I'm using Windows 7. Main problem is Bloodhound.Exploit 33. Malwarebytes find something in first run but nothing today.
I use mostly startpage and google as searchengines.
I uninstalled istartsurf some time ago. Norton has quarantined Bloodhound but it needs manually uninstall. Bloodhound is in this location.
c:\users\(myname)\appdata\local\mozilla\firefox\profiles\#####.default\cache2\entries\
Here is the OTL scan log and extras too.
OTL logfile created on: 9/23/2014 5:52:19 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Timo\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17280)
Locale: 00000409 | Country: Suomi | Language: FIN | Date Format: d.M.yyyy
5.95 Gb Total Physical Memory | 4.03 Gb Available Physical Memory | 67.70% Memory free
11.90 Gb Paging File | 8.72 Gb Available in Paging File | 73.31% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 679.13 Gb Total Space | 380.63 Gb Free Space | 56.05% Space Free | Partition Type: NTFS
Drive D: | 19.21 Gb Total Space | 2.36 Gb Free Space | 12.30% Space Free | Partition Type: NTFS
Computer Name: TIMO-HP | User Name: Timo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Timo\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_179.exe (Adobe Systems, Inc.)
PRC - C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\nis.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\iSafe\iSafeTray.exe (Elex do Brasil Participações Ltda)
PRC - C:\Program Files (x86)\iSafe\ipcdl.exe ()
PRC - C:\Program Files (x86)\iSafe\iSafeSvc2.exe (Elex do Brasil Participações Ltda)
PRC - C:\Program Files (x86)\iSafe\iSafeSvc.exe (Elex do Brasil Participações Ltda)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\ProgramData\Mobile Broadband\OnlineUpdate\ouc.exe ()
PRC - C:\Program Files (x86)\AnVir Task Manager Pro\AnVir.exe (AnVir Software)
PRC - C:\USERS\TIMO\DOCUMENTS\MAMUTU\a2service.exe (Emsi Software GmbH)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
PRC - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
========== Modules (No Company Name) ==========
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\802a9bff6be56d5ea8384d20bee78562\IAStorCommon.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\27bf12496a31ac45c7f95f646bccff84\IAStorUtil.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\2508b25b4d961a45659a8a8f128818a1\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\3f2952ec748f60fbb5deacfc4db0a2a3\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\8b7f86e5a6f0aa23f4b25dfeeaa6b318\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f8922283404046fb5227407194d59d7e\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\5bf56d6064af88d8812a3f78e0dfd376\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\4c4507612d22786d45594a65a0213c1f\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\95854f4f1f37b8eab1b1e3d7103b48ef\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
MOD - C:\Program Files (x86)\iSafe\curlpp.dll ()
MOD - C:\Program Files (x86)\iSafe\libpng.dll ()
MOD - C:\Program Files (x86)\iSafe\zlib1.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_fi_b77a5c561934e089\System.Runtime.Remoting.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fi_b77a5c561934e089\mscorlib.resources.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (hpsrv) -- C:\Windows\SysNative\hpservice.exe (Hewlett-Packard Company)
SRV:64bit: - (EPSON_EB_RPCV4_04) -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE (SEIKO EPSON CORPORATION)
SRV:64bit: - (EPSON_PM_RPCV4_04) -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE (SEIKO EPSON CORPORATION)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (STacSV) -- C:\Program Files\IDT\WDM\stacsv64.exe (IDT, Inc.)
SRV:64bit: - (HPClientSvc) -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe (Hewlett-Packard Company)
SRV:64bit: - (btwdins) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV:64bit: - (HP Wireless Assistant Service) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe (Hewlett-Packard Company)
SRV:64bit: - (AESTFilters) -- C:\Program Files\IDT\WDM\AESTSr64.exe (Andrea Electronics Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (NIS) -- C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\NIS.exe (Symantec Corporation)
SRV - (iSafeService) -- C:\Program Files (x86)\iSafe\iSafeSvc.exe (Elex do Brasil Participações Ltda)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (Mobile Broadband. RunOuc) -- C:\Program Files (x86)\Mobile Broadband\UpdateDog\ouc.exe ()
SRV - (HP Support Assistant Service) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Hewlett-Packard Company)
SRV - (Mamutu) -- C:\USERS\TIMO\DOCUMENTS\MAMUTU\a2service.exe (Emsi Software GmbH)
SRV - (HWDeviceService64.exe) -- C:\ProgramData\DataCardService\HWDeviceService64.exe ()
SRV - (FPLService) -- C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe (HP)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (HPWMISVC) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (Hewlett-Packard Development Company, L.P.)
SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (GameConsoleService) -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe (WildTangent, Inc.)
SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (ABBYY.Licensing.FineReader.Sprint.9.0) -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (ABBYY)
========== Driver Services (SafeList) ==========
DRV:64bit: - (iSafeKrnlBoot) -- C:\Windows\SysNative\drivers\iSafeKrnlBoot.sys (Elex do Brasil Participações Ltda)
DRV:64bit: - (SymEFA) -- C:\Windows\SysNative\drivers\NISx64\1505000.013\symefa64.sys (Symantec Corporation)
DRV:64bit: - (SymNetS) -- C:\Windows\SysNative\drivers\NISx64\1505000.013\symnets.sys (Symantec Corporation)
DRV:64bit: - (SRTSP) -- C:\Windows\SysNative\drivers\NISx64\1505000.013\srtsp64.sys (Symantec Corporation)
DRV:64bit: - (SymEvent) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS (Symantec Corporation)
DRV:64bit: - (SymIRON) -- C:\Windows\SysNative\drivers\NISx64\1505000.013\ironx64.sys (Symantec Corporation)
DRV:64bit: - (ccSet_NIS) -- C:\Windows\SysNative\drivers\NISx64\1505000.013\ccsetx64.sys (Symantec Corporation)
DRV:64bit: - (SymDS) -- C:\Windows\SysNative\drivers\NISx64\1505000.013\symds64.sys (Symantec Corporation)
DRV:64bit: - (SRTSPX) -- C:\Windows\SysNative\drivers\NISx64\1505000.013\srtspx64.sys (Symantec Corporation)
DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)
DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)
DRV:64bit: - (huawei_wwanecm) -- C:\Windows\SysNative\drivers\ew_juwwanecm.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (ew_hwusbdev) -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (huawei_cdcacm) -- C:\Windows\SysNative\drivers\ew_jucdcacm.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (huawei_enumerator) -- C:\Windows\SysNative\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (huawei_ext_ctrl) -- C:\Windows\SysNative\drivers\ew_juextctrl.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (ew_usbenumfilter) -- C:\Windows\SysNative\drivers\ew_usbenumfilter.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (WsAudio_Device(5) -- C:\Windows\SysNative\drivers\VirtualAudio5.sys (Wondershare)
DRV:64bit: - (WsAudio_Device(4) -- C:\Windows\SysNative\drivers\VirtualAudio4.sys (Wondershare)
DRV:64bit: - (WsAudio_Device(3) -- C:\Windows\SysNative\drivers\VirtualAudio3.sys (Wondershare)
DRV:64bit: - (WsAudio_Device(2) -- C:\Windows\SysNative\drivers\VirtualAudio2.sys (Wondershare)
DRV:64bit: - (WsAudio_Device(1) -- C:\Windows\SysNative\drivers\VirtualAudio1.sys (Wondershare)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (tbhsd) -- C:\Windows\SysNative\drivers\tbhsd.sys (RapidSolution Software AG)
DRV:64bit: - (RRNetCapMP) -- C:\Windows\SysNative\drivers\rrnetcap.sys (RapidSolution Software AG)
DRV:64bit: - (RRNetCap) -- C:\Windows\SysNative\drivers\rrnetcap.sys (RapidSolution Software AG)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (Uim_IM) -- C:\Windows\SysNative\drivers\Uim_IMx64.sys (Paragon)
DRV:64bit: - (Uim_VIM) -- C:\Windows\SysNative\drivers\uim_vimx64.sys (Paragon)
DRV:64bit: - (UimBus) -- C:\Windows\SysNative\drivers\uimx64.sys (Windows ® 2000 DDK provider)
DRV:64bit: - (WsAudio_DeviceS(5) -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(5).sys (Wondershare)
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
DRV:64bit: - (Accelerometer) -- C:\Windows\SysNative\drivers\Accelerometer.sys (Hewlett-Packard Company)
DRV:64bit: - (hpdskflt) -- C:\Windows\SysNative\drivers\hpdskflt.sys (Hewlett-Packard Company)
DRV:64bit: - (clwvd) -- C:\Windows\SysNative\drivers\clwvd.sys (CyberLink Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (WsAudio_DeviceS(3) -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(3).sys (Wondershare)
DRV:64bit: - (WsAudio_DeviceS(2) -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(2).sys (Wondershare)
DRV:64bit: - (WsAudio_DeviceS(1) -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(1).sys (Wondershare)
DRV:64bit: - (WsAudio_DeviceS(4) -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(4).sys (Wondershare)
DRV:64bit: - (WsAudioDevice_383S(1) -- C:\Windows\SysNative\drivers\WsAudioDevice_383S(1).sys (Wondershare)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (intelkmd) -- C:\Windows\SysNative\drivers\igdpmd64.sys (Intel Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (RSPCIESTOR) -- C:\Windows\SysNative\drivers\RtsPStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (Renesas Electronics Corporation)
DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (Renesas Electronics Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel® Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
DRV:64bit: - (btwampfl) -- C:\Windows\SysNative\drivers\btwampfl.sys (Broadcom Corporation.)
DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (RTL2832U_IRHID) -- C:\Windows\SysNative\drivers\RTL2832U_IRHID.sys (Realtek)
DRV:64bit: - (RTL2832UUSB) -- C:\Windows\SysNative\drivers\RTL2832UUSB.sys (REALTEK SEMICONDUCTOR Corp.)
DRV:64bit: - (RTL2832UBDA) -- C:\Windows\SysNative\drivers\RTL2832UBDA.sys (REALTEK SEMICONDUCTOR Corp.)
DRV:64bit: - (SrvHsfV92) -- C:\Windows\SysNative\drivers\VSTDPV6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfWinac) -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfHDA) -- C:\Windows\SysNative\drivers\VSTAZL6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell)
DRV:64bit: - (netw5v64) -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (BHDrvx64) -- C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140912.003\BHDrvx64.sys (Symantec Corporation)
DRV - (eeCtrl) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (IDSVia64) -- C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140919.001\IDSviA64.sys (Symantec Corporation)
DRV - (NAVEX15) -- C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140921.020\ex64.sys (Symantec Corporation)
DRV - (NAVENG) -- C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140921.020\eng64.sys (Symantec Corporation)
DRV - (iSafeKrnl) -- C:\Program Files (x86)\iSafe\iSafeKrnl.sys (Elex do Brasil Participações Ltda)
DRV - (iSafeKrnlKit) -- C:\Program Files (x86)\iSafe\iSafeKrnlKit.sys (Elex do Brasil Participações Ltda)
DRV - (iSafeKrnlR3) -- C:\Program Files (x86)\iSafe\iSafeKrnlR3.sys (Elex do Brasil Participações Ltda)
DRV - (iSafeNetFilter) -- C:\Program Files (x86)\iSafe\iSafeNetFilter.sys (Elex do Brasil Participações Ltda)
DRV - (a2acc) -- C:\USERS\TIMO\DOCUMENTS\MAMUTU\a2accx64.sys (Emsi Software GmbH)
DRV - (a2injectiondriver) -- C:\Users\Timo\Documents\Mamutu\a2dix64.sys (Emsi Software GmbH)
DRV - (a2util) -- C:\Users\Timo\Documents\Mamutu\a2util64.sys (Emsi Software GmbH)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (RTL2832U_IRHID) -- C:\Windows\SysWOW64\drivers\RTL2832U_IRHID.sys (Realtek)
DRV - (RTL2832UUSB) -- C:\Windows\SysWOW64\drivers\RTL2832UUSB.sys (REALTEK SEMICONDUCTOR Corp.)
