Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Slow internet

Started by Ducon , Nov 20 2012 10:33 AM

Please log in to reply

#1
Ducon

Posted 20 November 2012 - 10:33 AM

Member

Member
17 posts

I have the same issue as described here http://www.geekstogo...espeed=noscript
Also it can freeze for a while when scrolling a web page etc. Didnt try with any other browser than Firefox though. Tried to run TFC but it freezes every time when it tries to check the my profile.

OTL logfile created on: 20.11.2012 17:43:35 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jussi\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040B | Country: Suomi | Language: FIN | Date Format: d.M.yyyy

3,25 Gb Total Physical Memory | 1,03 Gb Available Physical Memory | 31,74% Memory free
6,73 Gb Paging File | 3,32 Gb Available in Paging File | 49,28% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 584,17 Gb Total Space | 152,45 Gb Free Space | 26,10% Space Free | Partition Type: NTFS
Drive D: | 596,17 Gb Total Space | 94,68 Gb Free Space | 15,88% Space Free | Partition Type: NTFS
Drive I: | 7,91 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: JUSSI-PC | User Name: Jussi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.11.20 17:42:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jussi\Desktop\OTL.exe
PRC - [2012.10.27 18:20:35 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012.10.24 13:53:27 | 000,529,744 | ---- | M] (Valve Corporation) -- C:\Program Files\Common Files\Steam\SteamService.exe
PRC - [2012.10.09 17:59:18 | 001,807,800 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
PRC - [2012.10.03 00:20:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012.10.02 21:29:14 | 000,864,616 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2012.10.02 21:28:55 | 001,820,520 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2012.10.02 12:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012.09.29 09:04:15 | 000,296,096 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2012.09.12 17:25:24 | 000,287,824 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\NisSrv.exe
PRC - [2012.09.12 17:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2012.09.12 17:19:44 | 000,947,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2012.09.05 09:25:52 | 000,267,704 | ---- | M] (WinZip Computing, S.L. (WinZip Computing)) -- C:\Program Files\WinZip System Utilities Suite\WINZIPSSDefragSrv.exe
PRC - [2012.08.09 19:09:48 | 001,353,080 | ---- | M] (Valve Corporation) -- D:\Steam\Steam.exe
PRC - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.10.07 11:40:42 | 001,387,288 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPointP\SetPoint.exe
PRC - [2011.09.27 21:05:24 | 000,149,784 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
PRC - [2011.09.23 03:30:04 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
PRC - [2010.01.27 16:14:10 | 000,286,720 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.11 08:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2001.11.12 13:31:48 | 000,020,480 | ---- | M] (X10) -- C:\Program Files\Common Files\X10\Common\X10nets.exe

========== Modules (No Company Name) ==========

MOD - [2012.10.27 18:20:35 | 002,295,264 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012.10.24 13:53:24 | 020,317,008 | ---- | M] () -- D:\Steam\bin\libcef.dll
MOD - [2012.10.24 13:53:24 | 000,214,528 | ---- | M] () -- D:\Steam\bin\mssvoice.asi
MOD - [2012.10.24 13:53:24 | 000,095,744 | ---- | M] () -- D:\Steam\bin\mssmp3.asi
MOD - [2012.10.24 13:53:20 | 000,902,480 | ---- | M] () -- D:\Steam\bin\chromehtml.dll
MOD - [2012.10.24 13:53:18 | 000,123,232 | ---- | M] () -- D:\Steam\bin\avutil-51.dll
MOD - [2012.10.24 13:53:16 | 000,190,816 | ---- | M] () -- D:\Steam\bin\avformat-53.dll
MOD - [2012.10.24 13:53:14 | 001,099,616 | ---- | M] () -- D:\Steam\bin\avcodec-53.dll
MOD - [2012.10.09 17:59:18 | 009,814,968 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_4_402_287.dll
MOD - [2012.05.30 19:06:48 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012.05.30 19:06:30 | 001,242,512 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012.05.25 23:44:40 | 002,903,888 | -HS- | M] () -- \\?\C:\ProgramData\Microsoft\PlayReady\Cache\S-1-5-21-625289935-3182868809-2741512627-1000\MSPRindiv02.key
MOD - [2011.10.07 11:41:16 | 000,879,896 | ---- | M] () -- C:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll

========== Services (SafeList) ==========

SRV - [2012.11.05 01:25:24 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.10.27 18:20:35 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.10.24 13:53:27 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.10.03 00:20:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.10.02 12:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012.09.12 17:25:24 | 000,287,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2012.09.12 17:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012.09.05 09:25:52 | 000,267,704 | ---- | M] (WinZip Computing, S.L. (WinZip Computing)) [Auto | Running] -- C:\Program Files\WinZip System Utilities Suite\WINZIPSSDefragSrv.exe -- (WINZIPSSDiskOptimizer)
SRV - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.07.20 09:11:00 | 000,131,912 | ---- | M] (Desura Pty Ltd) [On_Demand | Stopped] -- C:\Program Files\Common Files\Desura\desura_service.exe -- (Desura Install Service)
SRV - [2012.01.20 15:52:04 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2011.09.27 21:03:28 | 000,295,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2011.09.23 03:30:04 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2011.06.13 21:09:22 | 000,267,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe -- (MatSvc)
SRV - [2010.01.27 16:14:10 | 000,286,720 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2008.02.03 12:00:00 | 000,129,992 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\System32\ezsvc7.dll -- (ezSharedSvc)
SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2001.11.12 13:31:48 | 000,020,480 | ---- | M] (X10) [Auto | Running] -- C:\Program Files\Common Files\X10\Common\X10nets.exe -- (x10nets)

========== Driver Services (SafeList) ==========

DRV - [2012.10.03 00:20:00 | 010,837,352 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2012.08.30 22:03:50 | 000,099,272 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2012.05.21 04:09:00 | 000,181,432 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2012.05.21 04:09:00 | 000,080,824 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2012.02.14 19:05:50 | 000,012,288 | ---- | M] (Philips PTCL) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MassDfu.sys -- (DFU)
DRV - [2011.09.23 03:29:51 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011.09.23 03:29:51 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2011.09.02 08:31:28 | 000,039,192 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2011.09.02 08:31:28 | 000,030,360 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2011.09.02 08:31:20 | 000,041,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2011.01.18 17:16:46 | 000,197,224 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2010.09.22 12:00:10 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2010.09.22 10:36:11 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2010.07.12 10:55:39 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\System32\drivers\Lbd.sys -- (Lbd)
DRV - [2010.06.30 18:01:04 | 000,011,832 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\amdide.sys -- (amdide)
DRV - [2010.06.03 10:33:54 | 001,596,672 | ---- | M] (Hauppauge Computer Works) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HCW85BDA.sys -- (HCW85BDA)
DRV - [2009.07.31 10:39:58 | 000,017,920 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\XENfiltv.sys -- (XENfiltv)
DRV - [2008.08.14 08:48:22 | 000,017,408 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\skfiltv.sys -- (skfiltv)
DRV - [2008.04.28 09:26:42 | 000,014,352 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie)
DRV - [2007.07.23 09:56:58 | 000,042,624 | ---- | M] (Ideazon Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Alpham1.sys -- (Alpham1)
DRV - [2007.06.29 14:47:34 | 000,034,304 | ---- | M] (AMD, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AmdLLD.sys -- (AmdLLD)
DRV - [2007.03.20 11:49:52 | 000,018,432 | ---- | M] (Ideazon Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Alpham2.sys -- (Alpham2)
DRV - [2006.11.17 09:31:04 | 000,013,976 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\x10hid.sys -- (X10Hid)
DRV - [2006.03.29 07:49:26 | 000,009,856 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\pfc.sys -- (pfc)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.pack...media_a6500_ncd
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...ng}&rlz=1I7ACPW

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.eset.com/...online-scanner/
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6454E83C-02FB-4BA5-969E-C1A616DDE186}: "URL" = http://search.yahoo....p={SearchTerms}
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...ng}&rlz=1I7ACPW
IE - HKCU\..\SearchScopes\{D6FC6DE7-6E20-4DD0-96B4-702A3517D535}: "URL" = http://www.google.co...ie7&rlz=1I7ACPW
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.newhorizonwow.com/"
FF - prefs.js..extensions.enabledAddons: [email protected]:2.0.2.039
FF - prefs.js..extensions.enabledAddons: {987311C6-B504-4aa2-90BF-60CC49808D42}:2.2
FF - prefs.js..extensions.enabledAddons: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.11
FF - prefs.js..extensions.enabledAddons: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.4.8.6
FF - prefs.js..extensions.enabledAddons: [email protected]:2.6.1
FF - prefs.js..extensions.enabledAddons: {0153E448-190B-4987-BDE1-F256CADA672F}:15.0.6
FF - prefs.js..extensions.enabledAddons: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.6.1
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll File not found
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@fancyguo.com/FancyGame,version=1.0.0.1: C:\Users\Jussi\AppData\Local\Fancy\npfancygame.dll (Beijing FancyGuo Tech Ltd)
FF - HKCU\Software\MozillaPlugins\@onlive.com/OnLiveGameClientDetector,version=1.0.0: File not found
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Jussi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.11.12 20:08:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.11.12 20:08:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0153E448-190B-4987-BDE1-F256CADA672F}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.11.12 20:08:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.11.13 07:21:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.11.13 07:21:06 | 000,000,000 | ---D | M]

[2009.02.22 18:15:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jussi\AppData\Roaming\mozilla\Extensions
[2012.11.14 17:37:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jussi\AppData\Roaming\mozilla\Firefox\Profiles\w7a81fei.default\extensions
[2011.03.11 20:41:52 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\Jussi\AppData\Roaming\mozilla\Firefox\Profiles\w7a81fei.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}(198)
[2012.10.03 15:37:55 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Jussi\AppData\Roaming\mozilla\Firefox\Profiles\w7a81fei.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2012.11.02 00:12:35 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Jussi\AppData\Roaming\mozilla\Firefox\Profiles\w7a81fei.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011.03.12 19:02:53 | 000,000,000 | ---D | M] (Element Hiding Helper for Adblock Plus) -- C:\Users\Jussi\AppData\Roaming\mozilla\Firefox\Profiles\w7a81fei.default\extensions\elemhidehelper@adblockplus(197).org
[2012.05.18 23:48:18 | 000,000,000 | ---D | M] (United States English Spellchecker) -- C:\Users\Jussi\AppData\Roaming\mozilla\Firefox\Profiles\w7a81fei.default\extensions\[email protected]
[2012.05.12 11:59:50 | 000,550,833 | ---- | M] () (No name found) -- C:\Users\Jussi\AppData\Roaming\mozilla\firefox\profiles\w7a81fei.default\extensions\[email protected]
[2012.11.12 20:10:59 | 000,090,868 | ---- | M] () (No name found) -- C:\Users\Jussi\AppData\Roaming\mozilla\firefox\profiles\w7a81fei.default\extensions\[email protected]
[2012.11.09 18:05:28 | 000,342,379 | ---- | M] () (No name found) -- C:\Users\Jussi\AppData\Roaming\mozilla\firefox\profiles\w7a81fei.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
[2012.11.14 17:37:23 | 000,530,679 | ---- | M] () (No name found) -- C:\Users\Jussi\AppData\Roaming\mozilla\firefox\profiles\w7a81fei.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2011.06.24 21:37:33 | 000,022,573 | ---- | M] () (No name found) -- C:\Users\Jussi\AppData\Roaming\mozilla\firefox\profiles\w7a81fei.default\extensions\{987311C6-B504-4aa2-90BF-60CC49808D42}.xpi
[2012.07.24 23:49:28 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\Jussi\AppData\Roaming\mozilla\firefox\profiles\w7a81fei.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.01.21 19:33:48 | 000,138,614 | ---- | M] () (No name found) -- C:\Users\Jussi\AppData\Roaming\mozilla\firefox\profiles\w7a81fei.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
[2012.10.27 18:20:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.11.12 20:08:46 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
[2012.10.27 18:20:36 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2009.03.31 21:47:26 | 000,324,976 | ---- | M] (Symantec Corporation) -- C:\Program Files\mozilla firefox\components\coFFPlgn.dll
[2012.09.29 09:04:40 | 000,129,176 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll
[2012.10.13 04:27:05 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.10.13 04:27:05 | 000,002,062 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bookplus-fi.xml
[2011.03.05 08:38:32 | 000,001,069 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons-fi.xml
[2012.10.13 04:27:05 | 000,000,972 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-fi.xml
[2011.03.05 08:38:32 | 000,002,677 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\huuto-fi.xml
[2010.08.09 09:04:46 | 000,002,036 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2012.10.13 04:27:05 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fi.xml
[2012.10.13 04:27:05 | 000,001,100 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-fi.xml

O1 HOSTS File: ([2012.05.04 23:43:57 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll File not found
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ROC_ROC_NT] "C:\Program Files\AVG Secure Search\ROC_ROC_NT.exe" / /PROMPT /CMPID=ROC_NT File not found
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [VolPanel] C:\Program Files\Creative\USB Headsets\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKCU..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload File not found
O4 - HKCU..\Run: [QuikIO] "C:\Program Files\QuikIO\QuikIO.exe" File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.9.2)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creat...13/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2)
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} http://ccfiles.creat...015/CTSUEng.cab (Creative Software AutoUpdate 2)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creat...10926/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{57D29552-3B29-4A65-8D61-D4E458B114ED}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{57D29552-3B29-4A65-8D61-D4E458B114ED}: NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img31.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img31.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (sasnative32)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012.11.20 17:42:25 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Jussi\Desktop\OTL.exe
[2012.11.17 15:11:57 | 000,000,000 | ---D | C] -- C:\Users\Jussi\AppData\Roaming\QuikIO
[2012.11.14 17:03:15 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.11.05 01:27:37 | 000,000,000 | ---D | C] -- C:\Users\Jussi\Documents\Puzzle Kingdoms
[2012.11.03 12:18:25 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012.11.03 11:55:55 | 011,102,184 | ---- | C] (Microsoft Corporation) -- C:\Users\Jussi\mseinstall.exe
[2012.11.02 07:17:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spectromancer
[2012.10.27 18:20:25 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012.10.23 17:31:15 | 000,000,000 | ---D | C] -- C:\Users\Jussi\Documents\Giana Sisters - Twisted Dreams
[2012.10.10 21:58:03 | 178,247,176 | ---- | C] (NVIDIA Corporation) -- C:\Users\Jussi\306.97-desktop-win8-win7-winvista-32bit-international-whql.exe
[2012.09.13 22:32:32 | 177,998,496 | ---- | C] (NVIDIA Corporation) -- C:\Users\Jussi\306.23-desktop-win8-win7-winvista-32bit-international-whql.exe
[2012.09.07 14:59:32 | 045,859,364 | ---- | C] (Caravel Games ) -- C:\Users\Jussi\DRODGatEBDemoSetup.exe
[2012.08.26 15:08:27 | 007,207,866 | ---- | C] (FreeDownloadManager.ORG ) -- C:\Users\Jussi\fdminst.exe
[2012.08.25 06:50:09 | 174,454,480 | ---- | C] (NVIDIA Corporation) -- C:\Users\Jussi\304.79-desktop-win8-win7-winvista-32bit-international-beta.exe
[2012.08.23 22:24:57 | 093,554,411 | ---- | C] (Big Robot ) -- C:\Users\Jussi\Avseq-PC-Demo-Installer.exe
[2012.08.13 14:59:40 | 697,745,063 | ---- | C] (The Game Bakers ) -- C:\Users\Jussi\Squids.3.exe
[2012.08.01 19:50:43 | 258,227,208 | ---- | C] (Misfits Attic) -- C:\Users\Jussi\avirusnamedtom-windows-1_0_49-1343772960.exe
[2012.07.13 21:05:17 | 002,873,423 | ---- | C] (GOG.com ) -- C:\Users\Jussi\setup_chronicles_of_riddick_1.0.0.8.exe
[2012.07.10 06:50:56 | 051,144,230 | ---- | C] (1C Company. ) -- C:\Users\Jussi\Crossworlds_1.0.0.1.exe
[2012.06.28 16:53:59 | 282,924,627 | ---- | C] (Wadjet Eye Games ) -- C:\Users\Jussi\ResonanceDemo.exe
[2012.06.25 00:20:14 | 139,078,965 | ---- | C] (Bit Barons GmbH ) -- C:\Users\Jussi\Astroslugs_101_BB_WIN_DEMO.exe
[2012.06.22 00:29:40 | 176,458,670 | ---- | C] (Ilikescifi Games ) -- C:\Users\Jussi\Pitiri_1977.exe
[2012.06.20 02:26:52 | 128,986,720 | ---- | C] (12 Angry Devs ) -- C:\Users\Jussi\OfLightAndShadow.exe
[2012.06.17 12:32:39 | 077,251,480 | ---- | C] (Apple Inc.) -- C:\Users\Jussi\iTunesSetup.exe
[2012.06.12 22:26:17 | 006,677,264 | ---- | C] (Adobe Systems Inc.) -- C:\Users\Jussi\Shockwave_Installer_Slim.exe
[2012.06.12 22:16:23 | 000,893,936 | ---- | C] (Oracle Corporation) -- C:\Users\Jussi\jre-7u5-windows-i586-iftw.exe
[2012.06.05 18:12:11 | 018,002,040 | ---- | C] (Dropbox, Inc.) -- C:\Users\Jussi\Dropbox 1.4.7.exe
[2012.06.03 22:59:43 | 004,518,496 | ---- | C] (www.orbitdownloader.com ) -- C:\Users\Jussi\orbitdownloader.exe
[2012.06.01 23:39:08 | 094,154,804 | ---- | C] (Wadjet Eye Games ) -- C:\Users\Jussi\Shivah_setup.exe
[2012.06.01 23:38:59 | 176,238,278 | ---- | C] (Jonas Kyratzes ) -- C:\Users\Jussi\TSWCE_upd.exe
[2012.05.29 19:27:32 | 053,944,298 | ---- | C] (Psydra Games LLC ) -- C:\Users\Jussi\DarkScavenger-Setup.exe
[2012.05.27 18:16:17 | 000,448,512 | ---- | C] (OldTimer Tools) -- C:\Users\Jussi\TFC.exe
[2012.05.23 01:22:14 | 168,052,128 | ---- | C] (NVIDIA Corporation) -- C:\Users\Jussi\301.42-desktop-win7-winvista-32bit-international-whql.exe
[2012.03.01 18:25:35 | 084,810,526 | ---- | C] (ChaosForge ) -- C:\Users\Jussi\doomrl-0996.exe
[2012.03.01 00:58:32 | 001,188,400 | ---- | C] (OnLive) -- C:\Users\Jussi\OnLive_Setup.exe
[2012.02.28 01:01:07 | 003,968,384 | ---- | C] (AVG Technologies) -- C:\Users\Jussi\avg_free_stb_all_2012_1913_cnet.exe
[2012.02.25 22:41:14 | 010,625,632 | ---- | C] (Opera Software ASA) -- C:\Users\Jussi\Opera_1161_int_Setup.exe
[2011.12.01 00:03:25 | 001,940,992 | ---- | C] (Valve Corporation) -- C:\Users\Jussi\Steam Fix - Installer Errors.exe
[2011.08.19 16:20:47 | 000,909,600 | ---- | C] (Sun Microsystems, Inc.) -- C:\Users\Jussi\jre-6u26-windows-i586-iftw.exe
[2011.08.09 14:15:08 | 000,587,632 | ---- | C] (Unity Technologies ApS) -- C:\Users\Jussi\UnityWebPlayer.exe
[2011.07.11 01:22:07 | 000,204,168 | ---- | C] (Microsoft Corporation) -- C:\Users\Jussi\directx_9c_eulas.exe
[2011.06.26 06:30:28 | 012,989,728 | ---- | C] (Adobe Systems Inc.) -- C:\Users\Jussi\AdobeAIRInstaller.exe
[2011.05.25 08:19:31 | 003,194,296 | ---- | C] (Javacool Software LLC ) -- C:\Users\Jussi\spywareblastersetup44.exe
[2011.04.26 17:09:17 | 515,324,790 | ---- | C] (Acresso Software Inc. ) -- C:\Users\Jussi\BattleSlots_DDL.exe
[2011.04.02 01:40:27 | 385,858,752 | ---- | C] (Telltale Games) -- C:\Users\Jussi\bttf_101_setup.exe
[2011.03.22 09:47:54 | 042,669,043 | ---- | C] (Soldak Entertainment, Inc. ) -- C:\Users\Jussi\DCDemonWar1022.exe
[2011.03.22 09:47:24 | 154,496,930 | ---- | C] (Soldak Entertainment, Inc. ) -- C:\Users\Jussi\DinsCurse1022.exe
[2010.11.09 23:58:52 | 100,273,008 | ---- | C] (Microsoft Corporation) -- C:\Users\Jussi\directx_Jun2010_redist.exe
[2010.11.05 12:43:14 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Users\Jussi\dxwebsetup.exe
[2010.10.30 07:49:50 | 298,064,035 | ---- | C] (Basilisk Games ) -- C:\Users\Jussi\eb2_setup.exe
[2010.10.22 10:26:14 | 000,101,832 | ---- | C] (SUPERAntiSpyware.com) -- C:\Users\Jussi\SASUNINST.EXE
[2010.10.16 15:57:46 | 042,153,457 | ---- | C] (Youdagames) -- C:\Users\Jussi\GovernorOfPoker_Download.exe
[2010.10.13 00:17:01 | 000,471,432 | ---- | C] (SpeedyFox) -- C:\Users\Jussi\speedyfox.exe
[2010.10.10 03:26:53 | 002,476,317 | ---- | C] (SmartMelon Games ) -- C:\Users\Jussi\PeepersInstaller10.exe
[2010.10.09 16:27:00 | 007,522,055 | ---- | C] (SmartMelon Games ) -- C:\Users\Jussi\TangleBeeInstaller102.exe
[2010.10.04 20:12:28 | 463,772,608 | ---- | C] (Telltale Games) -- C:\Users\Jussi\SamMax302_PC_Setup.exe
[2010.09.24 14:58:21 | 014,709,624 | ---- | C] (Microsoft Corporation) -- C:\Users\Jussi\IPx86_1033_8.0.225.0.exe
[2010.08.15 22:46:01 | 038,958,968 | ---- | C] (Apple Inc.) -- C:\Users\Jussi\QuickTimeInstaller.exe
[2010.02.28 17:57:05 | 016,409,960 | ---- | C] (Safer Networking Limited ) -- C:\Users\Jussi\spybotsd162.exe
[2009.11.16 23:54:58 | 008,241,600 | ---- | C] (Vuze Inc.) -- C:\Users\Jussi\Vuze_Installer.exe

========== Files - Modified Within 30 Days ==========

[2012.11.20 17:59:29 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.11.20 17:42:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jussi\Desktop\OTL.exe
[2012.11.20 17:21:26 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.11.20 17:21:26 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.11.18 11:55:12 | 000,139,776 | ---- | M] () -- C:\Users\Jussi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.11.18 11:34:52 | 000,001,024 | ---- | M] () -- C:\.rnd
[2012.11.17 15:08:15 | 011,932,824 | ---- | M] () -- C:\Users\Jussi\QuikIO_1.0.2_win_installer.exe
[2012.11.17 14:27:51 | 000,000,739 | ---- | M] () -- C:\Users\Jussi\Desktop\GetNZB.lnk
[2012.11.17 14:27:11 | 005,900,488 | ---- | M] ( ) -- C:\Users\Jussi\install-getnzb.exe
[2012.11.15 13:20:20 | 000,000,486 | ---- | M] () -- C:\Windows\tasks\WINZIPSS-WINZIPSSAutoCheckUpdate7Days.job
[2012.11.14 17:20:04 | 000,258,952 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.11.14 17:19:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.11.14 17:10:35 | 000,641,362 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.11.14 17:10:35 | 000,491,218 | ---- | M] () -- C:\Windows\System32\perfh00B.dat
[2012.11.14 17:10:35 | 000,123,142 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.11.14 17:10:35 | 000,107,648 | ---- | M] () -- C:\Windows\System32\perfc00B.dat
[2012.11.12 20:18:38 | 000,000,178 | ---- | M] () -- C:\Users\Jussi\Desktop\Thomas Was Alone.url
[2012.11.06 17:47:49 | 000,000,202 | ---- | M] () -- C:\Users\Jussi\Desktop\XCOM Enemy Unknown.url
[2012.11.03 15:42:31 | 000,448,512 | ---- | M] (OldTimer Tools) -- C:\Users\Jussi\TFC.exe
[2012.11.03 12:19:09 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012.11.02 07:16:15 | 029,742,776 | ---- | M] () -- C:\Users\Jussi\smsetup13a.exe
[2012.11.01 22:06:52 | 000,000,175 | ---- | M] () -- C:\Users\Jussi\Desktop\Hotline Miami.url
[2012.11.01 21:45:49 | 000,000,202 | ---- | M] () -- C:\Users\Jussi\Desktop\Cargo Commander.url
[2012.11.01 14:31:22 | 000,002,066 | ---- | M] () -- C:\Users\Jussi\Application Data\Microsoft\Internet Explorer\Quick Launch\WinZip System Utilities Suite.lnk
[2012.11.01 14:31:22 | 000,002,042 | ---- | M] () -- C:\Users\Public\Desktop\WinZip System Utilities Suite.lnk
[2012.10.30 16:12:35 | 000,000,202 | ---- | M] () -- C:\Users\Jussi\Desktop\[bleep] Yeah!.url
[2012.10.23 16:56:56 | 000,000,202 | ---- | M] () -- C:\Users\Jussi\Desktop\Giana Sisters Twisted Dreams.url
[2012.10.21 23:43:09 | 000,000,202 | ---- | M] () -- C:\Users\Jussi\Desktop\Mark of the Ninja.url

