junk.txt, the log from adwcleaner and an OTL log:
2013-07-22 12:12:29, Info CSI 00000009 [SR] Verifying 100 (0x0000000000000064) components
2013-07-22 12:12:29, Info CSI 0000000a [SR] Beginning Verify and Repair transaction
2013-07-22 12:12:31, Info CSI 0000000c [SR] Verify complete
2013-07-22 12:12:32, Info CSI 0000000d [SR] Verifying 100 (0x0000000000000064) components
2013-07-22 12:12:32, Info CSI 0000000e [SR] Beginning Verify and Repair transaction
2013-07-22 12:12:34, Info CSI 00000010 [SR] Verify complete
2013-07-22 12:12:34, Info CSI 00000011 [SR] Verifying 100 (0x0000000000000064) components
2013-07-22 12:12:34, Info CSI 00000012 [SR] Beginning Verify and Repair transaction
2013-07-22 12:12:36, Info CSI 00000014 [SR] Verify complete
2013-07-22 12:12:36, Info CSI 00000015 [SR] Verifying 100 (0x0000000000000064) components
2013-07-22 12:12:36, Info CSI 00000016 [SR] Beginning Verify and Repair transaction
2013-07-22 12:12:38, Info CSI 00000018 [SR] Verify complete
2013-07-22 12:12:39, Info CSI 00000019 [SR] Verifying 100 (0x0000000000000064) components
2013-07-22 12:12:39, Info CSI 0000001a [SR] Beginning Verify and Repair transaction
2013-07-22 12:12:41, Info CSI 0000001c [SR] Verify complete
2013-07-22 12:12:41, Info CSI 0000001d [SR] Verifying 100 (0x0000000000000064) components
2013-07-22 12:12:41, Info CSI 0000001e [SR] Beginning Verify and Repair transaction
2013-07-22 12:12:43, Info CSI 00000020 [SR] Verify complete
2013-07-22 12:12:44, Info CSI 00000021 [SR] Verifying 100 (0x0000000000000064) components
2013-07-22 12:12:44, Info CSI 00000022 [SR] Beginning Verify and Repair transaction
2013-07-22 12:12:47, Info CSI 00000024 [SR] Verify complete
2013-07-22 12:12:47, Info CSI 00000025 [SR] Verifying 100 (0x0000000000000064) components
2013-07-22 12:12:47, Info CSI 00000026 [SR] Beginning Verify and Repair transaction
2013-07-22 12:12:49, Info CSI 00000028 [SR] Verify complete
2013-07-22 12:12:49, Info CSI 00000029 [SR] Verifying 100 (0x0000000000000064) components
2013-07-22 12:12:49, Info CSI 0000002a [SR] Beginning Verify and Repair transaction
2013-07-22 12:12:52, Info CSI 0000002c [SR] Verify complete
2013-07-22 12:12:52, Info CSI 0000002d [SR] Verifying 100 (0x0000000000000064) components
2013-07-22 12:12:52, Info CSI 0000002e [SR] Beginning Verify and Repair transaction
2013-07-22 12:12:55, Info CSI 00000030 [SR] Verify complete
2013-07-22 12:12:55, Info CSI 00000031 [SR] Verifying 100 (0x0000000000000064) components
2013-07-22 12:12:55, Info CSI 00000032 [SR] Beginning Verify and Repair transaction
2013-07-22 12:12:57, Info CSI 00000034 [SR] Verify complete
2013-07-22 12:12:57, Info CSI 00000035 [SR] Verifying 100 (0x0000000000000064) components
2013-07-22 12:12:57, Info CSI 00000036 [SR] Beginning Verify and Repair transaction
2013-07-22 12:13:00, Info CSI 00000038 [SR] Verify complete
2013-07-22 12:13:00, Info CSI 00000039 [SR] Verifying 100 (0x0000000000000064) components
2013-07-22 12:13:00, Info CSI 0000003a [SR] Beginning Verify and Repair transaction
2013-07-22 12:13:03, Info CSI 0000003c [SR] Verify complete
2013-07-22 12:13:03, Info CSI 0000003d [SR] Verifying 100 (0x0000000000000064) components
2013-07-22 12:13:03, Info CSI 0000003e [SR] Beginning Verify and Repair transaction
2013-07-22 12:13:04, Info CSI 00000040 [SR] Verify complete
2013-07-22 12:13:04, Info CSI 00000041 [SR] Verifying 100 (0x0000000000000064) components
2013-07-22 12:13:04, Info CSI 00000042 [SR] Beginning Verify and Repair transaction
2013-07-22 12:13:06, Info CSI 00000044 [SR] Verify complete
2013-07-22 12:13:06, Info CSI 00000045 [SR] Verifying 100 (0x0000000000000064) components
2013-07-22 12:13:06, Info CSI 00000046 [SR] Beginning Verify and Repair transaction
2013-07-22 12:13:09, Info CSI 00000048 [SR] Verify complete
2013-07-22 12:13:09, Info CSI 00000049 [SR] Verifying 100 (0x0000000000000064) components
2013-07-22 12:13:09, Info CSI 0000004a [SR] Beginning Verify and Repair transaction
2013-07-22 12:13:13, Info CSI 0000004d [SR] Verify complete
2013-07-22 12:13:13, Info CSI 0000004e [SR] Verifying 100 (0x0000000000000064) components
2013-07-22 12:13:13, Info CSI 0000004f [SR] Beginning Verify and Repair transaction
2013-07-22 12:13:18, Info CSI 00000053 [SR] Verify complete
2013-07-22 12:13:18, Info CSI 00000054 [SR] Verifying 100 (0x0000000000000064) components
2013-07-22 12:13:18, Info CSI 00000055 [SR] Beginning Verify and Repair transaction
2013-07-22 12:13:21, Info CSI 00000057 [SR] Verify complete
2013-07-22 12:13:21, Info CSI 00000058 [SR] Verifying 100 (0x0000000000000064) components
2013-07-22 12:13:21, Info CSI 00000059 [SR] Beginning Verify and Repair transaction
2013-07-22 12:13:25, Info CSI 0000005e [SR] Verify complete
2013-07-22 12:13:25, Info CSI 0000005f [SR] Verifying 100 (0x0000000000000064) components
2013-07-22 12:13:25, Info CSI 00000060 [SR] Beginning Verify and Repair transaction
2013-07-22 12:13:28, Info CSI 00000062 [SR] Verify complete
2013-07-22 12:13:28, Info CSI 00000063 [SR] Verifying 100 (0x0000000000000064) components
2013-07-22 12:13:28, Info CSI 00000064 [SR] Beginning Verify and Repair transaction
2013-07-22 12:13:32, Info CSI 00000066 [SR] Verify complete
2013-07-22 12:13:32, Info CSI 00000067 [SR] Verifying 100 (0x0000000000000064) components
2013-07-22 12:13:32, Info CSI 00000068 [SR] Beginning Verify and Repair transaction
2013-07-22 12:13:38, Info CSI 0000008d [SR] Verify complete
2013-07-22 12:13:38, Info CSI 0000008e [SR] Verifying 100 (0x0000000000000064) components
2013-07-22 12:13:38, Info CSI 0000008f [SR] Beginning Verify and Repair transaction
2013-07-22 12:13:42, Info CSI 00000091 [SR] Verify complete
2013-07-22 12:13:43, Info CSI 00000092 [SR] Verifying 100 (0x0000000000000064) components
2013-07-22 12:13:43, Info CSI 00000093 [SR] Beginning Verify and Repair transaction
2013-07-22 12:13:47, Info CSI 00000095 [SR] Verify complete
2013-07-22 12:13:47, Info CSI 00000096 [SR] Verifying 100 (0x0000000000000064) components
2013-07-22 12:13:47, Info CSI 00000097 [SR] Beginning Verify and Repair transaction
2013-07-22 12:13:51, Info CSI 00000099 [SR] Verify complete
2013-07-22 12:13:51, Info CSI 0000009a [SR] Verifying 100 (0x0000000000000064) components
2013-07-22 12:13:51, Info CSI 0000009b [SR] Beginning Verify and Repair transaction
2013-07-22 12:13:54, Info CSI 0000009d [SR] Verify complete
2013-07-22 12:13:55, Info CSI 0000009e [SR] Verifying 100 (0x0000000000000064) components
2013-07-22 12:13:55, Info CSI 0000009f [SR] Beginning Verify and Repair transaction
2013-07-22 12:13:58, Info CSI 000000a1 [SR] Verify complete
2013-07-22 12:13:58, Info CSI 000000a2 [SR] Verifying 100 (0x0000000000000064) components
2013-07-22 12:13:58, Info CSI 000000a3 [SR] Beginning Verify and Repair transaction
2013-07-22 12:14:02, Info CSI 000000a5 [SR] Verify complete
2013-07-22 12:14:02, Info CSI 000000a6 [SR] Verifying 100 (0x0000000000000064) components
2013-07-22 12:14:02, Info CSI 000000a7 [SR] Beginning Verify and Repair transaction
2013-07-22 12:14:08, Info CSI 000000ca [SR] Verify complete
2013-07-22 12:14:08, Info CSI 000000cb [SR] Verifying 100 (0x0000000000000064) components
2013-07-22 12:14:08, Info CSI 000000cc [SR] Beginning Verify and Repair transaction
2013-07-22 12:14:14, Info CSI 000000ce [SR] Verify complete
2013-07-22 12:14:14, Info CSI 000000cf [SR] Verifying 100 (0x0000000000000064) components
2013-07-22 12:14:14, Info CSI 000000d0 [SR] Beginning Verify and Repair transaction
2013-07-22 12:14:21, Info CSI 000000d2 [SR] Verify complete
2013-07-22 12:14:21, Info CSI 000000d3 [SR] Verifying 100 (0x0000000000000064) components
2013-07-22 12:14:21, Info CSI 000000d4 [SR] Beginning Verify and Repair transaction
2013-07-22 12:14:27, Info CSI 000000d6 [SR] Verify complete
2013-07-22 12:14:27, Info CSI 000000d7 [SR] Verifying 100 (0x0000000000000064) components
2013-07-22 12:14:27, Info CSI 000000d8 [SR] Beginning Verify and Repair transaction
2013-07-22 12:14:33, Info CSI 000000dc [SR] Verify complete
2013-07-22 12:14:33, Info CSI 000000dd [SR] Verifying 100 (0x0000000000000064) components
2013-07-22 12:14:33, Info CSI 000000de [SR] Beginning Verify and Repair transaction
2013-07-22 12:14:36, Info CSI 000000e0 [SR] Verify complete
2013-07-22 12:14:36, Info CSI 000000e1 [SR] Verifying 100 (0x0000000000000064) components
2013-07-22 12:14:36, Info CSI 000000e2 [SR] Beginning Verify and Repair transaction
2013-07-22 12:14:38, Info CSI 000000e4 [SR] Verify complete
2013-07-22 12:14:38, Info CSI 000000e5 [SR] Verifying 100 (0x0000000000000064) components
2013-07-22 12:14:38, Info CSI 000000e6 [SR] Beginning Verify and Repair transaction
2013-07-22 12:14:39, Info CSI 000000e8 [SR] Verify complete
2013-07-22 12:14:39, Info CSI 000000e9 [SR] Verifying 100 (0x0000000000000064) components
2013-07-22 12:14:39, Info CSI 000000ea [SR] Beginning Verify and Repair transaction
2013-07-22 12:14:41, Info CSI 000000ec [SR] Verify complete
2013-07-22 12:14:41, Info CSI 000000ed [SR] Verifying 100 (0x0000000000000064) components
2013-07-22 12:14:41, Info CSI 000000ee [SR] Beginning Verify and Repair transaction
2013-07-22 12:14:46, Info CSI 000000fa [SR] Verify complete
2013-07-22 12:14:46, Info CSI 000000fb [SR] Verifying 100 (0x0000000000000064) components
2013-07-22 12:14:46, Info CSI 000000fc [SR] Beginning Verify and Repair transaction
2013-07-22 12:14:50, Info CSI 00000105 [SR] Verify complete
2013-07-22 12:14:50, Info CSI 00000106 [SR] Verifying 100 (0x0000000000000064) components
2013-07-22 12:14:50, Info CSI 00000107 [SR] Beginning Verify and Repair transaction
2013-07-22 12:14:51, Info CSI 00000109 [SR] Verify complete
2013-07-22 12:14:51, Info CSI 0000010a [SR] Verifying 100 (0x0000000000000064) components
2013-07-22 12:14:51, Info CSI 0000010b [SR] Beginning Verify and Repair transaction
2013-07-22 12:14:54, Info CSI 0000010d [SR] Verify complete
2013-07-22 12:14:54, Info CSI 0000010e [SR] Verifying 100 (0x0000000000000064) components
2013-07-22 12:14:54, Info CSI 0000010f [SR] Beginning Verify and Repair transaction
2013-07-22 12:14:56, Info CSI 00000111 [SR] Verify complete
2013-07-22 12:14:56, Info CSI 00000112 [SR] Verifying 100 (0x0000000000000064) components
2013-07-22 12:14:56, Info CSI 00000113 [SR] Beginning Verify and Repair transaction
2013-07-22 12:15:01, Info CSI 00000116 [SR] Verify complete
2013-07-22 12:15:02, Info CSI 00000117 [SR] Verifying 100 (0x0000000000000064) components
2013-07-22 12:15:02, Info CSI 00000118 [SR] Beginning Verify and Repair transaction
2013-07-22 12:15:09, Info CSI 0000011b [SR] Verify complete
2013-07-22 12:15:09, Info CSI 0000011c [SR] Verifying 100 (0x0000000000000064) components
2013-07-22 12:15:09, Info CSI 0000011d [SR] Beginning Verify and Repair transaction
2013-07-23 00:15:58, Info CSI 00000009 [SR] Verifying 100 (0x0000000000000064) components
2013-07-23 00:15:58, Info CSI 0000000a [SR] Beginning Verify and Repair transaction
2013-07-23 00:16:01, Info CSI 0000000c [SR] Verify complete
2013-07-23 00:16:01, Info CSI 0000000d [SR] Verifying 100 (0x0000000000000064) components
2013-07-23 00:16:01, Info CSI 0000000e [SR] Beginning Verify and Repair transaction
2013-07-23 00:16:03, Info CSI 00000010 [SR] Verify complete
2013-07-23 00:16:03, Info CSI 00000011 [SR] Verifying 100 (0x0000000000000064) components
