Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Something is eating my disc space!

Started by Suko , Feb 27 2015 05:17 AM

  • Please log in to reply

#1
Suko
Posted 27 February 2015 - 05:17 AM

Suko

    New Member

  • Member
  • Pip
  • 2 posts

I noticed today that something had eaten my OS drive's disk space from 50gb to 10gb. I ran CCleaner and went to school. After school I noticed that i had only 5gb left! Something is eating my disc space and I dont know how to get rid of it... 


  • 0

Advertisements

#2
Suko
Posted 27 February 2015 - 05:26 AM

Suko

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
OTL logfile created on: 27.2.2015 13:19:34 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = K:\Ohjelmat
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040b | Country: Suomi | Language: FIN | Date Format: d.M.yyyy
 
7,92 Gb Total Physical Memory | 4,95 Gb Available Physical Memory | 62,49% Memory free
15,84 Gb Paging File | 12,24 Gb Available in Paging File | 77,24% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 146,39 Gb Total Space | 4,84 Gb Free Space | 3,31% Space Free | Partition Type: NTFS
Drive E: | 5,26 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive G: | 244,14 Gb Total Space | 22,77 Gb Free Space | 9,33% Space Free | Partition Type: NTFS
Drive K: | 341,80 Gb Total Space | 125,52 Gb Free Space | 36,72% Space Free | Partition Type: NTFS
Drive O: | 19,53 Gb Total Space | 5,62 Gb Free Space | 28,78% Space Free | Partition Type: NTFS
Drive S: | 179,56 Gb Total Space | 60,01 Gb Free Space | 33,42% Space Free | Partition Type: NTFS
 