DRV - (RTL2832UBDA) -- C:\Windows\SysWOW64\drivers\RTL2832UBDA.sys (REALTEK SEMICONDUCTOR Corp.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com={searchTerms}
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0191A6B0-1154-4C22-9182-23A95BBE92D9}
IE:64bit: - HKLM\..\SearchScopes\{0191A6B0-1154-4C22-9182-23A95BBE92D9}: "URL" = http://www.google.co...q={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,NewTabPageShow = 1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {0191A6B0-1154-4C22-9182-23A95BBE92D9}
IE - HKLM\..\SearchScopes\{0191A6B0-1154-4C22-9182-23A95BBE92D9}: "URL" = http://www.google.co...q={searchTerms}
IE - HKLM\..\SearchScopes\{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252}: "URL" = http://www.google.co...utputEncoding?}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,NewTabPageShow = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = about:blank
IE - HKCU\..\SearchScopes,DefaultScope = {0191A6B0-1154-4C22-9182-23A95BBE92D9}
IE - HKCU\..\SearchScopes\{0191A6B0-1154-4C22-9182-23A95BBE92D9}: "URL" = http://www.google.co...q={searchTerms}
IE - HKCU\..\SearchScopes\{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252}: "URL" = http://www.google.co...utputEncoding?}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.order.1: "Google"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "about:blank"
FF - prefs.js..extensions.enabledAddons: %7B46868735-c3fa-47ce-8ce7-cce51a66aceb%7D:1.2
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:2.2
FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.8.42
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:32.0.2
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.11.2: C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.11.2: C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.67.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0: C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.69: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.19: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files (x86)\Veetle\Player\npvlc.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@emusic.com/eMusicPlugin DLM6: C:\Program Files (x86)\eMusic Download Manager 6\npEMusic604.dll (eMusic.com)
FF - HKCU\Software\MozillaPlugins\@octoshape.com/Octoshape Streaming Services,version=1.0: C:\Users\Timo\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1101262-0-npoctoshape.dll (Octoshape ApS)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Timo\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Timo\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn\ [2014/09/23 11:29:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\Firefox [2011/06/04 11:58:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2011/06/04 11:58:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2011/06/04 11:58:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 32.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 32.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/09/19 09:50:38 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 32.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 32.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/09/19 09:50:38 | 000,000,000 | ---D | M]
[2011/10/27 11:41:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Timo\AppData\Roaming\mozilla\Extensions
[2014/09/23 16:57:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Timo\AppData\Roaming\mozilla\Firefox\Profiles\c7ixr1j5.default-1407435073953\extensions
[2014/08/07 22:10:42 | 000,126,171 | ---- | M] () (No name found) -- C:\Users\Timo\AppData\Roaming\mozilla\firefox\profiles\c7ixr1j5.default-1407435073953\extensions\[email protected]
[2014/08/07 21:43:42 | 000,001,736 | ---- | M] () (No name found) -- C:\Users\Timo\AppData\Roaming\mozilla\firefox\profiles\c7ixr1j5.default-1407435073953\extensions\{46868735-c3fa-47ce-8ce7-cce51a66aceb}.xpi
[2014/09/23 16:57:24 | 000,541,015 | ---- | M] () (No name found) -- C:\Users\Timo\AppData\Roaming\mozilla\firefox\profiles\c7ixr1j5.default-1407435073953\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2014/08/07 21:22:19 | 000,967,685 | ---- | M] () (No name found) -- C:\Users\Timo\AppData\Roaming\mozilla\firefox\profiles\c7ixr1j5.default-1407435073953\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014/08/30 10:50:06 | 000,300,373 | ---- | M] () (No name found) -- C:\Users\Timo\AppData\Roaming\mozilla\firefox\profiles\c7ixr1j5.default-1407435073953\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2014/09/23 11:28:41 | 000,000,609 | ---- | M] () -- C:\Users\Timo\AppData\Roaming\mozilla\firefox\profiles\c7ixr1j5.default-1407435073953\searchplugins\Google.xml
[2014/09/22 20:34:53 | 000,005,501 | ---- | M] () -- C:\Users\Timo\AppData\Roaming\mozilla\firefox\profiles\c7ixr1j5.default-1407435073953\searchplugins\startpage-https.xml
[2014/09/19 09:50:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2014/09/19 09:50:36 | 000,000,000 | ---D | M] (TrueSuite Website Logon) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
[2014/09/19 09:50:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/09/19 09:50:41 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012/06/28 18:42:00 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
========== Chrome ==========
CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: about:blank
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Timo\AppData\Local\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Timo\AppData\Local\Google\Chrome\Application\36.0.1985.125\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Timo\AppData\Local\Google\Chrome\Application\36.0.1985.125\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Simple Pass 2011 (Enabled) = C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhfpefkeidlhbjljfdojcnngjbddgein\1.0_0\npwebsitelogon.dll
CHR - plugin: Norton Confidential (Enabled) = C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.2.5_0\npcoplgn.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Octoshape Streaming Services (Enabled) = C:\Users\Timo\AppData\Roaming\Mozilla\plugins\npoctoshape.dll
CHR - plugin: Octoshape Streaming Services (Enabled) = C:\Users\Timo\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1101262-0-npoctoshape.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Bing Bar (Enabled) = C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll
CHR - plugin: RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll
CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files (x86)\Veetle\Player\npvlc.dll
CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
CHR - plugin: Windows Live Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Timo\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google-haku = C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google Wallet = C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Deezer = C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\npfkoakaabdallkcdbpkkhfilkkngakh\1.3.2_0\
CHR - Extension: Gmail = C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
Hosts file not found
O2:64bit: - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.5.0.19\coieplg.dll (Symantec Corporation)
O2:64bit: - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll (HP)
O2:64bit: - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll (HP)
O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3:64bit: - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.5.0.19\coieplg.dll (Symantec Corporation)
O3:64bit: - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Eraser] C:\Program Files\Eraser\Eraser.exe (The Eraser Project)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 11.11.2)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 11.11.2)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.67.2)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.67.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 193.210.19.19 193.210.18.18
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0C8E6854-C46F-412D-8C77-8CF9CC69E053}: DhcpNameServer = 193.210.19.19 193.210.18.18
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{48EFBF32-6516-499B-935B-C4F9DED72294}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5588E4BF-9F90-4AE8-BCB4-15F85269A7ED}: NameServer =
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B6DC2381-7822-46B6-BBE4-EDAE8A95FEC5}: NameServer =
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
O28 - HKCU ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - Reg Error: Value error. File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{016a4d27-8032-11e2-a5c2-2c27d7bb7d36}\Shell - "" = AutoRun
O33 - MountPoints2\{016a4d27-8032-11e2-a5c2-2c27d7bb7d36}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{3ea38149-0072-11e1-a040-cc52af9b6d38}\Shell - "" = AutoRun
O33 - MountPoints2\{3ea38149-0072-11e1-a040-cc52af9b6d38}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{4e50b30a-00ce-11e1-b12b-cc52af9b6d38}\Shell - "" = AutoRun
O33 - MountPoints2\{4e50b30a-00ce-11e1-b12b-cc52af9b6d38}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{53a9ff52-00c6-11e1-94e8-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{53a9ff52-00c6-11e1-94e8-806e6f6e6963}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{9f750276-0525-11e1-8bc4-cc52af9b6d38}\Shell - "" = AutoRun
O33 - MountPoints2\{9f750276-0525-11e1-8bc4-cc52af9b6d38}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{db4b3b84-00d5-11e1-bf7e-cc52af9b6d38}\Shell - "" = AutoRun
O33 - MountPoints2\{db4b3b84-00d5-11e1-bf7e-cc52af9b6d38}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014/09/23 17:50:07 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Timo\Desktop\OTL.exe