2013-07-23 00:16:03, Info CSI 00000012 [SR] Beginning Verify and Repair transaction
2013-07-23 00:16:05, Info CSI 00000014 [SR] Verify complete
2013-07-23 00:16:06, Info CSI 00000015 [SR] Verifying 100 (0x0000000000000064) components
2013-07-23 00:16:06, Info CSI 00000016 [SR] Beginning Verify and Repair transaction
2013-07-23 00:16:08, Info CSI 00000018 [SR] Verify complete
2013-07-23 00:16:08, Info CSI 00000019 [SR] Verifying 100 (0x0000000000000064) components
2013-07-23 00:16:08, Info CSI 0000001a [SR] Beginning Verify and Repair transaction
2013-07-23 00:16:10, Info CSI 0000001c [SR] Verify complete
2013-07-23 00:16:10, Info CSI 0000001d [SR] Verifying 100 (0x0000000000000064) components
2013-07-23 00:16:10, Info CSI 0000001e [SR] Beginning Verify and Repair transaction
2013-07-23 00:16:12, Info CSI 00000020 [SR] Verify complete
2013-07-23 00:16:12, Info CSI 00000021 [SR] Verifying 100 (0x0000000000000064) components
2013-07-23 00:16:12, Info CSI 00000022 [SR] Beginning Verify and Repair transaction
2013-07-23 00:16:15, Info CSI 00000024 [SR] Verify complete
2013-07-23 00:16:15, Info CSI 00000025 [SR] Verifying 100 (0x0000000000000064) components
2013-07-23 00:16:15, Info CSI 00000026 [SR] Beginning Verify and Repair transaction
2013-07-23 00:16:17, Info CSI 00000028 [SR] Verify complete
2013-07-23 00:16:18, Info CSI 00000029 [SR] Verifying 100 (0x0000000000000064) components
2013-07-23 00:16:18, Info CSI 0000002a [SR] Beginning Verify and Repair transaction
2013-07-23 00:16:20, Info CSI 0000002c [SR] Verify complete
2013-07-23 00:16:20, Info CSI 0000002d [SR] Verifying 100 (0x0000000000000064) components
2013-07-23 00:16:20, Info CSI 0000002e [SR] Beginning Verify and Repair transaction
2013-07-23 00:16:23, Info CSI 00000030 [SR] Verify complete
2013-07-23 00:16:23, Info CSI 00000031 [SR] Verifying 100 (0x0000000000000064) components
2013-07-23 00:16:23, Info CSI 00000032 [SR] Beginning Verify and Repair transaction
2013-07-23 00:16:25, Info CSI 00000034 [SR] Verify complete
2013-07-23 00:16:25, Info CSI 00000035 [SR] Verifying 100 (0x0000000000000064) components
2013-07-23 00:16:25, Info CSI 00000036 [SR] Beginning Verify and Repair transaction
2013-07-23 00:16:28, Info CSI 00000038 [SR] Verify complete
2013-07-23 00:16:28, Info CSI 00000039 [SR] Verifying 100 (0x0000000000000064) components
2013-07-23 00:16:28, Info CSI 0000003a [SR] Beginning Verify and Repair transaction
2013-07-23 00:16:31, Info CSI 0000003c [SR] Verify complete
2013-07-23 00:16:31, Info CSI 0000003d [SR] Verifying 100 (0x0000000000000064) components
2013-07-23 00:16:31, Info CSI 0000003e [SR] Beginning Verify and Repair transaction
2013-07-23 00:16:32, Info CSI 00000040 [SR] Verify complete
2013-07-23 00:16:32, Info CSI 00000041 [SR] Verifying 100 (0x0000000000000064) components
2013-07-23 00:16:32, Info CSI 00000042 [SR] Beginning Verify and Repair transaction
2013-07-23 00:16:33, Info CSI 00000044 [SR] Verify complete
2013-07-23 00:16:34, Info CSI 00000045 [SR] Verifying 100 (0x0000000000000064) components
2013-07-23 00:16:34, Info CSI 00000046 [SR] Beginning Verify and Repair transaction
2013-07-23 00:16:37, Info CSI 00000048 [SR] Verify complete
2013-07-23 00:16:37, Info CSI 00000049 [SR] Verifying 100 (0x0000000000000064) components
2013-07-23 00:16:37, Info CSI 0000004a [SR] Beginning Verify and Repair transaction
2013-07-23 00:16:41, Info CSI 0000004d [SR] Verify complete
2013-07-23 00:16:42, Info CSI 0000004e [SR] Verifying 100 (0x0000000000000064) components
2013-07-23 00:16:42, Info CSI 0000004f [SR] Beginning Verify and Repair transaction
2013-07-23 00:16:46, Info CSI 00000053 [SR] Verify complete
2013-07-23 00:16:46, Info CSI 00000054 [SR] Verifying 100 (0x0000000000000064) components
2013-07-23 00:16:46, Info CSI 00000055 [SR] Beginning Verify and Repair transaction
2013-07-23 00:16:49, Info CSI 00000057 [SR] Verify complete
2013-07-23 00:16:50, Info CSI 00000058 [SR] Verifying 100 (0x0000000000000064) components
2013-07-23 00:16:50, Info CSI 00000059 [SR] Beginning Verify and Repair transaction
2013-07-23 00:16:53, Info CSI 0000005e [SR] Verify complete
2013-07-23 00:16:53, Info CSI 0000005f [SR] Verifying 100 (0x0000000000000064) components
2013-07-23 00:16:53, Info CSI 00000060 [SR] Beginning Verify and Repair transaction
2013-07-23 00:16:57, Info CSI 00000062 [SR] Verify complete
2013-07-23 00:16:57, Info CSI 00000063 [SR] Verifying 100 (0x0000000000000064) components
2013-07-23 00:16:57, Info CSI 00000064 [SR] Beginning Verify and Repair transaction
2013-07-23 00:17:00, Info CSI 00000066 [SR] Verify complete
2013-07-23 00:17:01, Info CSI 00000067 [SR] Verifying 100 (0x0000000000000064) components
2013-07-23 00:17:01, Info CSI 00000068 [SR] Beginning Verify and Repair transaction
2013-07-23 00:17:07, Info CSI 0000008d [SR] Verify complete
2013-07-23 00:17:07, Info CSI 0000008e [SR] Verifying 100 (0x0000000000000064) components
2013-07-23 00:17:07, Info CSI 0000008f [SR] Beginning Verify and Repair transaction
2013-07-23 00:17:11, Info CSI 00000091 [SR] Verify complete
2013-07-23 00:17:11, Info CSI 00000092 [SR] Verifying 100 (0x0000000000000064) components
2013-07-23 00:17:11, Info CSI 00000093 [SR] Beginning Verify and Repair transaction
2013-07-23 00:17:16, Info CSI 00000095 [SR] Verify complete
2013-07-23 00:17:16, Info CSI 00000096 [SR] Verifying 100 (0x0000000000000064) components
2013-07-23 00:17:16, Info CSI 00000097 [SR] Beginning Verify and Repair transaction
2013-07-23 00:17:20, Info CSI 00000099 [SR] Verify complete
2013-07-23 00:17:20, Info CSI 0000009a [SR] Verifying 100 (0x0000000000000064) components
2013-07-23 00:17:20, Info CSI 0000009b [SR] Beginning Verify and Repair transaction
2013-07-23 00:17:23, Info CSI 0000009d [SR] Verify complete
2013-07-23 00:17:23, Info CSI 0000009e [SR] Verifying 100 (0x0000000000000064) components
2013-07-23 00:17:23, Info CSI 0000009f [SR] Beginning Verify and Repair transaction
2013-07-23 00:17:27, Info CSI 000000a1 [SR] Verify complete
2013-07-23 00:17:27, Info CSI 000000a2 [SR] Verifying 100 (0x0000000000000064) components
2013-07-23 00:17:27, Info CSI 000000a3 [SR] Beginning Verify and Repair transaction
2013-07-23 00:17:31, Info CSI 000000a5 [SR] Verify complete
2013-07-23 00:17:31, Info CSI 000000a6 [SR] Verifying 100 (0x0000000000000064) components
2013-07-23 00:17:31, Info CSI 000000a7 [SR] Beginning Verify and Repair transaction
2013-07-23 00:17:36, Info CSI 000000ca [SR] Verify complete
2013-07-23 00:17:37, Info CSI 000000cb [SR] Verifying 100 (0x0000000000000064) components
2013-07-23 00:17:37, Info CSI 000000cc [SR] Beginning Verify and Repair transaction
2013-07-23 00:17:42, Info CSI 000000ce [SR] Verify complete
2013-07-23 00:17:42, Info CSI 000000cf [SR] Verifying 100 (0x0000000000000064) components
2013-07-23 00:17:42, Info CSI 000000d0 [SR] Beginning Verify and Repair transaction
2013-07-23 00:17:49, Info CSI 000000d2 [SR] Verify complete
2013-07-23 00:17:49, Info CSI 000000d3 [SR] Verifying 100 (0x0000000000000064) components
2013-07-23 00:17:49, Info CSI 000000d4 [SR] Beginning Verify and Repair transaction
2013-07-23 00:17:55, Info CSI 000000d6 [SR] Verify complete
2013-07-23 00:17:56, Info CSI 000000d7 [SR] Verifying 100 (0x0000000000000064) components
2013-07-23 00:17:56, Info CSI 000000d8 [SR] Beginning Verify and Repair transaction
2013-07-23 00:18:01, Info CSI 000000dc [SR] Verify complete
2013-07-23 00:18:01, Info CSI 000000dd [SR] Verifying 100 (0x0000000000000064) components
2013-07-23 00:18:01, Info CSI 000000de [SR] Beginning Verify and Repair transaction
2013-07-23 00:18:04, Info CSI 000000e0 [SR] Verify complete
2013-07-23 00:18:04, Info CSI 000000e1 [SR] Verifying 100 (0x0000000000000064) components
2013-07-23 00:18:04, Info CSI 000000e2 [SR] Beginning Verify and Repair transaction
2013-07-23 00:18:06, Info CSI 000000e4 [SR] Verify complete
2013-07-23 00:18:06, Info CSI 000000e5 [SR] Verifying 100 (0x0000000000000064) components
2013-07-23 00:18:06, Info CSI 000000e6 [SR] Beginning Verify and Repair transaction
2013-07-23 00:18:08, Info CSI 000000e8 [SR] Verify complete
2013-07-23 00:18:08, Info CSI 000000e9 [SR] Verifying 100 (0x0000000000000064) components
2013-07-23 00:18:08, Info CSI 000000ea [SR] Beginning Verify and Repair transaction
2013-07-23 00:18:09, Info CSI 000000ec [SR] Verify complete
2013-07-23 00:18:10, Info CSI 000000ed [SR] Verifying 100 (0x0000000000000064) components
2013-07-23 00:18:10, Info CSI 000000ee [SR] Beginning Verify and Repair transaction
2013-07-23 00:18:15, Info CSI 000000fa [SR] Verify complete
2013-07-23 00:18:15, Info CSI 000000fb [SR] Verifying 100 (0x0000000000000064) components
2013-07-23 00:18:15, Info CSI 000000fc [SR] Beginning Verify and Repair transaction
2013-07-23 00:18:18, Info CSI 00000105 [SR] Verify complete
2013-07-23 00:18:18, Info CSI 00000106 [SR] Verifying 100 (0x0000000000000064) components
2013-07-23 00:18:18, Info CSI 00000107 [SR] Beginning Verify and Repair transaction
2013-07-23 00:18:20, Info CSI 00000109 [SR] Verify complete
2013-07-23 00:18:20, Info CSI 0000010a [SR] Verifying 100 (0x0000000000000064) components
2013-07-23 00:18:20, Info CSI 0000010b [SR] Beginning Verify and Repair transaction
2013-07-23 00:18:23, Info CSI 0000010d [SR] Verify complete
2013-07-23 00:18:23, Info CSI 0000010e [SR] Verifying 100 (0x0000000000000064) components
2013-07-23 00:18:23, Info CSI 0000010f [SR] Beginning Verify and Repair transaction
2013-07-23 00:18:25, Info CSI 00000111 [SR] Verify complete
2013-07-23 00:18:25, Info CSI 00000112 [SR] Verifying 100 (0x0000000000000064) components
2013-07-23 00:18:25, Info CSI 00000113 [SR] Beginning Verify and Repair transaction
2013-07-23 00:18:29, Info CSI 00000116 [SR] Verify complete
2013-07-23 00:18:30, Info CSI 00000117 [SR] Verifying 100 (0x0000000000000064) components
2013-07-23 00:18:30, Info CSI 00000118 [SR] Beginning Verify and Repair transaction
2013-07-23 00:18:37, Info CSI 0000011b [SR] Verify complete
2013-07-23 00:18:37, Info CSI 0000011c [SR] Verifying 100 (0x0000000000000064) components
2013-07-23 00:18:37, Info CSI 0000011d [SR] Beginning Verify and Repair transaction
# AdwCleaner v2.306 - Logfile created 07/23/2013 at 00:10:09
# Updated 19/07/2013 by Xplode
# Operating system : Service Pack 1 (64 bits)
# User : Ghost - PC-GHOST
# Boot Mode : Normal
# Running from : C:\Users\Ghost\Desktop\adwcleaner.exe
# Option [Delete]
***** [Services] *****
***** [Files / Folders] *****
Folder Deleted : C:\Users\Ghost\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Ghost\AppData\Local\AVG Security Toolbar
Folder Deleted : C:\Users\Ghost\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\Ghost\AppData\LocalLow\AVG Security Toolbar
Folder Deleted : C:\Users\Ghost\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Ghost\AppData\LocalLow\ConduitEngine
Folder Deleted : C:\Users\Ghost\AppData\Roaming\Mozilla\Firefox\Profiles\nmnjp6bc.default\extensions\
[email protected]***** [Registry] *****
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\conduitEngine
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BabylonHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1269415
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
***** [Internet Browsers] *****
-\\ Internet Explorer v
[OK] Registry is clean.