Computer Name: JUHO-PC | User Name: Juho | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2015.02.27 13:19:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- K:\Ohjelmat\OTL.exe
PRC - [2015.02.26 11:53:56 | 005,227,112 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2015.02.18 00:45:00 | 000,843,592 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2015.02.11 03:12:26 | 042,555,824 | ---- | M] (Dropbox, Inc.) -- C:\Users\Juho\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2015.01.16 08:42:47 | 002,585,928 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2015.01.16 08:42:37 | 001,706,312 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2015.01.10 00:27:57 | 000,410,768 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2014.12.19 08:48:18 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014.12.10 04:05:27 | 006,737,976 | ---- | M] (Spotify Ltd) -- C:\Users\Juho\AppData\Roaming\Spotify\spotify.exe
PRC - [2014.12.10 04:05:26 | 001,676,344 | ---- | M] (Spotify Ltd) -- C:\Users\Juho\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2014.12.10 04:05:26 | 000,374,840 | ---- | M] () -- C:\Users\Juho\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
PRC - [2014.11.24 14:30:49 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014.11.21 06:12:56 | 000,969,016 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
PRC - [2014.11.21 06:12:54 | 001,871,160 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
PRC - [2014.11.21 06:12:46 | 007,229,752 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
PRC - [2014.07.14 18:21:46 | 001,390,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
PRC - [2014.07.14 18:21:06 | 001,767,520 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
PRC - [2014.05.08 15:48:48 | 000,041,336 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe
PRC - [2014.04.21 19:11:15 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2014.03.04 11:19:52 | 003,696,912 | ---- | M] (Disc Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2013.04.30 11:25:22 | 000,286,704 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2013.04.30 11:25:22 | 000,015,344 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2013.04.11 05:11:06 | 000,292,848 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2013.03.14 13:42:38 | 000,248,296 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe
PRC - [2013.03.12 12:20:14 | 000,366,552 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2013.03.12 12:19:36 | 000,169,432 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
PRC - [2013.03.12 12:19:36 | 000,131,544 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
PRC - [2012.09.12 23:38:44 | 000,204,136 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2015.02.27 13:08:43 | 000,043,008 | ---- | M] () -- c:\users\juho\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqxh4lo.dll
MOD - [2015.02.18 00:44:58 | 014,965,064 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\PepperFlash\pepflashplayer.dll
MOD - [2015.02.18 00:44:57 | 009,171,272 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\pdf.dll
MOD - [2015.02.18 00:44:53 | 001,117,512 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libglesv2.dll
MOD - [2015.02.18 00:44:51 | 000,211,272 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libegl.dll
MOD - [2015.02.10 23:00:30 | 000,750,080 | ---- | M] () -- C:\Users\Juho\AppData\Roaming\Dropbox\bin\libGLESv2.dll
MOD - [2015.02.10 23:00:30 | 000,047,616 | ---- | M] () -- C:\Users\Juho\AppData\Roaming\Dropbox\bin\libEGL.dll
MOD - [2015.02.10 23:00:28 | 000,865,280 | ---- | M] () -- C:\Users\Juho\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
MOD - [2015.02.10 23:00:28 | 000,200,704 | ---- | M] () -- C:\Users\Juho\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
MOD - [2015.01.02 20:10:06 | 001,071,104 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servf73e6522#\2f1fdb96a062e8153331b1ce0c792e73\System.ServiceModel.Web.ni.dll
MOD - [2015.01.02 20:09:18 | 002,964,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\88b27ec2125720e652224a1fb387ed23\System.IdentityModel.ni.dll
MOD - [2015.01.02 20:09:15 | 019,547,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\478dc7fd10cabd3376199e7e857d4b5a\System.ServiceModel.ni.dll
MOD - [2015.01.02 16:02:09 | 012,895,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\ac38cb30c15eb9e4a54459ee01e9f8e6\System.Windows.Forms.ni.dll
MOD - [2015.01.02 16:02:06 | 007,785,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\668bc5e53fd656dc16c9f40ea15e872e\System.Xml.ni.dll