========== Files Created - No Company Name ==========

[2012.11.17 15:12:07 | 000,001,024 | ---- | C] () -- C:\.rnd
[2012.11.17 15:08:08 | 011,932,824 | ---- | C] () -- C:\Users\Jussi\QuikIO_1.0.2_win_installer.exe
[2012.11.17 14:27:51 | 000,000,739 | ---- | C] () -- C:\Users\Jussi\Desktop\GetNZB.lnk
[2012.11.12 20:18:38 | 000,000,178 | ---- | C] () -- C:\Users\Jussi\Desktop\Thomas Was Alone.url
[2012.11.06 17:47:49 | 000,000,202 | ---- | C] () -- C:\Users\Jussi\Desktop\XCOM Enemy Unknown.url
[2012.11.03 12:19:02 | 000,001,789 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012.11.02 07:15:53 | 029,742,776 | ---- | C] () -- C:\Users\Jussi\smsetup13a.exe
[2012.11.01 22:06:52 | 000,000,175 | ---- | C] () -- C:\Users\Jussi\Desktop\Hotline Miami.url
[2012.11.01 21:45:49 | 000,000,202 | ---- | C] () -- C:\Users\Jussi\Desktop\Cargo Commander.url
[2012.10.30 16:12:35 | 000,000,202 | ---- | C] () -- C:\Users\Jussi\Desktop\[bleep] Yeah!.url
[2012.10.23 16:56:56 | 000,000,202 | ---- | C] () -- C:\Users\Jussi\Desktop\Giana Sisters Twisted Dreams.url
[2012.10.21 23:43:09 | 000,000,202 | ---- | C] () -- C:\Users\Jussi\Desktop\Mark of the Ninja.url
[2012.10.15 22:00:10 | 000,290,825 | ---- | C] () -- C:\Users\Jussi\Download War of the Human Tanks.exe
[2012.09.15 16:02:19 | 006,725,632 | ---- | C] () -- C:\Users\Jussi\PathOfExileInstaller.msi
[2012.09.10 19:07:50 | 000,290,825 | ---- | C] () -- C:\Users\Jussi\Download Tiny and Big- Grandpa's Leftovers.exe
[2012.09.10 19:06:55 | 000,290,825 | ---- | C] () -- C:\Users\Jussi\Download Girl with a Heart of.exe
[2012.09.10 19:06:31 | 000,290,825 | ---- | C] () -- C:\Users\Jussi\Download Blue Libra.exe
[2012.09.08 12:16:45 | 000,027,520 | ---- | C] () -- C:\Users\Jussi\AppData\Local\dt.dat
[2012.08.09 16:14:08 | 110,333,502 | ---- | C] () -- C:\Users\Jussi\ROCKMAN - INSTALL.exe
[2012.08.02 15:16:24 | 079,554,734 | ---- | C] () -- C:\Users\Jussi\UTO_Alpha1.zip
[2012.08.01 19:49:46 | 031,571,529 | ---- | C] () -- C:\Users\Jussi\avirusnamedtom-soundtrack-1343772960.zip
[2012.07.31 12:09:42 | 000,009,147 | ---- | C] () -- C:\Users\Jussi\receipt.asp.htm
[2012.07.20 09:08:06 | 001,252,424 | ---- | C] () -- C:\Users\Jussi\DesuraInstaller.exe
[2012.07.13 21:06:29 | 1337,519,253 | ---- | C] () -- C:\Users\Jussi\setup_chronicles_of_riddick_1.0.0.8-4.bin
[2012.07.13 21:06:22 | 2100,000,000 | ---- | C] () -- C:\Users\Jussi\setup_chronicles_of_riddick_1.0.0.8-3.bin
[2012.07.13 21:06:15 | 2100,000,000 | ---- | C] () -- C:\Users\Jussi\setup_chronicles_of_riddick_1.0.0.8-2.bin
[2012.07.13 21:06:00 | 2097,126,656 | ---- | C] () -- C:\Users\Jussi\setup_chronicles_of_riddick_1.0.0.8-1.bin
[2012.07.10 09:53:24 | 178,649,868 | ---- | C] () -- C:\Users\Jussi\AURAL01-Mark_Morgan_-_Vault_Archives.zip
[2012.07.10 06:02:02 | 000,290,825 | ---- | C] () -- C:\Users\Jussi\Download King's Bounty- Armored Princess.exe
[2012.07.10 05:43:38 | 000,290,825 | ---- | C] () -- C:\Users\Jussi\Download King's Bounty Crossworlds.exe
[2012.07.09 01:18:56 | 010,012,564 | ---- | C] () -- C:\Users\Jussi\spelunky_1_1.zip
[2012.07.08 00:28:52 | 314,883,631 | ---- | C] () -- C:\Users\Jussi\wesnoth-1.10.3-win32.exe
[2012.07.05 20:28:17 | 000,021,494 | ---- | C] () -- C:\Users\Jussi\0x0409.ini
[2012.07.05 20:28:17 | 000,003,584 | ---- | C] () -- C:\Users\Jussi\1033.MST
[2012.07.05 20:28:10 | 092,161,024 | ---- | C] () -- C:\Users\Jussi\Samsung Kies.msi
[2012.07.05 12:19:00 | 035,919,760 | ---- | C] () -- C:\Users\Jussi\wzsysutil.exe
[2012.06.22 00:49:08 | 000,000,572 | ---- | C] () -- C:\Users\Jussi\save_pitiri.sav
[2012.06.22 00:28:25 | 028,764,543 | ---- | C] () -- C:\Users\Jussi\Rijn_Full_Win.exe
[2012.06.08 13:59:51 | 000,290,825 | ---- | C] () -- C:\Users\Jussi\Download Driftmoon (Alpha).exe
[2012.06.04 05:09:13 | 000,290,825 | ---- | C] () -- C:\Users\Jussi\Download UFO- Afterlight.exe
[2012.06.04 03:35:49 | 000,290,825 | ---- | C] () -- C:\Users\Jussi\Download UFO- Aftermath.exe
[2012.06.01 23:39:38 | 069,638,303 | ---- | C] () -- C:\Users\Jussi\install1893.exe
[2012.05.30 16:57:10 | 136,028,368 | ---- | C] () -- C:\Users\Jussi\Dead_Pixels_Installer.msi
[2012.05.22 22:44:29 | 100,016,474 | ---- | C] () -- C:\Users\Jussi\DayZ-1582-full-with-shortcuts.exe
[2012.05.21 03:10:27 | 1261,963,178 | ---- | C] () -- C:\Users\Jussi\fifa11_pc_demo_EU.zip
[2012.05.12 05:02:04 | 005,900,488 | ---- | C] ( ) -- C:\Users\Jussi\install-getnzb.exe
[2012.05.05 06:24:31 | 000,618,997 | ---- | C] () -- C:\Users\Jussi\srdiag.zip
[2012.05.05 01:23:48 | 004,431,941 | ---- | C] () -- C:\Users\Jussi\install-getnzb.zip
[2012.04.29 05:23:24 | 298,042,692 | ---- | C] () -- C:\Users\Jussi\eb2_setup_v105.zip
[2012.04.25 22:33:30 | 000,000,115 | ---- | C] () -- C:\Windows\MORDOR.INI
[2012.04.15 14:43:52 | 128,074,260 | ---- | C] () -- C:\Users\Jussi\t-engine4-windows-1.0.0beta38.zip
[2012.04.11 19:02:59 | 483,918,688 | ---- | C] () -- C:\Users\Jussi\grimrock-rc6-1.1.3-installer.zip
[2012.04.06 03:56:15 | 030,412,800 | ---- | C] () -- C:\Users\Jussi\PhysX-9.12.0213-SystemSoftware.msi
[2012.04.04 05:33:14 | 090,416,115 | ---- | C] () -- C:\Users\Jussi\LoneSurvivor-PC.zip
[2012.04.04 04:47:48 | 053,646,743 | ---- | C] () -- C:\Users\Jussi\OffspringFlingWIN.zip
[2012.04.04 03:49:00 | 299,348,632 | ---- | C] () -- C:\Users\Jussi\Alec Holowka - Aquaria- Original Soundtrack.zip
[2012.03.28 02:14:14 | 022,136,950 | ---- | C] () -- C:\Users\Jussi\legend_of_grimrock_preorder_goodies.zip
[2012.03.07 16:47:55 | 031,126,033 | ---- | C] () -- C:\Users\Jussi\6305_Vista_Win7_PG537.zip
[2012.02.28 21:35:14 | 027,705,697 | ---- | C] () -- C:\Users\Jussi\Auditorium_Win32.zip
[2012.02.25 16:13:55 | 026,789,758 | ---- | C] () -- C:\Users\Jussi\PitmanPC-1.4.zip
[2012.02.24 02:21:17 | 008,487,235 | ---- | C] () -- C:\Users\Jussi\Towns_0.40.2_Windows.zip
[2012.02.24 02:21:07 | 064,674,792 | ---- | C] () -- C:\Users\Jussi\wyv_and_keep.1.zip
[2012.02.23 02:16:26 | 022,586,860 | ---- | C] () -- C:\Users\Jussi\bin_UberCatacombSnatch.1.4.1.jar
[2012.02.20 22:00:50 | 008,961,024 | ---- | C] () -- C:\Users\Jussi\Pitman.exe
[2012.02.13 21:54:09 | 019,985,410 | ---- | C] () -- C:\Users\Jussi\HackSlashLoot.zip
[2012.02.09 23:30:36 | 017,549,370 | ---- | C] () -- C:\Users\Jussi\KOYA_RIFT_1_03.zip
[2012.01.31 16:02:34 | 000,223,608 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT
[2012.01.20 15:55:36 | 000,025,262 | ---- | C] () -- C:\Windows\System32\xfisk.ini
[2012.01.20 15:55:36 | 000,000,052 | ---- | C] () -- C:\Windows\System32\ctzapxx.ini
[2012.01.20 15:55:29 | 000,001,209 | ---- | C] () -- C:\Windows\skSPcfg.ini
[2012.01.20 15:55:29 | 000,000,381 | ---- | C] () -- C:\Windows\skMCcfg.ini
[2012.01.20 15:55:11 | 000,128,512 | ---- | C] () -- C:\Windows\System32\APOMngr.DLL
[2012.01.20 15:55:11 | 000,069,120 | ---- | C] () -- C:\Windows\System32\CmdRtr.DLL
[2012.01.16 09:01:02 | 304,836,097 | ---- | C] () -- C:\Users\Jussi\BattleAcademy-patch-170.zip
[2011.12.06 05:57:47 | 000,280,036 | ---- | C] () -- C:\Users\Jussi\bookmarks-2011-12-06.json
[2011.11.30 23:27:26 | 001,606,656 | ---- | C] () -- C:\Users\Jussi\SteamInstall.msi
[2011.11.29 22:51:08 | 078,554,624 | ---- | C] () -- C:\Users\Jussi\Fractal Installer.msi
[2011.11.22 09:18:47 | 000,080,896 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2011.11.10 17:33:49 | 000,752,963 | ---- | C] () -- C:\Users\Jussi\my-little-pony-friendship-is-magic-brony-canon-versus-fanon.gif
[2011.10.26 04:27:15 | 000,001,940 | ---- | C] () -- C:\Users\Jussi\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2011.10.06 23:50:16 | 152,216,625 | ---- | C] () -- C:\Users\Jussi\trauma.zip
[2011.10.03 19:39:06 | 000,000,059 | ---- | C] () -- C:\Windows\RUNAWAY2.INI
[2011.09.28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011.09.10 17:46:49 | 012,685,945 | ---- | C] () -- C:\Users\Jussi\PGForever100.zip
[2011.08.30 11:38:52 | 000,012,067 | ---- | C] () -- C:\Users\Jussi\VENDINFO.DIZ
[2011.08.30 11:38:52 | 000,000,412 | ---- | C] () -- C:\Users\Jussi\READ_ME.BAT
[2011.08.30 11:38:52 | 000,000,306 | ---- | C] () -- C:\Users\Jussi\FILE_ID.DIZ
[2011.08.30 11:38:52 | 000,000,171 | ---- | C] () -- C:\Users\Jussi\READ_ME.1ST
[2011.08.30 11:38:52 | 000,000,038 | ---- | C] () -- C:\Users\Jussi\DESC.SDI
[2011.08.22 21:36:21 | 000,002,977 | ---- | C] () -- C:\Users\Jussi\merchant.mvc.htm
[2011.08.16 17:18:02 | 000,032,288 | ---- | C] () -- C:\Windows\System32\xfiXEN.ini
[2011.08.09 21:43:59 | 109,761,764 | ---- | C] () -- C:\Users\Jussi\Really Big Sky.zip
[2011.08.06 13:20:44 | 000,002,220 | ---- | C] () -- C:\Windows\System32\ASOROSet.bin
[2011.07.29 19:34:57 | 001,001,596 | ---- | C] () -- C:\Users\Jussi\Signet_Of_The_Loot_Whore.jpg
[2011.07.29 17:12:17 | 000,001,260 | ---- | C] () -- C:\Users\Jussi\form.php.htm
[2011.07.26 16:26:46 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2011.07.26 16:26:46 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2011.07.26 16:26:46 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2011.07.26 16:26:46 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2011.07.21 16:20:02 | 039,753,248 | ---- | C] () -- C:\Users\Jussi\allinone_358f.zip
[2011.07.20 02:55:36 | 000,000,200 | ---- | C] () -- C:\Users\Jussi\AppData\Roaming\Lucid_player_profiles_data.dat
[2011.07.20 02:55:36 | 000,000,008 | ---- | C] () -- C:\Users\Jussi\AppData\Roaming\Lucid_player_highscore.dat
[2011.07.05 09:20:20 | 000,002,903 | ---- | C] () -- C:\Users\Jussi\Checkout.htm
[2011.07.03 04:14:59 | 000,138,056 | ---- | C] () -- C:\Users\Jussi\AppData\Roaming\PnkBstrK.sys
[2011.07.03 04:14:23 | 002,434,856 | ---- | C] () -- C:\Windows\System32\pbsvc_bc2.exe
[2011.06.21 12:03:42 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
[2011.06.06 08:21:46 | 000,000,093 | ---- | C] () -- C:\Users\Jussi\AppData\Local\fusioncache.dat
[2011.05.25 04:25:39 | 000,000,906 | ---- | C] () -- C:\Users\Jussi\NetCash_1593.rtf
[2011.03.20 04:28:54 | 000,140,304 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2011.03.20 04:06:11 | 000,281,032 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2011.03.20 04:06:09 | 000,076,888 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2011.03.14 15:31:42 | 000,001,137 | ---- | C] () -- C:\Users\Jussi\On Air Finland.htm
[2011.03.11 13:10:37 | 000,030,118 | ---- | C] () -- C:\Users\Jussi\unnamed.htm
[2011.02.28 01:55:39 | 000,040,163 | ---- | C] () -- C:\Users\Jussi\Chat Window.htm
[2011.02.02 03:54:08 | 020,364,702 | ---- | C] () -- C:\Users\Jussi\vlc-1.1.7-win32.exe
[2011.01.24 06:15:07 | 235,409,572 | ---- | C] () -- C:\Users\Jussi\A.R.E.S.-Extinction-Agenda-v1113.zip
[2011.01.02 01:00:28 | 000,000,013 | ---- | C] () -- C:\Windows\popcinfo.dat
[2010.12.21 09:00:07 | 000,062,582 | ---- | C] () -- C:\Users\Jussi\MikauSPPack1177.cpak
[2010.12.03 02:28:28 | 235,092,516 | ---- | C] () -- C:\Users\Jussi\dB soundworks - Super Meat Boy! Soundtrack.zip
[2010.11.21 12:25:19 | 004,380,710 | ---- | C] () -- C:\Users\Jussi\DesktopDungeons_v015.zip
[2010.11.16 10:07:30 | 341,565,909 | ---- | C] () -- C:\Users\Jussi\setup_baldurs_gate_2-2.bin
[2010.11.16 10:07:16 | 2097,542,912 | ---- | C] () -- C:\Users\Jussi\setup_baldurs_gate_2-1.bin
[2010.11.13 02:20:01 | 000,003,893 | ---- | C] () -- C:\Users\Jussi\Profile0.xml
[2010.10.28 20:42:03 | 170,094,276 | ---- | C] () -- C:\Users\Jussi\setup_nwn_diamond-2.bin
[2010.10.28 20:41:44 | 2097,691,392 | ---- | C] () -- C:\Users\Jussi\setup_nwn_diamond-1.bin
[2010.09.23 16:30:51 | 211,368,999 | ---- | C] () -- C:\Users\Jussi\thepath_1.1.zip
[2010.09.17 14:47:53 | 029,400,319 | ---- | C] () -- C:\Users\Jussi\cfe_live.zip
[2010.08.02 17:52:19 | 000,026,340 | ---- | C] () -- C:\Users\Jussi\AppData\Roaming\UserTile.png
[2010.07.24 14:38:35 | 000,000,286 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010.06.09 03:36:56 | 004,162,456 | ---- | C] () -- C:\Users\Jussi\Spotify Installer.exe
[2010.02.27 17:35:42 | 016,769,650 | ---- | C] () -- C:\Users\Jussi\Rawr v2.3.11.zip
[2010.02.19 13:22:06 | 000,001,356 | ---- | C] () -- C:\Users\Jussi\AppData\Local\d3d9caps.dat
[2009.12.25 15:46:32 | 000,000,026 | ---- | C] () -- C:\Users\Jussi\gamepad.cfg
[2009.09.01 10:07:22 | 000,000,021 | ---- | C] () -- C:\Users\Jussi\settings.cfg
[2009.03.13 00:36:32 | 000,000,046 | ---- | C] () -- C:\Users\Jussi\keys.cfg
[2009.01.24 02:56:10 | 000,139,776 | ---- | C] () -- C:\Users\Jussi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2006.11.02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 08:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012.01.04 23:22:57 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\.minecraft
[2010.12.14 23:46:19 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\2K Sports
[2012.04.08 04:59:55 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\3DeadZed
[2012.05.27 18:04:35 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\addpcs
[2012.07.14 00:23:50 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Atari
[2010.11.28 23:08:16 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Atlus
[2011.03.15 04:14:36 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\AtomZombieData
[2011.03.01 08:44:05 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\AtomZombieDemoData
[2012.02.21 19:35:58 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\AVG
[2012.09.29 08:54:29 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\AVG2013
[2012.06.02 20:59:58 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Azureus
[2010.11.07 22:20:44 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Basilisk Games
[2011.10.05 04:59:30 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Beat Hazard
[2012.01.18 09:49:47 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\BigHugeEngine
[2012.01.01 09:28:42 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Bioshock
[2011.12.24 01:15:15 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\bizarre creations
[2012.01.08 00:07:02 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Braid
[2012.03.17 12:59:59 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Brawsome
[2010.10.07 12:31:15 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Broken Rules
[2012.05.31 02:49:08 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Carbon
[2010.11.07 16:50:38 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Chime
[2011.02.26 05:35:35 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Cipher Prime
[2010.11.20 03:34:37 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Clones
[2010.11.19 00:10:06 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\ClonesDemo
[2011.05.27 00:01:00 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Cobra Mobile
[2011.07.23 23:27:59 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Codemasters
[2011.05.28 21:28:00 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Colibri Games
[2012.08.31 20:10:21 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\collection
[2012.02.29 08:59:38 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\com.cipherprime.auditorium
[2012.02.24 21:19:54 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\com.tametick.CardinalQuest
[2012.04.24 22:43:42 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\crawl
[2011.07.12 14:44:43 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Crayon Physics Deluxe
[2012.08.31 03:15:08 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\DarknessII
[2012.01.25 20:07:19 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\DarknessIIDemo
[2011.06.21 00:47:33 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\DarksporeData
[2012.01.22 22:56:44 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\DefendersQuest
[2010.11.27 19:50:25 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\DocClockGame
[2011.12.30 04:31:15 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Doublefine
[2011.08.21 16:15:48 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Downloaded Installations
[2012.06.12 13:58:09 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Dropbox
[2011.07.20 01:02:19 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Dwarfs
[2012.05.11 21:00:54 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Dynamite Jack
[2012.08.10 23:44:54 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Empty Clip Studios
[2011.07.27 00:44:51 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Endless Fluff Games
[2012.09.28 17:01:08 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\EtherVaporTrial
[2010.10.18 02:54:07 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Faerie Solitaire
[2012.10.17 20:45:59 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\FairyBloomReTrial
[2012.06.21 01:16:49 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\FatShark
[2012.02.28 19:10:29 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\fltk.org
[2010.12.23 20:11:16 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Fortix
[2011.07.10 05:40:15 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\fotw
[2011.02.26 05:35:33 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Fractal
[2010.09.22 10:37:36 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Games
[2011.07.10 16:26:27 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\GamesFaction
[2011.08.31 21:16:24 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Gatling Gears
[2012.04.02 01:46:13 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Greenshot
[2012.01.26 21:51:48 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\HackSlashLoot
[2011.08.31 22:50:12 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Hothead Games
[2009.01.24 02:06:27 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Ideazon
[2012.11.12 20:08:46 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\IrfanView
[2011.01.03 01:41:28 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\ITTNord
[2012.07.29 11:34:57 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Joymasher
[2011.03.10 20:25:18 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Kalypso Media
[2012.05.26 16:39:48 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\LaxiusForce
[2012.03.29 11:46:31 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Leadertech
[2011.10.19 20:37:05 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\LightFish
[2011.06.25 06:29:27 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\LolClient
[2011.07.05 19:45:54 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Longbow Digital Arts
[2012.04.04 05:38:40 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\LS
[2010.09.19 11:25:19 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\LucasArts
[2011.10.14 23:08:57 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Might & Magic Heroes VI
[2011.08.22 23:19:31 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Might & Magic Heroes VI - Public Closed Beta
[2011.05.24 05:52:58 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\MinMaxGames
[2010.09.22 09:43:31 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Mount&Blade Warband
[2010.09.29 20:36:02 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\My Games
[2011.07.02 05:46:41 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\NationRed
[2011.03.02 01:39:43 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Nicalis
[2011.07.03 05:11:11 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Nifflas
[2010.04.29 18:29:37 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Nokia
[2012.01.31 05:28:38 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Nooskewl
[2011.07.11 01:44:46 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Nucleosys
[2012.04.04 04:53:42 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\offspringfling
[2012.03.01 19:39:08 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\OnLive App
[2010.07.15 12:34:23 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\OpenDNS Updater
[2009.02.15 17:38:10 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\OpenOffice.org
[2010.04.07 02:27:11 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Opera
[2012.06.03 23:13:57 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Orbit
[2012.08.31 01:38:22 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Origin
[2009.01.26 16:30:04 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Packard Bell
[2010.04.29 17:05:21 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\PC Suite
[2010.08.02 17:52:19 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\PeerNetworking
[2011.06.20 02:30:30 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Peter Brinson and Kurosh ValaNejad
[2011.07.19 01:28:39 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\PlayFirst
[2010.11.26 12:35:07 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\PopCapv1002
[2012.06.03 23:01:28 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\ProgSense
[2011.03.20 04:06:00 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\PunkBuster
[2012.02.03 18:02:16 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Quest3D
[2012.11.18 12:14:20 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\QuikIO
[2011.12.06 06:17:21 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\RayV
[2010.11.03 15:15:19 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\ReactGames
[2010.12.27 22:09:57 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Relentless Software
[2012.07.30 13:43:07 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\RenPy
[2011.07.11 19:39:25 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\RIFT
[2012.02.21 00:45:16 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\RotMG.Production
[2010.10.01 18:31:44 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\runic games
[2010.11.20 00:41:07 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Safer Networking
[2012.07.05 20:31:25 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Samsung
[2012.02.22 15:25:03 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Scoregasm
[2012.02.21 04:07:51 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\SinisterDesign.TelepathRPGServantsOfGod.9734F53159B682152B7C442264602A0CEA7C53C9.1
[2011.10.06 22:40:09 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Sports Interactive
[2010.09.27 20:23:00 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\SquareLogic
[2012.08.13 22:18:44 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Squids
[2011.01.12 22:16:54 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Systweak
[2012.05.11 14:15:24 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Temp
[2011.02.25 13:59:02 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\The Creative Assembly
[2010.09.24 18:14:29 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\The Path
[2012.06.03 09:38:25 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\The Sea Will Claim Everything
[2010.05.31 19:00:28 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Tific
[2011.07.07 18:35:49 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Tilted Mill
[2012.09.10 23:22:35 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\TinyAndBigGrandpasLeftovers
[2011.11.20 17:42:38 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\To the Moon - Freebird Games
[2011.09.28 10:07:58 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Total Eclipse
[2011.10.27 04:43:32 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Trine2
[2011.08.11 23:12:14 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Tropico 3 Demo
[2012.09.29 08:51:29 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\TuneUp Software
[2012.07.30 18:00:42 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Ubisoft
[2011.08.09 15:12:40 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Unity
[2012.01.11 17:53:51 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Unity of Command
[2012.01.02 19:33:44 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\VertexDispenser
[2012.03.20 21:00:15 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Waveform
[2010.11.28 09:45:39 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Windows Live Writer
[2010.06.20 01:23:09 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\WinPatrol
[2010.12.18 00:13:10 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\WinterVoices
[2012.07.05 12:20:38 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\WinZip
[2010.11.22 04:45:09 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\WordPirate
[2012.09.16 03:09:39 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Worthless Bums
[2010.10.16 16:03:21 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\YoudaGames
[2010.09.28 07:15:20 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Zen of Sudoku
[2011.08.16 03:22:36 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\ZenBound2
[2010.12.21 00:26:13 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\ZombieDriver

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 5120 bytes -> C:\ProgramData:gs5sys
@Alternate Data Stream - 1536 bytes -> C:\Users\Public\Documents\desktop.ini:gs5sys
@Alternate Data Stream - 1536 bytes -> C:\Users\Jussi\Documents\desktop.ini:gs5sys
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:5C321E34

< End of report >

#2
RKinner

Posted 20 November 2012 - 10:45 AM

Malware Expert

Expert
24,625 posts

Copy the text in the code box by highlighting and Ctrl + c


:OTL
O4 - HKLM..\Run: [ROC_ROC_NT] "C:\Program Files\AVG Secure Search\ROC_ROC_NT.exe" / /PROMPT /CMPID=ROC_NT File not found
O4 - HKCU..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload File not found
O4 - HKCU..\Run: [QuikIO] "C:\Program Files\QuikIO\QuikIO.exe" File not found
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll File not found
@Alternate Data Stream - 5120 bytes -> C:\ProgramData:gs5sys
@Alternate Data Stream - 1536 bytes -> C:\Users\Public\Documents\desktop.ini:gs5sys
@Alternate Data Stream - 1536 bytes -> C:\Users\Jussi\Documents\desktop.ini:gs5sys
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:5C321E34

:files
at /c
C:\Windows\tasks\At*.job
C:\Windows\assembly\GAC\Desktop.ini
C:\Windows\assembly\GAC_32\Desktop.ini
C:\Windows\assembly\GAC_64\Desktop.ini

:Commands
[EMPTYFLASH]
[EMPTYJAVA]
[purity]
[Reboot]

then Rightclick on OTL and select Run As Administrator to start. Under the Custom Scans/Fixes box at the bottom, paste (ctrl +v) the text. Verify that you got it all and Then click the RUN FIX button (NOT THE QUICK SCAN button!) at the top
Let the program run unhindered, OTL will reboot the PC when it is done. Save the log and copy and paste it into a reply. This will also create a file winsock2.reg on your desktop. It is an insurance file. If you can't get on the Internet after the fix, try right clicking on the winsock2.reg and Merge then reboot. If that doesn't help then do a System Restore.
It appears that Old Timer is now hiding the log in c:\_OTL\MovedFiles\11202012-some number.log.

Download aswMBR.exe ( 511KB ) to your desktop.
Right click aswMBR.exe and Run as Administrator
uncheck trace disk IO calls
Click the "Scan" button to start scan (Accept the Avast Engine)
On completion of the scan if the Fix button is enabled (not the FixMBR button) press it and then run a new scan and click save log, save it to your desktop and post in your next reply
If the Fix button is not enabled then just click save log, save it to your desktop and post in your next reply

ComboFix

:!: It must be saved to your desktop, do not run it from your browser:!:

:!: Disable your Antivirus software when downloading or running Combofix. If it has Script Blocking features, please disable these as well. See: http://www.bleepingc...opic114351.html

Download and Save this file -- to your Desktop -- from either of these two sources:
http://download.blee...Bs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Rightclick on ComboFix and select Run As Administrator to start the program.

* :!: Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.

* A window may open with a series of Disclaimers. Accept the Disclaimers to start the fix.

A caution - Do not run Combofix more than once. Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Even when ComboFix appears to be doing nothing, look at your Drive light. If it is flashing, Combofix is still at work.

A file will be created at => C:\Combofix.txt. I'll need to see that in your reply.

Download TDSSKiller:
http://support.kaspe.../tdsskiller.exe
Save it to your desktop then run it.
Right click on TDSSKiller.exe and select Run As Administrator to start the program.

If TDSSKiller alerts you that the system needs to reboot, please consent.

Run TDSSKiller again but this time:
before you hit the Scan hit Change Parameters and check the two items under Additional Options. OK then Scan.
In this mode it is prone to false positives so do not change the SKIP option to DELETE unless it says TDSS.
When done, a log file should be created on your C: drive named "TDSSKiller.txt" please copy and paste the contents in your next reply.

Malwarebytes' Anti-Malware
:!: If you have a previous version of MalwareBytes', remove it via Add or Remove Programs and download a fresh copy. :!:
http://www.malwareby...lwarebytes_free

SAVE Malwarebytes' Anti-Malware to your desktop.

* Right-click mbam-setup.exe and select Run As Administrator to start the program.
* follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.

* Be sure that everything is checked, and click Remove Selected.

* When completed, a log will open in Notepad. Please save it to a convenient location.
* The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
* Post that log back here.

Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator. Then type (with an Enter after each line).

sfc  /scannow

(This will check your critical system files. If it asks for a CD and you don't have one or it doesn't like your CD just tell it to SKIP.)

Right click on (My) Computer and select Manage (Continue) Then the Event Viewer. Next select Windows Logs. Right click on System and Clear Log, Clear. Repeat for Application.

Download ESET's Service Repair http://kb.eset.com/l...vicesRepair.exe and Save it then right click on it and Run As Admin.

If it doesn't do it for you:
Reboot.

1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning

Then use the 'Number of events' as follows:

1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.

Please post the Output log in your next reply then repeat but select Application.

Copy the text in the code box:

DRIVES
nnetsvcs
%SYSTEMDRIVE%\*.exe
%systemroot%\assembly\GAC_32\*.ini
%systemroot%\assembly\GAC_64\*.ini
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.exe
%APPDATA%\*.
/md5start
pnrpnsp.dll 
nwprovau.dll
nlaapi.dll
napinsp.dll
mswsock.dll
winrnr.dll
wshelper.dll
services.exe
atapi.sys
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
csrss.exe
PrintIsolationHost.exe
consrv.dll
/md5stop
%systemroot%\*. /mp /s
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemdrive%\$Recycle.Bin|@;true;true;true /fp
%systemroot%\system32\drivers\*.sys /lockedfiles
CREATERESTOREPOINT

Run OTL (Vista or Win 7 => right click and Run As Administrator)

Paste (Ctrl + v) the copied text in the box where it says Custom Scan/Fixes

Select the All option in the Extra Registry group then Run Scan.

You should get two logs. Please copy and paste both of them.

Download, Save and Run (win 7 or Vista => Right click and Run as Admin.) farbar service scanner

Posted Image

Tick "All" options.
Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.

Please copy and paste the log to your reply.

Download the adwCleaner

Run the Tool
Windows Vista and Windows 7 users:
Right click in the adwCleaner.exe and select the option
Select the Delete button.
When the scan completes, it will open a notepad windows.
Please, copy the content of this file in your next reply.

Open IE then click on the gear then Click the Safety button, point to SmartScreen Filter, and then click Turn Off SmartScreen Filter. In the Microsoft? SmartScreen Filter dialog box, click OK.

Ron

#3
Ducon

Posted 21 November 2012 - 01:28 PM

Member

Topic Starter
Member
17 posts

Dont know what happened since it didnt ask me to save any log but .txt from MovedFiles is

========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ROC_ROC_NT deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\KiesPreload deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\QuikIO deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\linkscanner\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1}\ deleted successfully.
File {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll File not found not found.
ADS C:\ProgramData:gs5sys deleted successfully.
ADS C:\Users\Public\Documents\desktop.ini:gs5sys deleted successfully.
ADS C:\Users\Jussi\Documents\desktop.ini:gs5sys deleted successfully.
ADS C:\ProgramData\TEMP:5C321E34 deleted successfully.
========== FILES ==========
< at /c >
Ei vientej„ luettelossa.
C:\Users\Jussi\Desktop\cmd.bat deleted successfully.
C:\Users\Jussi\Desktop\cmd.txt deleted successfully.
File\Folder C:\Windows\tasks\At*.job not found.
File\Folder C:\Windows\assembly\GAC\Desktop.ini not found.
File\Folder C:\Windows\assembly\GAC_32\Desktop.ini not found.
File\Folder C:\Windows\assembly\GAC_64\Desktop.ini not found.
========== COMMANDS ==========

[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Jussi
->Flash cache emptied: 121811 bytes

User: Public

User: UpdatusUser
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Jussi
->Java cache emptied: 1 bytes

User: Public

User: UpdatusUser

Total Java Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 11202012_184815

ComboFix 12-11-20.02 - Jussi 21.11.2012 7:23.3.4 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.358.1035.18.3326.1942 [GMT 2:00]
Sijainti: c:\users\Jussi\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((( Muut poistot ))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Jussi\1033.MST
c:\users\Jussi\301.42-desktop-win7-winvista-32bit-international-whql.exe
c:\users\Jussi\304.79-desktop-win8-win7-winvista-32bit-international-beta.exe
c:\users\Jussi\306.23-desktop-win8-win7-winvista-32bit-international-whql.exe
c:\users\Jussi\306.97-desktop-win8-win7-winvista-32bit-international-whql.exe
c:\users\Jussi\avirusnamedtom-windows-1_0_49-1343772960.exe
c:\users\Jussi\DayZ-1582-full-with-shortcuts.exe
c:\users\Jussi\DesuraInstaller.exe
c:\users\Jussi\Download Blue Libra.exe
c:\users\Jussi\Download Driftmoon (Alpha).exe
c:\users\Jussi\Download Girl with a Heart of.exe
c:\users\Jussi\Download Tiny and Big- Grandpa's Leftovers.exe
c:\users\Jussi\Download War of the Human Tanks.exe
c:\users\Jussi\install-getnzb.exe
c:\users\Jussi\install1893.exe
c:\users\Jussi\mseinstall.exe
c:\users\Jussi\QuikIO_1.0.2_win_installer.exe
c:\users\Jussi\Rijn_Full_Win.exe
c:\users\Jussi\smsetup13a.exe
c:\users\Jussi\TFC.exe
c:\users\Jussi\wesnoth-1.10.3-win32.exe
c:\users\Jussi\wzsysutil.exe
c:\windows\system32\System32\MASetupCleaner.exe
c:\windows\system32\System32\muzapp.exe
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\regtlib.exe
D:\install.exe
.
.
((((( Tiedostot, jotka on luotu seuraavalla aikavälillä: 2012-10-21 to 2012-11-21 )))))))))))))))))
.
.
2012-11-21 05:39 . 2012-11-21 05:39 -------- d-----w- c:\users\Jussi\AppData\Local\temp
2012-11-20 17:01 . 2012-11-20 17:01 29904 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BC85C2F2-3473-4437-9FDD-32592520D30D}\MpKsle5f5cb95.sys
2012-11-20 16:48 . 2012-11-20 16:48 -------- d-----w- C:\_OTL
2012-11-20 15:33 . 2012-11-08 18:00 6812136 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BC85C2F2-3473-4437-9FDD-32592520D30D}\mpengine.dll
2012-11-19 15:31 . 2012-10-11 20:56 6918632 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-11-17 13:11 . 2012-11-18 10:14 -------- d-----w- c:\users\Jussi\AppData\Roaming\QuikIO
2012-11-14 14:54 . 2012-10-08 07:50 678912 ----a-w- c:\program files\Internet Explorer\iedvtool.dll
2012-11-14 14:54 . 2012-10-08 07:47 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 14:53 . 2012-09-25 16:19 75776 ----a-w- c:\windows\system32\synceng.dll
2012-11-14 14:53 . 2012-10-12 14:29 2047488 ----a-w- c:\windows\system32\win32k.sys
2012-11-13 05:21 . 2012-11-13 05:21 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin7.dll
2012-11-13 05:21 . 2012-11-13 05:21 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin6.dll
2012-11-13 05:21 . 2012-11-13 05:21 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin5.dll
2012-11-13 05:21 . 2012-11-13 05:21 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin4.dll
2012-11-13 05:21 . 2012-11-13 05:21 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin3.dll
2012-11-13 05:21 . 2012-11-13 05:21 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin2.dll
2012-11-13 05:21 . 2012-11-13 05:21 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin.dll
2012-11-03 10:21 . 2012-11-03 10:21 740784 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4CACD943-320C-4923-8A1D-FBCF78E39694}\gapaengine.dll
2012-11-03 10:18 . 2012-11-03 10:19 -------- d-----w- c:\program files\Microsoft Security Client
2012-10-25 01:12 . 2012-10-25 01:12 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2012-10-25 01:12 . 2012-10-25 01:12 69632 ----a-w- c:\windows\system32\QuickTime.qts
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-04 23:25 . 2012-06-11 21:09 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-11-04 23:25 . 2012-06-11 21:09 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-10-02 22:20 . 2012-10-10 20:02 6127464 ----a-w- c:\windows\system32\nvopencl.dll
2012-10-02 22:20 . 2012-10-10 20:02 2574696 ----a-w- c:\windows\system32\nvcuvid.dll
2012-10-02 22:20 . 2012-10-10 20:02 19906920 ----a-w- c:\windows\system32\nvoglv32.dll
2012-10-02 22:20 . 2012-10-10 20:02 7697768 ----a-w- c:\windows\system32\nvcuda.dll
2012-10-02 22:20 . 2012-10-10 20:02 1867112 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-10-02 22:20 . 2012-10-10 20:02 10837352 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2012-10-02 22:20 . 2012-10-10 20:02 17559912 ----a-w- c:\windows\system32\nvcompiler.dll
2012-10-02 22:20 . 2012-08-25 05:05 888168 ----a-w- c:\windows\system32\nvdispgenco32.dll
2012-10-02 22:20 . 2011-08-09 21:34 12501352 ----a-w- c:\windows\system32\nvwgf2um.dll
2012-10-02 22:20 . 2011-08-09 21:34 1009512 ----a-w- c:\windows\system32\nvdispco32.dll
2012-10-02 22:20 . 2011-02-23 05:27 15309160 ----a-w- c:\windows\system32\nvd3dum.dll
2012-10-02 22:20 . 2010-07-23 01:13 2428776 ----a-w- c:\windows\system32\nvapi.dll
2012-10-02 19:29 . 2010-07-09 13:20 645992 ----a-w- c:\windows\system32\nvvsvc.exe
2012-10-02 19:29 . 2010-07-09 13:20 108392 ----a-w- c:\windows\system32\nvmctray.dll
2012-10-02 19:29 . 2010-07-09 13:20 62312 ----a-w- c:\windows\system32\nvshext.dll
2012-10-02 19:29 . 2010-07-09 13:20 2557288 ----a-w- c:\windows\system32\nvsvcr.dll
2012-10-02 19:29 . 2010-07-09 13:20 2853224 ----a-w- c:\windows\system32\nvsvc.dll
2012-10-02 19:28 . 2010-07-09 13:20 3965288 ----a-w- c:\windows\system32\nvcpl.dll
2012-10-02 10:15 . 2012-10-02 10:15 430952 ----a-w- c:\windows\system32\nvStreaming.exe
2012-09-29 07:04 . 2003-03-18 21:14 499712 ----a-w- c:\windows\system32\msvcp71.dll
2012-09-24 20:16 . 2012-10-21 15:33 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-09-19 16:06 . 2010-11-29 21:24 19131904 ----a-w- c:\windows\system32\rapture3d_oal.dll
2012-09-15 14:02 . 2012-09-15 14:02 6725632 ----a-w- c:\users\Jussi\PathOfExileInstaller.msi
2012-09-13 13:28 . 2012-10-10 04:16 2048 ----a-w- c:\windows\system32\tzres.dll
2012-09-07 14:04 . 2012-05-04 22:01 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-07 13:00 . 2012-09-07 12:59 45859364 ----a-w- c:\users\Jussi\DRODGatEBDemoSetup.exe
2012-09-05 07:25 . 2011-08-01 21:31 17848 ----a-w- c:\windows\system32\roboot.exe
2012-09-01 17:48 . 2012-06-12 20:20 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-09-01 17:48 . 2010-06-20 06:43 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-08-30 20:03 . 2012-08-30 20:03 99272 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2012-08-30 20:03 . 2012-08-30 20:03 193552 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2012-08-29 11:27 . 2012-10-10 04:15 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-08-29 11:27 . 2012-10-10 04:15 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-08-26 13:08 . 2012-08-26 13:08 7207866 ----a-w- c:\users\Jussi\fdminst.exe
2012-08-24 15:53 . 2012-10-10 04:16 172544 ----a-w- c:\windows\system32\wintrust.dll
2012-08-23 20:26 . 2012-08-23 20:24 93554411 ----a-w- c:\users\Jussi\Avseq-PC-Demo-Installer.exe
2012-10-27 16:20 . 2012-10-27 16:20 261600 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2009-03-31 19:47 . 2012-10-27 16:20 324976 ----a-w- c:\program files\mozilla firefox\components\coFFPlgn.dll
.
.
(((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VolPanel"="c:\program files\Creative\USB Headsets\Volume Panel\VolPanlu.exe" [2008-08-27 233588]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1387288]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-11 59280]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2012-01-31 10959464]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-09-09 421776]
"TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" [2012-09-29 296096]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 947176]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-10-25 421888]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-09-23 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0sasnative32
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
backup=c:\windows\pss\WinZip Quick Pick.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\amd_dc_opt]
2008-07-22 11:53 77824 ----a-w- c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint]
2010-07-21 13:52 1797008 ----a-w- c:\program files\Microsoft IntelliPoint\ipoint.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2012-10-25 01:12 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-07-03 06:04 252848 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"AntiSpywareOverride"=dword:00000001
.
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [x]
.
.
--- Muut muistissa olevat ajurit/palvelut ---
.
*NewlyCreated* - MPKSLE5F5CB95
*Deregistered* - aswMBR
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ezSharedSvc
.
'Ajoitetut tehtävät'-kansion sisältö
.
2012-11-21 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-11 23:25]
.
2012-11-15 c:\windows\Tasks\WINZIPSS-WINZIPSSAutoCheckUpdate7Days.job
- c:\program files\WinZip System Utilities Suite\WINZIPSSCheckUpdate.exe [2011-08-01 07:25]
.
.
------- Täydentävä tarkistus -------
.
uStart Page = hxxp://www.eset.com/home/products/online-scanner/
mStart Page = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=040b&s=1&o=vp32&d=0109&m=imedia_a6500_ncd
uInternet Settings,ProxyOverride = *.local
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{57D29552-3B29-4A65-8D61-D4E458B114ED}: NameServer = 208.67.222.222,208.67.220.220
DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
FF - ProfilePath - c:\users\Jussi\AppData\Roaming\Mozilla\Firefox\Profiles\w7a81fei.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.newhorizonwow.com/
FF - ExtSQL: 2012-09-29 10:05; {0153E448-190B-4987-BDE1-F256CADA672F}; c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
.
- - - - POISTETUT JÄMÄRIVIT - - - -
.
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-11-21 07:39
Windows 6.0.6002 Service Pack 2 NTFS
.
tarkistaa piilotettuja prosesseja ...
.
tarkistaa piilotettuja käynnistysarvoja ...
.
tarkistaa piilotettuja tiedostoja ...
.
tarkistus on valmis
piilotetut tiedostot: 0
.
**************************************************************************
.
--------------------- LUKITUT REKISTERIAVAIMET ---------------------
.
[HKEY_USERS\S-1-5-21-625289935-3182868809-2741512627-1000\Software\SecuROM\License information*]
"datasecu"=hex:41,62,ec,4a,26,5e,91,bc,29,0f,45,92,2f,c4,d0,86,3c,32,55,5c,30,
81,1d,29,73,87,53,7b,86,7d,66,8a,80,6c,b7,2a,b6,13,a2,ed,7d,c1,14,0f,95,23,\
"rkeysecu"=hex:04,1e,01,b3,b7,d2,bf,28,8c,f8,9d,e0,b6,c8,82,71
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Valmistumisajankohta: 2012-11-21 07:42:58
ComboFix-quarantined-files.txt 2012-11-21 05:42
.
Ennen ajoa: 163 993 395 200 tavua vapaana
Ajon jälkeen: 165 715 587 072 tavua vapaana
.
- - End Of File - - 083BCEA8AB0B464FCF053B48845C46D3