-\\ Mozilla Firefox v [Unable to get version]
File : C:\Users\Ghost\AppData\Roaming\Mozilla\Firefox\Profiles\nmnjp6bc.default\prefs.js
Deleted : user_pref("avg.install.installDirPath", "C:\\ProgramData\\AVG Secure Search\\10.2.0.3");
Deleted : user_pref("browser.search.defaultthis.engineName", "Download Energy Customized Web Search");
Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1269415&Sea[...]
Deleted : user_pref("extensions.crossriderapp14917.14917.InstallationTime", 1357492152);
Deleted : user_pref("extensions.crossriderapp14917.14917.active", true);
Deleted : user_pref("extensions.crossriderapp14917.14917.addressbar", "");
Deleted : user_pref("extensions.crossriderapp14917.14917.addressbarenhanced", "");
Deleted : user_pref("extensions.crossriderapp14917.14917.asyncdb_dbWasSet", true);
Deleted : user_pref("extensions.crossriderapp14917.14917.asyncinternaldb_dbWasSet", true);
Deleted : user_pref("extensions.crossriderapp14917.14917.backgroundjs", "\n\n//appAPI.onRequest(function(resou[...]
Deleted : user_pref("extensions.crossriderapp14917.14917.backgroundver", 6);
Deleted : user_pref("extensions.crossriderapp14917.14917.can_run_bg_code", true);
Deleted : user_pref("extensions.crossriderapp14917.14917.certdomaininstaller", "");
Deleted : user_pref("extensions.crossriderapp14917.14917.changeprevious", false);
Deleted : user_pref("extensions.crossriderapp14917.14917.cookie.CrossriderNotifier_channels.expiration", "Fri [...]
Deleted : user_pref("extensions.crossriderapp14917.14917.cookie.CrossriderNotifier_channels.value", "%7B%22app[...]
Deleted : user_pref("extensions.crossriderapp14917.14917.cookie.CrossriderNotifier_geolocation.expiration", "T[...]
Deleted : user_pref("extensions.crossriderapp14917.14917.cookie.CrossriderNotifier_geolocation.value", "%22FI%[...]
Deleted : user_pref("extensions.crossriderapp14917.14917.cookie.InstallationTime.expiration", "Fri Feb 01 2030[...]
Deleted : user_pref("extensions.crossriderapp14917.14917.cookie.InstallationTime.value", "1357492152");
Deleted : user_pref("extensions.crossriderapp14917.14917.description", "Facebook Undetected lets you disable F[...]
Deleted : user_pref("extensions.crossriderapp14917.14917.domain", "");
Deleted : user_pref("extensions.crossriderapp14917.14917.enablesearch", false);
Deleted : user_pref("extensions.crossriderapp14917.14917.fbremoteurl", "");
Deleted : user_pref("extensions.crossriderapp14917.14917.group", 0);
Deleted : user_pref("extensions.crossriderapp14917.14917.homepage", "");
Deleted : user_pref("extensions.crossriderapp14917.14917.iframe", false);
Deleted : user_pref("extensions.crossriderapp14917.14917.internaldb.Resources_appVer.expiration", "Fri Feb 01 [...]
Deleted : user_pref("extensions.crossriderapp14917.14917.internaldb.Resources_appVer.value", "61");
Deleted : user_pref("extensions.crossriderapp14917.14917.internaldb.Resources_lastVersion.expiration", "Fri Fe[...]
Deleted : user_pref("extensions.crossriderapp14917.14917.internaldb.Resources_lastVersion.value", "0");
Deleted : user_pref("extensions.crossriderapp14917.14917.internaldb.Resources_meta.expiration", "Fri Feb 01 20[...]
Deleted : user_pref("extensions.crossriderapp14917.14917.internaldb.Resources_meta.value", "%7B%7D");
Deleted : user_pref("extensions.crossriderapp14917.14917.internaldb.Resources_queue.expiration", "Fri Feb 01 2[...]
Deleted : user_pref("extensions.crossriderapp14917.14917.internaldb.Resources_queue.value", "%7B%7D");
Deleted : user_pref("extensions.crossriderapp14917.14917.internaldb.Resources_remote_resources.expiration", "F[...]
Deleted : user_pref("extensions.crossriderapp14917.14917.internaldb.Resources_remote_resources.value", "%7B%22[...]
Deleted : user_pref("extensions.crossriderapp14917.14917.internaldb.__crossrider_daily_ping__.expiration", "Fr[...]
Deleted : user_pref("extensions.crossriderapp14917.14917.internaldb.__crossrider_daily_ping__.value", "1374166[...]
Deleted : user_pref("extensions.crossriderapp14917.14917.internaldb._sanity_pings_counter.expiration", "Fri Fe[...]
Deleted : user_pref("extensions.crossriderapp14917.14917.internaldb._sanity_pings_counter.value", "116");
Deleted : user_pref("extensions.crossriderapp14917.14917.js", "\n\nappAPI.ready(function($) {\n\n});\n\n");
Deleted : user_pref("extensions.crossriderapp14917.14917.manifesturl", "");
Deleted : user_pref("extensions.crossriderapp14917.14917.name", "Chat Undetected");
Deleted : user_pref("extensions.crossriderapp14917.14917.newtab", "");
Deleted : user_pref("extensions.crossriderapp14917.14917.opensearch", "");
Deleted : user_pref("extensions.crossriderapp14917.14917.plugins.plugin_1.code", "appAPI._cr_config={appID:fun[...]
Deleted : user_pref("extensions.crossriderapp14917.14917.plugins.plugin_1.name", "base");
Deleted : user_pref("extensions.crossriderapp14917.14917.plugins.plugin_1.ver", 6);
Deleted : user_pref("extensions.crossriderapp14917.14917.plugins.plugin_13.code", "(function(a){a.selectedText[...]
Deleted : user_pref("extensions.crossriderapp14917.14917.plugins.plugin_13.name", "CrossriderAppUtils");
Deleted : user_pref("extensions.crossriderapp14917.14917.plugins.plugin_13.ver", 3);
Deleted : user_pref("extensions.crossriderapp14917.14917.plugins.plugin_14.code", "if(typeof(appAPI)===\"undef[...]
Deleted : user_pref("extensions.crossriderapp14917.14917.plugins.plugin_14.name", "CrossriderUtils");
Deleted : user_pref("extensions.crossriderapp14917.14917.plugins.plugin_14.ver", 9);
Deleted : user_pref("extensions.crossriderapp14917.14917.plugins.plugin_16.code", "if((typeof isBackground===\[...]
Deleted : user_pref("extensions.crossriderapp14917.14917.plugins.plugin_16.name", "FFAppAPIWrapper");
Deleted : user_pref("extensions.crossriderapp14917.14917.plugins.plugin_16.ver", 9);
Deleted : user_pref("extensions.crossriderapp14917.14917.plugins.plugin_17.code", "if(typeof window!==\"undefi[...]
Deleted : user_pref("extensions.crossriderapp14917.14917.plugins.plugin_17.name", "jQuery");
Deleted : user_pref("extensions.crossriderapp14917.14917.plugins.plugin_17.ver", 4);
Deleted : user_pref("extensions.crossriderapp14917.14917.plugins.plugin_21.code", "var CrossriderDebugManager=[...]
Deleted : user_pref("extensions.crossriderapp14917.14917.plugins.plugin_21.name", "debug");
Deleted : user_pref("extensions.crossriderapp14917.14917.plugins.plugin_21.ver", 4);
Deleted : user_pref("extensions.crossriderapp14917.14917.plugins.plugin_22.code", "(function(a){appAPI.queueMa[...]
Deleted : user_pref("extensions.crossriderapp14917.14917.plugins.plugin_22.name", "resources");
Deleted : user_pref("extensions.crossriderapp14917.14917.plugins.plugin_22.ver", 4);
Deleted : user_pref("extensions.crossriderapp14917.14917.plugins.plugin_28.code", "var CrossriderInitializerPl[...]
Deleted : user_pref("extensions.crossriderapp14917.14917.plugins.plugin_28.name", "initializer");
Deleted : user_pref("extensions.crossriderapp14917.14917.plugins.plugin_28.ver", 3);
Deleted : user_pref("extensions.crossriderapp14917.14917.plugins.plugin_4.code", "var jQuery = $jquery_171 = $[...]
Deleted : user_pref("extensions.crossriderapp14917.14917.plugins.plugin_4.name", "jquery_1_7_1");
Deleted : user_pref("extensions.crossriderapp14917.14917.plugins.plugin_4.ver", 4);
Deleted : user_pref("extensions.crossriderapp14917.14917.plugins.plugin_47.code", "(function(){appAPI.ready=fu[...]
Deleted : user_pref("extensions.crossriderapp14917.14917.plugins.plugin_47.name", "resources_background");
Deleted : user_pref("extensions.crossriderapp14917.14917.plugins.plugin_47.ver", 3);
Deleted : user_pref("extensions.crossriderapp14917.14917.plugins.plugin_5.code", "(function(f){f.ui=f.ui||{};v[...]
Deleted : user_pref("extensions.crossriderapp14917.14917.plugins.plugin_5.name", "notifications");
Deleted : user_pref("extensions.crossriderapp14917.14917.plugins.plugin_5.ver", 5);
Deleted : user_pref("extensions.crossriderapp14917.14917.plugins.plugin_64.code", "(function(){var h=\"__CR_EM[...]
Deleted : user_pref("extensions.crossriderapp14917.14917.plugins.plugin_64.name", "appApiMessage");
Deleted : user_pref("extensions.crossriderapp14917.14917.plugins.plugin_64.ver", 2);
Deleted : user_pref("extensions.crossriderapp14917.14917.plugins.plugin_7.code", "appAPI.hooks={$:$jquery_171,[...]
Deleted : user_pref("extensions.crossriderapp14917.14917.plugins.plugin_7.name", "hooks");
Deleted : user_pref("extensions.crossriderapp14917.14917.plugins.plugin_7.ver", 2);
Deleted : user_pref("extensions.crossriderapp14917.14917.plugins.plugin_72.code", "if(appAPI.__should_activate[...]
Deleted : user_pref("extensions.crossriderapp14917.14917.plugins.plugin_72.name", "appApiValidation");
Deleted : user_pref("extensions.crossriderapp14917.14917.plugins.plugin_72.ver", 3);
Deleted : user_pref("extensions.crossriderapp14917.14917.plugins.plugin_78.code", "if(typeof jQuery!==\"undefi[...]
Deleted : user_pref("extensions.crossriderapp14917.14917.plugins.plugin_78.name", "CrossriderInfo");
Deleted : user_pref("extensions.crossriderapp14917.14917.plugins.plugin_78.ver", 3);
Deleted : user_pref("extensions.crossriderapp14917.14917.plugins.plugin_79.code", "(function(){function a(){tr[...]
Deleted : user_pref("extensions.crossriderapp14917.14917.plugins.plugin_79.name", "CrossriderDailyPing");
Deleted : user_pref("extensions.crossriderapp14917.14917.plugins.plugin_79.ver", 10);
Deleted : user_pref("extensions.crossriderapp14917.14917.plugins.plugin_9.code", "appAPI.hooks.addHook(\"searc[...]
Deleted : user_pref("extensions.crossriderapp14917.14917.plugins.plugin_9.name", "search_engine_hook");
Deleted : user_pref("extensions.crossriderapp14917.14917.plugins.plugin_9.ver", 2);
Deleted : user_pref("extensions.crossriderapp14917.14917.plugins.plugin_98.code", "(function(){var b=\"cr_\"+a[...]
Deleted : user_pref("extensions.crossriderapp14917.14917.plugins.plugin_98.name", "omniCommands");
Deleted : user_pref("extensions.crossriderapp14917.14917.plugins.plugin_98.ver", 2);
Deleted : user_pref("extensions.crossriderapp14917.14917.plugins_lists.plugins_0", "4,14,78,16,64,47,72,98");
Deleted : user_pref("extensions.crossriderapp14917.14917.plugins_lists.plugins_1", "17,14,78,13,16,64,4,1,21,2[...]
Deleted : user_pref("extensions.crossriderapp14917.14917.plugins_lists.plugins_5", "4,14,78,13,16,64,47,72");
Deleted : user_pref("extensions.crossriderapp14917.14917.pluginsurl", "hxxps://w9u6a2p6.ssl.hwcdn.net/plugin/a[...]
Deleted : user_pref("extensions.crossriderapp14917.14917.pluginsversion", 25);
Deleted : user_pref("extensions.crossriderapp14917.14917.publisher", "Crossrider");
Deleted : user_pref("extensions.crossriderapp14917.14917.searchstatus", 0);
Deleted : user_pref("extensions.crossriderapp14917.14917.setnewtab", false);
Deleted : user_pref("extensions.crossriderapp14917.14917.settingsurl", "");
Deleted : user_pref("extensions.crossriderapp14917.14917.thankyou", "hxxp://crossrider.com/thank_you/14917");
Deleted : user_pref("extensions.crossriderapp14917.14917.updateinterval", 360);
Deleted : user_pref("extensions.crossriderapp14917.14917.ver", 64);
Deleted : user_pref("extensions.crossriderapp14917.apps", "14917");
Deleted : user_pref("extensions.crossriderapp14917.bic", "13c10d664fb9f9f7d7cd5c7c28c0994d");
Deleted : user_pref("extensions.crossriderapp14917.cid", 14917);
Deleted : user_pref("extensions.crossriderapp14917.firstrun", false);
Deleted : user_pref("extensions.crossriderapp14917.hadappinstalled", true);
Deleted : user_pref("extensions.crossriderapp14917.installationdate", 1357492152);
Deleted : user_pref("extensions.crossriderapp14917.lastcheck", 22908454);
Deleted : user_pref("extensions.crossriderapp14917.lastcheckitem", 22908485);
Deleted : user_pref("extensions.crossriderapp14917.modetype", "production");
Deleted : user_pref("extensions.crossriderapp14917.reportInstall", true);
Deleted : user_pref("extensions.crossriderapp14917.statsDailyCounter", 128);
Deleted : user_pref("
[email protected]", true);
Deleted : user_pref("extensions.enabledAddons", "%7BD4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389%7D:0.9.10,%7BE173B749[...]
Deleted : user_pref("
[email protected]", true);
Deleted : user_pref("vshare.install.date", "1313847120");
Deleted : user_pref("vshare.install.finished", "1.0.0");
Deleted : user_pref("vshare.install.fresh", "false");
Deleted : user_pref("vshare.install.guid", "{84ac94f0-1b4c-48da-a1e9-a0a6b3b3409b}");
Deleted : user_pref("vshare.install.newtab", false);
-\\ Google Chrome v [Unable to get version]
File : C:\Users\Ghost\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
-\\ Chromium v29.0.1512.0
File : C:\Users\Ghost\AppData\Local\Chromium\User Data\Default\Preferences
[OK] File is clean.