MOD - [2015.01.02 16:02:06 | 006,982,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\e0fea191b75897ec38735bfc31b89fe0\System.Core.ni.dll
MOD - [2015.01.02 16:02:06 | 002,804,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\6184c7705ab9c508cde1318f284afa33\System.Runtime.Serialization.ni.dll
MOD - [2015.01.02 16:02:04 | 001,639,936 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\ce11900fa489575613dc777c7fbb0d7d\System.Drawing.ni.dll
MOD - [2015.01.02 16:02:04 | 000,788,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\7203a9da55580016b826a4cade6c5139\System.ServiceModel.Internals.ni.dll
MOD - [2015.01.02 16:02:04 | 000,118,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\72f5d3ff58e143354c4c48149eba08d9\SMDiagnostics.ni.dll
MOD - [2015.01.02 16:02:03 | 001,873,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\f246b71bfd9c1537167b7f6d4f18cd01\System.Xaml.ni.dll
MOD - [2015.01.02 16:02:02 | 010,067,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\b75ba99f72f116d8951b0f2bba8c276a\System.ni.dll
MOD - [2015.01.02 16:02:02 | 000,967,680 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\7ece7799d670cdfc1393b98b0668a046\System.Configuration.ni.dll
MOD - [2015.01.02 16:01:58 | 017,207,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\d1265d6159ea876f9d63ea4c1361b587\mscorlib.ni.dll
MOD - [2014.12.10 04:05:27 | 036,966,968 | ---- | M] () -- C:\Users\Juho\AppData\Roaming\Spotify\Data\libcef.dll
MOD - [2014.12.10 04:05:26 | 000,886,840 | ---- | M] () -- C:\Users\Juho\AppData\Roaming\Spotify\Data\libglesv2.dll
MOD - [2014.12.10 04:05:26 | 000,867,896 | ---- | M] () -- C:\Users\Juho\AppData\Roaming\Spotify\Data\ffmpegsumo.dll
MOD - [2014.12.10 04:05:26 | 000,374,840 | ---- | M] () -- C:\Users\Juho\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
MOD - [2014.12.10 04:05:26 | 000,108,600 | ---- | M] () -- C:\Users\Juho\AppData\Roaming\Spotify\Data\libegl.dll
MOD - [2014.11.24 14:30:55 | 038,562,088 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2013.11.25 10:54:42 | 002,010,624 | ---- | M] () -- C:\Program Files (x86)\ManyCam\Bin\opencv_core220.dll
MOD - [2013.11.25 10:54:42 | 001,241,088 | ---- | M] () -- C:\Program Files (x86)\ManyCam\Bin\opencv_imgproc220.dll
MOD - [2012.09.12 23:38:52 | 007,955,304 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTGui4.dll
MOD - [2012.09.12 23:38:52 | 000,341,352 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTXml4.dll
MOD - [2012.09.12 23:38:52 | 000,127,336 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll
MOD - [2012.09.12 23:38:52 | 000,028,008 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll
MOD - [2012.09.12 23:38:44 | 002,144,104 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTCore4.dll
MOD - [2012.04.30 09:55:48 | 000,026,112 | ---- | M] () -- C:\Program Files (x86)\SplitMediaLabs\XSplit\swresample-0.dll
MOD - [2012.04.30 09:55:45 | 008,358,400 | ---- | M] () -- C:\Program Files (x86)\SplitMediaLabs\XSplit\avcodec-54.dll
MOD - [2012.04.30 09:55:45 | 001,152,512 | ---- | M] () -- C:\Program Files (x86)\SplitMediaLabs\XSplit\avformat-54.dll
MOD - [2012.04.30 09:55:45 | 000,333,824 | ---- | M] () -- C:\Program Files (x86)\SplitMediaLabs\XSplit\swscale-2.dll
MOD - [2012.04.30 09:55:45 | 000,151,040 | ---- | M] () -- C:\Program Files (x86)\SplitMediaLabs\XSplit\avutil-51.dll
MOD - [2010.01.09 19:18:18 | 004,254,560 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2015.01.16 08:42:37 | 001,148,744 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe -- (GfExperienceService)
SRV:64bit: - [2015.01.16 08:42:33 | 021,833,544 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2014.11.24 14:30:49 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2014.11.24 14:30:43 | 004,012,248 | ---- | M] (Avast Software) [On_Demand | Stopped] -- C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe -- (AvastVBoxSvc)
SRV:64bit: - [2014.09.04 00:23:38 | 000,076,152 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\PnkBstrA.exe -- (PnkBstrA)
SRV:64bit: - [2013.04.30 11:25:22 | 000,015,344 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV:64bit: - [2013.03.14 13:42:48 | 000,182,248 | ---- | M] () [Auto | Running] -- C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe -- (ISCTAgent)
SRV:64bit: - [2013.02.23 03:46:08 | 000,183,048 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\IPROSetMonitor.exe -- (Intel®
SRV:64bit: - [2013.02.13 11:47:04 | 000,820,184 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe -- (Intel®