[2014/09/23 16:42:56 | 004,181,856 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Timo\Desktop\tdsskiller.exe
[2014/09/19 09:50:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/09/18 14:20:15 | 000,000,000 | -H-D | C] -- C:\Windows\PIF
[2014/09/18 14:20:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quintessence - TBV
[2014/09/12 21:37:39 | 000,122,584 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/09/12 21:37:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/09/12 21:37:21 | 000,091,352 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/09/12 21:37:21 | 000,063,704 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/09/12 21:37:21 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/09/12 21:37:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014/09/12 21:37:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/09/11 23:31:04 | 000,596,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/09/11 23:31:04 | 000,440,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/09/11 23:31:01 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2014/09/11 23:31:01 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2014/09/11 23:31:01 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/09/11 23:31:00 | 000,758,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/09/11 23:31:00 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014/09/11 23:31:00 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/09/11 23:30:59 | 000,446,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/09/11 23:30:59 | 000,289,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/09/11 23:30:59 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/09/11 23:30:59 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/09/11 23:30:58 | 000,547,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/09/11 23:30:58 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/09/11 23:30:58 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/09/11 23:30:56 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/09/11 23:30:56 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/09/11 23:30:55 | 000,727,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/09/11 23:30:55 | 000,707,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/09/11 23:30:55 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/09/11 23:30:55 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/09/11 23:30:55 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/09/11 23:30:55 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014/09/11 23:30:55 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/09/11 23:30:53 | 001,249,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2014/09/11 23:30:53 | 001,068,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2014/09/11 23:30:53 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014/09/11 23:30:53 | 000,775,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/09/11 23:30:53 | 000,678,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/09/11 23:30:53 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/09/11 23:30:53 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/09/11 23:30:53 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/09/11 23:30:48 | 005,833,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/09/11 23:30:47 | 002,104,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/09/11 23:30:47 | 002,014,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/09/11 23:20:12 | 002,777,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2014/09/11 23:20:12 | 002,285,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2014/09/11 17:05:21 | 001,031,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWorkspace.dll
[2014/09/11 17:05:21 | 000,793,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TSWorkspace.dll
[2014/09/11 17:05:17 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2014/09/11 17:04:54 | 001,460,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2014/09/11 17:04:49 | 000,578,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014/09/11 17:04:48 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014/08/27 22:23:28 | 000,404,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[21 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[11 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014/09/23 17:50:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Timo\Desktop\OTL.exe
[2014/09/23 17:14:10 | 000,001,014 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-91733369-1281498052-2340552009-1000UA.job
[2014/09/23 16:43:01 | 004,181,856 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Timo\Desktop\tdsskiller.exe
[2014/09/23 15:53:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/09/23 11:37:02 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/09/23 11:37:02 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/09/23 11:28:26 | 495,865,855 | -HS- | M] () -- C:\hiberfil.sys
[2014/09/22 23:42:17 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/09/21 17:51:13 | 000,002,035 | ---- | M] () -- C:\Users\Public\Desktop\Mobile Broadband.lnk
[2014/09/19 18:26:58 | 001,356,858 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/09/19 18:26:58 | 000,654,916 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/09/19 18:26:58 | 000,482,262 | ---- | M] () -- C:\Windows\SysNative\perfh00B.dat
[2014/09/19 18:26:58 | 000,122,530 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/09/19 18:26:58 | 000,102,064 | ---- | M] () -- C:\Windows\SysNative\perfc00B.dat
[2014/09/16 21:27:51 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForTIMO-HP$.job
[2014/09/11 23:27:47 | 001,331,306 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/09/05 05:10:43 | 000,578,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014/09/05 05:05:42 | 000,424,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014/09/03 15:41:56 | 000,000,223 | ---- | M] () -- C:\Users\Timo\Desktop\The Treasures of Montezuma 4.url
[2014/08/28 23:03:08 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForTimo.job
[2014/08/27 23:25:34 | 000,326,608 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[21 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[11 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014/09/03 15:41:56 | 000,000,223 | ---- | C] () -- C:\Users\Timo\Desktop\The Treasures of Montezuma 4.url
[2014/01/03 01:04:00 | 000,000,017 | ---- | C] () -- C:\Windows\SysWow64\shortcut_ex.dat
[2012/04/15 13:27:54 | 000,000,600 | ---- | C] () -- C:\Users\Timo\PUTTY.RND
[2011/11/10 13:15:12 | 000,802,252 | ---- | C] () -- C:\Users\Timo\.DLMSave_back.xml
[2011/11/10 13:15:12 | 000,802,252 | ---- | C] () -- C:\Users\Timo\.DLMSave.xml
[2011/11/10 13:12:56 | 000,001,238 | ---- | C] () -- C:\Users\Timo\.Setting.ini
[2011/11/01 13:53:17 | 000,007,596 | ---- | C] () -- C:\Users\Timo\AppData\Local\Resmon.ResmonCfg
========== ZeroAccess Check ==========
[2009/07/14 07:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/06/25 05:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/06/25 04:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 04:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 15:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 04:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2012/04/04 09:35:56 | 000,000,000 | ---D | M] -- C:\Users\Timo\AppData\Roaming\AdultAdvantage
[2014/08/14 21:37:50 | 000,000,000 | ---D | M] -- C:\Users\Timo\AppData\Roaming\AlawarEntertainment
[2012/05/15 00:07:40 | 000,000,000 | ---D | M] -- C:\Users\Timo\AppData\Roaming\Apowersoft
[2014/06/24 21:20:17 | 000,000,000 | ---D | M] -- C:\Users\Timo\AppData\Roaming\AudioDope
[2011/11/07 18:47:25 | 000,000,000 | ---D | M] -- C:\Users\Timo\AppData\Roaming\BANDISOFT
[2014/01/04 17:08:21 | 000,000,000 | ---D | M] -- C:\Users\Timo\AppData\Roaming\Battle.net
[2014/02/20 21:26:33 | 000,000,000 | ---D | M] -- C:\Users\Timo\AppData\Roaming\Duplicate & Same Files Searcher
[2014/08/07 21:34:31 | 000,000,000 | ---D | M] -- C:\Users\Timo\AppData\Roaming\eCyber
[2011/12/24 16:53:09 | 000,000,000 | ---D | M] -- C:\Users\Timo\AppData\Roaming\EPSON
[2011/11/06 23:49:05 | 000,000,000 | ---D | M] -- C:\Users\Timo\AppData\Roaming\IDT
[2014/09/23 12:13:12 | 000,000,000 | ---D | M] -- C:\Users\Timo\AppData\Roaming\iSafe
[2014/03/11 16:22:42 | 000,000,000 | ---D | M] -- C:\Users\Timo\AppData\Roaming\KoshyJohn.com
[2013/06/15 19:23:52 | 000,000,000 | ---D | M] -- C:\Users\Timo\AppData\Roaming\Leawo
[2013/02/08 01:26:14 | 000,000,000 | ---D | M] -- C:\Users\Timo\AppData\Roaming\LibreOffice
[2012/07/18 17:33:43 | 000,000,000 | ---D | M] -- C:\Users\Timo\AppData\Roaming\MahJong Suite
[2013/12/13 19:35:24 | 000,000,000 | ---D | M] -- C:\Users\Timo\AppData\Roaming\Mp3 Music Editor
[2012/03/02 17:21:05 | 000,000,000 | ---D | M] -- C:\Users\Timo\AppData\Roaming\mresreg
[2011/12/05 23:58:45 | 000,000,000 | ---D | M] -- C:\Users\Timo\AppData\Roaming\NeoDownloader
[2012/02/25 23:23:54 | 000,000,000 | ---D | M] -- C:\Users\Timo\AppData\Roaming\Octoshape
[2014/01/21 18:26:55 | 000,000,000 | ---D | M] -- C:\Users\Timo\AppData\Roaming\Oracle
[2012/11/02 13:40:07 | 000,000,000 | ---D | M] -- C:\Users\Timo\AppData\Roaming\Origin
[2011/10/26 23:11:00 | 000,000,000 | ---D | M] -- C:\Users\Timo\AppData\Roaming\PictureMover
[2013/11/14 21:48:51 | 000,000,000 | ---D | M] -- C:\Users\Timo\AppData\Roaming\PotPlayerMini
[2012/09/28 18:52:08 | 000,000,000 | ---D | M] -- C:\Users\Timo\AppData\Roaming\ProcessLasso
[2014/06/09 15:42:45 | 000,000,000 | ---D | M] -- C:\Users\Timo\AppData\Roaming\RadioMaximus