-\\ Opera v [Unable to get version]
File : C:\Users\Ghost\AppData\Roaming\Opera\Opera\operaprefs.ini
Deleted : application/x-winampx-1.0.0.1=6,,C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll,Winamp A[...]
Deleted : application/x-winampx-1.0.0.1=,0
*************************
AdwCleaner[S1].txt - [18806 octets] - [23/07/2013 00:10:09]
########## EOF - C:\AdwCleaner[S1].txt - [18867 octets] ##########
OTL logfile created on: 23.7.2013 0:22:02 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Ghost\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = )
Locale: 0000040b | Country: Suomi | Language: FIN | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 2,55 Gb Available Physical Memory | 63,83% Memory free
8,00 Gb Paging File | 6,27 Gb Available in Paging File | 78,42% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 151,46 Gb Total Space | 13,30 Gb Free Space | 8,78% Space Free | Partition Type: NTFS
Drive D: | 322,26 Gb Total Space | 14,06 Gb Free Space | 4,36% Space Free | Partition Type: NTFS
Drive E: | 122,44 Gb Total Space | 4,31 Gb Free Space | 3,52% Space Free | Partition Type: NTFS
Drive F: | 465,76 Gb Total Space | 12,90 Gb Free Space | 2,77% Space Free | Partition Type: NTFS
Computer Name: PC-GHOST | User Name: Ghost | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - File not found --
PRC - [2013.07.01 20:58:21 | 001,598,128 | ---- | M] (AVG Secure Search) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe
PRC - [2013.06.28 20:41:52 | 001,376,608 | ---- | M] () -- C:\Program Files (x86)\Opera\15.0.1147.130\opera_crashreporter.exe
PRC - [2013.06.28 20:41:49 | 039,477,088 | ---- | M] (Opera Software) -- C:\Program Files (x86)\Opera\15.0.1147.130\opera.exe
PRC - [2013.06.15 14:13:35 | 001,104,384 | ---- | M] (Spotify Ltd) -- D:\Ohjelmat\Spotify\Data\SpotifyWebHelper.exe
PRC - [2013.05.10 00:57:24 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013.04.04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012.10.05 23:57:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Ghost\Desktop\OTL.exe
PRC - [2012.02.21 20:39:30 | 002,043,904 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWLan.exe
PRC - [2011.03.07 15:42:42 | 000,969,216 | ---- | M] (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) -- C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
PRC - [2010.04.16 17:10:58 | 000,036,864 | ---- | M] (Realtek) -- C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe
PRC - [2009.07.24 19:38:50 | 000,189,728 | ---- | M] (Protexis Inc.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2008.07.22 12:18:44 | 000,163,840 | ---- | M] () -- D:\Ohjelmat\Desktop Media\mediadetect.exe
PRC - [2005.09.30 19:22:50 | 000,096,341 | ---- | M] (Canon Inc.) -- C:\Program Files (x86)\Canon\CAL\CALMAIN.exe
========== Modules (No Company Name) ========== MOD - [2013.06.28 20:41:58 | 000,977,248 | ---- | M] () -- C:\Program Files (x86)\Opera\15.0.1147.130\ffmpegsumo.dll
MOD - [2013.06.28 20:41:52 | 001,376,608 | ---- | M] () -- C:\Program Files (x86)\Opera\15.0.1147.130\opera_crashreporter.exe
MOD - [2011.03.07 15:21:06 | 000,315,392 | ---- | M] () -- C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
MOD - [2011.03.07 15:21:02 | 000,433,664 | ---- | M] () -- C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
MOD - [2008.07.22 12:18:44 | 000,163,840 | ---- | M] () -- D:\Ohjelmat\Desktop Media\mediadetect.exe
========== Services (SafeList) ========== SRV:
64bit: - [2013.06.04 14:44:06 | 000,182,848 | ---- | M] (Soluto) [Auto | Running] -- C:\Program Files\Soluto\SolutoLauncherService.exe -- (SolutoLauncherService)
SRV:
64bit: - [2013.06.04 14:44:04 | 000,746,048 | ---- | M] (Soluto) [Auto | Running] -- C:\Program Files\Soluto\SolutoService.exe -- (SolutoService)
SRV:
64bit: - [2013.06.04 14:40:24 | 001,671,680 | ---- | M] (GlavSoft LLC.) [On_Demand | Stopped] -- C:\Program Files\Soluto\SolutoRemoteService.exe -- (SolutoRemoteService)
SRV:
64bit: - [2013.05.27 08:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:
64bit: - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV:
64bit: - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV:
64bit: - [2012.04.06 05:16:02 | 000,236,544 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:
64bit: - [2010.06.06 15:25:32 | 001,038,088 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:
64bit: - [2010.05.06 12:30:22 | 000,357,456 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:
64bit: - [2009.10.07 01:47:10 | 000,191,000 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcS64)
SRV:
64bit: - [2009.09.23 14:34:04 | 000,073,728 | ---- | M] (Tablet Driver) [Auto | Running] -- C:\Windows\SysNative\drivers\WTSrv.exe -- (WinTabService)
SRV:
64bit: - [2009.07.14 04:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013.07.01 20:58:21 | 001,598,128 | ---- | M] (AVG Secure Search) [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe -- (vToolbarUpdater15.3.0)
SRV - [2013.05.15 00:49:36 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.05.10 00:57:24 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.04.19 15:14:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.02.14 04:14:02 | 000,543,144 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.12.19 10:49:34 | 000,732,648 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2012.01.18 06:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2011.03.28 15:41:12 | 002,111,368 | ---- | M] (LogMeIn Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2010.11.29 20:31:21 | 000,075,136 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010.10.09 04:57:25 | 000,008,192 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\srvany.exe -- (KMService)
SRV - [2010.06.06 15:23:59 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.04.16 17:10:58 | 000,036,864 | ---- | M] (Realtek) [Auto | Running] -- C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe -- (Realtek11nSU)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.07.24 19:38:50 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2009.06.11 00:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.08.15 05:46:20 | 000,284,016 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -- (Adobe Version Cue CS4)
SRV - [2005.09.30 19:22:50 | 000,096,341 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files (x86)\Canon\CAL\CALMAIN.exe -- (CCALib8)
========== Driver Services (SafeList) ========== DRV:
64bit: - File not found [Kernel | Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys -- (AODDriver4.01)
DRV:
64bit: - [2013.07.01 20:58:21 | 000,045,856 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:
64bit: - [2013.06.04 14:40:06 | 000,054,728 | ---- | M] (Soluto LTD.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\Soluto.sys -- (Soluto)
DRV:
64bit: - [2013.04.04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:
64bit: - [2012.11.09 16:33:30 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:
64bit: - [2012.11.09 16:33:30 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:
64bit: - [2012.11.09 16:33:30 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:
64bit: - [2012.11.09 16:33:30 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:
64bit: - [2012.10.17 14:53:46 | 000,026,112 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:
64bit: - [2012.08.23 17:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:
64bit: - [2012.08.23 17:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:
64bit: - [2012.05.14 09:12:30 | 000,096,896 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:
64bit: - [2012.04.06 08:22:40 | 011,174,400 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:
64bit: - [2012.04.06 08:22:40 | 011,174,400 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:
64bit: - [2012.04.06 04:10:44 | 000,343,040 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:
64bit: - [2012.03.01 09:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:
64bit: - [2012.01.18 06:44:36 | 004,865,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:
64bit: - [2012.01.18 06:44:28 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:
64bit: - [2011.08.11 14:46:46 | 000,694,376 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RTL8192su.sys -- (RTL8192su)
DRV:
64bit: - [2011.06.10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:
64bit: - [2011.05.10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:
64bit: - [2011.03.11 09:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:
64bit: - [2011.03.11 09:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:
64bit: - [2010.12.23 15:48:46 | 000,818,424 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:
64bit: - [2010.11.20 16:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:
64bit: - [2010.11.20 13:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:
64bit: - [2010.11.09 16:35:24 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135)
DRV:
64bit: - [2010.04.27 16:57:20 | 000,016,200 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmVirHid.sys -- (WmVirHid)
DRV:
64bit: - [2010.04.27 16:57:12 | 000,026,440 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmBEnum.sys -- (WmBEnum)
DRV:
64bit: - [2010.04.27 14:03:12 | 000,077,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmXlCore.sys -- (WmXlCore)
DRV:
64bit: - [2010.04.27 14:02:42 | 000,043,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmFilter.sys -- (WmFilter)
DRV:
64bit: - [2010.03.30 23:27:42 | 000,015,360 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Spyder3.sys -- (Spyder3)
DRV:
64bit: - [2010.03.18 12:00:40 | 000,041,040 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:
64bit: - [2010.03.18 12:00:16 | 000,057,936 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:
64bit: - [2010.03.18 12:00:00 | 000,063,568 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:
64bit: - [2010.03.09 13:21:42 | 000,123,408 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:
64bit: - [2010.02.18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:
64bit: - [2009.12.18 01:25:17 | 000,034,472 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:
64bit: - [2009.10.07 01:45:50 | 000,030,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2Mon)
DRV:
64bit: - [2009.10.07 01:45:50 | 000,030,232 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2M64)
DRV:
64bit: - [2009.08.10 00:25:45 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:
64bit: - [2009.07.14 04:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:
64bit: - [2009.07.14 04:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:
64bit: - [2009.07.14 04:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:
64bit: - [2009.07.14 03:09:02 | 000,120,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\irda.sys -- (irda)
DRV:
64bit: - [2009.06.18 11:42:34 | 000,022,696 | ---- | M] (Tablet Driver) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UCTblHid.sys -- (UCTblHid)
DRV:
64bit: - [2009.06.18 11:42:16 | 000,027,304 | ---- | M] (Tablet Driver) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TClass2k.sys -- (TClass2k)
DRV:
64bit: - [2009.06.18 11:41:58 | 000,017,064 | ---- | M] (PenTablet Driver) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PTSimHid.sys -- (PTSimHid)
DRV:
64bit: - [2009.06.18 11:41:46 | 000,027,304 | ---- | M] (PenTablet Driver) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PTSimBus.sys -- (PTSimBus)
DRV:
64bit: - [2009.06.10 23:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:
64bit: - [2009.06.10 23:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:
64bit: - [2009.06.10 23:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:
64bit: - [2009.06.10 23:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:
64bit: - [2009.05.18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:
64bit: - [2009.03.18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:
64bit: - [2008.06.27 07:51:10 | 000,088,632 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\adfs.sys -- (adfs)
DRV:
64bit: - [2008.01.19 06:36:12 | 000,027,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\irsir.sys -- (irsir)
DRV - [2009.07.14 04:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:
64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:
64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/...ms}&FORM=IE8SRCIE - HKLM\..\SearchScopes,DefaultScope =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fi
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 2A 21 4A 5A D4 00 CB 01 [binary data]
IE - HKCU\..\URLSearchHook: {ad708c09-d51b-45b3-9d28-4eba2681febf} - C:\Program Files (x86)\Download_Energy\prxtbDown.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/...Box&FORM=IE10SRIE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ========== FF - prefs.js..browser.search.openintab: true
FF - prefs.js..browser.search.selectedEngine: "DuckDuckGo"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.3.42
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1178
FF - prefs.js..extensions.enabledItems: avg@igeared:6.011.025.001
FF - prefs.js..extensions.enabledItems:
[email protected]:3.6.4
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.2
FF - prefs.js..extensions.enabledItems: {1280606b-2510-4fe0-97ef-9b5a22eafe30}:0.7.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems:
[email protected]:3.6.1
FF - prefs.js..extensions.enabledItems: {d650973c-0444-4ac7-9d00-19e3613c83b9}:3.6.7
FF - prefs.js..extensions.enabledItems:
[email protected]:3.6.4
FF - prefs.js..extensions.enabledItems:
[email protected]:3.6.5
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF:
64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Ghost\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.05.17 08:38:41 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.7\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.06.25 20:08:00 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.7\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
[2011.03.11 18:55:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ghost\AppData\Roaming\Mozilla\Extensions
[2011.03.11 18:55:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ghost\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2013.07.23 00:10:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ghost\AppData\Roaming\Mozilla\Firefox\Profiles\nmnjp6bc.default\extensions
[2010.05.31 20:41:37 | 000,000,000 | ---D | M] (Whitehart) -- C:\Users\Ghost\AppData\Roaming\Mozilla\Firefox\Profiles\nmnjp6bc.default\extensions\{d650973c-0444-4ac7-9d00-19e3613c83b9}
[2011.11.28 10:56:07 | 000,000,000 | ---D | M] (Memory Fox) -- C:\Users\Ghost\AppData\Roaming\Mozilla\Firefox\Profiles\nmnjp6bc.default\extensions\{E173B749-DB5B-4fd2-BA0E-94ECEA0CA55B}
[2010.12.27 01:16:42 | 000,000,000 | ---D | M] (Chromifox Basic) -- C:\Users\Ghost\AppData\Roaming\Mozilla\Firefox\Profiles\nmnjp6bc.default\extensions\
[email protected][2013.07.11 20:24:52 | 000,000,000 | ---D | M] (Ghostery) -- C:\Users\Ghost\AppData\Roaming\Mozilla\Firefox\Profiles\nmnjp6bc.default\extensions\
[email protected][2012.12.20 18:23:30 | 000,000,000 | ---D | M] (Foxdie) -- C:\Users\Ghost\AppData\Roaming\Mozilla\Firefox\Profiles\nmnjp6bc.default\extensions\
[email protected][2012.12.21 13:15:10 | 000,000,000 | ---D | M] (Foxdie (Graphite)) -- C:\Users\Ghost\AppData\Roaming\Mozilla\Firefox\Profiles\nmnjp6bc.default\extensions\
[email protected][2013.04.16 20:36:13 | 000,000,000 | ---D | M] (DOM Inspector) -- C:\Users\Ghost\AppData\Roaming\Mozilla\Firefox\Profiles\nmnjp6bc.default\extensions\
[email protected][2013.04.30 21:44:45 | 000,000,000 | ---D | M] (rein) -- C:\Users\Ghost\AppData\Roaming\Mozilla\Firefox\Profiles\nmnjp6bc.default\extensions\
[email protected][2012.09.06 09:25:29 | 000,240,755 | ---- | M] () (No name found) -- C:\Users\Ghost\AppData\Roaming\Mozilla\Firefox\Profiles\nmnjp6bc.default\extensions\
[email protected][2013.05.01 16:10:58 | 000,014,909 | ---- | M] () (No name found) -- C:\Users\Ghost\AppData\Roaming\Mozilla\Firefox\Profiles\nmnjp6bc.default\extensions\
[email protected][2013.05.27 11:25:07 | 000,534,431 | ---- | M] () (No name found) -- C:\Users\Ghost\AppData\Roaming\Mozilla\Firefox\Profiles\nmnjp6bc.default\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi
[2013.04.17 20:36:12 | 000,282,569 | ---- | M] () (No name found) -- C:\Users\Ghost\AppData\Roaming\Mozilla\Firefox\Profiles\nmnjp6bc.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi
[2013.06.03 13:23:46 | 000,030,502 | ---- | M] () (No name found) -- C:\Users\Ghost\AppData\Roaming\Mozilla\Firefox\Profiles\nmnjp6bc.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi
[2013.07.22 18:39:28 | 000,818,491 | ---- | M] () (No name found) -- C:\Users\Ghost\AppData\Roaming\Mozilla\Firefox\Profiles\nmnjp6bc.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2011.10.30 11:38:54 | 000,434,392 | ---- | M] () (No name found) -- C:\Users\Ghost\AppData\Roaming\Mozilla\Firefox\Profiles\nmnjp6bc.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi
[2013.04.05 11:57:36 | 000,714,654 | ---- | M] () (No name found) -- C:\Users\Ghost\AppData\Roaming\Mozilla\Firefox\Profiles\nmnjp6bc.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
[2013.07.18 20:41:00 | 000,002,684 | ---- | M] () -- C:\Users\Ghost\AppData\Roaming\Mozilla\Firefox\Profiles\nmnjp6bc.default\searchplugins\ann-encyclopedia.xml
[2013.07.17 22:48:03 | 000,010,316 | ---- | M] () -- C:\Users\Ghost\AppData\Roaming\Mozilla\Firefox\Profiles\nmnjp6bc.default\searchplugins\duckduckgo.xml
[2013.07.18 20:41:00 | 000,004,873 | ---- | M] () -- C:\Users\Ghost\AppData\Roaming\Mozilla\Firefox\Profiles\nmnjp6bc.default\searchplugins\isohunt--bt-search.xml
[2010.06.01 21:15:20 | 000,001,011 | ---- | M] () -- C:\Users\Ghost\AppData\Roaming\Mozilla\Firefox\Profiles\nmnjp6bc.default\searchplugins\torrentz-search.xml
[2012.07.25 18:37:47 | 000,000,705 | ---- | M] () -- C:\Users\Ghost\AppData\Roaming\Mozilla\Firefox\Profiles\nmnjp6bc.default\searchplugins\webster.xml
[2013.05.15 00:49:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013.05.15 00:49:38 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) -- C:\USERS\GHOST\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NMNJP6BC.DEFAULT\EXTENSIONS\
[email protected][2011.10.26 21:49:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2013.02.20 22:08:13 | 000,003,714 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
========== Chrome ========== CHR - default_search_provider: DuckDuckGo (Enabled)
CHR - default_search_provider: search_url =
https://duckduckgo.c...q={searchTerms}CHR - default_search_provider: suggest_url =
CHR - plugin: Chromoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = D:\Ohjelmat\chrome-win32\ppGoogleNaClPluginChrome.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll
CHR - plugin: Java Platform SE 7 U11 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Nokia Suite Enabler Plugin (Enabled) = C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files (x86)\Veetle\Player\npvlc.dll
CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: QUAKE LIVE (Enabled) = C:\ProgramData\id Software\QuakeLive\npquakezero.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Ghost\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll
CHR - plugin: iTunes Application Detector (Enabled) = D:\ohjelmat\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Picasa (Enabled) = d:\ohjelmat\Google\Picasa3\npPicasa3.dll
O1 HOSTS File: ([2013.07.18 22:44:17 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:
64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:
64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:
64bit: - HKLM..\Run: [Soluto] c:\program files\soluto\soluto.exe (Soluto)
O4:
64bit: - HKLM..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [Spotify Web Helper] D:\Ohjelmat\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - Startup: C:\Users\Ghost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Ghost\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Ghost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:
64bit: - Extra context menu item: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O8:
64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:
64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O10:
64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - ftp Prefix: missing
O13 - gopher Prefix: missing
O13 - home Prefix: missing
O13 - mosaic Prefix: missing
O13 - www Prefix: missing
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.241.198.245 62.241.198.246
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4F28F71D-B0F7-4600-8842-2F30750E759B}: DhcpNameServer = 62.241.198.245 62.241.198.246
O18:
64bit: - Protocol\Handler\livecall - No CLSID value found
O18:
64bit: - Protocol\Handler\msnim - No CLSID value found
O18:
64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:
64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Value error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:
64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:
64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:
64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:
64bit: - HKLM\..comfile [open] -- "%1" %*
O35:
64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:
64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:
64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ========== [2013.07.22 18:35:54 | 000,000,000 | ---D | C] -- C:\Users\Ghost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.07.22 18:35:53 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.07.22 18:35:53 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013.07.22 18:34:38 | 000,935,656 | ---- | C] (Microsoft Corporation) -- C:\Users\Ghost\Desktop\VisualBasic6-KB896559-v1-ENU.exe
[2013.07.22 12:44:00 | 000,357,077 | ---- | C] (Farbar) -- C:\Users\Ghost\Desktop\FSS.exe
[2013.07.22 12:25:22 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Ghost\Desktop\OTL.exe
[2013.07.22 12:18:18 | 000,000,000 | ---D | C] -- C:\CC Support
[2013.07.22 12:18:18 | 000,000,000 | ---D | C] -- \CC Support
[2013.07.22 11:55:39 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Ghost\Desktop\tdsskiller.exe
[2013.07.22 09:43:48 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Users\Ghost\Desktop\aswMBR.exe
[2013.07.21 17:57:14 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.07.21 17:57:14 | 000,000,000 | -HSD | C] -- \$RECYCLE.BIN
[2013.07.19 00:08:29 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013.07.18 23:51:08 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013.07.18 23:51:02 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.07.18 23:51:02 | 000,000,000 | ---D | C] -- \Qoobox
[2013.07.18 23:41:18 | 000,000,000 | --SD | C] -- C:\ComboFix
[2013.07.18 23:41:18 | 000,000,000 | --SD | C] -- \ComboFix
[2013.07.18 23:24:33 | 000,000,000 | ---D | C] -- C:\Users\Ghost\AppData\Local\MFAData
[2013.07.18 23:24:33 | 000,000,000 | ---D | C] -- C:\Users\Ghost\AppData\Local\Avg2013
[2013.07.18 23:03:05 | 000,000,000 | ---D | C] -- C:\Program Files\TeaTimer (Spybot - Search & Destroy)
[2013.07.18 23:03:05 | 000,000,000 | ---D | C] -- C:\Program Files\File Scanner Library (Spybot - Search & Destroy)
[2013.07.18 23:01:41 | 000,000,000 | ---D | C] -- C:\Users\Ghost\AppData\Roaming\Spybot - Search & Destroy
[2013.07.18 23:00:39 | 036,364,784 | ---- | C] (Safer-Networking Ltd. ) -- C:\Users\Ghost\Desktop\spybotsd-2.1.20-SR1.exe
[2013.07.18 22:29:31 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013.07.18 20:45:19 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2013.07.18 20:41:55 | 000,000,000 | ---D | C] -- C:\Users\Ghost\Desktop\SUPERSetup
[2013.07.18 20:41:23 | 026,611,408 | ---- | C] (SUPERAntiSpyware.com) -- C:\Users\Ghost\Desktop\SUPERAntiSpyware.exe
[2013.07.18 20:30:58 | 000,000,000 | ---D | C] -- C:\Malwarebytes
[2013.07.18 20:30:58 | 000,000,000 | ---D | C] -- \Malwarebytes
[2013.07.18 20:30:11 | 010,285,040 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Ghost\Desktop\mbam-setup-1.75.0.1300.exe
[2013.07.18 20:02:44 | 017,737,608 | ---- | C] (Adobe Systems Incorporated) -- C:\Users\Ghost\Desktop\install_flash_player.exe
[2013.07.18 19:21:40 | 000,000,000 | ---D | C] -- C:\Application Data
[2013.07.18 19:21:40 | 000,000,000 | ---D | C] -- \Application Data
[2013.07.12 02:02:18 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.07.12 02:02:18 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.07.12 02:02:17 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.07.12 02:02:17 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.07.12 02:02:17 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013.07.12 02:02:17 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013.07.12 02:02:17 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.07.12 02:02:17 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.07.12 02:02:17 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.07.12 02:02:17 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013.07.12 02:02:17 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.07.12 02:02:16 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.07.12 02:02:16 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.07.12 02:02:16 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.07.12 02:02:15 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.07.11 20:43:58 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2013.07.11 20:43:58 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2013.07.11 20:43:56 | 001,887,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2013.07.11 20:43:55 | 001,620,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2013.07.11 20:35:54 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013.07.06 14:20:39 | 000,000,000 | ---D | C] -- C:\Users\Ghost\AppData\Local\Opera Software
[2013.07.06 14:20:37 | 000,000,000 | ---D | C] -- C:\Users\Ghost\AppData\Roaming\Opera Software
[2013.06.25 20:08:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2013.06.25 01:25:19 | 000,000,000 | ---D | C] -- C:\Users\Ghost\AppData\Roaming\TuneUp Software
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2013.07.23 00:20:28 | 000,020,768 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.07.23 00:20:28 | 000,020,768 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.07.23 00:13:27 | 000,000,224 | ---- | M] () -- C:\Windows\tasks\AutoRearm.job
[2013.07.23 00:12:55 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.07.23 00:12:52 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
[2013.07.23 00:12:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.07.23 00:12:40 | 3220,824,064 | -HS- | M] () -- C:\hiberfil.sys
[2013.07.23 00:12:03 | 000,001,006 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.07.22 18:35:54 | 000,000,914 | ---- | M] () -- C:\Users\Ghost\Desktop\Malwarebytes Anti-Malware.lnk
[2013.07.22 12:10:00 | 000,666,633 | ---- | M] () -- C:\Users\Ghost\Desktop\adwcleaner.exe
[2013.07.22 12:08:47 | 000,171,135 | ---- | M] () -- C:\Users\Ghost\Desktop\3001-8022_4-10804572.html
[2013.07.22 11:55:17 | 000,000,512 | ---- | M] () -- C:\Users\Ghost\Desktop\MBR.dat
[2013.07.19 00:35:20 | 000,222,290 | ---- | M] () -- C:\Users\Ghost\Desktop\AVGInstLog.cab
[2013.07.18 23:27:52 | 000,001,137 | ---- | M] () -- C:\Users\Ghost\Desktop\asd.exe - Shortcut.lnk
[2013.07.18 22:44:17 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013.07.18 21:37:05 | 000,064,178 | ---- | M] () -- C:\Users\Ghost\Documents\cc_20130718_213659.reg
[2013.07.18 20:21:11 | 026,611,408 | ---- | M] (SUPERAntiSpyware.com) -- C:\Users\Ghost\Desktop\SUPERAntiSpyware.exe
[2013.07.18 20:03:00 | 017,737,608 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\Ghost\Desktop\install_flash_player.exe
[2013.07.17 23:00:12 | 101,083,484 | ---- | M] () -- C:\Users\Ghost\Desktop\DHBTPO.rar
[2013.07.17 22:42:20 | 048,537,823 | ---- | M] () -- C:\Users\Ghost\Desktop\LJD.rar
[2013.07.17 22:31:53 | 067,966,879 | ---- | M] () -- C:\Users\Ghost\Desktop\NTBD.rar
[2013.07.17 21:59:03 | 002,297,856 | ---- | M] () -- C:\Users\Ghost\Desktop\Baby_shower.indd
[2013.07.17 20:40:27 | 000,001,165 | ---- | M] () -- C:\Users\Ghost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013.07.16 10:00:58 | 005,199,576 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.07.13 15:55:40 | 000,357,077 | ---- | M] (Farbar) -- C:\Users\Ghost\Desktop\FSS.exe
[2013.07.12 02:11:07 | 001,367,650 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.07.12 02:11:07 | 000,652,166 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.07.12 02:11:07 | 000,479,386 | ---- | M] () -- C:\Windows\SysNative\perfh00B.dat
[2013.07.12 02:11:07 | 000,121,098 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.07.12 02:11:07 | 000,100,162 | ---- | M] () -- C:\Windows\SysNative\perfc00B.dat
[2013.07.01 20:58:48 | 000,003,716 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
[2013.07.01 20:58:21 | 000,045,856 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2013.06.30 19:39:52 | 000,002,070 | ---- | M] () -- C:\Users\Ghost\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk
[2013.06.25 00:58:24 | 000,173,429 | ---- | M] () -- C:\Users\Ghost\Desktop\Threadless_130624.pdf
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ========== [2013.07.22 18:37:53 | 000,662,016 | ---- | C] () -- C:\Users\Ghost\Desktop\MicrosoftFixit50531.msi
[2013.07.22 18:35:54 | 000,000,914 | ---- | C] () -- C:\Users\Ghost\Desktop\Malwarebytes Anti-Malware.lnk
[2013.07.22 12:22:28 | 000,061,440 | ---- | C] ( ) -- C:\Users\Ghost\Desktop\VEW.exe
[2013.07.22 12:18:01 | 004,009,167 | ---- | C] () -- C:\Users\Ghost\Desktop\ServicesRepair.exe
[2013.07.22 12:10:02 | 000,666,633 | ---- | C] () -- C:\Users\Ghost\Desktop\adwcleaner.exe
[2013.07.22 12:08:58 | 000,171,135 | ---- | C] () -- C:\Users\Ghost\Desktop\3001-8022_4-10804572.html
[2013.07.22 11:55:17 | 000,000,512 | ---- | C] () -- C:\Users\Ghost\Desktop\MBR.dat
[2013.07.19 00:35:20 | 000,222,290 | ---- | C] () -- C:\Users\Ghost\Desktop\AVGInstLog.cab
[2013.07.18 23:27:52 | 000,001,137 | ---- | C] () -- C:\Users\Ghost\Desktop\asd.exe - Shortcut.lnk
[2013.07.18 21:37:03 | 000,064,178 | ---- | C] () -- C:\Users\Ghost\Documents\cc_20130718_213659.reg
[2013.07.17 22:28:17 | 067,966,879 | ---- | C] () -- C:\Users\Ghost\Desktop\NTBD.rar
[2013.07.17 22:27:03 | 101,083,484 | ---- | C] () -- C:\Users\Ghost\Desktop\DHBTPO.rar
[2013.07.17 22:25:43 | 048,537,823 | ---- | C] () -- C:\Users\Ghost\Desktop\LJD.rar
[2013.07.17 21:58:58 | 002,297,856 | ---- | C] () -- C:\Users\Ghost\Desktop\Baby_shower.indd
[2013.07.17 20:40:27 | 000,001,165 | ---- | C] () -- C:\Users\Ghost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013.06.25 00:58:24 | 000,173,429 | ---- | C] () -- C:\Users\Ghost\Desktop\Threadless_130624.pdf
[2013.05.21 13:54:43 | 000,003,716 | ---- | C] () -- C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
[2013.02.15 17:20:04 | 001,325,198 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.02.15 12:56:11 | 000,000,132 | ---- | C] () -- C:\Users\Ghost\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012.07.21 09:40:05 | 000,001,456 | ---- | C] () -- C:\Users\Ghost\AppData\Local\Adobe Save for Web 12.0 Prefs
[2012.06.24 21:29:42 | 000,925,184 | ---- | C] () -- C:\Windows\expstart.exe
[2012.03.09 07:31:26 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.03.09 07:31:26 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.02.28 18:28:04 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe
[2012.01.31 07:00:24 | 000,016,896 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012.01.18 06:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2012.01.18 06:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2012.01.18 06:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2011.11.23 22:03:49 | 000,032,256 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2011.11.23 21:58:43 | 000,107,520 | RHS- | C] () -- C:\Windows\SysWow64\TAKDSDecoder.dll
[2011.11.02 08:50:27 | 000,001,556 | ---- | C] () -- C:\Users\Ghost\.davmail.properties
[2011.10.25 22:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll
[2011.09.13 01:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.09.06 19:55:55 | 000,335,872 | ---- | C] () -- C:\Windows\SetupX32.EXE
[2011.05.30 20:17:54 | 000,001,492 | ---- | C] () -- C:\ProgramData\ss.ini
[2011.05.17 20:03:05 | 000,114,688 | ---- | C] () -- C:\Users\Ghost\AppData\Roaming\fontdb.mdb
[2011.03.23 00:02:15 | 000,000,266 | ---- | C] () -- C:\Users\Ghost\AppData\Roaming\rftg
[2011.03.21 01:20:29 | 000,000,193 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
[2010.10.19 19:47:31 | 000,005,642 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010.09.09 23:55:23 | 000,007,603 | ---- | C] () -- C:\Users\Ghost\AppData\Local\Resmon.ResmonCfg
[2010.06.11 17:16:52 | 000,000,000 | ---- | C] () -- C:\Users\Ghost\AppData\Local\prvlcl.dat
[2010.06.01 05:02:35 | 000,008,192 | RHS- | C] () -- \BOOTSECT.BAK
[2010.06.01 05:02:34 | 000,383,786 | RHS- | C] () -- \bootmgr
[2010.05.31 18:11:07 | 000,203,836 | RHS- | C] () -- \grldr
[2010.05.31 18:11:07 | 000,000,000 | RHS- | C] () -- \winx.ld
[2010.05.31 18:03:42 | 3220,824,064 | -HS- | C] () -- \hiberfil.sys
[2007.11.07 08:12:28 | 000,232,960 | ---- | C] () -- \VC_RED.MSI
[2007.11.07 08:09:22 | 001,442,522 | ---- | C] () -- \VC_RED.cab
[2007.11.07 08:03:18 | 000,097,296 | ---- | C] () -- \install.res.1036.dll
[2007.11.07 08:03:18 | 000,096,272 | ---- | C] () -- \install.res.3082.dll
[2007.11.07 08:03:18 | 000,096,272 | ---- | C] () -- \install.res.1031.dll
[2007.11.07 08:03:18 | 000,095,248 | ---- | C] () -- \install.res.1040.dll
[2007.11.07 08:03:18 | 000,091,152 | ---- | C] () -- \install.res.1033.dll
[2007.11.07 08:03:18 | 000,081,424 | ---- | C] () -- \install.res.1041.dll
[2007.11.07 08:03:18 | 000,079,888 | ---- | C] () -- \install.res.1042.dll
[2007.11.07 08:03:18 | 000,076,304 | ---- | C] () -- \install.res.1028.dll
[2007.11.07 08:03:18 | 000,075,792 | ---- | C] () -- \install.res.2052.dll
[2007.11.07 08:00:40 | 000,005,686 | ---- | C] () -- \vcredist.bmp
[2007.11.07 08:00:40 | 000,001,110 | ---- | C] () -- \globdata.ini
[2007.11.07 08:00:40 | 000,000,843 | ---- | C] () -- \install.ini
========== ZeroAccess Check ========== [2009.07.14 07:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 08:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 07:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 04:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 15:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 04:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== Custom Scans ========== ========== Drive Information ========== Physical Drives
---------------
Error accessing drive info (0)
Error accessing drive info (0)
Partitions
---------------
Error accessing partition info (0)
Error accessing partition info (0)
< MD5 for: VBALSGRID6.OCX >[2011.06.01 10:16:56 | 000,496,976 | ---- | M] (vbAccelerator) MD5=BAA4DE42156350754976DD563D02CDE4 -- C:\Program Files\Malwarebytes' Anti-Malware\vbalsgrid6.ocx
< MD5 for: WUAUENG.DLL >[2010.11.20 16:27:32 | 002,420,736 | ---- | M] (Microsoft Corporation) MD5=9DF12EDBC698B0BC353B3EF84861E430 -- C:\Windows\winsxs\amd64_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.5.7601.17514_none_1f3413afc64d10c5\wuaueng.dll
[2012.06.03 01:19:43 | 002,428,952 | ---- | M] (Microsoft Corporation) MD5=D9EF901DCA379CFE914E9FA13B73B4C4 -- C:\Windows\winsxs\amd64_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.6.7600.256_none_d5f513f25190f276\wuaueng.dll
========== Files - Unicode (All) ==========[2011.12.18 13:48:12 | 000,004,314 | ---- | M] ()(C:\Users\Ghost\Documents\H??kuvat.mds) -- C:\Users\Ghost\Documents\H¦¦kuvat.mds
[2011.12.18 13:48:12 | 000,004,314 | ---- | C] ()(C:\Users\Ghost\Documents\H??kuvat.mds) -- C:\Users\Ghost\Documents\H¦¦kuvat.mds
[2011.12.18 13:48:11 | 2439,053,312 | ---- | M] ()(C:\Users\Ghost\Documents\H??kuvat.iso) -- C:\Users\Ghost\Documents\H¦¦kuvat.iso
[2011.12.18 13:45:00 | 2439,053,312 | ---- | C] ()(C:\Users\Ghost\Documents\H??kuvat.iso) -- C:\Users\Ghost\Documents\H¦¦kuvat.iso
< End of report >
OTL Extras logfile created on: 23.7.2013 0:22:02 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Ghost\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = )
Locale: 0000040b | Country: Suomi | Language: FIN | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 2,55 Gb Available Physical Memory | 63,83% Memory free
8,00 Gb Paging File | 6,27 Gb Available in Paging File | 78,42% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 151,46 Gb Total Space | 13,30 Gb Free Space | 8,78% Space Free | Partition Type: NTFS
Drive D: | 322,26 Gb Total Space | 14,06 Gb Free Space | 4,36% Space Free | Partition Type: NTFS
Drive E: | 122,44 Gb Total Space | 4,31 Gb Free Space | 3,52% Space Free | Partition Type: NTFS
Drive F: | 465,76 Gb Total Space | 12,90 Gb Free Space | 2,77% Space Free | Partition Type: NTFS
Computer Name: PC-GHOST | User Name: Ghost | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (All) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm[@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cpl[@ = cplfile] -- C:\Windows\SysNative\control.exe (Microsoft Corporation)
.hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta[@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.js[@ = jsfile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.jse[@ = JSEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.reg[@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.vbe[@ = VBEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.vbs[@ = VBSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsf[@ = WSFFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsh[@ = WSHFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = comfile] -- "%1" %*
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
.inf [@ = inffile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\SysWow64\rundll32.exe (Microsoft Corporation)
.js [@ = jsfile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\Windows\SysWow64\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Waterfox\waterfox.exe (Mozilla Corporation)
========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- D:\Ohjelmat\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "D:\Ohjelmat\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "D:\Ohjelmat\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "D:\Ohjelmat\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- D:\Ohjelmat\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "D:\Ohjelmat\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "D:\Ohjelmat\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "D:\Ohjelmat\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06CC555C-3C0C-436C-93DB-04F9F76D1C36}" = lport=7935 | protocol=6 | dir=in | name=adobe flash builder 4.5 |
"{0A70EC99-BEB9-4218-92A6-776F511DA93C}" = lport=57174 | protocol=17 | dir=in | name=pando media booster |
"{27563C54-340D-4262-A34A-1C1A079236A1}" = lport=67 | protocol=17 | dir=in | name=rtldhcp-port |
"{367FE8BF-00FF-4C90-BC50-5CD00B6EA122}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |
"{4191DCCA-516F-4E05-BCD4-AC94E46AFE8A}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{65F2905A-72AD-49F1-A84F-D273CE56225A}" = lport=1542 | protocol=17 | dir=in | name=realtek wps udp prot |
"{758A484D-F095-4505-AA9D-27B67749AC57}" = lport=57174 | protocol=6 | dir=in | name=pando media booster |
"{7DD10E04-D5CB-49DC-82BB-109E9946EBF9}" = lport=53 | protocol=17 | dir=in | name=realtek ap udp prot |
"{83F1A3EE-82BC-449A-B808-A868A80F9559}" = lport=3704 | protocol=6 | dir=in | name=adobe version cue cs4 server |
"{87DF290E-1A24-43EC-803D-4C919BCB83CE}" = lport=53 | protocol=17 | dir=in | name=rtldns-port-2 |
"{8B3C5C6A-F112-4B4D-96A8-8CF4613744E2}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{9524594B-6142-4502-805A-DDAA7D025C77}" = lport=3703 | protocol=6 | dir=in | name=adobe version cue cs4 server |
"{9D85C712-EB00-4302-BF2E-720CC74AA321}" = lport=53 | protocol=6 | dir=in | name=rtldns-port |
"{AE22A9D7-E312-4B98-914D-96CFE9F0A944}" = lport=57174 | protocol=6 | dir=in | name=pando media booster |
"{AFF98C5D-7CE8-492A-BF10-BC94E0F50C90}" = lport=68 | protocol=17 | dir=in | name=rtldhcp-port-2 |
"{C684B152-1C7F-4B56-8E0B-EDC774D1C1CA}" = lport=51000 | protocol=6 | dir=in | name=adobe version cue cs4 server |
"{E0780ECD-304B-4CD8-8701-EA53A80435F5}" = lport=1542 | protocol=6 | dir=in | name=realtek wps tcp prot |