SRV:64bit: - [2013.02.13 11:46:48 | 000,731,648 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2015.02.26 11:51:46 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015.02.03 12:51:42 | 001,910,128 | ---- | M] (Electronic Arts) [On_Demand | Stopped] -- G:\Origin\OriginClientService.exe -- (Origin Client Service)
SRV - [2015.01.31 03:41:48 | 000,835,776 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2015.01.23 12:37:25 | 000,114,800 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2015.01.16 08:42:37 | 001,706,312 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2015.01.10 00:27:57 | 000,410,768 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2014.12.19 08:48:18 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014.12.11 10:30:48 | 000,315,496 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2014.12.03 16:26:58 | 000,448,384 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\BattlEye\BEService.exe -- (BEService)
SRV - [2014.11.21 06:12:56 | 000,969,016 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2014.11.21 06:12:54 | 001,871,160 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2014.07.14 18:21:46 | 001,390,176 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)
SRV - [2014.07.14 18:21:06 | 001,767,520 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)
SRV - [2014.04.21 19:11:15 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2014.04.11 23:08:08 | 000,103,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2014.02.28 10:32:36 | 000,174,368 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe -- (iumsvc)
SRV - [2013.11.06 17:30:44 | 000,758,224 | ---- | M] (Tunngle.net GmbH) [On_Demand | Stopped] -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe -- (TunngleService)
SRV - [2013.03.12 12:20:14 | 000,366,552 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2013.03.12 12:19:36 | 000,169,432 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2013.03.12 12:19:36 | 000,131,544 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe -- (Intel®
SRV - [2013.03.01 03:48:58 | 000,118,520 | ---- | M] (Riverbed Technology, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2012.09.18 13:20:26 | 000,171,072 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2015.02.27 13:08:20 | 000,129,752 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2015.02.27 13:07:17 | 000,034,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WPRO_41_2001.sys -- (WPRO_41_2001)
DRV:64bit: - [2015.01.16 08:42:32 | 000,019,784 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV:64bit: - [2014.11.24 14:31:13 | 001,050,432 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsnx.sys -- (aswSnx)
DRV:64bit: - [2014.11.24 14:30:57 | 000,116,728 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswstm.sys -- (aswStm)
DRV:64bit: - [2014.11.24 14:30:56 | 000,436,624 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsp.sys -- (aswSP)
DRV:64bit: - [2014.11.24 14:30:56 | 000,267,632 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2014.11.24 14:30:56 | 000,093,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2014.11.24 14:30:56 | 000,083,280 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014.11.24 14:30:56 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2014.11.24 14:30:56 | 000,029,208 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2014.11.24 14:30:43 | 000,271,752 | ---- | M] (Avast Software) [Kernel | Auto | Running] -- C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys -- (VBoxAswDrv)
DRV:64bit: - [2014.11.22 12:46:30 | 000,038,032 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2014.11.21 06:14:22 | 000,063,704 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:64bit: - [2014.11.21 06:14:08 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2014.10.25 16:58:16 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2014.10.09 19:02:39 | 000,195,728 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2014.07.28 13:52:00 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2013.07.25 15:53:46 | 000,023,040 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:64bit: - [2013.04.30 11:25:00 | 000,677,360 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2013.04.30 11:25:00 | 000,028,656 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorF.sys -- (iaStorF)
DRV:64bit: - [2013.04.29 22:24:40 | 000,020,384 | ---- | M] (ASRock Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AsrHidFilter.sys -- (AsrHidFilter)