19:55:51.0276 2892 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
19:55:51.0837 2892 ============================================================
19:55:51.0837 2892 Current date / time: 2012/11/21 19:55:51.0837
19:55:51.0837 2892 SystemInfo:
19:55:51.0837 2892
19:55:51.0837 2892 OS Version: 6.0.6002 ServicePack: 2.0
19:55:51.0837 2892 Product type: Workstation
19:55:51.0837 2892 ComputerName: JUSSI-PC
19:55:51.0837 2892 UserName: Jussi
19:55:51.0837 2892 Windows directory: C:\Windows
19:55:51.0837 2892 System windows directory: C:\Windows
19:55:51.0837 2892 Processor architecture: Intel x86
19:55:51.0837 2892 Number of processors: 4
19:55:51.0837 2892 Page size: 0x1000
19:55:51.0837 2892 Boot type: Normal boot
19:55:51.0837 2892 ============================================================
19:55:53.0475 2892 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:55:53.0475 2892 Drive \Device\Harddisk1\DR1 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:55:53.0475 2892 ============================================================
19:55:53.0475 2892 \Device\Harddisk0\DR0:
19:55:53.0475 2892 MBR partitions:
19:55:53.0475 2892 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1801F5F, BlocksNum 0x49055B51
19:55:53.0475 2892 \Device\Harddisk1\DR1:
19:55:53.0475 2892 MBR partitions:
19:55:53.0475 2892 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x4A857000
19:55:53.0475 2892 ============================================================
19:55:53.0600 2892 C: <-> \Device\Harddisk0\DR0\Partition1
19:55:53.0662 2892 D: <-> \Device\Harddisk1\DR1\Partition1
19:55:53.0662 2892 ============================================================
19:55:53.0662 2892 Initialize success
19:55:53.0662 2892 ============================================================
19:56:12.0694 2984 ============================================================
19:56:12.0694 2984 Scan started
19:56:12.0694 2984 Mode: Manual; SigCheck; TDLFS;
19:56:12.0694 2984 ============================================================
19:56:13.0428 2984 ================ Scan system memory ========================
19:56:13.0428 2984 System memory - ok
19:56:13.0428 2984 ================ Scan services =============================
19:56:13.0490 2984 [ C0393EB99A6C72C6BEF9BFC4A72B33A6 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
19:56:13.0677 2984 !SASCORE - ok
19:56:13.0942 2984 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
19:56:13.0974 2984 ACPI - ok
19:56:14.0114 2984 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
19:56:14.0130 2984 AdobeARMservice - ok
19:56:14.0208 2984 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:56:14.0239 2984 AdobeFlashPlayerUpdateSvc - ok
19:56:14.0379 2984 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
19:56:14.0426 2984 adp94xx - ok
19:56:14.0520 2984 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
19:56:14.0566 2984 adpahci - ok
19:56:14.0598 2984 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
19:56:14.0644 2984 adpu160m - ok
19:56:14.0660 2984 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
19:56:14.0691 2984 adpu320 - ok
19:56:14.0754 2984 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:56:14.0878 2984 AeLookupSvc - ok
19:56:14.0925 2984 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
19:56:15.0019 2984 AFD - ok
19:56:15.0034 2984 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:56:15.0066 2984 agp440 - ok
19:56:15.0097 2984 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
19:56:15.0159 2984 aic78xx - ok
19:56:15.0190 2984 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
19:56:15.0300 2984 ALG - ok
19:56:15.0315 2984 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
19:56:15.0331 2984 aliide - ok
19:56:15.0362 2984 [ ACD2F2DF292B6CC28F58095BBA63A068 ] Alpham1 C:\Windows\system32\DRIVERS\Alpham1.sys
19:56:15.0409 2984 Alpham1 - ok
19:56:15.0456 2984 [ F4FAFB2E74B83A156408B1B02302799E ] Alpham2 C:\Windows\system32\DRIVERS\Alpham2.sys
19:56:15.0502 2984 Alpham2 - ok
19:56:15.0534 2984 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
19:56:15.0549 2984 amdagp - ok
19:56:15.0612 2984 [ B39F8C63F6E0655B6CF99899BE039250 ] amdide C:\Windows\system32\DRIVERS\amdide.sys
19:56:15.0627 2984 amdide - ok
19:56:15.0658 2984 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
19:56:15.0721 2984 AmdK7 - ok
19:56:15.0736 2984 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
19:56:15.0830 2984 AmdK8 - ok
19:56:15.0877 2984 [ AD8FA28D8ED0D0A689A0559085CE0F18 ] AmdLLD C:\Windows\system32\DRIVERS\AmdLLD.sys
19:56:15.0924 2984 AmdLLD - ok
19:56:15.0986 2984 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
19:56:16.0033 2984 Appinfo - ok
19:56:16.0095 2984 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:56:16.0111 2984 Apple Mobile Device - ok
19:56:16.0158 2984 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
19:56:16.0189 2984 arc - ok
19:56:16.0220 2984 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
19:56:16.0236 2984 arcsas - ok
19:56:16.0376 2984 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
19:56:16.0392 2984 aspnet_state - ok
19:56:16.0438 2984 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:56:16.0516 2984 AsyncMac - ok
19:56:16.0563 2984 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
19:56:16.0579 2984 atapi - ok
19:56:16.0641 2984 [ 5A1465AD2E7C1BC39CDA12A355329096 ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
19:56:16.0657 2984 AtiPcie - ok
19:56:16.0750 2984 [ F0D933B42CD0594048E4D5200AE9E417 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
19:56:16.0797 2984 atksgt - ok
19:56:16.0828 2984 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:56:16.0891 2984 AudioEndpointBuilder - ok
19:56:16.0891 2984 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
19:56:16.0938 2984 Audiosrv - ok
19:56:17.0031 2984 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
19:56:17.0094 2984 Beep - ok
19:56:17.0125 2984 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
19:56:17.0187 2984 BFE - ok
19:56:17.0234 2984 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\system32\qmgr.dll
19:56:17.0296 2984 BITS - ok
19:56:17.0312 2984 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
19:56:17.0343 2984 blbdrive - ok
19:56:17.0406 2984 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:56:17.0421 2984 Bonjour Service - ok
19:56:17.0484 2984 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:56:17.0530 2984 bowser - ok
19:56:17.0577 2984 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
19:56:17.0608 2984 BrFiltLo - ok
19:56:17.0624 2984 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
19:56:17.0655 2984 BrFiltUp - ok
19:56:17.0686 2984 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
19:56:17.0749 2984 Browser - ok
19:56:17.0780 2984 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
19:56:17.0936 2984 Brserid - ok
19:56:17.0952 2984 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
19:56:18.0014 2984 BrSerWdm - ok
19:56:18.0030 2984 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
19:56:18.0108 2984 BrUsbMdm - ok
19:56:18.0123 2984 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
19:56:18.0186 2984 BrUsbSer - ok
19:56:18.0217 2984 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
19:56:18.0279 2984 BTHMODEM - ok
19:56:18.0388 2984 catchme - ok
19:56:18.0404 2984 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:56:18.0466 2984 cdfs - ok
19:56:18.0513 2984 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:56:18.0576 2984 cdrom - ok
19:56:18.0591 2984 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
19:56:18.0638 2984 CertPropSvc - ok
19:56:18.0669 2984 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
19:56:18.0716 2984 circlass - ok
19:56:18.0778 2984 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
19:56:18.0825 2984 CLFS - ok
19:56:18.0903 2984 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:56:18.0934 2984 clr_optimization_v2.0.50727_32 - ok
19:56:18.0966 2984 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:56:18.0981 2984 clr_optimization_v4.0.30319_32 - ok
19:56:18.0997 2984 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:56:19.0028 2984 cmdide - ok
19:56:19.0044 2984 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\drivers\compbatt.sys
19:56:19.0059 2984 Compbatt - ok
19:56:19.0075 2984 COMSysApp - ok
19:56:19.0106 2984 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
19:56:19.0122 2984 crcdisk - ok
19:56:19.0168 2984 [ C0EAD9F8AB83D41FF07303C75589C2B8 ] Creative Audio Engine Licensing Service C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
19:56:19.0184 2984 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - warning
19:56:19.0184 2984 Creative Audio Engine Licensing Service - detected UnsignedFile.Multi.Generic (1)
19:56:19.0200 2984 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
19:56:19.0262 2984 Crusoe - ok
19:56:19.0324 2984 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:56:19.0387 2984 CryptSvc - ok
19:56:19.0449 2984 [ CACB67BC2E73894ECBCBC4EAD2F02456 ] CTAudSvcService C:\Program Files\Creative\Shared Files\CTAudSvc.exe
19:56:19.0465 2984 CTAudSvcService ( UnsignedFile.Multi.Generic ) - warning
19:56:19.0465 2984 CTAudSvcService - detected UnsignedFile.Multi.Generic (1)
19:56:19.0621 2984 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:56:19.0699 2984 DcomLaunch - ok
19:56:19.0746 2984 [ 2B9A817DC1BDAD9CE5495099B6A7136A ] Desura Install Service C:\Program Files\Common Files\Desura\desura_service.exe
19:56:19.0761 2984 Desura Install Service - ok
19:56:19.0792 2984 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:56:19.0855 2984 DfsC - ok
19:56:19.0995 2984 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
19:56:20.0167 2984 DFSR - ok
19:56:20.0214 2984 [ B684540DFA0BC06A504F837ED39DAF5A ] DFU C:\Windows\system32\drivers\MassDfu.sys
19:56:20.0229 2984 DFU ( UnsignedFile.Multi.Generic ) - warning
19:56:20.0229 2984 DFU - detected UnsignedFile.Multi.Generic (1)
19:56:20.0260 2984 [ F9F31A9F2A8C0DD0CEB6E380BF0985D4 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
19:56:20.0292 2984 dg_ssudbus - ok
19:56:20.0370 2984 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
19:56:20.0479 2984 Dhcp - ok
19:56:20.0510 2984 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
19:56:20.0541 2984 disk - ok
19:56:20.0604 2984 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:56:20.0666 2984 Dnscache - ok
19:56:20.0744 2984 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
19:56:20.0806 2984 dot3svc - ok
19:56:20.0838 2984 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
19:56:20.0900 2984 DPS - ok
19:56:20.0947 2984 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:56:21.0025 2984 drmkaud - ok
19:56:21.0150 2984 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:56:21.0212 2984 DXGKrnl - ok
19:56:21.0243 2984 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
19:56:21.0321 2984 E1G60 - ok
19:56:21.0337 2984 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
19:56:21.0384 2984 EapHost - ok
19:56:21.0430 2984 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
19:56:21.0446 2984 Ecache - ok
19:56:21.0524 2984 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:56:21.0571 2984 ehRecvr - ok
19:56:21.0586 2984 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
19:56:21.0633 2984 ehSched - ok
19:56:21.0633 2984 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
19:56:21.0664 2984 ehstart - ok
19:56:21.0680 2984 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
19:56:21.0727 2984 elxstor - ok
19:56:21.0836 2984 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
19:56:21.0898 2984 EMDMgmt - ok
19:56:21.0945 2984 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:56:21.0976 2984 ErrDev - ok
19:56:21.0992 2984 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
19:56:22.0023 2984 EventSystem - ok
19:56:22.0054 2984 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
19:56:22.0117 2984 exfat - ok
19:56:22.0132 2984 [ 42F721C52EEF2D6DF9372A53813A83EF ] ezSharedSvc C:\Windows\System32\ezsvc7.dll
19:56:22.0179 2984 ezSharedSvc ( UnsignedFile.Multi.Generic ) - warning
19:56:22.0179 2984 ezSharedSvc - detected UnsignedFile.Multi.Generic (1)
19:56:22.0210 2984 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:56:22.0242 2984 fastfat - ok
19:56:22.0273 2984 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:56:22.0320 2984 fdc - ok
19:56:22.0382 2984 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
19:56:22.0413 2984 fdPHost - ok
19:56:22.0444 2984 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
19:56:22.0507 2984 FDResPub - ok
19:56:22.0522 2984 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:56:22.0538 2984 FileInfo - ok
19:56:22.0585 2984 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:56:22.0647 2984 Filetrace - ok
19:56:22.0663 2984 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:56:22.0710 2984 flpydisk - ok
19:56:22.0741 2984 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:56:22.0772 2984 FltMgr - ok
19:56:22.0881 2984 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
19:56:22.0975 2984 FontCache - ok
19:56:23.0115 2984 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:56:23.0131 2984 FontCache3.0.0.0 - ok
19:56:23.0178 2984 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:56:23.0240 2984 Fs_Rec - ok
19:56:23.0256 2984 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
19:56:23.0287 2984 gagp30kx - ok
19:56:23.0318 2984 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:56:23.0349 2984 GEARAspiWDM - ok
19:56:23.0380 2984 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
19:56:23.0443 2984 gpsvc - ok
19:56:23.0568 2984 [ 654EC061F07254CD818B9ED0AC790DE3 ] HCW85BDA C:\Windows\system32\drivers\HCW85BDA.sys
19:56:23.0770 2984 HCW85BDA - ok
19:56:23.0833 2984 [ 3F90E001369A07243763BD5A523D8722 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:56:23.0895 2984 HdAudAddService - ok
19:56:23.0958 2984 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
19:56:24.0067 2984 HDAudBus - ok
19:56:24.0129 2984 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
19:56:24.0238 2984 HidBth - ok
19:56:24.0254 2984 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
19:56:24.0363 2984 HidIr - ok
19:56:24.0410 2984 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\System32\hidserv.dll
19:56:24.0441 2984 hidserv - ok
19:56:24.0472 2984 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:56:24.0504 2984 HidUsb - ok
19:56:24.0535 2984 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:56:24.0582 2984 hkmsvc - ok
19:56:24.0597 2984 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
19:56:24.0613 2984 HpCISSs - ok
19:56:24.0660 2984 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:56:24.0738 2984 HTTP - ok
19:56:24.0753 2984 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
19:56:24.0753 2984 i2omp - ok
19:56:24.0769 2984 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
19:56:24.0816 2984 i8042prt - ok
19:56:24.0831 2984 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
19:56:24.0847 2984 iaStorV - ok
19:56:24.0909 2984 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:56:24.0987 2984 idsvc - ok
19:56:25.0018 2984 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
19:56:25.0034 2984 iirsp - ok
19:56:25.0143 2984 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
19:56:25.0174 2984 IKEEXT - ok
19:56:25.0486 2984 [ EEE7AF1955C638EEB7BC8D9EBABBA54F ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
19:56:25.0908 2984 IntcAzAudAddService - ok
19:56:25.0923 2984 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
19:56:25.0986 2984 intelide - ok
19:56:26.0017 2984 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:56:26.0064 2984 intelppm - ok
19:56:26.0173 2984 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:56:26.0298 2984 IPBusEnum - ok
19:56:26.0329 2984 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:56:26.0391 2984 IpFilterDriver - ok
19:56:26.0469 2984 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:56:26.0516 2984 iphlpsvc - ok
19:56:26.0547 2984 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
19:56:26.0610 2984 IPMIDRV - ok
19:56:26.0625 2984 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
19:56:26.0688 2984 IPNAT - ok
19:56:26.0937 2984 [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:56:27.0062 2984 iPod Service - ok
19:56:27.0156 2984 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:56:27.0249 2984 IRENUM - ok
19:56:27.0265 2984 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:56:27.0296 2984 isapnp - ok
19:56:27.0358 2984 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
19:56:27.0390 2984 iScsiPrt - ok
19:56:27.0421 2984 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
19:56:27.0452 2984 iteatapi - ok
19:56:27.0468 2984 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
19:56:27.0514 2984 iteraid - ok
19:56:27.0530 2984 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:56:27.0561 2984 kbdclass - ok
19:56:27.0608 2984 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:56:27.0655 2984 kbdhid - ok
19:56:27.0686 2984 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
19:56:27.0780 2984 KeyIso - ok
19:56:27.0889 2984 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:56:27.0951 2984 KSecDD - ok
19:56:27.0982 2984 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
19:56:28.0060 2984 KtmRm - ok
19:56:28.0107 2984 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\System32\srvsvc.dll
19:56:28.0154 2984 LanmanServer - ok
19:56:28.0201 2984 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:56:28.0279 2984 LanmanWorkstation - ok
19:56:28.0295 2984 [ B7C19EC8B0DD7EFA58AD41FFEB8B8CDA ] Lbd C:\Windows\system32\DRIVERS\Lbd.sys
19:56:28.0315 2984 Lbd - ok
19:56:28.0403 2984 [ 910344E2A984010435AE84783B25E5EB ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
19:56:28.0437 2984 LBTServ - ok
19:56:28.0512 2984 [ 01CC7FB6E790EF044B411377F3A1FF41 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
19:56:28.0610 2984 LHidFilt - ok
19:56:28.0691 2984 [ F8A7212D0864EF5E9185FB95E6623F4D ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
19:56:28.0724 2984 lirsgt - ok
19:56:28.0769 2984 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:56:28.0834 2984 lltdio - ok
19:56:28.0874 2984 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:56:28.0918 2984 lltdsvc - ok
19:56:28.0934 2984 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:56:28.0988 2984 lmhosts - ok
19:56:29.0003 2984 [ A2E7EAE8898D7B4B8C302B8F4E836BB5 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
19:56:29.0026 2984 LMouFilt - ok
19:56:29.0051 2984 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
19:56:29.0071 2984 LSI_FC - ok
19:56:29.0099 2984 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
19:56:29.0119 2984 LSI_SAS - ok
19:56:29.0135 2984 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
19:56:29.0183 2984 LSI_SCSI - ok
19:56:29.0211 2984 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
19:56:29.0255 2984 luafv - ok
19:56:29.0317 2984 [ DDFA88E36D5F8DB5FBDBDDDC4969DB0A ] LUsbFilt C:\Windows\system32\Drivers\LUsbFilt.Sys
19:56:29.0343 2984 LUsbFilt - ok
19:56:29.0418 2984 [ DDF15A42E27E8EFE27B18FD403151A86 ] MatSvc C:\Program Files\Microsoft Fix it Center\Matsvc.exe
19:56:29.0489 2984 MatSvc - ok
19:56:29.0539 2984 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:56:29.0572 2984 Mcx2Svc - ok
19:56:29.0598 2984 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
19:56:29.0629 2984 megasas - ok
19:56:29.0674 2984 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
19:56:29.0737 2984 MegaSR - ok
19:56:29.0785 2984 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
19:56:29.0852 2984 MMCSS - ok
19:56:29.0870 2984 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
19:56:29.0940 2984 Modem - ok
19:56:29.0969 2984 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:56:30.0026 2984 monitor - ok
19:56:30.0047 2984 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:56:30.0082 2984 mouclass - ok
19:56:30.0106 2984 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:56:30.0152 2984 mouhid - ok
19:56:30.0167 2984 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
19:56:30.0203 2984 MountMgr - ok
19:56:30.0320 2984 [ 313265CF4F5F02ED927774DA1DB3FE00 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
19:56:30.0358 2984 MozillaMaintenance - ok
19:56:30.0444 2984 [ EE728AF83850DDAD9A3FCAC0AAB3AD97 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
19:56:30.0495 2984 MpFilter - ok
19:56:30.0519 2984 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
19:56:30.0555 2984 mpio - ok
19:56:30.0584 2984 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:56:30.0644 2984 mpsdrv - ok
19:56:30.0718 2984 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
19:56:30.0795 2984 MpsSvc - ok
19:56:30.0821 2984 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
19:56:30.0855 2984 Mraid35x - ok
19:56:30.0887 2984 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:56:30.0913 2984 MRxDAV - ok
19:56:30.0953 2984 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:56:31.0018 2984 mrxsmb - ok
19:56:31.0077 2984 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:56:31.0128 2984 mrxsmb10 - ok
19:56:31.0145 2984 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:56:31.0193 2984 mrxsmb20 - ok
19:56:31.0231 2984 [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci C:\Windows\system32\drivers\msahci.sys
19:56:31.0262 2984 msahci - ok
19:56:31.0359 2984 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:56:31.0388 2984 msdsm - ok
19:56:31.0413 2984 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
19:56:31.0502 2984 MSDTC - ok
19:56:31.0541 2984 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:56:31.0732 2984 Msfs - ok
19:56:31.0763 2984 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:56:31.0803 2984 msisadrv - ok
19:56:31.0838 2984 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:56:32.0007 2984 MSiSCSI - ok
19:56:32.0014 2984 msiserver - ok
19:56:32.0036 2984 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:56:32.0090 2984 MSKSSRV - ok
19:56:32.0205 2984 [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
19:56:32.0232 2984 MsMpSvc - ok
19:56:32.0252 2984 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:56:32.0322 2984 MSPCLOCK - ok
19:56:32.0367 2984 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:56:32.0423 2984 MSPQM - ok
19:56:32.0474 2984 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:56:32.0503 2984 MsRPC - ok
19:56:32.0523 2984 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
19:56:32.0546 2984 mssmbios - ok
19:56:32.0577 2984 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:56:32.0654 2984 MSTEE - ok
19:56:32.0677 2984 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
19:56:32.0708 2984 Mup - ok
19:56:32.0756 2984 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
19:56:32.0812 2984 napagent - ok
19:56:32.0872 2984 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:56:32.0900 2984 NativeWifiP - ok
19:56:32.0951 2984 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:56:33.0075 2984 NDIS - ok
19:56:33.0135 2984 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:56:33.0209 2984 NdisTapi - ok
19:56:33.0261 2984 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:56:33.0307 2984 Ndisuio - ok
19:56:33.0339 2984 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:56:33.0405 2984 NdisWan - ok
19:56:33.0423 2984 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:56:33.0471 2984 NDProxy - ok
19:56:33.0574 2984 [ 40D7D0A208EE863BCA8D89E299216F15 ] Nero BackItUp Scheduler 3 C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
19:56:33.0621 2984 Nero BackItUp Scheduler 3 - ok
19:56:33.0651 2984 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:56:33.0690 2984 NetBIOS - ok
19:56:33.0736 2984 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
19:56:33.0769 2984 netbt - ok
19:56:33.0804 2984 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
19:56:33.0822 2984 Netlogon - ok
19:56:33.0857 2984 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
19:56:33.0921 2984 Netman - ok
19:56:33.0944 2984 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:56:33.0964 2984 NetMsmqActivator - ok
19:56:33.0971 2984 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:56:33.0984 2984 NetPipeActivator - ok
19:56:34.0025 2984 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
19:56:34.0069 2984 netprofm - ok
19:56:34.0085 2984 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:56:34.0098 2984 NetTcpActivator - ok
19:56:34.0103 2984 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:56:34.0115 2984 NetTcpPortSharing - ok
19:56:34.0152 2984 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
19:56:34.0175 2984 nfrd960 - ok
19:56:34.0197 2984 [ 2CD24A6AF497D0E9B9BF3DA924ED05E6 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
19:56:34.0233 2984 NisDrv - ok
19:56:34.0398 2984 [ 3B846434055F80D9E89D0742F3ADAD34 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
19:56:34.0441 2984 NisSrv - ok
19:56:34.0479 2984 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:56:34.0545 2984 NlaSvc - ok
19:56:34.0694 2984 [ CD4326BC339F98DE21AA07B208A305AE ] NMIndexingService C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
19:56:34.0780 2984 NMIndexingService - ok
19:56:34.0821 2984 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:56:34.0859 2984 Npfs - ok
19:56:34.0882 2984 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
19:56:34.0948 2984 nsi - ok
19:56:34.0972 2984 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:56:34.0999 2984 nsiproxy - ok
19:56:35.0051 2984 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:56:35.0103 2984 Ntfs - ok
19:56:35.0121 2984 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
19:56:35.0183 2984 ntrigdigi - ok
19:56:35.0203 2984 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
19:56:35.0258 2984 Null - ok
19:56:35.0687 2984 [ 0A1B502CBC8230DA74BEFBAADDB58916 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:56:36.0177 2984 nvlddmkm - ok
19:56:36.0239 2984 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:56:36.0266 2984 nvraid - ok
19:56:36.0295 2984 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:56:36.0338 2984 nvstor - ok
19:56:36.0385 2984 [ EB5A13F9139F20AD71ADF4BF79C3AA29 ] nvsvc C:\Windows\system32\nvvsvc.exe
19:56:36.0461 2984 nvsvc - ok
19:56:36.0756 2984 [ 0629259E3AF6BB0534FCECA208973404 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
19:56:36.0920 2984 nvUpdatusService - ok
19:56:36.0942 2984 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:56:36.0988 2984 nv_agp - ok
19:56:37.0029 2984 [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
19:56:37.0077 2984 ohci1394 - ok
19:56:37.0188 2984 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
19:56:37.0273 2984 p2pimsvc - ok
19:56:37.0289 2984 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
19:56:37.0320 2984 p2psvc - ok
19:56:37.0354 2984 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
19:56:37.0419 2984 Parport - ok
19:56:37.0459 2984 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:56:37.0483 2984 partmgr - ok
19:56:37.0534 2984 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
19:56:37.0625 2984 Parvdm - ok
19:56:37.0658 2984 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
19:56:37.0713 2984 PcaSvc - ok
19:56:37.0744 2984 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
19:56:37.0784 2984 pci - ok
19:56:37.0799 2984 [ 1636D43F10416AEB483BC6001097B26C ] pciide C:\Windows\system32\drivers\pciide.sys
19:56:37.0835 2984 pciide - ok
19:56:37.0878 2984 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
19:56:37.0904 2984 pcmcia - ok
19:56:37.0939 2984 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:56:38.0076 2984 PEAUTH - ok
19:56:38.0115 2984 [ DA86016F0672ADA925F589EDE715F185 ] pfc C:\Windows\system32\drivers\pfc.sys
19:56:38.0137 2984 pfc ( UnsignedFile.Multi.Generic ) - warning
19:56:38.0137 2984 pfc - detected UnsignedFile.Multi.Generic (1)
19:56:38.0187 2984 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
19:56:38.0306 2984 pla - ok
19:56:38.0347 2984 [ 875E4E0661F3A5994DF9E5E3A0A4F96B ] PLFlash DeviceIoControl Service C:\Windows\system32\IoctlSvc.exe
19:56:38.0377 2984 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - warning
19:56:38.0377 2984 PLFlash DeviceIoControl Service - detected UnsignedFile.Multi.Generic (1)
19:56:38.0405 2984 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:56:38.0435 2984 PlugPlay - ok
19:56:38.0479 2984 [ 681DA309716AEB98BC901D7A0458D931 ] PnkBstrA C:\Windows\system32\PnkBstrA.exe
19:56:38.0511 2984 PnkBstrA - ok
19:56:38.0540 2984 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
19:56:38.0581 2984 PNRPAutoReg - ok
19:56:38.0604 2984 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
19:56:38.0634 2984 PNRPsvc - ok
19:56:38.0663 2984 [ 60A044879C4FA76314494F5FDDC43B93 ] Point32 C:\Windows\system32\DRIVERS\point32.sys
19:56:38.0674 2984 Point32 - ok
19:56:38.0711 2984 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:56:38.0771 2984 PolicyAgent - ok
19:56:38.0799 2984 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:56:38.0834 2984 PptpMiniport - ok
19:56:38.0900 2984 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\DRIVERS\processr.sys
19:56:38.0958 2984 Processor - ok
19:56:38.0994 2984 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
19:56:39.0049 2984 ProfSvc - ok
19:56:39.0062 2984 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
19:56:39.0077 2984 ProtectedStorage - ok
19:56:39.0147 2984 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
19:56:39.0177 2984 PSched - ok
19:56:39.0212 2984 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
19:56:39.0284 2984 ql2300 - ok
19:56:39.0311 2984 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
19:56:39.0356 2984 ql40xx - ok
19:56:39.0378 2984 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
19:56:39.0466 2984 QWAVE - ok
19:56:39.0484 2984 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:56:39.0523 2984 QWAVEdrv - ok
19:56:39.0541 2984 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:56:39.0610 2984 RasAcd - ok
19:56:39.0666 2984 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
19:56:39.0748 2984 RasAuto - ok
19:56:39.0771 2984 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:56:39.0834 2984 Rasl2tp - ok
19:56:39.0880 2984 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
19:56:39.0972 2984 RasMan - ok
19:56:40.0039 2984 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:56:40.0095 2984 RasPppoe - ok
19:56:40.0150 2984 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:56:40.0191 2984 RasSstp - ok
19:56:40.0273 2984 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:56:40.0367 2984 rdbss - ok
19:56:40.0429 2984 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:56:40.0498 2984 RDPCDD - ok
19:56:40.0533 2984 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
19:56:40.0587 2984 rdpdr - ok
19:56:40.0594 2984 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:56:40.0641 2984 RDPENCDD - ok
19:56:40.0756 2984 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:56:40.0823 2984 RDPWD - ok
19:56:40.0871 2984 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:56:40.0927 2984 RemoteAccess - ok
19:56:40.0953 2984 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:56:41.0010 2984 RemoteRegistry - ok
19:56:41.0037 2984 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
19:56:41.0103 2984 RpcLocator - ok
19:56:41.0233 2984 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
19:56:41.0286 2984 RpcSs - ok
19:56:41.0306 2984 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:56:41.0365 2984 rspndr - ok
19:56:41.0397 2984 [ C5ACB4D2CA623F678257B0844BD1AC8A ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
19:56:41.0425 2984 RSUSBSTOR - ok
19:56:41.0441 2984 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
19:56:41.0478 2984 SamSs - ok
19:56:41.0523 2984 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
19:56:41.0542 2984 SASDIFSV - ok
19:56:41.0606 2984 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
19:56:41.0626 2984 SASKUTIL - ok
19:56:41.0641 2984 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:56:41.0662 2984 sbp2port - ok
19:56:41.0709 2984 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:56:41.0748 2984 SCardSvr - ok
19:56:41.0902 2984 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
19:56:42.0058 2984 Schedule - ok
19:56:42.0115 2984 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
19:56:42.0150 2984 SCPolicySvc - ok
19:56:42.0196 2984 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:56:42.0252 2984 SDRSVC - ok
19:56:42.0264 2984 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:56:42.0359 2984 secdrv - ok
19:56:42.0384 2984 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
19:56:42.0442 2984 seclogon - ok
19:56:42.0496 2984 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\system32\sens.dll
19:56:42.0550 2984 SENS - ok
19:56:42.0568 2984 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
19:56:42.0647 2984 Serenum - ok
19:56:42.0684 2984 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
19:56:42.0780 2984 Serial - ok
19:56:42.0797 2984 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
19:56:42.0847 2984 sermouse - ok
19:56:42.0922 2984 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
19:56:42.0977 2984 SessionEnv - ok
19:56:42.0994 2984 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:56:43.0045 2984 sffdisk - ok
19:56:43.0062 2984 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:56:43.0121 2984 sffp_mmc - ok
19:56:43.0173 2984 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:56:43.0241 2984 sffp_sd - ok
19:56:43.0268 2984 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
19:56:43.0340 2984 sfloppy - ok
19:56:43.0378 2984 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:56:43.0460 2984 SharedAccess - ok
19:56:43.0520 2984 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:56:43.0548 2984 ShellHWDetection - ok
19:56:43.0577 2984 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
19:56:43.0591 2984 sisagp - ok
19:56:43.0610 2984 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
19:56:43.0623 2984 SiSRaid2 - ok
19:56:43.0643 2984 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
19:56:43.0667 2984 SiSRaid4 - ok
19:56:43.0724 2984 [ A48B5AF8E18E4765ACDEC5BBB8343F84 ] skfiltv C:\Windows\system32\drivers\skfiltv.sys
19:56:43.0756 2984 skfiltv - ok
19:56:43.0979 2984 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
19:56:44.0174 2984 slsvc - ok
19:56:44.0216 2984 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
19:56:44.0258 2984 SLUINotify - ok
19:56:44.0292 2984 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:56:44.0345 2984 Smb - ok
19:56:44.0381 2984 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:56:44.0428 2984 SNMPTRAP - ok
19:56:44.0474 2984 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
19:56:44.0508 2984 spldr - ok
19:56:44.0537 2984 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
19:56:44.0613 2984 Spooler - ok
19:56:44.0672 2984 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
19:56:44.0758 2984 srv - ok
19:56:44.0795 2984 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:56:44.0842 2984 srv2 - ok
19:56:44.0873 2984 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:56:44.0911 2984 srvnet - ok
19:56:44.0932 2984 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:56:44.0993 2984 SSDPSRV - ok
19:56:45.0038 2984 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:56:45.0079 2984 SstpSvc - ok
19:56:45.0126 2984 [ 07318149E102FD9197AB444C27774372 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
19:56:45.0146 2984 ssudmdm - ok
19:56:45.0159 2984 Steam Client Service - ok
19:56:45.0262 2984 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
19:56:45.0308 2984 Stereo Service - ok
19:56:45.0350 2984 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
19:56:45.0404 2984 stisvc - ok
19:56:45.0451 2984 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
19:56:45.0474 2984 swenum - ok
19:56:45.0518 2984 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
19:56:45.0615 2984 swprv - ok
19:56:45.0646 2984 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
19:56:45.0676 2984 Symc8xx - ok
19:56:45.0706 2984 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
19:56:45.0729 2984 Sym_hi - ok
19:56:45.0742 2984 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
19:56:45.0767 2984 Sym_u3 - ok
19:56:45.0838 2984 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
19:56:45.0981 2984 SysMain - ok
19:56:46.0013 2984 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:56:46.0053 2984 TabletInputService - ok
19:56:46.0078 2984 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:56:46.0130 2984 TapiSrv - ok
19:56:46.0183 2984 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
19:56:46.0240 2984 TBS - ok
19:56:46.0359 2984 [ EE7E10BED85C312C1D5D30C435BDDA9F ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:56:46.0459 2984 Tcpip - ok
19:56:46.0496 2984 [ EE7E10BED85C312C1D5D30C435BDDA9F ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
19:56:46.0540 2984 Tcpip6 - ok
19:56:46.0578 2984 [ 2C2D4CFF5E09C73908F9B5AF49A51365 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:56:46.0631 2984 tcpipreg - ok
19:56:46.0676 2984 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:56:46.0739 2984 TDPIPE - ok
19:56:46.0760 2984 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:56:46.0795 2984 TDTCP - ok
19:56:46.0829 2984 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:56:46.0866 2984 tdx - ok
19:56:46.0913 2984 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
19:56:46.0959 2984 TermDD - ok
19:56:46.0996 2984 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
19:56:47.0125 2984 TermService - ok
19:56:47.0154 2984 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
19:56:47.0186 2984 Themes - ok
19:56:47.0243 2984 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
19:56:47.0294 2984 THREADORDER - ok
19:56:47.0324 2984 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
19:56:47.0425 2984 TrkWks - ok
19:56:47.0477 2984 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:56:47.0539 2984 TrustedInstaller - ok
19:56:47.0579 2984 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:56:47.0631 2984 tssecsrv - ok
19:56:47.0664 2984 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
19:56:47.0696 2984 tunmp - ok
19:56:47.0721 2984 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:56:47.0759 2984 tunnel - ok
19:56:47.0779 2984 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
19:56:47.0808 2984 uagp35 - ok
19:56:47.0842 2984 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:56:47.0912 2984 udfs - ok
19:56:47.0965 2984 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:56:48.0038 2984 UI0Detect - ok
19:56:48.0094 2984 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:56:48.0120 2984 uliagpkx - ok
19:56:48.0144 2984 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
19:56:48.0175 2984 uliahci - ok
19:56:48.0206 2984 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
19:56:48.0227 2984 UlSata - ok
19:56:48.0241 2984 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
19:56:48.0262 2984 ulsata2 - ok
19:56:48.0278 2984 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:56:48.0335 2984 umbus - ok
19:56:48.0406 2984 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
19:56:48.0499 2984 upnphost - ok
19:56:48.0551 2984 [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
19:56:48.0625 2984 USBAAPL - ok
19:56:48.0693 2984 [ 32DB9517628FF0D070682AAB61E688F0 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
19:56:48.0739 2984 usbaudio - ok
19:56:48.0772 2984 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:56:48.0814 2984 usbccgp - ok
19:56:48.0858 2984 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:56:48.0959 2984 usbcir - ok
19:56:48.0998 2984 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:56:49.0061 2984 usbehci - ok
19:56:49.0106 2984 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:56:49.0152 2984 usbhub - ok
19:56:49.0201 2984 [ CE697FEE0D479290D89BEC80DFE793B7 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
19:56:49.0237 2984 usbohci - ok
19:56:49.0296 2984 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:56:49.0347 2984 usbprint - ok
19:56:49.0384 2984 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:56:49.0409 2984 USBSTOR - ok
19:56:49.0471 2984 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
19:56:49.0531 2984 usbuhci - ok
19:56:49.0600 2984 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
19:56:49.0634 2984 UxSms - ok
19:56:49.0752 2984 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
19:56:49.0878 2984 vds - ok
19:56:49.0950 2984 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:56:50.0016 2984 vga - ok
19:56:50.0043 2984 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
19:56:50.0093 2984 VgaSave - ok
19:56:50.0145 2984 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
19:56:50.0175 2984 viaagp - ok
19:56:50.0199 2984 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
19:56:50.0251 2984 ViaC7 - ok
19:56:50.0285 2984 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
19:56:50.0309 2984 viaide - ok
19:56:50.0318 2984 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:56:50.0342 2984 volmgr - ok
19:56:50.0375 2984 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:56:50.0409 2984 volmgrx - ok
19:56:50.0429 2984 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:56:50.0460 2984 volsnap - ok
19:56:50.0483 2984 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
19:56:50.0510 2984 vsmraid - ok
19:56:50.0653 2984 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
19:56:50.0788 2984 VSS - ok
19:56:50.0910 2984 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
19:56:50.0966 2984 W32Time - ok
19:56:50.0998 2984 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
19:56:51.0080 2984 WacomPen - ok
19:56:51.0107 2984 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
19:56:51.0137 2984 Wanarp - ok
19:56:51.0162 2984 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:56:51.0184 2984 Wanarpv6 - ok
19:56:51.0239 2984 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:56:51.0291 2984 wcncsvc - ok
19:56:51.0328 2984 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:56:51.0375 2984 WcsPlugInService - ok
19:56:51.0399 2984 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
19:56:51.0422 2984 Wd - ok
19:56:51.0527 2984 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:56:51.0600 2984 Wdf01000 - ok
19:56:51.0626 2984 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:56:51.0694 2984 WdiServiceHost - ok
19:56:51.0701 2984 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:56:51.0756 2984 WdiSystemHost - ok
19:56:51.0815 2984 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
19:56:51.0871 2984 WebClient - ok
19:56:51.0899 2984 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:56:51.0964 2984 Wecsvc - ok
19:56:51.0982 2984 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:56:52.0045 2984 wercplsupport - ok
19:56:52.0083 2984 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
19:56:52.0127 2984 WerSvc - ok
19:56:52.0228 2984 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
19:56:52.0263 2984 WinDefend - ok
19:56:52.0279 2984 WinHttpAutoProxySvc - ok
19:56:52.0384 2984 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:56:52.0426 2984 Winmgmt - ok
19:56:52.0498 2984 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
19:56:52.0669 2984 WinRM - ok
19:56:52.0799 2984 [ C828FE0F3E6996B53EADBC42C36BB04D ] WINZIPSSDiskOptimizer C:\Program Files\WinZip System Utilities Suite\WINZIPSSDefragSrv.exe
19:56:52.0830 2984 WINZIPSSDiskOptimizer - ok
19:56:52.0880 2984 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
19:56:52.0970 2984 Wlansvc - ok
19:56:53.0251 2984 [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:56:53.0360 2984 wlidsvc - ok
19:56:53.0403 2984 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:56:53.0433 2984 WmiAcpi - ok
19:56:53.0469 2984 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:56:53.0508 2984 wmiApSrv - ok
19:56:53.0580 2984 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
19:56:53.0655 2984 WMPNetworkSvc - ok
19:56:53.0747 2984 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:56:53.0795 2984 WPCSvc - ok
19:56:53.0844 2984 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:56:53.0904 2984 WPDBusEnum - ok
19:56:53.0933 2984 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
19:56:54.0000 2984 WpdUsb - ok
19:56:54.0079 2984 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
19:56:54.0123 2984 WPFFontCache_v0400 - ok
19:56:54.0147 2984 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:56:54.0194 2984 ws2ifsl - ok
19:56:54.0218 2984 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\system32\wscsvc.dll
19:56:54.0235 2984 wscsvc - ok
19:56:54.0242 2984 WSearch - ok
19:56:54.0371 2984 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
19:56:54.0474 2984 wuauserv - ok
19:56:54.0514 2984 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:56:54.0544 2984 WUDFRd - ok
19:56:54.0571 2984 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:56:54.0634 2984 wudfsvc - ok
19:56:54.0658 2984 [ AB2D77BF7222B007717ABB61B15F9AE2 ] X10Hid C:\Windows\system32\Drivers\x10hid.sys
19:56:54.0675 2984 X10Hid - ok
19:56:54.0797 2984 [ 5A0C788C5BC5F2C993CB60940ADCF95E ] x10nets C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
19:56:54.0803 2984 x10nets ( UnsignedFile.Multi.Generic ) - warning
19:56:54.0803 2984 x10nets - detected UnsignedFile.Multi.Generic (1)
19:56:54.0861 2984 [ ABC8BBEA8F643E200508C3A2A8E475A9 ] XENfiltv C:\Windows\system32\drivers\XENfiltv.sys
19:56:54.0884 2984 XENfiltv ( UnsignedFile.Multi.Generic ) - warning
19:56:54.0884 2984 XENfiltv - detected UnsignedFile.Multi.Generic (1)
19:56:54.0918 2984 [ 9EEA6D029FEF5F3016D089B1A603837D ] xnacc C:\Windows\system32\DRIVERS\xnacc.sys
19:56:54.0980 2984 xnacc - ok
19:56:55.0024 2984 [ A640C90B007762939507C28A021BE3B3 ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
19:56:55.0079 2984 xusb21 - ok
19:56:55.0193 2984 [ E745B9D5FE1FDA8A50913FDCC8FF9FDC ] yukonwlh C:\Windows\system32\DRIVERS\yk60x86.sys
19:56:55.0223 2984 yukonwlh - ok
19:56:55.0238 2984 ================ Scan global ===============================
19:56:55.0329 2984 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
19:56:55.0364 2984 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
19:56:55.0391 2984 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
19:56:55.0478 2984 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
19:56:55.0491 2984 [Global] - ok
19:56:55.0492 2984 ================ Scan MBR ==================================
19:56:55.0545 2984 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
19:56:56.0196 2984 \Device\Harddisk0\DR0 - ok
19:56:56.0213 2984 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk1\DR1
19:56:56.0291 2984 \Device\Harddisk1\DR1 - ok
19:56:56.0292 2984 ================ Scan VBR ==================================
19:56:56.0296 2984 [ 2967FC66E4C112EF76700AE5B5283543 ] \Device\Harddisk0\DR0\Partition1
19:56:56.0299 2984 \Device\Harddisk0\DR0\Partition1 - ok
19:56:56.0330 2984 [ AD4C07341174E882F188C156DA349070 ] \Device\Harddisk1\DR1\Partition1
19:56:56.0343 2984 \Device\Harddisk1\DR1\Partition1 - ok
19:56:56.0344 2984 ============================================================
19:56:56.0344 2984 Scan finished
19:56:56.0344 2984 ============================================================
19:56:56.0369 3908 Detected object count: 8
19:56:56.0369 3908 Actual detected object count: 8
19:57:57.0167 3908 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:57.0167 3908 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:57.0170 3908 CTAudSvcService ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:57.0170 3908 CTAudSvcService ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:57.0174 3908 DFU ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:57.0174 3908 DFU ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:57.0179 3908 ezSharedSvc ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:57.0179 3908 ezSharedSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:57.0187 3908 pfc ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:57.0188 3908 pfc ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:57.0192 3908 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:57.0192 3908 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:57.0198 3908 x10nets ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:57.0198 3908 x10nets ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:57.0201 3908 XENfiltv ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:57.0202 3908 XENfiltv ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:58:03.0745 5740 Deinitialize success

OTL logfile created on: 21.11.2012 20:39:21 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jussi\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040B | Country: Suomi | Language: FIN | Date Format: d.M.yyyy

3,25 Gb Total Physical Memory | 1,74 Gb Available Physical Memory | 53,44% Memory free
6,69 Gb Paging File | 5,23 Gb Available in Paging File | 78,21% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 584,17 Gb Total Space | 155,83 Gb Free Space | 26,68% Space Free | Partition Type: NTFS
Drive D: | 596,17 Gb Total Space | 106,29 Gb Free Space | 17,83% Space Free | Partition Type: NTFS
Drive I: | 7,91 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: JUSSI-PC | User Name: Jussi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.11.21 02:14:27 | 000,916,960 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012.11.20 17:42:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jussi\Desktop\OTL.exe
PRC - [2012.10.03 00:20:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012.10.02 21:29:14 | 000,864,616 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2012.10.02 21:28:55 | 001,820,520 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2012.10.02 12:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012.09.29 09:04:15 | 000,296,096 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2012.09.12 17:25:24 | 000,287,824 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\NisSrv.exe
PRC - [2012.09.12 17:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2012.09.12 17:19:44 | 000,947,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2012.09.05 09:25:52 | 000,267,704 | ---- | M] (WinZip Computing, S.L. (WinZip Computing)) -- C:\Program Files\WinZip System Utilities Suite\WINZIPSSDefragSrv.exe
PRC - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.10.07 11:40:42 | 001,387,288 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPointP\SetPoint.exe
PRC - [2011.09.27 21:05:24 | 000,149,784 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
PRC - [2011.09.23 03:30:04 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
PRC - [2010.01.27 16:14:10 | 000,286,720 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2001.11.12 13:31:48 | 000,020,480 | ---- | M] (X10) -- C:\Program Files\Common Files\X10\Common\X10nets.exe

========== Modules (No Company Name) ==========

MOD - [2012.11.21 02:13:44 | 002,400,224 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012.05.30 19:06:48 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012.05.30 19:06:30 | 001,242,512 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012.05.25 23:44:40 | 002,903,888 | -HS- | M] () -- \\?\C:\ProgramData\Microsoft\PlayReady\Cache\S-1-5-21-625289935-3182868809-2741512627-1000\MSPRindiv02.key
MOD - [2011.10.07 11:41:16 | 000,879,896 | ---- | M] () -- C:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll

========== Services (SafeList) ==========

SRV - [2012.11.21 02:14:25 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.11.05 01:25:24 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.10.24 13:53:27 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.10.03 00:20:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.10.02 12:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012.09.12 17:25:24 | 000,287,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2012.09.12 17:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012.09.05 09:25:52 | 000,267,704 | ---- | M] (WinZip Computing, S.L. (WinZip Computing)) [Auto | Running] -- C:\Program Files\WinZip System Utilities Suite\WINZIPSSDefragSrv.exe -- (WINZIPSSDiskOptimizer)
SRV - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.07.20 09:11:00 | 000,131,912 | ---- | M] (Desura Pty Ltd) [On_Demand | Stopped] -- C:\Program Files\Common Files\Desura\desura_service.exe -- (Desura Install Service)
SRV - [2012.01.20 15:52:04 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2011.09.27 21:03:28 | 000,295,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2011.09.23 03:30:04 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2011.06.13 21:09:22 | 000,267,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe -- (MatSvc)
SRV - [2010.01.27 16:14:10 | 000,286,720 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2008.02.03 12:00:00 | 000,129,992 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\System32\ezsvc7.dll -- (ezSharedSvc)
SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2001.11.12 13:31:48 | 000,020,480 | ---- | M] (X10) [Auto | Running] -- C:\Program Files\Common Files\X10\Common\X10nets.exe -- (x10nets)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Jussi\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2012.10.03 00:20:00 | 010,837,352 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2012.08.30 22:03:50 | 000,099,272 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2012.05.21 04:09:00 | 000,181,432 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2012.05.21 04:09:00 | 000,080,824 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2012.02.14 19:05:50 | 000,012,288 | ---- | M] (Philips PTCL) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MassDfu.sys -- (DFU)
DRV - [2011.09.23 03:29:51 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011.09.23 03:29:51 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2011.09.02 08:31:28 | 000,039,192 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2011.09.02 08:31:28 | 000,030,360 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2011.09.02 08:31:20 | 000,041,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2011.01.18 17:16:46 | 000,197,224 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2010.09.22 12:00:10 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2010.09.22 10:36:11 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2010.07.12 10:55:39 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\System32\drivers\Lbd.sys -- (Lbd)
DRV - [2010.06.30 18:01:04 | 000,011,832 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\amdide.sys -- (amdide)
DRV - [2010.06.03 10:33:54 | 001,596,672 | ---- | M] (Hauppauge Computer Works) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HCW85BDA.sys -- (HCW85BDA)
DRV - [2009.07.31 10:39:58 | 000,017,920 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\XENfiltv.sys -- (XENfiltv)
DRV - [2008.08.14 08:48:22 | 000,017,408 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\skfiltv.sys -- (skfiltv)
DRV - [2008.04.28 09:26:42 | 000,014,352 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie)
DRV - [2007.07.23 09:56:58 | 000,042,624 | ---- | M] (Ideazon Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Alpham1.sys -- (Alpham1)
DRV - [2007.06.29 14:47:34 | 000,034,304 | ---- | M] (AMD, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AmdLLD.sys -- (AmdLLD)
DRV - [2007.03.20 11:49:52 | 000,018,432 | ---- | M] (Ideazon Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Alpham2.sys -- (Alpham2)
DRV - [2006.11.17 09:31:04 | 000,013,976 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\x10hid.sys -- (X10Hid)
DRV - [2006.03.29 07:49:26 | 000,009,856 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\pfc.sys -- (pfc)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.pack...media_a6500_ncd
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...ng}&rlz=1I7ACPW

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.eset.com/...online-scanner/
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6454E83C-02FB-4BA5-969E-C1A616DDE186}: "URL" = http://search.yahoo....p={SearchTerms}
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...ng}&rlz=1I7ACPW
IE - HKCU\..\SearchScopes\{D6FC6DE7-6E20-4DD0-96B4-702A3517D535}: "URL" = http://www.google.co...ie7&rlz=1I7ACPW
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.newhorizonwow.com/"
FF - prefs.js..extensions.enabledAddons: DivXWebPlayer%40divx.com:2.0.2.039
FF - prefs.js..extensions.enabledAddons: tinyurl.addon%40fast-chat.co.uk:2.6.1
FF - prefs.js..extensions.enabledAddons: %7B19503e42-ca3c-4c27-b1e2-9cdb2170ee34%7D:1.4.8.6
FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.1
FF - prefs.js..extensions.enabledAddons: %7B987311C6-B504-4aa2-90BF-60CC49808D42%7D:2.2
FF - prefs.js..extensions.enabledAddons: %7B0153E448-190B-4987-BDE1-F256CADA672F%7D:15.0.6
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.12
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll File not found
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@fancyguo.com/FancyGame,version=1.0.0.1: C:\Users\Jussi\AppData\Local\Fancy\npfancygame.dll (Beijing FancyGuo Tech Ltd)
FF - HKCU\Software\MozillaPlugins\@onlive.com/OnLiveGameClientDetector,version=1.0.0: File not found
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Jussi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.11.12 20:08:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.11.12 20:08:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0153E448-190B-4987-BDE1-F256CADA672F}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.11.12 20:08:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.11.21 02:14:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.11.21 02:13:33 | 000,000,000 | ---D | M]

[2009.02.22 18:15:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jussi\AppData\Roaming\mozilla\Extensions
[2012.11.21 20:33:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jussi\AppData\Roaming\mozilla\Firefox\Profiles\w7a81fei.default\extensions
[2011.03.11 20:41:52 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\Jussi\AppData\Roaming\mozilla\Firefox\Profiles\w7a81fei.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}(198)
[2012.10.03 15:37:55 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Jussi\AppData\Roaming\mozilla\Firefox\Profiles\w7a81fei.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2012.11.21 20:33:32 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Jussi\AppData\Roaming\mozilla\Firefox\Profiles\w7a81fei.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011.03.12 19:02:53 | 000,000,000 | ---D | M] (Element Hiding Helper for Adblock Plus) -- C:\Users\Jussi\AppData\Roaming\mozilla\Firefox\Profiles\w7a81fei.default\extensions\elemhidehelper@adblockplus(197).org
[2012.05.18 23:48:18 | 000,000,000 | ---D | M] (United States English Spellchecker) -- C:\Users\Jussi\AppData\Roaming\mozilla\Firefox\Profiles\w7a81fei.default\extensions\[email protected]
[2012.05.12 11:59:50 | 000,550,833 | ---- | M] () (No name found) -- C:\Users\Jussi\AppData\Roaming\mozilla\firefox\profiles\w7a81fei.default\extensions\[email protected]
[2012.11.12 20:10:59 | 000,090,868 | ---- | M] () (No name found) -- C:\Users\Jussi\AppData\Roaming\mozilla\firefox\profiles\w7a81fei.default\extensions\[email protected]
[2012.11.09 18:05:28 | 000,342,379 | ---- | M] () (No name found) -- C:\Users\Jussi\AppData\Roaming\mozilla\firefox\profiles\w7a81fei.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
[2012.11.14 17:37:23 | 000,530,679 | ---- | M] () (No name found) -- C:\Users\Jussi\AppData\Roaming\mozilla\firefox\profiles\w7a81fei.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2011.06.24 21:37:33 | 000,022,573 | ---- | M] () (No name found) -- C:\Users\Jussi\AppData\Roaming\mozilla\firefox\profiles\w7a81fei.default\extensions\{987311C6-B504-4aa2-90BF-60CC49808D42}.xpi
[2012.11.21 20:19:19 | 000,804,737 | ---- | M] () (No name found) -- C:\Users\Jussi\AppData\Roaming\mozilla\firefox\profiles\w7a81fei.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.01.21 19:33:48 | 000,138,614 | ---- | M] () (No name found) -- C:\Users\Jussi\AppData\Roaming\mozilla\firefox\profiles\w7a81fei.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
[2012.11.21 02:13:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.11.12 20:08:46 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
[2012.11.21 02:14:27 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2009.03.31 21:47:26 | 000,324,976 | ---- | M] (Symantec Corporation) -- C:\Program Files\mozilla firefox\components\coFFPlgn.dll
[2012.09.29 09:04:40 | 000,129,176 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll
[2012.10.13 04:27:05 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.11.21 02:13:42 | 000,002,275 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bookplus-fi.xml
[2011.03.05 08:38:32 | 000,001,069 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons-fi.xml
[2012.11.21 02:13:42 | 000,001,185 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-fi.xml
[2011.03.05 08:38:32 | 000,002,677 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\huuto-fi.xml
[2010.08.09 09:04:46 | 000,002,036 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2012.11.21 02:13:42 | 000,001,396 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fi.xml
[2012.11.21 02:13:42 | 000,001,313 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-fi.xml

O1 HOSTS File: ([2012.11.21 07:39:41 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll File not found
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [VolPanel] C:\Program Files\Creative\USB Headsets\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.9.2)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creat...13/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2)
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} http://ccfiles.creat...015/CTSUEng.cab (Creative Software AutoUpdate 2)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creat...10926/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{57D29552-3B29-4A65-8D61-D4E458B114ED}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{57D29552-3B29-4A65-8D61-D4E458B114ED}: NameServer = 208.67.222.222,208.67.220.220
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img31.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img31.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (sasnative32)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
NetSvcs: ezSharedSvc - C:\Windows\System32\ezsvc7.dll (EasyBits Sofware AS)

MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE - (WinZip Computing, S.L.)
MsConfig - StartUpReg: amd_dc_opt - hkey= - key= - C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
MsConfig - StartUpReg: IntelliPoint - hkey= - key= - C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig - State: "startup" - 2
MsConfig - State: "services" - 2

SafeBootMin: !SASCORE - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE (SUPERAntiSpyware.com)
SafeBootMin: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: MsMpSvc - c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: !SASCORE - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE (SUPERAntiSpyware.com)
SafeBootNet: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: MsMpSvc - c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {1897C549-AE52-4571-8996-44854F5612B2} - Microsoft .NET Framework 1.1 Security Update (KB2656370)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.3
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 10.3
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {78028BE9-3B2E-46E9-B588-BB9AEE0F4088} - .NET Framework
ActiveX: {781D2C2E-08E0-7DC7-A07B-BB503FF1F221} - Adobe Shockwave Director 10.3
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {7E6CE855-927C-4BED-8718-D474B2928912} - Microsoft Windows Media Player
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {8F736E10-8E5C-4399-A532-D0C00A406227} - Microsoft .NET Framework 1.1 Security Update (KB2698023)
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\Windows\System32\ir32_32.dll (Intel® Corporation)
Drivers32: vidc.iv32 - C:\Windows\System32\ir32_32.dll (Intel® Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012.11.21 20:30:07 | 000,000,000 | ---D | C] -- C:\Users\Public\Desktop\CC Support
[2012.11.21 17:23:35 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Jussi\Desktop\tdsskiller.exe
[2012.11.21 07:43:03 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012.11.21 07:43:00 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012.11.21 07:43:00 | 000,000,000 | ---D | C] -- C:\Users\Jussi\AppData\Local\temp
[2012.11.21 07:20:25 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012.11.21 07:20:25 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012.11.21 07:20:25 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012.11.21 07:20:17 | 000,000,000 | ---D | C] -- C:\ComboFix
[2012.11.21 07:20:13 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012.11.21 07:18:54 | 005,004,421 | R--- | C] (Swearware) -- C:\Users\Jussi\Desktop\ComboFix.exe
[2012.11.21 02:13:31 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012.11.20 19:00:48 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Users\Jussi\Desktop\aswMBR.exe
[2012.11.20 18:48:15 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.11.20 17:42:25 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Jussi\Desktop\OTL.exe
[2012.11.17 15:11:57 | 000,000,000 | ---D | C] -- C:\Users\Jussi\AppData\Roaming\QuikIO
[2012.11.14 17:03:15 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2012.11.14 16:55:07 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.11.14 16:55:05 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.11.14 16:55:04 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012.11.14 16:55:04 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012.11.14 16:55:04 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.11.14 16:55:01 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012.11.14 16:55:01 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.11.14 16:54:58 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.11.14 16:53:40 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\synceng.dll
[2012.11.14 16:53:17 | 002,047,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.11.05 01:27:37 | 000,000,000 | ---D | C] -- C:\Users\Jussi\Documents\Puzzle Kingdoms
[2012.11.03 12:18:25 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012.11.02 07:17:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spectromancer
[2012.10.25 03:12:26 | 000,094,208 | ---- | C] (Apple Inc.) -- C:\Windows\System32\QuickTimeVR.qtx
[2012.10.25 03:12:26 | 000,069,632 | ---- | C] (Apple Inc.) -- C:\Windows\System32\QuickTime.qts
[2012.10.23 17:31:15 | 000,000,000 | ---D | C] -- C:\Users\Jussi\Documents\Giana Sisters - Twisted Dreams
[2012.09.07 14:59:32 | 045,859,364 | ---- | C] (Caravel Games ) -- C:\Users\Jussi\DRODGatEBDemoSetup.exe
[2012.08.26 15:08:27 | 007,207,866 | ---- | C] (FreeDownloadManager.ORG ) -- C:\Users\Jussi\fdminst.exe
[2012.08.23 22:24:57 | 093,554,411 | ---- | C] (Big Robot ) -- C:\Users\Jussi\Avseq-PC-Demo-Installer.exe
[2012.08.13 14:59:40 | 697,745,063 | ---- | C] (The Game Bakers ) -- C:\Users\Jussi\Squids.3.exe
[2012.07.13 21:05:17 | 002,873,423 | ---- | C] (GOG.com ) -- C:\Users\Jussi\setup_chronicles_of_riddick_1.0.0.8.exe
[2012.07.10 06:50:56 | 051,144,230 | ---- | C] (1C Company. ) -- C:\Users\Jussi\Crossworlds_1.0.0.1.exe
[2012.06.28 16:53:59 | 282,924,627 | ---- | C] (Wadjet Eye Games ) -- C:\Users\Jussi\ResonanceDemo.exe
[2012.06.25 00:20:14 | 139,078,965 | ---- | C] (Bit Barons GmbH ) -- C:\Users\Jussi\Astroslugs_101_BB_WIN_DEMO.exe
[2012.06.22 00:29:40 | 176,458,670 | ---- | C] (Ilikescifi Games ) -- C:\Users\Jussi\Pitiri_1977.exe
[2012.06.20 02:26:52 | 128,986,720 | ---- | C] (12 Angry Devs ) -- C:\Users\Jussi\OfLightAndShadow.exe
[2012.06.17 12:32:39 | 077,251,480 | ---- | C] (Apple Inc.) -- C:\Users\Jussi\iTunesSetup.exe
[2012.06.12 22:26:17 | 006,677,264 | ---- | C] (Adobe Systems Inc.) -- C:\Users\Jussi\Shockwave_Installer_Slim.exe
[2012.06.12 22:16:23 | 000,893,936 | ---- | C] (Oracle Corporation) -- C:\Users\Jussi\jre-7u5-windows-i586-iftw.exe
[2012.06.05 18:12:11 | 018,002,040 | ---- | C] (Dropbox, Inc.) -- C:\Users\Jussi\Dropbox 1.4.7.exe
[2012.06.03 22:59:43 | 004,518,496 | ---- | C] (www.orbitdownloader.com ) -- C:\Users\Jussi\orbitdownloader.exe
[2012.06.01 23:39:08 | 094,154,804 | ---- | C] (Wadjet Eye Games ) -- C:\Users\Jussi\Shivah_setup.exe
[2012.06.01 23:38:59 | 176,238,278 | ---- | C] (Jonas Kyratzes ) -- C:\Users\Jussi\TSWCE_upd.exe
[2012.05.29 19:27:32 | 053,944,298 | ---- | C] (Psydra Games LLC ) -- C:\Users\Jussi\DarkScavenger-Setup.exe
[2012.03.01 18:25:35 | 084,810,526 | ---- | C] (ChaosForge ) -- C:\Users\Jussi\doomrl-0996.exe
[2012.03.01 00:58:32 | 001,188,400 | ---- | C] (OnLive) -- C:\Users\Jussi\OnLive_Setup.exe
[2012.02.28 01:01:07 | 003,968,384 | ---- | C] (AVG Technologies) -- C:\Users\Jussi\avg_free_stb_all_2012_1913_cnet.exe
[2012.02.25 22:41:14 | 010,625,632 | ---- | C] (Opera Software ASA) -- C:\Users\Jussi\Opera_1161_int_Setup.exe
[2011.12.01 00:03:25 | 001,940,992 | ---- | C] (Valve Corporation) -- C:\Users\Jussi\Steam Fix - Installer Errors.exe
[2011.08.19 16:20:47 | 000,909,600 | ---- | C] (Sun Microsystems, Inc.) -- C:\Users\Jussi\jre-6u26-windows-i586-iftw.exe
[2011.08.09 14:15:08 | 000,587,632 | ---- | C] (Unity Technologies ApS) -- C:\Users\Jussi\UnityWebPlayer.exe
[2011.07.11 01:22:07 | 000,204,168 | ---- | C] (Microsoft Corporation) -- C:\Users\Jussi\directx_9c_eulas.exe
[2011.06.26 06:30:28 | 012,989,728 | ---- | C] (Adobe Systems Inc.) -- C:\Users\Jussi\AdobeAIRInstaller.exe
[2011.05.25 08:19:31 | 003,194,296 | ---- | C] (Javacool Software LLC ) -- C:\Users\Jussi\spywareblastersetup44.exe
[2011.04.26 17:09:17 | 515,324,790 | ---- | C] (Acresso Software Inc. ) -- C:\Users\Jussi\BattleSlots_DDL.exe
[2011.04.02 01:40:27 | 385,858,752 | ---- | C] (Telltale Games) -- C:\Users\Jussi\bttf_101_setup.exe
[2011.03.22 09:47:54 | 042,669,043 | ---- | C] (Soldak Entertainment, Inc. ) -- C:\Users\Jussi\DCDemonWar1022.exe
[2011.03.22 09:47:24 | 154,496,930 | ---- | C] (Soldak Entertainment, Inc. ) -- C:\Users\Jussi\DinsCurse1022.exe
[2010.11.09 23:58:52 | 100,273,008 | ---- | C] (Microsoft Corporation) -- C:\Users\Jussi\directx_Jun2010_redist.exe
[2010.11.05 12:43:14 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Users\Jussi\dxwebsetup.exe
[2010.10.30 07:49:50 | 298,064,035 | ---- | C] (Basilisk Games ) -- C:\Users\Jussi\eb2_setup.exe
[2010.10.22 10:26:14 | 000,101,832 | ---- | C] (SUPERAntiSpyware.com) -- C:\Users\Jussi\SASUNINST.EXE
[2010.10.16 15:57:46 | 042,153,457 | ---- | C] (Youdagames) -- C:\Users\Jussi\GovernorOfPoker_Download.exe
[2010.10.13 00:17:01 | 000,471,432 | ---- | C] (SpeedyFox) -- C:\Users\Jussi\speedyfox.exe
[2010.10.10 03:26:53 | 002,476,317 | ---- | C] (SmartMelon Games ) -- C:\Users\Jussi\PeepersInstaller10.exe
[2010.10.09 16:27:00 | 007,522,055 | ---- | C] (SmartMelon Games ) -- C:\Users\Jussi\TangleBeeInstaller102.exe
[2010.10.04 20:12:28 | 463,772,608 | ---- | C] (Telltale Games) -- C:\Users\Jussi\SamMax302_PC_Setup.exe
[2010.09.24 14:58:21 | 014,709,624 | ---- | C] (Microsoft Corporation) -- C:\Users\Jussi\IPx86_1033_8.0.225.0.exe
[2010.08.15 22:46:01 | 038,958,968 | ---- | C] (Apple Inc.) -- C:\Users\Jussi\QuickTimeInstaller.exe
[2010.02.28 17:57:05 | 016,409,960 | ---- | C] (Safer Networking Limited ) -- C:\Users\Jussi\spybotsd162.exe
[2009.11.16 23:54:58 | 008,241,600 | ---- | C] (Vuze Inc.) -- C:\Users\Jussi\Vuze_Installer.exe

========== Files - Modified Within 30 Days ==========

[2012.11.21 20:59:04 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.11.21 20:46:05 | 000,142,848 | ---- | M] () -- C:\Users\Jussi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.11.21 20:32:08 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.11.21 20:32:08 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.11.21 20:32:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.11.21 20:29:49 | 004,009,167 | ---- | M] () -- C:\Users\Jussi\Desktop\ServicesRepair.exe
[2012.11.21 19:59:01 | 000,000,869 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.11.21 17:23:36 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Jussi\Desktop\tdsskiller.exe
[2012.11.21 07:39:41 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012.11.21 07:18:55 | 005,004,421 | R--- | M] (Swearware) -- C:\Users\Jussi\Desktop\ComboFix.exe
[2012.11.21 07:17:36 | 000,000,512 | ---- | M] () -- C:\Users\Jussi\Desktop\MBR.dat
[2012.11.20 19:01:31 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Users\Jussi\Desktop\aswMBR.exe
[2012.11.20 17:42:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jussi\Desktop\OTL.exe
[2012.11.18 11:34:52 | 000,001,024 | ---- | M] () -- C:\.rnd
[2012.11.17 14:27:51 | 000,000,739 | ---- | M] () -- C:\Users\Jussi\Desktop\GetNZB.lnk
[2012.11.14 17:20:04 | 000,258,952 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.11.14 17:10:35 | 000,641,362 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.11.14 17:10:35 | 000,491,218 | ---- | M] () -- C:\Windows\System32\perfh00B.dat
[2012.11.14 17:10:35 | 000,123,142 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.11.14 17:10:35 | 000,107,648 | ---- | M] () -- C:\Windows\System32\perfc00B.dat
[2012.11.12 20:18:38 | 000,000,178 | ---- | M] () -- C:\Users\Jussi\Desktop\Thomas Was Alone.url
[2012.11.06 17:47:49 | 000,000,202 | ---- | M] () -- C:\Users\Jussi\Desktop\XCOM Enemy Unknown.url
[2012.11.05 01:25:23 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.11.05 01:25:22 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.11.03 12:19:09 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012.11.01 22:06:52 | 000,000,175 | ---- | M] () -- C:\Users\Jussi\Desktop\Hotline Miami.url
[2012.11.01 21:45:49 | 000,000,202 | ---- | M] () -- C:\Users\Jussi\Desktop\Cargo Commander.url
[2012.11.01 14:31:22 | 000,002,066 | ---- | M] () -- C:\Users\Jussi\Application Data\Microsoft\Internet Explorer\Quick Launch\WinZip System Utilities Suite.lnk
[2012.10.30 16:12:35 | 000,000,202 | ---- | M] () -- C:\Users\Jussi\Desktop\[bleep] Yeah!.url
[2012.10.25 03:12:26 | 000,094,208 | ---- | M] (Apple Inc.) -- C:\Windows\System32\QuickTimeVR.qtx
[2012.10.25 03:12:26 | 000,069,632 | ---- | M] (Apple Inc.) -- C:\Windows\System32\QuickTime.qts
[2012.10.23 16:56:56 | 000,000,202 | ---- | M] () -- C:\Users\Jussi\Desktop\Giana Sisters Twisted Dreams.url

========== Files Created - No Company Name ==========

[2012.11.21 20:29:45 | 004,009,167 | ---- | C] () -- C:\Users\Jussi\Desktop\ServicesRepair.exe
[2012.11.21 07:20:25 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012.11.21 07:20:25 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012.11.21 07:20:25 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012.11.21 07:20:25 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012.11.21 07:20:25 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012.11.21 07:17:36 | 000,000,512 | ---- | C] () -- C:\Users\Jussi\Desktop\MBR.dat
[2012.11.17 15:12:07 | 000,001,024 | ---- | C] () -- C:\.rnd
[2012.11.17 14:27:51 | 000,000,739 | ---- | C] () -- C:\Users\Jussi\Desktop\GetNZB.lnk
[2012.11.12 20:18:38 | 000,000,178 | ---- | C] () -- C:\Users\Jussi\Desktop\Thomas Was Alone.url
[2012.11.06 17:47:49 | 000,000,202 | ---- | C] () -- C:\Users\Jussi\Desktop\XCOM Enemy Unknown.url
[2012.11.03 12:19:02 | 000,001,789 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012.11.01 22:06:52 | 000,000,175 | ---- | C] () -- C:\Users\Jussi\Desktop\Hotline Miami.url
[2012.11.01 21:45:49 | 000,000,202 | ---- | C] () -- C:\Users\Jussi\Desktop\Cargo Commander.url
[2012.10.30 16:12:35 | 000,000,202 | ---- | C] () -- C:\Users\Jussi\Desktop\[bleep] Yeah!.url
[2012.10.23 16:56:56 | 000,000,202 | ---- | C] () -- C:\Users\Jussi\Desktop\Giana Sisters Twisted Dreams.url
[2012.09.15 16:02:19 | 006,725,632 | ---- | C] () -- C:\Users\Jussi\PathOfExileInstaller.msi
[2012.09.08 12:16:45 | 000,027,520 | ---- | C] () -- C:\Users\Jussi\AppData\Local\dt.dat
[2012.08.09 16:14:08 | 110,333,502 | ---- | C] () -- C:\Users\Jussi\ROCKMAN - INSTALL.exe
[2012.08.02 15:16:24 | 079,554,734 | ---- | C] () -- C:\Users\Jussi\UTO_Alpha1.zip
[2012.08.01 19:49:46 | 031,571,529 | ---- | C] () -- C:\Users\Jussi\avirusnamedtom-soundtrack-1343772960.zip
[2012.07.31 12:09:42 | 000,009,147 | ---- | C] () -- C:\Users\Jussi\receipt.asp.htm
[2012.07.13 21:06:29 | 1337,519,253 | ---- | C] () -- C:\Users\Jussi\setup_chronicles_of_riddick_1.0.0.8-4.bin
[2012.07.13 21:06:22 | 2100,000,000 | ---- | C] () -- C:\Users\Jussi\setup_chronicles_of_riddick_1.0.0.8-3.bin
[2012.07.13 21:06:15 | 2100,000,000 | ---- | C] () -- C:\Users\Jussi\setup_chronicles_of_riddick_1.0.0.8-2.bin
[2012.07.13 21:06:00 | 2097,126,656 | ---- | C] () -- C:\Users\Jussi\setup_chronicles_of_riddick_1.0.0.8-1.bin
[2012.07.10 09:53:24 | 178,649,868 | ---- | C] () -- C:\Users\Jussi\AURAL01-Mark_Morgan_-_Vault_Archives.zip
[2012.07.10 06:02:02 | 000,290,825 | ---- | C] () -- C:\Users\Jussi\Download King's Bounty- Armored Princess.exe
[2012.07.10 05:43:38 | 000,290,825 | ---- | C] () -- C:\Users\Jussi\Download King's Bounty Crossworlds.exe
[2012.07.09 01:18:56 | 010,012,564 | ---- | C] () -- C:\Users\Jussi\spelunky_1_1.zip
[2012.07.05 20:28:17 | 000,021,494 | ---- | C] () -- C:\Users\Jussi\0x0409.ini
[2012.07.05 20:28:10 | 092,161,024 | ---- | C] () -- C:\Users\Jussi\Samsung Kies.msi
[2012.06.22 00:49:08 | 000,000,572 | ---- | C] () -- C:\Users\Jussi\save_pitiri.sav
[2012.06.04 05:09:13 | 000,290,825 | ---- | C] () -- C:\Users\Jussi\Download UFO- Afterlight.exe
[2012.06.04 03:35:49 | 000,290,825 | ---- | C] () -- C:\Users\Jussi\Download UFO- Aftermath.exe
[2012.05.30 16:57:10 | 136,028,368 | ---- | C] () -- C:\Users\Jussi\Dead_Pixels_Installer.msi
[2012.05.21 03:10:27 | 1261,963,178 | ---- | C] () -- C:\Users\Jussi\fifa11_pc_demo_EU.zip
[2012.05.05 06:24:31 | 000,618,997 | ---- | C] () -- C:\Users\Jussi\srdiag.zip
[2012.05.05 01:23:48 | 004,431,941 | ---- | C] () -- C:\Users\Jussi\install-getnzb.zip
[2012.04.29 05:23:24 | 298,042,692 | ---- | C] () -- C:\Users\Jussi\eb2_setup_v105.zip
[2012.04.25 22:33:30 | 000,000,115 | ---- | C] () -- C:\Windows\MORDOR.INI
[2012.04.15 14:43:52 | 128,074,260 | ---- | C] () -- C:\Users\Jussi\t-engine4-windows-1.0.0beta38.zip
[2012.04.11 19:02:59 | 483,918,688 | ---- | C] () -- C:\Users\Jussi\grimrock-rc6-1.1.3-installer.zip
[2012.04.06 03:56:15 | 030,412,800 | ---- | C] () -- C:\Users\Jussi\PhysX-9.12.0213-SystemSoftware.msi
[2012.04.04 05:33:14 | 090,416,115 | ---- | C] () -- C:\Users\Jussi\LoneSurvivor-PC.zip
[2012.04.04 04:47:48 | 053,646,743 | ---- | C] () -- C:\Users\Jussi\OffspringFlingWIN.zip
[2012.04.04 03:49:00 | 299,348,632 | ---- | C] () -- C:\Users\Jussi\Alec Holowka - Aquaria- Original Soundtrack.zip
[2012.03.28 02:14:14 | 022,136,950 | ---- | C] () -- C:\Users\Jussi\legend_of_grimrock_preorder_goodies.zip
[2012.03.07 16:47:55 | 031,126,033 | ---- | C] () -- C:\Users\Jussi\6305_Vista_Win7_PG537.zip
[2012.02.28 21:35:14 | 027,705,697 | ---- | C] () -- C:\Users\Jussi\Auditorium_Win32.zip
[2012.02.25 16:13:55 | 026,789,758 | ---- | C] () -- C:\Users\Jussi\PitmanPC-1.4.zip
[2012.02.24 02:21:17 | 008,487,235 | ---- | C] () -- C:\Users\Jussi\Towns_0.40.2_Windows.zip
[2012.02.24 02:21:07 | 064,674,792 | ---- | C] () -- C:\Users\Jussi\wyv_and_keep.1.zip
[2012.02.23 02:16:26 | 022,586,860 | ---- | C] () -- C:\Users\Jussi\bin_UberCatacombSnatch.1.4.1.jar
[2012.02.20 22:00:50 | 008,961,024 | ---- | C] () -- C:\Users\Jussi\Pitman.exe
[2012.02.13 21:54:09 | 019,985,410 | ---- | C] () -- C:\Users\Jussi\HackSlashLoot.zip
[2012.02.09 23:30:36 | 017,549,370 | ---- | C] () -- C:\Users\Jussi\KOYA_RIFT_1_03.zip
[2012.01.31 16:02:34 | 000,223,608 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT
[2012.01.20 15:55:36 | 000,025,262 | ---- | C] () -- C:\Windows\System32\xfisk.ini
[2012.01.20 15:55:36 | 000,000,052 | ---- | C] () -- C:\Windows\System32\ctzapxx.ini
[2012.01.20 15:55:29 | 000,001,209 | ---- | C] () -- C:\Windows\skSPcfg.ini
[2012.01.20 15:55:29 | 000,000,381 | ---- | C] () -- C:\Windows\skMCcfg.ini
[2012.01.20 15:55:11 | 000,128,512 | ---- | C] () -- C:\Windows\System32\APOMngr.DLL
[2012.01.20 15:55:11 | 000,069,120 | ---- | C] () -- C:\Windows\System32\CmdRtr.DLL
[2012.01.16 09:01:02 | 304,836,097 | ---- | C] () -- C:\Users\Jussi\BattleAcademy-patch-170.zip
[2011.12.06 05:57:47 | 000,280,036 | ---- | C] () -- C:\Users\Jussi\bookmarks-2011-12-06.json
[2011.11.30 23:27:26 | 001,606,656 | ---- | C] () -- C:\Users\Jussi\SteamInstall.msi
[2011.11.29 22:51:08 | 078,554,624 | ---- | C] () -- C:\Users\Jussi\Fractal Installer.msi
[2011.11.22 09:18:47 | 000,080,896 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2011.11.10 17:33:49 | 000,752,963 | ---- | C] () -- C:\Users\Jussi\my-little-pony-friendship-is-magic-brony-canon-versus-fanon.gif
[2011.10.26 04:27:15 | 000,001,940 | ---- | C] () -- C:\Users\Jussi\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2011.10.06 23:50:16 | 152,216,625 | ---- | C] () -- C:\Users\Jussi\trauma.zip
[2011.10.03 19:39:06 | 000,000,059 | ---- | C] () -- C:\Windows\RUNAWAY2.INI
[2011.09.28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011.09.10 17:46:49 | 012,685,945 | ---- | C] () -- C:\Users\Jussi\PGForever100.zip
[2011.08.30 11:38:52 | 000,012,067 | ---- | C] () -- C:\Users\Jussi\VENDINFO.DIZ
[2011.08.30 11:38:52 | 000,000,412 | ---- | C] () -- C:\Users\Jussi\READ_ME.BAT
[2011.08.30 11:38:52 | 000,000,306 | ---- | C] () -- C:\Users\Jussi\FILE_ID.DIZ
[2011.08.30 11:38:52 | 000,000,171 | ---- | C] () -- C:\Users\Jussi\READ_ME.1ST
[2011.08.30 11:38:52 | 000,000,038 | ---- | C] () -- C:\Users\Jussi\DESC.SDI
[2011.08.22 21:36:21 | 000,002,977 | ---- | C] () -- C:\Users\Jussi\merchant.mvc.htm
[2011.08.16 17:18:02 | 000,032,288 | ---- | C] () -- C:\Windows\System32\xfiXEN.ini
[2011.08.09 21:43:59 | 109,761,764 | ---- | C] () -- C:\Users\Jussi\Really Big Sky.zip
[2011.08.06 13:20:44 | 000,002,220 | ---- | C] () -- C:\Windows\System32\ASOROSet.bin
[2011.07.29 19:34:57 | 001,001,596 | ---- | C] () -- C:\Users\Jussi\Signet_Of_The_Loot_Whore.jpg
[2011.07.29 17:12:17 | 000,001,260 | ---- | C] () -- C:\Users\Jussi\form.php.htm
[2011.07.26 16:26:46 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2011.07.26 16:26:46 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2011.07.26 16:26:46 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2011.07.26 16:26:46 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2011.07.21 16:20:02 | 039,753,248 | ---- | C] () -- C:\Users\Jussi\allinone_358f.zip
[2011.07.20 02:55:36 | 000,000,200 | ---- | C] () -- C:\Users\Jussi\AppData\Roaming\Lucid_player_profiles_data.dat
[2011.07.20 02:55:36 | 000,000,008 | ---- | C] () -- C:\Users\Jussi\AppData\Roaming\Lucid_player_highscore.dat
[2011.07.05 09:20:20 | 000,002,903 | ---- | C] () -- C:\Users\Jussi\Checkout.htm
[2011.07.03 04:14:59 | 000,138,056 | ---- | C] () -- C:\Users\Jussi\AppData\Roaming\PnkBstrK.sys
[2011.07.03 04:14:23 | 002,434,856 | ---- | C] () -- C:\Windows\System32\pbsvc_bc2.exe
[2011.06.21 12:03:42 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
[2011.06.06 08:21:46 | 000,000,093 | ---- | C] () -- C:\Users\Jussi\AppData\Local\fusioncache.dat
[2011.05.25 04:25:39 | 000,000,906 | ---- | C] () -- C:\Users\Jussi\NetCash_1593.rtf
[2011.03.20 04:28:54 | 000,140,304 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2011.03.20 04:06:11 | 000,281,032 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2011.03.20 04:06:09 | 000,076,888 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2011.03.14 15:31:42 | 000,001,137 | ---- | C] () -- C:\Users\Jussi\On Air Finland.htm
[2011.03.11 13:10:37 | 000,030,118 | ---- | C] () -- C:\Users\Jussi\unnamed.htm
[2011.02.28 01:55:39 | 000,040,163 | ---- | C] () -- C:\Users\Jussi\Chat Window.htm
[2011.02.02 03:54:08 | 020,364,702 | ---- | C] () -- C:\Users\Jussi\vlc-1.1.7-win32.exe
[2011.01.24 06:15:07 | 235,409,572 | ---- | C] () -- C:\Users\Jussi\A.R.E.S.-Extinction-Agenda-v1113.zip
[2011.01.02 01:00:28 | 000,000,013 | ---- | C] () -- C:\Windows\popcinfo.dat
[2010.12.21 09:00:07 | 000,062,582 | ---- | C] () -- C:\Users\Jussi\MikauSPPack1177.cpak
[2010.12.03 02:28:28 | 235,092,516 | ---- | C] () -- C:\Users\Jussi\dB soundworks - Super Meat Boy! Soundtrack.zip
[2010.11.21 12:25:19 | 004,380,710 | ---- | C] () -- C:\Users\Jussi\DesktopDungeons_v015.zip
[2010.11.16 10:07:30 | 341,565,909 | ---- | C] () -- C:\Users\Jussi\setup_baldurs_gate_2-2.bin
[2010.11.16 10:07:16 | 2097,542,912 | ---- | C] () -- C:\Users\Jussi\setup_baldurs_gate_2-1.bin
[2010.11.13 02:20:01 | 000,003,893 | ---- | C] () -- C:\Users\Jussi\Profile0.xml
[2010.10.28 20:42:03 | 170,094,276 | ---- | C] () -- C:\Users\Jussi\setup_nwn_diamond-2.bin
[2010.10.28 20:41:44 | 2097,691,392 | ---- | C] () -- C:\Users\Jussi\setup_nwn_diamond-1.bin
[2010.09.23 16:30:51 | 211,368,999 | ---- | C] () -- C:\Users\Jussi\thepath_1.1.zip
[2010.09.17 14:47:53 | 029,400,319 | ---- | C] () -- C:\Users\Jussi\cfe_live.zip
[2010.08.02 17:52:19 | 000,026,340 | ---- | C] () -- C:\Users\Jussi\AppData\Roaming\UserTile.png
[2010.07.24 14:38:35 | 000,000,286 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010.06.09 03:36:56 | 004,162,456 | ---- | C] () -- C:\Users\Jussi\Spotify Installer.exe
[2010.02.27 17:35:42 | 016,769,650 | ---- | C] () -- C:\Users\Jussi\Rawr v2.3.11.zip
[2010.02.19 13:22:06 | 000,001,356 | ---- | C] () -- C:\Users\Jussi\AppData\Local\d3d9caps.dat
[2009.12.25 15:46:32 | 000,000,026 | ---- | C] () -- C:\Users\Jussi\gamepad.cfg
[2009.09.01 10:07:22 | 000,000,021 | ---- | C] () -- C:\Users\Jussi\settings.cfg
[2009.03.13 00:36:32 | 000,000,046 | ---- | C] () -- C:\Users\Jussi\keys.cfg
[2009.01.24 02:56:10 | 000,142,848 | ---- | C] () -- C:\Users\Jussi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2006.11.02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 08:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Custom Scans ==========

========== Drive Information ==========

Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: WDC WD6400AAKS-22A7B0 ATA Device
Partitions: 2
Status: OK
Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE1 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: WDC WD6400AAKS-22A7B0 ATA Device
Partitions: 1
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 12,00GB
Starting Offset: 32256
Hidden sectors: 0

DeviceID: Disk #0, Partition #1
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 584,00GB
Starting Offset: 12889013760
Hidden sectors: 0

DeviceID: Disk #1, Partition #0
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 596,00GB
Starting Offset: 1048576
Hidden sectors: 0

< %SYSTEMDRIVE%\*.exe >

< %systemroot%\assembly\GAC_32\*.ini >

< %systemroot%\assembly\GAC_64\*.ini >

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*.exe >

< %APPDATA%\*. >
[2012.01.04 23:22:57 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\.minecraft
[2010.12.14 23:46:19 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\2K Sports
[2012.04.08 04:59:55 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\3DeadZed
[2012.05.27 18:04:35 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\addpcs
[2011.08.26 07:58:51 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Adobe
[2012.08.17 20:59:05 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Apple Computer
[2012.07.14 00:23:50 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Atari
[2010.11.28 23:08:16 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Atlus
[2011.03.15 04:14:36 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\AtomZombieData
[2011.03.01 08:44:05 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\AtomZombieDemoData
[2012.02.21 19:35:58 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\AVG
[2012.09.29 08:54:29 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\AVG2013
[2012.06.02 20:59:58 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Azureus
[2010.11.07 22:20:44 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Basilisk Games
[2011.10.05 04:59:30 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Beat Hazard
[2012.01.18 09:49:47 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\BigHugeEngine
[2012.01.01 09:28:42 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Bioshock
[2011.12.24 01:15:15 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\bizarre creations
[2012.01.08 00:07:02 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Braid
[2012.03.17 12:59:59 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Brawsome
[2010.10.07 12:31:15 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Broken Rules
[2012.05.31 02:49:08 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Carbon
[2010.11.07 16:50:38 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Chime
[2011.02.26 05:35:35 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Cipher Prime
[2010.11.20 03:34:37 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Clones
[2010.11.19 00:10:06 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\ClonesDemo
[2011.05.27 00:01:00 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Cobra Mobile
[2011.07.23 23:27:59 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Codemasters
[2011.05.28 21:28:00 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Colibri Games
[2012.08.31 20:10:21 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\collection
[2012.02.29 08:59:38 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\com.cipherprime.auditorium
[2012.02.24 21:19:54 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\com.tametick.CardinalQuest
[2012.04.24 22:43:42 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\crawl
[2011.07.12 14:44:43 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Crayon Physics Deluxe
[2012.08.31 03:15:08 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\DarknessII
[2012.01.25 20:07:19 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\DarknessIIDemo
[2011.06.21 00:47:33 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\DarksporeData
[2012.01.22 22:56:44 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\DefendersQuest
[2010.11.27 19:50:25 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\DocClockGame
[2011.12.30 04:31:15 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Doublefine
[2011.08.21 16:15:48 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Downloaded Installations
[2012.06.12 13:58:09 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Dropbox
[2012.11.18 12:53:56 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\dvdcss
[2011.07.20 01:02:19 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Dwarfs
[2012.05.11 21:00:54 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Dynamite Jack
[2012.08.10 23:44:54 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Empty Clip Studios
[2011.07.27 00:44:51 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Endless Fluff Games
[2012.09.28 17:01:08 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\EtherVaporTrial
[2010.10.18 02:54:07 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Faerie Solitaire
[2012.10.17 20:45:59 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\FairyBloomReTrial
[2012.06.21 01:16:49 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\FatShark
[2012.02.28 19:10:29 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\fltk.org
[2010.12.23 20:11:16 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Fortix
[2011.07.10 05:40:15 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\fotw
[2011.02.26 05:35:33 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Fractal
[2010.09.22 10:37:36 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Games
[2011.07.10 16:26:27 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\GamesFaction
[2011.08.31 21:16:24 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Gatling Gears
[2009.01.23 16:17:31 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Google
[2012.04.02 01:46:13 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Greenshot
[2012.01.26 21:51:48 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\HackSlashLoot
[2011.08.31 22:50:12 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Hothead Games
[2009.01.24 02:06:27 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Ideazon
[2009.01.23 15:59:28 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Identities
[2010.10.21 07:11:58 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\InstallShield Installation Information
[2012.11.12 20:08:46 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\IrfanView
[2011.01.03 01:41:28 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\ITTNord
[2012.07.29 11:34:57 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Joymasher
[2011.03.10 20:25:18 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Kalypso Media
[2012.05.26 16:39:48 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\LaxiusForce
[2012.03.29 11:46:31 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Leadertech
[2011.10.19 20:37:05 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\LightFish
[2012.03.29 11:43:09 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Logishrd
[2012.03.29 11:46:36 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Logitech
[2011.06.25 06:29:27 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\LolClient
[2011.07.05 19:45:54 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Longbow Digital Arts
[2012.04.04 05:38:40 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\LS
[2010.09.19 11:25:19 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\LucasArts
[2009.01.23 16:18:40 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Macromedia
[2010.01.03 17:41:40 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Malwarebytes
[2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Media Center Programs
[2012.01.24 14:19:33 | 000,000,000 | --SD | M] -- C:\Users\Jussi\AppData\Roaming\Microsoft
[2011.10.14 23:08:57 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Might & Magic Heroes VI
[2011.08.22 23:19:31 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Might & Magic Heroes VI - Public Closed Beta
[2011.05.24 05:52:58 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\MinMaxGames
[2010.09.22 09:43:31 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Mount&Blade Warband
[2011.06.06 08:36:21 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Mozilla
[2010.09.29 20:36:02 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\My Games
[2011.07.02 05:46:41 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\NationRed
[2009.01.29 20:22:18 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Nero
[2011.03.02 01:39:43 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Nicalis
[2011.07.03 05:11:11 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Nifflas
[2010.04.29 18:29:37 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Nokia
[2012.01.31 05:28:38 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Nooskewl
[2011.07.11 01:44:46 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Nucleosys
[2011.08.13 19:27:21 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\NVIDIA
[2012.04.04 04:53:42 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\offspringfling
[2012.03.01 19:39:08 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\OnLive App
[2010.07.15 12:34:23 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\OpenDNS Updater
[2009.02.15 17:38:10 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\OpenOffice.org
[2010.04.07 02:27:11 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Opera
[2012.06.03 23:13:57 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Orbit
[2012.08.31 01:38:22 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Origin
[2009.01.26 16:30:04 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Packard Bell
[2010.04.29 17:05:21 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\PC Suite
[2010.08.02 17:52:19 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\PeerNetworking
[2011.06.20 02:30:30 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Peter Brinson and Kurosh ValaNejad
[2011.07.19 01:28:39 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\PlayFirst
[2010.11.26 12:35:07 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\PopCapv1002
[2012.06.03 23:01:28 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\ProgSense
[2011.03.20 04:06:00 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\PunkBuster
[2012.02.03 18:02:16 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Quest3D
[2012.11.18 12:14:20 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\QuikIO
[2011.12.06 06:17:21 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\RayV
[2010.11.03 15:15:19 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\ReactGames
[2012.02.21 05:15:09 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Real
[2012.02.21 05:18:45 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\RealNetworks
[2010.12.27 22:09:57 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Relentless Software
[2012.07.30 13:43:07 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\RenPy
[2011.07.11 19:39:25 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\RIFT
[2012.02.21 00:45:16 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\RotMG.Production
[2010.10.01 18:31:44 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\runic games
[2010.11.20 00:41:07 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Safer Networking
[2012.07.05 20:31:25 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Samsung
[2012.02.22 15:25:03 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Scoregasm
[2010.10.02 23:51:04 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\SecuROM
[2012.02.21 04:07:51 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\SinisterDesign.TelepathRPGServantsOfGod.9734F53159B682152B7C442264602A0CEA7C53C9.1
[2011.10.06 22:40:09 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Sports Interactive
[2010.09.27 20:23:00 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\SquareLogic
[2012.08.13 22:18:44 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Squids
[2010.06.20 08:11:35 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\SUPERAntiSpyware.com
[2009.01.23 16:00:12 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Symantec
[2011.01.12 22:16:54 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Systweak
[2012.05.11 14:15:24 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Temp
[2011.02.25 13:59:02 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\The Creative Assembly
[2010.09.24 18:14:29 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\The Path
[2012.06.03 09:38:25 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\The Sea Will Claim Everything
[2010.05.31 19:00:28 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Tific
[2011.07.07 18:35:49 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Tilted Mill
[2012.09.10 23:22:35 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\TinyAndBigGrandpasLeftovers
[2011.11.20 17:42:38 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\To the Moon - Freebird Games
[2011.09.28 10:07:58 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Total Eclipse
[2011.10.27 04:43:32 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Trine2
[2011.08.11 23:12:14 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Tropico 3 Demo
[2012.09.29 08:51:29 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\TuneUp Software
[2012.07.30 18:00:42 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Ubisoft
[2011.08.09 15:12:40 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Unity
[2012.01.11 17:53:51 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Unity of Command
[2012.11.12 20:08:46 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Ventrilo
[2012.01.02 19:33:44 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\VertexDispenser
[2012.11.18 18:17:10 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\vlc
[2010.02.10 03:57:48 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\vlc(833)
[2012.03.20 21:00:15 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Waveform
[2010.11.28 09:45:39 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Windows Live Writer
[2010.06.20 01:23:09 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\WinPatrol
[2010.12.18 00:13:10 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\WinterVoices
[2012.07.05 12:20:38 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\WinZip
[2010.11.22 04:45:09 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\WordPirate
[2012.09.16 03:09:39 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Worthless Bums
[2010.10.16 16:03:21 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\YoudaGames
[2010.09.28 07:15:20 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\Zen of Sudoku
[2011.08.16 03:22:36 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\ZenBound2
[2010.12.21 00:26:13 | 000,000,000 | ---D | M] -- C:\Users\Jussi\AppData\Roaming\ZombieDriver

< MD5 for: ATAPI.SYS >
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\ERDNT\cache\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys

< MD5 for: CSRSS.EXE >
[2008.01.21 04:24:54 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=ABCA209EBA02CB59233614DB83B4F50D -- C:\Windows\System32\csrss.exe
[2008.01.21 04:24:54 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=ABCA209EBA02CB59233614DB83B4F50D -- C:\Windows\winsxs\x86_microsoft-windows-csrss_31bf3856ad364e35_6.0.6001.18000_none_58e3e3d7e415ae4c\csrss.exe

< MD5 for: EXPLORER.EXE >
[2008.10.29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008.10.30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\ERDNT\cache\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008.10.28 04:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008.01.21 04:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: MSWSOCK.DLL >
[2009.04.11 08:28:22 | 000,223,232 | ---- | M] (Microsoft Corporation) MD5=8617350C9B590B63E620881092751BCB -- C:\Windows\ERDNT\cache\mswsock.dll
[2009.04.11 08:28:22 | 000,223,232 | ---- | M] (Microsoft Corporation) MD5=8617350C9B590B63E620881092751BCB -- C:\Windows\System32\mswsock.dll
[2009.04.11 08:28:22 | 000,223,232 | ---- | M] (Microsoft Corporation) MD5=8617350C9B590B63E620881092751BCB -- C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6002.18005_none_ba3ed0122a6d89da\mswsock.dll
[2008.01.21 04:24:02 | 000,223,232 | ---- | M] (Microsoft Corporation) MD5=89FD0595EEA4E505CABEFCF7008F2612 -- C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6001.18000_none_b85357062d4bbe8e\mswsock.dll

< MD5 for: NAPINSP.DLL >
[2008.01.21 04:24:29 | 000,050,176 | ---- | M] (Microsoft Corporation) MD5=FC62A635063B762E1C3C60EA77279378 -- C:\Windows\System32\NapiNSP.dll
[2008.01.21 04:24:29 | 000,050,176 | ---- | M] (Microsoft Corporation) MD5=FC62A635063B762E1C3C60EA77279378 -- C:\Windows\winsxs\x86_microsoft-windows-n..ider-infrastructure_31bf3856ad364e35_6.0.6001.18000_none_ac1d40c88f30e6c0\NapiNSP.dll

< MD5 for: NLAAPI.DLL >
[2008.01.21 04:23:44 | 000,048,128 | ---- | M] (Microsoft Corporation) MD5=D1A84F7D4CAFCFE2A32149FF418056E5 -- C:\Windows\System32\nlaapi.dll
[2008.01.21 04:23:44 | 000,048,128 | ---- | M] (Microsoft Corporation) MD5=D1A84F7D4CAFCFE2A32149FF418056E5 -- C:\Windows\winsxs\x86_microsoft-windows-nlasvc_31bf3856ad364e35_6.0.6001.18000_none_6785f5c70aea4565\nlaapi.dll

< MD5 for: PNRPNSP.DLL >
[2008.01.21 04:25:26 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=690D41DF1D555F96D4898A0F54EBA065 -- C:\Windows\System32\pnrpnsp.dll
[2008.01.21 04:25:26 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=690D41DF1D555F96D4898A0F54EBA065 -- C:\Windows\winsxs\x86_microsoft-windows-peertopeerpnrp_31bf3856ad364e35_6.0.6001.18000_none_717f15b322749509\pnrpnsp.dll

< MD5 for: SERVICES.EXE >
[2008.01.21 04:24:48 | 000,279,040 | ---- | M] (Microsoft Corporation) MD5=2B336AB6286D6C81FA02CBAB914E3C6C -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe
[2009.04.11 08:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\ERDNT\cache\services.exe
[2009.04.11 08:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\System32\services.exe
[2009.04.11 08:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe

< MD5 for: SVCHOST.EXE >
[2008.01.21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\ERDNT\cache\svchost.exe
[2008.01.21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008.01.21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
[2012.09.29 19:54:26 | 000,218,184 | ---- | M] () MD5=8846E87210AD131CF71E3E2E49F647B0 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe

< MD5 for: USERINIT.EXE >
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\ERDNT\cache\userinit.exe
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe

< MD5 for: WINLOGON.EXE >
[2012.09.29 19:54:26 | 000,218,184 | ---- | M] () MD5=8846E87210AD131CF71E3E2E49F647B0 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\ERDNT\cache\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< MD5 for: WINRNR.DLL >
[2009.04.11 08:28:25 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=C411C80F90D6732380352B98B37BBD53 -- C:\Windows\System32\winrnr.dll
[2009.04.11 08:28:25 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=C411C80F90D6732380352B98B37BBD53 -- C:\Windows\winsxs\x86_microsoft-windows-dns-client-winrnr_31bf3856ad364e35_6.0.6002.18005_none_5b39cbfb4d3802b6\winrnr.dll
[2006.11.02 11:46:14 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=FF78B8E67EDCE9FEED651D7858D77A04 -- C:\Windows\winsxs\x86_microsoft-windows-dns-client-winrnr_31bf3856ad364e35_6.0.6000.16386_none_571790f3532b2696\winrnr.dll

< MD5 for: WSHELPER.DLL >
[2006.11.02 11:46:14 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=20614C9F12A3A09A5015C9EBBD4419D2 -- C:\Windows\System32\wshelper.dll
[2006.11.02 11:46:14 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=20614C9F12A3A09A5015C9EBBD4419D2 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.0.6000.16386_none_024e4071fa6fea95\wshelper.dll

< %systemroot%\*. /mp /s >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012.11.21 02:13:41 | 000,890,616 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012.11.21 02:13:41 | 000,890,616 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012.11.21 02:13:41 | 000,890,616 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2012.11.21 02:14:27 | 000,916,960 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2012.11.21 02:14:27 | 000,916,960 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2012.11.21 02:14:27 | 000,916,960 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2011.04.06 16:30:05 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2011.04.06 16:30:05 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2011.04.06 16:30:05 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2012.10.08 10:37:24 | 000,748,704 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" [2012.10.08 10:37:24 | 000,748,704 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\ShowIconsCommand: "C:\Program Files\Opera\Opera.exe" /ShowIconsCommand [2012.07.07 18:53:39 | 000,874,384 | ---- | M] (Opera Software)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\HideIconsCommand: "C:\Program Files\Opera\Opera.exe" /HideIconsCommand [2012.07.07 18:53:39 | 000,874,384 | ---- | M] (Opera Software)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\ReinstallCommand: "C:\Program Files\Opera\Opera.exe" /ReInstallBrowser [2012.07.07 18:53:39 | 000,874,384 | ---- | M] (Opera Software)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\shell\open\command\\: "C:\Program Files\Opera\Opera.exe" [2012.07.07 18:53:39 | 000,874,384 | ---- | M] (Opera Software)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012.11.21 02:13:41 | 000,890,616 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012.11.21 02:13:41 | 000,890,616 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012.11.21 02:13:41 | 000,890,616 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2012.11.21 02:14:27 | 000,916,960 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2012.11.21 02:14:27 | 000,916,960 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2012.11.21 02:14:27 | 000,916,960 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2011.04.06 16:30:05 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2011.04.06 16:30:05 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2011.04.06 16:30:05 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2012.10.08 10:37:24 | 000,748,704 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" [2012.10.08 10:37:24 | 000,748,704 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\ShowIconsCommand: "C:\Program Files\Opera\Opera.exe" /ShowIconsCommand [2012.07.07 18:53:39 | 000,874,384 | ---- | M] (Opera Software)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\HideIconsCommand: "C:\Program Files\Opera\Opera.exe" /HideIconsCommand [2012.07.07 18:53:39 | 000,874,384 | ---- | M] (Opera Software)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\ReinstallCommand: "C:\Program Files\Opera\Opera.exe" /ReInstallBrowser [2012.07.07 18:53:39 | 000,874,384 | ---- | M] (Opera Software)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\shell\open\command\\: "C:\Program Files\Opera\Opera.exe" [2012.07.07 18:53:39 | 000,874,384 | ---- | M] (Opera Software)

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemdrive%\$Recycle.Bin|@;true;true;true /fp >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< End of report >

OTL Extras logfile created on: 21.11.2012 20:39:21 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jussi\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040B | Country: Suomi | Language: FIN | Date Format: d.M.yyyy

3,25 Gb Total Physical Memory | 1,74 Gb Available Physical Memory | 53,44% Memory free
6,69 Gb Paging File | 5,23 Gb Available in Paging File | 78,21% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 584,17 Gb Total Space | 155,83 Gb Free Space | 26,68% Space Free | Partition Type: NTFS
Drive D: | 596,17 Gb Total Space | 106,29 Gb Free Space | 17,83% Space Free | Partition Type: NTFS
Drive I: | 7,91 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: JUSSI-PC | User Name: Jussi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (All) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = ComFile] -- "%1" %*
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\System32\mshta.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
.inf [@ = inffile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\system32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 1
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{37FEA6B6-7C33-4849-9588-AA9DAB5ADAD5}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{3D3383A8-349D-4820-A55A-E981C79D1F83}" = lport=137 | protocol=17 | dir=in | app=system |
"{49E2B7E6-FD4F-49AF-9920-25749AC349DB}" = lport=445 | protocol=6 | dir=in | app=system |
"{4B6D43B2-662C-448E-A683-FE08CA226584}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{893AB75F-768A-4BF9-979F-639B158DFABC}" = rport=139 | protocol=6 | dir=out | app=system |
"{982653B4-A45F-487E-ABF5-82D72FFD953F}" = rport=137 | protocol=17 | dir=out | app=system |
"{A3030AB9-55AE-49BC-9849-B4F5A80BF47B}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe |
"{AF78FFC9-A203-4279-9B2A-025CFF98FA5D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B9743559-9944-472B-8F87-9C795A6FE3D9}" = lport=138 | protocol=17 | dir=in | app=system |
"{CE289D20-E187-4FAD-AF56-94910352FC3F}" = lport=139 | protocol=6 | dir=in | app=system |
"{EADC784A-18C1-4044-A4B2-054C70C31568}" = rport=138 | protocol=17 | dir=out | app=system |
"{F8F7C3A0-1E9F-49B2-963E-0F42C9E4EFFD}" = rport=445 | protocol=6 | dir=out | app=system |
"{FC206065-3699-437E-9B49-615EC99A3055}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01F99CB9-7352-4102-9E5A-0001AE3CC8B3}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\crazy machines elements\cmelements.exe |
"{022A2694-269C-497E-9BD8-438A359C8B76}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\warlock - master of the arcane\support\ino_co_com.url |
"{02C1D935-8CD5-4891-B6F7-78F7E6722E63}" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"{04D4F880-33A9-4466-9BA0-C05BE09DCBD8}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{058166A5-FAD2-42FA-9BA5-D385BFD8ABBC}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\snapshot\snapshot.exe |
"{05CF33B1-C217-40FF-8623-F2658C9A6CA0}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\trackmania united\tmforeverlauncher.exe |
"{06088F95-EAE3-4EBA-8D31-6E365770BEF5}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\serioussamdoubled\ssgame.exe |
"{06230291-1D48-4288-B459-1D86A0AB24F5}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\shadowgrounds\shadowgroundslauncher.exe |
"{06F0F974-2689-4C92-8CE4-4329E0E8CBB5}" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"{09451AA9-F6A5-4D1F-871E-CEDEA7C34099}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{0997AF07-676E-4855-8680-DAADCFC2D680}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\warp\binaries\win32\warp.exe |
"{0B91B305-D853-4078-9AB7-F0835D33CAD8}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\the binding of isaac\isaac.exe |
"{0BD577AD-D5CD-4F2E-B761-1377CF265960}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\the binding of isaac\binding_of_isaac.exe |
"{0D352E8F-8EB8-420B-B6E1-8A00AB8ED5CA}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\heroes of might and magic 5\bin\h5_game.exe |
"{0E6943BA-3C95-4537-BA64-E093F2A79574}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\alan wakes american nightmare\alan_wakes_american_nightmare.exe |
"{0EC90726-6C27-4F67-A989-B23800A39DEE}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\trackmania united\tmforeverlauncher.exe |
"{0FB7C2A2-1AF1-40DD-844F-64BA3508EE61}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\bulletstorm\binaries\win32\shippingpc-stormgame.exe |
"{1061C21E-47AD-4560-BF70-0B30350EEBCE}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{1097B19B-827F-4C73-94FF-F2F798A3114A}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\orcs must die 2\build\release\orcsmustdie2.exe |
"{10ECA357-6665-4B2A-875A-5E83DA8A9859}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.649\agent.exe |
"{118C6874-6C9D-4B09-9A5C-3D099506FD7E}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe |
"{11F1BDA8-0BDD-468E-A7CF-F05752E31ACD}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\valvetestapp207490\rayman origins.exe |
"{15030993-8E81-49E2-A7B6-D6C5FD2EF794}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\nation red\nationred.exe |
"{15C9BF21-28C9-4B21-80A7-E9988E6F3B43}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\max payne\maxpayne.exe |
"{15D99AB5-2E70-4B8B-ADE8-4E6E9447C5E9}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\everyday genius squarelogic\squarelogic.exe |
"{16E39936-846D-488E-AE34-6EA84070D2C0}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\vessel\vessel.exe |
"{17145E1C-366A-455C-BF95-11B39D5309DE}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\alan wakes american nightmare\alan_wakes_american_nightmare.exe |
"{178B1D7F-DDCB-4150-B924-02228A8A09A6}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{180F94DE-EBFF-4738-ABC4-9B732FB0B22D}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\torchlight\torchlight.exe |
"{1A4E6F38-00BB-41B9-A2C6-1D52438DF1D5}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\galactic civilizations ii - ultimate edition\twilight\gc2twilightofthearnor.exe |
"{1A6AF816-60D3-4DA6-87BE-0F539301CF4D}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\magic the gathering dotp 2012\magic_2012.exe |
"{1AD1EBD2-A2F5-4412-AC7E-DCF9D8845F34}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\fallout new vegas\falloutnvlauncher.exe |
"{1B70C099-EBBF-423D-ACC8-983D0EB2F181}" = protocol=17 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{1BA79805-434B-45A4-8B93-CB3A4D3302F2}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\saints row the third\saintsrowthethird_dx11.exe |
"{1C0B042D-90E5-40D9-AD06-7269ED4ED539}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\frozen synapse\frozensynapse.exe |
"{1C41D501-C4A7-431A-A92F-D00376D3E3BB}" = protocol=1 | dir=out | [email protected],-28544 |
"{1C55DE2A-F337-422B-A510-2A752A1131A4}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\sonic generations\sonicgenerations.exe |
"{1CC2CADB-2C04-4B99-9A99-90B5AC19D67F}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\torchlight\torchlight.exe |
"{1CDA28C8-79F9-4EE4-9B1D-E3869E548416}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\bastion\bastion.exe |
"{1D13218B-C2C0-44E5-8469-DC35F0721E28}" = protocol=17 | dir=in | app=c:\users\jussi\appdata\local\temp\7zs1e2b.tmp\symnrt.exe |
"{23B8768F-9B02-4AE6-ABEC-139F15E187BC}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\flyn demo\source\flyn.exe |
"{23BB6140-B3EC-4F0B-944B-31D593A29E13}" = protocol=17 | dir=in | app=c:\program files\origin games\mass effect\binaries\masseffect.exe |
"{2572F649-F945-46D4-90DC-B9C34FDE888B}" = protocol=17 | dir=in | app=c:\program files\opera\pluginwrapper\opera_plugin_wrapper.exe |
"{25AFED2D-C453-46AC-BD16-4C36841B48B0}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\legend of grimrock\grimrock.exe |
"{25B78E41-783A-4C62-BBFA-8646250B1D34}" = protocol=6 | dir=in | app=c:\program files\diablo iii\diablo iii.exe |
"{260B476E-096E-4309-B9EE-3A49A2BF5276}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.649\agent.exe |
"{262C3ED0-AF79-4D6E-AAA9-3F6B55EBD0BB}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\bastion\bastion.exe |
"{2634C0CF-5291-4314-9B10-B0CA5207AC66}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\gemini rue\reslists\gemini rue.exe |
"{26A5ECB5-8C51-43F1-9C24-90A00F321C74}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\dead island\deadislandgame.exe |
"{2780D9DC-78C1-46C8-9943-581D9EC9B357}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\[bleep] yeah\hellyeah.exe |
"{280EF69D-C767-4915-975D-5F75032C09CA}" = protocol=6 | dir=in | app=c:\program files\spotify\spotify.exe |
"{282FAD02-B599-4FA3-A359-8505A602F026}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1199\agent.exe |
"{28DBFC51-B347-412F-AA1C-8005223CC251}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\deus ex - human revolution\dxhr.exe |
"{2A64AED3-17FF-47D6-8A43-3DEBCAEEA1AF}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\cthulhu saves the world\cstw.exe |
"{2AEA434F-78E9-41AF-A044-918FE26E1554}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\giana sisters twisted dreams\launcher\gslauncher.exe |
"{2B725B14-5799-4D18-8E86-ACD5B49C8BC7}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\everyday genius squarelogic\squarelogic.exe |
"{2D3C3404-E441-40BD-A747-739364615B79}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\legend of grimrock\grimrock.exe |
"{2DDE5869-8CBE-4EDA-A1EF-F0D3BA781535}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\ftl faster than light\ftlgame.exe |
"{2E915973-470E-4335-96EA-B69A6F8E5570}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\shadowgrounds\shadowgrounds.exe |
"{2ED8DE07-097B-4917-AC82-DBE6B67B4E3E}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\warlock - master of the arcane\support\ino_co_com.url |
"{2F107526-9F5A-40FE-8037-F6121564D93E}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\waves\binaries\win32\waves.exe |
"{2F5C98B4-A358-49DB-9E56-3904CCC528FB}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\dead island\deadislandgame.exe |
"{2FBE3505-4A0E-4FF3-8162-A94BD59A4C1A}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\avadon the black fortress\avadon.exe |
"{2FDC4297-D9D1-47AC-BE06-859882F6CB93}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\warlock - master of the arcane\game.exe |
"{2FE32BCF-7C78-4A6E-BA32-79797F3619EA}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{31F9433B-5507-4949-974D-2D7405AC3673}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\mountblade warband\mb_warband.exe |
"{3262138C-643B-4C7E-BCC5-D09CFD71F20D}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\trackmania united\tmforever.exe |
"{32FAE2F7-6D5E-4D5A-8067-D43C2609698D}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\the walking dead\walkingdead101.exe |
"{33095C52-D0D2-4394-8DA5-A8A25C92F302}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{33225007-E5CA-4672-9DB9-67B91FB4CBDE}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\bulletstorm\binaries\win32\shippingpc-stormgame.exe |
"{33579DFB-FE23-4F13-9027-CDA0887F0F6C}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\alan wake\alanwake.exe |
"{341513B4-93F0-47A2-83A5-0C084848E87B}" = protocol=58 | dir=in | [email protected],-28545 |
"{3459C153-44A3-428F-B177-4DBC3DE36FCA}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{347CD397-DA93-42E8-9404-9CEFCAE66200}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\penumbra black plague\redist\requiem.exe |
"{34AC9443-6B7C-4171-8564-9B11D24DD4D8}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\broken sword shadow of the templars\bs1dc.exe |
"{34CE5737-057E-4600-B6C6-E88C57792F82}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe |
"{351FE69C-8F50-4CAB-842A-934B1A565B8A}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\gundeadligne\gundeadligne.exe |
"{366643E4-005B-4E3F-AC70-2FFCADD5D1F8}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\warhammer 40,000 space marine\spacemarine.exe |
"{37BB3D31-D122-4FDE-B6FE-37A2ABE64194}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\penumbra black plague\redist\penumbra.exe |
"{38287C98-5BDB-451C-908E-39D38A7DADA6}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\mark_of_the_ninja\bin\game.exe |
"{39991D24-B11D-4DFC-ADC0-82F42E88966A}" = protocol=6 | dir=in | app=c:\program files\origin games\dragon age\bin_ship\daupdatersvc.service.exe |
"{39C57185-C64D-40C8-AA4A-3F4B854438F3}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\syberia\game.exe |
"{3C7CF48E-F322-4390-8F2E-60560BA55603}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\heroes of might and magic 5\bin\h5_game.exe |
"{3CF2977B-4CB3-4716-BEE1-3F4DD777C7A7}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\risen\bin\risen.exe |
"{3D0CAC94-4F3E-4E7B-BB04-4470CBA9EFD8}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\saints row the third\game_launcher.exe |
"{3EA804C3-46E3-44A3-A310-DD91E0F1FB27}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\avernum 4\avernum 4.exe |
"{3F9AB103-F3CD-4296-A802-481F8F948A0A}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\beat hazard\runme.exe |
"{3FB43834-BD63-41FD-98DA-59CF46BD4F0C}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\grotesque tactics 2\x86_installer\grotesquetactics.exe |
"{401C6512-72DB-497C-AA49-800CB0905EB7}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\ftl faster than light\ftlgame.exe |
"{4066C7F5-06BC-4E83-8F30-A9A8DED4CAF3}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\steelstorm\steelstorm.exe |
"{4104B144-F23C-4EC2-81E8-552CF5E2A388}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\warlock - master of the arcane\support\game.url |
"{4176DE9E-994B-40B9-812C-7802D11FC4AF}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\closure\closure.exe |
"{42081475-6D0F-4F24-9BC9-FE29C5427708}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\dead island\deadislandgame.exe |
"{43268129-6B8F-45DA-A6F2-84868C8980F0}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\avernum escape from the pit\avernum.exe |
"{4392C5C6-40FC-4FB2-98C9-F1699EEF45E0}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\heroes of might and magic 5\bina1\testapp.exe |
"{43C56390-4F6F-4E16-AF23-40B0AAD934E8}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\serioussamdoubled\ssgame.exe |
"{43E53454-CDC6-48E0-849F-7BB8D7D581D5}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\serious sam hd the first encounter\bin\samhd_demo.exe |
"{4413AC1F-206F-47C7-9259-244E782EF377}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\space pirates and zombies\spazgame.exe |
"{4464AE24-AC36-465C-823E-748C2CB80510}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\gundemonium recollection\gundemonium.exe |
"{447CCF12-2569-4594-A1BE-6ED7EA6FABC2}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\hardreset\hardreset.exe |
"{4612BC66-AA8F-4CC6-BCB0-6F8E2678FE57}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\luxor evolved\luxor_ev_x86.exe |
"{47D12FE9-6D7A-47DE-9364-A32AC3EF2CF6}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\galactic civilizations ii - ultimate edition\twilight\gc2twilightofthearnor.exe |
"{48291ECF-B503-482A-9C25-754E41AB8B58}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\renegade ops\renegadeops.exe |
"{485160BE-2E5E-493A-A2C3-4909D4D0D2E7}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe |
"{487D3352-4D78-4F59-BA70-44C24C2B87FA}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{48D24847-1FF3-41B5-BC0A-BEC0C4D69603}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\warlock - master of the arcane\support\paradox.url |
"{49DE4974-8FB8-4975-A030-B7B1370C7025}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\space pirates and zombies\spazgame.exe |
"{4AD4EF5F-75CE-475D-AD32-5D8A85DEB67E}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\xcom-enemy-unknown\binaries\win32\xcomgame.exe |
"{4AEA1A77-C24F-40EB-9E08-77DD18D8BE6C}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\thomaswasalone\thomaswasalone.exe |
"{4B5059B0-4EEF-497E-BFFD-74FB0354FD96}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\dungeons of dredmor\dungeons of dredmor.exe |
"{4BC65AE7-AEBA-4C6F-A94B-A9705635BEF5}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\insanely twisted shadow planet\fcengine-gfwl.exe |
"{4C7ABBFF-D40D-4BBB-BE08-284E83ABD040}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\magic the gathering dotp 2012\magic_2012.exe |
"{4CAC9965-D3FC-4F48-B5C7-AAD4ED7D14D2}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\hotline_miami\hotlinemiami.exe |
"{4D082080-DFAF-4248-A5F2-EB9A3C2CBE93}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\botanicula\botanicula.exe |
"{4D2B35A3-5CE9-4C6A-A1D7-675D4115F77E}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\darksiders\darksiderspc.exe |
"{509FD87E-DBC8-412E-9058-2D52AF19F014}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\rochard\rochard.exe |
"{527A84F4-5C90-4375-B387-B1A1ECF070FF}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\syberia\game.exe |
"{528576C7-963A-4C33-9676-95BD512B4F67}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\divinity ii - the dragon knight saga demo\bin\divinity2.exe |
"{52922BB8-D248-403B-8FA2-7386F50DFB43}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\sonic generations\configurationtool.exe |
"{52C224C7-733A-4A9B-924D-1E1A785B7856}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\heroes of might and magic 5\bina1\testapp.exe |
"{52D0B1AF-2E2E-4069-A526-6E69AE386E59}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\everyday genius squarelogic\squarelogic.exe |
"{54034D25-11E4-440E-BCB6-EB62F116A078}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\fantasy wars\fw.exe |
"{5404BAD6-136D-4B62-86CA-BD0C80789ED1}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\dead space 2\deadspace2.exe |
"{547756AD-77AD-4959-9E74-23E994962A8E}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\thomaswasalone\thomaswasalone.exe |
"{557AAA6B-9DA6-49EC-8961-96EB8E2A8663}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\symphony\symphony.exe |
"{55823215-F372-4E86-A589-61058D18504D}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\luxor evolved\luxor_ev_x86.exe |
"{56152658-B0D4-4442-9D7D-65AF832CF30B}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\the binding of isaac\binding_of_isaac.exe |
"{57323EAE-CCF7-4CF5-9AF7-0C41910CB5B8}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\gemini rue\reslists\gemini rue.exe |
"{576459F8-9165-486E-B1CD-CE2CBB40CF09}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\rochard\rochard.exe |
"{57BE380C-D7DF-411A-9803-2BBE72EB320E}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\nation red\nationred.exe |
"{57E0CFBF-9BE5-48F9-8219-3C74C3955DF3}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\avadon the black fortress\avadon.exe |
"{5845439D-F84E-43C7-9925-73A3714C1A45}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{5858CEBF-BBC5-4A3A-B2D1-9379732CC143}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\warlock - master of the arcane demo\support\ino_co_com.url |
"{5869DFD9-75F2-4D59-9728-C7C5EA367482}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\syberia\game.exe |
"{5870547C-C4AA-4913-9998-3DF439D29164}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{588D314E-04D7-4622-A052-610D90540CF4}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\symphony\symphony.exe |
"{5A23525F-2EA2-477C-97B3-448507FFAB5C}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\fallout new vegas\falloutnvlauncher.exe |
"{5B0EB350-1E4D-49EB-A73E-36646B1F2A01}" = protocol=6 | dir=in | app=c:\users\jussi\appdata\local\temp\7zs9d29.tmp\symnrt.exe |
"{5B74DEC3-A2BF-48E6-AAB4-006F2A74B108}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\dungeons of dredmor\dungeons of dredmor.exe |
"{5BD689CB-6F89-4C1E-B875-28EAFF7B1282}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\vampire the masquerade - bloodlines\vampire.exe |
"{5CE8AFB5-2AE6-468E-AFA1-938F769EE5DD}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\avadon the black fortress\avadon.exe |
"{5D71A09A-DA43-4C27-9D6A-DAF69FF5C487}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{5E8F207E-6CB4-4DA8-BE9A-C596437B19AB}" = protocol=17 | dir=in | app=c:\users\jussi\appdata\roaming\dropbox\bin\dropbox.exe |
"{5EA7AD40-7A42-4C4A-931F-A0CE007AFCA9}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\neverwinter nights 2\nwn2toolsetlauncher.exe |
"{5F913AA4-7E42-45F2-877D-5E472BE76B69}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\avadon the black fortress\avadon.exe |
"{5F9151D4-F4CB-4F01-B787-9DD4B011280E}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\renegade ops\renegadeops.exe |
"{61048296-3B03-4571-8DB3-8911741A885E}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\neverwinter nights 2\nwn2toolsetlauncher.exe |
"{61F899FF-737E-44F6-93DB-2995EA1E6A74}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\space rangers 2 reboot\rangers.exe |
"{625D5B27-9C7E-493B-BAEC-698E1D5FBB08}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\gundemonium recollection\gundemonium.exe |
"{63574239-AEF6-4134-A6B7-30658A58C413}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1225\agent.exe |
"{650505B9-8352-41C8-B2DB-7A83BBBDD896}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\still life\game.exe |
"{65DC0F02-D5AA-4199-80EE-8C6613161E3E}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\torchlight ii\torchlight2.exe |
"{67D0EBAF-75AD-4867-AB64-E714049354E3}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\recettear\custom.exe |
"{68593051-B1B5-49C5-996F-E6E2C2AF817A}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\sonic generations\sonicgenerations.exe |
"{68CB5A8A-155B-4FE8-93DD-A81A3CBB7ECD}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\waves\binaries\win32\waves.exe |
"{693D5AD1-147C-4AB9-BB8E-607DA4B5A7A3}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\they bleed pixels\they bleed pixels pc.exe |
"{699FA350-3352-4BAE-BE24-990C2148FE1D}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\divinity ii - dragon knight saga\bin\divinity2.exe |
"{6A7554B1-ABAA-4CA0-9FBD-0B2E588A54F6}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\heroes of might and magic 5\bin\h5_game.exe |
"{6A7742B0-065E-4CFD-92A3-9AC52AF86ED5}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\gundemonium recollection\gundemonium.exe |
"{6ABB96EC-FC83-4AE1-96B9-1743EDE52764}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\grotesque tactics 2\x86_installer\grotesquetactics.exe |
"{6AD0EE05-134B-4495-8219-2D8D2E4E33A2}" = protocol=6 | dir=in | app=c:\program files\origin games\mass effect\binaries\masseffect.exe |
"{6B0B4CF1-7BEB-40BD-A71A-5672BB0C196F}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\macguffin\macguffin.exe |
"{6C0F049B-EFB9-483C-A472-80BDC46F6406}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\zombie driver\release\zombiedriver.exe |
"{6C5B9A8D-85C7-40C2-99DE-03954E372467}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\heroes of might and magic 5\bin\h5_game.exe |
"{6DA2F482-7193-4944-AD88-160D209761B5}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\precipice of darkness 3\rainslick3.exe |
"{6E809637-A763-41BB-8C2D-E389E8DC6C45}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\spectromancer\spectromancer.exe |
"{704DA731-93C8-498A-AC33-DE6EFDCB6B83}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\avernum 4\avernum 4.exe |
"{70A08673-2D84-4DE1-8625-1216CFF87DCC}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\painkiller black edition\bin\painkiller.exe |
"{7237F116-7741-4CFF-AA26-6BB7601BE4FA}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\penumbra black plague\redist\penumbra.exe |
"{725DA4EE-1F4E-434A-8AEC-1F7B55A885F5}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{7326A06E-95D9-4DEE-B551-736F56AFC06F}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\mountblade warband\mb_warband.exe |
"{73631586-A23A-469B-8AD6-DF26F7AEB418}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\saints row the third\saintsrowthethird.exe |
"{73887A88-C575-4E84-B0B7-F84A9E484FF9}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\risen\bin\risen.exe |
"{74116181-6F9A-4BAF-9B9A-F21AB66C166D}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe |
"{756775F4-C9CC-4BA1-93F8-4167FC9BE0B5}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\section 8 prejudice\s9.exe |
"{75B8B94E-6153-4612-A504-21021F63BF22}" = protocol=17 | dir=in | app=c:\users\jussi\appdata\local\temp\7zs9d29.tmp\symnrt.exe |
"{76810ECB-7540-4196-B6C4-4B86E9E87D04}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\alien zombie megadeath\alienzombiemegadeath.exe |
"{76988B6E-BE5D-4948-A5DC-94619A61A615}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\dead space 2\support\ea help\electronic_arts_technical_support.htm |
"{76CB0218-530F-4334-8BB8-45ABAFBE14CE}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\serious sam hd the first encounter\bin\samhd_demo.exe |
"{7795563E-F6C0-4E84-AFDD-4B67F1519B98}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\everyday genius squarelogic\squarelogic.exe |
"{77BBB9DA-4587-4703-ACCC-CF9A4325C94A}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\steelstorm\steelstorm.exe |
"{77D6D34F-69E4-4B9D-8C01-986DACB2026B}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\kungfustrike\kungfustrike.exe |
"{77F1B8BB-8BAB-42A1-B73B-F574514D2E6A}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\warlock - master of the arcane demo\support\game.url |
"{78ACA983-C37C-4CD8-A4BE-03F607EC32AF}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\fantasy wars\fw.exe |
"{78BD5953-6536-4681-AFF2-EB63D7AE13FD}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{79236A7D-13A8-45E0-B038-1F6EAAA920A3}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\valvetestapp207490\rayman origins.exe |
"{79D95A8D-35A0-47BC-BB96-7B65D612B275}" = protocol=6 | dir=in | app=c:\users\jussi\appdata\local\temp\7zs1e2b.tmp\symnrt.exe |
"{79F1EF66-7482-4DF8-AA59-1D5E6AD34319}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\dead island\deadislandgame.exe |
"{7A6BA0A9-8A5D-420E-996D-39CE0AA42A47}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\the book of unwritten tales\bout.exe |
"{7BC557C2-16BE-4C86-BAE8-05D03D206689}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\recettear\recettear.exe |
"{7C7E0F4C-F051-4D59-A129-09BC33E11CD6}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\warhammer 40,000 space marine\spacemarine.exe |
"{7CADE980-834A-4C6B-9538-4017F4BFFDBD}" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\launcher.exe |
"{7D11F3B7-E450-4A41-BC4F-6CEE70E62DDA}" = protocol=17 | dir=in | app=c:\program files\origin games\dragon age\bin_ship\daupdatersvc.service.exe |
"{7E44803D-4AEB-4F61-B6CC-180416CF47A5}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\gundeadligne\gundeadligne.exe |
"{7E93E07F-E103-4D61-8147-473DCC29101B}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\hardreset\hardreset.exe |
"{80081A63-045C-4F88-8074-AD998714D630}" = dir=in | app=c:\program files\quikio\bin\quikiostreamer.exe |
"{820CB045-4EBB-44AA-BE1A-25228217E182}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\trine 2\trine2_launcher.exe |
"{82323A75-9952-4343-AD12-61636A12B03D}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\a valley without wind\avww.exe |
"{82C59B4E-1FF5-4A24-AD13-147943B50825}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\botanicula\botanicula.exe |
"{82F163CE-A073-4DB7-9DEA-7D6263B9450A}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\warlock - master of the arcane demo\support\paradox.url |
"{840EF98B-7AE1-430D-9AF2-A5635C1A7941}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\vessel\vessel.exe |
"{8479FFFA-B7EE-45C7-8E08-0B40363E8D19}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\painkiller black edition\bin\painkiller.exe |
"{84E2A5F5-C83B-4EB8-A5AD-1C5CA34071A5}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\warlock - master of the arcane demo\support\game.url |
"{84EBC703-54C2-4130-B47D-637255DCE914}" = protocol=6 | dir=in | app=c:\program files\opera\pluginwrapper\opera_plugin_wrapper.exe |
"{85942431-9F86-4EC1-8592-017C1210CEA8}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\xcom-enemy-unknown\binaries\win32\xcomgame.exe |
"{85FC98B7-0A4E-425E-8713-4248796759D4}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe |
"{8610C1BD-D8B0-4FFF-8583-7FDC74ED922A}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\penumbra black plague\redist\penumbra.exe |
"{863CE76A-57B9-4AE4-8037-2512D650D623}" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"{86D6590E-E85C-4389-9D97-2710548163F4}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\stalker shadow of chernobyl\bin\xr_3da.exe |
"{876D8EB0-B8D1-4C62-98EE-F6DECD0C9DC6}" = protocol=17 | dir=in | app=c:\program files\dna\btdna.exe |
"{88064B43-78FE-4674-9572-2696B93AEA08}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\dawn of war ii - retribution\dow2.exe |
"{88EB4AFA-4BCE-4075-A829-6B909663E781}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\nyxquest kindred spirits\nyxquest.exe |
"{8930D4D4-A1E2-4DEF-BC98-5D65B62475A5}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{8D12AF5C-A2C5-4192-937E-C3BD9B8CB937}" = protocol=6 | dir=in | app=c:\program files\dna\btdna.exe |
"{8D9CFA1A-6CD5-43D3-AB87-FBBD2B4C26D2}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.524\agent.exe |
"{8DB90FCB-7E53-4407-8B8C-AC7A8E6C6888}" = protocol=17 | dir=in | app=c:\program files\origin games\mass effect 3\binaries\win32\masseffect3.exe |
"{8DF012F5-DB62-4A6C-88EC-A7A1851DACD5}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\section 8 prejudice\s9.exe |
"{90424E92-4375-437B-B8B6-CE791B19FBBB}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\waveform\waveform.exe |
"{90D64E42-410B-4C3F-AFA5-5B279F1103E1}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\dawn of war ii - retribution\dow2.exe |
"{911449E3-6097-4505-8B68-07F103A2D76F}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\crazy machines elements\cmelements.exe |
"{9122FD2A-D72E-4331-B7E1-344ED87040E1}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\din's curse\dinscurse.exe |
"{917E7034-0723-40E0-A546-AFFE792AB139}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\broken sword shadow of the templars\bs1dc.exe |
"{92A8AD44-1C2B-4F3C-B427-BEE3F51D2D6D}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\frozen synapse\frozensynapse.exe |
"{92B1A9EA-4390-445A-9D19-A0FF21452FB5}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\a valley without wind\avww.exe |
"{939BBAC2-F9F7-4DFD-8405-FDE8DCF64535}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\recettear\custom.exe |
"{93A667C8-8534-415E-B0C0-969340D4F1EA}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{9413E1D9-3F5D-4FEB-A134-A891A9131216}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\macguffin\macguffin.exe |
"{945117D0-E927-4327-893B-7FCD860034B9}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\sonic generations\configurationtool.exe |
"{95FD37A5-04E7-48C4-8D14-3BD171283F8F}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\defensegridtheawakening\defensegrid.exe |
"{97B6B554-7F19-4D78-B78B-4A01F45DB230}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\hitogata happa\happa64.exe |
"{97C50786-37CF-422A-B836-F6B43599ABBA}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\cargo commander\cargocommander.exe |
"{97EE2161-70D2-4FFA-A541-F8A56B5E1D9F}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\defensegridtheawakening\defensegrid.exe |
"{982D86B6-EB6C-44D9-BB2B-140423AD797F}" = protocol=6 | dir=in | app=c:\program files\origin games\mass effect 3\binaries\win32\masseffect3.exe |
"{99972E4E-9593-441E-B8CC-5E74512530F9}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\spectromancer\spectromancer.exe |
"{9AC4E603-325A-431B-A00E-5322E8371032}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\flyn demo\source\flyn.exe |
"{9B3059C4-B087-4F7C-B133-83C10A2BCC82}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\nation red\nationred.exe |
"{9B7D5116-5E95-4088-AE80-EA6087CC11DF}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe |
"{9BE6E5BF-1DED-427F-8687-C591D690AF39}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\space pirates and zombies\spazgame.exe |
"{9C37E0D1-E699-4150-9636-F9586FB009FB}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\penumbra black plague\redist\penumbra.exe |
"{9D9A672A-78ED-44D5-8410-E04D985626D7}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\warlock - master of the arcane\support\paradox.url |
"{9DA8639F-D32F-4ACC-B436-30FA50500C42}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\alan wake\alanwake.exe |
"{9E3BABB9-8978-414D-8074-B269DC36EE5B}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1199\agent.exe |
"{9E4A8852-91D0-409B-BCE2-7C8FACEA0DFF}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\nyxquest kindred spirits\nyxquest.exe |
"{9F89EE05-AA00-499D-9146-21E31CE6970A}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\orcs must die 2\build\release\orcsmustdie2.exe |
"{A1F9BBA6-3F7A-4246-ACEF-E1AD428C4659}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"{A20B3EA1-DFFC-473C-97E5-AC0B4B608129}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\giana sisters twisted dreams\launcher\gslauncher.exe |
"{A28FCC5B-F633-4425-8FF7-C9C5ECCE9704}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe |
"{A34156D3-44D8-4A52-989D-678A5001AABA}" = protocol=17 | dir=in | app=c:\program files\spotify\spotify.exe |
"{A3DE1635-5A03-4782-9F81-4D48E6A80D6A}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\batman2\runlauncher.bat |
"{A3F98F74-EAB1-465A-8939-3FBD8DA91363}" = protocol=17 | dir=in | app=c:\program files\mass effect 2\binaries\masseffect2.exe |
"{A497BA71-E6B1-48BE-BF5A-75BF0ECB7516}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\broken sword shadow of the templars\bs1dc.exe |
"{A49EC23C-6272-4DEB-B2C9-D43D154C6D68}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\saints row the third\saintsrowthethird_dx11.exe |
"{A4AB6EE6-803E-456F-BB79-568BE0AA3145}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{A5015BC2-4B5A-4B09-B18A-8E431C5A3A8D}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\warlock - master of the arcane demo\support\ino_co_com.url |
"{A65E9604-02A3-47D2-818A-689F710B32CF}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\penumbra black plague\redist\requiem.exe |
"{A786E41F-F456-4B8A-8850-B155B930910E}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\all zombies must die demo\binaries\win32\shippingpc-bzb2game.exe |
"{A8DA451F-4A0E-435F-8461-AF0B93F99645}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\nation red\nationred.exe |
"{AADC8E40-F0D3-48B8-90E4-5BB047EFBEFF}" = protocol=1 | dir=in | [email protected],-28543 |
"{AAF2B933-20E3-4DF4-A1A2-EB53C6ED0755}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\shadowgrounds\shadowgrounds.exe |
"{AAFAED3C-971F-477C-8437-FD277404074C}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\zombie driver\release\zombiedriver.exe |
"{AB4705DE-0482-48B7-B56E-4D52E38772CF}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{AB87BC03-A4BF-4A26-9D32-A4400FFA345A}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\trackmania united\tmforeverlauncher.exe |
"{ACAE66FA-CD77-4F80-B0D9-4C13028AFF22}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\trackmania united\tmforever.exe |
"{AD71379E-305E-4A52-9A15-853A2EE30229}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\warlock - master of the arcane demo\support\paradox.url |
"{AD9EC3F4-F4CF-4B82-8094-BF7ABEB7F81A}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed brotherhood\acbmp.exe |
"{AE3FEE4B-B4F2-4D00-AB03-D4EC867014CD}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\trackmania united\tmforever.exe |
"{AE962CFA-59F1-4DC6-A944-33CCB454AA7A}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\broken sword shadow of the templars\bs1dc.exe |
"{AEA40AAC-CF95-46AF-9434-44552ADDC3B0}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{B0D7DEE5-A57E-4426-A468-A8A646311408}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\warlock - master of the arcane\support\game.url |
"{B2527276-C746-424E-B057-41CC23D8132B}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\sequence\sequence.exe |
"{B336A5ED-8BE6-499B-8BA8-2A37D636B5B6}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\1000 amps\1000ampsrewin.exe |
"{B3C6B4F6-88CC-47F9-90DE-EC38DC557F4F}" = protocol=17 | dir=in | app=c:\program files\mass effect 2\masseffect2launcher.exe |
"{B3F828D9-134D-4A30-BC92-3BF640F568AF}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\syberia\game.exe |
"{B4308C44-BF86-4599-A1C0-2CCFC108FD03}" = protocol=17 | dir=in | app=c:\users\jussi\appdata\local\temp\7zs4c7b.tmp\symnrt.exe |
"{B51F107D-FB8F-4B24-8393-6FF69AF6C5AB}" = protocol=17 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{B575D149-D7E5-4268-9E29-25C4C18DF079}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\stalker shadow of chernobyl\bin\xr_3da.exe |
"{B59759CD-F2F1-4961-AADC-4021104B7CD2}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\waveform\waveform.exe |
"{B9C2E769-EEE2-44C1-81CC-5E791C9CD560}" = protocol=6 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{BA4F298A-1BEE-4BE0-9BB8-CA28EFF87FBC}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\spectromancer\spectromancer.exe |
"{BA8FEC8B-DE03-4BF9-B90C-AC19360DCE8C}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\the binding of isaac\isaac.exe |
"{BB46A279-326C-4A40-BFD2-0C46A11292E0}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\kungfustrike\kungfustrike.exe |
"{BB5519BF-D50E-45D6-BED8-EE003F636495}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\gratuitous space battles\gsb.exe |
"{BB7A827D-3A8E-4C6C-8378-9F9EB18A2EB2}" = protocol=6 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{BE0B45E9-EDAF-434B-B629-C74AD1AB4500}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\gundeadligne\gundeadligne.exe |
"{BE21862C-6EEC-4149-844F-F2A5BDFB371C}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\all zombies must die demo\binaries\win32\shippingpc-bzb2game.exe |
"{BF9D6472-0580-4A39-938E-17E4121994C5}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\spectromancer\spectromancer.exe |
"{BFA39F7B-0553-40DE-9386-03842DC3C5E9}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\they bleed pixels\they bleed pixels pc.exe |
"{C00890D9-7B36-4812-B28E-0ECC3FE2EAC3}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\might and magic heroes vi\might & magic heroes vi.exe |
"{C00F0746-5B97-4001-8008-6850F5713DA4}" = protocol=6 | dir=in | app=c:\program files\mass effect 2\binaries\masseffect2.exe |
"{C029FF7F-132B-41A5-A465-3E95562C1472}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"{C1016A2F-D60E-44FE-9646-87096FD6FA72}" = protocol=58 | dir=out | [email protected],-28546 |
"{C147DD41-5C35-4ABF-AF9B-C32D7AE46005}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\sideway\win32\sideway_shippingwin32steam.exe |
"{C15996C1-91C5-44EF-838F-DFAF53642034}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\dead space 2\deadspace2.exe |
"{C1B11A18-5B9B-4D9F-9EB5-E2C815A681A4}" = protocol=6 | dir=in | app=c:\program files\origin games\mass effect\masseffectlauncher.exe |
"{C1DE7775-B029-41BC-A246-14784DCCBBC1}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\renegade ops\renegadeops.exe |
"{C23F656F-B02D-4D91-A304-5913B8B14257}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\batman2\runlauncher.bat |
"{C245B613-C696-4BC2-A20B-0ED13A2B138B}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\trackmania united\tmforeverlauncher.exe |
"{C4C39A1C-CD80-49BE-84EC-5781A49BD634}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\darksiders\darksiderspc.exe |
"{C5E726AF-E3BE-41AA-9AFB-C2D2990C3200}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\hotline_miami\hotlinemiami.exe |
"{C66285DC-B0C5-4DE2-9187-2C034DB8D69E}" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"{C79E8A57-9208-40FF-8499-15322D08E24B}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\cargo commander\cargocommander.exe |
"{C7A65FD2-E08B-48F6-ADBC-D84D573D7A38}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\din's curse\dinscurse.exe |
"{C8125BAF-89CD-455F-B9F2-AA19C9EB8C8D}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\saints row the third\saintsrowthethird.exe |
"{C906DF6C-2737-4702-8F55-E9F62835D918}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\batman2\binaries\win32\batmanac.exe |
"{CA0840CF-004A-494E-A4B2-C0E808377ABB}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"{CA817D1D-999F-4EBB-BA55-891E85585B0D}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\trine 2\trine2_launcher.exe |
"{CAD33131-B1C6-4AD5-8441-E1F295C3FB69}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\beat hazard\runme.exe |
"{CB92690C-975A-4DEE-9C83-F38A9456E067}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{CE3DD2FF-AAF6-4423-9C4A-A2B8D6FAE17F}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1225\agent.exe |
"{CEDBB43E-1E2B-423E-8552-B52FF7EDD21D}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\mark_of_the_ninja\bin\game.exe |
"{CF5523D7-65C4-46A8-BE15-A545C6CFCA18}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\gratuitous space battles\gsb.exe |
"{CF5D9E3B-C979-4FD8-9E8D-30E8DE403F1E}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\hitogata happa\happa64.exe |
"{CF7D6BA8-F8FF-471E-8591-895F480A9CEE}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\trackmania united\tmforever.exe |
"{D02BA4FD-17F0-48EC-B4E7-974FE24864D7}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\half minute hero\hmh.exe |
"{D0825DC0-590F-4040-BF32-5EA9123EC0D9}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\insanely twisted shadow planet\fcengine-gfwl.exe |
"{D1999168-BFF3-469F-87AD-9CF98CC0F9DF}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\avernum escape from the pit\avernum.exe |
"{D48D7E46-DBF3-436F-AEB2-F468530B92CE}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\tobe's vertical adventure\tobe's vertical adventure.exe |
"{D4C2FB39-E351-4158-81BE-39831D05BE24}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\frozen synapse\frozensynapse.exe |
"{D5769185-F6F8-4AAD-B53F-06C39F91EFE7}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\space pirates and zombies\spazgame.exe |
"{D58A409D-B784-492E-BFDA-1B6010A4142C}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\a virus named tom\avnt.exe |
"{D6341078-CB35-4040-BB45-6B9D4A4EF5C0}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe |
"{D68A8DD1-83D3-4C57-9C2F-AF165BDD5664}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\dungeons of dredmor\dungeons of dredmor.exe |
"{D78BF9BD-AF92-49D4-AA3A-6FE605ADD398}" = protocol=17 | dir=in | app=c:\program files\diablo iii\diablo iii.exe |
"{D7BB6B9C-3E64-44A4-B02A-5B1FA21F9C11}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\divinity ii - dragon knight saga\bin\divinity2.exe |
"{DB00978C-1909-4D4A-B521-E58851F58004}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\vampire the masquerade - bloodlines\vampire.exe |
"{DB6C214D-1633-4FFF-A7AF-ECF82F7EE876}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\dungeons of dredmor\dungeons of dredmor.exe |
"{DCEF33F9-1542-48EB-9FB8-4113D327F7FE}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\warlock - master of the arcane\game.exe |
"{DE050517-923D-4BBE-B501-40075F4FDAAD}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\a virus named tom\avnt.exe |
"{DE721704-808A-43AD-B26B-51D855DB8150}" = protocol=17 | dir=in | app=c:\program files\origin games\mass effect\masseffectlauncher.exe |
"{DFA03F43-2A8F-467F-8F85-6B3C49F748E6}" = protocol=6 | dir=in | app=c:\users\jussi\appdata\roaming\dropbox\bin\dropbox.exe |
"{E08E3A8D-9191-4444-AD18-DFEFC4437387}" = protocol=6 | dir=in | app=c:\users\jussi\appdata\local\temp\7zs4c7b.tmp\symnrt.exe |
"{E1C1CFC1-24F4-4463-807F-B0D6F8FB09AE}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\divinity ii - the dragon knight saga demo\bin\divinity2.exe |
"{E2914922-72CC-4797-A6AA-6E04520926DE}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\gatling gears\gatlinggears.exe |
"{E3589F88-A602-42AC-9518-D6102EE5E648}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\the binding of isaac\binding_of_isaac.exe |
"{E40C3666-7175-4C85-9242-F5BAEBA05321}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\snapshot\snapshot.exe |
"{E49ECAE9-1355-449D-9712-C59D3B006BC9}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\frozen synapse\frozensynapse.exe |
"{E50604B6-1E68-48DD-97DD-46597A1B4C38}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{E59DE20A-354B-4F89-91DC-2E4D1D0751E2}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\the book of unwritten tales\bout.exe |
"{E614CF1A-8D58-418F-916E-AE2A40709217}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\the binding of isaac\binding_of_isaac.exe |
"{E61C243F-22F3-4F51-866E-A2B651F6E666}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\saints row the third\game_launcher.exe |
"{E722ECF8-67BC-46E2-8EA1-2D0B01B5F935}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\basement\the basement collection.exe |
"{E7517867-F430-4595-B631-4BFD3CFE2C66}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.524\agent.exe |
"{E77E9FB0-CD13-4525-A580-F567ACADAD1E}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\gundemonium recollection\gundemonium.exe |
"{E8F5D62D-DED3-4B92-AD1C-861435012B16}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\recettear\recettear.exe |
"{E9BEA435-32DD-4D99-9F10-4F1B3C983A8D}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe |
"{E9F51CA4-B3F4-405F-8D90-B85212D4ADEF}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe |
"{EAACBBBA-0D89-4036-AA82-A1E40E99FB60}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\still life\game.exe |
"{ECFA7715-5A98-40BB-A460-40D81C602A31}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\cthulhu saves the world\cstw.exe |
"{EE2662EB-E61B-46FB-BA2B-E0C8A613934E}" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\launcher.exe |
"{EF2AC045-9FA5-4398-B7C3-558C94887008}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"{EF8F06E0-7AF2-4CA3-A413-4D7B489AAAA0}" = protocol=6 | dir=in | app=c:\program files\mass effect 2\masseffect2launcher.exe |
"{EFA1EB8C-8A78-4AF8-A005-1196060F3AFE}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\closure\closure.exe |
"{F02BACFE-CAA9-4B8F-A7BE-FAE550758F5A}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\gatling gears\gatlinggears.exe |
"{F077C955-1225-4838-8C4E-5EAB72E3A1E3}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed brotherhood\acbmp.exe |
"{F1CFEE6D-3BEE-4B77-948B-DCA8BC260646}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\batman2\binaries\win32\batmanac.exe |
"{F32F1F74-BB5A-4CF7-BED4-51A6091A4825}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\gundeadligne\gundeadligne.exe |
"{F33D203A-292E-4908-9BFD-91C94CA95246}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\[bleep] yeah\hellyeah.exe |
"{F369CE72-B799-446F-915E-CF20E83EE6B4}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\renegade ops\renegadeops.exe |
"{F41E2406-E847-4D0B-8139-E374C970C653}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\basement\the basement collection.exe |
"{F7A4A9E3-F322-4493-A07D-67B9BCD72524}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\max payne\maxpayne.exe |
"{F7AB9D43-4285-48B9-BD25-FA2D4581EECE}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\torchlight ii\torchlight2.exe |
"{F861123C-FA61-41FB-AC60-EF68D5323953}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\alien zombie megadeath\alienzombiemegadeath.exe |
"{F9371065-1D86-4D7A-B5C4-3DE95EA5F80B}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\sideway\win32\sideway_shippingwin32steam.exe |
"{F9ADB013-D4D2-4185-9B6B-97C37D6C8BF0}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\warp\binaries\win32\warp.exe |
"{FA4E8364-74D8-4B5D-8340-EC10316456CF}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{FA591D34-4F2E-4B2E-93E0-2A915D0BB158}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\tobe's vertical adventure\tobe's vertical adventure.exe |
"{FA68318D-810E-429E-894F-89C5EC8B6D99}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\sequence\sequence.exe |
"{FAD2E623-F9AF-4136-994E-0AEA77D2B495}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\precipice of darkness 3\rainslick3.exe |
"{FB5C5D70-9344-4DF0-8D9D-BAB086DC74AE}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{FBDCCCD4-2E7E-47F7-A58A-97D020D118C9}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\1000 amps\1000ampsrewin.exe |
"{FC6AF93B-8329-4A88-B2C3-F499DA5D83F7}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\beat hazard\beathazard.exe |
"{FCE0FBED-6E6D-4A41-BB5B-9998AC2FE35D}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{FCE3598F-D906-4BE5-8E81-963CEC035377}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\might and magic heroes vi\might & magic heroes vi.exe |
"{FDA2A8E6-50CC-4F19-A610-0F4D003E11D1}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\shadowgrounds\shadowgroundslauncher.exe |
"{FDF17E6B-472F-4909-9EDB-FA38873DF2AA}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{FDF43EC4-9EFB-4166-A97F-A4D8668492F4}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\dead space 2\support\ea help\electronic_arts_technical_support.htm |
"{FE3B0A0A-0E27-43BD-993B-580FFDD0E5FD}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\half minute hero\hmh.exe |
"{FEC7D2B8-B7CB-4309-BFD9-64D1004155C5}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\deus ex - human revolution\dxhr.exe |
"{FED30C75-A085-4397-93B3-AEA96FA90FD9}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\space rangers 2 reboot\rangers.exe |
"{FFD782B3-8F54-4A5F-B2F5-887DB50920F9}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\the walking dead\walkingdead101.exe |
"{FFEB1C91-9E1A-4CEA-A833-889383C7E3D4}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\beat hazard\beathazard.exe |
"TCP Query User{0747630E-C944-4A72-B85C-E17D09E69145}C:\users\public\diablo-iii-8370-engb-installer-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\diablo-iii-8370-engb-installer-downloader.exe |
"TCP Query User{189B7799-019E-4F36-A2E2-841A610BE5F3}C:\program files\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=c:\program files\guild wars 2\gw2.exe |
"TCP Query User{1B063F9C-C712-4767-8B2F-18C8D529C7BE}C:\users\public\games\world of warcraft\temp\wow-4.2.1.2727-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\temp\wow-4.2.1.2727-enus-tools-downloader.exe |
"TCP Query User{1D8656F0-C3DC-4DE8-92B8-426E826176EA}C:\users\jussi\appdata\local\temp\gw2.exe" = protocol=6 | dir=in | app=c:\users\jussi\appdata\local\temp\gw2.exe |
"TCP Query User{1F62D3BB-6A09-45C9-AA0C-E180CACD530E}C:\users\public\games\world of warcraft\temp\wow-4.2.1.2736-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\temp\wow-4.2.1.2736-enus-tools-downloader.exe |
"TCP Query User{2166DB42-5AB2-4981-B260-B92627A3A11F}C:\unmechanicaldemo\binaries\win32\udk.exe" = protocol=6 | dir=in | app=c:\unmechanicaldemo\binaries\win32\udk.exe |
"TCP Query User{22B29D68-2EF6-41B0-A4EB-C133574FEE9C}C:\fists\for.exe" = protocol=6 | dir=in | app=c:\fists\for.exe |
"TCP Query User{2B5D0CED-9042-4BD2-A35A-E5199B26CA8F}C:\users\public\games\world of warcraft\temp\wow-4.2.1.2706-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\temp\wow-4.2.1.2706-enus-tools-downloader.exe |
"TCP Query User{328FCEFC-C691-4A24-8EC5-D403667C922F}D:\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe" = protocol=6 | dir=in | app=d:\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe |
"TCP Query User{356BE0C7-E2A6-400B-A6CD-2E4ED83DE8A5}C:\users\public\games\world of warcraft\temp\wow-4.2.1.2756-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\temp\wow-4.2.1.2756-enus-tools-downloader.exe |
"TCP Query User{36452194-75B6-428C-8A12-40B46C61982B}C:\users\jussi\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\jussi\appdata\roaming\spotify\spotify.exe |
"TCP Query User{366FA247-F3BC-4E79-B5CF-3D38CEF6201E}C:\programdata\battle.net\agent\agent.976\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe |
"TCP Query User{4B80928B-1D11-4525-93EE-C555EA7325C7}D:\steam\steamapps\common\red faction guerrilla\rfg.exe" = protocol=6 | dir=in | app=d:\steam\steamapps\common\red faction guerrilla\rfg.exe |
"TCP Query User{5261868C-824E-4F25-AD73-71D59B4EBEDC}C:\users\public\games\runic games\torchlight 2 beta\tl2.beta.launcher.exe" = protocol=6 | dir=in | app=c:\users\public\games\runic games\torchlight 2 beta\tl2.beta.launcher.exe |
"TCP Query User{52C5C803-A486-40AC-80C6-32CD480C238F}C:\users\public\games\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe |
"TCP Query User{55A9D9B9-6C66-4EAE-BBDD-7F63E837A2F3}C:\users\public\games\world of warcraft\temp\wow-4.2.1.2730-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\temp\wow-4.2.1.2730-enus-tools-downloader.exe |
"TCP Query User{58BF7C9B-AE6F-49D7-8917-B9A274B626C7}C:\users\public\games\world of warcraft\wow-3.3.0.11159-to-3.3.2.11403-engb-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.0.11159-to-3.3.2.11403-engb-downloader.exe |
"TCP Query User{5C90EEF6-53EE-4980-9EB7-B55CB175D762}C:\program files\orbitdownloader\orbitnet.exe" = protocol=6 | dir=in | app=c:\program files\orbitdownloader\orbitnet.exe |
"TCP Query User{774EAD00-A977-47B3-BA3C-95736403CF5F}C:\matrix games\unity of command\update.exe" = protocol=6 | dir=in | app=c:\matrix games\unity of command\update.exe |
"TCP Query User{7AF2CA5E-6118-4661-AC59-99074DA72B7A}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"TCP Query User{8D4C451B-E7CB-4B5C-B603-37A3C0334236}D:\steam\steamapps\common\krater\krater.exe" = protocol=6 | dir=in | app=d:\steam\steamapps\common\krater\krater.exe |
"TCP Query User{A07B1B7A-76CF-49AE-80DD-163E5A64C39F}C:\users\public\games\world of warcraft\launcher.patch.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\launcher.patch.exe |
"TCP Query User{BE35F6FE-106E-40A9-85FB-6331B78257B7}C:\program files\origin games\dragon age\bin_ship\eacoreserver.exe" = protocol=6 | dir=in | app=c:\program files\origin games\dragon age\bin_ship\eacoreserver.exe |
"TCP Query User{C8945522-55B8-4512-A300-DD885DA8926E}D:\diablo-iii-8370-engb-installer-downloader.exe" = protocol=6 | dir=in | app=d:\diablo-iii-8370-engb-installer-downloader.exe |
"TCP Query User{CDC3BD0D-8E00-40B8-8749-6C1E59A101F1}D:\steam\steamapps\common\blur\blur.exe" = protocol=6 | dir=in | app=d:\steam\steamapps\common\blur\blur.exe |
"TCP Query User{CE435131-BF71-4E43-8666-5E9F410C982E}C:\program files\ea sports\fifa 11 demo\game\fifa.exe" = protocol=6 | dir=in | app=c:\program files\ea sports\fifa 11 demo\game\fifa.exe |
"TCP Query User{D5A34F76-709B-43F6-8451-BD87E8247E2D}C:\programdata\battle.net\agent\agent.998\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe |
"TCP Query User{D5A71FE3-1F66-4F48-A3C4-BAB266FB4C7D}C:\programdata\battle.net\agent\agent.1040\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"TCP Query User{ECD9129A-EAD1-42B0-BD15-C2F393527602}C:\users\public\games\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\backgrounddownloader.exe |
"TCP Query User{F63F3FDC-BA34-4990-8877-F9B461D6DFBF}C:\users\jussi\art\wanderlust.exe" = protocol=6 | dir=in | app=c:\users\jussi\art\wanderlust.exe |
"UDP Query User{28EDC1AC-1B99-475F-A78A-BEBF8E258B63}C:\users\jussi\appdata\local\temp\gw2.exe" = protocol=17 | dir=in | app=c:\users\jussi\appdata\local\temp\gw2.exe |
"UDP Query User{2D242568-16A3-48EA-92F0-ADFB728B874E}C:\users\jussi\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\jussi\appdata\roaming\spotify\spotify.exe |
"UDP Query User{31ED2492-79E1-4B2A-955D-837F549E51D4}C:\program files\ea sports\fifa 11 demo\game\fifa.exe" = protocol=17 | dir=in | app=c:\program files\ea sports\fifa 11 demo\game\fifa.exe |
"UDP Query User{344F61C2-4AA2-4C9C-BF99-A99748C820D7}C:\users\jussi\art\wanderlust.exe" = protocol=17 | dir=in | app=c:\users\jussi\art\wanderlust.exe |
"UDP Query User{34DBE643-5F63-416E-A1C3-2A4183B12998}C:\users\public\games\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe |
"UDP Query User{3C05CAF4-AF32-478E-9A79-DC7A2C635ED9}C:\fists\for.exe" = protocol=17 | dir=in | app=c:\fists\for.exe |
"UDP Query User{412A82B2-C32C-4C90-BE4E-7A779F95A99B}C:\users\public\games\world of warcraft\temp\wow-4.2.1.2706-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\temp\wow-4.2.1.2706-enus-tools-downloader.exe |
"UDP Query User{4190E9D0-340B-4F28-A6DA-6DEF885B8E00}D:\steam\steamapps\common\blur\blur.exe" = protocol=17 | dir=in | app=d:\steam\steamapps\common\blur\blur.exe |
"UDP Query User{4857BF4A-606D-4DF7-8631-3A494F2FDDD5}D:\steam\steamapps\common\krater\krater.exe" = protocol=17 | dir=in | app=d:\steam\steamapps\common\krater\krater.exe |
"UDP Query User{4AB90A3A-9ACA-4396-9DE7-92758C203DC3}C:\program files\orbitdownloader\orbitnet.exe" = protocol=17 | dir=in | app=c:\program files\orbitdownloader\orbitnet.exe |
"UDP Query User{4FC6B956-56F0-4012-9F5C-DAE74DB1DD56}D:\steam\steamapps\common\red faction guerrilla\rfg.exe" = protocol=17 | dir=in | app=d:\steam\steamapps\common\red faction guerrilla\rfg.exe |
"UDP Query User{68DBA75A-745D-47FE-9F1B-8351BA7E5C9F}C:\users\public\games\world of warcraft\temp\wow-4.2.1.2730-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\temp\wow-4.2.1.2730-enus-tools-downloader.exe |
"UDP Query User{6EAACDDD-89E6-4C08-933D-CCFDEF0BFB62}C:\matrix games\unity of command\update.exe" = protocol=17 | dir=in | app=c:\matrix games\unity of command\update.exe |
"UDP Query User{8C82924C-F948-42EB-AD97-E99EA6F59473}C:\users\public\games\world of warcraft\temp\wow-4.2.1.2727-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\temp\wow-4.2.1.2727-enus-tools-downloader.exe |
"UDP Query User{910BB54B-1BBC-4A5A-ADE2-B6946C11CA4A}C:\unmechanicaldemo\binaries\win32\udk.exe" = protocol=17 | dir=in | app=c:\unmechanicaldemo\binaries\win32\udk.exe |
"UDP Query User{9E3D9E26-0B91-44E2-A482-6A40B62B9236}C:\programdata\battle.net\agent\agent.998\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe |
"UDP Query User{9FB89FAB-6989-4D52-9CAE-64DDF2DF68BF}C:\users\public\games\runic games\torchlight 2 beta\tl2.beta.launcher.exe" = protocol=17 | dir=in | app=c:\users\public\games\runic games\torchlight 2 beta\tl2.beta.launcher.exe |
"UDP Query User{A516C89A-7819-43AD-846C-ABD20ECCDE91}C:\users\public\games\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\backgrounddownloader.exe |
"UDP Query User{A5FFBADC-5E81-45EC-8648-F6FFD0F63763}C:\programdata\battle.net\agent\agent.1040\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"UDP Query User{AC3E4F26-98E4-4C4C-AC9B-021AFE0EC471}D:\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe" = protocol=17 | dir=in | app=d:\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe |
"UDP Query User{AE924E30-40B0-422D-9A09-A1F68994649D}C:\program files\origin games\dragon age\bin_ship\eacoreserver.exe" = protocol=17 | dir=in | app=c:\program files\origin games\dragon age\bin_ship\eacoreserver.exe |
"UDP Query User{C1DCA8B6-8CB5-4BCD-AB7C-0C43FEEC5090}C:\users\public\games\world of warcraft\wow-3.3.0.11159-to-3.3.2.11403-engb-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.0.11159-to-3.3.2.11403-engb-downloader.exe |
"UDP Query User{C56AA46C-3565-406D-9CEF-9BAB35B1DC50}C:\program files\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=c:\program files\guild wars 2\gw2.exe |
"UDP Query User{C93D09CF-6152-4288-AD84-2A1EE24AEE15}C:\programdata\battle.net\agent\agent.976\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe |
"UDP Query User{D8888037-696E-4964-8C18-19F23FDA6730}C:\users\public\games\world of warcraft\launcher.patch.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\launcher.patch.exe |
"UDP Query User{D9BF83E2-9703-4D7F-8163-66E379E5E2B6}C:\users\public\games\world of warcraft\temp\wow-4.2.1.2736-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\temp\wow-4.2.1.2736-enus-tools-downloader.exe |
"UDP Query User{DE7D0347-F2F1-4774-A14A-815671933132}C:\users\public\games\world of warcraft\temp\wow-4.2.1.2756-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\temp\wow-4.2.1.2756-enus-tools-downloader.exe |
"UDP Query User{F841E32D-0893-418E-A0E9-C8DA9ED8C151}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{F8AA9548-BEAE-499D-96C3-0BAEF0916F48}D:\diablo-iii-8370-engb-installer-downloader.exe" = protocol=17 | dir=in | app=d:\diablo-iii-8370-engb-installer-downloader.exe |
"UDP Query User{FE561A6F-2762-4397-AADB-A15E8434ECCF}C:\users\public\diablo-iii-8370-engb-installer-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\diablo-iii-8370-engb-installer-downloader.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00F93853-D9D3-4795-A89E-84CCBA0205C9}" = Microsoft IntelliPoint 8.0
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0D2BC497-02A9-4344-87FB-76EA0C77F446}" = HDRegFI
"{0F6F6876-6334-4977-B5DD-CFC12E193420}" = iTunes
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR
"{19798333-E6E8-D423-2ED1-CEA58D6B8E1D}" = Offspring Fling!
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1B0FBB9A-995D-47CD-87CD-13E68B676E4F}" = Mass Effect
"{1DED5EFD-410A-48DB-909A-2B2022BB50D2}" = Nethergate
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java™ 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 9
"{277649C0-D8D5-3190-AFF3-D0F88A375B16}" = Microsoft .NET Framework 4 Extended FIN Language Pack
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2FDD750F-49B7-40C1-9D5E-D2955BC0E2D8}" = NVIDIA PhysX
"{3030BE09-0597-447A-A184-39305D61F58B}_is1" = No Time to Explain version 2.0
"{3350E9B0-DCE6-4AE1-B3AC-D0C11FBEEDA1}_is1" = SeaTools for Windows
"{3485CDCE-2099-4B10-8E90-2953C5D26A6A}" = Fractal
"{351E09AC-DCB3-451D-9C7D-C1A82AF1CE5D}" = Geneforge 4
"{3559CDE0-11FC-4D7B-A65C-D646035B1035}" = Nero 8 Essentials
"{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}" = Microsoft XNA Framework Redistributable 3.0
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{41F1373A-AB0C-4E70-9BD0-69D42083D0BD}_is1" = Dark Scavenger version 1.0
"{4377F918-E6C9-4ECA-A7F5-754B310B7ED8}" = Sid Meier's Civilization 4
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{534A31BD-20F4-46b0-85CE-09778379663C}" = Mass Effect™ 3
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5B3A354B-C059-4861-A85B-CA46F1089E15}" = Creative USB Headsets
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{60972DE4-5536-1338-0423-5C3A385CD3B6}" = Defender's Quest
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{64E47A5F-B3C4-476A-9100-2D006BD1FFB4}" = Z Engine
"{6530FDAA-5B1F-4830-95BB-650E9804D239}" = UE3Redist
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73370408-B80E-4509-B9AF-957E2E0F512F}_is1" = WinZip System Utilities Suite
"{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}" = Mass Effect 2
"{76EE77BC-FE08-489B-9AAD-1B89EA3ADD4A}_is1" = Project Black Sun version 1.0.2
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{780262B9-4578-3727-97D3-62DE7B9F5F82}" = Microsoft .NET Framework 4 Client Profile FIN Language Pack
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{78953EAB-C884-30A4-73D1-2105E5A60931}" = ATI Catalyst Install Manager
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7D3806CD-EF07-4C94-909C-C16EA8FBA610}_is1" = The Sea Will Claim Everything 1.0
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{98613C99-1399-416C-A07C-1EE1C585D872}" = SeaTools for Windows
"{98EABC7F-B1A1-43A5-B505-5B4EC3908DCD}" = Microsoft Security Client
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{A428AC4A-326E-4E64-BEFD-A31E82E4C692}_is1" = Inferno+ version 1.0
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A4ECED7E-528D-48F4-8E83-1B2217F5B4BD}" = Three Dead Zed (ver 1.4)
"{AC76BA86-7AD7-1035-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Suomi
"{AE71B0D5-8873-4110-BD84-F5D5174EC342}_is1" = Super Crossfire version 1.0
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision -ohjain 306.97
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA-ohjauspaneeli 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiikkaohjain 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision -ohjain 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-järjestelmäohjelmisto 9.12.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA-päivitykset 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B7588D45-AFDC-4C93-9E2E-A100F3554B64}" = Microsoft Fix it Center
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD095458-EFF3-46CB-8BE4-DC1675FB8B49}" = Relentless Software Prerequisites
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240C0}" = WinZip 15.0
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D08A5DFE-F0C2-74FC-DD56-A3B371E9344D}" = EA Shared Game Component: Activation
"{D1FCD6BD-3EEC-4E9A-9611-47FEACE94BEE}_is1" = Driftmoon Alpha 5
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.5.1 Game
"{D4DDFAA1-EC37-4529-AD5B-A433ADE68662}" = Apple Mobile Device Support
"{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}" = Microsoft XNA Framework Redistributable 4.0 Refresh
"{DEDF2885-0086-4534-9912-F9B97377ED07}" = AGEIA GAME System Software
"{E28088C5-E768-4A1B-B308-A9F3ED28ABBE}" = OpenOffice.org 3.0
"{E369A040-E812-37B3-A5B9-311E5579FAC3}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fin
"{E78C63C9-9849-45FA-8315-2AE38A293E2E}_is1" = DoomRL version 0.9.9.6
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Applen ohjelmatuki
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"8461-7759-5462-8226" = Vuze
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"AdobeReader" = Adobe Reader 8
"AUDIO_REALTEK" = Realtek HD Audio V6.0.1.5618
"AudioCS" = Creative Audio Control Panel
"Battle Academy1.6.0" = Battle Academy
"Chessmaster 9000_is1" = Chessmaster 9000
"Chromentum 2" = Chromentum 2 (remove only)
"com.ea.Activation.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Shared Game Component: Activation
"Crawl" = Dungeon Crawl Stone Soup
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"DefendersQuest" = Defender's Quest
"Desura" = Desura
"Desura_64390149701664" = Desura: Oniken
"Desura_73826192850976" = Desura: Cute Things Dying Violently
"Desura_75385265979424" = Desura: 99 Levels To [bleep]
"Diablo III" = Diablo III
"Divine Divinity_is1" = Divine Divinity
"DroidAssault" = Droid Assault (remove only)
"Eschalon Book I_is1" = Eschalon Book 1 v1.06
"Eschalon Book II_is1" = Eschalon Book 2 1.05
"ESET Online Scanner" = ESET Online Scanner v3
"Fallout 2_is1" = Fallout 2
"ffdshow_is1" = ffdshow v1.1.3800 [2011-03-28]
"GetNZB_is1" = GetNZB version 1.007
"Guild Wars 2" = Guild Wars 2
"Hauppauge MCE2005 Software Encoder" = Hauppauge MCE XP/Vista Software Encoder (2.0.26057)
"Host OpenAL" = Host OpenAL
"Icewind Dale II_is1" = Icewind Dale II
"ImageWriter" = Packard Bell ImageWriter
"Infocentre" = Infocentre Rev. 2.0
"IrfanView" = IrfanView (remove only)
"LCDTest" = Packard Bell LCD Test
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versio 1.65.1.1000
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - fin" = Microsoft .NET Framework 3.5 SP1:n kielitukipaketti - FI
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile FIN Language Pack" = Microsoft .NET Framework 4 Client Profilen suomen kielipaketti
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended FIN Language Pack" = Microsoft .NET Framework 4 Extendedin suomen kielipaketti
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox 17.0 (x86 fi)" = Mozilla Firefox 17.0 (x86 fi)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Nero8" = Nero 8 Essentials
"NIS2008_FI" = Norton Internet Security
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"offspringfling" = Offspring Fling!
"OpenAL" = OpenAL
"OpenDNS Updater" = OpenDNS Updater 2.2.1
"Opera 12.00.1467" = Opera 12.00
"Origin" = Origin
"Panzer Corps1.00" = Panzer Corps
"Peepers_is1" = Peepers 1.0
"PunkBusterSvc" = PunkBuster Services
"RealPlayer 15.0" = RealPlayer
"Rockstar Games Social Club" = Rockstar Games Social Club
"SEGAMegaDriveClassics" = SEGA Mega Drive Classics
"SETUPMYPC_FI" = SetUp My PC
"sp6" = Logitech SetPoint 6.32
"SpywareBlaster_is1" = SpywareBlaster 4.6
"Steam App 102850" = WARP
"Steam App 105800" = PixelJunk Eden
"Steam App 107600" = Waves
"Steam App 107800" = Rochard
"Steam App 108500" = Vessel
"Steam App 110610" = Alien Zombie Megadeath
"Steam App 12140" = Max Payne
"Steam App 200190" = Sideway
"Steam App 200510" = XCOM: Enemy Unknown
"Steam App 201790" = Orcs Must Die! 2
"Steam App 202200" = Galactic Civilizations II: Ultimate Edition
"Steam App 202750" = Alan Wake's American Nightmare
"Steam App 203630" = Warlock - Master of the Arcane
"Steam App 204180" = Waveform
"Steam App 204220" = Snapshot
"Steam App 205230" = [bleep] Yeah!
"Steam App 205690" = 1000 Amps
"Steam App 205730" = Insanely Twisted Shadow Planet
"Steam App 205830" = Luxor Evolved
"Steam App 206020" = Avernum 4
"Steam App 206410" = Crazy Machines Elements
"Steam App 207170" = Legend of Grimrock
"Steam App 207490" = Rayman Origins
"Steam App 207610" = The Walking Dead
"Steam App 207650" = A Virus Named TOM
"Steam App 207690" = Botanicula
"Steam App 207750" = Symphony
"Steam App 208400" = Avernum: Escape From the Pit
"Steam App 209330" = A Valley Without Wind
"Steam App 211260" = They Bleed Pixels
"Steam App 212030" = Kung Fu Strike: The Warrior's Rise
"Steam App 212680" = FTL: Faster Than Light
"Steam App 213030" = Penny Arcade's On the Rain-Slick Precipice of Darkness 3
"Steam App 214560" = Mark of the Ninja
"Steam App 214790" = The Basement Collection
"Steam App 214830" = Half Minute Hero: Super Mega Neo Climax Ultimate Boy
"Steam App 215160" = The Book of Unwritten Tales
"Steam App 217290" = Din's Curse
"Steam App 219150" = Hotline Miami
"Steam App 220460" = Cargo Commander
"Steam App 220780" = Thomas Was Alone
"Steam App 223220" = Giana Sisters: Twisted Dreams
"Steam App 35720" = Trine 2
"Steam App 40300" = Risen
"Steam App 42640" = Blur
"Steam App 4500" = S.T.A.L.K.E.R.: Shadow of Chernobyl
"Steam App 46570" = Grotesque Tactics 2 - Dungeons and Donuts
"Steam App 47780" = Dead Space 2
"Steam App 55150" = Warhammer 40,000 Space Marine
"Steam App 55230" = Saints Row: The Third
"Steam App 57000" = NyxQuest
"Steam App 57400" = Batman: Arkham City™
"Steam App 58230" = MacGuffin's Curse
"Steam App 58540" = Divinity II - The Dragon Knight Saga
"Steam App 65300" = Dustforce
"Steam App 67370" = The Darkness II
"Steam App 71340" = Sonic Generations
"Steam App 72000" = Closure
"Steam App 72850" = The Elder Scrolls V: Skyrim
"Steam App 80310" = Gemini Rue
"Steam App 97100" = Section 8: Prejudice
"Steam App 98400" = Hard Reset
"Steam App 98800" = Dungeons of Dredmor
"Steam App 99300" = Renegade Ops
"Steam App 99810" = Bulletstorm
"SysInfo" = Creative System Information
"TangleBee_is1" = TangleBee 1.0.2
"Temple of Elemental Evil_is1" = Temple of Elemental Evil
"The Chronicles of Riddick - Assault on Dark Athena_is1" = The Chronicles of Riddick - Assault on Dark Athena
"Tiny and Big - Grandpas Leftovers" = Tiny and Big - Grandpa's Leftovers (remove only)
"TVTUNER" = TVTUNER
"Ultratron" = Ultratron (remove only)
"Unity of Command1.00" = Unity of Command
"Updator" = Packard Bell Updator
"War of the Human Tanks" = War of the Human Tanks
"VIDEO_ATI_GOB" = Video ATI V8.473.0.0
"VIDEO_NVIDIA" = Video NVIDIA v174.74
"VLC media player" = VLC media player 2.0.2
"World of Warcraft" = World of Warcraft
"X10Hardware" = X10 Hardware™

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Climb to the Top of the Castle!" = Climb to the Top of the Castle!
"InstallShield_{6530FDAA-5B1F-4830-95BB-650E9804D239}" = UE3Redist
"MyFreeCodec" = MyFreeCodec
"UnityWebPlayer" = Unity Web Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 13.11.2012 12:07:48 | Computer Name = Jussi-PC | Source = WinMgmt | ID = 10
Description =

Error - 13.11.2012 16:22:13 | Computer Name = Jussi-PC | Source = Application Hang | ID = 1002
Description = Ohjelma Wow.exe, versio 5.0.5.16135, lakkasi olemasta yhteydessä Windowsiin,
joten se suljettiin. Voit katsoa mahdollisia lisätietoja ongelman historiatiedoista
Ongelmien raportit ja ratkaisut -ohjauspaneelissa Prosessitunnus: 8ec Käynnistysaika:
01cdc1dc5e4f88b3 Lopetusaika: 14

Error - 14.11.2012 11:20:32 | Computer Name = Jussi-PC | Source = WinMgmt | ID = 10
Description =

Error - 17.11.2012 8:18:24 | Computer Name = Jussi-PC | Source = VSS | ID = 8194
Description =

Error - 17.11.2012 15:14:36 | Computer Name = Jussi-PC | Source = VSS | ID = 8194
Description =

Error - 17.11.2012 15:16:09 | Computer Name = Jussi-PC | Source = System Restore | ID = 8193
Description =

Error - 18.11.2012 6:28:54 | Computer Name = Jussi-PC | Source = Application Hang | ID = 1002
Description = Ohjelma Explorer.EXE, versio 6.0.6002.18005, lakkasi olemasta yhteydessä
Windowsiin, joten se suljettiin. Voit katsoa mahdollisia lisätietoja ongelman historiatiedoista
Ongelmien raportit ja ratkaisut -ohjauspaneelissa Prosessitunnus: cac Käynnistysaika:
01cdc27b9e1036f1 Lopetusaika: 44

Error - 18.11.2012 13:26:40 | Computer Name = Jussi-PC | Source = Application Hang | ID = 1002
Description = Ohjelma Explorer.exe, versio 6.0.6002.18005, lakkasi olemasta yhteydessä
Windowsiin, joten se suljettiin. Voit katsoa mahdollisia lisätietoja ongelman historiatiedoista
Ongelmien raportit ja ratkaisut -ohjauspaneelissa Prosessitunnus: 26dc Käynnistysaika:
01cdc57782cd9af1 Lopetusaika: 400

Error - 20.11.2012 12:55:20 | Computer Name = Jussi-PC | Source = WinMgmt | ID = 10
Description =

Error - 21.11.2012 14:33:37 | Computer Name = Jussi-PC | Source = WinMgmt | ID = 10
Description =

[ Media Center Events ]
Error - 22.7.2010 20:51:09 | Computer Name = Jussi-PC | Source = Media Center Guide | ID = 0
Description = Tapahtumatiedot: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
returned 10000105 Prosessi: DefaultDomain Objektin nimi: Media Center Guide

[ System Events ]
Error - 12.11.2012 14:03:48 | Computer Name = Jussi-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 12.11.2012 14:05:18 | Computer Name = Jussi-PC | Source = DCOM | ID = 10005
Description =

Error - 12.11.2012 14:05:18 | Computer Name = Jussi-PC | Source = DCOM | ID = 10005
Description =

Error - 12.11.2012 14:09:51 | Computer Name = Jussi-PC | Source = Microsoft Antimalware | ID = 2004
Description = %%860 on kohdannut virheen yrittäessään ladata allekirjoituksia ja
yrittää palata takaisin tunnettuun hyvään allekirjoitussarjaan. Yritetyt allekirjoitukset:
%%824 Virhekoodi: 0x80070002 Virheen kuvaus: Määritettyä tiedostoa ei löydy. Allekirjoitusversiov:
1.139.1712.0;1.139.1712.0 Moottoriversio: 1.1.8904.0

Error - 13.11.2012 11:49:29 | Computer Name = JUSSI-PC | Source = Dhcp | ID = 1002
Description = DHCP-palvelin 192.168.1.1 eväsi IP-osoitteen 192.168.1.2 verkkokortilta,
jonka verkko-osoite on 00226807BE0F (DHCP-palvelin lähetti DHCPNACK-sanoman).

Error - 16.11.2012 11:32:30 | Computer Name = Jussi-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 on kohdannut virheen yrittäessään päivittää allekirjoituksia.

Uusi
allekirjoitusversio: Edellinen allekirjoitusversio: 1.139.2168.0 Päivitä lähde:
%%859 Päivitä vaihe: %%854 Lähdepolku: http://www.microsoft.com Allekirjoitustyyppi:
%%800 Päivitystyyppi: %%803 Käyttäjä: NT-HALLINTA\SYSTEM Nykyinen moottoriversio:
Edellinen moottoriversio: 1.1.8904.0 Virhekoodi: 0x80070643 Virheen kuvaus: Vakava
virhe asennuksen aikana.

Error - 16.11.2012 11:32:54 | Computer Name = Jussi-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =

Error - 21.11.2012 1:23:20 | Computer Name = Jussi-PC | Source = Service Control Manager | ID = 7030
Description =

Error - 21.11.2012 1:34:19 | Computer Name = Jussi-PC | Source = Service Control Manager | ID = 7030
Description =

Error - 21.11.2012 1:39:44 | Computer Name = Jussi-PC | Source = Service Control Manager | ID = 7030
Description =

< End of report >

Farbar Service Scanner Version: 09-11-2012
Ran by Jussi (administrator) on 21-11-2012 at 21:23:51
Running from "C:\Users\Jussi"
Windows Vista ™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.

Windows Firewall:
=============

Firewall Disabled Policy:
==================

System Restore:
============

System Restore Disabled Policy:
========================

Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================

Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.

Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1

Other Services:
==============

File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll
[2012-10-10 06:17] - [2012-06-02 02:02] - 0133120 ____A (Microsoft Corporation) F1E8C34892336D33EDDCDFE44E474F64

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll
[2008-01-21 04:24] - [2008-01-21 04:24] - 0288256 ____A (Microsoft Corporation) E1499BD0FF76B1B2FBBF1AF339D91165

C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit

**** End of log ****

# AdwCleaner v2.008 - Logfile created 11/21/2012 at 21:25:28
# Updated 17/11/2012 by Xplode
# Operating system : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# User : Jussi - JUSSI-PC
# Boot Mode : Normal
# Running from : C:\Users\Jussi\adwcleaner.exe
# Option [Delete]

***** [Services] *****

***** [Files / Folders] *****

Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\Users\Jussi\AppData\Local\Conduit
Folder Deleted : C:\Users\Jussi\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Jussi\Save

***** [Registry] *****

Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\Software\Conduit

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v17.0 (fi)

Profile name : default
File : C:\Users\Jussi\AppData\Roaming\Mozilla\Firefox\Profiles\w7a81fei.default\prefs.js

Deleted : user_pref("extensions.enabledAddons", "DivXWebPlayer%40divx.com:2.0.2.039,tinyurl.addon%40fast-chat.[...]

-\\ Opera v12.0.1467.0

File : C:\Users\Jussi\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [1646 octets] - [21/11/2012 21:25:28]

########## EOF - C:\AdwCleaner[S1].txt - [1706 octets] ##########

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Tietokantaversio: v2012.11.21.07

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Jussi :: JUSSI-PC [järjestelmänvalvoja]

21.11.2012 20:00:20
mbam-log-2012-11-21 (20-00-20).txt

Tarkistustyyppi: Pikatarkistus
Tarkistussuodattimia valittu: Muisti | Käynnistys | Rekisteri | Tietojärjestelmä | Heuristinen/Ylimäärinen | Heuristinen/Shuriken | Mahdollisesti haitallinen ohjelma | Mahdollisesti haitallinen muutos
Käytöstä poistetut tarkistusvalinnat: Vertaisverkko (Peer-to-Peer)
Tarkistettuja kohteita: 231342
Kulunut aika: 6 minuutti(a), 37 sekunti(a)

Epäilyttäviä muistiprosesseja: 0
(Ei haitallisia kohteita)

Epäilyttäviä muistimoduuleja: 0
(Ei haitallisia kohteita)

Epäilyttäviä rekisteriavaimia: 0
(Ei haitallisia kohteita)

Epäilyttäviä rekisteriarvoja: 0
(Ei haitallisia kohteita)

Epäilyttäviä rekisterikohteita: 0
(Ei haitallisia kohteita)

Epäilyttäviä kansioita: 0
(Ei haitallisia kohteita)

Epäilyttäviä tiedostoja: 0
(Ei haitallisia kohteita)

(loppu)

Wow, that took a while, hope I didnt miss anything. Couldnt run Vito as it wasnt available on my language.

#4
RKinner

Posted 21 November 2012 - 05:03 PM

Malware Expert

Expert
24,625 posts

Do you have a log for aswMBR?

Is it still running slow?

#5
Ducon

Posted 21 November 2012 - 05:06 PM

Member

Topic Starter
Member
17 posts

Runs just fine again, cheers

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-11-20 19:01:54
-----------------------------
19:01:54.463 OS Version: Windows 6.0.6002 Service Pack 2
19:01:54.463 Number of processors: 4 586 0x202
19:01:54.463 ComputerName: JUSSI-PC UserName: Jussi
19:01:57.583 Initialize success
19:58:45.691 AVAST engine defs: 12111901
20:00:46.087 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
20:00:46.090 Disk 0 Vendor: WDC_WD6400AAKS-22A7B0 01.03B01 Size: 610480MB BusType: 3
20:00:46.093 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T1L0-2
20:00:46.096 Disk 1 Vendor: WDC_WD6400AAKS-22A7B0 01.03B01 Size: 610480MB BusType: 3
20:00:46.109 Disk 0 MBR read successfully
20:00:46.112 Disk 0 MBR scan
20:00:46.123 Disk 0 Windows VISTA default MBR code
20:00:46.127 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 12291 MB offset 63
20:00:46.166 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 598187 MB offset 25173855
20:00:46.199 Disk 0 scanning sectors +1250261680
20:00:46.290 Disk 0 scanning C:\Windows\system32\drivers
20:01:17.707 Service scanning
20:01:38.303 Service MpKsle5f5cb95 c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BC85C2F2-3473-4437-9FDD-32592520D30D}\MpKsle5f5cb95.sys **LOCKED** 32
20:02:18.202 Modules scanning
20:02:24.573 AVAST engine scan C:\Windows
20:02:37.724 AVAST engine scan C:\Windows\system32
20:11:25.901 AVAST engine scan C:\Windows\system32\drivers
20:12:26.886 AVAST engine scan C:\Users\Jussi
02:27:41.806 AVAST engine scan C:\ProgramData
03:15:31.536 Scan finished successfully
07:17:36.266 Disk 0 MBR has been saved successfully to "C:\Users\Jussi\Desktop\MBR.dat"
07:17:36.293 The log file has been saved successfully to "C:\Users\Jussi\Desktop\aswMBR.txt"

#6
RKinner

Posted 21 November 2012 - 05:12 PM

Malware Expert

Expert
24,625 posts

Unless you see other problems I think we are done and can clean up

Copy the following:


:Commands
[CLEARALLRESTOREPOINTS]
[Reboot]

Right click on OTL and Run As Administrator. In the Custom Scans/Fixes box at the bottom, paste in the copied text (Ctrl + v) and then hit Run Fix.

That will get the last of the malware off the system.

You can uninstall or delete any tools we had you download and their logs.
To uninstall combofix, copy the next line:

"%userprofile%\Desktop\combofix.exe" /Uninstall

Start, All Programs, Accessories then right click on Command Prompt and Run As Administrator.
then right click, Paste, then hit Enter.

OTL has a cleanup tab but DO NOT USE IT!. There are reports that it leaves the PC unbootable. Instead just delete OTL.exe and the folder c:\_OTL.

To hide hidden files again:

Vista or Win7

# Open the Control Panel menu and click Folder Options.
# After the new window appears select the View tab.
# Remove the check in the checkbox labeled Display the contents of system folders.
# Under the Hidden files and folders section select the radio button labeled Do not Show hidden files and folders.
# Check the checkbox labeled Hide protected operating system files.
# Press the Apply button and then the OK button and exit My Computer.

Also make sure you have the latest versions of any adobe.com products you use like Shockwave, Flash or Acrobat.

Whether you use adobe reader, acrobat or fox-it to read pdf files you need to disable Javascript in the program. There is an exploit out there now that can use it to get on your PC. For Adobe Reader: Start, All Programs, Adobe Reader, Edit, Preferences, Click on Javascript in the left column and uncheck Enable Acrobat Javascript. OK Close program. It's the same for Foxit reader except you uncheck Enable Javascript Actions.

To help keep your programs up-to-date you should download and run the UpdateChecker:
http://www.filehippo.../updatechecker/
(You don't need to download Betas and if there is a program you don't use you can just uninstall it rather than update it. Exception is MSN messenger which appears to be part of Windows.)
If you get a blocked program notice after installing updatechecker then change it to not run at start then manually run it once a week.
Seems to work best if Firefox is the default browser. You can also try Secunia PSI http://secunia.com/v...l/download_psi/ Same kind of info. You don't need both.
If you use Firefox then get the AdBlock Plus Add-on. WOT (Web of Trust) is another you might want to try.
The equivalent to AdBlock Plus for IE is called Simple Adblock and you should install it too: http://simple-adblock.com/
The free version only blocks 200 ads a day so another reason to use Firefox or Chrome.

If Firefox is slow loading make sure it only has the current Java add-on. Then download and run Speedy Fox.
http://www.crystalidea.com/speedyfox . You can run it any time that Firefox seems slow.

Be warned: If you use Limewire, utorrent or any of the other P2P programs you will almost certain be coming back to the Malware Removal forum. If you must use P2P then submit any files you get to http://virustotal.com before you open them.

If you have a router, log on to it today and change the default password! If using a Wireless router you really should be using encryption on the link. Use the strongest (newest) encryption method that your router and PC wireless adapter support especially if you own a business. See http://www.king5.com...-120637284.html and http://www.seattlepi...ted-1344185.php for why encryption is important. If you don't know how, visit the router maker's website. They all have detailed step by step instructions or a wizard you can download.

Special note on Java. Clear the Java Cache by following the instructions on
http://www.java.com/...lugin_cache.xml

You do have the latest Java but have obsolete version still installed.
Go into Control Panel, Add/Remove Software (XP) or Programs and Features (Vista/Win 7) and remove any old versions (which may call themselves: Java Runtime, Runtime Environment, Runtime, JRE, Java Virtual Machine, Virtual Machine, Java VM, JVM, VM, J2RE, J2SE)
I see:
Java™ 6 Update 31
JavaFX 2.1.1

Make sure Windows Updates is turned and that it works. Go to Control panel, Windows Updates and see if it works. http://support.microsoft.com/kb/294871

You definitely need to have KB2744842. This patches a major flaw in IE.

My help is free but if you wish to show your appreciation, please donate to Kwiaht instead of me. It's a local environmental organization that I volunteer with: http://www.kwiaht.org/donate.htm
(The name means something like "clean place" in one of the local native-American dialects)

Ron