"{E0EE8052-241B-412E-B6C6-E1DD5B10FF33}" = lport=51001 | protocol=6 | dir=in | name=adobe version cue cs4 server |
"{E97ED8BA-0E2E-4CA5-B470-32C3C9A83740}" = lport=57174 | protocol=17 | dir=in | name=pando media booster |
========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00838FBB-4128-4A5E-B989-9F4E50A2EDF3}" = protocol=17 | dir=in | app=d:\ohjelmat\steam\steamapps\common\machinarium demo\machinarium.exe |
"{00DDBAFE-536B-48D7-95A6-050E291EAE2E}" = protocol=17 | dir=in | app=c:\users\ghost\appdata\roaming\dropbox\bin\dropbox.exe |
"{051B2617-8123-4BB2-8709-C8E35AE13D26}" = protocol=6 | dir=in | app=c:\users\ghost\appdata\roaming\dropbox\bin\dropbox.exe |
"{094AD716-F39E-4D6E-98FD-0123BABC27C5}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{09ABA972-4575-47F3-A858-F964E8766703}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{0C099537-408E-4212-9496-16B1049CBE12}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe |
"{0E0CA6C0-D70D-459D-A559-2D553BE190C0}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{0E0F4078-2021-47DB-8E0F-CC6C125BEF19}" = protocol=17 | dir=in | app=d:\ohjelmat\steam\steamapps\common\homefront - dev diary 2\smp.exe |
"{0E8DB0E8-5887-46B5-BE05-08B61F0DABD2}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{0F1FBB60-06FB-4E7C-A1F7-F613875C3CCB}" = protocol=17 | dir=in | app=d:\ohjelmat\steam\steamapps\common\portal 2 teaser\smp.exe |
"{132DB705-FC2C-4E4B-8EBA-89D3EB816D2F}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{154AD296-8D34-4552-A6E2-DF6B131179B1}" = protocol=6 | dir=in | app=d:\ohjelmat\steam\steamapps\common\portal 2 teaser\smp.exe |
"{1D0E0CD0-F670-4E19-8A44-0BE1F383FDA8}" = protocol=17 | dir=in | app=d:\ohjelmat\utorrent\utorrent.exe |
"{1E3A81A7-CA1A-4647-B332-8BDA11F582CC}" = protocol=6 | dir=in | app=d:\ohjelmat\steam\steamapps\common\brink - teaser trailer\smp.exe |
"{24C7CB00-087A-4648-A88E-8A860E85F965}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe |
"{2C3AF0F5-C2C8-4674-AD8D-72859357B269}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe |
"{2C77B1C7-3A84-4A37-AED6-FBD2539958E3}" = dir=in | app=c:\program files\soluto\solutoupdateservice.exe |
"{2CD547DB-16F7-43C0-B5B1-AE939AD7EC71}" = protocol=6 | dir=in | app=d:\ohjelmat\steam\steamapps\common\portal 2 co-op trailer\smp.exe |
"{2DF622BD-C3FE-4A63-B760-83A1DF1FC562}" = protocol=6 | dir=in | app=d:\ohjelmat\adobe\adobe flash builder 4.5\flashbuilder.exe |
"{317028D7-D29F-4D2F-B751-F2772F2D28AD}" = protocol=17 | dir=in | app=d:\ohjelmat\steam\steamapps\ghoulone\source sdk base 2007\hl2.exe |
"{3BA204D8-0EE7-4319-AB8F-50D3E6AD928F}" = protocol=17 | dir=in | app=d:\ohjelmat\steam\steamapps\common\warhammer 40,000 space marine\spacemarine.exe |
"{4525E3F7-1350-44F9-B545-AFF47ECC1986}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\adobe\adobe version cue cs4\server\bin\versioncuecs4.exe |
"{453DD4BB-01EC-4C8E-8754-8671AEF234BB}" = dir=in | app=c:\program files\soluto\solutoservice.exe |
"{454D9169-8BC9-43EF-A520-8D26E7067F02}" = protocol=6 | dir=in | app=d:\ohjelmat\steam\steamapps\common\bastion demo\bastion.exe |
"{484F90B3-7594-4CFC-B2DD-06B5922D0F9E}" = dir=in | app=d:\ohjelmat\itunes\itunes.exe |
"{49A750B5-A094-494B-AE35-2C2EE25A0F30}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\adobe\adobe version cue cs4\server\bin\versioncuecs4.exe |
"{49BA3119-C81A-4AB8-8C93-F63A7D5F284C}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2updater.exe |
"{4AF77EDD-4E0E-437A-8757-BA0243D6D1C3}" = protocol=6 | dir=in | app=d:\ohjelmat\steam\steamapps\ghoulone\source sdk base 2007\hl2.exe |
"{4F08461C-48CD-4BB1-B65D-9FDA78298B89}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{4F1A7BD1-951A-47EF-9A28-FEFB80709E9D}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe |
"{5134357F-37BF-4805-A11F-171340B6774D}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{56B6313D-7309-4F51-9EAD-2C1BD510D61D}" = protocol=6 | dir=in | app=d:\ohjelmat\steam\steamapps\common\the undergarden\theundergarden.exe |
"{57ECF4DE-109E-4EEF-B4C6-9B6977B7DB93}" = protocol=6 | dir=in | app=d:\ohjelmat\steam\steamapps\common\alien swarm\swarm.exe |
"{6124EDB5-04E7-46AC-B354-DB8A928AC6A4}" = protocol=17 | dir=in | app=d:\ohjelmat\steam\steamapps\common\portal 2 co-op trailer\smp.exe |
"{6FC4426E-0ADC-4024-8AE9-E56FC37CE493}" = protocol=17 | dir=in | app=d:\ohjelmat\steam\steamapps\common\alien swarm\srcds.exe |
"{6FF52BB1-DA78-42E3-82D3-C913D3B9E0D0}" = protocol=17 | dir=in | app=d:\ohjelmat\adobe\adobe flash builder 4.5\flashbuilder.exe |
"{75A811D9-86B8-4CB3-BB59-2D2A4741B127}" = protocol=6 | dir=in | app=d:\ohjelmat\utorrent\utorrent.exe |
"{7668F4E6-0699-40AC-BFB8-AD6DA36CD472}" = protocol=17 | dir=in | app=d:\ohjelmat\steam\steamapps\common\nimbus\nimbus.exe |
"{78351D70-88F3-40C6-AAF3-D7E29A6AA8D4}" = protocol=17 | dir=in | app=d:\ohjelmat\steam\steamapps\common\the undergarden\theundergarden.exe |
"{7CD132D7-4D45-4164-A72B-3B66E95EDDA8}" = dir=in | app=c:\program files (x86)\realtek\11n usb wireless lan utility\rtldhcp.exe |
"{7E040714-C506-44AD-8618-585668A6F078}" = protocol=6 | dir=in | app=c:\program files (x86)\realtek\11n usb wireless lan utility\rtwlan.exe |
"{80D867EE-73AD-4E96-95AF-606D98DB5156}" = dir=in | app=c:\program files\soluto\soluto.exe |
"{8359F027-4CEC-4973-BD1E-17C364CFB3C5}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{85915FB6-9B66-456F-8936-9B2147DD00C2}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{85DF9D7B-8A32-479B-AB55-556845504162}" = protocol=17 | dir=in | app=c:\program files (x86)\mass effect\masseffectlauncher.exe |
"{8813CD25-99E7-4ACA-ABB8-5F2C18E5A464}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe |
"{898060F9-9DF4-4156-B131-B20AF02E06AF}" = dir=in | app=c:\program files\soluto\solutoconsole.exe |
"{8CB81D74-8BCC-43EB-AB7E-1C6F0F975EC9}" = protocol=6 | dir=in | app=d:\ohjelmat\steam\steamapps\common\machinarium demo\machinarium.exe |
"{8E2800D8-F88F-4A3A-8546-7E89EB074385}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{8F6A5ED9-4405-4F90-86CD-4335CFB40403}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgemca.exe |
"{92EF1CEE-1768-49AD-930D-BDA3EE7FF098}" = protocol=6 | dir=in | app=c:\program files (x86)\mass effect\binaries\masseffect.exe |
"{931168A0-101B-4CD9-A260-6FF14FAF75BC}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{93C2AEC8-2AC6-4C46-92D4-4528FF7B1A43}" = protocol=6 | dir=in | app=d:\ohjelmat\steam\steamapps\common\warhammer 40,000 space marine\spacemarine.exe |
"{9731D42A-AB7F-4570-BE22-FA40F7516CE3}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{9876CB94-5273-489F-9895-93B9F7C709EF}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{99EC7B45-2D2A-490F-A7FE-6FEEB177B81D}" = protocol=17 | dir=in | app=d:\ohjelmat\steam\steam.exe |
"{A8A4DBD4-8FBF-4A61-B7A5-8E9A278ED846}" = protocol=6 | dir=in | app=d:\ohjelmat\steam\steamapps\common\deus ex human revolution gameplay trailer\smp.exe |
"{ABA648A4-5FC3-402B-B99C-5FC3973DCB76}" = protocol=17 | dir=in | app=c:\program files (x86)\mass effect\binaries\masseffect.exe |
"{B1C99F76-7935-4AA5-A2DE-897CB5C9C760}" = protocol=6 | dir=in | app=c:\program files (x86)\mass effect\masseffectlauncher.exe |
"{B1F499DF-D4A2-4B39-A4D2-70A6A6E20752}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{B305EF28-9E7E-4D0E-BCB8-CE9A04F9EC1D}" = protocol=6 | dir=in | app=d:\ohjelmat\steam\steamapps\common\homefront - dev diary 2\smp.exe |
"{B744E4DE-8C82-4963-BB9F-D05C93852AFD}" = protocol=17 | dir=in | app=d:\ohjelmat\steam\steamapps\common\red faction armageddon trailer\smp.exe |
"{B9DB07BA-736B-4567-B5D6-42C98A8DC051}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgemca.exe |
"{C0E7516A-A643-4E6E-8FDC-CFBF918EFD5A}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2updater.exe |
"{C30DB6FA-65AE-42E9-96CF-BEE104060F9F}" = protocol=17 | dir=in | app=d:\ohjelmat\steam\steamapps\common\braid\braid.exe |
"{C529B113-FC0F-405A-A97D-D1C297873760}" = protocol=17 | dir=in | app=d:\ohjelmat\streamtorrent 1.0\streamtorrent.exe |
"{CE8F9BC7-8337-49D3-B915-4984D58CF0AC}" = protocol=17 | dir=in | app=d:\ohjelmat\steam\steamapps\common\deus ex human revolution gameplay trailer\smp.exe |
"{CF7C7306-647A-4ACE-8096-49824C98346A}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{CFACB63D-3F2B-4353-A78F-8AC88206E3D3}" = protocol=17 | dir=in | app=d:\ohjelmat\steam\steamapps\common\space marine\smp.exe |
"{D3C3C849-F815-40A7-B382-9D94F55729E9}" = protocol=6 | dir=in | app=d:\ohjelmat\steam\steamapps\common\alien swarm\srcds.exe |
"{D632879A-39B9-40B6-99F1-84366C2A77D1}" = protocol=6 | dir=in | app=d:\ohjelmat\steam\steamapps\common\red faction armageddon trailer\smp.exe |
"{D6E4027F-8E51-4512-A337-244A7A274871}" = protocol=6 | dir=in | app=d:\ohjelmat\streamtorrent 1.0\streamtorrent.exe |
"{DBFC8786-F4BC-472B-9AC0-2A13E12A5BCA}" = protocol=17 | dir=in | app=c:\program files (x86)\realtek\11n usb wireless lan utility\rtwlan.exe |
"{DFA59D44-E8E0-420F-BD0C-3AF2F820C940}" = protocol=6 | dir=in | app=d:\ohjelmat\steam\steamapps\common\space marine\smp.exe |
"{E4441AA5-B30A-42EA-B941-42BA2B9A80A4}" = protocol=17 | dir=in | app=d:\ohjelmat\steam\steamapps\common\bastion demo\bastion.exe |
"{F1FAB12F-9E6D-4249-8BB0-F48F722B0974}" = protocol=6 | dir=in | app=d:\ohjelmat\steam\steam.exe |
"{F2958A22-DFCA-42EE-98E8-05363F1F4B11}" = protocol=17 | dir=in | app=d:\ohjelmat\steam\steamapps\common\brink - teaser trailer\smp.exe |
"{F4A7FC6F-D6CE-41EB-83A8-A174DAD8A06B}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{F5B34EB2-3E7C-4B0C-8284-9271FC0A0201}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{F798A0C9-05D5-4BAC-A3E4-91F0FB03C4DA}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{F89FBA8D-F606-4BB4-9FD2-4543F5329334}" = dir=in | app=c:\program files\soluto\solutocleanup.exe |
"{FC4155BE-423B-4A38-B668-3A0EF30B0730}" = protocol=17 | dir=in | app=d:\ohjelmat\steam\steamapps\common\alien swarm\swarm.exe |
"{FC715B17-F79F-4715-B898-A3BD058F97B4}" = protocol=6 | dir=in | app=d:\ohjelmat\steam\steamapps\common\nimbus\nimbus.exe |
"{FDCD7243-76A5-4E82-9206-3726581576AB}" = protocol=6 | dir=in | app=d:\ohjelmat\steam\steamapps\common\braid\braid.exe |
"TCP Query User{04B32F37-E0B9-4738-B936-CB2C052760E8}D:\pelit\meteorentertainment\hawken\installedhawkenfiles\binaries\win32\hawkengame-win32-shipping.exe" = protocol=6 | dir=in | app=d:\pelit\meteorentertainment\hawken\installedhawkenfiles\binaries\win32\hawkengame-win32-shipping.exe |
"TCP Query User{1BB2142A-39DA-424F-ADAA-57913E6BF9DC}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
"TCP Query User{227ADC52-2516-48D4-9CC6-DABFD3AF1842}C:\program files (x86)\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
"TCP Query User{23CD3322-EDB7-4E4B-928D-821EB22D4167}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"TCP Query User{37921191-AEA0-43AD-B8C6-D39787A2114F}D:\ohjelmat\miranda im\miranda32.exe" = protocol=6 | dir=in | app=d:\ohjelmat\miranda im\miranda32.exe |
"TCP Query User{3D16CBCA-2141-40B0-BD92-83F9CFC8746C}D:\ohjelmat\miranda im\miranda32.exe" = protocol=6 | dir=in | app=d:\ohjelmat\miranda im\miranda32.exe |
"TCP Query User{57DA972D-E438-42BE-B353-D92A9D168024}D:\pelit\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=d:\pelit\world_of_tanks\wotlauncher.exe |
"TCP Query User{5ADF9970-4E07-46E6-BDD0-BD80D89D2BAD}D:\ohjelmat\miranda im\miranda64.exe" = protocol=6 | dir=in | app=d:\ohjelmat\miranda im\miranda64.exe |
"TCP Query User{647E04C0-617B-44FD-BBB2-D604D13D89E8}D:\ohjelmat\winamp\winamp.exe" = protocol=6 | dir=in | app=d:\ohjelmat\winamp\winamp.exe |
"TCP Query User{67BA863E-FF18-4841-B77B-9D376E5E91AE}D:\ohjelmat\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=d:\ohjelmat\sopcast\adv\sopadver.exe |
"TCP Query User{6E5BBDA9-2739-4105-AF33-9D470F7A3EBD}D:\pelit\meteorentertainment\hawken\installedhawkenfiles\binaries\win32\hawkengame-win32-shipping.exe" = protocol=6 | dir=in | app=d:\pelit\meteorentertainment\hawken\installedhawkenfiles\binaries\win32\hawkengame-win32-shipping.exe |
"TCP Query User{7824DFF4-C92E-4345-A5C4-274B3BDE5BB0}D:\ohjelmat\sopcast\sopcast.exe" = protocol=6 | dir=in | app=d:\ohjelmat\sopcast\sopcast.exe |
"TCP Query User{923BC80F-935B-4EEB-87B4-BDDC5CC0FED9}C:\users\public\sony online entertainment\installed games\planetside 2 psg\planetside2.exe" = protocol=6 | dir=in | app=c:\users\public\sony online entertainment\installed games\planetside 2 psg\planetside2.exe |
"TCP Query User{9D07418D-3E9D-4035-9F4B-00D56E9AAEEA}D:\pelit\magic workstation\mwsplay.exe" = protocol=6 | dir=in | app=d:\pelit\magic workstation\mwsplay.exe |
"TCP Query User{9DE40345-20F9-4ACE-BC71-94A50D7567EF}D:\ohjelmat\spotify\spotify.exe" = protocol=6 | dir=in | app=d:\ohjelmat\spotify\spotify.exe |
"TCP Query User{C3E5F13C-9B38-46CC-A2CD-346BDA4D8A96}C:\program files (x86)\streamtorrent 1.0\streamtorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\streamtorrent 1.0\streamtorrent.exe |
"TCP Query User{C83B0CE5-3318-4DF5-93C6-44AD4A93000E}C:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe |
"TCP Query User{C8AFE3DB-13D3-40D7-A5D8-E1455B08502C}D:\pelit\electronic arts\battlefield bad company 2\bfbc2game.exe" = protocol=6 | dir=in | app=d:\pelit\electronic arts\battlefield bad company 2\bfbc2game.exe |
"TCP Query User{D515D45B-B5DE-4B8E-8C0E-CF649991ACBE}D:\pelit\wings 2\bin\wings.exe" = protocol=6 | dir=in | app=d:\pelit\wings 2\bin\wings.exe |
"TCP Query User{DC1CB7E6-8BC5-49B0-B676-9231A568CBE2}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe |
"TCP Query User{E18B7829-295C-4269-B4A6-2DBFE0558D03}D:\pelit\activision\call of duty 4 - modern warfare\iw3mp.exe" = protocol=6 | dir=in | app=d:\pelit\activision\call of duty 4 - modern warfare\iw3mp.exe |
"TCP Query User{F35E2854-381C-4D8D-A3CB-807034FFBC67}C:\program files (x86)\mektek.net\mtx\mtx.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mektek.net\mtx\mtx.exe |
"TCP Query User{F934AA10-88D6-466D-848B-EA2DA2A26280}D:\pelit\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=d:\pelit\world_of_tanks\worldoftanks.exe |
"UDP Query User{04E25E59-E42B-4185-A473-08DC573FEF17}D:\pelit\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=d:\pelit\world_of_tanks\worldoftanks.exe |
"UDP Query User{0BB4E2A0-3908-40F9-B410-CA560EDD4563}D:\pelit\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=d:\pelit\world_of_tanks\wotlauncher.exe |
"UDP Query User{0EF1A7C6-8A0F-475F-BE3E-4113916FDF59}D:\pelit\magic workstation\mwsplay.exe" = protocol=17 | dir=in | app=d:\pelit\magic workstation\mwsplay.exe |
"UDP Query User{130DF8B3-CB7C-462D-9B0C-2A68D534FA49}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
"UDP Query User{1AB34845-40CE-4214-A2EE-F45A8F407DBF}C:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe |
"UDP Query User{209AB83A-089A-4C56-A85D-438A564131A9}D:\ohjelmat\miranda im\miranda64.exe" = protocol=17 | dir=in | app=d:\ohjelmat\miranda im\miranda64.exe |
"UDP Query User{2A04F2A5-1E57-43A7-B55E-B39CACF1A104}D:\pelit\activision\call of duty 4 - modern warfare\iw3mp.exe" = protocol=17 | dir=in | app=d:\pelit\activision\call of duty 4 - modern warfare\iw3mp.exe |
"UDP Query User{609C844D-497C-4D21-A035-C5500512E03E}D:\ohjelmat\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=d:\ohjelmat\sopcast\adv\sopadver.exe |
"UDP Query User{63F43DA4-49B6-4E59-A169-32A7ED6F82F8}C:\program files (x86)\mektek.net\mtx\mtx.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mektek.net\mtx\mtx.exe |
"UDP Query User{668D1C9C-7D6A-444C-B83B-A7967E30BD06}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe |
"UDP Query User{7B578158-51C4-4463-A2D5-A4DC4E1F163D}D:\ohjelmat\sopcast\sopcast.exe" = protocol=17 | dir=in | app=d:\ohjelmat\sopcast\sopcast.exe |
"UDP Query User{A213D92D-E3AA-4E6E-BFCF-D3D174E723B8}C:\program files (x86)\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
"UDP Query User{A5E9853B-41FA-4CDC-B18F-5ED07C88968F}C:\program files (x86)\streamtorrent 1.0\streamtorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\streamtorrent 1.0\streamtorrent.exe |
"UDP Query User{AD43633A-D31D-4076-9BAB-F8BF883F84AF}D:\pelit\wings 2\bin\wings.exe" = protocol=17 | dir=in | app=d:\pelit\wings 2\bin\wings.exe |
"UDP Query User{ADAB22D9-20BD-4F92-89B1-2B99ECC671A3}D:\pelit\meteorentertainment\hawken\installedhawkenfiles\binaries\win32\hawkengame-win32-shipping.exe" = protocol=17 | dir=in | app=d:\pelit\meteorentertainment\hawken\installedhawkenfiles\binaries\win32\hawkengame-win32-shipping.exe |
"UDP Query User{B71645CA-0944-4B07-A211-DE7FA7523C0C}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"UDP Query User{CCC2E477-4A44-4412-BC3D-84B0FFD4E097}D:\ohjelmat\winamp\winamp.exe" = protocol=17 | dir=in | app=d:\ohjelmat\winamp\winamp.exe |
"UDP Query User{CF24B148-EE8E-4444-A16A-D7D46CF20083}D:\ohjelmat\miranda im\miranda32.exe" = protocol=17 | dir=in | app=d:\ohjelmat\miranda im\miranda32.exe |
"UDP Query User{D1610428-648E-48B9-8A04-6A9F7503B2F1}D:\ohjelmat\miranda im\miranda32.exe" = protocol=17 | dir=in | app=d:\ohjelmat\miranda im\miranda32.exe |
"UDP Query User{D4FE3F32-D846-4712-8313-8C6527CE5D71}D:\pelit\meteorentertainment\hawken\installedhawkenfiles\binaries\win32\hawkengame-win32-shipping.exe" = protocol=17 | dir=in | app=d:\pelit\meteorentertainment\hawken\installedhawkenfiles\binaries\win32\hawkengame-win32-shipping.exe |
"UDP Query User{E07113BF-6472-4124-9ABE-4483B08BCB6B}D:\pelit\electronic arts\battlefield bad company 2\bfbc2game.exe" = protocol=17 | dir=in | app=d:\pelit\electronic arts\battlefield bad company 2\bfbc2game.exe |
"UDP Query User{EAF84206-B1A1-4523-B032-27B7DFA5FD89}D:\ohjelmat\spotify\spotify.exe" = protocol=17 | dir=in | app=d:\ohjelmat\spotify\spotify.exe |
"UDP Query User{FDB2711D-6977-4AE0-A3F9-D3BCCED3B24C}C:\users\public\sony online entertainment\installed games\planetside 2 psg\planetside2.exe" = protocol=17 | dir=in | app=c:\users\public\sony online entertainment\installed games\planetside 2 psg\planetside2.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{08347912-0AA5-C85E-BC02-416568E741B4}" = AMD Drag and Drop Transcoding
"{0E543634-7E25-4B8F-8D5B-97880E5E5088}" = Bonjour
"{129C5584-DB98-4A98-B28F-299C45E1E355}" = Microsoft Camera Codec Pack
"{1444D2EE-C7AD-44A8-844F-2634B49353D1}" = Logitech Gaming Software 5.10
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64
"{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1" = Media Player Classic - Home Cinema v1.4.2499.0 x64
"{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{36E47D1C-2AD0-429C-8C1A-91A23C949B54}" = Soluto
"{3987279A-3504-2916-D063-741B910F0747}" = AMD Accelerated Video Transcoding
"{439760BC-7737-4386-9B1D-A90A3E8A22EA}" = Apple Mobile Device Support
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{46DA7FD9-8BC1-7BA8-98D1-27F46647871B}" = AMD Catalyst Install Manager
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{4E82E2E9-668B-4F8A-814A-78E163FCDBCD}" = IconHandler 64 bit
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{63CE6C32-1EB3-4C51-89FC-9FD96A661A9C}" = AMD Media Foundation Decoders
"{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64
"{66C10F29-31F0-4A9B-B2CF-465F488AE086}" = CorelDRAW Graphics Suite X5 - Windows Shell Extension 64 Bit
"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7F05E704-30A6-421A-97A7-8EEB1C7FF011}" = Corel Shell Extension - 64Bit
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64
"{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4
"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0409-1000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-1000-0000000FF1CE}_Office14.PROPLUS_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-1000-0000000FF1CE}_Office14.PROPLUS_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-1000-0000000FF1CE}_Office14.PROPLUS_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-1000-0000000FF1CE}_Office14.PROPLUS_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-1000-0000000FF1CE}_Office14.PROPLUS_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-1000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-1000-0000000FF1CE}_Office14.PROPLUS_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUS_{0242505C-4E90-407F-9299-B5B275F50D86}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-1000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUS_{B51389C8-2890-4633-81D8-47D2A7402274}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-1000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-1000-0000000FF1CE}_Office14.PROPLUS_{1779650B-2E44-4A19-8DF6-3866D645764A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-1000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-1000-0000000FF1CE}_Office14.PROPLUS_{270CA0B9-9881-44DB-BC3B-37C7E66A044A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0409-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (English) 2010
"{90140000-0043-0409-1000-0000000FF1CE}_Office14.PROPLUS_{FCD1C311-8B02-4DBD-BA46-1079C629577E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0409-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-0044-0409-1000-0000000FF1CE}_Office14.PROPLUS_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-1000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-1000-0000000FF1CE}_Office14.PROPLUS_{516CA4A9-98E6-4F77-A863-CBD8487368E4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-1000-0000000FF1CE}_Office14.PROPLUS_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0409-1000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-00BA-0409-1000-0000000FF1CE}_Office14.PROPLUS_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-1000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-1000-0000000FF1CE}_Office14.PROPLUS_{516CA4A9-98E6-4F77-A863-CBD8487368E4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-1000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-1000-0000000FF1CE}_Office14.PROPLUS_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4
"{90BF0360-A1DB-4599-A643-95AB90A52C1E}" = Microsoft_VC90_MFCLOC_x86_x64
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{987FE247-4E69-4A2E-A961-D14F901FDBF6}" = Logitech Webcam Software
"{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{AA72DFB8-BA38-49C9-B5A4-A95FD62641F8}" = BOINC
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B37A99DD-88E2-4ED0-80B4-1E054AB354BF}" = Adobe InDesign CS4 Icon Handler x64
"{BCF07271-A853-4D3A-B668-4B752174CAA8}" = iTunes
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)
"{D759947B-8C5A-4480-B0DB-FC391F061C85}" = Adobe Photoshop Lightroom 4.3 64-bit
"{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FD7DEB7B-8CEA-44E5-AB2D-7C66786C0563}" = Waterfox
"62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F" = Windows Driver Package - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Autopano Giga" = Autopano Giga
"CCleaner" = CCleaner
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.58
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"lvdrivers_12.10" = Logitech Webcam Software Driver Package
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"SP6" = Logitech SetPoint 6.15
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Chromium" = Chromium
"Dropbox" = Dropbox
"Hawken" = Hawken
"Limbo" = LIMBO
"SOE-C:/Users/Public/Sony Online Entertainment/Installed Games/PlanetSide 2 PSG" = gamelauncher-ps2-psg
"soe-PlanetSide 2 PSG" = PlanetSide 2
"Spotify" = Spotify
"UnityWebPlayer" = Unity Web Player
"Winamp Detect" = Winamp Detector Plug-in
========== Last 20 Event Log Errors ========== [ Application Events ]
Error - 22.7.2013 17:19:25 | Computer Name = PC-Ghost | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <
http://ctldl.windows...uthrootstl.cab> with error: The keyset is not defined. .
Error - 22.7.2013 17:19:27 | Computer Name = PC-Ghost | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <
http://ctldl.windows...uthrootstl.cab> with error: The keyset is not defined. .
Error - 22.7.2013 17:19:27 | Computer Name = PC-Ghost | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <
http://ctldl.windows...uthrootstl.cab> with error: The keyset is not defined. .
Error - 22.7.2013 17:19:27 | Computer Name = PC-Ghost | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <
http://ctldl.windows...uthrootstl.cab> with error: The keyset is not defined. .
Error - 22.7.2013 17:20:16 | Computer Name = PC-Ghost | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <
http://ctldl.windows...uthrootstl.cab> with error: The keyset is not defined. .
Error - 22.7.2013 17:20:16 | Computer Name = PC-Ghost | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <
http://ctldl.windows...uthrootstl.cab> with error: The keyset is not defined. .
Error - 22.7.2013 17:20:16 | Computer Name = PC-Ghost | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <
http://ctldl.windows...uthrootstl.cab> with error: The keyset is not defined. .
Error - 22.7.2013 17:24:23 | Computer Name = PC-Ghost | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <
http://ctldl.windows...uthrootstl.cab> with error: The keyset is not defined. .
Error - 22.7.2013 17:24:24 | Computer Name = PC-Ghost | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <
http://ctldl.windows...uthrootstl.cab> with error: The keyset is not defined. .
Error - 22.7.2013 17:24:24 | Computer Name = PC-Ghost | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <
http://ctldl.windows...uthrootstl.cab> with error: The keyset is not defined. .
[ System Events ]
Error - 22.7.2013 17:19:13 | Computer Name = PC-Ghost | Source = atapi | ID = 262155
Description = The driver detected a controller error on \Device\Ide\IdePort1.
Error - 22.7.2013 17:19:20 | Computer Name = PC-Ghost | Source = WMPNetworkSvc | ID = 866293
Description =
Error - 22.7.2013 17:22:49 | Computer Name = PC-Ghost | Source = atapi | ID = 262155
Description = The driver detected a controller error on \Device\Ide\IdePort1.
Error - 22.7.2013 17:25:07 | Computer Name = PC-Ghost | Source = atapi | ID = 262155
Description = The driver detected a controller error on \Device\Ide\IdePort1.
Error - 22.7.2013 17:26:30 | Computer Name = PC-Ghost | Source = atapi | ID = 262155
Description = The driver detected a controller error on \Device\Ide\IdePort1.
Error - 22.7.2013 17:27:28 | Computer Name = PC-Ghost | Source = atapi | ID = 262155
Description = The driver detected a controller error on \Device\Ide\IdePort1.
Error - 22.7.2013 17:27:53 | Computer Name = PC-Ghost | Source = DCOM | ID = 10010
Description =
Error - 22.7.2013 17:29:24 | Computer Name = PC-Ghost | Source = atapi | ID = 262155
Description = The driver detected a controller error on \Device\Ide\IdePort1.
Error - 22.7.2013 17:30:28 | Computer Name = PC-Ghost | Source = atapi | ID = 262155
Description = The driver detected a controller error on \Device\Ide\IdePort1.
Error - 22.7.2013 17:31:10 | Computer Name = PC-Ghost | Source = atapi | ID = 262155
Description = The driver detected a controller error on \Device\Ide\IdePort1.
< End of report >