DRV:64bit: - [2013.04.11 05:10:40 | 000,020,464 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2013.04.11 05:10:38 | 000,785,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2013.04.11 05:10:38 | 000,366,576 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2013.03.14 13:34:46 | 000,046,568 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ISCTD64.sys -- (ISCT)
DRV:64bit: - [2013.03.14 13:34:44 | 000,021,048 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\imsevent.sys -- (imsevent)
DRV:64bit: - [2013.03.14 13:34:44 | 000,021,048 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ikbevent.sys -- (ikbevent)
DRV:64bit: - [2013.03.12 12:19:36 | 000,064,624 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2013.03.01 03:49:12 | 000,036,600 | ---- | M] (Riverbed Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2013.02.26 11:23:40 | 000,496,400 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1d62x64.sys -- (e1dexpress)
DRV:64bit: - [2013.02.12 06:12:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2013.01.31 11:50:58 | 000,028,160 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcaudrv_x64.sys -- (mcaudrv_simple)
DRV:64bit: - [2012.10.11 05:08:10 | 000,044,928 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcvidrv_x64.sys -- (ManyCam)
DRV:64bit: - [2012.09.21 21:04:22 | 004,763,680 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2012.09.21 21:04:22 | 000,351,520 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2012.08.21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 15:32:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 15:32:46 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 13:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2009.11.24 02:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:64bit: - [2009.11.24 02:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2009.09.16 06:02:42 | 000,031,232 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901t.sys -- (tap0901t)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:01:09 | 000,679,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xnacc.sys -- (xnacc)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.03.18 18:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV - [2013.09.11 12:55:32 | 000,022,280 | ---- | M] (ASRock Incorporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\AsrDrv101.sys -- (AsrDrv101)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://fi.search.ya...t&type=avastbcl
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://fi.search.ya...p={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://fi.search.ya...t&type=avastbcl
IE - HKLM\..\SearchScopes,DefaultScope = {9CB96984-43C3-4D44-90EF-01466EFCF7BB}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}: "URL" = http://www.bing.com/...=AVASDF&PC=AV01
IE - HKLM\..\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}: "URL" = https://fi.search.ya...p={searchTerms}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://fi.search.ya...t&type=avastbcl
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://fi.search.ya...p={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://fi.search.ya...t&type=avastbcl
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = www.google.com
IE - HKCU\..\SearchScopes,DefaultScope = {9CB96984-43C3-4D44-90EF-01466EFCF7BB}
IE - HKCU\..\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}: "URL" = http://www.bing.com/...=AVASDF&PC=AV01
IE - HKCU\..\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}: "URL" = https://fi.search.ya...p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.isUS: false
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:35.0.1
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.5.0: C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.5.1: C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.3.2: C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.5.1: C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.71.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.71.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2015.02.27 13:06:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 35.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 35.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 31.4.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 31.4.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 31.4.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 31.4.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
 