[2013/07/02 00:11:30 | 000,000,000 | ---D | M] -- C:\Users\Timo\AppData\Roaming\RaimaRadioPro
[2012/03/17 12:57:30 | 000,000,000 | ---D | M] -- C:\Users\Timo\AppData\Roaming\runic games
[2014/09/11 23:18:37 | 000,000,000 | ---D | M] -- C:\Users\Timo\AppData\Roaming\SoftGrid Client
[2013/01/03 10:18:48 | 000,000,000 | ---D | M] -- C:\Users\Timo\AppData\Roaming\Sound Editor Deluxe
[2014/09/23 12:50:20 | 000,000,000 | ---D | M] -- C:\Users\Timo\AppData\Roaming\Spider Player
[2012/11/03 18:58:37 | 000,000,000 | ---D | M] -- C:\Users\Timo\AppData\Roaming\Sports Interactive
[2014/09/19 13:25:39 | 000,000,000 | ---D | M] -- C:\Users\Timo\AppData\Roaming\Spotify
[2011/10/26 23:09:58 | 000,000,000 | ---D | M] -- C:\Users\Timo\AppData\Roaming\Synaptics
[2013/06/15 19:25:21 | 000,000,000 | ---D | M] -- C:\Users\Timo\AppData\Roaming\tiger-k
[2011/11/01 10:59:47 | 000,000,000 | ---D | M] -- C:\Users\Timo\AppData\Roaming\TP
[2011/11/22 00:22:51 | 000,000,000 | ---D | M] -- C:\Users\Timo\AppData\Roaming\URSoft
[2011/10/27 23:21:21 | 000,000,000 | ---D | M] -- C:\Users\Timo\AppData\Roaming\WildTangent
[2012/04/25 16:33:21 | 000,000,000 | ---D | M] -- C:\Users\Timo\AppData\Roaming\Windows Live Writer
[2012/04/09 17:28:55 | 000,000,000 | ---D | M] -- C:\Users\Timo\AppData\Roaming\Wondershare
[2013/05/12 18:22:18 | 000,000,000 | ---D | M] -- C:\Users\Timo\AppData\Roaming\Zoner
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 171 bytes -> C:\ProgramData\Temp:F8B88761
@Alternate Data Stream - 162 bytes -> C:\ProgramData\Temp:1CE11B51
< End of report >
Extras:
OTL Extras logfile created on: 9/25/2014 4:32:21 PM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Timo\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17280)
Locale: 00000409 | Country: Suomi | Language: FIN | Date Format: d.M.yyyy
5.95 Gb Total Physical Memory | 4.60 Gb Available Physical Memory | 77.29% Memory free
11.90 Gb Paging File | 9.99 Gb Available in Paging File | 83.98% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 679.13 Gb Total Space | 377.62 Gb Free Space | 55.60% Space Free | Partition Type: NTFS
Drive D: | 19.21 Gb Total Space | 2.36 Gb Free Space | 12.30% Space Free | Partition Type: NTFS
Drive F: | 34.56 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: TIMO-HP | User Name: Timo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.js[@ = JSFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.jse[@ = JSEFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.vbe[@ = VBEFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.vbs[@ = VBSFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.wsf[@ = WSFFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
vbefile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
vbefile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07B5BE2C-CC0F-43E8-B87A-ADE95A4E2C81}" = rport=138 | protocol=17 | dir=out | app=system |
"{31891CFA-3AA7-4C67-9540-4B3B9B578919}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{4154D354-873E-477D-B10F-2438FF605453}" = rport=445 | protocol=6 | dir=out | app=system |
"{4B1B5C33-7B43-49B6-8F0B-34E5FFDE005F}" = lport=12972 | protocol=6 | dir=in | name=audials localhttpserver 12972 |
"{566A611F-85A5-4AFE-BEF4-9DF7D16EFCBB}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{930F9C65-FDE5-4474-9B4C-93EEC1D4DBFD}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{A07290CE-D2CC-4A04-BCB0-1C4C2629A884}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{A90BC9FA-2D5D-45ED-A413-A3C26DECBE19}" = lport=137 | protocol=17 | dir=in | app=system |
"{B8999AA1-B925-4EC9-9E2C-8CA96D49E497}" = rport=137 | protocol=17 | dir=out | app=system |
"{DF20E0BB-4024-4598-8BAB-D265320E9F5C}" = lport=445 | protocol=6 | dir=in | app=system |
"{E17F6773-F8CC-4195-97FC-8B28CDBA08E4}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E2F7DB85-9E3E-4EF5-94E6-6085EA28D0F0}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{E6AFB6CD-4660-4723-A95A-89F09AEB315F}" = lport=138 | protocol=17 | dir=in | app=system |
"{E8ACD4DF-EE32-4C3D-997A-F071E5E5EC9D}" = lport=31931 | protocol=6 | dir=in | name=audials localhttpserver 31931 |
"{EBEB466B-2201-4404-958C-EE135C246313}" = lport=139 | protocol=6 | dir=in | app=system |
"{F31E6E25-3AA4-4684-92C3-05441392AC16}" = rport=139 | protocol=6 | dir=out | app=system |
"{FF49D0A6-F696-43F4-91C1-A32CAE3B2F10}" = lport=14714 | protocol=6 | dir=in | name=audials localhttpserver 14714 |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0018583F-81E3-4165-B1C7-955AB0C59DA3}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3109\agent.exe |
"{009D0A49-7C81-42A5-8946-1D271137683E}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe |
"{07686F98-AEB9-4774-AF9D-A1E22EA4FF7A}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2380\agent.exe |
"{0C6A2B52-2288-42BA-8177-8FC822F629A1}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.515\agent.exe |
"{0E01E87E-C2DA-4B2D-9C12-D640E7123778}" = protocol=6 | dir=in | app=c:\users\timo\documents\steam\steamapps\common\football manager 2013 demo\fm.exe |
"{0EA31404-182E-4B01-B9E2-FEC76D662E39}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3109\agent.exe |
"{12158EED-85C7-4A74-AA68-AFA490C40564}" = protocol=6 | dir=in | app=c:\users\timo\documents\steam\steamapps\common\montezuma 4\thetreasuresofmontezuma4.exe |
"{13CC5A5F-F514-4D3A-BB01-5E9F898AC899}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3109\agent.exe |
"{15C3DF6F-31B7-440C-93BA-1C10BFC3792A}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3346\agent.exe |
"{18132779-6124-4450-97D3-7FC692C0402B}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3023\agent.exe |
"{186EDE8E-9BA6-4406-888C-59D4436BAB74}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3109\agent.exe |
"{18A76F8C-4B42-4FD7-BF68-7B68130C8B24}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1637\agent.exe |
"{18BFB2DB-CF9E-43F3-97C3-E196CFCCB614}" = protocol=1 | dir=out | [email protected],-28544 |
"{1AEB623B-9318-4C63-B610-F82D610C293E}" = protocol=17 | dir=in | app=c:\program files (x86)\battle.net\battle.net.exe |
"{1C4D9502-5852-41E5-BF6D-A5BFBC51848B}" = protocol=17 | dir=in | app=c:\users\timo\documents\steam\steamapps\common\railroad tycoon 2 platinum\rt2_plat.exe |
"{1D5C7B83-E2AC-4D38-81A8-A4906A36C2AF}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2816\agent.exe |
"{1EABE26B-BA22-4B70-A3E5-03DA061D4BF3}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2514\agent.exe |
"{1F56107C-57FB-4E09-A68B-C0B6FBAA7BB3}" = protocol=6 | dir=in | app=c:\users\timo\documents\steam\steamapps\common\football manager 2010\fm.exe |
"{22204260-E54A-4974-A256-E2180186C99C}" = protocol=17 | dir=in | app=c:\users\timo\documents\steam\steamapps\common\football manager 2014\fm.exe |
"{2241E3A7-4345-443A-B6F5-BC338213ED53}" = protocol=17 | dir=in | app=c:\users\timo\documents\steam\steamapps\common\football manager 2013 demo\fm.exe |
"{260D8DF2-349F-4EF7-B119-7CEB2BE958B1}" = dir=out | app=c:\program files (x86)\hewlett-packard\hp clouddrive\zumodrive.exe |
"{262E7FB0-F967-4225-A428-0D9F5EE537F9}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3235\agent.exe |
"{264A7001-4B25-4D86-ACDF-7841B9D51070}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3372\agent.exe |
"{283E1553-895A-423B-B694-E46AE1E68FBF}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3182\agent.exe |
"{28B98599-2D1C-45D9-84E4-B528414BE54E}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{293AC71E-3C7C-423C-84E5-00105998EDBB}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{29782A1E-8E29-4C6A-ACA1-0C5A891D9F8F}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3182\agent.exe |
"{2A8DD514-64B7-48F7-8D01-ACB289E4DA75}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3182\agent.exe |
"{2A9369E8-2A4A-4774-B41E-8EACA163566B}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3286\agent.exe |
"{2B668247-3E04-4C62-8668-F77D404ECD00}" = protocol=58 | dir=out | [email protected],-28546 |
"{32A83405-71CD-45C3-B701-418C11887A77}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2880\agent.exe |
"{34E18136-70EC-4436-B50F-2000E22DC38B}" = protocol=6 | dir=in | app=c:\users\timo\documents\steam\steamapps\common\dota 2 beta\dota.exe |
"{359C5D19-1119-4475-BBF0-47AC384F4DFE}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.515\agent.exe |
"{35AD50F3-BCB4-4DF1-BEC3-6ED025433A2E}" = protocol=17 | dir=in | app=c:\program files (x86)\diablo iii beta\diablo iii.exe |
"{37213746-838B-4EF0-AC0F-896F045CE709}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3147\agent.exe |
"{37BB19FF-3C5D-43F4-BFBE-8E8DF597AF57}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{38E7C1B6-556E-44BC-B58D-2A990907C0EA}" = protocol=17 | dir=in | app=c:\program files (x86)\arcsoft\totalmedia 3.5\totalmedia.exe |
"{39B1A930-E71F-4D3A-8024-71DB3014D63D}" = dir=in | app=c:\program files (x86)\apowersoft\episode downloader\apowersoftdump.dll |
"{3C405AB2-2EDA-43F6-91DE-B52E85D3B6CB}" = protocol=6 | dir=in | app=c:\users\timo\documents\steam\steamapps\common\dota 2 beta\dota.exe |
"{3E86052C-399B-4FC8-AB19-A2DF806770FF}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe |
"{3F4333F6-31F7-445E-AF20-9974DD533241}" = protocol=17 | dir=in | app=c:\users\timo\documents\steam\steamapps\common\terraria\terraria.exe |
"{402030B8-619E-4677-852D-E4FDDAE144CB}" = protocol=17 | dir=in | app=c:\users\timo\documents\steam\steamapps\common\torchlight ii\torchlight2.exe |
"{416B25EA-22B9-417F-9CB6-A026CF7E9895}" = protocol=6 | dir=in | app=c:\program files (x86)\diablo iii beta\diablo iii.exe |
"{449C16FF-FC45-4DA9-B1C5-569CC6ECAB53}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3346\agent.exe |
"{460153C0-4F9D-4470-8084-C65BEB4FA78E}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3346\agent.exe |
"{47C73B49-678C-40D8-BB73-86223FDF51EA}" = protocol=17 | dir=in | app=c:\users\timo\documents\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{485BEE4E-23F3-4092-A831-708B1F97248D}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1199\agent.exe |
"{4922DE82-602E-4189-BB10-EB76B5C3E472}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2380\agent.exe |
"{4A7B9900-92D9-4410-BEB0-22F4A4452D75}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3147\agent.exe |
"{4C2D5ADD-366C-491E-BF4E-88EDCBDCDF73}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2380\agent.exe |
"{4D068A22-1828-4850-921C-EDA44417F670}" = protocol=1 | dir=in | [email protected],-28543 |
"{4D14D613-DD84-44FB-9CA6-6E1EB1C3CA4E}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3235\agent.exe |
"{4E67AB5E-A922-4952-98F9-72B3A00ECA7B}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2380\agent.exe |
"{4F5E6A7D-6C52-4049-BC0A-37F5319280F7}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{5178C8A6-D9FB-4DBF-9259-76750014507D}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe |
"{5397D31E-F7F6-4A60-BE5F-B53F8901B7CC}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.524\agent.exe |
"{53BA0852-284E-44E6-BA75-6480F00724C5}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2880\agent.exe |
"{54F05C9E-B1E5-423E-9520-D5B2B0C6D07B}" = dir=in | app=c:\users\timo\appdata\local\microsoft\skydrive\skydrive.exe |
"{5AC1942F-DA54-425E-9C5D-448B5530FD86}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3346\agent.exe |
"{5B7F44B5-3594-406E-BC60-623DD55F5F39}" = protocol=6 | dir=in | app=c:\users\timo\documents\steam\steamapps\common\football manager 2014\fm.exe |
"{5C32CB12-F202-43DA-8C9F-36A282FA2D0C}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3235\agent.exe |
"{61E2FA6E-686E-4F99-A7E1-2FC266016208}" = protocol=6 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"{63AFE769-459F-4DF5-80CB-CB7388122211}" = protocol=58 | dir=in | [email protected],-28545 |
"{64C49999-DFEF-42F2-9DAB-0C80A9E238D6}" = protocol=17 | dir=in | app=c:\users\timo\documents\steam\bin\steamwebhelper.exe |
"{65BADF31-8B3B-4838-BEAA-18C22DE9BD2F}" = protocol=6 | dir=in | app=c:\users\timo\documents\steam\steamapps\common\torchlight ii\torchlight2.exe |
"{67886EC2-4F07-4FA3-90C5-6868BEF35144}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3023\agent.exe |
"{688BE3F6-A687-4ECD-A658-6A1710713C65}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2514\agent.exe |
"{6972A3C8-AADD-4A1E-ABDC-B979FDD923E8}" = protocol=17 | dir=in | app=c:\users\timo\documents\steam\steamapps\common\plants vs zombies\plantsvszombies.exe |
"{71D11C75-24F0-4280-813E-603D2D2D5B64}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3286\agent.exe |
"{71D8B5AB-F879-445F-B5D1-EF7864CC5164}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{722C8F39-7F3A-4682-B59B-081757F363A7}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2880\agent.exe |
"{7304B7CD-F1AA-4920-8FEC-BE1B50D84A0E}" = protocol=17 | dir=in | app=c:\users\timo\documents\steam\steamapps\common\max payne\maxpayne.exe |
"{737D1EDC-DB9D-4BE7-BB94-A939997EC660}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"{7484AC64-8F03-45B6-AFFD-44F4E6AF285C}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2880\agent.exe |
"{7537B31C-0647-42E4-BF9F-BB940FF0844B}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3182\agent.exe |
"{7687AB1C-B971-42AE-A78C-DCF8391D4795}" = dir=in | app=c:\program files (x86)\easybits for kids\ezdesktop.exe |
"{7760EC25-BBCC-4293-B93D-B2BFF3705CDC}" = protocol=17 | dir=in | app=c:\users\timo\documents\steam\steamapps\common\torchlight\torchlight.exe |
"{7C1F8337-F148-4EBC-8F08-2C3B059A111D}" = dir=in | app=c:\program files (x86)\apowersoft\episode downloader\episodedownloader.exe |
"{7C5D9E01-04C4-4EB0-8515-11968BD7443D}" = protocol=6 | dir=in | app=c:\users\timo\documents\steam\steamapps\common\terraria\terraria.exe |
"{7C63037A-9A1D-4B37-AEE5-EDCE85B0C9B4}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1225\agent.exe |
"{7CA93790-CFBC-44B3-990E-FAA26DF97703}" = protocol=6 | dir=in | app=c:\users\timo\documents\steam\steam.exe |
"{7E6E2FFB-C0A7-4A6F-B28D-37C6137E0869}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1637\agent.exe |
"{8003DC62-E6C9-4830-AF46-93B6DB330201}" = protocol=17 | dir=in | app=c:\users\timo\documents\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{820B519E-B532-4DAA-B104-69E7A9D23728}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe |
"{82C1939B-782E-4285-8A1F-581677808FDF}" = protocol=17 | dir=in | app=c:\users\timo\documents\steam\steamapps\common\football manager 2014\fm.exe |
"{8458476C-C78E-4397-A5E4-BAA4426C2CB8}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3334\agent.exe |
"{84E3517A-A1A5-4C37-856C-C1CD056C767C}" = protocol=17 | dir=in | app=c:\users\timo\documents\steam\steamapps\common\dota 2 beta\dota.exe |
"{85F2A52A-37D9-44AA-B7DE-005CD1B8A110}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3147\agent.exe |
"{87A8D136-38C7-49CB-AEB0-A71C03C0C40B}" = protocol=6 | dir=in | app=c:\program files (x86)\veetle\player\veetlenet.exe |
"{88ECEB8F-0450-471D-8638-707E8425FDF6}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3023\agent.exe |
"{8A60C7E5-EE35-479F-AAFA-9FA3904B9950}" = protocol=6 | dir=in | app=c:\users\timo\documents\steam\steamapps\common\plants vs zombies\plantsvszombies.exe |
"{8FC8E403-C56D-40FA-8919-5A186C0894B4}" = protocol=6 | dir=in | app=c:\users\timo\documents\steam\steamapps\common\torchlight\torchlight.exe |
"{8FF3B15C-11B1-4AE8-BDE4-A4A85E151121}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2514\agent.exe |
"{90F9D0D3-ACBE-4923-9B2E-A92B9AFB3A24}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2816\agent.exe |
"{97497EB6-DAF2-4F57-B8B5-4E43005273B9}" = protocol=6 | dir=in | app=c:\users\timo\documents\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{9A30D442-1691-43D2-A2BA-0CC661F29246}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2816\agent.exe |
"{9A379518-DB78-4414-9714-AC4F2416B9F1}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{9A5EF8A1-5A95-4D51-98EE-16A0DA55A3E2}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe |
"{9BB1AD5F-ED49-4391-A2EF-3CC21065DA41}" = protocol=6 | dir=in | app=c:\users\timo\documents\steam\steamapps\common\terraria\terraria.exe |
"{9D324583-C2D1-44B9-A35E-8118313CF959}" = protocol=6 | dir=in | app=c:\users\timo\documents\steam\bin\steamwebhelper.exe |
"{9E92D7A3-F6E8-4564-AD23-AC771AFADDFA}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3323\agent.exe |
"{9E9C1120-2AAD-4947-931E-626CC2386703}" = dir=in | app=c:\program files (x86)\hewlett-packard\hp clouddrive\zumodrive.exe |
"{9F3C7A97-4352-4FEB-AD3D-4FE479C19696}" = protocol=17 | dir=in | app=c:\users\timo\documents\steam\steamapps\common\terraria\terraria.exe |
"{9FAEC9C8-51D8-442B-A5B2-92D62CB405CA}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3286\agent.exe |
"{A04EB468-77A0-435A-BF28-F76916CA6BD9}" = protocol=17 | dir=in | app=c:\users\timo\documents\steam\steamapps\common\terraria\terraria.exe |
"{A3A912AC-2894-4B00-9E9C-9B33491545FB}" = protocol=6 | dir=in | app=c:\program files (x86)\hearthstone\hearthstone.exe |
"{A47AC44B-C2DD-407C-B961-A6B95ED72CEF}" = protocol=17 | dir=in | app=c:\users\timo\documents\steam\steamapps\common\space rangers 2 reboot\rangers.exe |
"{A5C0D093-8442-47A3-817A-3D3A45D60DE8}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"{AA154E12-3558-4B1B-B949-2C106F82E645}" = protocol=17 | dir=in | app=c:\users\timo\documents\steam\steamapps\common\dota 2 beta\dota.exe |
"{AA8BDBF9-E078-4FE1-8FE6-4A74E4F7825B}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3323\agent.exe |
"{AAE16480-81E9-4406-8BE1-C21501B6802A}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{AAEDCEB8-EECE-4F04-A5D5-BBFE5DFB72C0}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2514\agent.exe |
"{AD0D3A83-625E-4B4C-9B98-0F04EA7CA457}" = dir=in | app=c:\program files (x86)\apowersoft\episode downloader\episode-downloader.exe |
"{AE4DF5DE-CA38-4ACB-AF38-B943B4CB16E2}" = protocol=17 | dir=in | app=c:\users\timo\documents\steam\steamapps\common\montezuma 4\thetreasuresofmontezuma4.exe |
"{AEE122F5-780C-4770-878F-0CD1C5523EF8}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1637\agent.exe |
"{B10C8D63-5101-484D-91F4-DEAD59BAF075}" = protocol=6 | dir=in | app=c:\program files (x86)\veetle\player\veetlenet.exe |
"{B14A12F9-7E0D-4FFA-8F18-EBDDF6007298}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{B1E13993-0248-4AB3-8F74-025B2434DE93}" = dir=in | app=c:\program files (x86)\rapidsolution\audials 9\audials.exe |
"{B2A2D06B-9B6E-4C73-B402-EEB42799EA8A}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3323\agent.exe |
"{B3CA92B4-5D4E-433E-A1CC-1B22DB077F51}" = protocol=17 | dir=in | app=c:\users\timo\documents\steam\steam.exe |
"{B5D296C4-6F2B-4F0F-BB0C-7FCF969A2780}" = protocol=17 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"{B86648EF-5167-4347-84A9-DBBE5D963BF3}" = dir=in | app=c:\program files (x86)\apowersoft\episode downloader\apowersoftsrv.dll |
"{BAA07FF6-02B5-4F80-BD45-B0EC48B5BEA0}" = protocol=6 | dir=in | app=c:\users\timo\documents\steam\steamapps\common\max payne\maxpayne.exe |
"{BB33AB41-34C1-4E24-8A73-4932A5920574}" = protocol=6 | dir=in | app=c:\program files (x86)\arcsoft\totalmedia 3.5\totalmedia.exe |
"{BE23C79E-7D3A-4373-A239-70316359A240}" = protocol=17 | dir=in | app=c:\users\timo\documents\steam\steamapps\common\football manager 2014\fm.exe |
"{BFFE4FBA-4665-4EE0-B628-65402353992C}" = protocol=17 | dir=in | app=c:\users\timo\documents\steam\steam.exe |
