] () -- C:\Users\Jussi\OffspringFlingWIN.zip
[2012.04.04 05:04:09 | 299,348,632 | ---- | M] () -- C:\Users\Jussi\Alec Holowka - Aquaria- Original Soundtrack.zip
[2012.04.03 21:20:02 | 000,000,202 | ---- | M] () -- C:\Users\Jussi\Desktop\Rayman Origins.url
[2012.04.03 17:34:24 | 000,000,200 | ---- | M] () -- C:\Users\Jussi\Desktop\FlatOut.url
[2012.04.03 16:59:07 | 000,004,608 | ---- | M] (Halo Shg) -- C:\Users\Jussi\CleanMem.dll
[2012.04.03 04:20:13 | 000,000,200 | ---- | M] () -- C:\Users\Jussi\Desktop\Tomb Raider Anniversary.url

========== Files Created - No Company Name ==========

[2012.05.02 03:16:04 | 000,000,200 | ---- | C] () -- C:\Users\Jussi\Desktop\Sniper Elite.url
[2012.05.01 20:15:05 | 000,000,185 | ---- | C] () -- C:\Users\Jussi\Desktop\Crazy Machines Elements.url
[2012.04.29 08:20:54 | 000,000,743 | ---- | C] () -- C:\Users\Public\Desktop\Eschalon Book II.lnk
[2012.04.29 06:23:24 | 298,042,692 | ---- | C] () -- C:\Users\Jussi\eb2_setup_v105.zip
[2012.04.29 01:28:03 | 000,000,202 | ---- | C] () -- C:\Users\Jussi\Desktop\The Walking Dead.url
[2012.04.28 06:33:43 | 148,454,522 | ---- | C] () -- C:\Users\Jussi\Telepath RPG Servants of God.air
[2012.04.28 00:29:05 | 035,890,680 | ---- | C] () -- C:\Users\Jussi\digital-1.1.exe
[2012.04.27 16:44:37 | 005,922,422 | ---- | C] () -- C:\Users\Jussi\set_12.rar
[2012.04.27 16:39:32 | 000,000,739 | ---- | C] () -- C:\Users\Public\Desktop\GetNZB.lnk
[2012.04.27 16:38:15 | 004,428,026 | ---- | C] () -- C:\Users\Jussi\install-getnzb-c35126.zip
[2012.04.25 23:33:30 | 000,000,115 | ---- | C] () -- C:\Windows\MORDOR.INI
[2012.04.25 23:31:02 | 000,029,376 | ---- | C] () -- C:\Windows\System\MSGBLAST.VBX
[2012.04.25 23:31:02 | 000,018,688 | ---- | C] () -- C:\Windows\System\CMDIALOG.VBX
[2012.04.25 00:17:06 | 000,000,757 | ---- | C] () -- C:\Users\Jussi\Desktop\crawl-tiles – Pikakuvake.lnk
[2012.04.24 23:04:51 | 009,577,750 | ---- | C] () -- C:\Users\Jussi\stone_soup-0.10.2-win32-installer.exe
[2012.04.23 21:35:55 | 000,000,201 | ---- | C] () -- C:\Users\Jussi\Desktop\Warhammer 40,000 Space Marine.url
[2012.04.22 23:43:39 | 000,290,825 | ---- | C] () -- C:\Users\Jussi\Download Driftmoon (Alpha).exe
[2012.04.22 13:02:39 | 004,257,280 | ---- | C] () -- C:\Users\Jussi\tiggit_setup.exe
[2012.04.20 00:18:59 | 000,000,201 | ---- | C] () -- C:\Users\Jussi\Desktop\MacGuffin's Curse.url
[2012.04.19 20:38:23 | 000,000,172 | ---- | C] () -- C:\Users\Jussi\Desktop\Botanicula.url
[2012.04.17 21:03:39 | 000,000,202 | ---- | C] () -- C:\Users\Jussi\Desktop\Insanely Twisted Shadow Planet.url
[2012.04.15 15:43:52 | 128,074,260 | ---- | C] () -- C:\Users\Jussi\t-engine4-windows-1.0.0beta38.zip
[2012.04.11 21:38:02 | 000,000,202 | ---- | C] () -- C:\Users\Jussi\Desktop\Legend of Grimrock.url
[2012.04.11 20:05:28 | 000,000,202 | ---- | C] () -- C:\Users\Jussi\Desktop\Avernum Escape From the Pit.url
[2012.04.11 20:02:59 | 483,918,688 | ---- | C] () -- C:\Users\Jussi\grimrock-rc6-1.1.3-installer.zip
[2012.04.11 07:22:40 | 001,161,823 | ---- | C] () -- C:\Users\Jussi\powder117_win.zip
[2012.04.10 23:14:07 | 000,290,825 | ---- | C] () -- C:\Users\Jussi\Download Theatre of War 2- Battle for Caen Special Edition.exe
[2012.04.10 09:05:42 | 000,290,825 | ---- | C] () -- C:\Users\Jussi\Download Star Wolves.exe
[2012.04.10 08:00:44 | 000,290,825 | ---- | C] () -- C:\Users\Jussi\Download A.I.M 2.exe
[2012.04.10 06:51:30 | 000,290,825 | ---- | C] () -- C:\Users\Jussi\Download NecroVisioN- Lost Company.exe
[2012.04.09 15:07:30 | 000,000,865 | ---- | C] () -- C:\Users\Public\Desktop\Project Black Sun.lnk
[2012.04.08 22:47:46 | 000,000,202 | ---- | C] () -- C:\Users\Jussi\Desktop\Waves.url
[2012.04.08 05:59:22 | 000,001,972 | ---- | C] () -- C:\Users\Public\Desktop\Launch 3DeadZed.exe.lnk
[2012.04.06 22:19:48 | 000,000,201 | ---- | C] () -- C:\Users\Jussi\Desktop\Shoot Many Robots.url
[2012.04.06 18:17:06 | 026,729,858 | ---- | C] () -- C:\Users\Jussi\DWMEGAMOD-v02a.zip
[2012.04.06 04:56:15 | 030,412,800 | ---- | C] () -- C:\Users\Jussi\PhysX-9.12.0213-SystemSoftware.msi
[2012.04.06 03:27:16 | 000,000,202 | ---- | C] () -- C:\Users\Jussi\Desktop\Hack, Slash, Loot.url
[2012.04.06 01:35:23 | 001,199,639 | ---- | C] () -- C:\Users\Jussi\Puckbang.zip
[2012.04.05 06:20:39 | 000,000,201 | ---- | C] () -- C:\Users\Jussi\Desktop\Diamond Dan.url
[2012.04.04 23:31:52 | 000,001,649 | ---- | C] () -- C:\Users\Public\Desktop\Ultratron.lnk
[2012.04.04 23:30:07 | 051,725,678 | ---- | C] () -- C:\Users\Jussi\SetupDroidAssaultDemo.exe
[2012.04.04 23:29:43 | 031,417,946 | ---- | C] () -- C:\Users\Jussi\SetupUltratronDemo.exe
[2012.04.04 19:23:47 | 000,000,202 | ---- | C] () -- C:\Users\Jussi\Desktop\Alien Zombie Megadeath.url
[2012.04.04 19:12:05 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.04.04 06:44:48 | 000,000,787 | ---- | C] () -- C:\Users\Jussi\Desktop\LoneSurvivor – Pikakuvake.lnk
[2012.04.04 06:33:14 | 090,416,115 | ---- | C] () -- C:\Users\Jussi\LoneSurvivor-PC.zip
[2012.04.04 05:53:39 | 000,000,929 | ---- | C] () -- C:\Users\Public\Desktop\Offspring Fling.lnk
[2012.04.04 05:47:48 | 053,646,743 | ---- | C] () -- C:\Users\Jussi\OffspringFlingWIN.zip
[2012.04.04 04:49:00 | 299,348,632 | ---- | C] () -- C:\Users\Jussi\Alec Holowka - Aquaria- Original Soundtrack.zip
[2012.04.03 21:20:02 | 000,000,202 | ---- | C] () -- C:\Users\Jussi\Desktop\Rayman Origins.url
[2012.04.03 17:34:24 | 000,000,200 | ---- | C] () -- C:\Users\Jussi\Desktop\FlatOut.url
[2012.04.03 04:20:13 | 000,000,200 | ---- | C] () -- C:\Users\Jussi\Desktop\Tomb Raider Anniversary.url
[2012.02.29 14:26:56 | 000,416,064 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe
[2012.01.20 16:55:36 | 000,025,262 | ---- | C] () -- C:\Windows\System32\xfisk.ini
[2012.01.20 16:55:36 | 000,000,052 | ---- | C] () -- C:\Windows\System32\ctzapxx.ini
[2012.01.20 16:55:29 | 000,001,209 | ---- | C] () -- C:\Windows\skSPcfg.ini
[2012.01.20 16:55:29 | 000,000,381 | ---- | C] () -- C:\Windows\skMCcfg.ini
[2012.01.20 16:55:11 | 000,128,512 | ---- | C] () -- C:\Windows\System32\APOMngr.DLL
[2012.01.20 16:55:11 | 000,069,120 | ---- | C] () -- C:\Windows\System32\CmdRtr.DLL
[2011.11.22 10:18:47 | 000,080,896 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2011.10.26 05:27:15 | 000,001,940 | ---- | C] () -- C:\Users\Jussi\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2011.10.03 20:39:06 | 000,000,059 | ---- | C] () -- C:\Windows\RUNAWAY2.INI
[2011.09.28 18:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011.08.16 18:18:02 | 000,032,288 | ---- | C] () -- C:\Windows\System32\xfiXEN.ini
[2011.08.06 14:20:44 | 000,002,220 | ---- | C] () -- C:\Windows\System32\ASOROSet.bin
[2011.07.26 17:26:46 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2011.07.26 17:26:46 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2011.07.26 17:26:46 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2011.07.26 17:26:46 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2011.07.20 03:55:36 | 000,000,200 | ---- | C] () -- C:\Users\Jussi\AppData\Roaming\Lucid_player_profiles_data.dat
[2011.07.20 03:55:36 | 000,000,008 | ---- | C] () -- C:\Users\Jussi\AppData\Roaming\Lucid_player_highscore.dat
[2011.07.03 05:14:59 | 000,138,056 | ---- | C] () -- C:\Users\Jussi\AppData\Roaming\PnkBstrK.sys
[2011.07.03 05:14:23 | 002,434,856 | ---- | C] () -- C:\Windows\System32\pbsvc_bc2.exe
[2011.06.21 13:03:42 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
[2011.06.06 09:21:46 | 000,000,093 | ---- | C] () -- C:\Users\Jussi\AppData\Local\fusioncache.dat
[2011.03.20 05:28:54 | 000,140,024 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2011.03.20 05:06:11 | 000,280,768 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2011.03.20 05:06:09 | 000,075,136 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2011.01.02 02:00:28 | 000,000,013 | ---- | C] () -- C:\Windows\popcinfo.dat
[2010.09.02 18:30:02 | 000,001,645 | ---- | C] () -- C:\Windows\wininit.ini
[2010.08.27 11:56:39 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2010.08.27 11:56:37 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2010.08.25 19:09:51 | 000,069,632 | R--- | C] () -- C:\Windows\System32\xmltok.dll
[2010.08.25 19:09:51 | 000,036,864 | R--- | C] () -- C:\Windows\System32\xmlparse.dll
[2010.08.02 18:52:19 | 000,026,340 | ---- | C] () -- C:\Users\Jussi\AppData\Roaming\UserTile.png
[2010.07.24 15:38:35 | 000,000,286 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010.06.30 16:03:30 | 000,000,897 | ---- | C] () -- C:\Windows\cdplayer.ini

========== LOP Check ==========

[2012.01.05 00:22:57 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\.minecraft
[2010.12.15 00:46:19 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\2K Sports
[2012.04.08 05:59:55 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\3DeadZed
[2010.11.29 00:08:16 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Atlus
[2011.03.15 05:14:36 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\AtomZombieData
[2011.03.01 09:44:05 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\AtomZombieDemoData
[2012.02.21 20:35:58 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\AVG
[2012.02.28 02:11:17 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\AVG2012
[2012.04.24 20:01:28 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Azureus
[2010.11.07 23:20:44 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Basilisk Games
[2011.10.05 05:59:30 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Beat Hazard
[2012.01.18 10:49:47 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\BigHugeEngine
[2012.01.01 10:28:42 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Bioshock
[2011.12.24 02:15:15 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\bizarre creations
[2012.01.08 01:07:02 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Braid
[2012.03.17 13:59:59 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Brawsome
[2010.10.07 13:31:15 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Broken Rules
[2010.11.07 17:50:38 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Chime
[2011.02.26 06:35:35 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Cipher Prime
[2010.11.20 04:34:37 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Clones
[2010.11.19 01:10:06 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\ClonesDemo
[2011.05.27 01:01:00 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Cobra Mobile
[2011.07.24 00:27:59 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Codemasters
[2011.05.28 22:28:00 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Colibri Games
[2012.02.29 09:59:38 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\com.cipherprime.auditorium
[2012.02.24 22:19:54 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\com.tametick.CardinalQuest
[2012.04.24 23:43:42 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\crawl
[2011.07.12 15:44:43 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Crayon Physics Deluxe
[2012.01.25 21:07:19 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\DarknessIIDemo
[2011.06.21 01:47:33 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\DarksporeData
[2012.01.22 23:56:44 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\DefendersQuest
[2010.11.27 20:50:25 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\DocClockGame
[2011.12.30 05:31:15 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Doublefine
[2011.08.21 17:15:48 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Downloaded Installations
[2011.07.20 02:02:19 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Dwarfs
[2011.07.27 01:44:51 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Endless Fluff Games
[2010.10.18 03:54:07 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Faerie Solitaire
[2011.06.02 08:26:18 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\FatShark
[2012.02.28 20:10:29 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\fltk.org
[2010.12.23 21:11:16 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Fortix
[2011.07.10 06:40:15 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\fotw
[2011.02.26 06:35:33 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Fractal
[2010.09.22 11:37:36 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Games
[2011.07.10 17:26:27 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\GamesFaction
[2011.08.31 22:16:24 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Gatling Gears
[2012.04.02 02:46:13 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Greenshot
[2012.01.26 22:51:48 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\HackSlashLoot
[2011.08.31 23:50:12 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Hothead Games
[2009.01.24 03:06:27 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Ideazon
[2012.02.24 04:06:03 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\IrfanView
[2011.01.03 02:41:28 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\ITTNord
[2011.03.10 21:25:18 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Kalypso Media
[2012.03.29 12:46:31 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Leadertech
[2011.10.19 21:37:05 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\LightFish
[2011.06.25 07:29:27 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\LolClient
[2011.07.05 20:45:54 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Longbow Digital Arts
[2012.04.04 06:38:40 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\LS
[2010.09.19 12:25:19 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\LucasArts
[2011.10.15 00:08:57 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Might & Magic Heroes VI
[2011.08.23 00:19:31 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Might & Magic Heroes VI - Public Closed Beta
[2011.05.24 06:52:58 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\MinMaxGames
[2010.09.22 10:43:31 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Mount&Blade Warband
[2010.09.29 21:36:02 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\My Games
[2011.07.02 06:46:41 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\NationRed
[2011.03.02 02:39:43 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Nicalis
[2011.07.03 06:11:11 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Nifflas
[2010.04.29 19:29:37 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Nokia
[2012.01.31 06:28:38 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Nooskewl
[2011.07.11 02:44:46 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Nucleosys
[2012.04.04 05:53:42 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\offspringfling
[2012.03.01 20:39:08 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\OnLive App
[2010.07.15 13:34:23 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\OpenDNS Updater
[2009.02.15 18:38:10 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\OpenOffice.org
[2010.04.07 03:27:11 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Opera
[2012.03.08 17:45:04 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Origin
[2009.01.26 17:30:04 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Packard Bell
[2010.04.29 18:05:21 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\PC Suite
[2010.08.02 18:52:19 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\PeerNetworking
[2011.06.20 03:30:30 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Peter Brinson and Kurosh ValaNejad
[2011.07.19 02:28:39 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\PlayFirst
[2010.11.26 13:35:07 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\PopCapv1002
[2011.03.20 05:06:00 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\PunkBuster
[2012.02.03 19:02:16 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Quest3D
[2011.12.06 07:17:21 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\RayV
[2010.11.03 16:15:19 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\ReactGames
[2010.12.27 23:09:57 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Relentless Software
[2012.04.28 02:44:47 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\RenPy
[2011.07.11 20:39:25 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\RIFT
[2012.02.21 01:45:16 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\RotMG.Production
[2010.10.01 19:31:44 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\runic games
[2010.11.20 01:41:07 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Safer Networking
[2011.08.08 10:18:59 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Samsung
[2012.02.22 16:25:03 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Scoregasm
[2012.02.21 05:07:51 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\SinisterDesign.TelepathRPGServantsOfGod.9734F53159B682152B7C442264602A0CEA7C53C9.1
[2011.10.06 23:40:09 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Sports Interactive
[2010.09.27 21:23:00 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\SquareLogic
[2011.01.12 23:16:54 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Systweak
[2011.02.25 14:59:02 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\The Creative Assembly
[2010.09.24 19:14:29 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\The Path
[2010.05.31 20:00:28 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Tific
[2011.07.07 19:35:49 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Tilted Mill
[2011.11.20 18:42:38 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\To the Moon - Freebird Games
[2011.09.28 11:07:58 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Total Eclipse
[2011.10.27 05:43:32 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Trine2
[2011.08.12 00:12:14 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Tropico 3 Demo
[2011.03.19 15:52:03 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Ubisoft
[2011.08.09 16:12:40 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Unity
[2012.01.11 18:53:51 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Unity of Command
[2012.01.02 20:33:44 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\VertexDispenser
[2012.03.20 22:00:15 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Waveform
[2010.11.28 10:45:39 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Windows Live Writer
[2010.06.20 02:23:09 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\WinPatrol
[2010.12.18 01:13:10 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\WinterVoices
[2011.08.02 00:36:21 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\WinZip
[2010.11.22 05:45:09 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\WordPirate
[2012.04.08 06:37:35 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Worthless Bums
[2010.10.16 17:03:21 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\YoudaGames
[2010.09.28 08:15:20 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Zen of Sudoku
[2011.08.16 04:22:36 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\ZenBound2
[2010.12.21 01:26:13 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\ZombieDriver
[2012.05.02 21:30:00 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\Laajennettu takuu-Jussi.job
[2012.05.01 21:32:20 | 000,032,596 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 55885 bytes -> C:\ProgramData:$SS_DESCRIPTOR_PVX2VCGKMVF9FFNYTK1RVDNJCML147D5YWLL4AMPB4A591KLP32MVVVVVVVVVVVVV
@Alternate Data Stream - 215 bytes -> C:\ProgramData\TEMP:C22674B6
@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:28BF1793
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:EB4FEEF5
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:CB299F13
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:0B4227B4
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:A8ADE5D8
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:FA5F15C4
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:C7857F06
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:5C321E34
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:78E0DF72
@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:DFC5A2B2

< End of report >

Edited by Ducon, 02 May 2012 - 07:33 PM.

#2
RKinner

Posted 04 May 2012 - 10:57 AM

Malware Expert

Expert
24,625 posts

wsearch is normally not malware but a program windows uses to index all fo your files to speed up searching. It is supposed to run in the background but I usually turn the thing off and things do run a bit faster. I'll tell OTL to turn it off for good for you.

Clear the Java Cache by following the instructions on
http://www.java.com/...lugin_cache.xml

Copy the text in the code box by highlighting and Ctrl + c


:OTL
DRV - File not found [Kernel | System | Stopped] -- C:\Windows\system32\drivers\vlcycgpk.sys -- (vlcycgpk)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\usbser_lowerflt.sys -- (upperdev)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010c\WNt500x86\Sandra.sys -- (SANDRA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\pccsmcfd.sys -- (pccsmcfd)
DRV - File not found [Kernel | System | Stopped] -- C:\Windows\system32\Drivers\nvport.sys -- (nvport)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - File not found [Kernel | System | Stopped] -- C:\Windows\system32\drivers\facicvgu.sys -- (facicvgu)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleXNt.sys -- (EagleXNt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\TEMP\cpuz135\cpuz135_x32.sys -- (cpuz135)
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.5
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.6
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitd...can8/oscan8.cab (Reg Error: Key error.)O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
[2012.05.02 21:30:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\Laajennettu takuu-Jussi.job
@Alternate Data Stream - 55885 bytes -> C:\ProgramData:$SS_DESCRIPTOR_PVX2VCGKMVF9FFNYTK1RVDNJCML147D5YWLL4AMPB4A591KLP32MVVVVVVVVVVVVV
@Alternate Data Stream - 215 bytes -> C:\ProgramData\TEMP:C22674B6
@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:28BF1793
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:EB4FEEF5
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:CB299F13
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:0B4227B4
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:A8ADE5D8
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:FA5F15C4
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:C7857F06
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:5C321E34
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:78E0DF72
@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:DFC5A2B2

:files
xcopy %Temp%\smtmp\1 "%AllUsersProfile%\Start Menu" /H /I /S /Y /C
xcopy %Temp%\smtmp\2 "%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch" /H /I /S /Y /C
xcopy %Temp%\smtmp\3 "%AppData%\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar" /H /I /S /Y /C
xcopy %Temp%\smtmp\4 "%AllUsersProfile%\Desktop" /H /I /S /Y /C
sc config wsearch start= disabled /c
     
:Commands
[EMPTYFLASH]
[EMPTYJAVA]
[purity]
[Reboot]

then Rightclick on OTL and select Run As Administrator to start. Under the Custom Scans/Fixes box at the bottom, paste (ctrl +v) the text. Verify that you got it all and Then click the RUN FIX button (NOT THE QUICK SCAN button!) at the top
Let the program run unhindered, OTL will reboot the PC when it is done.

Download aswMBR.exe ( 511KB ) to your desktop.
Right click aswMBR.exe and Run as Administrator
uncheck trace disk IO calls
Click the "Scan" button to start scan (Accept the Avast Engine)
On completion of the scan if the Fix button is enabled (not the FixMBR button) press it and then run a new scan and click save log, save it to your desktop and post in your next reply
If the Fix button is not enabled then just click save log, save it to your desktop and post in your next reply

ComboFix

:!: It must be saved to your desktop, do not run it from your browser:!:

:!: Disable your Antivirus software when downloading or running Combofix. If it has Script Blocking features, please disable these as well. See: http://www.bleepingc...opic114351.html

Download and Save this file -- to your Desktop -- from either of these two sources:
http://download.blee...Bs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Rightclick on ComboFix and select Run As Administrator to start the program.

* :!: Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.

* A window may open with a series of Disclaimers. Accept the Disclaimers to start the fix.

A caution - Do not run Combofix more than once. Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Even when ComboFix appears to be doing nothing, look at your Drive light. If it is flashing, Combofix is still at work.

A file will be created at => C:\Combofix.txt. I'll need to see that in your reply.

Download TDSSKiller:
http://support.kaspe.../tdsskiller.exe
Save it to your desktop then run it.
Double click on TDSSKiller.exe (Vista or Win 7 must right click and Run As Admin)
If TDSSKiller alerts you that the system needs to reboot, please consent.

Run TDSSKiller again but this time:
before you hit the Scan hit Change Parameters and check the two items under Additional Options. OK then Scan.
In this mode it is prone to false positives so do not change the SKIP option to DELETE unless it says TDSS.
When done, a log file should be created on your C: drive named "TDSSKiller.txt" please copy and paste the contents in your next reply.

Malwarebytes' Anti-Malware
:!: If you have a previous version of MalwareBytes', remove it via Add or Remove Programs and download a fresh copy. :!:
http://www.malwareby...lwarebytes_free

SAVE Malwarebytes' Anti-Malware to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.

* Be sure that everything is checked, and click Remove Selected.

* When completed, a log will open in Notepad. Please save it to a convenient location.
* The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
* Post that log back here.

Copy the text in the code box:


nnetsvcs
%SYSTEMDRIVE%\*.exe
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.exe
%APPDATA%\*.
/md5start
atapi.sys
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
consrv.dll
/md5stop
%systemroot%\*. /mp /s
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
CREATERESTOREPOINT

Run OTL (Vista or Win 7 => right click and Run As Administrator)

Paste (Ctrl + v) the copied text in the box where it says Custom Scan/Fixes

Select the All option in the Extra Registry group then Run Scan.

You should get two logs. Please copy and paste both of them.

Right click on (My) Computer and select Manage (Continue) Then the Event Viewer. Next select Windows Logs. Right click on System and Clear Log, Clear. Repeat for Application.

Reboot.

Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator. Then type (with an Enter after each line).

sfc  /scannow

(This will check your critical system files. If it asks for a CD and you don't have one or it doesn't like your CD just tell it to SKIP.)

1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning

Then use the 'Number of events' as follows:

1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.

Please post the Output log in your next reply then repeat but select Application.

Ron

#3
Ducon

Posted 04 May 2012 - 05:03 PM

Member

Topic Starter
Member
17 posts

sfc /scannow found something it couldnt repair and it made CBS.log but I cant open it. Vinos Event Viewer wont run as my language is not available.

OTL logfile created on: 5.5.2012 1:11:41 - Run 2
OTL by OldTimer - Version 3.2.42.2 Folder = C:\Users\Jussi\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040B | Country: Suomi | Language: FIN | Date Format: d.M.yyyy

3,25 Gb Total Physical Memory | 1,97 Gb Available Physical Memory | 60,57% Memory free
6,72 Gb Paging File | 5,42 Gb Available in Paging File | 80,68% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 584,17 Gb Total Space | 282,10 Gb Free Space | 48,29% Space Free | Partition Type: NTFS
Drive D: | 596,17 Gb Total Space | 199,15 Gb Free Space | 33,40% Space Free | Partition Type: NTFS
Drive I: | 6,04 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: JUSSI-PC | User Name: Jussi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.05.02 21:42:42 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Jussi\Desktop\OTL.exe
PRC - [2012.04.26 10:02:39 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012.02.29 23:58:46 | 000,857,408 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2012.02.29 23:58:36 | 001,820,480 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2012.02.29 14:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012.02.21 06:13:28 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2012.01.24 18:24:26 | 002,416,480 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe
PRC - [2012.01.03 16:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.11.28 02:19:04 | 001,229,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe
PRC - [2011.10.12 07:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
PRC - [2011.10.10 07:23:34 | 000,973,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgemcx.exe
PRC - [2011.10.07 12:40:42 | 001,387,288 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPointP\SetPoint.exe
PRC - [2011.09.27 22:05:24 | 000,149,784 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
PRC - [2011.09.23 04:30:04 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
PRC - [2011.09.08 21:53:26 | 000,743,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe
PRC - [2011.08.15 07:21:40 | 000,337,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe
PRC - [2011.08.02 07:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2011.06.02 17:02:50 | 000,605,520 | ---- | M] (WinZip Computing, S.L. (WinZip Computing)) -- C:\Program Files\WinZip System Utilities Suite\WINZIPSSDefragSrv.exe
PRC - [2010.01.27 17:14:10 | 000,286,720 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe
PRC - [2009.04.11 09:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2001.11.12 14:31:48 | 000,020,480 | ---- | M] (X10) -- C:\Program Files\Common Files\X10\Common\X10nets.exe

========== Modules (No Company Name) ==========

MOD - [2012.05.03 04:12:56 | 008,797,344 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_2_202_233.dll
MOD - [2012.04.26 10:02:39 | 001,952,696 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012.02.29 14:26:28 | 000,360,768 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
MOD - [2011.10.07 12:41:16 | 000,879,896 | ---- | M] () -- C:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll

========== Win32 Services (SafeList) ==========

SRV - [2012.05.03 04:12:56 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.04.26 10:02:39 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.04.24 17:24:53 | 000,489,256 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.03.01 02:59:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.02.29 14:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012.01.20 16:52:04 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2012.01.03 16:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.10.12 07:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011.09.27 22:03:28 | 000,295,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2011.09.23 04:30:04 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2011.08.02 07:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011.06.13 22:09:22 | 000,267,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe -- (MatSvc)
SRV - [2011.06.02 17:02:50 | 000,605,520 | ---- | M] (WinZip Computing, S.L. (WinZip Computing)) [Auto | Running] -- C:\Program Files\WinZip System Utilities Suite\WINZIPSSDefragSrv.exe -- (WINZIPSSDiskOptimizer)
SRV - [2011.02.24 02:42:54 | 000,025,832 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Origin Games\Dragon Age\\bin_ship\DAUpdaterSvc.Service.exe -- (DAUpdaterSvc)
SRV - [2010.01.27 17:14:10 | 000,286,720 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2008.02.03 13:00:00 | 000,129,992 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\System32\ezsvc7.dll -- (ezSharedSvc)
SRV - [2008.01.21 05:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2001.11.12 14:31:48 | 000,020,480 | ---- | M] (X10) [Auto | Running] -- C:\Program Files\Common Files\X10\Common\X10nets.exe -- (x10nets)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Jussi\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2012.03.01 02:59:00 | 010,819,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2012.02.14 20:05:50 | 000,012,288 | ---- | M] (Philips PTCL) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MassDfu.sys -- (DFU)
DRV - [2011.10.07 07:23:48 | 000,230,608 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2011.10.04 07:21:16 | 000,016,720 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011.09.23 04:29:51 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011.09.23 04:29:51 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2011.09.13 07:30:10 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2011.09.02 09:31:28 | 000,039,192 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2011.09.02 09:31:28 | 000,030,360 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2011.09.02 09:31:20 | 000,041,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2011.08.08 07:08:58 | 000,040,016 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011.07.20 10:46:04 | 000,181,432 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm) SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.)
DRV - [2011.07.20 10:46:04 | 000,077,624 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus) SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.)
DRV - [2011.07.11 02:14:38 | 000,295,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011.07.11 02:14:02 | 000,024,272 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011.07.11 02:14:00 | 000,023,120 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV - [2011.07.11 02:13:58 | 000,134,736 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011.01.18 18:16:46 | 000,197,224 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2010.09.22 13:00:10 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2010.09.22 11:36:11 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2010.07.12 11:55:39 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\System32\drivers\Lbd.sys -- (Lbd)
DRV - [2010.06.30 19:01:04 | 000,011,832 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\amdide.sys -- (amdide)
DRV - [2010.06.03 11:33:54 | 001,596,672 | ---- | M] (Hauppauge Computer Works) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HCW85BDA.sys -- (HCW85BDA)
DRV - [2009.07.31 11:39:58 | 000,017,920 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\XENfiltv.sys -- (XENfiltv)
DRV - [2008.08.14 09:48:22 | 000,017,408 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\skfiltv.sys -- (skfiltv)
DRV - [2008.04.28 10:26:42 | 000,014,352 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO)
DRV - [2007.07.23 10:56:58 | 000,042,624 | ---- | M] (Ideazon Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Alpham1.sys -- (Alpham1)
DRV - [2007.06.29 15:47:34 | 000,034,304 | ---- | M] (AMD, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AmdLLD.sys -- (AmdLLD)
DRV - [2007.03.20 12:49:52 | 000,018,432 | ---- | M] (Ideazon Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Alpham2.sys -- (Alpham2)
DRV - [2006.11.17 10:31:04 | 000,013,976 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\x10hid.sys -- (X10Hid)
DRV - [2006.03.29 08:49:26 | 000,009,856 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\pfc.sys -- (pfc)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.pack...media_a6500_ncd
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...ng}&rlz=1I7ACPW

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.eset.com/...online-scanner/
IE - HKCU\..\SearchScopes,DefaultScope = {D6FC6DE7-6E20-4DD0-96B4-702A3517D535}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6454E83C-02FB-4BA5-969E-C1A616DDE186}: "URL" = http://search.yahoo....p={SearchTerms}
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...ng}&rlz=1I7ACPW
IE - HKCU\..\SearchScopes\{D6FC6DE7-6E20-4DD0-96B4-702A3517D535}: "URL" = http://www.google.co...ie7&rlz=1I7ACPW
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Turvalliset hakutoiminnot"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.newhorizonwow.com/"
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_233.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll File not found
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.2.72: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.2.72: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.2.72: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.2.72: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.2.72: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@fancyguo.com/FancyGame,version=1.0.0.1: C:\Users\Jussi\AppData\Local\Fancy\npfancygame.dll (Beijing FancyGuo Tech Ltd)
FF - HKCU\Software\MozillaPlugins\@onlive.com/OnLiveGameClientDetector,version=1.0.0: File not found
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Jussi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.02.21 06:14:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2012.02.28 02:10:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.04.26 10:02:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.04.11 12:41:30 | 000,000,000 | ---D | M]

[2009.02.22 19:15:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jussi\AppData\Roaming\mozilla\Extensions
[2012.05.05 00:49:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jussi\AppData\Roaming\mozilla\Firefox\Profiles\w7a81fei.default\extensions
[2011.03.11 21:41:52 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\Jussi\AppData\Roaming\mozilla\Firefox\Profiles\w7a81fei.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}(198)
[2012.03.02 23:06:58 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Jussi\AppData\Roaming\mozilla\Firefox\Profiles\w7a81fei.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2012.03.29 23:30:43 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Jussi\AppData\Roaming\mozilla\Firefox\Profiles\w7a81fei.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011.03.12 20:02:53 | 000,000,000 | ---D | M] (Element Hiding Helper for Adblock Plus) -- C:\Users\Jussi\AppData\Roaming\mozilla\Firefox\Profiles\w7a81fei.default\extensions\elemhidehelper@adblockplus(197).org
[2011.01.17 02:49:47 | 000,000,000 | ---D | M] (United States English Spellchecker) -- C:\Users\Jussi\AppData\Roaming\mozilla\Firefox\Profiles\w7a81fei.default\extensions\[email protected]
[2012.02.18 00:44:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
() (No name found) -- C:\USERS\JUSSI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W7A81FEI.DEFAULT\EXTENSIONS\{19503E42-CA3C-4C27-B1E2-9CDB2170EE34}.XPI
() (No name found) -- C:\USERS\JUSSI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W7A81FEI.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI
() (No name found) -- C:\USERS\JUSSI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W7A81FEI.DEFAULT\EXTENSIONS\{987311C6-B504-4AA2-90BF-60CC49808D42}.XPI
() (No name found) -- C:\USERS\JUSSI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W7A81FEI.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\JUSSI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W7A81FEI.DEFAULT\EXTENSIONS\[email protected]
[2009.07.02 03:01:20 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2012.04.26 10:02:39 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2009.03.31 22:47:26 | 000,324,976 | ---- | M] (Symantec Corporation) -- C:\Program Files\mozilla firefox\components\coFFPlgn.dll
[2012.02.17 19:58:20 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011.10.02 15:08:02 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011.10.02 15:08:02 | 000,002,062 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bookplus-fi.xml
[2011.03.05 09:38:32 | 000,001,069 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons-fi.xml
[2011.10.02 15:08:02 | 000,000,972 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-fi.xml
[2011.03.05 09:38:32 | 000,002,677 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\huuto-fi.xml
[2010.08.09 10:04:46 | 000,002,036 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2011.10.02 15:08:02 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fi.xml
[2011.10.02 15:08:02 | 000,001,100 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-fi.xml

O1 HOSTS File: ([2012.05.05 00:43:57 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [VolPanel] C:\Program Files\Creative\USB Headsets\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creat...13/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2)
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} http://ccfiles.creat...015/CTSUEng.cab (Creative Software AutoUpdate 2)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creat...10926/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{57D29552-3B29-4A65-8D61-D4E458B114ED}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{57D29552-3B29-4A65-8D61-D4E458B114ED}: NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img31.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img31.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.19 00:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (sasnative32)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
NetSvcs: ezSharedSvc - C:\Windows\System32\ezsvc7.dll (EasyBits Sofware AS)

MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE - (WinZip Computing, S.L.)
MsConfig - StartUpReg: amd_dc_opt - hkey= - key= - C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
MsConfig - StartUpReg: IntelliPoint - hkey= - key= - C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig - State: "startup" - 2
MsConfig - State: "services" - 2

SafeBootMin: !SASCORE - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE (SUPERAntiSpyware.com)
SafeBootMin: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: !SASCORE - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE (SUPERAntiSpyware.com)
SafeBootNet: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfRd - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {0213C6AF-5562-4D09-884C-2ADCFC8C2F35} - Microsoft .NET Framework 1.1 Security Update (KB2656353)
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {1897C549-AE52-4571-8996-44854F5612B2} - Microsoft .NET Framework 1.1 Security Update (KB2656370)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.3
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 10.3
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {78028BE9-3B2E-46E9-B588-BB9AEE0F4088} - .NET Framework
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {7E6CE855-927C-4BED-8718-D474B2928912} - Microsoft Windows Media Player
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {FF1F7051-0F02-463C-8A2E-D7245CF28741} - Java (Sun)
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\Windows\System32\ir32_32.dll (Intel® Corporation)
Drivers32: vidc.iv32 - C:\Windows\System32\ir32_32.dll (Intel® Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012.05.05 01:01:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.05.05 01:01:21 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.05.05 01:01:21 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.05.05 00:59:47 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012.05.05 00:57:25 | 010,063,000 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Jussi\Desktop\mbam-setup-1.61.0.1400.exe
[2012.05.05 00:46:41 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012.05.05 00:46:39 | 000,000,000 | ---D | C] -- C:\Users\Jussi\AppData\Local\temp
[2012.05.05 00:27:37 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012.05.05 00:27:37 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012.05.05 00:27:37 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012.05.05 00:27:29 | 000,000,000 | ---D | C] -- C:\ComboFix
[2012.05.05 00:27:25 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012.05.05 00:15:59 | 002,075,184 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Jussi\Desktop\tdsskiller.exe
[2012.05.05 00:15:18 | 004,484,016 | R--- | C] (Swearware) -- C:\Users\Jussi\Desktop\ComboFix.exe
[2012.05.04 21:05:44 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\Jussi\Desktop\aswMBR.exe
[2012.05.04 21:02:17 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.05.03 04:12:56 | 000,418,464 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.05.03 04:12:56 | 000,070,304 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.05.03 02:41:46 | 000,353,952 | ---- | C] (Adobe Systems Incorporated) -- C:\Users\Jussi\Desktop\uninstall_flash_player_32bit.exe
[2012.05.02 21:42:40 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Users\Jussi\Desktop\OTL.exe
[2012.05.02 01:42:46 | 000,000,000 | ---D | C] -- C:\Users\Jussi\AppData\Local\SniperV2 Demo
[2012.04.29 21:26:49 | 000,000,000 | ---D | C] -- C:\getnzb-segment
[2012.04.29 08:20:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eschalon Book II
[2012.04.29 08:20:03 | 000,000,000 | ---D | C] -- C:\Program Files\Eschalon Book II
[2012.04.28 02:44:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Digital - A Love Story
[2012.04.27 16:40:49 | 000,000,000 | ---D | C] -- C:\Users\Jussi\Documents\Usenet Downloads
[2012.04.27 16:39:32 | 000,000,000 | ---D | C] -- C:\Users\Jussi\AppData\Local\GetNZB
[2012.04.27 16:39:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GetNZB
[2012.04.27 16:39:30 | 000,000,000 | ---D | C] -- C:\Program Files\GetNZB
[2012.04.26 10:02:45 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012.04.26 10:02:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012.04.26 03:01:34 | 000,000,000 | ---D | C] -- C:\Users\Jussi\AppData\Local\BladesOfTimeDemo
[2012.04.25 23:31:02 | 000,398,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System\VBRUN300.DLL
[2012.04.25 23:31:02 | 000,092,176 | ---- | C] (VideoSoft) -- C:\Windows\System\VSVBX.VBX
[2012.04.25 23:31:02 | 000,064,432 | ---- | C] (Sheridan Software Systems, Inc.) -- C:\Windows\System\THREED.VBX
[2012.04.25 23:31:02 | 000,030,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System\MCI.VBX
[2012.04.25 23:31:02 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System\WAVMIX16.DLL
[2012.04.24 23:43:42 | 000,000,000 | ---D | C] -- C:\Users\Jussi\AppData\Roaming\crawl
[2012.04.24 23:05:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dungeon Crawl Stone Soup
[2012.04.24 23:05:55 | 000,000,000 | ---D | C] -- C:\Program Files\Crawl
[2012.04.24 05:23:35 | 000,000,000 | ---D | C] -- C:\Program Files\AVWW
[2012.04.24 04:45:03 | 000,000,000 | -HSD | C] -- C:\ProgramData\SecuROM
[2012.04.24 04:45:01 | 000,000,000 | ---D | C] -- C:\Users\Jussi\Documents\ArcaniA - Gothic 4 Demo
[2012.04.23 20:38:30 | 000,000,000 | ---D | C] -- C:\Users\Jussi\AppData\Local\amd
[2012.04.23 20:38:23 | 000,161,280 | ---- | C] (Firelight Technologies Pty, Ltd) -- C:\Windows\System32\fmod.dll
[2012.04.23 20:38:00 | 001,227,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dx8vb.dll
[2012.04.23 20:38:00 | 000,220,672 | ---- | C] (JB) -- C:\Windows\System32\vbskfr2.ocx
[2012.04.23 20:38:00 | 000,040,960 | ---- | C] (Andrew Keat, [email protected], http://aktools.rentmaster.co.nz) -- C:\Windows\System32\akprogressbar.ocx
[2012.04.23 00:19:37 | 000,000,000 | ---D | C] -- C:\Program Files\Driftmoon
[2012.04.20 17:51:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net
[2012.04.19 20:50:26 | 000,000,000 | ---D | C] -- C:\Users\Jussi\Documents\BotaniculaSaves
[2012.04.17 21:06:23 | 000,000,000 | ---D | C] -- C:\Users\Jussi\AppData\Local\Insanely Twisted Shadow Planet
[2012.04.15 15:47:07 | 000,000,000 | ---D | C] -- C:\Users\Jussi\T-Engine
[2012.04.14 16:36:39 | 000,000,000 | ---D | C] -- C:\Users\Jussi\AppData\Local\Driftmoon
[2012.04.14 16:36:36 | 000,000,000 | ---D | C] -- C:\Users\Jussi\Documents\Driftmoon
[2012.04.11 20:34:31 | 000,000,000 | ---D | C] -- C:\Users\Jussi\Documents\Almost Human
[2012.04.11 12:28:56 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.04.11 12:28:55 | 001,799,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012.04.11 12:28:54 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.04.11 12:28:54 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.04.11 12:28:54 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.04.11 12:28:53 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.04.11 12:27:54 | 003,602,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012.04.11 12:27:54 | 003,550,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012.04.10 08:40:31 | 000,000,000 | ---D | C] -- C:\Program Files\A.I.M 2
[2012.04.10 07:31:29 | 000,000,000 | ---D | C] -- C:\Program Files\1C Company
[2012.04.09 16:21:40 | 000,000,000 | ---D | C] -- C:\Program Files\Pathologic
[2012.04.09 15:07:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project Black Sun
[2012.04.09 15:07:25 | 000,000,000 | ---D | C] -- C:\Program Files\Project Black Sun
[2012.04.08 08:08:50 | 000,000,000 | ---D | C] -- C:\Users\Jussi\Documents\EA Games
[2012.04.08 08:06:39 | 000,000,000 | ---D | C] -- C:\Users\Jussi\AppData\Local\EA Games
[2012.04.08 08:06:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Solidshield
[2012.04.08 06:37:35 | 000,000,000 | ---D | C] -- C:\Users\Jussi\AppData\Roaming\Worthless Bums
[2012.04.08 05:59:55 | 000,000,000 | ---D | C] -- C:\Users\Jussi\AppData\Roaming\3DeadZed
[2012.04.08 05:59:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gentleman Squid
[2012.04.08 05:59:17 | 000,000,000 | ---D | C] -- C:\Program Files\Gentleman Squid
[2012.04.06 22:36:05 | 000,000,000 | ---D | C] -- C:\Users\Jussi\AppData\Local\Demiurge Studios
[2012.04.06 10:26:18 | 000,000,000 | ---D | C] -- C:\Users\Jussi\Documents\ProjectBlackSun
[2012.04.06 00:34:36 | 000,000,000 | ---D | C] -- C:\Users\Jussi\AppData\Local\Targem
[2012.04.06 00:33:37 | 000,000,000 | ---D | C] -- C:\Windows\System32\AGEIA
[2012.04.06 00:08:56 | 000,000,000 | ---D | C] -- C:\Program Files\DevilWhiskey
[2012.04.05 07:26:42 | 000,000,000 | ---D | C] -- C:\Users\Jussi\Documents\TwinSector

========== Files - Modified Within 30 Days ==========

[2012.05.05 01:01:34 | 000,000,869 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.05.05 00:59:52 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.05.05 00:59:52 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.05.05 00:59:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.05.05 00:57:27 | 010,063,000 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Jussi\Desktop\mbam-setup-1.61.0.1400.exe
[2012.05.05 00:52:19 | 061,805,740 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2012.05.05 00:47:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.05.05 00:43:57 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012.05.05 00:16:01 | 002,075,184 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Jussi\Desktop\tdsskiller.exe
[2012.05.05 00:15:20 | 004,484,016 | R--- | M] (Swearware) -- C:\Users\Jussi\Desktop\ComboFix.exe
[2012.05.05 00:14:27 | 000,000,512 | ---- | M] () -- C:\Users\Jussi\Desktop\MBR.dat
[2012.05.04 21:05:56 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\Jussi\Desktop\aswMBR.exe
[2012.05.03 04:12:56 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.05.03 04:12:56 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.05.03 02:41:53 | 000,353,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\Jussi\Desktop\uninstall_flash_player_32bit.exe
[2012.05.03 01:49:41 | 000,205,312 | ---- | M] () -- C:\Users\Jussi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.05.02 22:44:06 | 000,000,752 | ---- | M] () -- C:\Users\Public\Desktop\World of Warcraft.lnk
[2012.05.02 21:42:42 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Jussi\Desktop\OTL.exe
[2012.05.02 03:16:04 | 000,000,200 | ---- | M] () -- C:\Users\Jussi\Desktop\Sniper Elite.url
[2012.05.01 20:15:05 | 000,000,185 | ---- | M] () -- C:\Users\Jussi\Desktop\Crazy Machines Elements.url
[2012.04.29 18:11:45 | 000,081,579 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm
[2012.04.29 08:20:54 | 000,000,743 | ---- | M] () -- C:\Users\Public\Desktop\Eschalon Book II.lnk
[2012.04.29 06:27:32 | 298,042,692 | ---- | M] () -- C:\Users\Jussi\eb2_setup_v105.zip
[2012.04.29 01:28:03 | 000,000,202 | ---- | M] () -- C:\Users\Jussi\Desktop\The Walking Dead.url
[2012.04.28 06:46:40 | 148,454,522 | ---- | M] () -- C:\Users\Jussi\Telepath RPG Servants of God.air
[2012.04.27 16:45:13 | 005,922,422 | ---- | M] () -- C:\Users\Jussi\set_12.rar
[2012.04.27 16:39:32 | 000,000,739 | ---- | M] () -- C:\Users\Public\Desktop\GetNZB.lnk
[2012.04.27 16:38:16 | 004,428,026 | ---- | M] () -- C:\Users\Jussi\install-getnzb-c35126.zip
[2012.04.25 23:33:56 | 000,000,115 | ---- | M] () -- C:\Windows\MORDOR.INI
[2012.04.25 00:17:06 | 000,000,757 | ---- | M] () -- C:\Users\Jussi\Desktop\crawl-tiles – Pikakuvake.lnk
[2012.04.23 21:35:55 | 000,000,201 | ---- | M] () -- C:\Users\Jussi\Desktop\Warhammer 40,000 Space Marine.url
[2012.04.20 00:18:59 | 000,000,201 | ---- | M] () -- C:\Users\Jussi\Desktop\MacGuffin's Curse.url
[2012.04.19 20:38:23 | 000,000,172 | ---- | M] () -- C:\Users\Jussi\Desktop\Botanicula.url
[2012.04.19 00:41:03 | 000,641,362 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.04.19 00:41:03 | 000,491,218 | ---- | M] () -- C:\Windows\System32\perfh00B.dat
[2012.04.19 00:41:03 | 000,107,648 | ---- | M] () -- C:\Windows\System32\perfc00B.dat
[2012.04.19 00:41:02 | 000,123,142 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.04.17 21:03:39 | 000,000,202 | ---- | M] () -- C:\Users\Jussi\Desktop\Insanely Twisted Shadow Planet.url
[2012.04.15 15:45:21 | 128,074,260 | ---- | M] () -- C:\Users\Jussi\t-engine4-windows-1.0.0beta38.zip
[2012.04.14 06:06:47 | 000,001,356 | ---- | M] () -- C:\Users\Jussi\AppData\Local\d3d9caps.dat
[2012.04.11 21:38:02 | 000,000,202 | ---- | M] () -- C:\Users\Jussi\Desktop\Legend of Grimrock.url
[2012.04.11 20:24:42 | 483,918,688 | ---- | M] () -- C:\Users\Jussi\grimrock-rc6-1.1.3-installer.zip
[2012.04.11 20:05:28 | 000,000,202 | ---- | M] () -- C:\Users\Jussi\Desktop\Avernum Escape From the Pit.url
[2012.04.11 07:22:41 | 001,161,823 | ---- | M] () -- C:\Users\Jussi\powder117_win.zip
[2012.04.09 15:07:30 | 000,000,865 | ---- | M] () -- C:\Users\Public\Desktop\Project Black Sun.lnk
[2012.04.08 22:47:46 | 000,000,202 | ---- | M] () -- C:\Users\Jussi\Desktop\Waves.url
[2012.04.08 05:59:22 | 000,001,972 | ---- | M] () -- C:\Users\Public\Desktop\Launch 3DeadZed.exe.lnk
[2012.04.06 22:19:48 | 000,000,201 | ---- | M] () -- C:\Users\Jussi\Desktop\Shoot Many Robots.url
[2012.04.06 18:18:33 | 026,729,858 | ---- | M] () -- C:\Users\Jussi\DWMEGAMOD-v02a.zip
[2012.04.06 04:56:40 | 030,412,800 | ---- | M] () -- C:\Users\Jussi\PhysX-9.12.0213-SystemSoftware.msi
[2012.04.06 03:27:16 | 000,000,202 | ---- | M] () -- C:\Users\Jussi\Desktop\Hack, Slash, Loot.url
[2012.04.06 01:35:24 | 001,199,639 | ---- | M] () -- C:\Users\Jussi\Puckbang.zip
[2012.04.05 06:20:39 | 000,000,201 | ---- | M] () -- C:\Users\Jussi\Desktop\Diamond Dan.url

========== Files Created - No Company Name ==========

[2012.05.05 01:01:34 | 000,000,869 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.05.05 00:27:37 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012.05.05 00:27:37 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012.05.05 00:27:37 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012.05.05 00:27:37 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012.05.05 00:27:37 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012.05.05 00:14:27 | 000,000,512 | ---- | C] () -- C:\Users\Jussi\Desktop\MBR.dat
[2012.05.03 04:12:57 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.05.02 03:16:04 | 000,000,200 | ---- | C] () -- C:\Users\Jussi\Desktop\Sniper Elite.url
[2012.05.01 20:15:05 | 000,000,185 | ---- | C] () -- C:\Users\Jussi\Desktop\Crazy Machines Elements.url
[2012.04.29 08:20:54 | 000,000,743 | ---- | C] () -- C:\Users\Public\Desktop\Eschalon Book II.lnk
[2012.04.29 06:23:24 | 298,042,692 | ---- | C] () -- C:\Users\Jussi\eb2_setup_v105.zip
[2012.04.29 01:28:03 | 000,000,202 | ---- | C] () -- C:\Users\Jussi\Desktop\The Walking Dead.url
[2012.04.28 06:33:43 | 148,454,522 | ---- | C] () -- C:\Users\Jussi\Telepath RPG Servants of God.air
[2012.04.27 16:44:37 | 005,922,422 | ---- | C] () -- C:\Users\Jussi\set_12.rar
[2012.04.27 16:39:32 | 000,000,739 | ---- | C] () -- C:\Users\Public\Desktop\GetNZB.lnk
[2012.04.27 16:38:15 | 004,428,026 | ---- | C] () -- C:\Users\Jussi\install-getnzb-c35126.zip
[2012.04.25 23:33:30 | 000,000,115 | ---- | C] () -- C:\Windows\MORDOR.INI
[2012.04.25 23:31:02 | 000,029,376 | ---- | C] () -- C:\Windows\System\MSGBLAST.VBX
[2012.04.25 23:31:02 | 000,018,688 | ---- | C] () -- C:\Windows\System\CMDIALOG.VBX
[2012.04.25 00:17:06 | 000,000,757 | ---- | C] () -- C:\Users\Jussi\Desktop\crawl-tiles – Pikakuvake.lnk
[2012.04.23 21:35:55 | 000,000,201 | ---- | C] () -- C:\Users\Jussi\Desktop\Warhammer 40,000 Space Marine.url
[2012.04.20 00:18:59 | 000,000,201 | ---- | C] () -- C:\Users\Jussi\Desktop\MacGuffin's Curse.url
[2012.04.19 20:38:23 | 000,000,172 | ---- | C] () -- C:\Users\Jussi\Desktop\Botanicula.url
[2012.04.17 21:03:39 | 000,000,202 | ---- | C] () -- C:\Users\Jussi\Desktop\Insanely Twisted Shadow Planet.url
[2012.04.15 15:43:52 | 128,074,260 | ---- | C] () -- C:\Users\Jussi\t-engine4-windows-1.0.0beta38.zip
[2012.04.11 21:38:02 | 000,000,202 | ---- | C] () -- C:\Users\Jussi\Desktop\Legend of Grimrock.url
[2012.04.11 20:05:28 | 000,000,202 | ---- | C] () -- C:\Users\Jussi\Desktop\Avernum Escape From the Pit.url
[2012.04.11 20:02:59 | 483,918,688 | ---- | C] () -- C:\Users\Jussi\grimrock-rc6-1.1.3-installer.zip
[2012.04.11 07:22:40 | 001,161,823 | ---- | C] () -- C:\Users\Jussi\powder117_win.zip
[2012.04.09 15:07:30 | 000,000,865 | ---- | C] () -- C:\Users\Public\Desktop\Project Black Sun.lnk
[2012.04.08 22:47:46 | 000,000,202 | ---- | C] () -- C:\Users\Jussi\Desktop\Waves.url
[2012.04.08 05:59:22 | 000,001,972 | ---- | C] () -- C:\Users\Public\Desktop\Launch 3DeadZed.exe.lnk
[2012.04.06 22:19:48 | 000,000,201 | ---- | C] () -- C:\Users\Jussi\Desktop\Shoot Many Robots.url
[2012.04.06 18:17:06 | 026,729,858 | ---- | C] () -- C:\Users\Jussi\DWMEGAMOD-v02a.zip
[2012.04.06 04:56:15 | 030,412,800 | ---- | C] () -- C:\Users\Jussi\PhysX-9.12.0213-SystemSoftware.msi
[2012.04.06 03:27:16 | 000,000,202 | ---- | C] () -- C:\Users\Jussi\Desktop\Hack, Slash, Loot.url
[2012.04.06 01:35:23 | 001,199,639 | ---- | C] () -- C:\Users\Jussi\Puckbang.zip
[2012.04.05 06:20:39 | 000,000,201 | ---- | C] () -- C:\Users\Jussi\Desktop\Diamond Dan.url
[2012.02.29 14:26:56 | 000,416,064 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe
[2012.01.20 16:55:36 | 000,025,262 | ---- | C] () -- C:\Windows\System32\xfisk.ini
[2012.01.20 16:55:36 | 000,000,052 | ---- | C] () -- C:\Windows\System32\ctzapxx.ini
[2012.01.20 16:55:29 | 000,001,209 | ---- | C] () -- C:\Windows\skSPcfg.ini
[2012.01.20 16:55:29 | 000,000,381 | ---- | C] () -- C:\Windows\skMCcfg.ini
[2012.01.20 16:55:11 | 000,128,512 | ---- | C] () -- C:\Windows\System32\APOMngr.DLL
[2012.01.20 16:55:11 | 000,069,120 | ---- | C] () -- C:\Windows\System32\CmdRtr.DLL
[2011.11.22 10:18:47 | 000,080,896 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2011.10.26 05:27:15 | 000,001,940 | ---- | C] () -- C:\Users\Jussi\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2011.10.03 20:39:06 | 000,000,059 | ---- | C] () -- C:\Windows\RUNAWAY2.INI
[2011.09.28 18:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011.08.16 18:18:02 | 000,032,288 | ---- | C] () -- C:\Windows\System32\xfiXEN.ini
[2011.08.06 14:20:44 | 000,002,220 | ---- | C] () -- C:\Windows\System32\ASOROSet.bin
[2011.07.26 17:26:46 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2011.07.26 17:26:46 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2011.07.26 17:26:46 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2011.07.26 17:26:46 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2011.07.20 03:55:36 | 000,000,200 | ---- | C] () -- C:\Users\Jussi\AppData\Roaming\Lucid_player_profiles_data.dat
[2011.07.20 03:55:36 | 000,000,008 | ---- | C] () -- C:\Users\Jussi\AppData\Roaming\Lucid_player_highscore.dat
[2011.07.03 05:14:59 | 000,138,056 | ---- | C] () -- C:\Users\Jussi\AppData\Roaming\PnkBstrK.sys
[2011.07.03 05:14:23 | 002,434,856 | ---- | C] () -- C:\Windows\System32\pbsvc_bc2.exe
[2011.06.21 13:03:42 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
[2011.06.06 09:21:46 | 000,000,093 | ---- | C] () -- C:\Users\Jussi\AppData\Local\fusioncache.dat
[2011.03.20 05:28:54 | 000,140,024 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2011.03.20 05:06:11 | 000,280,768 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2011.03.20 05:06:09 | 000,075,136 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2011.01.02 02:00:28 | 000,000,013 | ---- | C] () -- C:\Windows\popcinfo.dat
[2010.09.02 18:30:02 | 000,001,645 | ---- | C] () -- C:\Windows\wininit.ini
[2010.08.27 11:56:39 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2010.08.27 11:56:37 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2010.08.25 19:09:51 | 000,069,632 | R--- | C] () -- C:\Windows\System32\xmltok.dll
[2010.08.25 19:09:51 | 000,036,864 | R--- | C] () -- C:\Windows\System32\xmlparse.dll
[2010.08.02 18:52:19 | 000,026,340 | ---- | C] () -- C:\Users\Jussi\AppData\Roaming\UserTile.png
[2010.07.24 15:38:35 | 000,000,286 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010.06.30 16:03:30 | 000,000,897 | ---- | C] () -- C:\Windows\cdplayer.ini

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*.exe >

< %APPDATA%\*. >
[2012.01.05 00:22:57 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\.minecraft
[2010.12.15 00:46:19 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\2K Sports
[2012.04.08 05:59:55 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\3DeadZed
[2011.08.26 08:58:51 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Adobe
[2009.10.31 19:37:17 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Apple Computer
[2010.11.29 00:08:16 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Atlus
[2011.03.15 05:14:36 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\AtomZombieData
[2011.03.01 09:44:05 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\AtomZombieDemoData
[2012.02.21 20:35:58 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\AVG
[2012.02.28 02:11:17 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\AVG2012
[2012.04.24 20:01:28 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Azureus
[2010.11.07 23:20:44 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Basilisk Games
[2011.10.05 05:59:30 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Beat Hazard
[2012.01.18 10:49:47 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\BigHugeEngine
[2012.01.01 10:28:42 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Bioshock
[2011.12.24 02:15:15 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\bizarre creations
[2012.01.08 01:07:02 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Braid
[2012.03.17 13:59:59 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Brawsome
[2010.10.07 13:31:15 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Broken Rules
[2010.11.07 17:50:38 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Chime
[2011.02.26 06:35:35 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Cipher Prime
[2010.11.20 04:34:37 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Clones
[2010.11.19 01:10:06 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\ClonesDemo
[2011.05.27 01:01:00 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Cobra Mobile
[2011.07.24 00:27:59 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Codemasters
[2011.05.28 22:28:00 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Colibri Games
[2012.02.29 09:59:38 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\com.cipherprime.auditorium
[2012.02.24 22:19:54 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\com.tametick.CardinalQuest
[2012.04.24 23:43:42 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\crawl
[2011.07.12 15:44:43 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Crayon Physics Deluxe
[2012.01.25 21:07:19 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\DarknessIIDemo
[2011.06.21 01:47:33 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\DarksporeData
[2012.01.22 23:56:44 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\DefendersQuest
[2010.11.27 20:50:25 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\DocClockGame
[2011.12.30 05:31:15 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Doublefine
[2011.08.21 17:15:48 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Downloaded Installations
[2011.07.05 07:09:58 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\dvdcss
[2011.07.20 02:02:19 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Dwarfs
[2011.07.27 01:44:51 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Endless Fluff Games
[2010.10.18 03:54:07 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Faerie Solitaire
[2011.06.02 08:26:18 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\FatShark
[2012.02.28 20:10:29 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\fltk.org
[2010.12.23 21:11:16 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Fortix
[2011.07.10 06:40:15 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\fotw
[2011.02.26 06:35:33 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Fractal
[2010.09.22 11:37:36 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Games
[2011.07.10 17:26:27 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\GamesFaction
[2011.08.31 22:16:24 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Gatling Gears
[2009.01.23 17:17:31 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Google
[2012.04.02 02:46:13 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Greenshot
[2012.01.26 22:51:48 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\HackSlashLoot
[2011.08.31 23:50:12 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Hothead Games
[2009.01.24 03:06:27 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Ideazon
[2009.01.23 16:59:28 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Identities
[2010.10.21 08:11:58 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\InstallShield Installation Information
[2012.02.24 04:06:03 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\IrfanView
[2011.01.03 02:41:28 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\ITTNord
[2011.03.10 21:25:18 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Kalypso Media
[2012.03.29 12:46:31 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Leadertech
[2011.10.19 21:37:05 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\LightFish
[2012.03.29 12:43:09 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Logishrd
[2012.03.29 12:46:36 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Logitech
[2011.06.25 07:29:27 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\LolClient
[2011.07.05 20:45:54 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Longbow Digital Arts
[2012.04.04 06:38:40 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\LS
[2010.09.19 12:25:19 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\LucasArts
[2009.01.23 17:18:40 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Macromedia
[2010.01.03 18:41:40 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Malwarebytes
[2006.11.02 15:37:34 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Media Center Programs
[2012.01.24 15:19:33 | 000,000,000 | --SD | M] -- C:\Users\Jussi\AppData\Roaming\Microsoft
[2011.10.15 00:08:57 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Might & Magic Heroes VI
[2011.08.23 00:19:31 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Might & Magic Heroes VI - Public Closed Beta
[2011.05.24 06:52:58 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\MinMaxGames
[2010.09.22 10:43:31 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Mount&Blade Warband
[2011.06.06 09:36:21 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Mozilla
[2010.09.29 21:36:02 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\My Games
[2011.07.02 06:46:41 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\NationRed
[2009.01.29 21:22:18 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Nero
[2011.03.02 02:39:43 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Nicalis
[2011.07.03 06:11:11 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Nifflas
[2010.04.29 19:29:37 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Nokia
[2012.01.31 06:28:38 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Nooskewl
[2011.07.11 02:44:46 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Nucleosys
[2011.08.13 20:27:21 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\NVIDIA
[2012.04.04 05:53:42 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\offspringfling
[2012.03.01 20:39:08 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\OnLive App
[2010.07.15 13:34:23 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\OpenDNS Updater
[2009.02.15 18:38:10 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\OpenOffice.org
[2010.04.07 03:27:11 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Opera
[2012.03.08 17:45:04 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Origin
[2009.01.26 17:30:04 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Packard Bell
[2010.04.29 18:05:21 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\PC Suite
[2010.08.02 18:52:19 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\PeerNetworking
[2011.06.20 03:30:30 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Peter Brinson and Kurosh ValaNejad
[2011.07.19 02:28:39 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\PlayFirst
[2010.11.26 13:35:07 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\PopCapv1002
[2011.03.20 05:06:00 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\PunkBuster
[2012.02.03 19:02:16 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Quest3D
[2011.12.06 07:17:21 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\RayV
[2010.11.03 16:15:19 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\ReactGames
[2012.02.21 06:15:09 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Real
[2012.02.21 06:18:45 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\RealNetworks
[2010.12.27 23:09:57 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Relentless Software
[2012.04.28 02:44:47 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\RenPy
[2011.07.11 20:39:25 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\RIFT
[2012.02.21 01:45:16 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\RotMG.Production
[2010.10.01 19:31:44 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\runic games
[2010.11.20 01:41:07 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Safer Networking
[2011.08.08 10:18:59 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Samsung
[2012.02.22 16:25:03 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Scoregasm
[2010.10.03 00:51:04 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\SecuROM
[2012.02.21 05:07:51 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\SinisterDesign.TelepathRPGServantsOfGod.9734F53159B682152B7C442264602A0CEA7C53C9.1
[2011.10.06 23:40:09 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Sports Interactive
[2010.09.27 21:23:00 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\SquareLogic
[2010.06.20 09:11:35 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\SUPERAntiSpyware.com
[2009.01.23 17:00:12 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Symantec
[2011.01.12 23:16:54 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Systweak
[2011.02.25 14:59:02 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\The Creative Assembly
[2010.09.24 19:14:29 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\The Path
[2010.05.31 20:00:28 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Tific
[2011.07.07 19:35:49 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Tilted Mill
[2011.11.20 18:42:38 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\To the Moon - Freebird Games
[2011.09.28 11:07:58 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Total Eclipse
[2011.10.27 05:43:32 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Trine2
[2011.08.12 00:12:14 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Tropico 3 Demo
[2011.03.19 15:52:03 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Ubisoft
[2011.08.09 16:12:40 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Unity
[2012.01.11 18:53:51 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Unity of Command
[2008.08.05 01:10:59 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Ventrilo
[2012.01.02 20:33:44 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\VertexDispenser
[2012.05.03 00:57:28 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\vlc
[2010.02.10 04:57:48 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\vlc(833)
[2012.03.20 22:00:15 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Waveform
[2010.11.28 10:45:39 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Windows Live Writer
[2010.06.20 02:23:09 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\WinPatrol
[2010.12.18 01:13:10 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\WinterVoices
[2011.08.02 00:36:21 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\WinZip
[2010.11.22 05:45:09 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\WordPirate
[2012.04.08 06:37:35 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Worthless Bums
[2010.10.16 17:03:21 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\YoudaGames
[2010.09.28 08:15:20 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Zen of Sudoku
[2011.08.16 04:22:36 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\ZenBound2
[2010.12.21 01:26:13 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\ZombieDriver

< MD5 for: ATAPI.SYS >
[2009.04.11 09:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\ERDNT\cache\atapi.sys
[2009.04.11 09:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 09:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 09:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 05:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 05:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 12:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys

< MD5 for: EXPLORER.EXE >
[2008.10.29 09:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008.10.29 09:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008.10.30 06:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009.04.11 09:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\ERDNT\cache\explorer.exe
[2009.04.11 09:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.11 09:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008.10.28 05:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008.01.21 05:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: SVCHOST.EXE >
[2012.04.04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2008.01.21 05:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\ERDNT\cache\svchost.exe
[2008.01.21 05:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008.01.21 05:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe

< MD5 for: USERINIT.EXE >
[2008.01.21 05:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\ERDNT\cache\userinit.exe
[2008.01.21 05:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 05:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe

< MD5 for: WINLOGON.EXE >
[2012.04.04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009.04.11 09:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\ERDNT\cache\winlogon.exe
[2009.04.11 09:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 09:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 05:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< %systemroot%\*. /mp /s >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012.04.26 10:02:38 | 000,867,592 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012.04.26 10:02:38 | 000,867,592 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012.04.26 10:02:38 | 000,867,592 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2012.04.26 10:02:39 | 000,924,600 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2012.04.26 10:02:39 | 000,924,600 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2012.04.26 10:02:39 | 000,924,600 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2011.04.06 17:30:05 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2011.04.06 17:30:05 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2011.04.06 17:30:05 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2011.04.06 17:30:08 | 000,748,336 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" [2011.04.06 17:30:08 | 000,748,336 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\ShowIconsCommand: "C:\Program Files\Opera\Opera.exe" /ShowIconsCommand [2012.02.25 23:41:53 | 000,949,104 | ---- | M] (Opera Software)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\HideIconsCommand: "C:\Program Files\Opera\Opera.exe" /HideIconsCommand [2012.02.25 23:41:53 | 000,949,104 | ---- | M] (Opera Software)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\ReinstallCommand: "C:\Program Files\Opera\Opera.exe" /ReInstallBrowser [2012.02.25 23:41:53 | 000,949,104 | ---- | M] (Opera Software)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\shell\open\command\\: "C:\Program Files\Opera\Opera.exe" [2012.02.25 23:41:53 | 000,949,104 | ---- | M] (Opera Software)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012.04.26 10:02:38 | 000,867,592 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012.04.26 10:02:38 | 000,867,592 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012.04.26 10:02:38 | 000,867,592 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2012.04.26 10:02:39 | 000,924,600 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2012.04.26 10:02:39 | 000,924,600 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2012.04.26 10:02:39 | 000,924,600 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2011.04.06 17:30:05 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2011.04.06 17:30:05 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2011.04.06 17:30:05 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2011.04.06 17:30:08 | 000,748,336 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" [2011.04.06 17:30:08 | 000,748,336 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\ShowIconsCommand: "C:\Program Files\Opera\Opera.exe" /ShowIconsCommand [2012.02.25 23:41:53 | 000,949,104 | ---- | M] (Opera Software)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\HideIconsCommand: "C:\Program Files\Opera\Opera.exe" /HideIconsCommand [2012.02.25 23:41:53 | 000,949,104 | ---- | M] (Opera Software)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\ReinstallCommand: "C:\Program Files\Opera\Opera.exe" /ReInstallBrowser [2012.02.25 23:41:53 | 000,949,104 | ---- | M] (Opera Software)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\shell\open\command\\: "C:\Program Files\Opera\Opera.exe" [2012.02.25 23:41:53 | 000,949,104 | ---- | M] (Opera Software)

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< End of report >

OTL Extras logfile created on: 5.5.2012 1:11:41 - Run 2
OTL by OldTimer - Version 3.2.42.2 Folder = C:\Users\Jussi\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040B | Country: Suomi | Language: FIN | Date Format: d.M.yyyy

3,25 Gb Total Physical Memory | 1,97 Gb Available Physical Memory | 60,57% Memory free
6,72 Gb Paging File | 5,42 Gb Available in Paging File | 80,68% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 584,17 Gb Total Space | 282,10 Gb Free Space | 48,29% Space Free | Partition Type: NTFS
Drive D: | 596,17 Gb Total Space | 199,15 Gb Free Space | 33,40% Space Free | Partition Type: NTFS
Drive I: | 6,04 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: JUSSI-PC | User Name: Jussi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (All) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = ComFile] -- "%1" %*
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\System32\mshta.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
.inf [@ = inffile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\system32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 1
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{37FEA6B6-7C33-4849-9588-AA9DAB5ADAD5}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{3D3383A8-349D-4820-A55A-E981C79D1F83}" = lport=137 | protocol=17 | dir=in | app=system |
"{49E2B7E6-FD4F-49AF-9920-25749AC349DB}" = lport=445 | protocol=6 | dir=in | app=system |
"{4B6D43B2-662C-448E-A683-FE08CA226584}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{893AB75F-768A-4BF9-979F-639B158DFABC}" = rport=139 | protocol=6 | dir=out | app=system |
"{982653B4-A45F-487E-ABF5-82D72FFD953F}" = rport=137 | protocol=17 | dir=out | app=system |
"{A3030AB9-55AE-49BC-9849-B4F5A80BF47B}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe |
"{AF78FFC9-A203-4279-9B2A-025CFF98FA5D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B9743559-9944-472B-8F87-9C795A6FE3D9}" = lport=138 | protocol=17 | dir=in | app=system |
"{CE289D20-E187-4FAD-AF56-94910352FC3F}" = lport=139 | protocol=6 | dir=in | app=system |
"{EADC784A-18C1-4044-A4B2-054C70C31568}" = rport=138 | protocol=17 | dir=out | app=system |
"{F8F7C3A0-1E9F-49B2-963E-0F42C9E4EFFD}" = rport=445 | protocol=6 | dir=out | app=system |
"{FC206065-3699-437E-9B49-615EC99A3055}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01F99CB9-7352-4102-9E5A-0001AE3CC8B3}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\crazy machines elements\cmelements.exe |
"{02C1D935-8CD5-4891-B6F7-78F7E6722E63}" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"{033C5D69-5CE5-49F3-A48E-2C851B94FABA}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\waves\binaries\win32\waves.exe |
"{03FA5ADC-1960-4FA2-9B2B-EF38FA4A807E}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{04D4F880-33A9-4466-9BA0-C05BE09DCBD8}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{05CF33B1-C217-40FF-8623-F2658C9A6CA0}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\trackmania united\tmforeverlauncher.exe |
"{06088F95-EAE3-4EBA-8D31-6E365770BEF5}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\serioussamdoubled\ssgame.exe |
"{061848DE-151E-4EE7-93A3-CFABC5882830}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{06230291-1D48-4288-B459-1D86A0AB24F5}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\shadowgrounds\shadowgroundslauncher.exe |
"{06F0F974-2689-4C92-8CE4-4329E0E8CBB5}" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"{0809D8E0-400B-43FF-B3B6-AD8A50A908EC}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\valvetestapp207490\rayman origins.exe |
"{09451AA9-F6A5-4D1F-871E-CEDEA7C34099}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{0997AF07-676E-4855-8680-DAADCFC2D680}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\warp\binaries\win32\warp.exe |
"{0BD577AD-D5CD-4F2E-B761-1377CF265960}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\the binding of isaac\binding_of_isaac.exe |
"{0C79A491-34C5-48FB-A17B-E6583532ACE1}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\might and magic heroes vi\might & magic heroes vi.exe |
"{0D352E8F-8EB8-420B-B6E1-8A00AB8ED5CA}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\heroes of might and magic 5\bin\h5_game.exe |
"{0EC90726-6C27-4F67-A989-B23800A39DEE}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\trackmania united\tmforeverlauncher.exe |
"{0EFC5CB4-91E0-4867-BE5D-09919A0AFD65}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\heroes of might and magic 5\bina1\testapp.exe |
"{0FB7C2A2-1AF1-40DD-844F-64BA3508EE61}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\bulletstorm\binaries\win32\shippingpc-stormgame.exe |
"{10ECA357-6665-4B2A-875A-5E83DA8A9859}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.649\agent.exe |
"{118C6874-6C9D-4B09-9A5C-3D099506FD7E}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe |
"{15030993-8E81-49E2-A7B6-D6C5FD2EF794}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\nation red\nationred.exe |
"{164F12DA-EF99-46ED-9CF8-26CD70D28FB2}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\dungeon siege iii\dungeon siege iii.exe |
"{178B1D7F-DDCB-4150-B924-02228A8A09A6}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{180F94DE-EBFF-4738-ABC4-9B732FB0B22D}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\torchlight\torchlight.exe |
"{191987AE-825F-4B36-AA94-648787C26FB5}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\the walking dead\walkingdead101.exe |
"{1A6AF816-60D3-4DA6-87BE-0F539301CF4D}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\magic the gathering dotp 2012\magic_2012.exe |
"{1AD1EBD2-A2F5-4412-AC7E-DCF9D8845F34}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\fallout new vegas\falloutnvlauncher.exe |
"{1AE6018E-A122-42BF-A218-14E5DCAEEC98}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\gundeadligne\gundeadligne.exe |
"{1B70C099-EBBF-423D-ACC8-983D0EB2F181}" = protocol=17 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{1C0B042D-90E5-40D9-AD06-7269ED4ED539}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\frozen synapse\frozensynapse.exe |
"{1C35F470-85D7-4332-A740-D6A83EA60094}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\fallout tactics\bos.exe |
"{1C41D501-C4A7-431A-A92F-D00376D3E3BB}" = protocol=1 | dir=out | [email protected],-28544 |
"{1C55DE2A-F337-422B-A510-2A752A1131A4}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\sonic generations\sonicgenerations.exe |
"{1CC2CADB-2C04-4B99-9A99-90B5AC19D67F}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\torchlight\torchlight.exe |
"{1CDA28C8-79F9-4EE4-9B1D-E3869E548416}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\bastion\bastion.exe |
"{1D13218B-C2C0-44E5-8469-DC35F0721E28}" = protocol=17 | dir=in | app=c:\users\jussi\appdata\local\temp\7zs1e2b.tmp\symnrt.exe |
"{1F2680D4-A190-4602-8423-7FD1FE5AA87C}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\macguffin\macguffin.exe |
"{21786463-4E69-4905-9548-8F18E117600E}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe |
"{21E3B8C7-A052-4284-BF85-F61E661112E7}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\hardreset\hardreset.exe |
"{23BB6140-B3EC-4F0B-944B-31D593A29E13}" = protocol=17 | dir=in | app=c:\program files\origin games\mass effect\binaries\masseffect.exe |
"{25AFED2D-C453-46AC-BD16-4C36841B48B0}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\legend of grimrock\grimrock.exe |
"{260B476E-096E-4309-B9EE-3A49A2BF5276}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.649\agent.exe |
"{262C3ED0-AF79-4D6E-AAA9-3F6B55EBD0BB}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\bastion\bastion.exe |
"{2634C0CF-5291-4314-9B10-B0CA5207AC66}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\gemini rue\reslists\gemini rue.exe |
"{264883A2-1E9A-4592-A3E5-145BB53BF19C}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\sonic and sega all stars racing\config.exe |
"{26A5ECB5-8C51-43F1-9C24-90A00F321C74}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\dead island\deadislandgame.exe |
"{26CB3D44-A6F7-45E9-A25F-BD22046B4178}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\vampire the masquerade - bloodlines\vampire.exe |
"{280EF69D-C767-4915-975D-5F75032C09CA}" = protocol=6 | dir=in | app=c:\program files\spotify\spotify.exe |
"{28DBFC51-B347-412F-AA1C-8005223CC251}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\deus ex - human revolution\dxhr.exe |
"{294970D1-F61D-4F84-9A6F-41AF8800D4A2}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\fallout new vegas\falloutnvlauncher.exe |
"{2A64AED3-17FF-47D6-8A43-3DEBCAEEA1AF}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\cthulhu saves the world\cstw.exe |
"{2CB426C1-CCB8-4A2E-AAB9-B277DC2025DD}" = protocol=17 | dir=in | app=c:\program files\origin games\mass effect 3\binaries\win32\masseffect3.exe |
"{2D3C3404-E441-40BD-A747-739364615B79}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\legend of grimrock\grimrock.exe |
"{2E915973-470E-4335-96EA-B69A6F8E5570}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\shadowgrounds\shadowgrounds.exe |
"{2F456586-A4C6-480B-92E6-93AFEBB55D27}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\serious sam hd the first encounter\bin\samhd.exe |
"{2FBE3505-4A0E-4FF3-8162-A94BD59A4C1A}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\avadon the black fortress\avadon.exe |
"{31F9433B-5507-4949-974D-2D7405AC3673}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\mountblade warband\mb_warband.exe |
"{3262138C-643B-4C7E-BCC5-D09CFD71F20D}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\trackmania united\tmforever.exe |
"{33095C52-D0D2-4394-8DA5-A8A25C92F302}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{33225007-E5CA-4672-9DB9-67B91FB4CBDE}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\bulletstorm\binaries\win32\shippingpc-stormgame.exe |
"{33573691-FE9A-43D2-A5F7-5F369A9D49C9}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\the walking dead\walkingdead101.exe |
"{341513B4-93F0-47A2-83A5-0C084848E87B}" = protocol=58 | dir=in | [email protected],-28545 |
"{3459C153-44A3-428F-B177-4DBC3DE36FCA}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{347CD397-DA93-42E8-9404-9CEFCAE66200}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\penumbra black plague\redist\requiem.exe |
"{34AC9443-6B7C-4171-8564-9B11D24DD4D8}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\broken sword shadow of the templars\bs1dc.exe |
"{34CE5737-057E-4600-B6C6-E88C57792F82}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe |
"{35395772-CED7-4198-AED3-CEADCE7967CC}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\hackslashloot\hackslashloot.exe |
"{366643E4-005B-4E3F-AC70-2FFCADD5D1F8}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\warhammer 40,000 space marine\spacemarine.exe |
"{37BB3D31-D122-4FDE-B6FE-37A2ABE64194}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\penumbra black plague\redist\penumbra.exe |
"{39991D24-B11D-4DFC-ADC0-82F42E88966A}" = protocol=6 | dir=in | app=c:\program files\origin games\dragon age\bin_ship\daupdatersvc.service.exe |
"{39C57185-C64D-40C8-AA4A-3F4B854438F3}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\syberia\game.exe |
"{39C64250-7C5A-490F-8460-ECBF9B30B2B1}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\painkiller black edition\bin\painkiller.exe |
"{3C7CF48E-F322-4390-8F2E-60560BA55603}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\heroes of might and magic 5\bin\h5_game.exe |
"{3EEB3CC0-D56A-407A-8E34-317C0C1CCC19}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\tobe's vertical adventure\tobe's vertical adventure.exe |
"{3F9AB103-F3CD-4296-A802-481F8F948A0A}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\beat hazard\runme.exe |
"{3FB43834-BD63-41FD-98DA-59CF46BD4F0C}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\grotesque tactics 2\x86_installer\grotesquetactics.exe |
"{4066C7F5-06BC-4E83-8F30-A9A8DED4CAF3}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\steelstorm\steelstorm.exe |
"{4099BA1B-EC02-4599-96AE-643155DFF295}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\space rangers 2 reboot\rangers.exe |
"{42081475-6D0F-4F24-9BC9-FE29C5427708}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\dead island\deadislandgame.exe |
"{4392C5C6-40FC-4FB2-98C9-F1699EEF45E0}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\heroes of might and magic 5\bina1\testapp.exe |
"{43C56390-4F6F-4E16-AF23-40B0AAD934E8}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\serioussamdoubled\ssgame.exe |
"{4464AE24-AC36-465C-823E-748C2CB80510}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\gundemonium recollection\gundemonium.exe |
"{4612BC66-AA8F-4CC6-BCB0-6F8E2678FE57}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\luxor evolved\luxor_ev_x86.exe |
"{480D09B0-8BC6-4BBD-B930-556B7DC1BD2D}" = protocol=17 | dir=in | app=c:\program files\origin games\dragon age\daoriginslauncher.exe |
"{48291ECF-B503-482A-9C25-754E41AB8B58}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\renegade ops\renegadeops.exe |
"{487D3352-4D78-4F59-BA70-44C24C2B87FA}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{49DE4974-8FB8-4975-A030-B7B1370C7025}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\space pirates and zombies\spazgame.exe |
"{4A20A31A-D255-4429-BE7E-1F78BCE63BD3}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\painkiller black edition\bin\painkiller.exe |
"{4A69638E-4FA3-4253-9817-DB6B3373E177}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |
"{4AE9F4D0-10BB-457A-83A3-A1AF2D94ED41}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{4B5059B0-4EEF-497E-BFFD-74FB0354FD96}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\dungeons of dredmor\dungeons of dredmor.exe |
"{4BC65AE7-AEBA-4C6F-A94B-A9705635BEF5}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\insanely twisted shadow planet\fcengine-gfwl.exe |
"{4C7ABBFF-D40D-4BBB-BE08-284E83ABD040}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\magic the gathering dotp 2012\magic_2012.exe |
"{4D2B35A3-5CE9-4C6A-A1D7-675D4115F77E}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\darksiders\darksiderspc.exe |
"{4D3A5A49-7002-4BBC-9F3B-5507415917C0}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
"{4DA580D6-5555-43D7-BA18-3DDA7FE2A51B}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\serious sam hd the first encounter\bin\samhd_demo.exe |
"{4DD360A1-924B-49C1-82A8-C9B252E9459B}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\hackslashloot\hackslashloot.exe |
"{50196FFA-ECDB-457A-A5E0-AC2318EFF1AB}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\botanicula\botanicula.exe |
"{509FD87E-DBC8-412E-9058-2D52AF19F014}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\rochard\rochard.exe |
"{527A84F4-5C90-4375-B387-B1A1ECF070FF}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\syberia\game.exe |
"{52922BB8-D248-403B-8FA2-7386F50DFB43}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\sonic generations\configurationtool.exe |
"{52C224C7-733A-4A9B-924D-1E1A785B7856}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\heroes of might and magic 5\bina1\testapp.exe |
"{52D0B1AF-2E2E-4069-A526-6E69AE386E59}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\everyday genius squarelogic\squarelogic.exe |
"{54034D25-11E4-440E-BCB6-EB62F116A078}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\fantasy wars\fw.exe |
"{5404BAD6-136D-4B62-86CA-BD0C80789ED1}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\dead space 2\deadspace2.exe |
"{554FA9C0-6CA6-450D-A56E-803B8F6A863C}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed brotherhood\uplaybrowser.exe |
"{55823215-F372-4E86-A589-61058D18504D}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\luxor evolved\luxor_ev_x86.exe |
"{55E87640-A2E5-40F5-A0A7-3A553B29D22B}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{56152658-B0D4-4442-9D7D-65AF832CF30B}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\the binding of isaac\binding_of_isaac.exe |
"{57323EAE-CCF7-4CF5-9AF7-0C41910CB5B8}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\gemini rue\reslists\gemini rue.exe |
"{576459F8-9165-486E-B1CD-CE2CBB40CF09}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\rochard\rochard.exe |
"{57BE380C-D7DF-411A-9803-2BBE72EB320E}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\nation red\nationred.exe |
"{57E0CFBF-9BE5-48F9-8219-3C74C3955DF3}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\avadon the black fortress\avadon.exe |
"{584F7881-36F3-4E23-AA78-AC7036B12C6C}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\sniper elite\sniperelite.exe |
"{5858CEBF-BBC5-4A3A-B2D1-9379732CC143}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\warlock - master of the arcane demo\support\ino_co_com.url |
"{5869DFD9-75F2-4D59-9728-C7C5EA367482}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\syberia\game.exe |
"{5870547C-C4AA-4913-9998-3DF439D29164}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{59270198-0938-451A-B30F-31190D4041BE}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\hitogata happa\happa64.exe |
"{59AB7345-23E4-4C0B-944B-6BD7C23A2A1C}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\serious sam hd the first encounter\bin\samhd_demo.exe |
"{5A23525F-2EA2-477C-97B3-448507FFAB5C}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\fallout new vegas\falloutnvlauncher.exe |
"{5B0EB350-1E4D-49EB-A73E-36646B1F2A01}" = protocol=6 | dir=in | app=c:\users\jussi\appdata\local\temp\7zs9d29.tmp\symnrt.exe |
"{5BD689CB-6F89-4C1E-B875-28EAFF7B1282}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\vampire the masquerade - bloodlines\vampire.exe |
"{5CC3A76F-4847-45B7-ADB7-4A80E6A05428}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\ys the oath in felghana\config.exe |
"{5CE8AFB5-2AE6-468E-AFA1-938F769EE5DD}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\avadon the black fortress\avadon.exe |
"{5D0855D8-42A8-4A26-8B95-8D391EC33C4B}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\macguffin\macguffin.exe |
"{5D71A09A-DA43-4C27-9D6A-DAF69FF5C487}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{5F913AA4-7E42-45F2-877D-5E472BE76B69}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\avadon the black fortress\avadon.exe |
"{5F9151D4-F4CB-4F01-B787-9DD4B011280E}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\renegade ops\renegadeops.exe |
"{6177EA8B-40AD-4E59-89CC-2EB711196270}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |
"{61C65EA9-5610-48E3-A4C8-A9802FB14757}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\ys the oath in felghana\config.exe |
"{61F899FF-737E-44F6-93DB-2995EA1E6A74}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\space rangers 2 reboot\rangers.exe |
"{625D5B27-9C7E-493B-BAEC-698E1D5FBB08}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\gundemonium recollection\gundemonium.exe |
"{626B0F2B-8F00-4B55-88C5-C35AA56002CE}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\dead island\deadislandgame.exe |
"{64E2D9FD-DBE1-4D4F-B72B-2A2B7D58529B}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\dungeon siege iii\dungeon siege iii.exe |
"{650505B9-8352-41C8-B2DB-7A83BBBDD896}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\still life\game.exe |
"{652343FD-02FF-47A5-B3F1-E6EA9BB3017A}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\ys the oath in felghana\ysf_win.exe |
"{65F9C7F1-875C-461C-B99F-756B6C6FA455}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\magic the gathering dotp 2012\magic_2012.exe |
"{67B7EDBF-EFCB-49F9-AC38-1E6C8B2B257A}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\shoot many robots\shootmanyrobots\binaries\shootmanyrobots.exe |
"{67D0EBAF-75AD-4867-AB64-E714049354E3}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\recettear\custom.exe |
"{67E2427F-3671-483C-9CAE-713A746AC586}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\orcs must die!\build\release\orcsmustdie.exe |
"{68593051-B1B5-49C5-996F-E6E2C2AF817A}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\sonic generations\sonicgenerations.exe |
"{69A577E1-59CD-4D0D-A707-A49B08FCE91E}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\space pirates and zombies\spazgame.exe |
"{69B3DA89-85A8-40AF-92F4-2CCE79B04376}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed brotherhood\assassinscreedbrotherhood.exe |
"{6A7554B1-ABAA-4CA0-9FBD-0B2E588A54F6}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\heroes of might and magic 5\bin\h5_game.exe |
"{6A7742B0-065E-4CFD-92A3-9AC52AF86ED5}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\gundemonium recollection\gundemonium.exe |
"{6ABB96EC-FC83-4AE1-96B9-1743EDE52764}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\grotesque tactics 2\x86_installer\grotesquetactics.exe |
"{6AD0EE05-134B-4495-8219-2D8D2E4E33A2}" = protocol=6 | dir=in | app=c:\program files\origin games\mass effect\binaries\masseffect.exe |
"{6AEDA220-82FF-4AD1-9100-D1373626B14C}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\vampire the masquerade - bloodlines\vampire.exe |
"{6C0F049B-EFB9-483C-A472-80BDC46F6406}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\zombie driver\release\zombiedriver.exe |
"{6C5B9A8D-85C7-40C2-99DE-03954E372467}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\heroes of might and magic 5\bin\h5_game.exe |
"{6E809637-A763-41BB-8C2D-E389E8DC6C45}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\spectromancer\spectromancer.exe |
"{6F88FD1D-9EB0-41F4-BB70-58BAFFD9B46F}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\trine 2\trine2_launcher.exe |
"{700F0726-579A-409F-B284-C8395AAF64B1}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\trine 2\trine2_launcher.exe |
"{70A08673-2D84-4DE1-8625-1216CFF87DCC}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\painkiller black edition\bin\painkiller.exe |
"{7237F116-7741-4CFF-AA26-6BB7601BE4FA}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\penumbra black plague\redist\penumbra.exe |
"{725DA4EE-1F4E-434A-8AEC-1F7B55A885F5}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{730528FB-AB0B-450D-95F4-E473E033BED5}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\ys the oath in felghana\ysf_win_dx9.exe |
"{7326A06E-95D9-4DEE-B551-736F56AFC06F}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\mountblade warband\mb_warband.exe |
"{74116181-6F9A-4BAF-9B9A-F21AB66C166D}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe |
"{756775F4-C9CC-4BA1-93F8-4167FC9BE0B5}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\section 8 prejudice\s9.exe |
"{75B8B94E-6153-4612-A504-21021F63BF22}" = protocol=17 | dir=in | app=c:\users\jussi\appdata\local\temp\7zs9d29.tmp\symnrt.exe |
"{76810ECB-7540-4196-B6C4-4B86E9E87D04}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\alien zombie megadeath\alienzombiemegadeath.exe |
"{76988B6E-BE5D-4948-A5DC-94619A61A615}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\dead space 2\support\ea help\electronic_arts_technical_support.htm |
"{77109314-777F-4E73-BE83-AE7F2781EFAC}" = protocol=17 | dir=in | app=c:\program files\origin games\dragon age\bin_ship\daupdatersvc.service.exe |
"{7795563E-F6C0-4E84-AFDD-4B67F1519B98}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\everyday genius squarelogic\squarelogic.exe |
"{77BBB9DA-4587-4703-ACCC-CF9A4325C94A}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\steelstorm\steelstorm.exe |
"{77F1B8BB-8BAB-42A1-B73B-F574514D2E6A}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\warlock - master of the arcane demo\support\game.url |
"{78ACA983-C37C-4CD8-A4BE-03F607EC32AF}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\fantasy wars\fw.exe |
"{78D47BB6-D6AF-4702-95B2-4B6E469D338B}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\the binding of isaac\isaac.exe |
"{790D960A-F616-4459-A306-CAA06C0D690E}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\dungeons of dredmor\dungeons of dredmor.exe |
"{797D1CA1-AA39-4C66-9316-BE3D0D43373D}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\tobe's vertical adventure\tobe's vertical adventure.exe |
"{79D95A8D-35A0-47BC-BB96-7B65D612B275}" = protocol=6 | dir=in | app=c:\users\jussi\appdata\local\temp\7zs1e2b.tmp\symnrt.exe |
"{7A3093F5-3579-4A37-82F1-2168AEE63875}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe |
"{7B75325F-104B-482D-913A-67371E63863F}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\the binding of isaac\isaac.exe |
"{7BC557C2-16BE-4C86-BAE8-05D03D206689}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\recettear\recettear.exe |
"{7BC57B9F-0B22-43B6-A6CB-9794092D40BE}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\shoot many robots\shootmanyrobots\binaries\shootmanyrobots.exe |
"{7C7E0F4C-F051-4D59-A129-09BC33E11CD6}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\warhammer 40,000 space marine\spacemarine.exe |
"{7CADE980-834A-4C6B-9538-4017F4BFFDBD}" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\launcher.exe |
"{7D11F3B7-E450-4A41-BC4F-6CEE70E62DDA}" = protocol=17 | dir=in | app=c:\program files\origin games\dragon age\bin_ship\daupdatersvc.service.exe |
"{81AA1AF1-0AB3-4EF2-90E3-530DB6BB53D2}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\tomb raider anniversary\tra.exe |
"{81E1D2C1-E75E-4B6F-A31B-922F07C92340}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\flatout\flatout.exe |
"{82F163CE-A073-4DB7-9DEA-7D6263B9450A}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\warlock - master of the arcane demo\support\paradox.url |
"{8414E1AF-8D2F-4568-A7ED-88162A61153B}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\nation red\nationred.exe |
"{8479FFFA-B7EE-45C7-8E08-0B40363E8D19}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\painkiller black edition\bin\painkiller.exe |
"{8499E9CD-3A7A-4A76-865E-9F47D784473C}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\space rangers 2 reboot\rangers.exe |
"{84E2A5F5-C83B-4EB8-A5AD-1C5CA34071A5}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\warlock - master of the arcane demo\support\game.url |
"{85DCCA67-E4FD-4AB0-804A-ED47C1941D35}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\nation red\nationred.exe |
"{85FC98B7-0A4E-425E-8713-4248796759D4}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe |
"{8610C1BD-D8B0-4FFF-8583-7FDC74ED922A}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\penumbra black plague\redist\penumbra.exe |
"{863CE76A-57B9-4AE4-8037-2512D650D623}" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"{86D6590E-E85C-4389-9D97-2710548163F4}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\stalker shadow of chernobyl\bin\xr_3da.exe |
"{876D8EB0-B8D1-4C62-98EE-F6DECD0C9DC6}" = protocol=17 | dir=in | app=c:\program files\dna\btdna.exe |
"{87D04DEE-0F66-4FDF-9139-25EFA042B1A7}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\avernum escape from the pit\avernum.exe |
"{87D30EF3-D636-43A0-AE2A-AD39A87F14AB}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\space pirates and zombies\spazgame.exe |
"{88064B43-78FE-4674-9572-2696B93AEA08}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\dawn of war ii - retribution\dow2.exe |
"{88E9C070-94B9-413E-B718-94D55AA4304B}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\might and magic heroes vi\might & magic heroes vi.exe |
"{8967B26C-CF01-4DE4-B021-F335B1598208}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\sonic and sega all stars racing\config.exe |
"{89C0F924-5F4F-4509-A5D6-98556B4DDE0D}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\fallout tactics\bos.exe |
"{8B88DC7B-EA78-45C1-BC7B-96300B13AA88}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\frozen synapse\frozensynapse.exe |
"{8CD36708-B093-4815-B539-4BE05F9758F3}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\orcs must die!\build\release\orcsmustdie.exe |
"{8D12AF5C-A2C5-4192-937E-C3BD9B8CB937}" = protocol=6 | dir=in | app=c:\program files\dna\btdna.exe |
"{8DB64678-9311-4F67-961A-930B7D1D4087}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\ys the oath in felghana\ysf_win.exe |
"{8DF012F5-DB62-4A6C-88EC-A7A1851DACD5}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\section 8 prejudice\s9.exe |
"{9097EC15-4B57-4B12-AE99-803340B532B4}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\valvetestapp207490\rayman origins.exe |
"{90D64E42-410B-4C3F-AFA5-5B279F1103E1}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\dawn of war ii - retribution\dow2.exe |
"{911449E3-6097-4505-8B68-07F103A2D76F}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\crazy machines elements\cmelements.exe |
"{917E7034-0723-40E0-A546-AFFE792AB139}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\broken sword shadow of the templars\bs1dc.exe |
"{939BBAC2-F9F7-4DFD-8405-FDE8DCF64535}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\recettear\custom.exe |
"{93A667C8-8534-415E-B0C0-969340D4F1EA}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{945117D0-E927-4327-893B-7FCD860034B9}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\sonic generations\configurationtool.exe |
"{95FD37A5-04E7-48C4-8D14-3BD171283F8F}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\defensegridtheawakening\defensegrid.exe |
"{96C93D14-2A72-433D-B43B-80431E60458F}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\fallout new vegas\falloutnvlauncher.exe |
"{973A6F7A-DF5B-40A9-B7E8-3B4BDAE1DA82}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\hitogata happa\happa64.exe |
"{97B6B554-7F19-4D78-B78B-4A01F45DB230}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\hitogata happa\happa64.exe |
"{97EE2161-70D2-4FFA-A541-F8A56B5E1D9F}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\defensegridtheawakening\defensegrid.exe |
"{98C0BCF8-71BB-4A6A-99C3-5A63D3B79C25}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\waveform\waveform.exe |
"{99972E4E-9593-441E-B8CC-5E74512530F9}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\spectromancer\spectromancer.exe |
"{9B7D5116-5E95-4088-AE80-EA6087CC11DF}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe |
"{9BE6E5BF-1DED-427F-8687-C591D690AF39}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\space pirates and zombies\spazgame.exe |
"{9C37E0D1-E699-4150-9636-F9586FB009FB}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\penumbra black plague\redist\penumbra.exe |
"{A2244386-6A78-416A-BCBE-6DC1ECCF485F}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\sonic and sega all stars racing\sonic & sega all-stars racing.exe |
"{A34156D3-44D8-4A52-989D-678A5001AABA}" = protocol=17 | dir=in | app=c:\program files\spotify\spotify.exe |
"{A3F98F74-EAB1-465A-8939-3FBD8DA91363}" = protocol=17 | dir=in | app=c:\program files\mass effect 2\binaries\masseffect2.exe |
"{A497BA71-E6B1-48BE-BF5A-75BF0ECB7516}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\broken sword shadow of the templars\bs1dc.exe |
"{A4AB6EE6-803E-456F-BB79-568BE0AA3145}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{A5015BC2-4B5A-4B09-B18A-8E431C5A3A8D}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\warlock - master of the arcane demo\support\ino_co_com.url |
"{A5AA84A0-AC87-4BF1-A7B0-C3DB9CC0B992}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed brotherhood\acbsp.exe |
"{A65E9604-02A3-47D2-818A-689F710B32CF}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\penumbra black plague\redist\requiem.exe |
"{A7821986-1D98-4C37-B005-424779A23A4C}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\everyday genius squarelogic\squarelogic.exe |
"{A8314810-2D55-4810-A418-AD9E91BAE7BB}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\magic the gathering dotp 2012\magic_2012.exe |
"{A9CDADF4-0EC8-413F-8707-26D1FA831D0F}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\heroes of might and magic 5\bina1\testapp.exe |
"{AADC8E40-F0D3-48B8-90E4-5BB047EFBEFF}" = protocol=1 | dir=in | [email protected],-28543 |
"{AAF2B933-20E3-4DF4-A1A2-EB53C6ED0755}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\shadowgrounds\shadowgrounds.exe |
"{AAFAED3C-971F-477C-8437-FD277404074C}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\zombie driver\release\zombiedriver.exe |
"{AB4705DE-0482-48B7-B56E-4D52E38772CF}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{AB87BC03-A4BF-4A26-9D32-A4400FFA345A}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\trackmania united\tmforeverlauncher.exe |
"{ACAE66FA-CD77-4F80-B0D9-4C13028AFF22}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\trackmania united\tmforever.exe |
"{ACC525DC-9F7A-42C8-987C-CA089E831274}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\vessel\vessel.exe |
"{ACEB37ED-3E97-42C4-B1E7-4A01D6FD05C7}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\fallout tactics\ft tools.exe |
"{AD71379E-305E-4A52-9A15-853A2EE30229}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\warlock - master of the arcane demo\support\paradox.url |
"{AD9EC3F4-F4CF-4B82-8094-BF7ABEB7F81A}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed brotherhood\acbmp.exe |
"{AE3FEE4B-B4F2-4D00-AB03-D4EC867014CD}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\trackmania united\tmforever.exe |
"{AE962CFA-59F1-4DC6-A944-33CCB454AA7A}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\broken sword shadow of the templars\bs1dc.exe |
"{AEA40AAC-CF95-46AF-9434-44552ADDC3B0}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{AF2CE2A8-8130-41C9-8FF2-1290BCC31CB4}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\tomb raider anniversary\tra.exe |
"{AFC0654F-73E8-4C49-BB04-05BD02D9D126}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\ys the oath in felghana\config_dx9.exe |
"{B20EF5B3-C8A7-4019-8B6B-F706F1063AAF}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\ys the oath in felghana\ysf_win_dx9.exe |
"{B2527276-C746-424E-B057-41CC23D8132B}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\sequence\sequence.exe |
"{B336A5ED-8BE6-499B-8BA8-2A37D636B5B6}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\1000 amps\1000ampsrewin.exe |
"{B3C6B4F6-88CC-47F9-90DE-EC38DC557F4F}" = protocol=17 | dir=in | app=c:\program files\mass effect 2\masseffect2launcher.exe |
"{B3F828D9-134D-4A30-BC92-3BF640F568AF}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\syberia\game.exe |
"{B4308C44-BF86-4599-A1C0-2CCFC108FD03}" = protocol=17 | dir=in | app=c:\users\jussi\appdata\local\temp\7zs4c7b.tmp\symnrt.exe |
"{B51F107D-FB8F-4B24-8393-6FF69AF6C5AB}" = protocol=17 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{B575D149-D7E5-4268-9E29-25C4C18DF079}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\stalker shadow of chernobyl\bin\xr_3da.exe |
"{B9A51F39-652B-4419-BC56-B8F5E72E1C6B}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\flatout\flatout.exe |
"{B9C2E769-EEE2-44C1-81CC-5E791C9CD560}" = protocol=6 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{BA4F298A-1BEE-4BE0-9BB8-CA28EFF87FBC}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\spectromancer\spectromancer.exe |
"{BB5519BF-D50E-45D6-BED8-EE003F636495}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\gratuitous space battles\gsb.exe |
"{BB7A827D-3A8E-4C6C-8378-9F9EB18A2EB2}" = protocol=6 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{BDEC2E9F-B6C8-41B4-825A-8ADAE9690A7C}" = protocol=6 | dir=in | app=c:\program files\origin games\mass effect 3\binaries\win32\masseffect3.exe |
"{BE0B45E9-EDAF-434B-B629-C74AD1AB4500}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\gundeadligne\gundeadligne.exe |
"{BF9D6472-0580-4A39-938E-17E4121994C5}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\spectromancer\spectromancer.exe |
"{C00890D9-7B36-4812-B28E-0ECC3FE2EAC3}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\might and magic heroes vi\might & magic heroes vi.exe |
"{C00F0746-5B97-4001-8008-6850F5713DA4}" = protocol=6 | dir=in | app=c:\program files\mass effect 2\binaries\masseffect2.exe |
"{C1016A2F-D60E-44FE-9646-87096FD6FA72}" = protocol=58 | dir=out | [email protected],-28546 |
"{C1266395-4F1D-4FF9-A260-4DE5770977D1}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\gundeadligne\gundeadligne.exe |
"{C147DD41-5C35-4ABF-AF9B-C32D7AE46005}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\sideway\win32\sideway_shippingwin32steam.exe |
"{C15996C1-91C5-44EF-838F-DFAF53642034}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\dead space 2\deadspace2.exe |
"{C1B11A18-5B9B-4D9F-9EB5-E2C815A681A4}" = protocol=6 | dir=in | app=c:\program files\origin games\mass effect\masseffectlauncher.exe |
"{C1DE7775-B029-41BC-A246-14784DCCBBC1}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\renegade ops\renegadeops.exe |
"{C245B613-C696-4BC2-A20B-0ED13A2B138B}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\trackmania united\tmforeverlauncher.exe |
"{C2F96BC1-0E53-43D9-989F-79B90800DA16}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\serious sam hd the first encounter\bin\samhd.exe |
"{C332CC74-8237-4768-B8AD-FE1839AAF1E2}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\neverwinter nights 2\nwn2toolsetlauncher.exe |
"{C4C39A1C-CD80-49BE-84EC-5781A49BD634}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\darksiders\darksiderspc.exe |
"{C4F0862E-929A-4B1C-BC25-1CAD9A9DA32C}" = protocol=6 | dir=in | app=c:\program files\origin games\dragon age\bin_ship\daupdatersvc.service.exe |
"{C66285DC-B0C5-4DE2-9187-2C034DB8D69E}" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"{C670EF45-A10C-40BC-97CA-9EE51660DC4D}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\waveform\waveform.exe |
"{C8B104B3-6C1A-4CE3-9BE6-5D6D66DF742E}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed brotherhood\acbsp.exe |
"{CAD33131-B1C6-4AD5-8441-E1F295C3FB69}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\beat hazard\runme.exe |
"{CB92690C-975A-4DEE-9C83-F38A9456E067}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{CE3A2FDE-DE59-4E72-9E42-277E5030E16D}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\sonic and sega all stars racing\sonic & sega all-stars racing.exe |
"{CF0CED8F-1C74-4A90-BE83-8624858643AA}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\neverwinter nights 2\nwn2toolsetlauncher.exe |
"{CF5523D7-65C4-46A8-BE15-A545C6CFCA18}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\gratuitous space battles\gsb.exe |
"{CF5D9E3B-C979-4FD8-9E8D-30E8DE403F1E}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\hitogata happa\happa64.exe |
"{CF7D6BA8-F8FF-471E-8591-895F480A9CEE}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\trackmania united\tmforever.exe |
"{CFD850B7-EF44-4525-BD3F-4846FC97609E}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\waves\binaries\win32\waves.exe |
"{D0825DC0-590F-4040-BF32-5EA9123EC0D9}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\insanely twisted shadow planet\fcengine-gfwl.exe |
"{D0BE2AA1-1C4D-4EB3-A835-91CC67E4AC7B}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\diamond dan\dd.exe |
"{D17965C0-5456-4518-9E31-9034D643CEAF}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed brotherhood\uplaybrowser.exe |
"{D26628A8-CB71-40A2-8463-62FFEAA16090}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\diamond dan\dd.exe |
"{D3C01EC8-237A-40A0-9FE3-63928F2854F6}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\botanicula\botanicula.exe |
"{D48D7E46-DBF3-436F-AEB2-F468530B92CE}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\tobe's vertical adventure\tobe's vertical adventure.exe |
"{D4C2FB39-E351-4158-81BE-39831D05BE24}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\frozen synapse\frozensynapse.exe |
"{D6341078-CB35-4040-BB45-6B9D4A4EF5C0}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe |
"{D68A8DD1-83D3-4C57-9C2F-AF165BDD5664}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\dungeons of dredmor\dungeons of dredmor.exe |
"{D830AF6A-6CB4-4959-AE5D-E293E82EBC3F}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{DB00978C-1909-4D4A-B521-E58851F58004}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\vampire the masquerade - bloodlines\vampire.exe |
"{DBB921DD-7E6D-4E6D-A6AA-841706639FBA}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\hardreset\hardreset.exe |
"{DE721704-808A-43AD-B26B-51D855DB8150}" = protocol=17 | dir=in | app=c:\program files\origin games\mass effect\masseffectlauncher.exe |
"{E08E3A8D-9191-4444-AD18-DFEFC4437387}" = protocol=6 | dir=in | app=c:\users\jussi\appdata\local\temp\7zs4c7b.tmp\symnrt.exe |
"{E1E5579A-F994-46B8-8E4D-51564769786D}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\ys the oath in felghana\config_dx9.exe |
"{E277A534-AA06-4454-9C46-27C8D5A3EABB}" = protocol=17 | dir=in | app=c:\program files\origin games\dragon age\bin_ship\daorigins.exe |
"{E2914922-72CC-4797-A6AA-6E04520926DE}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\gatling gears\gatlinggears.exe |
"{E2CDF0F3-FB43-498A-946D-78BF84F63FE5}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\everyday genius squarelogic\squarelogic.exe |
"{E3589F88-A602-42AC-9518-D6102EE5E648}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\the binding of isaac\binding_of_isaac.exe |
"{E50604B6-1E68-48DD-97DD-46597A1B4C38}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{E51F6535-90B3-4380-AFAB-5CCDC5920A42}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\vessel\vessel.exe |
"{E614CF1A-8D58-418F-916E-AE2A40709217}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\the binding of isaac\binding_of_isaac.exe |
"{E77E9FB0-CD13-4525-A580-F567ACADAD1E}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\gundemonium recollection\gundemonium.exe |
"{E7FC3F39-D924-4864-978A-190CA7537AFE}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\avernum escape from the pit\avernum.exe |
"{E8F5D62D-DED3-4B92-AD1C-861435012B16}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\recettear\recettear.exe |
"{EAACBBBA-0D89-4036-AA82-A1E40E99FB60}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\still life\game.exe |
"{ECFA7715-5A98-40BB-A460-40D81C602A31}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\cthulhu saves the world\cstw.exe |
"{EE2662EB-E61B-46FB-BA2B-E0C8A613934E}" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\launcher.exe |
"{EF04E99B-2237-4582-9C58-685AACB67FB9}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
"{EF8F06E0-7AF2-4CA3-A413-4D7B489AAAA0}" = protocol=6 | dir=in | app=c:\program files\mass effect 2\masseffect2launcher.exe |
"{F02BACFE-CAA9-4B8F-A7BE-FAE550758F5A}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\gatling gears\gatlinggears.exe |
"{F077C955-1225-4838-8C4E-5EAB72E3A1E3}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed brotherhood\acbmp.exe |
"{F32F1F74-BB5A-4CF7-BED4-51A6091A4825}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\gundeadligne\gundeadligne.exe |
"{F369CE72-B799-446F-915E-CF20E83EE6B4}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\renegade ops\renegadeops.exe |
"{F4A1B803-AEF8-4BE0-A97E-CFA3BC27346D}" = protocol=6 | dir=in | app=c:\program files\origin games\dragon age\daoriginslauncher.exe |
"{F861123C-FA61-41FB-AC60-EF68D5323953}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\alien zombie megadeath\alienzombiemegadeath.exe |
"{F8D7C058-2955-4BFA-9E2D-C2E1405B9E1C}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed brotherhood\assassinscreedbrotherhood.exe |
"{F9371065-1D86-4D7A-B5C4-3DE95EA5F80B}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\sideway\win32\sideway_shippingwin32steam.exe |
"{F9ADB013-D4D2-4185-9B6B-97C37D6C8BF0}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\warp\binaries\win32\warp.exe |
"{F9F09A01-B84E-4397-AB59-FC4D9D719B05}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\dead island\deadislandgame.exe |
"{FA591D34-4F2E-4B2E-93E0-2A915D0BB158}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\tobe's vertical adventure\tobe's vertical adventure.exe |
"{FA68318D-810E-429E-894F-89C5EC8B6D99}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\sequence\sequence.exe |
"{FAEDFF35-A68D-4970-80C1-4D8AB54D9E39}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\frozen synapse\frozensynapse.exe |
"{FB1C81EB-52B5-4A04-A4AE-8AC00741C594}" = protocol=6 | dir=in | app=c:\program files\origin games\dragon age\bin_ship\daorigins.exe |
"{FB320C97-CAE0-4111-BE80-F6C2CF8F0480}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\fallout tactics\ft tools.exe |
"{FB717592-1514-4A74-A536-FC417EDA2F05}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\dungeons of dredmor\dungeons of dredmor.exe |
"{FBD287E1-3EB9-4C50-8808-CE68BF3DDD6C}" = protocol=6 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{FBDCCCD4-2E7E-47F7-A58A-97D020D118C9}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\1000 amps\1000ampsrewin.exe |
"{FC6AF93B-8329-4A88-B2C3-F499DA5D83F7}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\beat hazard\beathazard.exe |
"{FCE0FBED-6E6D-4A41-BB5B-9998AC2FE35D}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{FCE3598F-D906-4BE5-8E81-963CEC035377}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\might and magic heroes vi\might & magic heroes vi.exe |
"{FDA2A8E6-50CC-4F19-A610-0F4D003E11D1}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\shadowgrounds\shadowgroundslauncher.exe |
"{FDB06F46-ABBE-4A12-B484-32CB3E4D333C}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\sniper elite\sniperelite.exe |
"{FDF43EC4-9EFB-4166-A97F-A4D8668492F4}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\dead space 2\support\ea help\electronic_arts_technical_support.htm |
"{FE9A89FB-E895-43EF-9AD4-C7C78207939A}" = protocol=17 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{FEC7D2B8-B7CB-4309-BFD9-64D1004155C5}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\deus ex - human revolution\dxhr.exe |
"{FED30C75-A085-4397-93B3-AEA96FA90FD9}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\space rangers 2 reboot\rangers.exe |
"{FFEB1C91-9E1A-4CEA-A833-889383C7E3D4}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\beat hazard\beathazard.exe |
"TCP Query User{1B063F9C-C712-4767-8B2F-18C8D529C7BE}C:\users\public\games\world of warcraft\temp\wow-4.2.1.2727-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\temp\wow-4.2.1.2727-enus-tools-downloader.exe |
"TCP Query User{1F62D3BB-6A09-45C9-AA0C-E180CACD530E}C:\users\public\games\world of warcraft\temp\wow-4.2.1.2736-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\temp\wow-4.2.1.2736-enus-tools-downloader.exe |
"TCP Query User{22B29D68-2EF6-41B0-A4EB-C133574FEE9C}C:\fists\for.exe" = protocol=6 | dir=in | app=c:\fists\for.exe |
"TCP Query User{2B5D0CED-9042-4BD2-A35A-E5199B26CA8F}C:\users\public\games\world of warcraft\temp\wow-4.2.1.2706-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\temp\wow-4.2.1.2706-enus-tools-downloader.exe |
"TCP Query User{36452194-75B6-428C-8A12-40B46C61982B}C:\users\jussi\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\jussi\appdata\roaming\spotify\spotify.exe |
"TCP Query User{55A9D9B9-6C66-4EAE-BBDD-7F63E837A2F3}C:\users\public\games\world of warcraft\temp\wow-4.2.1.2730-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\temp\wow-4.2.1.2730-enus-tools-downloader.exe |
"TCP Query User{58BF7C9B-AE6F-49D7-8917-B9A274B626C7}C:\users\public\games\world of warcraft\wow-3.3.0.11159-to-3.3.2.11403-engb-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.0.11159-to-3.3.2.11403-engb-downloader.exe |
"TCP Query User{7AF2CA5E-6118-4661-AC59-99074DA72B7A}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"TCP Query User{A07B1B7A-76CF-49AE-80DD-163E5A64C39F}C:\users\public\games\world of warcraft\launcher.patch.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\launcher.patch.exe |
"TCP Query User{BE35F6FE-106E-40A9-85FB-6331B78257B7}C:\program files\origin games\dragon age\bin_ship\eacoreserver.exe" = protocol=6 | dir=in | app=c:\program files\origin games\dragon age\bin_ship\eacoreserver.exe |
"TCP Query User{C8945522-55B8-4512-A300-DD885DA8926E}D:\diablo-iii-8370-engb-installer-downloader.exe" = protocol=6 | dir=in | app=d:\diablo-iii-8370-engb-installer-downloader.exe |
"TCP Query User{CDC3BD0D-8E00-40B8-8749-6C1E59A101F1}D:\steam\steamapps\common\blur\blur.exe" = protocol=6 | dir=in | app=d:\steam\steamapps\common\blur\blur.exe |
"TCP Query User{F63F3FDC-BA34-4990-8877-F9B461D6DFBF}C:\users\jussi\art\wanderlust.exe" = protocol=6 | dir=in | app=c:\users\jussi\art\wanderlust.exe |
"UDP Query User{2D242568-16A3-48EA-92F0-ADFB728B874E}C:\users\jussi\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\jussi\appdata\roaming\spotify\spotify.exe |
"UDP Query User{344F61C2-4AA2-4C9C-BF99-A99748C820D7}C:\users\jussi\art\wanderlust.exe" = protocol=17 | dir=in | app=c:\users\jussi\art\wanderlust.exe |
"UDP Query User{3C05CAF4-AF32-478E-9A79-DC7A2C635ED9}C:\fists\for.exe" = protocol=17 | dir=in | app=c:\fists\for.exe |
"UDP Query User{412A82B2-C32C-4C90-BE4E-7A779F95A99B}C:\users\public\games\world of warcraft\temp\wow-4.2.1.2706-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\temp\wow-4.2.1.2706-enus-tools-downloader.exe |
"UDP Query User{4190E9D0-340B-4F28-A6DA-6DEF885B8E00}D:\steam\steamapps\common\blur\blur.exe" = protocol=17 | dir=in | app=d:\steam\steamapps\common\blur\blur.exe |
"UDP Query User{68DBA75A-745D-47FE-9F1B-8351BA7E5C9F}C:\users\public\games\world of warcraft\temp\wow-4.2.1.2730-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\temp\wow-4.2.1.2730-enus-tools-downloader.exe |
"UDP Query User{8C82924C-F948-42EB-AD97-E99EA6F59473}C:\users\public\games\world of warcraft\temp\wow-4.2.1.2727-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\temp\wow-4.2.1.2727-enus-tools-downloader.exe |
"UDP Query User{AE924E30-40B0-422D-9A09-A1F68994649D}C:\program files\origin games\dragon age\bin_ship\eacoreserver.exe" = protocol=17 | dir=in | app=c:\program files\origin games\dragon age\bin_ship\eacoreserver.exe |
"UDP Query User{C1DCA8B6-8CB5-4BCD-AB7C-0C43FEEC5090}C:\users\public\games\world of warcraft\wow-3.3.0.11159-to-3.3.2.11403-engb-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.0.11159-to-3.3.2.11403-engb-downloader.exe |
"UDP Query User{D8888037-696E-4964-8C18-19F23FDA6730}C:\users\public\games\world of warcraft\launcher.patch.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\launcher.patch.exe |
"UDP Query User{D9BF83E2-9703-4D7F-8163-66E379E5E2B6}C:\users\public\games\world of warcraft\temp\wow-4.2.1.2736-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\temp\wow-4.2.1.2736-enus-tools-downloader.exe |
"UDP Query User{F841E32D-0893-418E-A0E9-C8DA9ED8C151}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{F8AA9548-BEAE-499D-96C3-0BAEF0916F48}D:\diablo-iii-8370-engb-installer-downloader.exe" = protocol=17 | dir=in | app=d:\diablo-iii-8370-engb-installer-downloader.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00F93853-D9D3-4795-A89E-84CCBA0205C9}" = Microsoft IntelliPoint 8.0
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0D2BC497-02A9-4344-87FB-76EA0C77F446}" = HDRegFI
"{19798333-E6E8-D423-2ED1-CEA58D6B8E1D}" = Offspring Fling!
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1B0FBB9A-995D-47CD-87CD-13E68B676E4F}" = Mass Effect
"{1DED5EFD-410A-48DB-909A-2B2022BB50D2}" = Nethergate
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java™ 6 Update 31
"{277649C0-D8D5-3190-AFF3-D0F88A375B16}" = Microsoft .NET Framework 4 Extended FIN Language Pack
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{3030BE09-0597-447A-A184-39305D61F58B}_is1" = No Time to Explain version 2.0
"{3350E9B0-DCE6-4AE1-B3AC-D0C11FBEEDA1}_is1" = SeaTools for Windows
"{3485CDCE-2099-4B10-8E90-2953C5D26A6A}" = Fractal
"{351E09AC-DCB3-451D-9C7D-C1A82AF1CE5D}" = Geneforge 4
"{3559CDE0-11FC-4D7B-A65C-D646035B1035}" = Nero 8 Essentials
"{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}" = Microsoft XNA Framework Redistributable 3.0
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{4377F918-E6C9-4ECA-A7F5-754B310B7ED8}" = Sid Meier's Civilization 4
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4EFC72DA-2314-4E5D-AC8E-1C954CDB8BBF}" = AVG 2012
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5B3A354B-C059-4861-A85B-CA46F1089E15}" = Creative USB Headsets
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{64E47A5F-B3C4-476A-9100-2D006BD1FFB4}" = Z Engine
"{6530FDAA-5B1F-4830-95BB-650E9804D239}" = UE3Redist
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A9D1594-7791-48f5-9CAA-DE9BCB968320}" = Mass Effect™ 3
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73370408-B80E-4509-B9AF-957E2E0F512F}_is1" = WinZip System Utilities Suite
"{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}" = Mass Effect 2
"{76EE77BC-FE08-489B-9AAD-1B89EA3ADD4A}_is1" = Project Black Sun version 1.0.2
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{780262B9-4578-3727-97D3-62DE7B9F5F82}" = Microsoft .NET Framework 4 Client Profile FIN Language Pack
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{78953EAB-C884-30A4-73D1-2105E5A60931}" = ATI Catalyst Install Manager
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A809006-C25A-4A3A-9DAB-94659BCDB107}" = NVIDIA PhysX
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{98613C99-1399-416C-A07C-1EE1C585D872}" = SeaTools for Windows
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A2E7217-F13C-5170-BAA5-78BB69308EF0}" = Defender's Quest
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{A428AC4A-326E-4E64-BEFD-A31E82E4C692}_is1" = Inferno+ version 1.0
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A4ECED7E-528D-48F4-8E83-1B2217F5B4BD}" = Three Dead Zed (ver 1.4)
"{A7836FF5-7293-40A4-B86E-E2038F82E8F3}" = AVG 2012
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{AC76BA86-7AD7-1035-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Suomi
"{AE71B0D5-8873-4110-BD84-F5D5174EC342}_is1" = Super Crossfire version 1.0
"{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Origins
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision -ohjain 296.10
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA-ohjauspaneeli 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiikkaohjain 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision -ohjain 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA-päivitykset 1.7.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B7588D45-AFDC-4C93-9E2E-A100F3554B64}" = Microsoft Fix it Center
"{BE4BA698-8533-4F77-9559-C7F3F78C0B05}" = Assassin's Creed Brotherhood
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD095458-EFF3-46CB-8BE4-DC1675FB8B49}" = Relentless Software Prerequisites
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240C0}" = WinZip 15.0
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D08A5DFE-F0C2-74FC-DD56-A3B371E9344D}" = EA Shared Game Component: Activation
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.11 Game
"{DEDF2885-0086-4534-9912-F9B97377ED07}" = AGEIA GAME System Software
"{E28088C5-E768-4A1B-B308-A9F3ED28ABBE}" = OpenOffice.org 3.0
"{E369A040-E812-37B3-A5B9-311E5579FAC3}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fin
"{E78C63C9-9849-45FA-8315-2AE38A293E2E}_is1" = DoomRL version 0.9.9.6
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"8461-7759-5462-8226" = Vuze
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AdobeReader" = Adobe Reader 8
"AUDIO_REALTEK" = Realtek HD Audio V6.0.1.5618
"AudioCS" = Creative Audio Control Panel
"AVG" = AVG 2012
"Battle Academy1.6.0" = Battle Academy
"Battle Isle Platinum_is1" = Battle Isle Platinum
"Chessmaster 9000_is1" = Chessmaster 9000
"Chromentum 2" = Chromentum 2 (remove only)
"com.ea.Activation.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Shared Game Component: Activation
"Crawl" = Dungeon Crawl Stone Soup
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"DefendersQuest" = Defender's Quest
"Din's Curse_is1" = Din's Curse 1.022
"Divine Divinity_is1" = Divine Divinity
"DroidAssault" = Droid Assault (remove only)
"Eschalon Book I_is1" = Eschalon Book 1 v1.06
"Eschalon Book II_is1" = Eschalon Book 2 1.05
"ESET Online Scanner" = ESET Online Scanner v3
"Fallout 2_is1" = Fallout 2
"Fallout_is1" = Fallout
"ffdshow_is1" = ffdshow v1.1.3800 [2011-03-28]
"GetNZB_is1" = GetNZB version 0.605
"Hauppauge MCE2005 Software Encoder" = Hauppauge MCE XP/Vista Software Encoder (2.0.26057)
"Host OpenAL" = Host OpenAL
"Icewind Dale II_is1" = Icewind Dale II
"ImageWriter" = Packard Bell ImageWriter
"Infocentre" = Infocentre Rev. 2.0
"IrfanView" = IrfanView (remove only)
"LCDTest" = Packard Bell LCD Test
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versio 1.61.0.1400
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - fin" = Microsoft .NET Framework 3.5 SP1:n kielitukipaketti - FI
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile FIN Language Pack" = Microsoft .NET Framework 4 Client Profilen suomen kielipaketti
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended FIN Language Pack" = Microsoft .NET Framework 4 Extendedin suomen kielipaketti
"Mozilla Firefox 12.0 (x86 fi)" = Mozilla Firefox 12.0 (x86 fi)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Nero8" = Nero 8 Essentials
"NIS2008_FI" = Norton Internet Security
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"offspringfling" = Offspring Fling!
"OpenAL" = OpenAL
"OpenDNS Updater" = OpenDNS Updater 2.2.1
"Opera 11.61.1250" = Opera 11.61
"Origin" = Origin
"Panzer Corps1.00" = Panzer Corps
"Peepers_is1" = Peepers 1.0
"Planescape Torment_is1" = Planescape Torment
"PunkBusterSvc" = PunkBuster Services
"RealPlayer 15.0" = RealPlayer
"Rockstar Games Social Club" = Rockstar Games Social Club
"SETUPMYPC_FI" = SetUp My PC
"sp6" = Logitech SetPoint 6.32
"SpywareBlaster_is1" = SpywareBlaster 4.6
"Steam App 102600" = Orcs Must Die!
"Steam App 102850" = WARP
"Steam App 105800" = PixelJunk Eden
"Steam App 107600" = Waves
"Steam App 107800" = Rochard
"Steam App 108500" = Vessel
"Steam App 110610" = Alien Zombie Megadeath
"Steam App 200190" = Sideway
"Steam App 204180" = Waveform
"Steam App 205690" = 1000 Amps
"Steam App 205730" = Insanely Twisted Shadow Planet
"Steam App 205830" = Luxor Evolved
"Steam App 206410" = Crazy Machines Elements
"Steam App 207170" = Legend of Grimrock
"Steam App 207320" = Ys: The Oath in Felghana
"Steam App 207430" = Hack, Slash, Loot
"Steam App 207490" = Rayman Origins
"Steam App 207610" = The Walking Dead
"Steam App 207690" = Botanicula
"Steam App 208400" = Avernum: Escape From the Pit
"Steam App 34190" = Sonic and SEGA All Stars Racing
"Steam App 35720" = Trine 2
"Steam App 3700" = Sniper Elite
"Steam App 38420" = Fallout Tactics
"Steam App 39160" = Dungeon Siege III
"Steam App 39530" = Painkiller: Black Edition
"Steam App 41000" = Serious Sam HD: The First Encounter
"Steam App 42640" = Blur
"Steam App 4500" = S.T.A.L.K.E.R.: Shadow of Chernobyl
"Steam App 46570" = Grotesque Tactics 2 - Dungeons and Donuts
"Steam App 47780" = Dead Space 2
"Steam App 48220" = Might & Magic ® Heroes ® VI
"Steam App 55150" = Warhammer 40,000 Space Marine
"Steam App 58230" = MacGuffin's Curse
"Steam App 6220" = FlatOut
"Steam App 65300" = Dustforce
"Steam App 70500" = Diamond Dan
"Steam App 71340" = Sonic Generations
"Steam App 72850" = The Elder Scrolls V: Skyrim
"Steam App 8000" = Tomb Raider: Anniversary
"Steam App 80310" = Gemini Rue
"Steam App 92210" = Hitogata Happa
"Steam App 96400" = Shoot Many Robots
"Steam App 97100" = Section 8: Prejudice
"Steam App 98400" = Hard Reset
"Steam App 98800" = Dungeons of Dredmor
"Steam App 99300" = Renegade Ops
"Steam App 99810" = Bulletstorm
"SysInfo" = Creative System Information
"TangleBee_is1" = TangleBee 1.0.2
"Temple of Elemental Evil_is1" = Temple of Elemental Evil
"TVTUNER" = TVTUNER
"Ultratron" = Ultratron (remove only)
"Unity of Command1.00" = Unity of Command
"Updator" = Packard Bell Updator
"VIDEO_ATI_GOB" = Video ATI V8.473.0.0
"VIDEO_NVIDIA" = Video NVIDIA v174.74
"VLC media player" = VLC media player 1.1.11
"World of Warcraft" = World of Warcraft
"X10Hardware" = X10 Hardware™

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Climb to the Top of the Castle!" = Climb to the Top of the Castle!
"InstallShield_{6530FDAA-5B1F-4830-95BB-650E9804D239}" = UE3Redist
"MyFreeCodec" = MyFreeCodec
"UnityWebPlayer" = Unity Web Player

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 9.4.2010 13:25:04 | Computer Name = Jussi-PC | Source = System Restore | ID = 8193
Description =

Error - 9.4.2010 13:30:57 | Computer Name = Jussi-PC | Source = WinMgmt | ID = 10
Description =

Error - 9.4.2010 13:31:29 | Computer Name = Jussi-PC | Source = VSS | ID = 8194
Description =

Error - 9.4.2010 13:34:02 | Computer Name = Jussi-PC | Source = System Restore | ID = 8193
Description =

Error - 9.4.2010 13:36:12 | Computer Name = Jussi-PC | Source = VSS | ID = 8194
Description =

Error - 9.4.2010 13:36:37 | Computer Name = Jussi-PC | Source = System Restore | ID = 8193
Description =

Error - 9.4.2010 13:52:00 | Computer Name = Jussi-PC | Source = VSS | ID = 8194
Description =

Error - 9.4.2010 13:52:18 | Computer Name = Jussi-PC | Source = System Restore | ID = 8193
Description =

Error - 11.4.2010 7:41:10 | Computer Name = Jussi-PC | Source = Application Error | ID = 1000
Description = Viallinen sovellus iexplore.exe, versio 8.0.6001.18904, aikaleima
0x4b835fec, virhemoduuli mshtml.dll, versio 8.0.6001.18904, aikaleima 0x4b837769,
poikkeuskoodi 0xc0000005, virhepoikkeama 0x0029b36a, prosessin tunnus 0x1480, sovelluksen
käynnistysaika 0x01cad96bbef4404e.

Error - 11.4.2010 7:43:33 | Computer Name = Jussi-PC | Source = Application Hang | ID = 1002
Description = Ohjelma iexplore.exe, versio 8.0.6001.18904, lakkasi olemasta yhteydessä
Windowsiin, joten se suljettiin. Voit katsoa mahdollisia lisätietoja ongelman historiatiedoista
Ongelmien raportit ja ratkaisut -ohjauspaneelissa Prosessitunnus: 9a8 Käynnistysaika:
01cad9698418927e Lopetusaika: 0

[ Media Center Events ]
Error - 22.7.2010 20:51:09 | Computer Name = Jussi-PC | Source = Media Center Guide | ID = 0
Description = Tapahtumatiedot: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
returned 10000105 Prosessi: DefaultDomain Objektin nimi: Media Center Guide

[ System Events ]
Error - 3.5.2012 11:21:05 | Computer Name = Jussi-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 3.5.2012 11:22:16 | Computer Name = Jussi-PC | Source = Service Control Manager | ID = 7038
Description =

Error - 3.5.2012 11:22:16 | Computer Name = Jussi-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 4.5.2012 14:06:38 | Computer Name = Jussi-PC | Source = Service Control Manager | ID = 7038
Description =

Error - 4.5.2012 14:06:38 | Computer Name = Jussi-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 4.5.2012 17:30:11 | Computer Name = Jussi-PC | Source = Service Control Manager | ID = 7030
Description =

Error - 4.5.2012 17:38:14 | Computer Name = Jussi-PC | Source = Service Control Manager | ID = 7030
Description =

Error - 4.5.2012 17:43:59 | Computer Name = Jussi-PC | Source = Service Control Manager | ID = 7030
Description =

Error - 4.5.2012 18:02:05 | Computer Name = Jussi-PC | Source = Service Control Manager | ID = 7038
Description =

Error - 4.5.2012 18:02:05 | Computer Name = Jussi-PC | Source = Service Control Manager | ID = 7000
Description =

< End of report >

Edited by Ducon, 04 May 2012 - 05:15 PM.

#4
Ducon

Posted 04 May 2012 - 05:08 PM

Member

Topic Starter
Member
17 posts

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-05-04 21:07:14
-----------------------------
21:07:14.661 OS Version: Windows 6.0.6002 Service Pack 2
21:07:14.661 Number of processors: 4 586 0x202
21:07:14.662 ComputerName: JUSSI-PC UserName: Jussi
21:07:16.913 Initialize success
21:08:04.683 AVAST engine defs: 12050400
21:08:13.608 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
21:08:13.611 Disk 0 Vendor: WDC_WD6400AAKS-22A7B0 01.03B01 Size: 610480MB BusType: 3
21:08:13.614 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T1L0-1
21:08:13.616 Disk 1 Vendor: WDC_WD6400AAKS-22A7B0 01.03B01 Size: 610480MB BusType: 3
21:08:13.659 Disk 0 MBR read successfully
21:08:13.663 Disk 0 MBR scan
21:08:13.687 Disk 0 Windows VISTA default MBR code
21:08:13.691 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 12291 MB offset 63
21:08:13.739 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 598187 MB offset 25173855
21:08:13.757 Disk 0 scanning sectors +1250261680
21:08:13.856 Disk 0 scanning C:\Windows\system32\drivers
21:08:35.461 Service scanning
21:09:00.913 Modules scanning
21:09:26.256 AVAST engine scan C:\Windows
21:09:41.941 AVAST engine scan C:\Windows\system32
21:15:37.736 AVAST engine scan C:\Windows\system32\drivers
21:16:30.524 AVAST engine scan C:\Users\Jussi
23:53:17.734 AVAST engine scan C:\ProgramData
00:12:49.172 Scan finished successfully
00:14:27.554 Disk 0 MBR has been saved successfully to "C:\Users\Jussi\Desktop\MBR.dat"
00:14:27.562 The log file has been saved successfully to "C:\Users\Jussi\Desktop\aswMBR.txt"

00:52:41.0425 5576 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18
00:52:42.0274 5576 ============================================================
00:52:42.0274 5576 Current date / time: 2012/05/05 00:52:42.0274
00:52:42.0275 5576 SystemInfo:
00:52:42.0275 5576
00:52:42.0275 5576 OS Version: 6.0.6002 ServicePack: 2.0
00:52:42.0275 5576 Product type: Workstation
00:52:42.0275 5576 ComputerName: JUSSI-PC
00:52:42.0275 5576 UserName: Jussi
00:52:42.0275 5576 Windows directory: C:\Windows
00:52:42.0276 5576 System windows directory: C:\Windows
00:52:42.0276 5576 Processor architecture: Intel x86
00:52:42.0276 5576 Number of processors: 4
00:52:42.0276 5576 Page size: 0x1000
00:52:42.0276 5576 Boot type: Normal boot
00:52:42.0276 5576 ============================================================
00:52:43.0674 5576 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
00:52:43.0685 5576 Drive \Device\Harddisk1\DR1 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
00:52:43.0880 5576 ============================================================
00:52:43.0880 5576 \Device\Harddisk0\DR0:
00:52:43.0880 5576 MBR partitions:
00:52:43.0880 5576 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1801F5F, BlocksNum 0x49055B51
00:52:43.0880 5576 \Device\Harddisk1\DR1:
00:52:43.0880 5576 MBR partitions:
00:52:43.0880 5576 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x4A857000
00:52:43.0880 5576 ============================================================
00:52:43.0911 5576 C: <-> \Device\Harddisk0\DR0\Partition0
00:52:43.0966 5576 D: <-> \Device\Harddisk1\DR1\Partition0
00:52:43.0966 5576 ============================================================
00:52:43.0966 5576 Initialize success
00:52:43.0966 5576 ============================================================
00:52:49.0500 6036 ============================================================
00:52:49.0500 6036 Scan started
00:52:49.0500 6036 Mode: Manual;
00:52:49.0500 6036 ============================================================
00:52:50.0996 6036 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
00:52:51.0032 6036 !SASCORE - ok
00:52:51.0863 6036 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
00:52:51.0868 6036 ACPI - ok
00:52:52.0084 6036 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
00:52:52.0109 6036 AdobeARMservice - ok
00:52:52.0189 6036 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
00:52:52.0193 6036 AdobeFlashPlayerUpdateSvc - ok
00:52:52.0335 6036 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
00:52:52.0341 6036 adp94xx - ok
00:52:52.0402 6036 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
00:52:52.0406 6036 adpahci - ok
00:52:52.0431 6036 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
00:52:52.0434 6036 adpu160m - ok
00:52:52.0699 6036 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
00:52:52.0703 6036 adpu320 - ok
00:52:52.0795 6036 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
00:52:52.0797 6036 AeLookupSvc - ok
00:52:52.0872 6036 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
00:52:52.0877 6036 AFD - ok
00:52:52.0924 6036 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
00:52:52.0927 6036 agp440 - ok
00:52:52.0954 6036 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
00:52:52.0957 6036 aic78xx - ok
00:52:53.0070 6036 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
00:52:53.0074 6036 ALG - ok
00:52:53.0097 6036 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
00:52:53.0100 6036 aliide - ok
00:52:53.0128 6036 Alpham1 (acd2f2df292b6cc28f58095bba63a068) C:\Windows\system32\DRIVERS\Alpham1.sys
00:52:53.0139 6036 Alpham1 - ok
00:52:53.0155 6036 Alpham2 (f4fafb2e74b83a156408b1b02302799e) C:\Windows\system32\DRIVERS\Alpham2.sys
00:52:53.0158 6036 Alpham2 - ok
00:52:53.0171 6036 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
00:52:53.0173 6036 amdagp - ok
00:52:53.0223 6036 amdide (b39f8c63f6e0655b6cf99899be039250) C:\Windows\system32\DRIVERS\amdide.sys
00:52:53.0229 6036 amdide - ok
00:52:53.0256 6036 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
00:52:53.0258 6036 AmdK7 - ok
00:52:53.0295 6036 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
00:52:53.0297 6036 AmdK8 - ok
00:52:53.0388 6036 AmdLLD (ad8fa28d8ed0d0a689a0559085ce0f18) C:\Windows\system32\DRIVERS\AmdLLD.sys
00:52:53.0397 6036 AmdLLD - ok
00:52:53.0429 6036 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
00:52:53.0431 6036 Appinfo - ok
00:52:53.0480 6036 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
00:52:53.0483 6036 arc - ok
00:52:53.0590 6036 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
00:52:53.0593 6036 arcsas - ok
00:52:53.0942 6036 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
00:52:53.0959 6036 aspnet_state - ok
00:52:53.0976 6036 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
00:52:53.0978 6036 AsyncMac - ok
00:52:54.0003 6036 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
00:52:54.0005 6036 atapi - ok
00:52:54.0026 6036 AtiPcie (5a1465ad2e7c1bc39cda12a355329096) C:\Windows\system32\DRIVERS\AtiPcie.sys
00:52:54.0028 6036 AtiPcie - ok
00:52:54.0074 6036 atksgt (f0d933b42cd0594048e4d5200ae9e417) C:\Windows\system32\DRIVERS\atksgt.sys
00:52:54.0103 6036 atksgt - ok
00:52:54.0288 6036 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
00:52:54.0296 6036 AudioEndpointBuilder - ok
00:52:54.0303 6036 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
00:52:54.0308 6036 Audiosrv - ok
00:52:56.0366 6036 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
00:52:56.0418 6036 AVGIDSAgent - ok
00:52:57.0016 6036 AVGIDSDriver (4cbb56fbc9c0cbc517e6e3a6889ebddc) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
00:52:57.0019 6036 AVGIDSDriver - ok
00:52:57.0065 6036 AVGIDSEH (459bce188232e2fe6152423efef65d76) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
00:52:57.0067 6036 AVGIDSEH - ok
00:52:57.0074 6036 AVGIDSFilter (91d9abe7e88eac7c167cba4ed4d983bf) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
00:52:57.0076 6036 AVGIDSFilter - ok
00:52:57.0088 6036 AVGIDSShim (3fc2714e185c04308215d46730d41a94) C:\Windows\system32\DRIVERS\AVGIDSShim.Sys
00:52:57.0090 6036 AVGIDSShim - ok
00:52:57.0146 6036 Avgldx86 (bf8118cd5e2255387b715b534d64acd1) C:\Windows\system32\DRIVERS\avgldx86.sys
00:52:57.0150 6036 Avgldx86 - ok
00:52:57.0162 6036 Avgmfx86 (1c77ef67f196466adc9924cb288afe87) C:\Windows\system32\DRIVERS\avgmfx86.sys
00:52:57.0164 6036 Avgmfx86 - ok
00:52:57.0202 6036 Avgrkx86 (f2038ed7284b79dcef581468121192a9) C:\Windows\system32\DRIVERS\avgrkx86.sys
00:52:57.0204 6036 Avgrkx86 - ok
00:52:57.0232 6036 Avgtdix (a6d562b612216d8d02a35ebeb92366bd) C:\Windows\system32\DRIVERS\avgtdix.sys
00:52:57.0236 6036 Avgtdix - ok
00:52:57.0426 6036 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files\AVG\AVG2012\avgwdsvc.exe
00:52:57.0431 6036 avgwd - ok
00:52:57.0489 6036 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
00:52:57.0491 6036 Beep - ok
00:52:57.0542 6036 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
00:52:57.0555 6036 BFE - ok
00:52:57.0657 6036 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\system32\qmgr.dll
00:52:57.0685 6036 BITS - ok
00:52:57.0701 6036 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
00:52:57.0703 6036 blbdrive - ok
00:52:57.0781 6036 Bonjour Service (f832f1505ad8b83474bd9a5b1b985e01) C:\Program Files\Bonjour\mDNSResponder.exe
00:52:57.0785 6036 Bonjour Service - ok
00:52:57.0821 6036 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
00:52:57.0824 6036 bowser - ok
00:52:57.0829 6036 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
00:52:57.0832 6036 BrFiltLo - ok
00:52:57.0845 6036 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
00:52:57.0846 6036 BrFiltUp - ok
00:52:57.0879 6036 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
00:52:57.0891 6036 Browser - ok
00:52:57.0908 6036 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
00:52:57.0911 6036 Brserid - ok
00:52:57.0924 6036 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
00:52:57.0926 6036 BrSerWdm - ok
00:52:57.0931 6036 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
00:52:57.0933 6036 BrUsbMdm - ok
00:52:57.0947 6036 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
00:52:57.0949 6036 BrUsbSer - ok
00:52:57.0958 6036 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
00:52:57.0960 6036 BTHMODEM - ok
00:52:58.0068 6036 catchme - ok
00:52:58.0085 6036 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
00:52:58.0088 6036 cdfs - ok
00:52:58.0115 6036 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
00:52:58.0125 6036 cdrom - ok
00:52:58.0153 6036 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
00:52:58.0156 6036 CertPropSvc - ok
00:52:58.0167 6036 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
00:52:58.0170 6036 circlass - ok
00:52:58.0207 6036 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
00:52:58.0214 6036 CLFS - ok
00:52:58.0284 6036 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:52:58.0300 6036 clr_optimization_v2.0.50727_32 - ok
00:52:58.0424 6036 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:52:58.0445 6036 clr_optimization_v4.0.30319_32 - ok
00:52:58.0466 6036 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
00:52:58.0468 6036 cmdide - ok
00:52:58.0619 6036 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys
00:52:58.0631 6036 Compbatt - ok
00:52:58.0636 6036 COMSysApp - ok
00:52:58.0669 6036 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
00:52:58.0671 6036 crcdisk - ok
00:52:58.0858 6036 Creative Audio Engine Licensing Service (c0ead9f8ab83d41ff07303c75589c2b8) C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
00:52:58.0911 6036 Creative Audio Engine Licensing Service - ok
00:52:59.0068 6036 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
00:52:59.0070 6036 Crusoe - ok
00:52:59.0284 6036 CryptSvc (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
00:52:59.0288 6036 CryptSvc - ok
00:52:59.0838 6036 CTAudSvcService (cacb67bc2e73894ecbcbc4ead2f02456) C:\Program Files\Creative\Shared Files\CTAudSvc.exe
00:52:59.0845 6036 CTAudSvcService - ok
00:53:00.0114 6036 DAUpdaterSvc (914a7156b0c0f10be645a02e13f576b2) C:\Program Files\Origin Games\Dragon Age\\bin_ship\DAUpdaterSvc.Service.exe
00:53:00.0126 6036 DAUpdaterSvc - ok
00:53:00.0269 6036 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
00:53:00.0282 6036 DcomLaunch - ok
00:53:00.0498 6036 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
00:53:00.0500 6036 DfsC - ok
00:53:01.0306 6036 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
00:53:01.0335 6036 DFSR - ok
00:53:02.0211 6036 DFU (b684540dfa0bc06a504f837ed39daf5a) C:\Windows\system32\drivers\MassDfu.sys
00:53:02.0232 6036 DFU - ok
00:53:02.0294 6036 dg_ssudbus (c9f9cafafbffaf7e380efc353ccc940c) C:\Windows\system32\DRIVERS\ssudbus.sys
00:53:02.0298 6036 dg_ssudbus - ok
00:53:02.0438 6036 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
00:53:02.0452 6036 Dhcp - ok
00:53:02.0483 6036 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
00:53:02.0485 6036 disk - ok
00:53:02.0708 6036 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
00:53:02.0714 6036 Dnscache - ok
00:53:02.0758 6036 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
00:53:02.0764 6036 dot3svc - ok
00:53:02.0797 6036 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
00:53:02.0802 6036 DPS - ok
00:53:02.0838 6036 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
00:53:02.0840 6036 drmkaud - ok
00:53:03.0016 6036 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
00:53:03.0025 6036 DXGKrnl - ok
00:53:03.0078 6036 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
00:53:03.0080 6036 E1G60 - ok
00:53:03.0124 6036 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
00:53:03.0128 6036 EapHost - ok
00:53:03.0168 6036 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
00:53:03.0171 6036 Ecache - ok
00:53:03.0260 6036 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
00:53:03.0266 6036 ehRecvr - ok
00:53:03.0314 6036 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
00:53:03.0408 6036 ehSched - ok
00:53:03.0419 6036 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
00:53:03.0421 6036 ehstart - ok
00:53:03.0498 6036 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
00:53:03.0503 6036 elxstor - ok
00:53:04.0283 6036 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
00:53:04.0335 6036 EMDMgmt - ok
00:53:04.0356 6036 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
00:53:04.0358 6036 ErrDev - ok
00:53:04.0403 6036 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
00:53:04.0411 6036 EventSystem - ok
00:53:04.0435 6036 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
00:53:04.0438 6036 exfat - ok
00:53:04.0484 6036 ezSharedSvc (42f721c52eef2d6df9372a53813a83ef) C:\Windows\System32\ezsvc7.dll
00:53:04.0495 6036 ezSharedSvc - ok
00:53:04.0852 6036 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
00:53:04.0855 6036 fastfat - ok
00:53:04.0868 6036 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
00:53:04.0871 6036 fdc - ok
00:53:04.0895 6036 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
00:53:04.0899 6036 fdPHost - ok
00:53:04.0911 6036 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
00:53:04.0915 6036 FDResPub - ok
00:53:04.0927 6036 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
00:53:04.0929 6036 FileInfo - ok
00:53:04.0940 6036 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
00:53:04.0942 6036 Filetrace - ok
00:53:04.0956 6036 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
00:53:04.0958 6036 flpydisk - ok
00:53:05.0031 6036 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
00:53:05.0035 6036 FltMgr - ok
00:53:05.0472 6036 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
00:53:05.0530 6036 FontCache - ok
00:53:05.0635 6036 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
00:53:05.0656 6036 FontCache3.0.0.0 - ok
00:53:05.0829 6036 Fs_Rec (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
00:53:05.0831 6036 Fs_Rec - ok
00:53:05.0865 6036 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
00:53:05.0868 6036 gagp30kx - ok
00:53:06.0013 6036 GEARAspiWDM (5ae3a887ece5bbb72cfab273c2fd1cfa) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
00:53:06.0028 6036 GEARAspiWDM - ok
00:53:06.0267 6036 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
00:53:06.0313 6036 gpsvc - ok
00:53:07.0289 6036 HCW85BDA (654ec061f07254cd818b9ed0ac790de3) C:\Windows\system32\drivers\HCW85BDA.sys
00:53:07.0310 6036 HCW85BDA - ok
00:53:08.0287 6036 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
00:53:08.0292 6036 HdAudAddService - ok
00:53:08.0474 6036 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
00:53:08.0482 6036 HDAudBus - ok
00:53:08.0598 6036 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
00:53:08.0607 6036 HidBth - ok
00:53:08.0627 6036 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
00:53:08.0629 6036 HidIr - ok
00:53:08.0675 6036 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\System32\hidserv.dll
00:53:08.0678 6036 hidserv - ok
00:53:08.0707 6036 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
00:53:08.0710 6036 HidUsb - ok
00:53:08.0753 6036 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
00:53:08.0768 6036 hkmsvc - ok
00:53:08.0793 6036 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
00:53:08.0795 6036 HpCISSs - ok
00:53:08.0865 6036 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
00:53:08.0871 6036 HTTP - ok
00:53:08.0961 6036 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
00:53:08.0964 6036 i2omp - ok
00:53:08.0991 6036 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
00:53:08.0993 6036 i8042prt - ok
00:53:09.0020 6036 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
00:53:09.0025 6036 iaStorV - ok
00:53:09.0314 6036 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
00:53:09.0347 6036 idsvc - ok
00:53:09.0470 6036 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
00:53:09.0472 6036 iirsp - ok
00:53:09.0863 6036 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
00:53:09.0877 6036 IKEEXT - ok
00:53:09.0886 6036 IntcAzAudAddService - ok
00:53:09.0942 6036 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
00:53:09.0946 6036 intelide - ok
00:53:09.0975 6036 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
00:53:09.0977 6036 intelppm - ok
00:53:09.0995 6036 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
00:53:10.0011 6036 IPBusEnum - ok
00:53:10.0030 6036 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:53:10.0032 6036 IpFilterDriver - ok
00:53:10.0066 6036 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
00:53:10.0075 6036 iphlpsvc - ok
00:53:10.0095 6036 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
00:53:10.0098 6036 IPMIDRV - ok
00:53:10.0257 6036 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
00:53:10.0260 6036 IPNAT - ok
00:53:10.0285 6036 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
00:53:10.0287 6036 IRENUM - ok
00:53:10.0301 6036 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
00:53:10.0303 6036 isapnp - ok
00:53:10.0343 6036 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
00:53:10.0349 6036 iScsiPrt - ok
00:53:10.0383 6036 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
00:53:10.0400 6036 iteatapi - ok
00:53:10.0429 6036 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
00:53:10.0431 6036 iteraid - ok
00:53:10.0443 6036 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
00:53:10.0445 6036 kbdclass - ok
00:53:10.0531 6036 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
00:53:10.0680 6036 kbdhid - ok
00:53:10.0706 6036 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
00:53:10.0710 6036 KeyIso - ok
00:53:10.0765 6036 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
00:53:10.0771 6036 KSecDD - ok
00:53:10.0877 6036 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
00:53:10.0898 6036 KtmRm - ok
00:53:10.0934 6036 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\System32\srvsvc.dll
00:53:10.0946 6036 LanmanServer - ok
00:53:10.0989 6036 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
00:53:11.0025 6036 LanmanWorkstation - ok
00:53:11.0187 6036 Lbd (b7c19ec8b0dd7efa58ad41ffeb8b8cda) C:\Windows\system32\DRIVERS\Lbd.sys
00:53:11.0190 6036 Lbd - ok
00:53:11.0457 6036 LBTServ (910344e2a984010435ae84783b25e5eb) C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
00:53:11.0480 6036 LBTServ - ok
00:53:11.0549 6036 LHidFilt (01cc7fb6e790ef044b411377f3a1ff41) C:\Windows\system32\DRIVERS\LHidFilt.Sys
00:53:11.0551 6036 LHidFilt - ok
00:53:11.0627 6036 lirsgt (f8a7212d0864ef5e9185fb95e6623f4d) C:\Windows\system32\DRIVERS\lirsgt.sys
00:53:11.0633 6036 lirsgt - ok
00:53:11.0664 6036 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
00:53:11.0667 6036 lltdio - ok
00:53:11.0881 6036 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
00:53:11.0908 6036 lltdsvc - ok
00:53:11.0928 6036 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
00:53:11.0932 6036 lmhosts - ok
00:53:11.0948 6036 LMouFilt (a2e7eae8898d7b4b8c302b8f4e836bb5) C:\Windows\system32\DRIVERS\LMouFilt.Sys
00:53:11.0951 6036 LMouFilt - ok
00:53:11.0973 6036 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
00:53:11.0976 6036 LSI_FC - ok
00:53:12.0151 6036 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
00:53:12.0154 6036 LSI_SAS - ok
00:53:12.0268 6036 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
00:53:12.0271 6036 LSI_SCSI - ok
00:53:12.0339 6036 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
00:53:12.0342 6036 luafv - ok
00:53:12.0424 6036 LUsbFilt (ddfa88e36d5f8db5fbdbdddc4969db0a) C:\Windows\system32\Drivers\LUsbFilt.Sys
00:53:12.0431 6036 LUsbFilt - ok
00:53:12.0853 6036 MatSvc (ddf15a42e27e8efe27b18fd403151a86) C:\Program Files\Microsoft Fix it Center\Matsvc.exe
00:53:12.0860 6036 MatSvc - ok
00:53:12.0865 6036 MBAMProtector - ok
00:53:13.0301 6036 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
00:53:13.0345 6036 MBAMService - ok
00:53:13.0367 6036 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
00:53:13.0398 6036 Mcx2Svc - ok
00:53:13.0417 6036 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
00:53:13.0420 6036 megasas - ok
00:53:13.0458 6036 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
00:53:13.0464 6036 MegaSR - ok
00:53:13.0480 6036 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
00:53:13.0485 6036 MMCSS - ok
00:53:13.0564 6036 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
00:53:13.0573 6036 Modem - ok
00:53:13.0597 6036 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
00:53:13.0599 6036 monitor - ok
00:53:13.0609 6036 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
00:53:13.0612 6036 mouclass - ok
00:53:13.0625 6036 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
00:53:13.0627 6036 mouhid - ok
00:53:13.0638 6036 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
00:53:13.0640 6036 MountMgr - ok
00:53:13.0847 6036 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
00:53:13.0852 6036 MozillaMaintenance - ok
00:53:13.0901 6036 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
00:53:13.0904 6036 mpio - ok
00:53:13.0930 6036 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
00:53:13.0934 6036 mpsdrv - ok
00:53:14.0253 6036 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
00:53:14.0302 6036 MpsSvc - ok
00:53:14.0316 6036 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
00:53:14.0318 6036 Mraid35x - ok
00:53:14.0351 6036 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
00:53:14.0363 6036 MRxDAV - ok
00:53:14.0392 6036 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
00:53:14.0405 6036 mrxsmb - ok
00:53:14.0497 6036 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:53:14.0529 6036 mrxsmb10 - ok
00:53:14.0542 6036 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:53:14.0547 6036 mrxsmb20 - ok
00:53:14.0558 6036 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
00:53:14.0561 6036 msahci - ok
00:53:14.0581 6036 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
00:53:14.0586 6036 msdsm - ok
00:53:14.0616 6036 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
00:53:14.0622 6036 MSDTC - ok
00:53:14.0690 6036 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
00:53:14.0694 6036 Msfs - ok
00:53:14.0715 6036 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
00:53:14.0717 6036 msisadrv - ok
00:53:14.0743 6036 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
00:53:14.0760 6036 MSiSCSI - ok
00:53:14.0765 6036 msiserver - ok
00:53:14.0787 6036 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
00:53:14.0790 6036 MSKSSRV - ok
00:53:14.0803 6036 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
00:53:14.0806 6036 MSPCLOCK - ok
00:53:14.0818 6036 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
00:53:14.0821 6036 MSPQM - ok
00:53:14.0857 6036 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
00:53:14.0884 6036 MsRPC - ok
00:53:14.0909 6036 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
00:53:14.0912 6036 mssmbios - ok
00:53:14.0928 6036 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
00:53:14.0931 6036 MSTEE - ok
00:53:14.0964 6036 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
00:53:14.0967 6036 Mup - ok
00:53:15.0225 6036 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
00:53:15.0277 6036 napagent - ok
00:53:15.0343 6036 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
00:53:15.0354 6036 NativeWifiP - ok
00:53:15.0580 6036 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
00:53:15.0588 6036 NDIS - ok
00:53:15.0694 6036 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
00:53:15.0711 6036 NdisTapi - ok
00:53:15.0730 6036 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
00:53:15.0732 6036 Ndisuio - ok
00:53:15.0780 6036 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
00:53:15.0784 6036 NdisWan - ok
00:53:15.0810 6036 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
00:53:15.0814 6036 NDProxy - ok
00:53:16.0133 6036 Nero BackItUp Scheduler 3 (40d7d0a208ee863bca8d89e299216f15) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
00:53:16.0175 6036 Nero BackItUp Scheduler 3 - ok
00:53:16.0196 6036 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
00:53:16.0199 6036 NetBIOS - ok
00:53:16.0238 6036 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
00:53:16.0275 6036 netbt - ok
00:53:16.0369 6036 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
00:53:16.0373 6036 Netlogon - ok
00:53:16.0853 6036 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
00:53:16.0860 6036 Netman - ok
00:53:17.0492 6036 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
00:53:17.0503 6036 NetMsmqActivator - ok
00:53:17.0509 6036 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
00:53:17.0513 6036 NetPipeActivator - ok
00:53:17.0865 6036 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
00:53:17.0875 6036 netprofm - ok
00:53:17.0880 6036 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
00:53:17.0884 6036 NetTcpActivator - ok
00:53:17.0889 6036 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
00:53:17.0892 6036 NetTcpPortSharing - ok
00:53:18.0000 6036 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
00:53:18.0009 6036 nfrd960 - ok
00:53:18.0037 6036 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
00:53:18.0047 6036 NlaSvc - ok
00:53:18.0315 6036 NMIndexingService (cd4326bc339f98de21aa07b208a305ae) C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
00:53:18.0371 6036 NMIndexingService - ok
00:53:18.0464 6036 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
00:53:18.0467 6036 Npfs - ok
00:53:18.0513 6036 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
00:53:18.0518 6036 nsi - ok
00:53:18.0541 6036 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
00:53:18.0543 6036 nsiproxy - ok
00:53:18.0698 6036 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
00:53:18.0713 6036 Ntfs - ok
00:53:18.0790 6036 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
00:53:18.0794 6036 ntrigdigi - ok
00:53:18.0813 6036 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
00:53:18.0816 6036 Null - ok
00:53:23.0393 6036 nvlddmkm (e891b3979f0cf2740c1b073f834221fe) C:\Windows\system32\DRIVERS\nvlddmkm.sys
00:53:23.0654 6036 nvlddmkm - ok
00:53:24.0029 6036 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
00:53:24.0037 6036 nvraid - ok
00:53:24.0056 6036 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
00:53:24.0059 6036 nvstor - ok
00:53:24.0175 6036 nvsvc (ae2de8e165dcb93a66b21748e6f913df) C:\Windows\system32\nvvsvc.exe
00:53:24.0204 6036 nvsvc - ok
00:53:25.0341 6036 nvUpdatusService (c78581c14699c46fe0f0817416383134) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
00:53:25.0370 6036 nvUpdatusService - ok
00:53:26.0235 6036 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
00:53:26.0259 6036 nv_agp - ok
00:53:26.0422 6036 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
00:53:26.0431 6036 ohci1394 - ok
00:53:26.0501 6036 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
00:53:26.0532 6036 p2pimsvc - ok
00:53:26.0544 6036 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
00:53:26.0557 6036 p2psvc - ok
00:53:26.0592 6036 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
00:53:26.0597 6036 Parport - ok
00:53:26.0631 6036 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
00:53:26.0635 6036 partmgr - ok
00:53:26.0649 6036 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
00:53:26.0652 6036 Parvdm - ok
00:53:26.0694 6036 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
00:53:26.0708 6036 PcaSvc - ok
00:53:26.0751 6036 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
00:53:26.0762 6036 pci - ok
00:53:26.0775 6036 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
00:53:26.0778 6036 pciide - ok
00:53:26.0803 6036 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
00:53:26.0813 6036 pcmcia - ok
00:53:26.0924 6036 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
00:53:26.0949 6036 PEAUTH - ok
00:53:27.0005 6036 pfc (da86016f0672ada925f589ede715f185) C:\Windows\system32\drivers\pfc.sys
00:53:27.0034 6036 pfc - ok
00:53:27.0283 6036 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
00:53:27.0326 6036 pla - ok
00:53:27.0529 6036 PLFlash DeviceIoControl Service (875e4e0661f3a5994df9e5e3a0a4f96b) C:\Windows\system32\IoctlSvc.exe
00:53:27.0534 6036 PLFlash DeviceIoControl Service - ok
00:53:27.0574 6036 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
00:53:27.0590 6036 PlugPlay - ok
00:53:27.0625 6036 PnkBstrA (3a2bdd76e7d2a5f40a7174793d1ba794) C:\Windows\system32\PnkBstrA.exe
00:53:27.0631 6036 PnkBstrA - ok
00:53:27.0840 6036 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
00:53:27.0853 6036 PNRPAutoReg - ok
00:53:27.0865 6036 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
00:53:27.0877 6036 PNRPsvc - ok
00:53:28.0172 6036 Point32 (60a044879c4fa76314494f5fddc43b93) C:\Windows\system32\DRIVERS\point32.sys
00:53:28.0188 6036 Point32 - ok
00:53:28.0284 6036 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
00:53:28.0330 6036 PolicyAgent - ok
00:53:28.0353 6036 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
00:53:28.0357 6036 PptpMiniport - ok
00:53:28.0369 6036 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\DRIVERS\processr.sys
00:53:28.0372 6036 Processor - ok
00:53:28.0410 6036 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
00:53:28.0421 6036 ProfSvc - ok
00:53:28.0447 6036 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
00:53:28.0451 6036 ProtectedStorage - ok
00:53:28.0485 6036 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
00:53:28.0487 6036 PSched - ok
00:53:28.0883 6036 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
00:53:28.0918 6036 ql2300 - ok
00:53:28.0934 6036 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
00:53:28.0946 6036 ql40xx - ok
00:53:28.0997 6036 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
00:53:29.0012 6036 QWAVE - ok
00:53:29.0036 6036 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
00:53:29.0038 6036 QWAVEdrv - ok
00:53:29.0050 6036 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
00:53:29.0053 6036 RasAcd - ok
00:53:29.0071 6036 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
00:53:29.0084 6036 RasAuto - ok
00:53:29.0099 6036 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
00:53:29.0105 6036 Rasl2tp - ok
00:53:29.0207 6036 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
00:53:29.0231 6036 RasMan - ok
00:53:29.0267 6036 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
00:53:29.0270 6036 RasPppoe - ok
00:53:29.0287 6036 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
00:53:29.0291 6036 RasSstp - ok
00:53:29.0606 6036 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
00:53:29.0616 6036 rdbss - ok
00:53:29.0638 6036 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
00:53:29.0641 6036 RDPCDD - ok
00:53:29.0676 6036 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
00:53:29.0681 6036 rdpdr - ok
00:53:29.0687 6036 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
00:53:29.0689 6036 RDPENCDD - ok
00:53:29.0728 6036 RDPWD (79c6df8477250f5c54f7c5ae1d6b814e) C:\Windows\system32\drivers\RDPWD.sys
00:53:29.0763 6036 RDPWD - ok
00:53:29.0800 6036 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
00:53:29.0814 6036 RemoteAccess - ok
00:53:29.0851 6036 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
00:53:29.0888 6036 RemoteRegistry - ok
00:53:29.0915 6036 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
00:53:29.0919 6036 RpcLocator - ok
00:53:29.0983 6036 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
00:53:29.0995 6036 RpcSs - ok
00:53:30.0009 6036 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
00:53:30.0016 6036 rspndr - ok
00:53:30.0056 6036 RSUSBSTOR (c5acb4d2ca623f678257b0844bd1ac8a) C:\Windows\system32\Drivers\RtsUStor.sys
00:53:30.0065 6036 RSUSBSTOR - ok
00:53:30.0085 6036 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
00:53:30.0089 6036 SamSs - ok
00:53:30.0308 6036 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
00:53:30.0310 6036 SASDIFSV - ok
00:53:30.0343 6036 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
00:53:30.0346 6036 SASKUTIL - ok
00:53:30.0491 6036 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
00:53:30.0495 6036 sbp2port - ok
00:53:30.0531 6036 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
00:53:30.0544 6036 SCardSvr - ok
00:53:30.0779 6036 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
00:53:30.0816 6036 Schedule - ok
00:53:30.0843 6036 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
00:53:30.0845 6036 SCPolicySvc - ok
00:53:30.0868 6036 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
00:53:30.0897 6036 SDRSVC - ok
00:53:30.0915 6036 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
00:53:30.0918 6036 secdrv - ok
00:53:30.0927 6036 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
00:53:30.0935 6036 seclogon - ok
00:53:30.0949 6036 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\system32\sens.dll
00:53:30.0964 6036 SENS - ok
00:53:30.0979 6036 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
00:53:30.0981 6036 Serenum - ok
00:53:30.0997 6036 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
00:53:31.0003 6036 Serial - ok
00:53:31.0016 6036 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
00:53:31.0018 6036 sermouse - ok
00:53:31.0069 6036 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
00:53:31.0082 6036 SessionEnv - ok
00:53:31.0095 6036 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
00:53:31.0098 6036 sffdisk - ok
00:53:31.0113 6036 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
00:53:31.0115 6036 sffp_mmc - ok
00:53:31.0124 6036 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
00:53:31.0127 6036 sffp_sd - ok
00:53:31.0137 6036 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
00:53:31.0139 6036 sfloppy - ok
00:53:31.0172 6036 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
00:53:31.0187 6036 SharedAccess - ok
00:53:31.0268 6036 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
00:53:31.0274 6036 ShellHWDetection - ok
00:53:31.0314 6036 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
00:53:31.0316 6036 sisagp - ok
00:53:31.0329 6036 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
00:53:31.0331 6036 SiSRaid2 - ok
00:53:31.0347 6036 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
00:53:31.0349 6036 SiSRaid4 - ok
00:53:31.0384 6036 skfiltv (a48b5af8e18e4765acdec5bbb8343f84) C:\Windows\system32\drivers\skfiltv.sys
00:53:31.0386 6036 skfiltv - ok
00:53:32.0343 6036 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
00:53:32.0390 6036 slsvc - ok
00:53:32.0607 6036 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
00:53:32.0614 6036 SLUINotify - ok
00:53:32.0722 6036 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
00:53:32.0727 6036 Smb - ok
00:53:32.0766 6036 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
00:53:32.0773 6036 SNMPTRAP - ok
00:53:32.0793 6036 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
00:53:32.0795 6036 spldr - ok
00:53:32.0836 6036 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
00:53:32.0843 6036 Spooler - ok
00:53:33.0200 6036 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
00:53:33.0206 6036 srv - ok
00:53:33.0274 6036 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
00:53:33.0322 6036 srv2 - ok
00:53:33.0370 6036 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
00:53:33.0383 6036 srvnet - ok
00:53:33.0414 6036 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
00:53:33.0425 6036 SSDPSRV - ok
00:53:33.0445 6036 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
00:53:33.0465 6036 SstpSvc - ok
00:53:33.0506 6036 ssudmdm (91970cc4a3a30a01c1573184a62f5143) C:\Windows\system32\DRIVERS\ssudmdm.sys
00:53:33.0516 6036 ssudmdm - ok
00:53:33.0552 6036 Steam Client Service - ok
00:53:33.0657 6036 Stereo Service (fc0a58529a02b1eed55ddc58696b7908) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
00:53:33.0663 6036 Stereo Service - ok
00:53:33.0716 6036 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
00:53:33.0733 6036 stisvc - ok
00:53:33.0752 6036 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
00:53:33.0755 6036 swenum - ok
00:53:33.0805 6036 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
00:53:33.0817 6036 swprv - ok
00:53:33.0832 6036 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
00:53:33.0835 6036 Symc8xx - ok
00:53:33.0867 6036 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
00:53:33.0869 6036 Sym_hi - ok
00:53:33.0886 6036 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
00:53:33.0889 6036 Sym_u3 - ok
00:53:34.0259 6036 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
00:53:34.0308 6036 SysMain - ok
00:53:34.0334 6036 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
00:53:34.0348 6036 TabletInputService - ok
00:53:34.0390 6036 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
00:53:34.0439 6036 TapiSrv - ok
00:53:34.0478 6036 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
00:53:34.0485 6036 TBS - ok
00:53:35.0020 6036 Tcpip (16731b631f28f63cd9f4cb60940e7ddd) C:\Windows\system32\drivers\tcpip.sys
00:53:35.0033 6036 Tcpip - ok
00:53:35.0052 6036 Tcpip6 (16731b631f28f63cd9f4cb60940e7ddd) C:\Windows\system32\DRIVERS\tcpip.sys
00:53:35.0064 6036 Tcpip6 - ok
00:53:35.0192 6036 tcpipreg (3fc13f09af9be487c7b4fac4070a036c) C:\Windows\system32\drivers\tcpipreg.sys
00:53:35.0201 6036 tcpipreg - ok
00:53:35.0228 6036 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
00:53:35.0230 6036 TDPIPE - ok
00:53:35.0252 6036 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
00:53:35.0255 6036 TDTCP - ok
00:53:35.0291 6036 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
00:53:35.0294 6036 tdx - ok
00:53:35.0470 6036 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
00:53:35.0478 6036 TermDD - ok
00:53:35.0541 6036 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
00:53:35.0557 6036 TermService - ok
00:53:35.0710 6036 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
00:53:35.0718 6036 Themes - ok
00:53:35.0754 6036 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
00:53:35.0758 6036 THREADORDER - ok
00:53:35.0852 6036 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
00:53:35.0867 6036 TrkWks - ok
00:53:35.0966 6036 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
00:53:35.0968 6036 TrustedInstaller - ok
00:53:36.0071 6036 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
00:53:36.0079 6036 tssecsrv - ok
00:53:36.0099 6036 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
00:53:36.0102 6036 tunmp - ok
00:53:36.0120 6036 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
00:53:36.0122 6036 tunnel - ok
00:53:36.0141 6036 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
00:53:36.0144 6036 uagp35 - ok
00:53:36.0257 6036 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
00:53:36.0264 6036 udfs - ok
00:53:36.0420 6036 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
00:53:36.0431 6036 UI0Detect - ok
00:53:36.0456 6036 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
00:53:36.0462 6036 uliagpkx - ok
00:53:36.0487 6036 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
00:53:36.0503 6036 uliahci - ok
00:53:36.0527 6036 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
00:53:36.0540 6036 UlSata - ok
00:53:36.0564 6036 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
00:53:36.0576 6036 ulsata2 - ok
00:53:36.0598 6036 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
00:53:36.0601 6036 umbus - ok
00:53:36.0626 6036 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
00:53:36.0667 6036 upnphost - ok
00:53:36.0732 6036 USBAAPL (1df89c499bf45d878b87ebd4421d462d) C:\Windows\system32\Drivers\usbaapl.sys
00:53:36.0735 6036 USBAAPL - ok
00:53:36.0782 6036 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
00:53:36.0786 6036 usbaudio - ok
00:53:36.0818 6036 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
00:53:36.0822 6036 usbccgp - ok
00:53:36.0845 6036 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
00:53:36.0851 6036 usbcir - ok
00:53:36.0860 6036 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
00:53:36.0863 6036 usbehci - ok
00:53:36.0905 6036 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
00:53:36.0939 6036 usbhub - ok
00:53:36.0953 6036 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
00:53:36.0955 6036 usbohci - ok
00:53:36.0981 6036 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
00:53:36.0984 6036 usbprint - ok
00:53:37.0004 6036 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
00:53:37.0007 6036 USBSTOR - ok
00:53:37.0056 6036 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
00:53:37.0065 6036 usbuhci - ok
00:53:37.0094 6036 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
00:53:37.0110 6036 UxSms - ok
00:53:37.0193 6036 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
00:53:37.0214 6036 vds - ok
00:53:37.0227 6036 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
00:53:37.0230 6036 vga - ok
00:53:37.0251 6036 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
00:53:37.0254 6036 VgaSave - ok
00:53:37.0299 6036 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
00:53:37.0301 6036 viaagp - ok
00:53:37.0318 6036 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
00:53:37.0320 6036 ViaC7 - ok
00:53:37.0377 6036 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
00:53:37.0382 6036 viaide - ok
00:53:37.0408 6036 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
00:53:37.0412 6036 volmgr - ok
00:53:37.0454 6036 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
00:53:37.0494 6036 volmgrx - ok
00:53:37.0565 6036 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
00:53:37.0572 6036 volsnap - ok
00:53:37.0597 6036 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
00:53:37.0601 6036 vsmraid - ok
00:53:37.0918 6036 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
00:53:37.0938 6036 VSS - ok
00:53:38.0278 6036 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
00:53:38.0290 6036 W32Time - ok
00:53:38.0499 6036 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
00:53:38.0502 6036 WacomPen - ok
00:53:38.0527 6036 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
00:53:38.0530 6036 Wanarp - ok
00:53:38.0535 6036 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
00:53:38.0537 6036 Wanarpv6 - ok
00:53:38.0871 6036 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
00:53:38.0901 6036 wcncsvc - ok
00:53:38.0922 6036 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
00:53:38.0938 6036 WcsPlugInService - ok
00:53:38.0951 6036 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
00:53:38.0954 6036 Wd - ok
00:53:39.0031 6036 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
00:53:39.0042 6036 Wdf01000 - ok
00:53:39.0055 6036 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
00:53:39.0069 6036 WdiServiceHost - ok
00:53:39.0074 6036 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
00:53:39.0081 6036 WdiSystemHost - ok
00:53:39.0285 6036 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
00:53:39.0295 6036 WebClient - ok
00:53:39.0356 6036 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
00:53:39.0367 6036 Wecsvc - ok
00:53:39.0386 6036 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
00:53:39.0400 6036 wercplsupport - ok
00:53:39.0454 6036 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
00:53:39.0463 6036 WerSvc - ok
00:53:39.0857 6036 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
00:53:39.0865 6036 WinDefend - ok
00:53:39.0879 6036 WinHttpAutoProxySvc - ok
00:53:40.0229 6036 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
00:53:40.0238 6036 Winmgmt - ok
00:53:40.0880 6036 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
00:53:40.0936 6036 WinRM - ok
00:53:41.0278 6036 WINZIPSSDiskOptimizer (98304bb0cda9a4ad12c4b733425bdd63) C:\Program Files\WinZip System Utilities Suite\WINZIPSSDefragSrv.exe
00:53:41.0288 6036 WINZIPSSDiskOptimizer - ok
00:53:42.0288 6036 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
00:53:42.0357 6036 Wlansvc - ok
00:53:43.0289 6036 wlidsvc (5144ae67d60ec653f97ddf3feed29e77) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
00:53:43.0330 6036 wlidsvc - ok
00:53:43.0513 6036 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys
00:53:43.0515 6036 WmiAcpi - ok
00:53:43.0854 6036 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
00:53:43.0858 6036 wmiApSrv - ok
00:53:44.0282 6036 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
00:53:44.0302 6036 WMPNetworkSvc - ok
00:53:44.0699 6036 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
00:53:44.0724 6036 WPCSvc - ok
00:53:44.0757 6036 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
00:53:44.0770 6036 WPDBusEnum - ok
00:53:44.0836 6036 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
00:53:44.0839 6036 WpdUsb - ok
00:53:45.0887 6036 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
00:53:45.0975 6036 WPFFontCache_v0400 - ok
00:53:46.0007 6036 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
00:53:46.0010 6036 ws2ifsl - ok
00:53:46.0058 6036 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\system32\wscsvc.dll
00:53:46.0065 6036 wscsvc - ok
00:53:46.0071 6036 WSearch - ok
00:53:47.0167 6036 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
00:53:47.0231 6036 wuauserv - ok
00:53:47.0705 6036 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
00:53:47.0715 6036 wudfsvc - ok
00:53:47.0760 6036 X10Hid (ab2d77bf7222b007717abb61b15f9ae2) C:\Windows\system32\Drivers\x10hid.sys
00:53:47.0762 6036 X10Hid - ok
00:53:47.0823 6036 x10nets (5a0c788c5bc5f2c993cb60940adcf95e) C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
00:53:47.0825 6036 x10nets - ok
00:53:47.0863 6036 XENfiltv (abc8bbea8f643e200508c3a2a8e475a9) C:\Windows\system32\drivers\XENfiltv.sys
00:53:47.0898 6036 XENfiltv - ok
00:53:47.0990 6036 xnacc (9eea6d029fef5f3016d089b1a603837d) C:\Windows\system32\DRIVERS\xnacc.sys
00:53:47.0998 6036 xnacc - ok
00:53:48.0132 6036 xusb21 (a640c90b007762939507c28a021be3b3) C:\Windows\system32\DRIVERS\xusb21.sys
00:53:48.0135 6036 xusb21 - ok
00:53:48.0288 6036 yukonwlh (e745b9d5fe1fda8a50913fdcc8ff9fdc) C:\Windows\system32\DRIVERS\yk60x86.sys
00:53:48.0296 6036 yukonwlh - ok
00:53:48.0338 6036 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
00:53:48.0403 6036 \Device\Harddisk0\DR0 - ok
00:53:48.0424 6036 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk1\DR1
00:53:48.0432 6036 \Device\Harddisk1\DR1 - ok
00:53:48.0444 6036 Boot (0x1200) (2967fc66e4c112ef76700ae5b5283543) \Device\Harddisk0\DR0\Partition0
00:53:48.0460 6036 \Device\Harddisk0\DR0\Partition0 - ok
00:53:48.0473 6036 Boot (0x1200) (ad4c07341174e882f188c156da349070) \Device\Harddisk1\DR1\Partition0
00:53:48.0476 6036 \Device\Harddisk1\DR1\Partition0 - ok
00:53:48.0476 6036 ============================================================
00:53:48.0476 6036 Scan finished
00:53:48.0476 6036 ============================================================
00:53:48.0499 0484 Detected object count: 0
00:53:48.0499 0484 Actual detected object count: 0
00:54:11.0086 4240 ============================================================
00:54:11.0086 4240 Scan started
00:54:11.0086 4240 Mode: Manual; SigCheck; TDLFS;
00:54:11.0086 4240 ============================================================
00:54:12.0025 4240 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
00:54:12.0187 4240 !SASCORE - ok
00:54:12.0290 4240 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
00:54:12.0309 4240 ACPI - ok
00:54:12.0584 4240 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
00:54:12.0607 4240 AdobeARMservice - ok
00:54:13.0015 4240 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
00:54:13.0042 4240 AdobeFlashPlayerUpdateSvc - ok
00:54:13.0286 4240 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
00:54:13.0326 4240 adp94xx - ok
00:54:13.0363 4240 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
00:54:13.0397 4240 adpahci - ok
00:54:13.0639 4240 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
00:54:13.0668 4240 adpu160m - ok
00:54:14.0050 4240 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
00:54:14.0078 4240 adpu320 - ok
00:54:14.0119 4240 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
00:54:14.0204 4240 AeLookupSvc - ok
00:54:14.0263 4240 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
00:54:14.0326 4240 AFD - ok
00:54:14.0347 4240 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
00:54:14.0372 4240 agp440 - ok
00:54:14.0391 4240 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
00:54:14.0419 4240 aic78xx - ok
00:54:14.0548 4240 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
00:54:14.0651 4240 ALG - ok
00:54:14.0668 4240 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
00:54:14.0692 4240 aliide - ok
00:54:14.0834 4240 Alpham1 (acd2f2df292b6cc28f58095bba63a068) C:\Windows\system32\DRIVERS\Alpham1.sys
00:54:14.0883 4240 Alpham1 - ok
00:54:14.0901 4240 Alpham2 (f4fafb2e74b83a156408b1b02302799e) C:\Windows\system32\DRIVERS\Alpham2.sys
00:54:14.0935 4240 Alpham2 - ok
00:54:14.0958 4240 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
00:54:14.0984 4240 amdagp - ok
00:54:15.0052 4240 amdide (b39f8c63f6e0655b6cf99899be039250) C:\Windows\system32\DRIVERS\amdide.sys
00:54:15.0107 4240 amdide - ok
00:54:15.0217 4240 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
00:54:15.0284 4240 AmdK7 - ok
00:54:15.0307 4240 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
00:54:15.0353 4240 AmdK8 - ok
00:54:15.0491 4240 AmdLLD (ad8fa28d8ed0d0a689a0559085ce0f18) C:\Windows\system32\DRIVERS\AmdLLD.sys
00:54:15.0523 4240 AmdLLD - ok
00:54:15.0541 4240 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
00:54:15.0586 4240 Appinfo - ok
00:54:15.0608 4240 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
00:54:15.0633 4240 arc - ok
00:54:15.0827 4240 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
00:54:15.0854 4240 arcsas - ok
00:54:16.0249 4240 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
00:54:16.0271 4240 aspnet_state - ok
00:54:16.0357 4240 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
00:54:16.0405 4240 AsyncMac - ok
00:54:16.0479 4240 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
00:54:16.0504 4240 atapi - ok
00:54:16.0580 4240 AtiPcie (5a1465ad2e7c1bc39cda12a355329096) C:\Windows\system32\DRIVERS\AtiPcie.sys
00:54:16.0600 4240 AtiPcie - ok
00:54:17.0126 4240 atksgt (f0d933b42cd0594048e4d5200ae9e417) C:\Windows\system32\DRIVERS\atksgt.sys
00:54:17.0157 4240 atksgt - ok
00:54:17.0282 4240 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
00:54:17.0367 4240 AudioEndpointBuilder - ok
00:54:17.0375 4240 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
00:54:17.0418 4240 Audiosrv - ok
00:54:19.0095 4240 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
00:54:19.0295 4240 AVGIDSAgent - ok
00:54:20.0709 4240 AVGIDSDriver (4cbb56fbc9c0cbc517e6e3a6889ebddc) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
00:54:20.0732 4240 AVGIDSDriver - ok
00:54:20.0812 4240 AVGIDSEH (459bce188232e2fe6152423efef65d76) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
00:54:20.0831 4240 AVGIDSEH - ok
00:54:20.0851 4240 AVGIDSFilter (91d9abe7e88eac7c167cba4ed4d983bf) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
00:54:20.0871 4240 AVGIDSFilter - ok
00:54:20.0917 4240 AVGIDSShim (3fc2714e185c04308215d46730d41a94) C:\Windows\system32\DRIVERS\AVGIDSShim.Sys
00:54:20.0936 4240 AVGIDSShim - ok
00:54:21.0186 4240 Avgldx86 (bf8118cd5e2255387b715b534d64acd1) C:\Windows\system32\DRIVERS\avgldx86.sys
00:54:21.0200 4240 Avgldx86 - ok
00:54:21.0220 4240 Avgmfx86 (1c77ef67f196466adc9924cb288afe87) C:\Windows\system32\DRIVERS\avgmfx86.sys
00:54:21.0231 4240 Avgmfx86 - ok
00:54:21.0334 4240 Avgrkx86 (f2038ed7284b79dcef581468121192a9) C:\Windows\system32\DRIVERS\avgrkx86.sys
00:54:21.0345 4240 Avgrkx86 - ok
00:54:21.0758 4240 Avgtdix (a6d562b612216d8d02a35ebeb92366bd) C:\Windows\system32\DRIVERS\avgtdix.sys
00:54:21.0786 4240 Avgtdix - ok
00:54:22.0275 4240 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files\AVG\AVG2012\avgwdsvc.exe
00:54:22.0300 4240 avgwd - ok
00:54:22.0410 4240 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
00:54:22.0471 4240 Beep - ok
00:54:23.0018 4240 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
00:54:23.0067 4240 BFE - ok
00:54:23.0825 4240 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\system32\qmgr.dll
00:54:23.0923 4240 BITS - ok
00:54:23.0954 4240 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
00:54:24.0012 4240 blbdrive - ok
00:54:24.0843 4240 Bonjour Service (f832f1505ad8b83474bd9a5b1b985e01) C:\Program Files\Bonjour\mDNSResponder.exe
00:54:24.0878 4240 Bonjour Service - ok
00:54:25.0052 4240 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
00:54:25.0097 4240 bowser - ok
00:54:25.0139 4240 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
00:54:25.0190 4240 BrFiltLo - ok
00:54:25.0196 4240 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
00:54:25.0261 4240 BrFiltUp - ok
00:54:25.0449 4240 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
00:54:25.0498 4240 Browser - ok
00:54:25.0640 4240 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
00:54:25.0817 4240 Brserid - ok
00:54:25.0943 4240 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
00:54:26.0049 4240 BrSerWdm - ok
00:54:26.0090 4240 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
00:54:26.0176 4240 BrUsbMdm - ok
00:54:26.0201 4240 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
00:54:26.0300 4240 BrUsbSer - ok
00:54:26.0312 4240 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
00:54:26.0424 4240 BTHMODEM - ok
00:54:26.0746 4240 catchme - ok
00:54:26.0903 4240 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
00:54:26.0971 4240 cdfs - ok
00:54:27.0002 4240 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
00:54:27.0040 4240 cdrom - ok
00:54:27.0155 4240 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
00:54:27.0207 4240 CertPropSvc - ok
00:54:27.0229 4240 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
00:54:27.0288 4240 circlass - ok
00:54:27.0711 4240 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
00:54:27.0743 4240 CLFS - ok
00:54:28.0110 4240 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:54:28.0133 4240 clr_optimization_v2.0.50727_32 - ok
00:54:28.0778 4240 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:54:28.0802 4240 clr_optimization_v4.0.30319_32 - ok
00:54:28.0892 4240 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
00:54:28.0917 4240 cmdide - ok
00:54:28.0976 4240 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys
00:54:29.0000 4240 Compbatt - ok
00:54:29.0006 4240 COMSysApp - ok
00:54:29.0072 4240 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
00:54:29.0097 4240 crcdisk - ok
00:54:29.0489 4240 Creative Audio Engine Licensing Service (c0ead9f8ab83d41ff07303c75589c2b8) C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
00:54:29.0498 4240 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - warning
00:54:29.0498 4240 Creative Audio Engine Licensing Service - detected UnsignedFile.Multi.Generic (1)
00:54:29.0571 4240 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
00:54:29.0620 4240 Crusoe - ok
00:54:29.0855 4240 CryptSvc (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
00:54:29.0894 4240 CryptSvc - ok
00:54:30.0139 4240 CTAudSvcService (cacb67bc2e73894ecbcbc4ead2f02456) C:\Program Files\Creative\Shared Files\CTAudSvc.exe
00:54:30.0177 4240 CTAudSvcService ( UnsignedFile.Multi.Generic ) - warning
00:54:30.0178 4240 CTAudSvcService - detected UnsignedFile.Multi.Generic (1)
00:54:30.0253 4240 DAUpdaterSvc (914a7156b0c0f10be645a02e13f576b2) C:\Program Files\Origin Games\Dragon Age\\bin_ship\DAUpdaterSvc.Service.exe
00:54:30.0272 4240 DAUpdaterSvc - ok
00:54:31.0053 4240 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
00:54:31.0121 4240 DcomLaunch - ok
00:54:31.0168 4240 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
00:54:31.0223 4240 DfsC - ok
00:54:32.0589 4240 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
00:54:32.0732 4240 DFSR - ok
00:54:33.0050 4240 DFU (b684540dfa0bc06a504f837ed39daf5a) C:\Windows\system32\drivers\MassDfu.sys
00:54:33.0074 4240 DFU ( UnsignedFile.Multi.Generic ) - warning
00:54:33.0074 4240 DFU - detected UnsignedFile.Multi.Generic (1)
00:54:33.0108 4240 dg_ssudbus (c9f9cafafbffaf7e380efc353ccc940c) C:\Windows\system32\DRIVERS\ssudbus.sys
00:54:33.0131 4240 dg_ssudbus - ok
00:54:33.0280 4240 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
00:54:33.0345 4240 Dhcp - ok
00:54:33.0480 4240 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
00:54:33.0507 4240 disk - ok
00:54:33.0719 4240 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
00:54:33.0763 4240 Dnscache - ok
00:54:34.0096 4240 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
00:54:34.0153 4240 dot3svc - ok
00:54:34.0428 4240 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
00:54:34.0497 4240 DPS - ok
00:54:34.0516 4240 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
00:54:34.0568 4240 drmkaud - ok
00:54:34.0796 4240 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
00:54:34.0850 4240 DXGKrnl - ok
00:54:35.0100 4240 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
00:54:35.0164 4240 E1G60 - ok
00:54:35.0196 4240 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
00:54:35.0235 4240 EapHost - ok
00:54:35.0552 4240 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
00:54:35.0581 4240 Ecache - ok
00:54:36.0254 4240 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
00:54:36.0290 4240 ehRecvr - ok
00:54:36.0317 4240 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
00:54:36.0347 4240 ehSched - ok
00:54:36.0355 4240 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
00:54:36.0394 4240 ehstart - ok
00:54:36.0957 4240 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
00:54:36.0998 4240 elxstor - ok
00:54:37.0961 4240 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
00:54:38.0050 4240 EMDMgmt - ok
00:54:38.0084 4240 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
00:54:38.0135 4240 ErrDev - ok
00:54:38.0198 4240 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
00:54:38.0253 4240 EventSystem - ok
00:54:38.0465 4240 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
00:54:38.0519 4240 exfat - ok
00:54:38.0584 4240 ezSharedSvc (42f721c52eef2d6df9372a53813a83ef) C:\Windows\System32\ezsvc7.dll
00:54:38.0623 4240 ezSharedSvc ( UnsignedFile.Multi.Generic ) - warning
00:54:38.0624 4240 ezSharedSvc - detected UnsignedFile.Multi.Generic (1)
00:54:38.0693 4240 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
00:54:38.0733 4240 fastfat - ok
00:54:38.0755 4240 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
00:54:38.0804 4240 fdc - ok
00:54:38.0870 4240 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
00:54:38.0919 4240 fdPHost - ok
00:54:38.0969 4240 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
00:54:39.0065 4240 FDResPub - ok
00:54:39.0162 4240 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
00:54:39.0188 4240 FileInfo - ok
00:54:39.0234 4240 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
00:54:39.0300 4240 Filetrace - ok
00:54:39.0345 4240 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
00:54:39.0395 4240 flpydisk - ok
00:54:39.0654 4240 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
00:54:39.0684 4240 FltMgr - ok
00:54:39.0864 4240 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
00:54:39.0945 4240 FontCache - ok
00:54:40.0183 4240 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
00:54:40.0206 4240 FontCache3.0.0.0 - ok
00:54:40.0269 4240 Fs_Rec (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
00:54:40.0323 4240 Fs_Rec - ok
00:54:40.0369 4240 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
00:54:40.0395 4240 gagp30kx - ok
00:54:40.0452 4240 GEARAspiWDM (5ae3a887ece5bbb72cfab273c2fd1cfa) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
00:54:40.0473 4240 GEARAspiWDM - ok
00:54:40.0538 4240 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
00:54:40.0626 4240 gpsvc - ok
00:54:40.0842 4240 HCW85BDA (654ec061f07254cd818b9ed0ac790de3) C:\Windows\system32\drivers\HCW85BDA.sys
00:54:41.0000 4240 HCW85BDA - ok
00:54:41.0122 4240 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
00:54:41.0183 4240 HdAudAddService - ok
00:54:41.0302 4240 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
00:54:41.0360 4240 HDAudBus - ok
00:54:41.0658 4240 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
00:54:41.0789 4240 HidBth - ok
00:54:41.0855 4240 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
00:54:41.0947 4240 HidIr - ok
00:54:42.0022 4240 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\System32\hidserv.dll
00:54:42.0053 4240 hidserv - ok
00:54:42.0112 4240 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
00:54:42.0147 4240 HidUsb - ok
00:54:42.0304 4240 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
00:54:42.0354 4240 hkmsvc - ok
00:54:42.0478 4240 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
00:54:42.0502 4240 HpCISSs - ok
00:54:43.0200 4240 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
00:54:43.0263 4240 HTTP - ok
00:54:43.0374 4240 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
00:54:43.0387 4240 i2omp - ok
00:54:43.0514 4240 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
00:54:43.0534 4240 i8042prt - ok
00:54:43.0914 4240 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
00:54:43.0945 4240 iaStorV - ok
00:54:44.0746 4240 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
00:54:44.0825 4240 idsvc - ok
00:54:44.0913 4240 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
00:54:44.0936 4240 iirsp - ok
00:54:45.0144 4240 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
00:54:45.0229 4240 IKEEXT - ok
00:54:45.0239 4240 IntcAzAudAddService - ok
00:54:45.0267 4240 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
00:54:45.0291 4240 intelide - ok
00:54:45.0672 4240 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
00:54:45.0735 4240 intelppm - ok
00:54:45.0764 4240 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
00:54:45.0817 4240 IPBusEnum - ok
00:54:45.0912 4240 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:54:45.0973 4240 IpFilterDriver - ok
00:54:46.0019 4240 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
00:54:46.0080 4240 iphlpsvc - ok
00:54:46.0100 4240 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
00:54:46.0149 4240 IPMIDRV - ok
00:54:46.0296 4240 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
00:54:46.0346 4240 IPNAT - ok
00:54:46.0363 4240 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
00:54:46.0426 4240 IRENUM - ok
00:54:46.0527 4240 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
00:54:46.0552 4240 isapnp - ok
00:54:46.0858 4240 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
00:54:46.0889 4240 iScsiPrt - ok
00:54:46.0951 4240 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
00:54:46.0973 4240 iteatapi - ok
00:54:47.0080 4240 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
00:54:47.0104 4240 iteraid - ok
00:54:47.0165 4240 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
00:54:47.0190 4240 kbdclass - ok
00:54:47.0268 4240 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
00:54:47.0323 4240 kbdhid - ok
00:54:47.0394 4240 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
00:54:47.0420 4240 KeyIso - ok
00:54:48.0076 4240 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
00:54:48.0117 4240 KSecDD - ok
00:54:48.0735 4240 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
00:54:48.0814 4240 KtmRm - ok
00:54:49.0007 4240 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\System32\srvsvc.dll
00:54:49.0061 4240 LanmanServer - ok
00:54:49.0139 4240 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
00:54:49.0211 4240 LanmanWorkstation - ok
00:54:49.0381 4240 Lbd (b7c19ec8b0dd7efa58ad41ffeb8b8cda) C:\Windows\system32\DRIVERS\Lbd.sys
00:54:49.0403 4240 Lbd - ok
00:54:50.0086 4240 LBTServ (910344e2a984010435ae84783b25e5eb) C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
00:54:50.0118 4240 LBTServ - ok
00:54:50.0250 4240 LHidFilt (01cc7fb6e790ef044b411377f3a1ff41) C:\Windows\system32\DRIVERS\LHidFilt.Sys
00:54:50.0273 4240 LHidFilt - ok
00:54:50.0359 4240 lirsgt (f8a7212d0864ef5e9185fb95e6623f4d) C:\Windows\system32\DRIVERS\lirsgt.sys
00:54:50.0380 4240 lirsgt - ok
00:54:50.0541 4240 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
00:54:50.0609 4240 lltdio - ok
00:54:50.0929 4240 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
00:54:50.0996 4240 lltdsvc - ok
00:54:51.0015 4240 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
00:54:51.0117 4240 lmhosts - ok
00:54:51.0208 4240 LMouFilt (a2e7eae8898d7b4b8c302b8f4e836bb5) C:\Windows\system32\DRIVERS\LMouFilt.Sys
00:54:51.0230 4240 LMouFilt - ok
00:54:51.0299 4240 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
00:54:51.0326 4240 LSI_FC - ok
00:54:51.0366 4240 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
00:54:51.0393 4240 LSI_SAS - ok
00:54:51.0550 4240 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
00:54:51.0579 4240 LSI_SCSI - ok
00:54:51.0732 4240 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
00:54:51.0797 4240 luafv - ok
00:54:51.0823 4240 LUsbFilt (ddfa88e36d5f8db5fbdbdddc4969db0a) C:\Windows\system32\Drivers\LUsbFilt.Sys
00:54:51.0845 4240 LUsbFilt - ok
00:54:52.0121 4240 MatSvc (ddf15a42e27e8efe27b18fd403151a86) C:\Program Files\Microsoft Fix it Center\Matsvc.exe
00:54:52.0138 4240 MatSvc - ok
00:54:52.0143 4240 MBAMProtector - ok
00:54:53.0119 4240 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
00:54:53.0164 4240 MBAMService - ok
00:54:53.0195 4240 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
00:54:53.0229 4240 Mcx2Svc - ok
00:54:53.0253 4240 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
00:54:53.0278 4240 megasas - ok
00:54:53.0918 4240 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
00:54:53.0960 4240 MegaSR - ok
00:54:54.0038 4240 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
00:54:54.0089 4240 MMCSS - ok
00:54:54.0146 4240 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
00:54:54.0214 4240 Modem - ok
00:54:54.0349 4240 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
00:54:54.0409 4240 monitor - ok
00:54:54.0474 4240 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
00:54:54.0499 4240 mouclass - ok
00:54:54.0555 4240 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
00:54:54.0604 4240 mouhid - ok
00:54:54.0720 4240 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
00:54:54.0746 4240 MountMgr - ok
00:54:55.0089 4240 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
00:54:55.0114 4240 MozillaMaintenance - ok
00:54:55.0328 4240 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
00:54:55.0355 4240 mpio - ok
00:54:55.0467 4240 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
00:54:55.0520 4240 mpsdrv - ok
00:54:55.0755 4240 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
00:54:55.0818 4240 MpsSvc - ok
00:54:55.0844 4240 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
00:54:55.0867 4240 Mraid35x - ok
00:54:55.0991 4240 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
00:54:56.0029 4240 MRxDAV - ok
00:54:56.0133 4240 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
00:54:56.0188 4240 mrxsmb - ok
00:54:56.0249 4240 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:54:56.0292 4240 mrxsmb10 - ok
00:54:56.0363 4240 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:54:56.0411 4240 mrxsmb20 - ok
00:54:56.0467 4240 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
00:54:56.0492 4240 msahci - ok
00:54:56.0692 4240 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
00:54:56.0720 4240 msdsm - ok
00:54:56.0940 4240 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
00:54:57.0004 4240 MSDTC - ok
00:54:57.0038 4240 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
00:54:57.0098 4240 Msfs - ok
00:54:57.0118 4240 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
00:54:57.0142 4240 msisadrv - ok
00:54:57.0431 4240 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
00:54:57.0460 4240 MSiSCSI - ok
00:54:57.0466 4240 msiserver - ok
00:54:57.0509 4240 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
00:54:57.0554 4240 MSKSSRV - ok
00:54:57.0588 4240 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
00:54:57.0634 4240 MSPCLOCK - ok
00:54:57.0671 4240 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
00:54:57.0717 4240 MSPQM - ok
00:54:58.0033 4240 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
00:54:58.0063 4240 MsRPC - ok
00:54:58.0172 4240 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
00:54:58.0198 4240 mssmbios - ok
00:54:58.0241 4240 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
00:54:58.0306 4240 MSTEE - ok
00:54:58.0333 4240 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
00:54:58.0359 4240 Mup - ok
00:54:58.0934 4240 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
00:54:58.0996 4240 napagent - ok
00:54:59.0104 4240 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
00:54:59.0152 4240 NativeWifiP - ok
00:55:00.0255 4240 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
00:55:00.0300 4240 NDIS - ok
00:55:00.0384 4240 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
00:55:00.0440 4240 NdisTapi - ok
00:55:00.0488 4240 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
00:55:00.0537 4240 Ndisuio - ok
00:55:00.0843 4240 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
00:55:00.0882 4240 NdisWan - ok
00:55:01.0001 4240 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
00:55:01.0054 4240 NDProxy - ok
00:55:02.0526 4240 Nero BackItUp Scheduler 3 (40d7d0a208ee863bca8d89e299216f15) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
00:55:02.0584 4240 Nero BackItUp Scheduler 3 - ok
00:55:02.0641 4240 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
00:55:02.0708 4240 NetBIOS - ok
00:55:02.0748 4240 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
00:55:02.0772 4240 netbt - ok
00:55:02.0833 4240 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
00:55:02.0848 4240 Netlogon - ok
00:55:03.0307 4240 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
00:55:03.0365 4240 Netman - ok
00:55:04.0263 4240 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
00:55:04.0286 4240 NetMsmqActivator - ok
00:55:04.0293 4240 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
00:55:04.0317 4240 NetPipeActivator - ok
00:55:04.0830 4240 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
00:55:04.0906 4240 netprofm - ok
00:55:04.0913 4240 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
00:55:04.0936 4240 NetTcpActivator - ok
00:55:04.0943 4240 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
00:55:04.0967 4240 NetTcpPortSharing - ok
00:55:05.0097 4240 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
00:55:05.0121 4240 nfrd960 - ok
00:55:05.0443 4240 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
00:55:05.0498 4240 NlaSvc - ok
00:55:06.0729 4240 NMIndexingService (cd4326bc339f98de21aa07b208a305ae) C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
00:55:06.0769 4240 NMIndexingService - ok
00:55:06.0810 4240 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
00:55:06.0863 4240 Npfs - ok
00:55:06.0886 4240 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
00:55:06.0939 4240 nsi - ok
00:55:07.0026 4240 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
00:55:07.0071 4240 nsiproxy - ok
00:55:08.0800 4240 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
00:55:08.0870 4240 Ntfs - ok
00:55:08.0997 4240 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
00:55:09.0082 4240 ntrigdigi - ok
00:55:09.0127 4240 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
00:55:09.0175 4240 Null - ok
00:55:15.0576 4240 nvlddmkm (e891b3979f0cf2740c1b073f834221fe) C:\Windows\system32\DRIVERS\nvlddmkm.sys
00:55:15.0924 4240 nvlddmkm - ok
00:55:16.0503 4240 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
00:55:16.0531 4240 nvraid - ok
00:55:16.0573 4240 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
00:55:16.0599 4240 nvstor - ok
00:55:17.0108 4240 nvsvc (ae2de8e165dcb93a66b21748e6f913df) C:\Windows\system32\nvvsvc.exe
00:55:17.0157 4240 nvsvc - ok
00:55:18.0324 4240 nvUpdatusService (c78581c14699c46fe0f0817416383134) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
00:55:18.0472 4240 nvUpdatusService - ok
00:55:19.0248 4240 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
00:55:19.0275 4240 nv_agp - ok
00:55:19.0314 4240 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
00:55:19.0353 4240 ohci1394 - ok
00:55:19.0986 4240 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
00:55:20.0085 4240 p2pimsvc - ok
00:55:20.0097 4240 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
00:55:20.0156 4240 p2psvc - ok
00:55:20.0284 4240 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
00:55:20.0376 4240 Parport - ok
00:55:20.0408 4240 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
00:55:20.0422 4240 partmgr - ok
00:55:20.0498 4240 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
00:55:20.0594 4240 Parvdm - ok
00:55:20.0816 4240 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
00:55:20.0860 4240 PcaSvc - ok
00:55:20.0931 4240 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
00:55:20.0951 4240 pci - ok
00:55:21.0000 4240 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
00:55:21.0025 4240 pciide - ok
00:55:21.0112 4240 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
00:55:21.0138 4240 pcmcia - ok
00:55:21.0529 4240 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
00:55:21.0677 4240 PEAUTH - ok
00:55:21.0738 4240 pfc (da86016f0672ada925f589ede715f185) C:\Windows\system32\drivers\pfc.sys
00:55:21.0758 4240 pfc ( UnsignedFile.Multi.Generic ) - warning
00:55:21.0758 4240 pfc - detected UnsignedFile.Multi.Generic (1)
00:55:22.0113 4240 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
00:55:22.0227 4240 pla - ok
00:55:22.0304 4240 PLFlash DeviceIoControl Service (875e4e0661f3a5994df9e5e3a0a4f96b) C:\Windows\system32\IoctlSvc.exe
00:55:22.0325 4240 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - warning
00:55:22.0325 4240 PLFlash DeviceIoControl Service - detected UnsignedFile.Multi.Generic (1)
00:55:22.0367 4240 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
00:55:22.0425 4240 PlugPlay - ok
00:55:22.0461 4240 PnkBstrA (3a2bdd76e7d2a5f40a7174793d1ba794) C:\Windows\system32\PnkBstrA.exe
00:55:22.0484 4240 PnkBstrA - ok
00:55:22.0549 4240 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
00:55:22.0595 4240 PNRPAutoReg - ok
00:55:22.0609 4240 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
00:55:22.0652 4240 PNRPsvc - ok
00:55:22.0701 4240 Point32 (60a044879c4fa76314494f5fddc43b93) C:\Windows\system32\DRIVERS\point32.sys
00:55:22.0712 4240 Point32 - ok
00:55:22.0758 4240 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
00:55:22.0833 4240 PolicyAgent - ok
00:55:22.0863 4240 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
00:55:22.0890 4240 PptpMiniport - ok
00:55:22.0913 4240 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\DRIVERS\processr.sys
00:55:22.0943 4240 Processor - ok
00:55:22.0978 4240 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
00:55:23.0013 4240 ProfSvc - ok
00:55:23.0041 4240 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
00:55:23.0055 4240 ProtectedStorage - ok
00:55:23.0086 4240 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
00:55:23.0130 4240 PSched - ok
00:55:23.0205 4240 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
00:55:23.0287 4240 ql2300 - ok
00:55:23.0311 4240 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
00:55:23.0336 4240 ql40xx - ok
00:55:23.0365 4240 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
00:55:23.0398 4240 QWAVE - ok
00:55:23.0413 4240 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
00:55:23.0439 4240 QWAVEdrv - ok
00:55:23.0453 4240 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
00:55:23.0513 4240 RasAcd - ok
00:55:23.0539 4240 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
00:55:23.0606 4240 RasAuto - ok
00:55:23.0626 4240 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
00:55:23.0677 4240 Rasl2tp - ok
00:55:23.0718 4240 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
00:55:23.0764 4240 RasMan - ok
00:55:23.0802 4240 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
00:55:23.0839 4240 RasPppoe - ok
00:55:23.0873 4240 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
00:55:23.0907 4240 RasSstp - ok
00:55:23.0943 4240 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
00:55:23.0996 4240 rdbss - ok
00:55:24.0015 4240 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
00:55:24.0065 4240 RDPCDD - ok
00:55:24.0095 4240 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
00:55:24.0149 4240 rdpdr - ok
00:55:24.0156 4240 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
00:55:24.0212 4240 RDPENCDD - ok
00:55:24.0248 4240 RDPWD (79c6df8477250f5c54f7c5ae1d6b814e) C:\Windows\system32\drivers\RDPWD.sys
00:55:24.0296 4240 RDPWD - ok
00:55:24.0319 4240 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
00:55:24.0381 4240 RemoteAccess - ok
00:55:24.0411 4240 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
00:55:24.0453 4240 RemoteRegistry - ok
00:55:24.0474 4240 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
00:55:24.0510 4240 RpcLocator - ok
00:55:24.0559 4240 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
00:55:24.0615 4240 RpcSs - ok
00:55:24.0636 4240 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
00:55:24.0687 4240 rspndr - ok
00:55:24.0725 4240 RSUSBSTOR (c5acb4d2ca623f678257b0844bd1ac8a) C:\Windows\system32\Drivers\RtsUStor.sys
00:55:24.0750 4240 RSUSBSTOR - ok
00:55:24.0771 4240 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
00:55:24.0795 4240 SamSs - ok
00:55:24.0868 4240 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
00:55:24.0887 4240 SASDIFSV - ok
00:55:24.0920 4240 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
00:55:24.0940 4240 SASKUTIL - ok
00:55:24.0964 4240 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
00:55:24.0988 4240 sbp2port - ok
00:55:25.0025 4240 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
00:55:25.0085 4240 SCardSvr - ok
00:55:25.0161 4240 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
00:55:25.0270 4240 Schedule - ok
00:55:25.0304 4240 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
00:55:25.0340 4240 SCPolicySvc - ok
00:55:25.0357 4240 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
00:55:25.0399 4240 SDRSVC - ok
00:55:25.0409 4240 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
00:55:25.0504 4240 secdrv - ok
00:55:25.0521 4240 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
00:55:25.0573 4240 seclogon - ok
00:55:25.0593 4240 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\system32\sens.dll
00:55:25.0645 4240 SENS - ok
00:55:25.0656 4240 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
00:55:25.0749 4240 Serenum - ok
00:55:25.0774 4240 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
00:55:25.0843 4240 Serial - ok
00:55:25.0859 4240 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
00:55:25.0918 4240 sermouse - ok
00:55:25.0945 4240 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
00:55:25.0994 4240 SessionEnv - ok
00:55:26.0006 4240 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
00:55:26.0052 4240 sffdisk - ok
00:55:26.0065 4240 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
00:55:26.0114 4240 sffp_mmc - ok
00:55:26.0160 4240 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
00:55:26.0222 4240 sffp_sd - ok
00:55:26.0248 4240 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
00:55:26.0333 4240 sfloppy - ok
00:55:26.0368 4240 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
00:55:26.0424 4240 SharedAccess - ok
00:55:26.0467 4240 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
00:55:26.0509 4240 ShellHWDetection - ok
00:55:26.0525 4240 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
00:55:26.0550 4240 sisagp - ok
00:55:26.0565 4240 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
00:55:26.0590 4240 SiSRaid2 - ok
00:55:26.0608 4240 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
00:55:26.0634 4240 SiSRaid4 - ok
00:55:26.0661 4240 skfiltv (a48b5af8e18e4765acdec5bbb8343f84) C:\Windows\system32\drivers\skfiltv.sys
00:55:26.0696 4240 skfiltv - ok
00:55:26.0897 4240 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
00:55:27.0055 4240 slsvc - ok
00:55:27.0147 4240 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
00:55:27.0200 4240 SLUINotify - ok
00:55:27.0257 4240 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
00:55:27.0305 4240 Smb - ok
00:55:27.0343 4240 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
00:55:27.0370 4240 SNMPTRAP - ok
00:55:27.0378 4240 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
00:55:27.0402 4240 spldr - ok
00:55:27.0445 4240 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
00:55:27.0481 4240 Spooler - ok
00:55:27.0528 4240 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
00:55:27.0580 4240 srv - ok
00:55:27.0621 4240 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
00:55:27.0659 4240 srv2 - ok
00:55:27.0680 4240 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
00:55:27.0705 4240 srvnet - ok
00:55:27.0732 4240 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
00:55:27.0787 4240 SSDPSRV - ok
00:55:27.0805 4240 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
00:55:27.0849 4240 SstpSvc - ok
00:55:27.0883 4240 ssudmdm (91970cc4a3a30a01c1573184a62f5143) C:\Windows\system32\DRIVERS\ssudmdm.sys
00:55:27.0909 4240 ssudmdm - ok
00:55:27.0955 4240 Steam Client Service - ok
00:55:28.0033 4240 Stereo Service (fc0a58529a02b1eed55ddc58696b7908) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
00:55:28.0066 4240 Stereo Service - ok
00:55:28.0126 4240 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
00:55:28.0167 4240 stisvc - ok
00:55:28.0180 4240 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
00:55:28.0203 4240 swenum - ok
00:55:28.0249 4240 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
00:55:28.0296 4240 swprv - ok
00:55:28.0309 4240 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
00:55:28.0332 4240 Symc8xx - ok
00:55:28.0344 4240 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
00:55:28.0369 4240 Sym_hi - ok
00:55:28.0388 4240 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
00:55:28.0411 4240 Sym_u3 - ok
00:55:28.0473 4240 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
00:55:28.0551 4240 SysMain - ok
00:55:28.0570 4240 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
00:55:28.0608 4240 TabletInputService - ok
00:55:28.0650 4240 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
00:55:28.0695 4240 TapiSrv - ok
00:55:28.0713 4240 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
00:55:28.0759 4240 TBS - ok
00:55:28.0845 4240 Tcpip (16731b631f28f63cd9f4cb60940e7ddd) C:\Windows\system32\drivers\tcpip.sys
00:55:28.0879 4240 Tcpip - ok
00:55:28.0890 4240 Tcpip6 (16731b631f28f63cd9f4cb60940e7ddd) C:\Windows\system32\DRIVERS\tcpip.sys
00:55:28.0924 4240 Tcpip6 - ok
00:55:28.0948 4240 tcpipreg (3fc13f09af9be487c7b4fac4070a036c) C:\Windows\system32\drivers\tcpipreg.sys
00:55:28.0973 4240 tcpipreg - ok
00:55:28.0988 4240 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
00:55:29.0017 4240 TDPIPE - ok
00:55:29.0031 4240 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
00:55:29.0068 4240 TDTCP - ok
00:55:29.0101 4240 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
00:55:29.0124 4240 tdx - ok
00:55:29.0152 4240 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
00:55:29.0172 4240 TermDD - ok
00:55:29.0229 4240 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
00:55:29.0259 4240 TermService - ok
00:55:29.0299 4240 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
00:55:29.0316 4240 Themes - ok
00:55:29.0331 4240 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
00:55:29.0360 4240 THREADORDER - ok
00:55:29.0372 4240 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
00:55:29.0411 4240 TrkWks - ok
00:55:29.0439 4240 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
00:55:29.0467 4240 TrustedInstaller - ok
00:55:29.0492 4240 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
00:55:29.0541 4240 tssecsrv - ok
00:55:29.0551 4240 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
00:55:29.0570 4240 tunmp - ok
00:55:29.0588 4240 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
00:55:29.0601 4240 tunnel - ok
00:55:29.0618 4240 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
00:55:29.0633 4240 uagp35 - ok
00:55:29.0661 4240 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
00:55:29.0687 4240 udfs - ok
00:55:29.0703 4240 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
00:55:29.0732 4240 UI0Detect - ok
00:55:29.0749 4240 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
00:55:29.0763 4240 uliagpkx - ok
00:55:29.0787 4240 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
00:55:29.0804 4240 uliahci - ok
00:55:29.0820 4240 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
00:55:29.0833 4240 UlSata - ok
00:55:29.0848 4240 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
00:55:29.0862 4240 ulsata2 - ok
00:55:29.0874 4240 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
00:55:29.0916 4240 umbus - ok
00:55:29.0943 4240 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
00:55:29.0975 4240 upnphost - ok
00:55:30.0010 4240 USBAAPL (1df89c499bf45d878b87ebd4421d462d) C:\Windows\system32\Drivers\usbaapl.sys
00:55:30.0024 4240 USBAAPL ( UnsignedFile.Multi.Generic ) - warning
00:55:30.0024 4240 USBAAPL - detected UnsignedFile.Multi.Generic (1)
00:55:30.0048 4240 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
00:55:30.0088 4240 usbaudio - ok
00:55:30.0128 4240 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
00:55:30.0178 4240 usbccgp - ok
00:55:30.0198 4240 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
00:55:30.0295 4240 usbcir - ok
00:55:30.0304 4240 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
00:55:30.0340 4240 usbehci - ok
00:55:30.0363 4240 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
00:55:30.0409 4240 usbhub - ok
00:55:30.0430 4240 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
00:55:30.0464 4240 usbohci - ok
00:55:30.0491 4240 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
00:55:30.0518 4240 usbprint - ok
00:55:30.0531 4240 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
00:55:30.0559 4240 USBSTOR - ok
00:55:30.0575 4240 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
00:55:30.0611 4240 usbuhci - ok
00:55:30.0638 4240 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
00:55:30.0660 4240 UxSms - ok
00:55:30.0710 4240 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
00:55:30.0740 4240 vds - ok
00:55:30.0754 4240 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
00:55:30.0781 4240 vga - ok
00:55:30.0797 4240 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
00:55:30.0834 4240 VgaSave - ok
00:55:30.0859 4240 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
00:55:30.0873 4240 viaagp - ok
00:55:30.0887 4240 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
00:55:30.0914 4240 ViaC7 - ok
00:55:30.0930 4240 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
00:55:30.0944 4240 viaide - ok
00:55:30.0952 4240 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
00:55:30.0970 4240 volmgr - ok
00:55:31.0012 4240 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
00:55:31.0035 4240 volmgrx - ok
00:55:31.0072 4240 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
00:55:31.0089 4240 volsnap - ok
00:55:31.0108 4240 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
00:55:31.0131 4240 vsmraid - ok
00:55:31.0203 4240 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
00:55:31.0259 4240 VSS - ok
00:55:31.0318 4240 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
00:55:31.0343 4240 W32Time - ok
00:55:31.0377 4240 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
00:55:31.0435 4240 WacomPen - ok
00:55:31.0454 4240 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
00:55:31.0485 4240 Wanarp - ok
00:55:31.0490 4240 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
00:55:31.0523 4240 Wanarpv6 - ok
00:55:31.0558 4240 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
00:55:31.0590 4240 wcncsvc - ok
00:55:31.0607 4240 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
00:55:31.0640 4240 WcsPlugInService - ok
00:55:31.0653 4240 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
00:55:31.0666 4240 Wd - ok
00:55:31.0718 4240 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
00:55:31.0740 4240 Wdf01000 - ok
00:55:31.0757 4240 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
00:55:31.0798 4240 WdiServiceHost - ok
00:55:31.0800 4240 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
00:55:31.0832 4240 WdiSystemHost - ok
00:55:31.0873 4240 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
00:55:31.0903 4240 WebClient - ok
00:55:31.0932 4240 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
00:55:31.0972 4240 Wecsvc - ok
00:55:31.0987 4240 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
00:55:32.0028 4240 wercplsupport - ok
00:55:32.0059 4240 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
00:55:32.0083 4240 WerSvc - ok
00:55:32.0147 4240 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
00:55:32.0165 4240 WinDefend - ok
00:55:32.0172 4240 WinHttpAutoProxySvc - ok
00:55:32.0201 4240 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
00:55:32.0223 4240 Winmgmt - ok
00:55:32.0317 4240 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
00:55:32.0383 4240 WinRM - ok
00:55:32.0490 4240 WINZIPSSDiskOptimizer (98304bb0cda9a4ad12c4b733425bdd63) C:\Program Files\WinZip System Utilities Suite\WINZIPSSDefragSrv.exe
00:55:32.0515 4240 WINZIPSSDiskOptimizer - ok
00:55:32.0624 4240 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
00:55:32.0716 4240 Wlansvc - ok
00:55:32.0918 4240 wlidsvc (5144ae67d60ec653f97ddf3feed29e77) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
00:55:33.0016 4240 wlidsvc - ok
00:55:33.0082 4240 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys
00:55:33.0095 4240 WmiAcpi - ok
00:55:33.0152 4240 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
00:55:33.0174 4240 wmiApSrv - ok
00:55:33.0251 4240 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
00:55:33.0337 4240 WMPNetworkSvc - ok
00:55:33.0381 4240 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
00:55:33.0427 4240 WPCSvc - ok
00:55:33.0458 4240 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
00:55:33.0500 4240 WPDBusEnum - ok
00:55:33.0530 4240 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
00:55:33.0559 4240 WpdUsb - ok
00:55:33.0714 4240 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
00:55:33.0762 4240 WPFFontCache_v0400 - ok
00:55:33.0793 4240 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
00:55:33.0841 4240 ws2ifsl - ok
00:55:33.0874 4240 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\system32\wscsvc.dll
00:55:33.0901 4240 wscsvc - ok
00:55:33.0905 4240 WSearch - ok
00:55:34.0041 4240 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
00:55:34.0116 4240 wuauserv - ok
00:55:34.0226 4240 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
00:55:34.0256 4240 wudfsvc - ok
00:55:34.0312 4240 X10Hid (ab2d77bf7222b007717abb61b15f9ae2) C:\Windows\system32\Drivers\x10hid.sys
00:55:34.0324 4240 X10Hid - ok
00:55:34.0401 4240 x10nets (5a0c788c5bc5f2c993cb60940adcf95e) C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
00:55:34.0409 4240 x10nets ( UnsignedFile.Multi.Generic ) - warning
00:55:34.0409 4240 x10nets - detected UnsignedFile.Multi.Generic (1)
00:55:34.0457 4240 XENfiltv (abc8bbea8f643e200508c3a2a8e475a9) C:\Windows\system32\drivers\XENfiltv.sys
00:55:34.0465 4240 XENfiltv ( UnsignedFile.Multi.Generic ) - warning
00:55:34.0465 4240 XENfiltv - detected UnsignedFile.Multi.Generic (1)
00:55:34.0526 4240 xnacc (9eea6d029fef5f3016d089b1a603837d) C:\Windows\system32\DRIVERS\xnacc.sys
00:55:34.0577 4240 xnacc - ok
00:55:34.0605 4240 xusb21 (a640c90b007762939507c28a021be3b3) C:\Windows\system32\DRIVERS\xusb21.sys
00:55:34.0624 4240 xusb21 - ok
00:55:34.0673 4240 yukonwlh (e745b9d5fe1fda8a50913fdcc8ff9fdc) C:\Windows\system32\DRIVERS\yk60x86.sys
00:55:34.0688 4240 yukonwlh - ok
00:55:34.0707 4240 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
00:55:34.0738 4240 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
00:55:34.0738 4240 \Device\Harddisk0\DR0 - detected TDSS File System (1)
00:55:34.0759 4240 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk1\DR1
00:55:34.0820 4240 \Device\Harddisk1\DR1 - ok
00:55:34.0825 4240 Boot (0x1200) (2967fc66e4c112ef76700ae5b5283543) \Device\Harddisk0\DR0\Partition0
00:55:34.0826 4240 \Device\Harddisk0\DR0\Partition0 - ok
00:55:34.0851 4240 Boot (0x1200) (ad4c07341174e882f188c156da349070) \Device\Harddisk1\DR1\Partition0
00:55:34.0852 4240 \Device\Harddisk1\DR1\Partition0 - ok
00:55:34.0853 4240 ============================================================
00:55:34.0853 4240 Scan finished
00:55:34.0853 4240 ============================================================
00:55:34.0868 2960 Detected object count: 10
00:55:34.0868 2960 Actual detected object count: 10
00:56:16.0880 2960 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
00:56:16.0880 2960 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:56:16.0883 2960 CTAudSvcService ( UnsignedFile.Multi.Generic ) - skipped by user
00:56:16.0883 2960 CTAudSvcService ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:56:16.0887 2960 DFU ( UnsignedFile.Multi.Generic ) - skipped by user
00:56:16.0887 2960 DFU ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:56:16.0890 2960 ezSharedSvc ( UnsignedFile.Multi.Generic ) - skipped by user
00:56:16.0890 2960 ezSharedSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:56:16.0894 2960 pfc ( UnsignedFile.Multi.Generic ) - skipped by user
00:56:16.0894 2960 pfc ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:56:16.0897 2960 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - skipped by user
00:56:16.0897 2960 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:56:16.0900 2960 USBAAPL ( UnsignedFile.Multi.Generic ) - skipped by user
00:56:16.0900 2960 USBAAPL ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:56:16.0903 2960 x10nets ( UnsignedFile.Multi.Generic ) - skipped by user
00:56:16.0903 2960 x10nets ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:56:16.0907 2960 XENfiltv ( UnsignedFile.Multi.Generic ) - skipped by user
00:56:16.0907 2960 XENfiltv ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:56:16.0910 2960 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
00:56:16.0910 2960 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
00:56:34.0675 4360 Deinitialize success

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Tietokantaversio: v2012.05.04.06

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Jussi :: JUSSI-PC [järjestelmänvalvoja]

5.5.2012 1:02:29
mbam-log-2012-05-05 (01-02-29).txt

Tarkistustyyppi: Pikatarkistus
Tarkistussuodattimia valittu: Muisti | Käynnistys | Rekisteri | Tietojärjestelmä | Heuristinen/Ylimäärinen | Heuristinen/Shuriken | Mahdollisesti haitallinen ohjelma | Mahdollisesti haitallinen muutos
Käytöstä poistetut tarkistusvalinnat: Vertaisverkko (Peer-to-Peer)
Tarkistettuja kohteita: 215718
Kulunut aika: 6 minuutti(a), 57 sekunti(a)

Epäilyttäviä muistiprosesseja: 0
(Ei haitallisia kohteita)

Epäilyttäviä muistimoduuleja: 0
(Ei haitallisia kohteita)

Epäilyttäviä rekisteriavaimia: 0
(Ei haitallisia kohteita)

Epäilyttäviä rekisteriarvoja: 0
(Ei haitallisia kohteita)

Epäilyttäviä rekisterikohteita: 0
(Ei haitallisia kohteita)

Epäilyttäviä kansioita: 0
(Ei haitallisia kohteita)

Epäilyttäviä tiedostoja: 0
(Ei haitallisia kohteita)

(loppu)

#5
Ducon

Posted 04 May 2012 - 05:13 PM

Member

Topic Starter
Member
17 posts

ComboFix 12-05-04.03 - Jussi 05.05.2012 0:30.2.4 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.358.1035.18.3326.2252 [GMT 3:00]
Sijainti: c:\users\Jussi\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((( Muut poistot ))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Jussi\296.10-desktop-win7-winvista-32bit-international-whql.exe
c:\users\Jussi\32bit_Vista_Win7_R267.exe
c:\users\Jussi\AVWWSetup-windows.exe
c:\users\Jussi\CardinalQuest_1.2.1_windows.exe
c:\users\Jussi\CleanMem.dll
c:\users\Jussi\digital-1.1.exe
c:\users\Jussi\Download A.I.M 2.exe
c:\users\Jussi\Download Driftmoon (Alpha).exe
c:\users\Jussi\Download NecroVisioN- Lost Company.exe
c:\users\Jussi\Download Star Wolves.exe
c:\users\Jussi\Download Theatre of War 2- Battle for Caen Special Edition.exe
c:\users\Jussi\Driftmoon_2012_03_26.exe
c:\users\Jussi\eb1_setup_106.exe
c:\users\Jussi\Lair_of_the_Evildoer_1.1.4440.28367_Setup.exe
c:\users\Jussi\MordorV1-1_DepthsSetup.exe
c:\users\Jussi\SetupDroidAssaultDemo.exe
c:\users\Jussi\SetupUltratronDemo.exe
c:\users\Jussi\stone_soup-0.10.2-win32-installer.exe
c:\users\Jussi\TFC.exe
c:\users\Jussi\tiggit_setup.exe
D:\install.exe
.
.
((((( Tiedostot, jotka on luotu seuraavalla aikavälillä: 2012-04-04 to 2012-05-04 )))))))))))))))))
.
.
2012-05-04 21:43 . 2012-05-04 21:44 -------- d-----w- c:\users\Jussi\AppData\Local\temp
2012-05-04 21:43 . 2012-05-04 21:43 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-05-04 21:43 . 2012-05-04 21:43 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-05-04 21:43 . 2012-05-04 21:43 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-05-04 18:02 . 2012-05-04 18:02 -------- d-----w- C:\_OTL
2012-05-03 01:12 . 2012-05-03 01:12 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-05-03 01:12 . 2012-05-03 01:12 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-05-01 22:42 . 2012-05-01 23:07 -------- d-----w- c:\users\Jussi\AppData\Local\SniperV2 Demo
2012-04-29 18:26 . 2012-04-29 23:09 -------- d-----w- C:\getnzb-segment
2012-04-29 05:20 . 2012-04-29 05:20 -------- d-----w- c:\program files\Eschalon Book II
2012-04-27 13:39 . 2012-04-30 04:19 -------- d-----w- c:\users\Jussi\AppData\Local\GetNZB
2012-04-27 13:39 . 2012-04-27 13:39 -------- d-----w- c:\program files\GetNZB
2012-04-26 07:02 . 2012-04-26 07:02 -------- d-----w- c:\program files\Mozilla Maintenance Service
2012-04-26 07:02 . 2012-04-26 07:02 157352 ----a-w- c:\program files\Mozilla Firefox\maintenanceservice_installer.exe
2012-04-26 07:02 . 2012-04-26 07:02 129976 ----a-w- c:\program files\Mozilla Firefox\maintenanceservice.exe
2012-04-26 00:01 . 2012-04-26 00:03 -------- d-----w- c:\users\Jussi\AppData\Local\BladesOfTimeDemo
2012-04-25 20:31 . 1994-12-01 18:58 398416 ------w- c:\windows\system\VBRUN300.DLL
2012-04-25 20:31 . 1994-10-07 02:20 27136 ------w- c:\windows\system\WAVMIX16.DLL
2012-04-24 20:43 . 2012-04-24 20:43 -------- d-----w- c:\users\Jussi\AppData\Roaming\crawl
2012-04-24 20:05 . 2012-04-24 20:05 -------- d-----w- c:\program files\Crawl
2012-04-24 02:23 . 2012-04-25 23:15 -------- d-----w- c:\program files\AVWW
2012-04-24 01:45 . 2012-04-24 01:45 -------- d-sh--w- c:\programdata\SecuROM
2012-04-23 17:38 . 2012-04-23 17:38 -------- d-----w- c:\users\Jussi\AppData\Local\amd
2012-04-23 17:38 . 2004-10-18 03:04 161280 ----a-w- c:\windows\system32\fmod.dll
2012-04-23 17:38 . 2010-05-14 03:03 220672 ----a-w- c:\windows\system32\vbskfr2.ocx
2012-04-23 17:38 . 2005-11-08 15:35 40960 ----a-w- c:\windows\system32\akprogressbar.ocx
2012-04-23 17:38 . 2004-08-03 19:56 1227264 ----a-w- c:\windows\system32\dx8vb.dll
2012-04-22 21:19 . 2012-04-22 21:58 -------- d-----w- c:\program files\Driftmoon
2012-04-21 11:43 . 2012-04-18 10:53 -------- d-----w- c:\users\Public\msdownld.tmp
2012-04-20 14:51 . 2012-04-20 14:52 -------- d-----w- c:\programdata\Battle.net
2012-04-17 18:06 . 2012-04-17 18:09 -------- d-----w- c:\users\Jussi\AppData\Local\Insanely Twisted Shadow Planet
2012-04-15 12:47 . 2012-04-15 12:47 -------- d-----w- c:\users\Jussi\T-Engine
2012-04-14 13:36 . 2012-04-22 20:49 -------- d-----w- c:\users\Jussi\AppData\Local\Driftmoon
2012-04-11 09:27 . 2012-03-06 06:39 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-04-11 09:27 . 2012-03-06 06:39 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-04-11 09:19 . 2012-03-01 11:01 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2012-04-10 05:40 . 2012-04-10 06:05 -------- d-----w- c:\program files\A.I.M 2
2012-04-10 04:31 . 2012-04-10 20:42 -------- d-----w- c:\program files\1C Company
2012-04-09 13:21 . 2012-04-09 13:36 -------- d-----w- c:\program files\Pathologic
2012-04-09 12:07 . 2012-04-09 12:07 -------- d-----w- c:\program files\Project Black Sun
2012-04-08 05:06 . 2012-04-08 05:06 -------- d-----w- c:\users\Jussi\AppData\Local\EA Games
2012-04-08 05:06 . 2012-04-08 05:06 -------- d-----w- c:\programdata\Solidshield
2012-04-08 03:37 . 2012-04-08 03:37 -------- d-----w- c:\users\Jussi\AppData\Roaming\Worthless Bums
2012-04-08 02:59 . 2012-04-08 02:59 -------- d-----w- c:\users\Jussi\AppData\Roaming\3DeadZed
2012-04-08 02:59 . 2012-04-08 02:59 -------- d-----w- c:\program files\Gentleman Squid
2012-04-06 19:36 . 2012-04-06 19:36 -------- d-----w- c:\users\Jussi\AppData\Local\Demiurge Studios
2012-04-06 01:56 . 2012-04-06 01:56 30412800 ----a-w- c:\users\Jussi\PhysX-9.12.0213-SystemSoftware.msi
2012-04-05 21:34 . 2012-04-05 21:34 -------- d-----w- c:\users\Jussi\AppData\Local\Targem
2012-04-05 21:33 . 2012-04-05 21:33 -------- d-----w- c:\windows\system32\AGEIA
2012-04-05 21:08 . 2012-04-06 15:42 -------- d-----w- c:\program files\DevilWhiskey
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-29 09:46 . 2012-03-29 09:46 53248 ----a-r- c:\users\Jussi\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2012-03-29 09:46 . 2012-03-29 09:46 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2012-03-07 15:43 . 2008-10-14 16:18 319456 ----a-w- c:\windows\DIFxAPI.dll
2012-03-01 16:26 . 2012-03-01 16:25 84810526 ----a-w- c:\users\Jussi\doomrl-0996.exe
2012-02-29 23:59 . 2012-03-13 17:23 61248 ----a-w- c:\windows\system32\OpenCL.dll
2012-02-29 23:59 . 2012-03-13 17:23 19444544 ----a-w- c:\windows\system32\nvoglv32.dll
2012-02-29 23:59 . 2012-03-13 17:23 10819392 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2012-02-29 23:59 . 2012-03-13 17:23 5892928 ----a-w- c:\windows\system32\nvcuda.dll
2012-02-29 23:59 . 2012-03-13 17:23 2517312 ----a-w- c:\windows\system32\nvcuvid.dll
2012-02-29 23:59 . 2012-03-13 17:23 2437440 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-02-29 23:59 . 2012-03-13 17:23 17543488 ----a-w- c:\windows\system32\nvcompiler.dll
2012-02-29 23:59 . 2011-08-09 21:34 7713088 ----a-w- c:\windows\system32\nvwgf2um.dll
2012-02-29 23:59 . 2011-08-09 21:34 881984 ----a-w- c:\windows\system32\nvgenco32.dll
2012-02-29 23:59 . 2011-08-09 21:34 1000256 ----a-w- c:\windows\system32\nvdispco32.dll
2012-02-29 23:59 . 2011-02-23 05:27 15009600 ----a-w- c:\windows\system32\nvd3dum.dll
2012-02-29 23:59 . 2010-07-23 01:13 2301248 ----a-w- c:\windows\system32\nvapi.dll
2012-02-29 22:58 . 2012-02-29 22:58 1188400 ----a-w- c:\users\Jussi\OnLive_Setup.exe
2012-02-29 20:56 . 2010-07-09 13:20 3881792 ----a-w- c:\windows\system32\nvcpl.dll
2012-02-29 20:55 . 2010-07-09 13:20 2719040 ----a-w- c:\windows\system32\nvsvc.dll
2012-02-29 20:53 . 2010-07-09 13:20 108352 ----a-w- c:\windows\system32\nvmctray.dll
2012-02-29 20:53 . 2010-07-09 13:20 645440 ----a-w- c:\windows\system32\nvvsvc.exe
2012-02-29 20:53 . 2010-07-09 13:20 62272 ----a-w- c:\windows\system32\nvshext.dll
2012-02-29 20:53 . 2010-07-09 13:20 2561344 ----a-w- c:\windows\system32\nvsvcr.dll
2012-02-29 11:26 . 2012-02-29 11:26 416064 ----a-w- c:\windows\system32\nvStreaming.exe
2012-02-27 23:01 . 2012-02-27 23:01 3968384 ----a-w- c:\users\Jussi\avg_free_stb_all_2012_1913_cnet.exe
2012-02-25 20:41 . 2012-02-25 20:41 10625632 ----a-w- c:\users\Jussi\Opera_1161_int_Setup.exe
2012-02-21 03:13 . 2003-03-18 21:14 499712 ----a-w- c:\windows\system32\msvcp71.dll
2012-02-20 20:17 . 2012-02-20 20:00 8961024 ----a-w- c:\users\Jussi\Pitman.exe
2012-02-17 16:58 . 2010-06-20 06:43 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-02-14 17:20 . 2010-09-19 17:55 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2012-02-14 17:20 . 2010-09-19 17:55 109144 ----a-w- c:\windows\system32\OpenAL32.dll
2012-02-14 17:05 . 2012-02-14 17:05 12288 ----a-w- c:\windows\system32\drivers\MassDfu.sys
2012-02-14 15:45 . 2012-03-14 17:26 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2012-02-14 15:45 . 2012-03-14 17:26 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2012-02-13 14:12 . 2012-03-14 17:26 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2012-02-13 13:47 . 2012-03-14 17:26 683008 ----a-w- c:\windows\system32\d2d1.dll
2012-02-13 13:44 . 2012-03-14 17:26 1068544 ----a-w- c:\windows\system32\DWrite.dll
2012-02-12 07:06 . 2011-11-29 20:51 78554624 ----a-w- c:\users\Jussi\Fractal Installer.msi
2012-04-26 07:02 . 2011-03-29 18:26 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2009-03-31 19:47 . 2009-02-22 15:54 324976 ----a-w- c:\program files\mozilla firefox\components\coFFPlgn.dll
.
.
(((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VolPanel"="c:\program files\Creative\USB Headsets\Volume Panel\VolPanlu.exe" [2008-08-27 233588]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]
"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-01-24 2416480]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1387288]
"TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" [2012-02-21 296056]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-09-23 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0sasnative32\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
backup=c:\windows\pss\WinZip Quick Pick.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\amd_dc_opt]
2008-07-22 11:53 77824 ----a-w- c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint]
2010-07-21 13:52 1797008 ----a-w- c:\program files\Microsoft IntelliPoint\ipoint.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2011-10-24 11:28 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-01-18 12:02 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"AntiSpywareOverride"=dword:00000001
.
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-03 253088]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2011-09-23 116608]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
.
.
--- Muut muistissa olevat ajurit/palvelut ---
.
*Deregistered* - aswMBR
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ezSharedSvc
.
'Ajoitetut tehtävät'-kansion sisältö
.
2012-05-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-03 01:12]
.
.
------- Täydentävä tarkistus -------
.
uStart Page = hxxp://www.eset.com/home/products/online-scanner/
mStart Page = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=040b&s=1&o=vp32&d=0109&m=imedia_a6500_ncd
uInternet Settings,ProxyOverride = *.local
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{57D29552-3B29-4A65-8D61-D4E458B114ED}: NameServer = 208.67.222.222,208.67.220.220
DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
FF - ProfilePath - c:\users\Jussi\AppData\Roaming\Mozilla\Firefox\Profiles\w7a81fei.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.newhorizonwow.com/
.
- - - - POISTETUT JÄMÄRIVIT - - - -
.
MSConfigStartUp-Malwarebytes Anti-Malware (reboot) - c:\program files\Malwarebytes' Anti-Malware\mbam.exe
AddRemove-Heroes of Might and Magic® III - c:\program files\GOG.com\Heroes of Might and Magic 3 Complete\unins000.exe
AddRemove-Spotify - c:\users\Jussi\AppData\Roaming\Spotify\Spotify.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-05-05 00:44
Windows 6.0.6002 Service Pack 2 NTFS
.
tarkistaa piilotettuja prosesseja ...
.
tarkistaa piilotettuja käynnistysarvoja ...
.
tarkistaa piilotettuja tiedostoja ...
.
.
c:\users\Jussi\AppData\Local\Temp\catchme.dll 53248 bytes executable
.
tarkistus on valmis
piilotetut tiedostot: 1
.
**************************************************************************
.
--------------------- LUKITUT REKISTERIAVAIMET ---------------------
.
[HKEY_USERS\S-1-5-21-625289935-3182868809-2741512627-1000\Software\SecuROM\License information*]
"datasecu"=hex:41,62,ec,4a,26,5e,91,bc,29,0f,45,92,2f,c4,d0,86,3c,32,55,5c,30,
81,1d,29,73,87,53,7b,86,7d,66,8a,80,6c,b7,2a,b6,13,a2,ed,7d,c1,14,0f,95,23,\
"rkeysecu"=hex:04,1e,01,b3,b7,d2,bf,28,8c,f8,9d,e0,b6,c8,82,71
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Valmistumisajankohta: 2012-05-05 00:46:37
ComboFix-quarantined-files.txt 2012-05-04 21:46
.
Ennen ajoa: 302 949 310 464 tavua vapaana
Ajon jälkeen: 303 043 629 056 tavua vapaana
.
- - End Of File - - F6AE38887F1305308D9E6BFCC87943B7

#6
RKinner

Posted 04 May 2012 - 05:32 PM

Malware Expert

Expert
24,625 posts

Run TDSSKiller again just like the second run. This time tell it to Delete the TDSS File System:

00:56:16.0910 2960 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
00:56:16.0910 2960 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

Don't think I've ever had a client from Finland before. Let's see if DDS will read the error logs:
Please download DDS from http://download.blee...om/sUBs/dds.com or http://download.blee...om/sUBs/dds.scr
and save it to your desktop.

* Disable any script blocking protection
* Double click dds.pif to run the tool.
* When done, two DDS.txt's will open.
* Save both reports to your desktop.

---------------------------------------------------
Please include the contents of the following in your next reply:

DDS.txt
Attach.txt.

Your logs are looking pretty good now. How is it running now? Any problems?

Ron

#7
Ducon

Posted 04 May 2012 - 07:33 PM

Member

Topic Starter
Member
17 posts

Comp is running smooth now. Seems to be back to normal \o/

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31
Run by Jussi at 4:26:10 on 2012-05-05
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.358.1035.18.3326.1655 [GMT 3:00]
.
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\IoctlSvc.exe
C:\Windows\system32\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\WinZip System Utilities Suite\WINZIPSSDefragSrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
C:\Program Files\AVG\AVG2012\avgnsx.exe
C:\Program Files\AVG\AVG2012\avgemcx.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\taskeng.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\conime.exe
D:\Steam\Steam.exe
C:\Program Files\Common Files\Steam\SteamService.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.eset.com/home/products/online-scanner/
mStart Page = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=040b&s=1&o=vp32&d=0109&m=imedia_a6500_ncd
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
mRun: [VolPanel] "c:\program files\creative\usb headsets\volume panel\VolPanlu.exe" /r
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"
mRun: [EvtMgr6] c:\program files\logitech\setpointp\SetPoint.exe /launchGaming
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: HideFastUserSwitching = 0 (0x0)
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{57D29552-3B29-4A65-8D61-D4E458B114ED} : NameServer = 208.67.222.222,208.67.220.220
TCP: Interfaces\{57D29552-3B29-4A65-8D61-D4E458B114ED} : DhcpNameServer = 192.168.1.1
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\jussi\appdata\roaming\mozilla\firefox\profiles\w7a81fei.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.newhorizonwow.com/
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.0.61118.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dv.dll
FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dvstreaming.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\users\jussi\appdata\local\fancy\npfancygame.dll
FF - plugin: c:\users\jussi\appdata\locallow\unity\webplayer\loader\npUnity3D32.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_2_202_233.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-7-11 23120]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-9-13 32592]
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2010-6-5 64288]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-10-7 230608]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-8-8 40016]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-7-11 295248]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\SASDIFSV.SYS [2010-2-17 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCORE.EXE [2010-6-7 116608]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-1-3 63928]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2011-8-2 192776]
R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe -k netsvcs [2008-1-21 21504]
R2 FontCache;Windowsin fonttien välimuistipalvelu;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2012-2-29 382272]
R2 WINZIPSSDiskOptimizer;WINZIPSSDiskOptimizer;c:\program files\winzip system utilities suite\WINZIPSSDefragSrv.exe [2011-8-2 605520]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-7-11 134736]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-7-11 24272]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-10-4 16720]
R3 HCW85BDA;Hauppauge WinTV 885 Video Capture;c:\windows\system32\drivers\HCW85BDA.sys [2011-12-6 1596672]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [2011-1-18 197224]
R3 skfiltv;skfiltv;c:\windows\system32\drivers\skfiltv.sys [2012-1-20 17408]
R3 X10Hid;X10 Hid Device;c:\windows\system32\drivers\x10hid.sys [2008-10-14 13976]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\nvidia corporation\nvidia update core\daemonu.exe [2012-2-21 2348352]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-5-3 253088]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\common files\creative labs shared\service\CTAELicensing.exe [2012-1-20 79360]
S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;c:\program files\origin games\dragon age\bin_ship\daupdatersvc.service.exe [2011-2-24 25832]
S3 DFU;DFU;c:\windows\system32\drivers\MassDfu.sys [2012-2-14 12288]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2011-8-8 77624]
S3 MatSvc;Microsoft Automated Troubleshooting Service;c:\program files\microsoft fix it center\Matsvc.exe [2011-6-13 267568]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-4-26 129976]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [2011-8-8 181432]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S3 XENfiltv;XENfiltv;c:\windows\system32\drivers\XENfiltv.sys [2011-8-16 17920]
.
=============== Created Last 30 ================
.
2012-05-05 01:23:12 -------- d-----w- C:\TDSSKiller_Quarantine
2012-05-04 22:01:21 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-05-04 22:01:21 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-05-04 21:46:41 -------- d-sh--w- C:\$RECYCLE.BIN
2012-05-04 21:46:39 -------- d-----w- c:\users\jussi\appdata\local\temp
2012-05-04 21:27:37 98816 ----a-w- c:\windows\sed.exe
2012-05-04 21:27:37 518144 ----a-w- c:\windows\SWREG.exe
2012-05-04 21:27:37 256000 ----a-w- c:\windows\PEV.exe
2012-05-04 21:27:37 208896 ----a-w- c:\windows\MBR.exe
2012-05-04 21:27:29 -------- d-----w- C:\ComboFix
2012-05-04 18:02:17 -------- d-----w- C:\_OTL
2012-05-03 01:12:56 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-05-03 01:12:56 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-05-01 22:42:46 -------- d-----w- c:\users\jussi\appdata\local\SniperV2 Demo
2012-04-29 18:26:49 -------- d-----w- C:\getnzb-segment
2012-04-29 05:20:03 -------- d-----w- c:\program files\Eschalon Book II
2012-04-27 13:39:32 -------- d-----w- c:\users\jussi\appdata\local\GetNZB
2012-04-27 13:39:30 -------- d-----w- c:\program files\GetNZB
2012-04-26 07:02:45 -------- d-----w- c:\program files\Mozilla Maintenance Service
2012-04-26 07:02:39 157352 ----a-w- c:\program files\mozilla firefox\maintenanceservice_installer.exe
2012-04-26 07:02:39 129976 ----a-w- c:\program files\mozilla firefox\maintenanceservice.exe
2012-04-26 00:01:34 -------- d-----w- c:\users\jussi\appdata\local\BladesOfTimeDemo
2012-04-25 20:31:02 398416 ------w- c:\windows\system\VBRUN300.DLL
2012-04-25 20:31:02 27136 ------w- c:\windows\system\WAVMIX16.DLL
2012-04-24 20:43:42 -------- d-----w- c:\users\jussi\appdata\roaming\crawl
2012-04-24 20:05:55 -------- d-----w- c:\program files\Crawl
2012-04-24 02:23:35 -------- d-----w- c:\program files\AVWW
2012-04-24 01:45:03 -------- d-sh--w- c:\programdata\SecuROM
2012-04-23 17:38:30 -------- d-----w- c:\users\jussi\appdata\local\amd
2012-04-23 17:38:23 161280 ----a-w- c:\windows\system32\fmod.dll
2012-04-23 17:38:00 40960 ----a-w- c:\windows\system32\akprogressbar.ocx
2012-04-23 17:38:00 220672 ----a-w- c:\windows\system32\vbskfr2.ocx
2012-04-23 17:38:00 1227264 ----a-w- c:\windows\system32\dx8vb.dll
2012-04-22 21:19:37 -------- d-----w- c:\program files\Driftmoon
2012-04-20 14:51:41 -------- d-----w- c:\programdata\Battle.net
2012-04-17 18:06:23 -------- d-----w- c:\users\jussi\appdata\local\Insanely Twisted Shadow Planet
2012-04-15 12:47:07 -------- d-----w- c:\users\jussi\T-Engine
2012-04-14 13:36:39 -------- d-----w- c:\users\jussi\appdata\local\Driftmoon
2012-04-11 09:27:54 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-04-11 09:27:54 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-04-11 09:19:30 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
2012-04-10 05:40:31 -------- d-----w- c:\program files\A.I.M 2
2012-04-10 04:31:29 -------- d-----w- c:\program files\1C Company
2012-04-09 13:21:40 -------- d-----w- c:\program files\Pathologic
2012-04-09 12:07:25 -------- d-----w- c:\program files\Project Black Sun
2012-04-08 05:06:39 -------- d-----w- c:\users\jussi\appdata\local\EA Games
2012-04-08 05:06:09 -------- d-----w- c:\programdata\Solidshield
2012-04-08 03:37:35 -------- d-----w- c:\users\jussi\appdata\roaming\Worthless Bums
2012-04-08 02:59:55 -------- d-----w- c:\users\jussi\appdata\roaming\3DeadZed
2012-04-08 02:59:17 -------- d-----w- c:\program files\Gentleman Squid
2012-04-06 19:36:05 -------- d-----w- c:\users\jussi\appdata\local\Demiurge Studios
2012-04-06 01:56:15 30412800 ----a-w- c:\users\jussi\PhysX-9.12.0213-SystemSoftware.msi
2012-04-05 21:34:36 -------- d-----w- c:\users\jussi\appdata\local\Targem
2012-04-05 21:33:37 -------- d-----w- c:\windows\system32\AGEIA
2012-04-05 21:08:56 -------- d-----w- c:\program files\DevilWhiskey
.
==================== Find3M ====================
.
2012-03-29 09:46:05 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2012-03-07 15:43:41 319456 ----a-w- c:\windows\DIFxAPI.dll
2012-03-01 16:26:33 84810526 ----a-w- c:\users\jussi\doomrl-0996.exe
2012-02-29 23:59:00 881984 ----a-w- c:\windows\system32\nvgenco32.dll
2012-02-29 23:59:00 7713088 ----a-w- c:\windows\system32\nvwgf2um.dll
2012-02-29 23:59:00 61248 ----a-w- c:\windows\system32\OpenCL.dll
2012-02-29 23:59:00 5892928 ----a-w- c:\windows\system32\nvcuda.dll
2012-02-29 23:59:00 2517312 ----a-w- c:\windows\system32\nvcuvid.dll
2012-02-29 23:59:00 2437440 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-02-29 23:59:00 2301248 ----a-w- c:\windows\system32\nvapi.dll
2012-02-29 23:59:00 19444544 ----a-w- c:\windows\system32\nvoglv32.dll
2012-02-29 23:59:00 17543488 ----a-w- c:\windows\system32\nvcompiler.dll
2012-02-29 23:59:00 15009600 ----a-w- c:\windows\system32\nvd3dum.dll
2012-02-29 23:59:00 10819392 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2012-02-29 23:59:00 1000256 ----a-w- c:\windows\system32\nvdispco32.dll
2012-02-29 22:58:32 1188400 ----a-w- c:\users\jussi\OnLive_Setup.exe
2012-02-29 20:56:41 3881792 ----a-w- c:\windows\system32\nvcpl.dll
2012-02-29 20:55:16 2719040 ----a-w- c:\windows\system32\nvsvc.dll
2012-02-29 20:53:47 108352 ----a-w- c:\windows\system32\nvmctray.dll
2012-02-29 20:53:46 645440 ----a-w- c:\windows\system32\nvvsvc.exe
2012-02-29 20:53:46 62272 ----a-w- c:\windows\system32\nvshext.dll
2012-02-29 20:53:45 2561344 ----a-w- c:\windows\system32\nvsvcr.dll
2012-02-29 15:11:45 5120 ----a-w- c:\windows\system32\wmi.dll
2012-02-29 15:11:42 172032 ----a-w- c:\windows\system32\wintrust.dll
2012-02-29 15:09:53 157696 ----a-w- c:\windows\system32\imagehlp.dll
2012-02-29 13:32:37 12800 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-02-29 11:26:56 416064 ----a-w- c:\windows\system32\nvStreaming.exe
2012-02-28 01:18:55 1799168 ----a-w- c:\windows\system32\jscript9.dll
2012-02-28 01:11:21 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2012-02-28 01:11:07 1127424 ----a-w- c:\windows\system32\wininet.dll
2012-02-28 01:03:16 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-02-27 23:01:15 3968384 ----a-w- c:\users\jussi\avg_free_stb_all_2012_1913_cnet.exe
2012-02-25 20:41:23 10625632 ----a-w- c:\users\jussi\Opera_1161_int_Setup.exe
2012-02-21 03:13:24 499712 ----a-w- c:\windows\system32\msvcp71.dll
2012-02-20 20:17:24 8961024 ----a-w- c:\users\jussi\Pitman.exe
2012-02-17 16:58:16 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-02-14 17:20:35 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2012-02-14 17:20:35 109144 ----a-w- c:\windows\system32\OpenAL32.dll
2012-02-14 17:05:50 12288 ----a-w- c:\windows\system32\drivers\MassDfu.sys
2012-02-14 15:45:30 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2012-02-14 15:45:30 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2012-02-13 14:12:08 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2012-02-13 13:47:57 683008 ----a-w- c:\windows\system32\d2d1.dll
2012-02-13 13:44:40 1068544 ----a-w- c:\windows\system32\DWrite.dll
2012-02-12 07:06:52 78554624 ----a-w- c:\users\jussi\Fractal Installer.msi
.
============= FINISH: 4:26:51,60 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 23.1.2009 15:46:57
System Uptime: 5.5.2012 1:34:27 (3 hours ago)
.
Motherboard: Packard Bell BV | | PBGL00
Processor: AMD Phenom™ 9500 Quad-Core Processor | AM2 | 2200/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 584 GiB total, 274,962 GiB free.
D: is FIXED (NTFS) - 596 GiB total, 199,145 GiB free.
I: is CDROM (UDF)
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
1000 Amps
Adobe AIR
Adobe Flash Player 11 Plugin
Adobe Reader 8
Adobe Reader X (10.1.3) - Suomi
Adobe Shockwave Player 11.5
AGEIA GAME System Software
Alien Zombie Megadeath
Apple Application Support
Assassin's Creed Brotherhood
ATI Catalyst Install Manager
Avernum: Escape From the Pit
AVG 2012
Battle Academy
Battle Isle Platinum
Blur
Bonjour
Botanicula
Bulletstorm
Chessmaster 9000
Chromentum 2 (remove only)
Climb to the Top of the Castle!
Crazy Machines Elements
Creative Audio Control Panel
Creative Software AutoUpdate
Creative System Information
Creative USB Headsets
Dead Space 2
Defender's Quest
Diamond Dan
Din's Curse 1.022
Divine Divinity
DoomRL version 0.9.9.6
Dragon Age: Origins
Droid Assault (remove only)
Dual-Core Optimizer
Dungeon Crawl Stone Soup
Dungeon Siege III
Dungeons of Dredmor
Dustforce
EA Shared Game Component: Activation
eReg
Eschalon Book 1 v1.06
Eschalon Book 2 1.05
ESET Online Scanner v3
Fallout
Fallout 2
Fallout Tactics
ffdshow v1.1.3800 [2011-03-28]
FlatOut
Fractal
Gemini Rue
Geneforge 4
GetNZB version 0.613
Grotesque Tactics 2 - Dungeons and Donuts
Hack, Slash, Loot
Hard Reset
Hauppauge MCE XP/Vista Software Encoder (2.0.26057)
HDRegFI
Hitogata Happa
Host OpenAL
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Icewind Dale II
Inferno+ version 1.0
Infocentre Rev. 2.0
Insanely Twisted Shadow Planet
IrfanView (remove only)
Java Auto Updater
Java™ 6 Update 31
Legend of Grimrock
Logitech SetPoint 6.32
Luxor Evolved
MacGuffin's Curse
Malwarebytes Anti-Malware versio 1.61.0.1400
Mass Effect
Mass Effect 2
Mass Effect™ 3
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 3.5 Language Pack SP1 - fin
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1:n kielitukipaketti - FI
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile FIN Language Pack
Microsoft .NET Framework 4 Client Profilen suomen kielipaketti
Microsoft .NET Framework 4 Extended
Microsoft .NET Framework 4 Extended FIN Language Pack
Microsoft .NET Framework 4 Extendedin suomen kielipaketti
Microsoft Application Error Reporting
Microsoft Fix it Center
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft IntelliPoint 8.0
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft XNA Framework Redistributable 3.0
Microsoft XNA Framework Redistributable 3.1
Microsoft XNA Framework Redistributable 4.0
Might & Magic ® Heroes ® VI
Mozilla Firefox 12.0 (x86 fi)
Mozilla Maintenance Service
MSVC80_x86_v2
MSVC90_x86
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MyFreeCodec
Nero 8 Essentials
neroxml
Nethergate
No Time to Explain version 2.0
Norton Internet Security
NVIDIA-ohjauspaneeli 296.10
NVIDIA-päivitykset 1.7.11
NVIDIA 3D Vision -ohjain 296.10
NVIDIA Display Control Panel
NVIDIA Grafiikkaohjain 296.10
NVIDIA Install Application
NVIDIA PhysX
NVIDIA Stereoscopic 3D Driver
NVIDIA Update Components
Offspring Fling!
OpenAL
OpenDNS Updater 2.2.1
OpenOffice.org 3.0
Opera 11.61
Orcs Must Die!
Origin
Packard Bell ImageWriter
Packard Bell LCD Test
Packard Bell Updator
Painkiller: Black Edition
Panzer Corps
Peepers 1.0
PixelJunk Eden
Planescape Torment
Project Black Sun version 1.0.2
PunkBuster Services
QuickTime
Rapture3D 2.4.11 Game
Rayman Origins
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
Realtek HD Audio V6.0.1.5618
RealUpgrade 1.1
Relentless Software Prerequisites
Renegade Ops
Rochard
Rockstar Games Social Club
S.T.A.L.K.E.R.: Shadow of Chernobyl
SAMSUNG USB Driver for Mobile Phones
SeaTools for Windows
Section 8: Prejudice
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profilen suomen kielipaketti (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profilen suomen kielipaketti (KB2518870)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Serious Sam HD: The First Encounter
SetUp My PC
Shoot Many Robots
Sid Meier's Civilization 4
Sideway
Sniper Elite
Sonic and SEGA All Stars Racing
Sonic Generations
SpywareBlaster 4.6
Super Crossfire version 1.0
SUPERAntiSpyware
TangleBee 1.0.2
Temple of Elemental Evil
The Elder Scrolls V: Skyrim
The Walking Dead
Three Dead Zed (ver 1.4)
Tomb Raider: Anniversary
Trine 2
TVTUNER
Ubisoft Game Launcher
UE3Redist
Ultratron (remove only)
Unity of Command
Unity Web Player
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Warhammer 40,000 Space Marine
WARP
Waveform
Waves
VCRedistSetup
Ventrilo Client
Vessel
Video ATI V8.473.0.0
Video NVIDIA v174.74
Windows Live ID Sign-in Assistant
Windows Media Player Firefox Plugin
WinZip 15.0
WinZip System Utilities Suite
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
VLC media player 1.1.11
World of Warcraft
Vuze
X10 Hardware™
Ys: The Oath in Felghana
Z Engine
.
==== End Of File ===========================

#8
RKinner

Posted 04 May 2012 - 08:05 PM

Malware Expert

Expert
24,625 posts

Either DDS can't read the events either or there are no events to report. You can check manually and see if there are any events with a red or yellow mark to them:

Right click on (My) Computer and select Manage (Continue) Then the Event Viewer. Next select Windows Logs. Click on System and then look in the right pane. It will take a while for it to populate. If you click once on the Level column header it will sort them with the worst events at the top. Even you see one with a red or yellow mark then Copy, Copy Details as text, move to a reply and Ctrl + v to paste them in. Repeat for Application.

If there are none then you can cleanup:

We need to cleanup System Restore:

Copy the following:


:Commands
[CLEARALLRESTOREPOINTS]
[Reboot]

Right click on OTL and Run As Administrator. In the Custom Scans/Fixes box at the bottom, paste in the copied text (Ctrl + v) and then hit Run Fix.

That will get the last of the malware off the system.

You can uninstall or delete any tools we had you download and their logs.
To uninstall combofix, copy the next line:

"%userprofile%\Desktop\combofix.exe" /Uninstall

Start, All Programs, Accessories then right click on Command Prompt and Run As Administrator.
then right click, Paste, then hit Enter.

OTL has a cleanup tab if you go there it will remove itself and its logs.

To hide hidden files again (OTL may do it for you):

Vista or Win7

# Open the Control Panel menu and click Folder Options.
# After the new window appears select the View tab.
# Remove the check in the checkbox labeled Display the contents of system folders.
# Under the Hidden files and folders section select the radio button labeled Do not Show hidden files and folders.
# Check the checkbox labeled Hide protected operating system files.
# Press the Apply button and then the OK button and exit My Computer.

Also make sure you have the latest versions of any adobe.com products you use like Shockwave, Flash or Acrobat.

Whether you use adobe reader, acrobat or fox-it to read pdf files you need to disable Javascript in the program. There is an exploit out there now that can use it to get on your PC. For Adobe Reader: Start, All Programs, Adobe Reader, Edit, Preferences, Click on Javascript in the left column and uncheck Enable Acrobat Javascript. OK Close program. It's the same for Foxit reader except you uncheck Enable Javascript Actions.

To help keep your programs up-to-date you should download and run the UpdateChecker:
http://www.filehippo.../updatechecker/
(You don't need to download Betas and if there is a program you don't use you can just uninstall it rather than update it. Exception is MSN messenger which appears to be part of Windows.)
If you get a blocked program notice after installing updatechecker then change it to not run at start then manually run it once a week.
Seems to work best if Firefox is the default browser. You can also try Secunia PSI http://secunia.com/v...l/download_psi/ Same kind of info. You don't need both.
If you use Firefox then get the AdBlock Plus Add-on. WOT (Web of Trust) is another you might want to try.
The equivalent to AdBlock Plus for IE is called Simple Adblock and you should install it too: http://simple-adblock.com/
The free version only blocks 200 ads a day so another reason to use Firefox or Chrome.

If Firefox is slow loading make sure it only has the current Java add-on. Then download and run Speedy Fox.
http://www.crystalidea.com/speedyfox . You can run it any time that Firefox seems slow.

Be warned: If you use Limewire, utorrent or any of the other P2P programs you will almost certain be coming back to the Malware Removal forum. If you must use P2P then submit any files you get to http://virustotal.com before you open them.

If you have a router, log on to it today and change the default password! If using a Wireless router you really should be using encryption on the link. Use the strongest (newest) encryption method that your router and PC wireless adapter support especially if you own a business. See http://www.king5.com...-120637284.html and http://www.seattlepi...ted-1344185.php for why encryption is important. If you don't know how, visit the router maker's website. They all have detailed step by step instructions or a wizard you can download.

Ron

#9
Ducon

Posted 04 May 2012 - 08:19 PM

Member

Topic Starter
Member
17 posts

Lokinimi: Application
Lähde: Microsoft-Windows-WMI
Päivä: 5.5.2012 1:36:28
Tapahtumatunnus:10
Tehtäväluokka: Ei mitään
Taso: Virhe
Avainsanat: Klassinen
Käyttäjä: -
Tietokone: Jussi-PC
Kuvaus:
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Tapahtuman Xml:
<Event xmlns="http://schemas.micro.../events/event">
<System>
<Provider Name="Microsoft-Windows-WMI" Guid="{1edeee53-0afe-4609-b846-d8c0b2075b1f}" EventSourceName="WinMgmt" />
<EventID Qualifiers="49152">10</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2012-05-04T22:36:28.000Z" />
<EventRecordID>98641</EventRecordID>
<Correlation />
<Execution ProcessID="0" ThreadID="0" />
<Channel>Application</Channel>
<Computer>Jussi-PC</Computer>
<Security />
</System>
<EventData>
<Data>//./root/CIMV2</Data>
<Data>SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99</Data>
<Data>0x80041003</Data>
</EventData>
</Event>

There was something on System it wanted to delete right away and I accidentally clicked ok -.-

#10
RKinner

Posted 04 May 2012 - 08:26 PM

Malware Expert

Expert
24,625 posts

The event you copied is common. Don't know how to fix it. I think it's a software error on Microsoft's part but it doesn't seem to hurt anything. Not sure what you deleted. You can reboot and see if it comes back.