[2013.09.14 16:09:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Juho\AppData\Roaming\mozilla\Extensions
[2015.01.31 22:58:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Juho\AppData\Roaming\mozilla\Firefox\Profiles\17v3c4q7.default-1422737294133\extensions
[2015.01.31 22:49:06 | 000,985,112 | ---- | M] () (No name found) -- C:\Users\Juho\AppData\Roaming\mozilla\firefox\profiles\17v3c4q7.default-1422737294133\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2015.01.31 22:46:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2015.01.31 22:46:19 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
========== Chrome  ==========
 
CHR - default_search_provider:  (Enabled)
CHR - default_search_provider: search_url = 
CHR - default_search_provider: suggest_url = 
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\Juho\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\Juho\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\
CHR - Extension: No name found = C:\Users\Juho\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\
CHR - Extension: No name found = C:\Users\Juho\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm\1.0.3_1\
CHR - Extension: No name found = C:\Users\Juho\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.11_0\
CHR - Extension: No name found = C:\Users\Juho\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1\
CHR - Extension: No name found = C:\Users\Juho\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
CHR - Extension: No name found = C:\Users\Juho\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.18_0\
CHR - Extension: No name found = C:\Users\Juho\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.7_1\
CHR - Extension: No name found = C:\Users\Juho\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_1\
CHR - Extension: No name found = C:\Users\Juho\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_1\
CHR - Extension: No name found = C:\Users\Juho\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
O2 - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4:64bit: - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" File not found
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKCU..\Run: [Fatal1tySTU]  File not found
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - HKCU..\Run: [Spotify] C:\Users\Juho\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Juho\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKCU..\Run: [Steam] "G:\Middle-earth. Shadow of Mordor\x64\steam.exe" -silent File not found
O4 - HKCU..\Run: [uTorrent] C:\Users\Juho\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
O4 - HKCU..\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe ()
O4 - HKCU..\RunOnce: [VCRedist] C:\Users\Juho\AppData\Local\Microsoft\Redist\VCRedist.exe (Visual Redistributable)
O4 - Startup: C:\Users\Juho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Juho\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O9:64bit: - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 130.234.4.30 130.234.5.30
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{410270D8-C072-4CF2-A4A5-9D1FE7F465C7}: DhcpNameServer = 172.20.10.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A20B9E54-D398-4A83-9FDB-C72E9AFA202B}: DhcpNameServer = 130.234.4.30 130.234.5.30
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D8EF3904-3C6B-4851-8F8E-665E08C369E0}: DhcpNameServer = 7.254.254.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EDA2F1C0-D5F2-4723-A02F-71EA176F521B}: DhcpNameServer = 192.168.42.129
O18:64bit: - Protocol\Handler\gopher - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [1999.12.12 00:00:00 | 000,000,041 | R--- | M] () - E:\Autorun.inf -- [ CDFS ]
O33 - MountPoints2\{26f6357d-4540-11e3-a3a2-bc5ff4c77636}\Shell - "" = AutoRun
O33 - MountPoints2\{26f6357d-4540-11e3-a3a2-bc5ff4c77636}\Shell\AutoRun\command - "" = E:\setup.exe -- [1999.12.12 00:00:00 | 000,634,211 | R--- | M] (CODEX                                                       )
O33 - MountPoints2\{59545b1a-1ada-11e3-a962-bc5ff4c77636}\Shell - "" = AutoRun
O33 - MountPoints2\{59545b1a-1ada-11e3-a962-bc5ff4c77636}\Shell\AutoRun\command - "" = E:\setup.exe -- [1999.12.12 00:00:00 | 000,634,211 | R--- | M] (CODEX                                                       )
O33 - MountPoints2\{7013f2cc-5c50-11e4-9dee-bc5ff4c77636}\Shell - "" = AutoRun
O33 - MountPoints2\{7013f2cc-5c50-11e4-9dee-bc5ff4c77636}\Shell\AutoRun\command - "" = E:\setup.exe -- [1999.12.12 00:00:00 | 000,634,211 | R--- | M] (CODEX                                                       )
O33 - MountPoints2\{74861e8b-bd9c-11e4-a26d-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{74861e8b-bd9c-11e4-a26d-806e6f6e6963}\Shell\AutoRun\command - "" = F:\setup.exe -a