"{C20261DD-3B86-4B1E-BCCF-AC234280EAD6}" = protocol=17 | dir=in | app=c:\users\timo\documents\steam\steamapps\common\football manager 2010\fm.exe |
"{C3833A69-53AF-440F-96EB-6B27CA99F75B}" = dir=in | app=c:\windows\system32\ezsharedsvchost.exe |
"{C3D2D812-A098-447C-8251-20EA31A14426}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3147\agent.exe |
"{C538B553-2D84-4C44-9693-F543E3DD9833}" = protocol=17 | dir=in | app=c:\users\timo\documents\steam\steamapps\common\plants vs zombies\plantsvszombies.exe |
"{C60FCF68-9309-4485-AD83-2EE4B286AEF5}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1199\agent.exe |
"{C87C1B23-B444-495A-AE69-43AFAC56007B}" = protocol=6 | dir=in | app=c:\program files (x86)\veetle\player\veetlenet.exe |
"{C97FD3CF-3E21-411C-914D-466D4EEE7409}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1225\agent.exe |
"{C9D0C3FE-4C31-43C7-9605-446FC61FBD27}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2717\agent.exe |
"{CA457C09-F4A8-4F9D-9819-9A9D0394E840}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3235\agent.exe |
"{CA4A34AE-5F09-44AD-8503-F95D486CD4F9}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe |
"{CD1EE135-BD4A-4449-BD7A-C218EF8E0A43}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2816\agent.exe |
"{D391CF94-0937-49DB-B9FB-42D9CB6316D0}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.524\agent.exe |
"{D5D9F24A-3D96-4013-A10E-F3F2B0D35175}" = protocol=17 | dir=in | app=c:\users\timo\documents\steam\steamapps\common\torchlight ii\modlauncher.exe |
"{D8B32D99-CDEB-4023-9E4C-60B1178E2296}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1637\agent.exe |
"{DD154878-103B-45F4-AC06-FD4D1D714A7E}" = protocol=6 | dir=in | app=c:\users\timo\documents\steam\steamapps\common\football manager 2014\fm.exe |
"{DEF8B340-E24E-4483-9238-2DE2739EE52C}" = protocol=6 | dir=in | app=c:\users\timo\documents\steam\steamapps\common\football manager 2014\fm.exe |
"{E10761C5-2396-4108-8FD3-115ED573F87C}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3023\agent.exe |
"{E765FCF9-5114-4282-8E06-BEC61513CD2A}" = protocol=6 | dir=in | app=c:\program files (x86)\battle.net\battle.net.exe |
"{E7883D3D-1FA1-4210-ADC5-EF58FB235AAE}" = protocol=6 | dir=in | app=c:\users\timo\documents\steam\steamapps\common\torchlight ii\modlauncher.exe |
"{EB4A5F1F-1CA2-4D55-BA48-E6AEF70A45B8}" = protocol=6 | dir=in | app=c:\program files (x86)\veetle\player\veetlenet.exe |
"{ECD345AE-E87E-44ED-8EF6-7A6785D3B527}" = protocol=6 | dir=in | app=c:\users\timo\documents\steam\steamapps\common\railroad tycoon 2 platinum\rt2_plat.exe |
"{ED73481F-5DCC-432F-B77B-52CF78C2D254}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2717\agent.exe |
"{EF7EF8A0-CAA4-47E8-A2C3-E11F73633096}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3323\agent.exe |
"{F1910E2C-AB5C-4943-9027-89422AF80799}" = protocol=17 | dir=in | app=c:\program files (x86)\hearthstone\hearthstone.exe |
"{F5565D9E-846F-41D2-867B-C0DF2F5DFD0F}" = protocol=6 | dir=in | app=c:\users\timo\documents\steam\steam.exe |
"{F613FA64-BCDA-40B7-9FB2-ED0B6EB24691}" = protocol=6 | dir=in | app=c:\users\timo\documents\steam\steamapps\common\plants vs zombies\plantsvszombies.exe |
"{F67B776A-FE52-41B4-B371-FCD3300ADCDC}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3286\agent.exe |
"{FB5B28F5-B4BE-4154-A046-D0D762E244B3}" = protocol=6 | dir=in | app=c:\program files (x86)\veetle\player\veetlenet.exe |
"{FB5F9E07-FE8F-4282-B9E2-9B13CABCC89E}" = protocol=6 | dir=in | app=c:\users\timo\documents\steam\steamapps\common\terraria\terraria.exe |
"{FC628E20-4F8C-4657-8CC7-ED3C9D4E3FA3}" = protocol=6 | dir=in | app=c:\users\timo\documents\steam\steamapps\common\space rangers 2 reboot\rangers.exe |
"{FCC9B764-E199-4260-BDED-6DF99EF17ADF}" = protocol=6 | dir=in | app=c:\users\timo\documents\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{FD12DD96-F914-438C-991A-35217775570F}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3372\agent.exe |
"{FE25396B-765E-45F9-8800-03AFE1984D80}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3334\agent.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{13DCC2C7-454D-42F0-A892-E0E9A5DE4E67}" = HP Wireless Assistant
"{1C3266D4-0DA1-415B-951B-7B5B050B16F1}" = Validity WBF DDK
"{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}.sdb" = GOG.com Heroes of Might and Magic 3
"{26A24AE4-039D-4CA4-87B4-2F86416022FF}" = Java 6 Update 22 (64-bit)
"{26A24AE4-039D-4CA4-87B4-2F86418011FF}" = Java 8 Update 11 (64-bit)
"{2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}" = HP Client Services
"{2DF79A08-9BFB-3120-B62D-F7E489A984EE}" = Microsoft .NET Framework 4.5.1 (FIN)
"{2E794F67-DAC1-C4A3-9128-0C841DF8A1BE}" = ATI Catalyst Install Manager
"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = Broadcom 2070 Bluetooth 3.0
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5F611ADA-B98C-4DBB-ADDE-414F08457ECF}" = Windows Live Family Safety
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6B1CE2EC-0C3A-4AE1-A8EF-B517016A2342}" = HP 3D DriveGuard
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-006D-040B-1000-0000000FF1CE}" = Microsoft Officen pika-asennus 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1035" = Microsoft .NET Framework 4.5.1 (suomi)
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A7EEF79E-06B2-4382-9D2E-39DBA0F72D50}" = Eraser 6.0.8.2273
"{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{F12CAF9A-1803-610D-C686-220E35980C99}" = ccc-utility64
"{F6822EFD-3F7D-4B35-8845-757A26AEC8E2}" = Windows Live MIME IFilter
"Broadcom 802.11 Wireless LAN Adapter" = Broadcom 802.11 Wireless LAN Adapter
"DiskMax" = DiskMax 4.71
"EPSON SX235 Series" = EPSON SX235 Series Printer Uninstall
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"ZonerPhotoStudio14_EN_is1" = Zoner Photo Studio 14
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0125DB4D-98A0-4DBF-B68A-23BF08FFA6A3}" = Windows Live Messenger
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{048C8498-C20B-4AF7-9978-7A79E567D74C}" = Photo Common
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar
"{0A143C9B-DCE4-5089-E3DE-12BBCA178C12}" = CCC Help Russian
"{0AD84416-63A4-4CF3-BDDF-8FA866711FB0}" = Civilization III
"{0B783100-6F04-4E2F-B83D-0A9B4EEDE47A}" = Windows Live Writer Resources
"{0F7BFF8F-274A-05FE-2D37-A0C644424871}" = CCC Help Greek
"{10186F1A-6A14-43DF-A404-F0105D09BB07}" = Windows Live Mail
"{124DB96E-CBF5-44FB-AB59-7D2444DEC777}" = HP On Screen Display
"{133D9D67-D475-4407-AC3C-D558087B2453}" = Windows Live Movie Maker
"{15775C9B-CD12-BDAF-F5FA-E06A7CB4F25D}" = CCC Help Korean
"{18272881-CFC0-434D-A975-E5BE44206AA0}" = Windows Live UX Platform Language Pack
"{18562567-BC92-9861-00B8-90B8F5545EA8}" = LangoMax Adult Advantage
"{1A79A578-4277-48AF-98A6-F9E48CF1B6D8}" = Windows Live Writer
"{1CAC7A41-583B-4483-9FA5-3E5465AFF8C2}" = Microsoft Default Manager
"{1D6F9A9A-DCF3-45A7-9B14-46DDA778313F}" = Windows Liven sähköposti
"{1EA7C505-E6DA-4B85-9432-EBD3C70D510D}" = Windows Live Messenger
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{1FE417E2-6B8F-44CA-A7DF-A4BD072E8ED8}_is1" = Leawo DVD Ripper version 5.1.0.0
"{220C7F8C-929D-4F71-9DC7-F7A6823B38E4}" = Windows Live UX Platform Language Pack
"{23A3E560-069F-4CFC-8F6C-1B526EC735FC}" = Windows Live Writer Resources
"{24DF33E0-F924-4D0D-9B96-11F28F0D602D}" = Windows Live UX Platform Language Pack
"{25CD4B12-8CC5-433E-B723-C9CB41FA8C5A}" = Windows Live Writer
"{264FE20A-757B-492a-B0C3-4009E2997D8A}" = PictureMover
"{28B2947F-FC0B-4450-80E3-6DF698E824A6}" = Windows Liven peruspaketti
"{28B9D2D8-4304-483F-AD71-51890A063A74}" = Windows Live Photo Common
"{2AEDC172-479F-47AE-8A48-A0524D4AED5B}_is1" = Inpaint 3.1
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2CAF2C07-3219-8143-0E1C-EB1E20223171}" = CCC Help Japanese
"{2CF48C8D-38F6-09E3-C24D-69999191726F}" = CCC Help Portuguese
"{2E50E321-4747-4EB5-9ECB-BBC6C3AC0F31}" = Windows Live Writer Resources
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{3436866E-2C3A-AC6F-C6CF-1ABFF5FB69A3}" = CCC Help Thai
"{381AAE35-6FB5-437E-8DD9-9C5C733943ED}" = Windows Live Family Safety
"{3BC81D4E-0E14-472D-2DA4-CB51D9A21BAE}" = Catalyst Control Center InstallProxy
"{3CBC0CD2-18F0-523D-DA6A-B224C3C4B2CF}" = CCC Help French
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{400C31E4-796F-4E86-8FDC-C3C4FACC6847}" = Junk Mail filter update
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}" = Windows Live Photo Gallery
"{485DF5E7-8379-4BFA-BAE1-9B8DBFE0D6B4}" = Paragon Backup and Recovery™ 11 Compact Edition
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A04DB63-8F81-4EF4-9D09-61A2057EF419}" = Windows Live Essentials
"{4C2BF3B9-7E8A-49DE-B662-3656FE60BB01}" = Civ3 Conquests v1.22 Full
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{5175254C-4F5C-61DF-9647-306994652857}" = CCC Help Chinese Traditional
"{52FB1497-BBDD-F46F-2ADE-407148D63C65}" = CCC Help Dutch
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{5486C37D-73E8-4C31-A3FA-D796494F8286}" = Catalyst Control Center - Branding
"{57CDA1B9-ED35-4382-AA87-C55A87676E65}_is1" = Fortop FLV Player 1.1
"{5AF4B3C4-C393-48D7-AC7E-8E7615579548}" = Adobe AIR
"{5B9C9486-4287-4621-8F9D-EC3EE622A82F}" = LibreOffice 4.0.5.2
"{5BABDA39-61CF-41EE-992D-4054B6649A9B}" = Movie Maker
"{5C2F5C1B-9732-4F81-8FBF-6711627DC508}" = Windows Live Fotogalleri
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{610A0147-10AB-D148-B6E1-503E40A444B9}" = CCC Help German
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{62CC9AF4-EDD9-43C8-9856-FFD60362CFA9}" = Windows Live Messenger
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{66F0F1EB-A7B1-4592-BE90-404CD9E49053}" = HP Documentation
"{69CAC24D-B1DC-4B97-A1BE-FE21843108FE}" = Windows Live Writer Resources
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.1.1
"{70854FE6-3BF1-4C69-94D0-BEB821102E34}" = Windows Live Mail
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7216871F-869E-437C-B9BF-2A13F2DCE63F}_is1" = Auslogics BoostSpeed
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74292F90-895A-4FC6-A692-9641532B1B63}" = ArcSoft TotalMedia 3.5
"{77C4850C-3592-4A2F-B652-ACB77A1EF77C}" = Bing Bar Platform
"{7ADFA72D-2A9F-4DEC-80A5-2FAA27E23F0F}" = Windows Live Photo Common
"{7B0C5EF6-DE4C-4E20-8889-C17604FFE5CD}" = Windows Live Family Safety
"{7F6021AE-E688-4D03-843A-C2260482BA0D}" = Windows Live Messenger
"{7F9EA30A-2DD4-81B6-8A08-719EB8683C40}" = CCC Help Finnish
"{802C068E-0576-4F25-8137-D54B7DB0FC5E}" = HP Setup
"{827D3E4A-0186-48B7-9801-7D1E9DD40C07}" = Windows Live Essentials
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83F8B662-32C3-D1B6-8048-35ED4B94DC87}" = CCC Help Danish
"{86C40513-B5A4-476E-9EAB-EC118DCF4502}" = Windows Live Writer
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{885F1BCD-C344-4758-85BD-09640CF449A5}" = Windows Live Photo Gallery
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8ED43F7E-A8F6-4898-AF11-B6158F2EDF94}" = Epson Event Manager
"{90140011-0066-040B-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - suomi
"{90A4562F-D4A1-4B65-906D-41F236CF6902}" = Path of Exile
"{924B4D82-1B97-48EB-8F1E-55C4353C22DB}" = Windows Live Mail
"{928B06E4-DDAA-476A-926A-641620326327}" = Microsoft Search Enhancement Pack
"{931CFA8E-3CE1-4A96-97D7-32B21A7A8DAA}_is1" = Command & Conquer Gold Edition Stand Alone v1.06c revision 3
"{94D44424-3A83-C25E-CB75-0703750714C2}" = Catalyst Control Center Localization All
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{954680D5-B7C6-E5BA-9B62-09A5AB1F8022}" = CCC Help Hungarian
"{95CEC285-7B63-3D66-0B3F-EF0D9116375C}" = CCC Help Spanish
"{97C79BEC-43F7-4BD8-A6A7-85C0257E488A}" = Windows Live Writer
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CC8FD91-0E7A-4FC4-82C7-160F0BB3A91A}" = HP Software Framework
"{A02D7029-C4EF-44C1-9FD4-C0D3CA518113}" = Epson Easy Photo Print 2
"{A1CD76EB-30CA-45EE-9946-5FC20BA62012}" = Age of Wulin
"{AB2E32E3-B0C3-592C-8093-308249A70C82}" = PX Profile Update
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.08)
"{AE856388-AFAD-4753-81DF-D96B19D0A17C}" = HP Setup Manager
"{AF306BD8-F9D1-4627-89B9-246E59074A05}" = HP Power Manager
"{B1AEF127-E01A-40D8-3CDC-F4C76BF2A42B}" = CCC Help Polish
"{B2D55EB8-32C5-4B43-9006-9E97DECBA178}" = Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)
"{B584C0FA-5037-C2DB-8399-A3153101B066}" = Catalyst Control Center Graphics Previews Common
"{B80D3EA9-A252-4AE5-AC51-81729F5C586F}" = Windows Live Mail
"{B8812AF2-8483-4538-88AB-F1A4A145B209}" = Audials
"{BA068968-594F-40BE-8EE8-99119123C991}" = Windows Live UX Platform Language Pack
"{BAD4B8FA-4BDA-4A59-BE64-9741031680C7}" = Movie Maker
"{BBCD6D56-8A26-4DDE-9482-DBC9C7B7341D}" = WestwoodOnline
"{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}" = Energy Star Digital Logo
"{C034A6F9-6569-491B-B3BF-F5D15221A708}" = Windows Live Essentials
"{C125CF1B-32B7-A63B-4DBE-72555A1D4730}" = CCC Help Italian
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C2E21D9B-8AD7-588F-9BE9-70054C864D20}" = CCC Help Norwegian
"{C32F4F5A-C9FB-427C-9F6F-9DB157611FFF}" = Valokuvavalikoima
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C7231F7C-6530-4E65-ADA6-5B392CF5BEB1}" = Recovery Manager
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{C9BFF8C0-2698-4E07-A808-5971E573D257}_is1" = Quintessence - The Blighted Venom [Chapter 1 - 11]
"{CD442136-9115-4236-9C14-278F6A9DCB3F}" = Windows Live Movie Maker
"{CF671BFE-6BA3-44E7-98C1-500D9C51D947}" = Windows Live Photo Gallery
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D2C146B1-948D-47EF-8387-5D1C6B980F7C}" = Windows Live Writer
"{D31169F2-CD71-4337-B783-3E53F29F4CAD}" = Windows Live Mail
"{D6399FF6-7BDF-F604-E493-76B47CF59C15}" = CCC Help Swedish
"{D79531DC-85D7-997F-4083-CE65505F1B7E}" = Catalyst Control Center Profiles Mobile
"{D888F114-7537-4D48-AF03-5DA9C82D7540}" = Photo Common
"{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}" = Windows Live Movie Maker
"{DCAB6BA7-6533-44BF-9235-E5BF33B7431C}" = Windows Live Writer
"{DDBB7C89-1A09-441E-AA0F-6AA465755C17}" = REALTEK DTV USB DEVICE
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E5DD4723-FE0B-436E-A815-DC23CF902A0B}" = Windows Live UX Platform Language Pack
"{E7117563-58FF-5A50-664D-619DA8B5E3BF}" = CCC Help Chinese Standard
"{E76CDDCE-EFC0-4FE5-9972-9489CE49AA55}_is1" = NeoDownloader 2.9.5
"{E8524B28-3BBB-4763-AC83-0E83FE31C350}" = Windows Live Writer
"{E9D98402-21AB-4E9F-BF6B-47AF36EF7E97}" = Windows Live Writer Resources
"{EB58480C-0721-483C-B354-9D35A147999F}" = HP Quick Launch
"{ED3D587B-9B2E-9F1F-723E-CE137F82CA85}" = ccc-core-static
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Display Audio Driver
"{F0F9505B-3ACF-4158-9311-D0285136AA00}" = Windows Live Essentials
"{F1DD6CD2-6734-4089-9EF5-441F51E083B6}" = HP SimplePass 2011
"{F2235E5E-7881-4293-9B6F-04B2609FBFF0}" = Windows Live Messenger
"{F31BC49F-AB7B-4A53-A399-EB7331B585BC}" = Civilization III: Conquests
"{F694D1F7-1F12-4550-9B7A-C871273ABAD5}" = Windows Live Messenger
"{F9000000-0018-0000-0000-074957833700}" = ABBYY FineReader 9.0 Sprint
"{FB3F7ACE-1633-5A41-250A-FA00E95EE402}" = CCC Help Czech
"{FC18709C-C93F-6BF7-904A-43B0125725ED}" = CCC Help English
"{FC6C7107-7D72-41A1-A031-3CE751159BAB}" = Photo Gallery
"{FD7F0DB8-0E96-4D64-AD4D-9B5A936AF2A8}" = LightScribe System Software
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 9.20
"ABBYY FineReader 9.0 Sprint" = ABBYY FineReader 9.0 Sprint
"AC3Filter_is1" = AC3Filter 1.63b
"Adobe AIR" = Adobe AIR
"Adobe Digital Editions 2.0" = Adobe Digital Editions 2.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 14 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"AdultAdvantage" = LangoMax Adult Advantage
"Aimersoft DRM Media Converter_is1" = Aimersoft DRM Media Converter(Build 1.5.5.0)
"allslots" = All Slots Casino
"AnVir Task Manager Pro" = AnVir Task Manager Pro
"Areena 5 v1.21" = Areena 5 v1.21
"Around the World in 80 Days_is1" = Around the World in 80 Days
"Audiodope_is1" = Audiodope 0.26
"Baldur's Gate II_is1" = Baldur's Gate II
"Baldur's Gate_is1" = Baldur's Gate
"Bandicam" = Bandicam
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"Battle.net" = Battle.net
"CD Audio Reader Filter" = CD Audio Reader Filter (remove only)
"CleanMem" = CleanMem
"D-Fend Reloaded" = D-Fend Reloaded 1.3.2 (deinstall)
"Diablo II" = Diablo II
"Divine Divinity_is1" = Divine Divinity
"eMusic Download Manager 5.0.3" = eMusic Download Manager
"eMusic Download Manager 6" = eMusic Download Manager 6
"EPSON Scanner" = EPSON Scan
"EPSON SX235 Series Netg" = Verkko-opas EPSON SX235 Series
"EPSON SX235 Series Useg" = Käyttöopas EPSON SX235 Series
"Everlong" = Everlong
"FeyRecorder" = FeyRecorder
"ffdshow_is1" = ffdshow v1.1.3572 [2010-09-13]
"FileHippo.com" = FileHippo.com Update Checker
"GOGPACKAVERNUM_is1" = Avernum Series
"GOGPACKHARVESTER_is1" = Harvester
"GOGPACKHOMM3COMPLETE_is1" = Heroes of Might and Magic 3 Complete
"GOGPACKPANZERGENERAL2_is1" = Panzer General 2
"Hearthstone" = Hearthstone
"Hide Your IP Address_is1" = Hide Your IP Address
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"iSafe" = Yet Another Cleaner!
"Jagged Alliance 2_is1" = Jagged Alliance 2
"LastFM_is1" = Last.fm Scrobbler 2.1.30
"MahJong Suite_is1" = MahJong Suite 2012 v9.0
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware versio 2.0.2.1012
"MEDIA Revolution_is1" = MEDIA Revolution
"midicair Toolbar" = midicair Toolbar
"Mobile Broadband" = Mobile Broadband
"Mozilla Firefox 32.0.3 (x86 en-US)" = Mozilla Firefox 32.0.3 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"My HP Game Console" = HP Game Console
"NIS" = Norton Internet Security
"Office14.Click2Run" = Microsoft Officen pika-asennus 2010
"OpenSource Flash Video Splitter" = OpenSource Flash Video Splitter 1.0.0.5
"Origin" = Origin
"Outcast_is1" = Outcast
"PotPlayer" = Daum PotPlayer 1.5.39036
"PrivaZer" = PrivaZer
"ProcessLasso" = Process Lasso
"RadioMaximus_is1" = RadioMaximus 1.85
"RarmaRadio_is1" = RarmaRadio 2.69
"RealPlayer 6.0" = RealPlayer
"Royal Envoy_is1" = Royal Envoy
"Sid Meier's Railroad Tycoon" = Sid Meier's Railroad Tycoon
"Sound Editor Deluxe_is1" = Sound Editor Deluxe v6.0.1
"SpeedFan" = SpeedFan (remove only)
"Spider Player_is1" = Spider Player 2.5.3
"Steam App 105600" = Terraria
"Steam App 12140" = Max Payne
"Steam App 200710" = Torchlight II
"Steam App 216530" = Football Manager 2013 Demo
"Steam App 220" = Half-Life 2
"Steam App 231670" = Football Manager 2014
"Steam App 301150" = The Treasures of Montezuma 4
"Steam App 34000" = Football Manager 2010
"Steam App 3590" = Plants vs. Zombies: Game of the Year
"Steam App 41500" = Torchlight
"Steam App 440" = Team Fortress 2
"Steam App 46330" = Space Rangers 2: Reboot
"Steam App 570" = Dota 2
"Steam App 72850" = The Elder Scrolls V: Skyrim
"Steam App 7620" = Railroad Tycoon 2: Platinum
"SysResources Manager11.1" = SysResources Manager
"Theme Hospital_is1" = Theme Hospital
"Veetle TV" = Veetle TV
"WildTangent hp Master Uninstall" = HP Games
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
"WT087328" = Blackhawk Striker 2
"WT087330" = Bounce Symphony
"WT087343" = Dora's World Adventure
"WT087361" = FATE
"WT087362" = Final Drive Nitro
"WT087394" = Penguins!
"WT087395" = Poker Superstars III
"WT087396" = Polar Bowler
"WT087397" = Polar Golfer
"WT087428" = Bejeweled 2 Deluxe
"WT087453" = Chuzzle Deluxe
"WT087501" = Plants vs. Zombies
"WT087533" = Zuma Deluxe
"WT089299" = Mystery P.I. - The London Caper
"WT089300" = World Cup Cricket 20-20
"WT089307" = Virtual Villagers 4 - The Tree of Life
"WT089308" = Blasterball 3
"WT089328" = Farm Frenzy
"WT089359" = Cake Mania
"WT089362" = Agatha Christie - Peril at End House
"YU2010_is1" = Your Uninstaller! 7
"ZMBV" = Zip Motion Block Video codec (Remove Only)
"ZumoDrive" = HP CloudDrive
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Octoshape Streaming Services" = Octoshape Streaming Services
"SkyDriveSetup.exe" = Microsoft SkyDrive
"Spotify" = Spotify
"TwistedBrush Pro Studio" = TwistedBrush Pro Studio
"webmdshow" = WebM Project Directshow Filters
"Winamp Detect" = Winamp Detector Plug-in
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 2/15/2013 5:34:11 AM | Computer Name = Timo-HP | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 2/15/2013 4:42:53 PM | Computer Name = Timo-HP | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 2/16/2013 3:43:33 PM | Computer Name = Timo-HP | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 2/16/2013 5:48:19 PM | Computer Name = Timo-HP | Source = Application Error | ID = 1000
Description = Viallisen sovelluksen nimi: Client.exe, versio: 0.0.0.0, aikaleima:
0x511b0fcf Viallisen moduulin nimi: Client.exe, versio: 0.0.0.0, aikaleima: 0x511b0fcf
Poikkeuskoodi:
0xc0000094 Virhepoikkeama: 0x0001bac6 Viallisen prosessin tunnus: 0x8a0 Viallisen
sovelluksen käynnistysaika: 0x01ce0c7c2608ac51 Viallisen sovelluksen polku: C:\Program
Files (x86)\Grinding Gear Games\Path of Exile\Client.exe Viallisen moduulin polku:
C:\Program Files (x86)\Grinding Gear Games\Path of Exile\Client.exe Raportin tunnus:
92ee1890-7882-11e2-9275-001e101f7f74
Error - 2/18/2013 11:27:16 AM | Computer Name = Timo-HP | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 2/18/2013 12:16:39 PM | Computer Name = Timo-HP | Source = SideBySide | ID = 16842832
Description = Aktivointikontekstin luonti kohteelle C:\Users\Timo\Downloads\SoftonicDownloader_for_spider-player.exe
epäonnistui. Virhe luettelo- tai käytäntötiedoston rivillä . Sovelluksen edellyttämä
osaversio on ristiriidassa jo aktiivisena olevan osaversion kanssa. Ristiriitaiset
osat: Osa 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Osa
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 2/19/2013 11:25:09 AM | Computer Name = Timo-HP | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 2/19/2013 3:56:55 PM | Computer Name = Timo-HP | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 2/20/2013 5:03:25 AM | Computer Name = Timo-HP | Source = CVHSVC | ID = 100
Description = Vain tietoja. (Patch task for {90140011-0066-040B-0000-0000000FF1CE}):
DownloadLatest Failed:
Error - 2/20/2013 11:08:16 AM | Computer Name = Timo-HP | Source = Customer Experience Improvement Program | ID = 1008
Description =
[ Hewlett-Packard Events ]
Error - 7/20/2012 1:01:57 PM | Computer Name = Timo-HP | Source = HPSF.exe | ID = 4000
Description =
Error - 8/20/2012 4:00:54 AM | Computer Name = Timo-HP | Source = HPSF.exe | ID = 4000
Description =
Error - 8/20/2012 8:08:22 AM | Computer Name = Timo-HP | Source = HPSF.exe | ID = 4000
Description =
Error - 8/20/2012 3:22:59 PM | Computer Name = Timo-HP | Source = HPSF.exe | ID = 4000
Description =
Error - 10/20/2012 9:41:32 AM | Computer Name = Timo-HP | Source = HPSF.exe | ID = 4000
Description =
Error - 11/20/2012 11:50:25 AM | Computer Name = Timo-HP | Source = HPSF.exe | ID = 4000
Description =
Error - 2/20/2013 10:58:56 AM | Computer Name = Timo-HP | Source = HPSF.exe | ID = 4000
Description =
Error - 2/20/2013 12:36:34 PM | Computer Name = Timo-HP | Source = HPSF.exe | ID = 4000
Description =
Error - 2/20/2013 4:46:52 PM | Computer Name = Timo-HP | Source = HPSF.exe | ID = 4000
Description =
Error - 3/20/2013 6:39:13 AM | Computer Name = Timo-HP | Source = HPSF.exe | ID = 4000
Description =
[ HP Software Framework Events ]
Error - 2/4/2013 3:40:15 PM | Computer Name = Timo-HP | Source = CaslWmi | ID = 5
Description = 2013.02.04 21:40:15.431|0000164C|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
Error - 2/4/2013 3:42:06 PM | Computer Name = Timo-HP | Source = CaslWmi | ID = 5
Description = 2013.02.04 21:42:06.441|0000168C|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
Error - 2/4/2013 3:42:07 PM | Computer Name = Timo-HP | Source = CaslWmi | ID = 5
Description = 2013.02.04 21:42:07.835|0000080C|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
Error - 2/25/2013 3:36:06 PM | Computer Name = Timo-HP | Source = CaslWmi | ID = 5
Description = 2013.02.25 21:36:06.171|000018B8|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
Error - 2/25/2013 3:37:37 PM | Computer Name = Timo-HP | Source = CaslWmi | ID = 5
Description = 2013.02.25 21:37:37.089|00001160|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
Error - 2/25/2013 3:37:38 PM | Computer Name = Timo-HP | Source = CaslWmi | ID = 5
Description = 2013.02.25 21:37:38.433|00001D38|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
Error - 3/11/2013 3:38:27 PM | Computer Name = Timo-HP | Source = CaslWmi | ID = 5
Description = 2013.03.11 21:38:27.298|00001764|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
Error - 3/11/2013 3:40:16 PM | Computer Name = Timo-HP | Source = CaslWmi | ID = 5
Description = 2013.03.11 21:40:16.794|00001698|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
Error - 3/11/2013 3:40:18 PM | Computer Name = Timo-HP | Source = CaslWmi | ID = 5
Description = 2013.03.11 21:40:18.257|00001950|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
Error - 3/25/2013 5:42:50 PM | Computer Name = Timo-HP | Source = CaslWmi | ID = 5
Description = 2013.03.25 23:42:50.106|00000478|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
[ HP Wireless Assistant Events ]
Error - 11/17/2011 3:26:26 PM | Computer Name = Timo-HP | Source = HP WA Application | ID = 0
Description = HardwareAccess.UnableToConnectException Application.ApplicationStartup;
failed to create hardware layer Virhe sovelluksessa. kohteessa HardwareAccess.Hardware..ctor(Dispatcher
dispatcher, ServicePort port, Int32 timeout) kohteessa HardwareAccess.Hardware.Create(Dispatcher
dispatcher, ServicePort port, Int32 timeout) kohteessa HPWA_Main.App.ApplicationStartup(Object
sender, StartupEventArgs args)
Error - 11/17/2011 3:26:26 PM | Computer Name = Timo-HP | Source = HP WA Application | ID = 0
Description = MainWindow.ShowImpl; not initialized, closing application...
Error - 11/18/2011 11:18:39 AM | Computer Name = Timo-HP | Source = HP WA Application | ID = 0
Description = HardwareAccess.UnableToConnectException Application.ApplicationStartup;
failed to create hardware layer Virhe sovelluksessa. kohteessa HardwareAccess.Hardware..ctor(Dispatcher
dispatcher, ServicePort port, Int32 timeout) kohteessa HardwareAccess.Hardware.Create(Dispatcher
dispatcher, ServicePort port, Int32 timeout) kohteessa HPWA_Main.App.ApplicationStartup(Object
sender, StartupEventArgs args)
Error - 11/18/2011 11:18:39 AM | Computer Name = Timo-HP | Source = HP WA Application | ID = 0
Description = MainWindow.ShowImpl; not initialized, closing application...
Error - 11/19/2011 9:59:27 AM | Computer Name = Timo-HP | Source = HP WA Application | ID = 0
Description = HardwareAccess.UnableToConnectException Application.ApplicationStartup;
failed to create hardware layer Virhe sovelluksessa. kohteessa HardwareAccess.Hardware..ctor(Dispatcher
dispatcher, ServicePort port, Int32 timeout) kohteessa HardwareAccess.Hardware.Create(Dispatcher
dispatcher, ServicePort port, Int32 timeout) kohteessa HPWA_Main.App.ApplicationStartup(Object
sender, StartupEventArgs args)
Error - 11/19/2011 9:59:28 AM | Computer Name = Timo-HP | Source = HP WA Application | ID = 0
Description = MainWindow.ShowImpl; not initialized, closing application...
Error - 11/20/2011 10:20:40 AM | Computer Name = Timo-HP | Source = HP WA Application | ID = 0
Description = HardwareAccess.UnableToConnectException Application.ApplicationStartup;
failed to create hardware layer Virhe sovelluksessa. kohteessa HardwareAccess.Hardware..ctor(Dispatcher
dispatcher, ServicePort port, Int32 timeout) kohteessa HardwareAccess.Hardware.Create(Dispatcher
dispatcher, ServicePort port, Int32 timeout) kohteessa HPWA_Main.App.ApplicationStartup(Object
sender, StartupEventArgs args)
Error - 11/20/2011 10:20:40 AM | Computer Name = Timo-HP | Source = HP WA Application | ID = 0
Description = MainWindow.ShowImpl; not initialized, closing application...
Error - 11/21/2011 2:06:55 PM | Computer Name = Timo-HP | Source = HP WA Application | ID = 0
Description = HardwareAccess.UnableToConnectException Application.ApplicationStartup;
failed to create hardware layer Virhe sovelluksessa. kohteessa HardwareAccess.Hardware..ctor(Dispatcher
dispatcher, ServicePort port, Int32 timeout) kohteessa HardwareAccess.Hardware.Create(Dispatcher
dispatcher, ServicePort port, Int32 timeout) kohteessa HPWA_Main.App.ApplicationStartup(Object
sender, StartupEventArgs args)
Error - 11/21/2011 2:06:56 PM | Computer Name = Timo-HP | Source = HP WA Application | ID = 0
Description = MainWindow.ShowImpl; not initialized, closing application...
[ System Events ]
Error - 9/25/2014 4:51:28 AM | Computer Name = Timo-HP | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Ilmeni virhe yritettäessä lukea paikallista isäntätiedostoa.
Error - 9/25/2014 7:59:29 AM | Computer Name = Timo-HP | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Ilmeni virhe yritettäessä lukea paikallista isäntätiedostoa.
Error - 9/25/2014 8:49:41 AM | Computer Name = Timo-HP | Source = NetBT | ID = 4311
Description = Alustus epäonnistui, koska ohjainlaitetta ei voitu luoda. Määritä liittymä,
jossa epäonnistunut alustus ilmeni, käyttämällä merkkijonoa "2C27D7BB7D36". Se
on viallisen liittymän MAC-osoite tai GUID-tunnus (Globally Unique Interface Identifier),
jos NetBT ei voinut määrittää GUID-tunnusta MAC-osoitteeseen. Jos MAC-osoite tai
GUID-tunnus ei ollut käytettävissä, merkkijono on klusterilaitteen nimi.
Error - 9/25/2014 8:49:41 AM | Computer Name = Timo-HP | Source = NetBT | ID = 4311
Description = Alustus epäonnistui, koska ohjainlaitetta ei voitu luoda. Määritä liittymä,
jossa epäonnistunut alustus ilmeni, käyttämällä merkkijonoa "2C27D7BB7D36". Se
on viallisen liittymän MAC-osoite tai GUID-tunnus (Globally Unique Interface Identifier),
jos NetBT ei voinut määrittää GUID-tunnusta MAC-osoitteeseen. Jos MAC-osoite tai
GUID-tunnus ei ollut käytettävissä, merkkijono on klusterilaitteen nimi.
Error - 9/25/2014 8:53:35 AM | Computer Name = Timo-HP | Source = NetBT | ID = 4311
Description = Alustus epäonnistui, koska ohjainlaitetta ei voitu luoda. Määritä liittymä,
jossa epäonnistunut alustus ilmeni, käyttämällä merkkijonoa "0C5B8F279A64". Se
on viallisen liittymän MAC-osoite tai GUID-tunnus (Globally Unique Interface Identifier),
jos NetBT ei voinut määrittää GUID-tunnusta MAC-osoitteeseen. Jos MAC-osoite tai
GUID-tunnus ei ollut käytettävissä, merkkijono on klusterilaitteen nimi.
Error - 9/25/2014 8:53:35 AM | Computer Name = Timo-HP | Source = NetBT | ID = 4311
Description = Alustus epäonnistui, koska ohjainlaitetta ei voitu luoda. Määritä liittymä,
jossa epäonnistunut alustus ilmeni, käyttämällä merkkijonoa "0C5B8F279A64". Se
on viallisen liittymän MAC-osoite tai GUID-tunnus (Globally Unique Interface Identifier),
jos NetBT ei voinut määrittää GUID-tunnusta MAC-osoitteeseen. Jos MAC-osoite tai
GUID-tunnus ei ollut käytettävissä, merkkijono on klusterilaitteen nimi.
Error - 9/25/2014 8:53:35 AM | Computer Name = Timo-HP | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Ilmeni virhe yritettäessä lukea paikallista isäntätiedostoa.
Error - 9/25/2014 8:55:22 AM | Computer Name = Timo-HP | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Ilmeni virhe yritettäessä lukea paikallista isäntätiedostoa.
Error - 9/25/2014 8:55:23 AM | Computer Name = Timo-HP | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Ilmeni virhe yritettäessä lukea paikallista isäntätiedostoa.
Error - 9/25/2014 9:32:34 AM | Computer Name = Timo-HP | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Ilmeni virhe yritettäessä lukea paikallista isäntätiedostoa.
< End of report >
Edited by taloi8, 27 September 2014 - 02:51 PM.