O33 - MountPoints2\{c8c4ea17-1af6-11e3-8da0-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{c8c4ea17-1af6-11e3-8da0-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2015.02.27 12:58:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2015.02.27 12:58:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2015.02.27 12:58:24 | 000,000,000 | ---D | C] -- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
[2015.02.27 12:54:52 | 000,129,752 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2015.02.27 12:54:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2015.02.27 12:54:31 | 000,093,400 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2015.02.27 12:54:31 | 000,063,704 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2015.02.27 12:54:31 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2015.02.27 12:54:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2015.02.27 12:54:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2015.02.26 11:53:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
[2015.02.26 11:53:19 | 000,364,512 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2015.02.26 11:29:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2015.02.26 11:29:44 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2015.02.20 08:31:16 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2015.02.16 21:07:44 | 000,000,000 | ---D | C] -- C:\Users\Juho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Star Wars Movie Duels 2
[2015.02.11 00:01:38 | 000,000,000 | ---D | C] -- C:\Users\Juho\Documents\Heroes of the Storm
[2015.02.06 16:54:04 | 000,000,000 | ---D | C] -- C:\Users\Juho\AppData\Roaming\MMFApplications
[2015.02.06 16:53:18 | 000,000,000 | ---D | C] -- C:\Users\Juho\Documents\The Escapists
[2015.02.06 16:10:41 | 000,000,000 | ---D | C] -- C:\Users\Juho\Documents\LucasArts
[2015.02.06 16:10:41 | 000,000,000 | ---D | C] -- C:\Users\Juho\AppData\Local\LucasArts
[2015.02.06 02:38:11 | 000,000,000 | ---D | C] -- C:\Users\Juho\Documents\Aspyr
[2015.02.06 02:37:40 | 000,000,000 | ---D | C] -- C:\Users\Juho\AppData\Local\Aspyr
[2015.02.05 09:05:39 | 000,000,000 | ---D | C] -- C:\Users\Juho\AppData\Local\Steam
[2015.02.03 18:02:19 | 000,000,000 | ---D | C] -- C:\Users\Juho\Documents\BFH Beta 2
[2015.02.03 13:12:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield Hardline Beta
[2015.01.28 17:25:50 | 000,000,000 | ---D | C] -- C:\Users\Juho\Documents\DyingLight
[2015.01.28 16:58:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dying Light
[5 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[3 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2015.02.27 13:14:57 | 000,010,208 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015.02.27 13:14:57 | 000,010,208 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015.02.27 13:08:20 | 000,129,752 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2015.02.27 13:07:25 | 000,001,004 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015.02.27 13:07:17 | 000,034,752 | ---- | M] () -- C:\Windows\SysNative\drivers\WPRO_41_2001.sys
[2015.02.27 13:06:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015.02.27 13:06:45 | 2084,552,703 | -HS- | M] () -- C:\hiberfil.sys
[2015.02.27 13:04:24 | 000,001,008 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015.02.27 12:58:33 | 000,001,713 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2015.02.27 12:54:34 | 000,001,102 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015.02.27 12:51:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015.02.26 11:57:31 | 000,001,094 | ---- | M] () -- C:\Users\Juho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2015.02.26 11:56:43 | 000,000,976 | ---- | M] () -- C:\Users\Juho\Desktop\Dropbox.lnk
[2015.02.26 11:53:57 | 000,001,924 | ---- | M] () -- C:\Users\Public\Desktop\Avast Free Antivirus.lnk
[2015.02.23 15:56:28 | 000,000,199 | ---- | M] () -- C:\Users\Juho\Desktop\Left 4 Dead 2.url
[2015.02.16 20:10:39 | 000,000,200 | ---- | M] () -- C:\Users\Juho\Desktop\Star Wars Jedi Knight Jedi Academy.url
[2015.02.07 21:50:44 | 000,000,200 | ---- | M] () -- C:\Users\Juho\Desktop\Star Wars Republic Commando.url
[2015.02.03 12:54:03 | 000,000,670 | ---- | M] () -- C:\Users\Public\Desktop\Battlefield 4.lnk
[2015.02.03 12:54:03 | 000,000,654 | ---- | M] () -- C:\Users\Public\Desktop\Battlefield 4(64 bit).lnk
[2015.01.31 22:46:22 | 000,001,147 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2015.01.28 16:58:26 | 000,000,632 | ---- | M] () -- C:\Users\Public\Desktop\Dying Light.lnk
[5 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[3 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2015.02.27 12:58:33 | 000,001,713 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2015.02.27 12:54:34 | 000,001,102 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015.02.26 11:57:31 | 000,001,094 | ---- | C] () -- C:\Users\Juho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2015.02.23 15:56:28 | 000,000,199 | ---- | C] () -- C:\Users\Juho\Desktop\Left 4 Dead 2.url
[2015.02.16 20:10:39 | 000,000,200 | ---- | C] () -- C:\Users\Juho\Desktop\Star Wars Jedi Knight Jedi Academy.url
[2015.02.07 21:50:44 | 000,000,200 | ---- | C] () -- C:\Users\Juho\Desktop\Star Wars Republic Commando.url
[2015.01.31 22:46:22 | 000,001,147 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2015.01.28 16:58:26 | 000,000,632 | ---- | C] () -- C:\Users\Public\Desktop\Dying Light.lnk
[2014.10.19 15:05:36 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat
[2014.09.28 16:05:12 | 000,632,320 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2014.09.28 16:05:12 | 000,235,520 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2014.04.21 19:11:17 | 000,215,416 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2014.04.21 19:11:15 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2014.03.15 10:47:15 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2014.03.15 10:43:13 | 000,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll
[2014.03.15 10:43:13 | 000,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll
[2014.03.15 10:43:13 | 000,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll
[2013.09.14 17:50:15 | 000,484,352 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll
[2013.09.11 12:55:42 | 000,000,003 | ---- | C] () -- C:\Users\Juho\AppData\Local\user_data.ini
[2013.09.11 12:42:28 | 001,361,804 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.03.01 03:47:36 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2014.12.07 19:23:27 | 000,000,000 | ---D | M] -- C:\Users\Juho\AppData\Roaming\11bitstudios
[2014.01.20 14:52:01 | 000,000,000 | ---D | M] -- C:\Users\Juho\AppData\Roaming\3909
[2014.01.28 20:51:09 | 000,000,000 | ---D | M] -- C:\Users\Juho\AppData\Roaming\Audacity
[2013.12.03 18:06:26 | 000,000,000 | ---D | M] -- C:\Users\Juho\AppData\Roaming\AVAST Software
[2015.02.26 11:46:39 | 000,000,000 | ---D | M] -- C:\Users\Juho\AppData\Roaming\Battle.net
[2013.11.25 19:09:10 | 000,000,000 | ---D | M] -- C:\Users\Juho\AppData\Roaming\com.adobe.mauby
[2013.11.25 19:09:10 | 000,000,000 | ---D | M] -- C:\Users\Juho\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2015.02.26 11:43:54 | 000,000,000 | ---D | M] -- C:\Users\Juho\AppData\Roaming\DAEMON Tools Lite
[2014.12.19 20:45:11 | 000,000,000 | ---D | M] -- C:\Users\Juho\AppData\Roaming\DarkSoulsII
[2015.02.27 13:08:52 | 000,000,000 | ---D | M] -- C:\Users\Juho\AppData\Roaming\Dropbox
[2013.09.13 09:42:22 | 000,000,000 | ---D | M] -- C:\Users\Juho\AppData\Roaming\fltk.org
[2013.09.14 18:00:14 | 000,000,000 | ---D | M] -- C:\Users\Juho\AppData\Roaming\FreeBurner
[2013.11.19 19:40:55 | 000,000,000 | ---D | M] -- C:\Users\Juho\AppData\Roaming\Injustice
[2013.09.19 14:11:58 | 000,000,000 | ---D | M] -- C:\Users\Juho\AppData\Roaming\Leadertech
[2013.11.10 13:28:49 | 000,000,000 | ---D | M] -- C:\Users\Juho\AppData\Roaming\LoneSurvivor
[2014.01.23 22:55:23 | 000,000,000 | ---D | M] -- C:\Users\Juho\AppData\Roaming\ManyCam
[2015.02.06 16:54:04 | 000,000,000 | ---D | M] -- C:\Users\Juho\AppData\Roaming\MMFApplications
[2015.02.09 20:46:38 | 000,000,000 | ---D | M] -- C:\Users\Juho\AppData\Roaming\Mumble
[2013.09.18 15:16:09 | 000,000,000 | ---D | M] -- C:\Users\Juho\AppData\Roaming\Natural Selection 2
[2014.04.24 15:01:25 | 000,000,000 | ---D | M] -- C:\Users\Juho\AppData\Roaming\Oracle
[2013.09.11 16:28:18 | 000,000,000 | ---D | M] -- C:\Users\Juho\AppData\Roaming\Origin
[2014.03.17 22:27:22 | 000,000,000 | ---D | M] -- C:\Users\Juho\AppData\Roaming\SAMSUNG
[2013.10.27 20:15:15 | 000,000,000 | ---D | M] -- C:\Users\Juho\AppData\Roaming\SIX Networks
[2013.09.11 12:56:04 | 000,000,000 | ---D | M] -- C:\Users\Juho\AppData\Roaming\SplitMediaLabs
[2015.02.27 13:09:15 | 000,000,000 | ---D | M] -- C:\Users\Juho\AppData\Roaming\Spotify
[2014.09.19 17:42:16 | 000,000,000 | ---D | M] -- C:\Users\Juho\AppData\Roaming\Steam
[2014.02.26 16:36:48 | 000,000,000 | ---D | M] -- C:\Users\Juho\AppData\Roaming\steamvr
[2013.09.16 22:06:31 | 000,000,000 | ---D | M] -- C:\Users\Juho\AppData\Roaming\Thunderbird
[2015.02.26 11:30:49 | 000,000,000 | ---D | M] -- C:\Users\Juho\AppData\Roaming\TS3Client
[2014.10.19 17:06:41 | 000,000,000 | ---D | M] -- C:\Users\Juho\AppData\Roaming\Tunngle
[2015.02.27 13:09:40 | 000,000,000 | ---D | M] -- C:\Users\Juho\AppData\Roaming\uTorrent
[2013.11.10 17:08:17 | 000,000,000 | ---D | M] -- C:\Users\Juho\AppData\Roaming\Wargaming.net
[2014.02.12 19:41:19 | 000,000,000 | ---D | M] -- C:\Users\Juho\AppData\Roaming\Warner Bros. Interactive Entertainment
[2015.01.04 00:55:01 | 000,000,000 | ---D | M] -- C:\Users\Juho\AppData\Roaming\Wireshark
[2014.04.28 19:29:36 | 000,000,000 | ---D | M] -- C:\Users\Juho\AppData\Roaming\XRay Engine
 
========== Purity Check ==========
 
 
 
< End of report >

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP