1. Tämä sivusto käyttää keksejä (cookie). Jatkamalla sivuston käyttämistä hyväksyt keksien käyttämisen. Lue lisää.

OTL Logi

Viestiketju Virukset ja haittaohjelmat - HijackThis -logit -osiossa. Ketjun avasi Hospitality 08.09.2014.

  1. Hospitality

    Hospitality Member

    Liittynyt:
    04.05.2013
    Viestejä:
    7
    Kiitokset:
    0
    Pisteet:
    11
    Alkuperäinen viestiketju josta mut ohjattiin tänne: http://keskustelu.afterdawn.com/threads/tietokone-hidastui-yllättäen.750593/#post-5022352

    OTL logfile created on: 8.9.2014 18:07:42 - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\J Seeve\Downloads
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.11.9600.17239)
    Locale: 0000040B | Country: Suomi | Language: FIN | Date Format: d.M.yyyy

    5,91 Gb Total Physical Memory | 3,30 Gb Available Physical Memory | 55,84% Memory free
    11,82 Gb Paging File | 8,91 Gb Available in Paging File | 75,35% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 200,00 Gb Total Space | 103,89 Gb Free Space | 51,94% Space Free | Partition Type: NTFS
    Drive D: | 240,66 Gb Total Space | 238,00 Gb Free Space | 98,90% Space Free | Partition Type: NTFS
    Drive F: | 33,72 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

    Computer Name: JSEEVE-PC | User Name: J Seeve | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

    ========== Processes (SafeList) ==========

    PRC - [2014.09.08 18:06:06 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\J Seeve\Downloads\OTL.exe
    PRC - [2014.08.30 05:49:43 | 000,852,808 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    PRC - [2014.08.29 23:16:47 | 001,245,752 | ---- | M] (Spotify Ltd) -- C:\Users\J Seeve\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
    PRC - [2014.07.28 17:36:01 | 000,655,712 | ---- | M] () -- C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
    PRC - [2014.07.28 17:36:01 | 000,514,048 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\Mobile Partner.exe
    PRC - [2014.07.14 18:21:46 | 001,390,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
    PRC - [2014.07.14 18:21:06 | 001,767,520 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
    PRC - [2014.06.17 11:47:44 | 001,229,864 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\fssm32.exe
    PRC - [2014.06.17 11:47:44 | 000,681,000 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\fsgk32.exe
    PRC - [2014.06.14 00:13:01 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
    PRC - [2014.05.30 02:28:21 | 002,350,880 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
    PRC - [2014.05.30 02:23:57 | 001,631,008 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    PRC - [2014.05.13 14:29:30 | 003,814,736 | ---- | M] (LogMeIn Inc.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
    PRC - [2014.02.28 18:17:48 | 000,310,312 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE
    PRC - [2014.02.28 18:17:48 | 000,216,104 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE
    PRC - [2014.02.19 13:56:20 | 000,187,432 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\F-Secure\fshoster32.exe
    PRC - [2013.10.23 03:02:32 | 000,414,496 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    PRC - [2013.06.10 11:09:26 | 000,060,352 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\F-Secure\apps\CCF_Reputation\fsorsp.exe
    PRC - [2011.10.04 22:14:10 | 000,082,944 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
    PRC - [2011.10.04 22:14:06 | 000,155,648 | ---- | M] (ASUSTeK) -- C:\Windows\SysWOW64\ACEngSvr.exe
    PRC - [2011.09.13 23:33:14 | 002,317,312 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
    PRC - [2011.09.01 01:33:32 | 001,545,856 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
    PRC - [2011.05.20 21:01:06 | 000,166,528 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
    PRC - [2011.04.08 07:26:24 | 000,045,448 | ---- | M] () -- C:\ExpressGateUtil\VAWinAgent.exe
    PRC - [2011.03.31 00:01:10 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
    PRC - [2011.03.26 03:55:16 | 000,091,464 | ---- | M] () -- C:\ExpressGateUtil\VAWinService.exe
    PRC - [2011.03.14 18:27:28 | 000,236,384 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe
    PRC - [2011.02.25 21:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
    PRC - [2010.12.09 02:04:20 | 000,965,728 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
    PRC - [2010.11.15 20:42:12 | 000,305,792 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
    PRC - [2010.10.08 00:05:14 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
    PRC - [2010.08.20 19:57:06 | 000,107,816 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
    PRC - [2010.08.18 00:55:42 | 005,732,992 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
    PRC - [2010.07.10 08:45:00 | 000,984,400 | ---- | M] (Virage Logic Corporation / Sonic Focus) -- C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe
    PRC - [2009.12.15 20:39:38 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
    PRC - [2009.06.19 20:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
    PRC - [2009.06.19 20:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
    PRC - [2009.06.16 03:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
    PRC - [2008.12.23 03:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
    PRC - [2008.08.14 07:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe


    ========== Modules (No Company Name) ==========

    MOD - [2014.08.30 05:49:41 | 000,331,592 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\ppgooglenaclpluginchrome.dll
    MOD - [2014.08.30 05:49:40 | 014,669,128 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\PepperFlash\pepflashplayer.dll
    MOD - [2014.08.30 05:49:38 | 008,577,864 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\pdf.dll
    MOD - [2014.08.30 05:49:33 | 001,098,056 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\libglesv2.dll
    MOD - [2014.08.30 05:49:31 | 000,174,408 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\libegl.dll
    MOD - [2014.08.30 05:49:30 | 001,660,232 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\ffmpegsumo.dll
    MOD - [2014.08.15 15:53:59 | 000,368,128 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\5f84d68f3b54a3ab666cf32dcb302953\PresentationFramework.Aero.ni.dll
    MOD - [2014.08.15 15:53:26 | 014,340,096 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\855afb5f0125f87f5a5d1129d62e4e54\PresentationFramework.ni.dll
    MOD - [2014.08.15 15:53:10 | 012,436,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\434e3a5de2f98ed740aac2b24c6d0890\System.Windows.Forms.ni.dll
    MOD - [2014.08.15 15:53:03 | 001,593,344 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\bce52f0521c930a2e305badb3ea07128\System.Drawing.ni.dll
    MOD - [2014.08.15 15:52:56 | 012,238,336 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\070661c7b5e651d973e3ba555a7a67bc\PresentationCore.ni.dll
    MOD - [2014.08.15 15:52:47 | 003,348,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\4aa535ef604745958a236cfbbbbf6297\WindowsBase.ni.dll
    MOD - [2014.08.15 15:52:40 | 005,464,064 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\abca6deea510151b5d8e51bdabd17bea\System.Xml.ni.dll
    MOD - [2014.08.15 15:52:32 | 000,978,432 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bce5e2af0775efc3c91ba62d5d26fb39\System.Configuration.ni.dll
    MOD - [2014.08.15 15:52:30 | 007,989,760 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\2ee90c95adb50b0e75b814fcb9d87f8e\System.ni.dll
    MOD - [2014.08.15 15:52:18 | 011,499,520 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\f8be9e33457f57805b4068f90099e428\mscorlib.ni.dll
    MOD - [2014.07.28 17:36:04 | 000,827,392 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\SMSUIPlugin.dll
    MOD - [2014.07.28 17:36:04 | 000,309,760 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\StatusBarMgrPlugin.dll
    MOD - [2014.07.28 17:36:04 | 000,217,600 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\SmsSrvPlugin.dll
    MOD - [2014.07.28 17:36:04 | 000,210,944 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\ToolBarMgrPlugin.dll
    MOD - [2014.07.28 17:36:04 | 000,184,832 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\XFramePlugin.dll
    MOD - [2014.07.28 17:36:04 | 000,161,792 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\XCodec.dll
    MOD - [2014.07.28 17:36:04 | 000,156,672 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\STKSrvPlugin.dll
    MOD - [2014.07.28 17:36:04 | 000,142,336 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\USSDSrvPlugin.dll
    MOD - [2014.07.28 17:36:04 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\Trace.dll
    MOD - [2014.07.28 17:36:04 | 000,114,688 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\Win7Support.dll
    MOD - [2014.07.28 17:36:03 | 009,515,520 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\QtGui4.dll
    MOD - [2014.07.28 17:36:03 | 001,148,416 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\QtNetwork4.dll
    MOD - [2014.07.28 17:36:03 | 000,670,720 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\SmsAppPlugin.dll
    MOD - [2014.07.28 17:36:03 | 000,398,336 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\QtXml4.dll
    MOD - [2014.07.28 17:36:03 | 000,370,176 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\plugins\imageformats\qtiff4.dll
    MOD - [2014.07.28 17:36:03 | 000,264,192 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\sdk.dll
    MOD - [2014.07.28 17:36:02 | 002,415,104 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\QtCore4.dll
    MOD - [2014.07.28 17:36:02 | 001,101,824 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\NDISAPI.dll
    MOD - [2014.07.28 17:36:02 | 000,693,760 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\LiveUpdateInterface.dll
    MOD - [2014.07.28 17:36:02 | 000,545,280 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\PluginContainer.dll
    MOD - [2014.07.28 17:36:02 | 000,539,648 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\DeviceMgrUIPlugin.dll
    MOD - [2014.07.28 17:36:02 | 000,486,400 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\NetInfoUIExPlugin.dll
    MOD - [2014.07.28 17:36:02 | 000,441,344 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\DialupUIPlugin.dll
    MOD - [2014.07.28 17:36:02 | 000,430,592 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\core.dll
    MOD - [2014.07.28 17:36:02 | 000,382,464 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\Proxy.dll
    MOD - [2014.07.28 17:36:02 | 000,350,720 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\plugins\imageformats\qmng4.dll
    MOD - [2014.07.28 17:36:02 | 000,339,968 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\DeviceAppPlugin.dll
    MOD - [2014.07.28 17:36:02 | 000,335,360 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\NetConnectPlugin.dll
    MOD - [2014.07.28 17:36:02 | 000,304,128 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\DeviceSrvPlugin.dll
    MOD - [2014.07.28 17:36:02 | 000,297,472 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\MenuMgrPlugin.dll
    MOD - [2014.07.28 17:36:02 | 000,278,528 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\NetInfoSrvPlugin.dll
    MOD - [2014.07.28 17:36:02 | 000,238,592 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\NetSrvPlugin.dll
    MOD - [2014.07.28 17:36:02 | 000,218,112 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\Common.dll
    MOD - [2014.07.28 17:36:02 | 000,211,968 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\DialUpPlugin.dll
    MOD - [2014.07.28 17:36:02 | 000,192,000 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\plugins\imageformats\qjpeg4.dll
    MOD - [2014.07.28 17:36:02 | 000,180,736 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\NDISPlugin.dll
    MOD - [2014.07.28 17:36:02 | 000,176,128 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\CallSrvPlugin.dll
    MOD - [2014.07.28 17:36:02 | 000,158,720 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\NetConnectSrvPlugin.dll
    MOD - [2014.07.28 17:36:02 | 000,157,184 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\DataServicePlugin.dll
    MOD - [2014.07.28 17:36:02 | 000,133,120 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\OSDialup.dll
    MOD - [2014.07.28 17:36:02 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\OSNDIS.dll
    MOD - [2014.07.28 17:36:02 | 000,117,760 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\LayoutPlugin.dll
    MOD - [2014.07.28 17:36:02 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\OSAdapt.dll
    MOD - [2014.07.28 17:36:02 | 000,093,184 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\NotifyServicePlugin.dll
    MOD - [2014.07.28 17:36:02 | 000,082,944 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\plugins\imageformats\qgif4.dll
    MOD - [2014.07.28 17:36:02 | 000,081,920 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\plugins\imageformats\qico4.dll
    MOD - [2014.07.28 17:36:02 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\OSPowerMgr.dll
    MOD - [2014.07.28 17:36:02 | 000,062,976 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\OSCall.dll
    MOD - [2014.07.28 17:36:02 | 000,043,008 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\libgcc_s_dw2-1.dll
    MOD - [2014.07.28 17:36:02 | 000,011,362 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\mingwm10.dll
    MOD - [2014.07.28 17:36:01 | 001,078,272 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\AddrBookPlugin.dll
    MOD - [2014.07.28 17:36:01 | 000,771,584 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\AddrBookUIPlugin.dll
    MOD - [2014.07.28 17:36:01 | 000,547,840 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\CallLogSrvPlugin.dll
    MOD - [2014.07.28 17:36:01 | 000,514,048 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\Mobile Partner.exe
    MOD - [2014.07.28 17:36:01 | 000,264,704 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\AddrBookSrvPlugin.dll
    MOD - [2014.07.28 17:36:01 | 000,238,080 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\AtCodec.dll
    MOD - [2014.07.28 17:36:01 | 000,182,272 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\CallAppPlugin.dll
    MOD - [2014.07.28 17:36:01 | 000,123,392 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\ATR2SMgr.dll
    MOD - [2014.06.17 11:42:36 | 000,592,936 | ---- | M] () -- C:\Windows\winsxs\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.482.79_none_b59ec33311fcd586\QtMultimediaKit1.dll
    MOD - [2014.02.28 18:17:48 | 000,056,360 | ---- | M] () -- C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\FSGUI\fsavures.eng
    MOD - [2013.12.10 08:13:08 | 000,013,088 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll
    MOD - [2011.10.04 22:14:06 | 000,009,216 | ---- | M] () -- C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
    MOD - [2011.09.13 23:33:14 | 001,163,264 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll
    MOD - [2011.09.01 01:33:32 | 000,208,384 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\alvupdt.dll
    MOD - [2011.04.08 07:26:24 | 000,045,448 | ---- | M] () -- C:\ExpressGateUtil\VAWinAgent.exe
    MOD - [2011.02.19 06:58:44 | 000,237,568 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_fi_31bf3856ad364e35\PresentationFramework.resources.dll
    MOD - [2011.01.18 23:21:56 | 000,204,800 | ---- | M] () -- C:\Program Files (x86)\ASUS\VirtualCamera\virtualCamera.ax
    MOD - [2010.11.13 05:02:52 | 000,299,008 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fi_b77a5c561934e089\mscorlib.resources.dll
    MOD - [2010.08.20 19:57:06 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
    MOD - [2010.08.20 19:57:00 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll


    ========== Services (SafeList) ==========

    SRV:64bit: - [2014.07.25 16:00:25 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
    SRV:64bit: - [2014.05.30 02:20:09 | 021,055,432 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
    SRV:64bit: - [2013.05.27 08:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
    SRV:64bit: - [2011.09.15 18:41:28 | 001,518,352 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
    SRV:64bit: - [2011.09.15 18:28:06 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
    SRV:64bit: - [2011.09.15 18:24:52 | 000,844,560 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
    SRV:64bit: - [2011.08.05 12:53:12 | 000,467,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
    SRV:64bit: - [2011.08.05 12:53:12 | 000,306,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\WMZuneComm.exe -- (WMZuneComm)
    SRV:64bit: - [2011.08.05 12:53:06 | 008,277,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
    SRV:64bit: - [2011.03.04 02:57:58 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
    SRV:64bit: - [2010.09.23 05:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
    SRV:64bit: - [2010.04.17 02:07:42 | 000,134,928 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
    SRV - [2014.08.28 14:48:02 | 000,833,728 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
    SRV - [2014.07.28 17:36:01 | 000,655,712 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe -- (Mobile Partner. RunOuc)
    SRV - [2014.07.14 18:21:46 | 001,390,176 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)
    SRV - [2014.07.14 18:21:06 | 001,767,520 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)
    SRV - [2014.05.30 02:23:57 | 001,631,008 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
    SRV - [2014.05.13 14:29:26 | 002,228,048 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
    SRV - [2014.04.15 16:07:54 | 000,377,616 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe -- (LMIGuardianSvc)
    SRV - [2014.04.03 20:21:48 | 000,315,008 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
    SRV - [2014.03.21 01:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
    SRV - [2014.02.28 18:17:48 | 000,216,104 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE -- (FSMA)
    SRV - [2014.02.19 13:56:20 | 000,187,432 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files (x86)\F-Secure\fshoster32.exe -- (fshoster)
    SRV - [2014.01.29 23:02:44 | 000,279,000 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
    SRV - [2013.10.23 03:02:32 | 000,414,496 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
    SRV - [2013.09.11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
    SRV - [2013.06.10 11:09:26 | 000,060,352 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files (x86)\F-Secure\apps\CCF_Reputation\fsorsp.exe -- (FSORSPClient)
    SRV - [2011.03.26 03:55:16 | 000,091,464 | ---- | M] () [Auto | Running] -- C:\ExpressGateUtil\VAWinService.exe -- (VideAceWindowsService)
    SRV - [2011.03.14 18:27:34 | 000,346,976 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\HWDeviceService64.exe -- (HWDeviceService64.exe)
    SRV - [2011.03.02 08:23:36 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
    SRV - [2011.02.25 21:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
    SRV - [2009.12.15 20:39:38 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
    SRV - [2009.06.16 03:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)


    ========== Driver Services (SafeList) ==========

    DRV:64bit: - [2014.08.31 17:56:44 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
    DRV:64bit: - [2014.07.28 17:36:04 | 000,421,888 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ewusbwwan.sys -- (ewusbmbb)
    DRV:64bit: - [2014.07.28 17:36:04 | 000,223,232 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
    DRV:64bit: - [2014.07.28 17:36:04 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
    DRV:64bit: - [2014.07.28 17:36:04 | 000,087,040 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jubusenum.sys -- (huawei_enumerator)
    DRV:64bit: - [2014.07.28 17:36:04 | 000,013,952 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter)
    DRV:64bit: - [2014.06.17 11:45:19 | 000,056,016 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fsbts.sys -- (fsbts)
    DRV:64bit: - [2014.05.30 02:20:09 | 000,020,256 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
    DRV:64bit: - [2014.03.31 19:42:44 | 000,040,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
    DRV:64bit: - [2014.01.29 23:02:28 | 005,363,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
    DRV:64bit: - [2013.12.10 08:13:16 | 000,032,544 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
    DRV:64bit: - [2013.10.02 05:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
    DRV:64bit: - [2012.08.23 17:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
    DRV:64bit: - [2012.08.23 17:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
    DRV:64bit: - [2012.03.01 09:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
    DRV:64bit: - [2012.02.23 08:26:00 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
    DRV:64bit: - [2012.02.23 08:26:00 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
    DRV:64bit: - [2011.10.17 08:29:08 | 000,202,496 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FLxHCIc.sys -- (FLxHCIc)
    DRV:64bit: - [2011.10.17 08:29:08 | 000,069,888 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FLxHCIh.sys -- (FLxHCIh)
    DRV:64bit: - [2011.09.18 02:26:52 | 008,604,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
    DRV:64bit: - [2011.05.14 02:37:54 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
    DRV:64bit: - [2011.04.20 12:24:56 | 000,169,584 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
    DRV:64bit: - [2011.04.13 00:18:08 | 000,142,632 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
    DRV:64bit: - [2010.11.20 16:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
    DRV:64bit: - [2010.10.19 23:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
    DRV:64bit: - [2010.10.14 19:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
    DRV:64bit: - [2010.09.14 05:24:26 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
    DRV:64bit: - [2010.06.18 20:38:06 | 000,039,832 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WDKMD.sys -- (wdkmd)
    DRV:64bit: - [2010.05.03 06:46:04 | 000,044,032 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
    DRV:64bit: - [2010.04.17 02:07:28 | 000,013,832 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
    DRV:64bit: - [2009.07.21 12:29:40 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
    DRV:64bit: - [2009.07.14 04:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
    DRV:64bit: - [2009.07.14 04:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
    DRV:64bit: - [2009.07.14 04:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
    DRV:64bit: - [2009.07.14 02:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
    DRV:64bit: - [2009.06.20 05:09:57 | 001,394,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
    DRV:64bit: - [2009.06.11 00:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
    DRV:64bit: - [2009.06.10 23:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
    DRV:64bit: - [2009.06.10 23:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
    DRV:64bit: - [2009.06.10 23:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
    DRV:64bit: - [2009.06.10 23:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
    DRV:64bit: - [2009.06.10 23:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
    DRV:64bit: - [2009.03.18 18:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
    DRV:64bit: - [2008.05.24 03:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
    DRV - [2014.06.23 16:50:04 | 000,069,960 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\HIPS\drivers\fshs.sys -- (F-Secure HIPS)
    DRV - [2014.06.19 18:12:08 | 000,086,056 | ---- | M] (F-Secure Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\fsni64.sys -- (fsni)
    DRV - [2014.06.17 11:48:21 | 000,203,304 | ---- | M] (F-Secure Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys -- (F-Secure Gatekeeper)
    DRV - [2013.06.24 19:44:50 | 000,013,248 | ---- | M] () [Kernel | System | Running] -- C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys -- (fsvista)
    DRV - [2011.05.26 05:06:20 | 000,017,536 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO)
    DRV - [2009.07.14 04:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
    DRV - [2009.07.03 03:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
    IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


    ========== FireFox ==========

    FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.67.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.67.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
    FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2ed5602d-6d05-4399-ad2c-df8a9fe400b9}: C:\Program Files (x86)\F-Secure\apps\OnlineSafety\browser\deploy\fs_firefox_https [2014.06.17 11:45:30 | 000,000,000 | ---D | M]


    ========== Chrome ==========

    CHR - plugin: Error reading preferences file
    CHR - Extension: Google-presentaatiot = C:\Users\J Seeve\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.8_0\
    CHR - Extension: Google-dokumentit = C:\Users\J Seeve\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
    CHR - Extension: Google Drive = C:\Users\J Seeve\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
    CHR - Extension: YouTube = C:\Users\J Seeve\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
    CHR - Extension: Google-haku = C:\Users\J Seeve\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
    CHR - Extension: Google-taulukot = C:\Users\J Seeve\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.0_0\
    CHR - Extension: AdBlock = C:\Users\J Seeve\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.7.13_0\
    CHR - Extension: Chromium Wheel Smooth Scroller = C:\Users\J Seeve\AppData\Local\Google\Chrome\User Data\Default\Extensions\khpcanbeojalbkpgpmjpdkjnkfcgfkhb\1.3.6_0\
    CHR - Extension: Google Wallet = C:\Users\J Seeve\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
    CHR - Extension: Gmail = C:\Users\J Seeve\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

    O1 HOSTS File: ([2009.06.11 00:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
    O2:64bit: - BHO: (F-Secure Online Safety) - {45BBE08D-81C5-4A67-AF20-B2A077C67747} - C:\Program Files (x86)\F-Secure\apps\OnlineSafety\browser\install\fs_ie_https\fs_ie_https64.dll (F-Secure Corporation)
    O2:64bit: - BHO: (F-Secure Search) - {690EF1CF-5775-4CB3-A5B8-85A63FD0262B} - C:\Program Files (x86)\F-Secure\apps\SafeSearch\IE\FSSafeSearch64.dll (F-Secure Corporation)
    O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
    O2:64bit: - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
    O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    O2 - BHO: (F-Secure Online Safety) - {45BBE08D-81C5-4A67-AF20-B2A077C67747} - C:\Program Files (x86)\F-Secure\apps\OnlineSafety\browser\install\fs_ie_https\fs_ie_https.dll (F-Secure Corporation)
    O2 - BHO: (F-Secure Search) - {690EF1CF-5775-4CB3-A5B8-85A63FD0262B} - C:\Program Files (x86)\F-Secure\apps\SafeSearch\IE\FSSafeSearch.dll (F-Secure Corporation)
    O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
    O2 - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
    O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
    O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    O3:64bit: - HKLM\..\Toolbar: (F-Secure Search Toolbar) - {B242FC32-2B60-48EA-A8E3-2E280EDBC48F} - C:\Program Files (x86)\F-Secure\apps\SafeSearch\IE\FSSafeSearch64.dll (F-Secure Corporation)
    O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
    O3 - HKLM\..\Toolbar: (F-Secure Search Toolbar) - {B242FC32-2B60-48EA-A8E3-2E280EDBC48F} - C:\Program Files (x86)\F-Secure\apps\SafeSearch\IE\FSSafeSearch.dll (F-Secure Corporation)
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)
    O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
    O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\windows\SysNative\hkcmd.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [IgfxTray] C:\windows\SysNative\igfxtray.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [IntelPAN] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
    O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
    O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
    O4:64bit: - HKLM..\Run: [Persistence] C:\windows\SysNative\igfxpers.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
    O4:64bit: - HKLM..\Run: [ShadowPlay] C:\windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
    O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
    O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
    O4 - HKLM..\Run: [FLxHCIm64] C:\Program Files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe (Windows (R) Win 7 DDK provider)
    O4 - HKLM..\Run: [F-Secure Hoster (666)] C:\Program Files (x86)\F-Secure\fshoster32.exe (F-Secure Corporation)
    O4 - HKLM..\Run: [F-Secure Manager] C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE (F-Secure Corporation)
    O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
    O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
    O4 - HKLM..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe (Virage Logic Corporation / Sonic Focus)
    O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
    O4 - HKLM..\Run: [VAWinAgent] C:\ExpressGateUtil\VAWinAgent.exe ()
    O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (ASUS)
    O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
    O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\J Seeve\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O9:64bit: - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
    O9 - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
    O1364bit: - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{43472BDF-67E8-4D70-AE65-B375B742EFE7}: NameServer = 195.197.54.100 195.74.0.47
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8F95A156-ECA7-44AE-9019-97D3FF08DF9A}: DhcpNameServer = 192.168.33.1
    O18:64bit: - Protocol\Handler\livecall - No CLSID value found
    O18:64bit: - Protocol\Handler\msnim - No CLSID value found
    O18:64bit: - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
    O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
    O18 - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
    O20:64bit: - AppInit_DLLs: (C:\windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
    O20 - AppInit_DLLs: (C:\windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
    O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
    O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2011.03.17 18:27:22 | 000,148,320 | R--- | M] () - F:\AutoRun.exe -- [ CDFS ]
    O32 - AutoRun File - [2011.10.17 19:02:00 | 000,000,047 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]
    O33 - MountPoints2\{01530efc-1662-11e4-a36d-92a095344ce9}\Shell - "" = AutoRun
    O33 - MountPoints2\{01530efc-1662-11e4-a36d-92a095344ce9}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011.03.17 18:27:22 | 000,148,320 | R--- | M] ()
    O33 - MountPoints2\{01530eff-1662-11e4-a36d-92a095344ce9}\Shell - "" = AutoRun
    O33 - MountPoints2\{01530eff-1662-11e4-a36d-92a095344ce9}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011.03.17 18:27:22 | 000,148,320 | R--- | M] ()
    O33 - MountPoints2\{df09154d-f614-11e3-8065-5404a6ae5616}\Shell - "" = AutoRun
    O33 - MountPoints2\{df09154d-f614-11e3-8065-5404a6ae5616}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011.03.17 18:27:22 | 000,148,320 | R--- | M] ()
    O33 - MountPoints2\{e0f51a35-f5f9-11e3-bcc0-5404a6ae5616}\Shell - "" = AutoRun
    O33 - MountPoints2\{e0f51a35-f5f9-11e3-bcc0-5404a6ae5616}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011.03.17 18:27:22 | 000,148,320 | R--- | M] ()
    O33 - MountPoints2\{e0f51a39-f5f9-11e3-bcc0-5404a6ae5616}\Shell - "" = AutoRun
    O33 - MountPoints2\{e0f51a39-f5f9-11e3-bcc0-5404a6ae5616}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011.03.17 18:27:22 | 000,148,320 | R--- | M] ()
    O33 - MountPoints2\F\Shell - "" = AutoRun
    O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011.03.17 18:27:22 | 000,148,320 | R--- | M] ()
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
    O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

    ========== Files/Folders - Created Within 7 Days ==========


    ========== Files - Modified Within 7 Days ==========

    [2014.09.08 18:10:21 | 000,018,736 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2014.09.08 18:10:21 | 000,018,736 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2014.09.08 18:10:00 | 000,001,022 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
    [2014.09.08 18:09:14 | 001,355,114 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
    [2014.09.08 18:09:14 | 000,654,464 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
    [2014.09.08 18:09:14 | 000,481,810 | ---- | M] () -- C:\windows\SysNative\perfh00B.dat
    [2014.09.08 18:09:14 | 000,122,336 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
    [2014.09.08 18:09:14 | 000,101,870 | ---- | M] () -- C:\windows\SysNative\perfc00B.dat
    [2014.09.08 18:02:57 | 000,045,056 | ---- | M] () -- C:\windows\SysWow64\acovcnt.exe
    [2014.09.08 18:02:55 | 000,001,018 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
    [2014.09.08 18:02:36 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
    [2014.09.08 18:02:30 | 466,702,335 | -HS- | M] () -- C:\hiberfil.sys

    ========== Files Created - No Company Name ==========

    [2014.06.18 00:46:58 | 000,007,618 | ---- | C] () -- C:\Users\J Seeve\AppData\Local\Resmon.ResmonCfg
    [2014.06.17 11:45:09 | 000,020,395 | ---- | C] () -- C:\windows\prodsett_copy.ini
    [2014.06.14 00:01:39 | 000,045,056 | ---- | C] () -- C:\windows\SysWow64\acovcnt.exe
    [2014.06.13 23:52:18 | 000,154,240 | ---- | C] () -- C:\windows\AsPatch10430001.exe
    [2014.01.29 23:02:42 | 000,272,928 | ---- | C] () -- C:\windows\SysWow64\igvpkrng600.bin
    [2014.01.29 23:02:22 | 000,077,312 | ---- | C] () -- C:\windows\SysWow64\igdde32.dll
    [2014.01.29 23:02:20 | 000,963,452 | ---- | C] () -- C:\windows\SysWow64\igcodeckrng600.bin
    [2012.02.23 09:16:24 | 000,131,984 | ---- | C] () -- C:\ProgramData\FullRemove.exe

    ========== ZeroAccess Check ==========

    [2009.07.14 07:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
    "" = C:\Windows\SysNative\shell32.dll -- [2014.06.25 05:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shell32.dll -- [2014.06.25 04:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 04:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 15:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 04:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

    < End of report >

     
  2.  
  3. Hospitality

    Hospitality Member

    Liittynyt:
    04.05.2013
    Viestejä:
    7
    Kiitokset:
    0
    Pisteet:
    11
    Ja extrat:
    OTL Extras logfile created on: 8.9.2014 18:07:42 - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\J Seeve\Downloads
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.11.9600.17239)
    Locale: 0000040B | Country: Suomi | Language: FIN | Date Format: d.M.yyyy

    5,91 Gb Total Physical Memory | 3,30 Gb Available Physical Memory | 55,84% Memory free
    11,82 Gb Paging File | 8,91 Gb Available in Paging File | 75,35% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 200,00 Gb Total Space | 103,89 Gb Free Space | 51,94% Space Free | Partition Type: NTFS
    Drive D: | 240,66 Gb Total Space | 238,00 Gb Free Space | 98,90% Space Free | Partition Type: NTFS
    Drive F: | 33,72 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

    Computer Name: JSEEVE-PC | User Name: J Seeve | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
    .url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
    .html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

    [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
    .html [@ = ChromeHTML] -- Reg Error: Key error. File not found

    ========== Shell Spawning ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    htmlfile [edit] -- Reg Error: Key error.
    htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
    http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
    https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    htmlfile [edit] -- Reg Error: Key error.
    htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
    http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
    https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

    ========== Security Center Settings ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    ========== Authorized Applications List ==========


    ========== Vista Active Open Ports Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{012A437C-4AA1-4315-A194-1576D528E2E3}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{053D8C52-C5AE-4CF4-9EA7-54A08859096C}" = rport=139 | protocol=6 | dir=out | app=system |
    "{0AE2705C-32FF-4452-BFC0-FE89F7DB59F4}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
    "{15220941-6E17-4AFF-B880-7880B2D63886}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{27012071-4899-4BE8-95E6-486152450DDF}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
    "{45EE01BD-882D-49ED-8C4E-2E7A5E11CAA8}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
    "{48CDB26B-3CE9-46B6-B73A-05BDBFE6F863}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{4A3EFDCD-07E1-410B-9CBC-D6CEDF40A01B}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
    "{4B8BCFBB-F932-42E4-8601-D6BFCC04D851}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
    "{4E035302-FE9C-4BA1-93AF-2AFB9E74CE0B}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
    "{53194A69-ADD1-4293-97B1-339E14A56760}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{53CA373C-67B7-4D70-87E9-65C3BA0294B6}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
    "{57949677-9429-4D91-90BD-B7124504E457}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
    "{61CDB7E2-EF15-4C15-A530-72EE59A2743D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{6F5F2822-145C-47FC-AE4D-AAFE5F3962E5}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
    "{75161B1B-1656-4950-809F-95CE14986051}" = lport=139 | protocol=6 | dir=in | app=system |
    "{7B7027CB-168C-447B-846F-BEC029A57C9F}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
    "{80B0B1ED-EB3F-43DD-B37D-09117F1E5538}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
    "{99305071-D344-4E0C-B07A-EAFEB83F4CE6}" = lport=137 | protocol=17 | dir=in | app=system |
    "{A1696178-BAF0-4DA6-A7FF-45FCA67766EB}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
    "{A61CBE4F-F976-44F9-835E-A39622565BFE}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
    "{BE3C7D20-2635-47C6-B0D2-DBC9FA6031EA}" = lport=138 | protocol=17 | dir=in | app=system |
    "{CE5C4814-CF26-46C6-8A71-2CD589D1038C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
    "{D64D5BED-5F10-493F-B26D-C7FDF448BC20}" = rport=445 | protocol=6 | dir=out | app=system |
    "{DB83BD69-1D5C-4065-BADD-A705697DC53D}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
    "{DD70A567-5217-448B-B28F-49562880097F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{DFE8DE79-8D1F-440D-9952-6F96E613C644}" = rport=137 | protocol=17 | dir=out | app=system |
    "{E02D25ED-621E-4D1D-9002-904B7F618962}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{EA908339-5507-4478-BDD4-E3897C596E8E}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
    "{EC36682E-04AA-4346-A926-ED50A5B972EB}" = rport=138 | protocol=17 | dir=out | app=system |
    "{EDBD802E-EADC-4025-AF4C-85E85F9E76D1}" = rport=2869 | protocol=6 | dir=out | app=system |
    "{EEBAAADE-7DB0-4C6A-8DFA-B6A5D4DD93A0}" = lport=445 | protocol=6 | dir=in | app=system |
    "{F21FA617-4435-4135-84E6-208B04B0F4D3}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
    "{F38CEE0E-64F5-47B2-8826-DDC382FFC919}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
    "{F469130D-DAD0-45A2-89D9-96E513DA2CC4}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
    "{F51BC711-F403-496E-901F-1F06F0437D6A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{F5C569C5-A686-412B-AF54-6CBAB4A541DE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

    ========== Vista Active Application Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{01201A21-80F2-4989-AB3B-5ED3E17FCE42}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
    "{07B2ADA3-825A-4C54-AE7C-3B4CE9DF1448}" = protocol=6 | dir=in | app=c:\users\j seeve\appdata\roaming\utorrent\utorrent.exe |
    "{109C9778-7B58-4B80-B4F5-02BDF03D43D2}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
    "{11852A48-0C2F-4287-8E18-E5F4DBB27009}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
    "{12513B92-E9AB-462A-8234-2E4FC6EC6840}" = protocol=6 | dir=in | app=d:\pelit\steamapps\common\dayz\dayz.exe |
    "{2E535A0C-F5BC-48C8-BBE3-F06608886F57}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dayz\dayz.exe |
    "{36A5B0A2-C6AF-40D1-A97E-2BEC293E1CA5}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe |
    "{393B44C0-C89D-4473-9D7B-BD36ED1E6BD9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe |
    "{3DB81256-541C-454A-BD7D-09E4E2DDD356}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
    "{4D25F3E0-56F8-431E-ADC2-5D071A99A93B}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr8.exe |
    "{5075DBCD-8D92-4BCF-8566-E2842DF34041}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
    "{59946D22-7562-40DE-9EC6-322DCA949C36}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd cinema\powerdvdcinema10.exe |
    "{6689432C-BC4E-4741-9579-8B3A29828816}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
    "{713AFA5E-430A-45F7-A56E-A0918E587B5C}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe |
    "{7AD8CF5C-3AC0-4BA8-85B2-4589919B52F6}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
    "{90AE9189-1F90-41AC-874E-F7D910930261}" = protocol=17 | dir=in | app=c:\program files (x86)\pc remote\pc remote\pcremote.exe |
    "{95569F30-50A2-4A31-9CDE-321560875FBE}" = protocol=6 | dir=in | app=c:\users\j seeve\appdata\roaming\spotify\spotify.exe |
    "{A6C7C307-B89C-4132-82FA-3E19FEE91F9E}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
    "{A9EE763E-0FF8-4BBA-91B3-6C62EFFCBCB1}" = protocol=6 | dir=in | app=c:\program files (x86)\pc remote\pc remote\pcremote.exe |
    "{AACEFF1E-5DAA-49B8-8AC3-06D4D4F01A54}" = dir=in | app=c:\program files (x86)\intel corporation\intel wireless display\widiapp.exe |
    "{ADA4A565-241C-4FF0-AD2A-D45A48E5FC3C}" = protocol=17 | dir=in | app=c:\users\j seeve\appdata\roaming\spotify\spotify.exe |
    "{B25741C1-9322-4007-B2DE-59A85C384E1C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
    "{B40683E4-C4ED-4823-A51F-9862E1399CD3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
    "{B95B8450-BF48-4F9E-9634-8C4F64EB1467}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
    "{BC4C4162-9A0F-413B-889A-D1BDE187C3CD}" = protocol=17 | dir=in | app=d:\pelit\steamapps\common\dayz\dayz.exe |
    "{BEFF43D4-E8CF-47A2-82FB-A4C437B43C49}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
    "{C3656319-7387-44A4-AB4D-8EFCE9110D39}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
    "{CC2B1549-B55F-42C0-9A19-D002D78817DC}" = protocol=17 | dir=in | app=c:\users\j seeve\appdata\roaming\utorrent\utorrent.exe |
    "{D228B036-66D0-42B0-A396-EACC6B8D2F9E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
    "{EB0B4BC7-B6EF-44AD-99F9-A76180F61107}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
    "{FE71C540-52FA-41D1-BB7A-FA11DCDA564A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dayz\dayz.exe |
    "TCP Query User{0A358235-F027-44A8-A77B-F4B41EE1A3B2}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
    "TCP Query User{30CDA117-6B43-46AF-85E8-6F9A7338477B}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
    "TCP Query User{C93DB4E0-AFBD-4E47-9B96-1759FC793C79}D:\nfsw\data\nfsw.exe" = protocol=6 | dir=in | app=d:\nfsw\data\nfsw.exe |
    "TCP Query User{D5C7A876-B738-4CAA-9C41-10D81373DF2B}D:\pelit\data\nfsw.exe" = protocol=6 | dir=in | app=d:\pelit\data\nfsw.exe |
    "TCP Query User{E8C2D01C-2EA8-4E99-A51C-AA522252A760}C:\program files (x86)\pc remote\pc remote\pcremote.exe" = protocol=6 | dir=in | app=c:\program files (x86)\pc remote\pc remote\pcremote.exe |
    "TCP Query User{F49A842A-73AD-4DD4-9589-F748592D2E8A}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
    "TCP Query User{F7C75A1A-B5F0-410D-B168-E85C563253CA}C:\users\j seeve\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\j seeve\appdata\roaming\spotify\spotify.exe |
    "UDP Query User{19BA4F84-F948-4298-9992-84F7D244620D}C:\program files (x86)\pc remote\pc remote\pcremote.exe" = protocol=17 | dir=in | app=c:\program files (x86)\pc remote\pc remote\pcremote.exe |
    "UDP Query User{54927FB4-E126-43D7-9248-E66EA1179102}C:\users\j seeve\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\j seeve\appdata\roaming\spotify\spotify.exe |
    "UDP Query User{605154D3-3DBB-4484-A3C1-A4B929C0ABC6}D:\nfsw\data\nfsw.exe" = protocol=17 | dir=in | app=d:\nfsw\data\nfsw.exe |
    "UDP Query User{6372013C-0068-4CAA-807F-AA5BD9EF7D08}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
    "UDP Query User{A70B73E0-9A31-4171-AF9C-9EBDE7670A1F}D:\pelit\data\nfsw.exe" = protocol=17 | dir=in | app=d:\pelit\data\nfsw.exe |
    "UDP Query User{C5382E21-239B-445D-A9B5-840A68E3F5BF}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
    "UDP Query User{D2F2CB6B-4726-4C85-83FB-564E1D1CAE5F}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{01E66AC4-B28B-494C-993D-3CD17020BEBC}" = Fresco Logic USB3.0 Host Controller
    "{03C25EFD-136E-482C-88A0-F083F0C13E65}" = Windows Live Family Safety
    "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{07EEE598-5F21-4B57-B40B-46592625B3D9}" = Zune Language Pack (PTB)
    "{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
    "{1685AE50-97ED-485B-80F6-145071EE14B0}" = Windows Live Remote Service Resources
    "{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
    "{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
    "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
    "{1FB31F44-D4D0-4D76-944A-A1A5D79FD321}" = Windows Live Family Safety
    "{26A24AE4-039D-4CA4-87B4-2F06417067FF}" = Java 7 Update 67 (64-bit)
    "{295AEB79-B53A-4F1B-860F-7800BB7E3681}" = Intel(R) PROSet/Wireless WiFi
    "{2A9DFFD8-4E09-4B91-B957-454805B0D7C4}" = Zune Language Pack (CHS)
    "{2C1A6191-9804-4FDC-AB01-6F9183C91A13}" = Windows Live Remote Client Resources
    "{2DF79A08-9BFB-3120-B62D-F7E489A984EE}" = Microsoft .NET Framework 4.5.1 (FIN)
    "{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
    "{3589A659-F732-4E65-A89A-5438C332E59D}" = Zune Language Pack (ELL)
    "{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
    "{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}" = Intel(R) Turbo Boost Technology Monitor
    "{44C0A094-769D-4C5C-B6E9-563AC1220FA3}" = Windows Live Family Safety
    "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
    "{4C2E49C0-9276-4324-841D-774CCCE5DB48}" = Windows Live Remote Client Resources
    "{51C839E1-2BE4-4E77-A1BA-CCEA5DAFA741}" = Zune Language Pack (KOR)
    "{57C51D56-B287-4C11-9192-EC3C46EF76A4}" = Zune Language Pack (RUS)
    "{57F2BD1C-14A3-4785-8E48-2075B96EB2DF}" = Windows Live Remote Service Resources
    "{5C93E291-A1CC-4E51-85C6-E194209FCDB4}" = Zune Language Pack (PTG)
    "{5DEFD397-4012-46C3-B6DA-E8013E660772}" = Zune Language Pack (NOR)
    "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    "{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
    "{6740BCB0-5863-47F4-80F4-44F394DE4FE2}" = Zune Language Pack (NLD)
    "{699204D1-231D-45FB-98AE-8BC89A32B04F}" = Windows Live Family Safety
    "{6B33492E-FBBC-4EC3-8738-09E16E395A10}" = Zune Language Pack (ESP)
    "{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{6EB931CD-A7DA-4A44-B74A-89C8EB50086F}" = Zune Language Pack (SVE)
    "{7456EDA4-0A8A-47B0-883C-430D88D3FBD5}" = Windows Live Family Safety
    "{76BA306B-2AA0-47C0-AB6B-F313AB56C136}" = Zune Language Pack (MSL)
    "{7AEC844D-448A-455E-A34E-E1032196BBCD}" = Windows Live Remote Service Resources
    "{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
    "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
    "{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
    "{850B8072-2EA7-4EDC-B930-7FE569495E76}" = Windows Live Remote Client Resources
    "{8960A0A1-BB5A-479E-92CF-65AB9D684B43}" = Zune Language Pack (PLK)
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8B112338-2B08-4851-AF84-E7CAD74CEB32}" = Zune Language Pack (DAN)
    "{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
    "{92ECE3F9-591E-4C12-8A62-B9FCE38BF646}" = Zune Language Pack (IND)
    "{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
    "{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1035" = Microsoft .NET Framework 4.5.1 (suomi)
    "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid
    "{9B75648B-6C30-4A0D-9DE6-0D09D20AF5A5}" = Zune
    "{A060182D-CDBE-4AD6-B9B4-860B435D6CBD}" = Windows Live Remote Client Resources
    "{A5A53EA8-A11E-49F0-BDF5-AE536426A31A}" = Zune Language Pack (CHT)
    "{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
    "{A8F2E50B-86E2-4D96-9BD2-9758BCC6F9B3}" = Zune Language Pack (CSY)
    "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision -ohjain 331.65
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA-ohjauspaneeli 331.65
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiikkaohjain 331.65
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 2.1
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus Update 14.6.22
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA-päivitykset 14.6.22
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 14.6.22
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.23
    "{B4870774-5F3A-46D9-9DFE-06FB5599E26B}" = Zune Language Pack (FIN)
    "{BE236D9A-52EC-4A17-82DA-84B5EAD31E3E}" = Zune Language Pack (DEU)
    "{C298FF86-AB23-4B58-AC53-A23383C07B3A}" = Intel(R) Wireless Display
    "{C5D37FFA-7483-410B-982B-91E93FD3B7DA}" = Zune Language Pack (ITA)
    "{C68D33B1-0204-4EBE-BC45-A6E432B1D13A}" = Zune Language Pack (FRA)
    "{C6BE19C6-B102-4038-B2A6-1C313872DBB4}" = Zune Language Pack (HUN)
    "{CEA21F20-DBF4-464C-8B81-28B8508AFDDD}" = Windows Live Family Safety
    "{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
    "{D8A781C9-3892-4E2E-9320-480CF896CFBB}" = Zune Language Pack (JPN)
    "{D93AC9C8-B6CF-391E-BD2F-48AF4727476C}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30411
    "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
    "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
    "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
    "{F2CB8C3C-9C9E-4FAB-9067-655601C5F748}" = Windows Mobile Device Updater Component
    "{F6CB2C5F-B2C1-4DF1-BF44-39D0DC06FE6F}" = Windows Live Remote Service Resources
    "CCleaner" = CCleaner
    "Elantech" = ETDWare PS/2-X64 8.0.5.3_WHQL
    "ProInst" = Intel PROSet Wireless
    "Zune" = Zune

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{00000000-2778-5BED-8199-52EB14D8D22F}" = F-Secure CCF Reputation
    "{00884F14-05BD-4D8E-90E5-1ABF78948CA4}" = Windows Live Mesh
    "{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
    "{09B7C7EB-3140-4B5E-842F-9C79A7137139}" = Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger
    "{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}" = SonicMaster
    "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
    "{0C975FCC-A06E-4CB6-8F54-A9B52CF37781}" = Windows Liven sähköposti
    "{10186F1A-6A14-43DF-A404-F0105D09BB07}" = Windows Live Mail
    "{110668B7-54C6-47C9-BAC4-1CE77F156AF5}" = Windows Live Mesh
    "{11417707-1F72-4279-95A3-01E0B898BBF5}" = Windows Live Mesh
    "{133D9D67-D475-4407-AC3C-D558087B2453}" = Windows Live Movie Maker
    "{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
    "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
    "{1A72337E-D126-4BAF-AC89-E6122DB71866}" = Windows Liven valokuvavalikoima
    "{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
    "{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}" = Bing Bar
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
    "{1F7424F8-F992-48BC-90EF-7C4DB0405E3F}" = Alcor Micro USB Card Reader
    "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = ASUS Video Magic
    "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
    "{220C7F8C-929D-4F71-9DC7-F7A6823B38E4}" = Windows Live UX Platform Language Pack
    "{24DF33E0-F924-4D0D-9B96-11F28F0D602D}" = Windows Live UX Platform Language Pack
    "{25CD4B12-8CC5-433E-B723-C9CB41FA8C5A}" = Windows Live Writer
    "{26A24AE4-039D-4CA4-87B4-2F03217067FF}" = Java 7 Update 67
    "{28B9D2D8-4304-483F-AD71-51890A063A74}" = Windows Live Photo Common
    "{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
    "{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
    "{2C4DADDF-EB9F-48E8-A93A-8EE17532012A}" = Online Safety 2.107.2552.1523
    "{2E50E321-4747-4EB5-9ECB-BBC6C3AC0F31}" = Windows Live Writer Resources
    "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
    "{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
    "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
    "{36B0DC39-3282-40EB-8587-B875CE46C3A7}" = ExpressGateCloud
    "{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}" = ActiveX-kontroll för fjärranslutningar för Windows Live Mesh
    "{39F95B0B-A0B7-4FA7-BB6C-197DA2546468}" = Windows Live Mesh
    "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
    "{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}" = Windows Live Photo Gallery
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{4A04DB63-8F81-4EF4-9D09-61A2057EF419}" = Windows Live Essentials
    "{4B744C85-DBB1-4038-B989-4721EB22C582}" = Windows Live Messenger
    "{4CF6F287-5121-483C-A5A2-07BDE19D8B4E}" = Windows Live Meshin etäyhteyksien ActiveX-komponentti
    "{57220148-3B2B-412A-A2E0-82B9DF423696}" = Windows Live Mesh ActiveX-objekt til fjernforbindelser
    "{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
    "{5C2F5C1B-9732-4F81-8FBF-6711627DC508}" = Windows Live Fotogalleri
    "{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
    "{658FDBCA-B7A1-43E4-A849-9F0812473331}" = Computer Security 14.106.101.0 (release)
    "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
    "{69CAC24D-B1DC-4B97-A1BE-FE21843108FE}" = Windows Live Writer Resources
    "{6A67578E-095B-4661-88F7-0B199CEC3371}" = Windows Live Messenger
    "{6D1221A9-17BF-4EC0-81F2-27D30EC30701}" = Skype Click to Call
    "{6EF2BE2C-3121-48B7-B7A6-C56046B3A588}" = Windows Live Movie Maker
    "{6F4F9F2E-3389-49E7-9866-FBB204684D5D}" = F-Secure CCF Scanning 1.43.102.193 (release)
    "{702A14E2-E5E4-44B1-A957-5A3A82E36576}" = F-Secure Network CCF 1.02.136
    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
    "{734104DE-C2BF-412F-BB97-FCCE1EC94229}" = Windows Live Writer Resources
    "{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.18
    "{7ADFA72D-2A9F-4DEC-80A5-2FAA27E23F0F}" = Windows Live Photo Common
    "{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World
    "{7f51bdb9-ee21-49ee-94d6-90afc321780e}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
    "{827D3E4A-0186-48B7-9801-7D1E9DD40C07}" = Windows Live Essentials
    "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111249233}" = Dream Vacation Solitaire
    "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago
    "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home
    "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115065740}" = Bubbletown
    "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115290153}" = Go Go Gourmet Chef of the Year
    "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115320460}" = Turbo Fiesta
    "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-116672750}" = World of Goo
    "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117080787}" = Plants vs Zombies
    "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117948443}" = Mahjong Memoirs
    "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-118716773}" = Deadtime Stories
    "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-119205603}" = Farm Frenzy 3 - Madagascar
    "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
    "{885F1BCD-C344-4758-85BD-09640CF449A5}" = Windows Live Photo Gallery
    "{8909CFA8-97BF-4077-AC0F-6925243FFE08}" = Windows Liven asennustyökalu
    "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
    "{8CF5D47D-27B7-49D6-A14F-10550B92749D}" = Windows Live UX Platform Language Pack
    "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
    "{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
    "{924B4D82-1B97-48EB-8F1E-55C4353C22DB}" = Windows Live Mail
    "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
    "{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
    "{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
    "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
    "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
    "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
    "{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
    "{AC61D36B-5C3B-440D-9547-8CBCE7B78583}" = PC Remote
    "{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X MUI
    "{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
    "{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
    "{BFC47A0B-D487-4DF0-889E-D6D392DF31E0}" = Windows Live Messenger
    "{C22378E6-9A65-438E-964C-7DB8FBB568DE}" = LogMeIn Hamachi
    "{C4BC5A5F-4A97-47CC-99C3-AB8E10572AFE}" = Wireless Console 3
    "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
    "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
    "{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}" = ASUS FancyStart
    "{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
    "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
    "{CD442136-9115-4236-9C14-278F6A9DCB3F}" = Windows Live Movie Maker
    "{CD7CB1E6-267A-408F-877D-B532AD2C882E}" = Windows Live Photo Common
    "{ce085a78-074e-4823-8dc1-8a721b94b76d}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
    "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
    "{CF671BFE-6BA3-44E7-98C1-500D9C51D947}" = Windows Live Photo Gallery
    "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
    "{D31169F2-CD71-4337-B783-3E53F29F4CAD}" = Windows Live Mail
    "{D39F0676-163E-4595-A917-E28F99BBD4D2}" = ASUS AI Recovery
    "{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
    "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
    "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
    "{D95D779E-D5D2-45EC-BBBE-811E72976747}" = F-Secure
    "{DA29F644-2420-4448-8128-1331BE588999}" = Windows Live Writer
    "{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}" = Windows Live Movie Maker
    "{DCAB6BA7-6533-44BF-9235-E5BF33B7431C}" = Windows Live Writer
    "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
    "{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = ASUSDVD
    "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
    "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
    "{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso
    "{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
    "{E5DD4723-FE0B-436E-A815-DC23CF902A0B}" = Windows Live UX Platform Language Pack
    "{E8524B28-3BBB-4763-AC83-0E83FE31C350}" = Windows Live Writer
    "{E9D98402-21AB-4E9F-BF6B-47AF36EF7E97}" = Windows Live Writer Resources
    "{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
    "{EFD9F1E7-B80B-4D97-80BA-2B80FCE6DABB}" = F-Secure SafeSearch 1.03.146.0 (release)
    "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
    "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
    "{F0F9505B-3ACF-4158-9311-D0285136AA00}" = Windows Live Essentials
    "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
    "{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
    "{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
    "{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}" = ASUS Live Update
    "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
    "{FFFA0584-8E3D-4195-8283-CCA3AD73C746}" = Windows Live Messenger
    "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
    "ASUS WebStorage" = ASUS WebStorage
    "Asus Vibe2.0" = AsusVibe2.0
    "ASUS_N3_Series" = ASUS_N3_Series
    "CrystalDiskInfo_is1" = CrystalDiskInfo 6.1.14
    "DAEMON Tools Lite" = DAEMON Tools Lite
    "Fraps" = Fraps
    "F-Secure ServiceEnabler 666" = F-Secure
    "Game Park Console" = Game Park Console
    "Google Chrome" = Google Chrome
    "InstallShield_{1F7424F8-F992-48BC-90EF-7C4DB0405E3F}" = Alcor Micro USB Card Reader
    "InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = ASUS Video Magic
    "InstallShield_{36B0DC39-3282-40EB-8587-B875CE46C3A7}" = ExpressGateCloud
    "InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
    "InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
    "InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
    "InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = ASUSDVD
    "InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso
    "LogMeIn Hamachi" = LogMeIn Hamachi
    "Mobile Partner" = Mobile Partner
    "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
    "ProInst" = Intel PROSet Wireless
    "Steam" = Steam
    "Steam App 221100" = DayZ
    "WinLiveSuite" = Windows Live Essentials
    "WinRAR archiver" = WinRAR 5.10 (32-bit)
    "VLC media player" = VLC media player

    ========== HKEY_CURRENT_USER Uninstall List ==========

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "Spotify" = Spotify
    "uTorrent" = µTorrent

    ========== Last 20 Event Log Errors ==========

    [ Application Events ]
    Error - 2.9.2014 10:42:14 | Computer Name = JSeeve-PC | Source = Application Error | ID = 1000
    Description = Viallisen sovelluksen nimi: SPEED2.EXE, versio: 0.0.0.0, aikaleima:
    0x214d4c48 Viallisen moduulin nimi: SPEED2.EXE, versio: 0.0.0.0, aikaleima: 0x214d4c48
    Poikkeuskoodi:
    0xc0000005 Virhepoikkeama: 0x002f6af9 Viallisen prosessin tunnus: 0x2248 Viallisen
    sovelluksen käynnistysaika: 0x01cfc6aa63f34a7e Viallisen sovelluksen polku: C:\Program
    Files (x86)\EA GAMES\Need for Speed Underground 2\SPEED2.EXE Viallisen moduulin
    polku: C:\Program Files (x86)\EA GAMES\Need for Speed Underground 2\SPEED2.EXE Raportin
    tunnus: 53ac1599-32af-11e4-b03f-001e101fe70e

    Error - 2.9.2014 11:15:24 | Computer Name = JSeeve-PC | Source = Application Error | ID = 1000
    Description = Viallisen sovelluksen nimi: SPEED2.EXE, versio: 0.0.0.0, aikaleima:
    0x214d4c48 Viallisen moduulin nimi: SPEED2.EXE, versio: 0.0.0.0, aikaleima: 0x214d4c48
    Poikkeuskoodi:
    0xc0000005 Virhepoikkeama: 0x002f6af9 Viallisen prosessin tunnus: 0xb88 Viallisen
    sovelluksen käynnistysaika: 0x01cfc6bc2bb8af1d Viallisen sovelluksen polku: C:\Program
    Files (x86)\EA GAMES\Need for Speed Underground 2\SPEED2.EXE Viallisen moduulin
    polku: C:\Program Files (x86)\EA GAMES\Need for Speed Underground 2\SPEED2.EXE Raportin
    tunnus: f5c072c5-32b3-11e4-b03f-001e101fe70e

    Error - 3.9.2014 12:02:38 | Computer Name = JSeeve-PC | Source = Application Error | ID = 1000
    Description = Viallisen sovelluksen nimi: SPEED2.EXE, versio: 0.0.0.0, aikaleima:
    0x214d4c48 Viallisen moduulin nimi: SPEED2.EXE, versio: 0.0.0.0, aikaleima: 0x214d4c48
    Poikkeuskoodi:
    0xc0000005 Virhepoikkeama: 0x0003fe97 Viallisen prosessin tunnus: 0xcdc Viallisen
    sovelluksen käynnistysaika: 0x01cfc785a5eee143 Viallisen sovelluksen polku: C:\Program
    Files (x86)\EA GAMES\Need for Speed Underground 2\SPEED2.EXE Viallisen moduulin
    polku: C:\Program Files (x86)\EA GAMES\Need for Speed Underground 2\SPEED2.EXE Raportin
    tunnus: b97f4fc4-3383-11e4-b1ff-5404a6ae5616

    Error - 4.9.2014 14:45:20 | Computer Name = JSeeve-PC | Source = Application Error | ID = 1000
    Description = Viallisen sovelluksen nimi: SPEED2.EXE, versio: 0.0.0.0, aikaleima:
    0x214d4c48 Viallisen moduulin nimi: SPEED2.EXE, versio: 0.0.0.0, aikaleima: 0x214d4c48
    Poikkeuskoodi:
    0xc0000005 Virhepoikkeama: 0x002f6af9 Viallisen prosessin tunnus: 0x1e14 Viallisen
    sovelluksen käynnistysaika: 0x01cfc86bd6c80d64 Viallisen sovelluksen polku: C:\Program
    Files (x86)\EA GAMES\Need for Speed Underground 2\SPEED2.EXE Viallisen moduulin
    polku: C:\Program Files (x86)\EA GAMES\Need for Speed Underground 2\SPEED2.EXE Raportin
    tunnus: 9e9269ce-3463-11e4-9686-5404a6ae5616

    Error - 5.9.2014 6:33:41 | Computer Name = JSeeve-PC | Source = Application Error | ID = 1000
    Description = Viallisen sovelluksen nimi: SPEED2.EXE, versio: 0.0.0.0, aikaleima:
    0x214d4c48 Viallisen moduulin nimi: SPEED2.EXE, versio: 0.0.0.0, aikaleima: 0x214d4c48
    Poikkeuskoodi:
    0xc0000005 Virhepoikkeama: 0x0003fa92 Viallisen prosessin tunnus: 0x1174 Viallisen
    sovelluksen käynnistysaika: 0x01cfc8f457305131 Viallisen sovelluksen polku: C:\Program
    Files (x86)\EA GAMES\Need for Speed Underground 2\SPEED2.EXE Viallisen moduulin
    polku: C:\Program Files (x86)\EA GAMES\Need for Speed Underground 2\SPEED2.EXE Raportin
    tunnus: 1a2908d3-34e8-11e4-9732-5404a6ae5616

    Error - 6.9.2014 11:00:33 | Computer Name = JSeeve-PC | Source = Application Error | ID = 1000
    Description = Viallisen sovelluksen nimi: SPEED2.EXE, versio: 0.0.0.0, aikaleima:
    0x214d4c48 Viallisen moduulin nimi: SPEED2.EXE, versio: 0.0.0.0, aikaleima: 0x214d4c48
    Poikkeuskoodi:
    0xc0000005 Virhepoikkeama: 0x002f6af9 Viallisen prosessin tunnus: 0x12f0 Viallisen
    sovelluksen käynnistysaika: 0x01cfc9e2032afbf1 Viallisen sovelluksen polku: C:\Program
    Files (x86)\EA GAMES\Need for Speed Underground 2\SPEED2.EXE Viallisen moduulin
    polku: C:\Program Files (x86)\EA GAMES\Need for Speed Underground 2\SPEED2.EXE Raportin
    tunnus: 8ca78f1a-35d6-11e4-a3ff-5404a6ae5616

    Error - 8.9.2014 8:25:05 | Computer Name = JSeeve-PC | Source = Application Hang | ID = 1002
    Description = Ohjelman javaw.exe versio 7.0.670.1, lakkasi olemasta yhteydessä Windowsiin,
    joten se suljettiin. Voit tarkistaa, onko ongelmasta saatavilla lisätietoja, ohjauspaneelin
    Toimintokeskus-kohdasta. Prosessin tunnus: fd0 Alkamisaika: 01cfcb5fbeab201f Päättymisaika:
    45 Sovelluksen polku: C:\Program Files\Java\jre7\bin\javaw.exe Raportin tunnus: 26a02b98-3753-11e4-a679-5404a6ae5616


    Error - 8.9.2014 9:50:51 | Computer Name = JSeeve-PC | Source = NvStreamSvc | ID = 131073
    Description =

    Error - 8.9.2014 9:50:51 | Computer Name = JSeeve-PC | Source = NvStreamSvc | ID = 131073
    Description =

    Error - 8.9.2014 9:50:51 | Computer Name = JSeeve-PC | Source = NvStreamSvc | ID = 131073
    Description =

    [ System Events ]
    Error - 25.8.2014 8:00:17 | Computer Name = JSeeve-PC | Source = Service Control Manager | ID = 7000
    Description = Palvelua Mobile Partner. OUC ei voi käynnistää. Virhekoodi on %%1053

    Error - 26.8.2014 7:50:48 | Computer Name = JSeeve-PC | Source = Service Control Manager | ID = 7009
    Description = Aikakatkaisu (30000 millisekuntia) odotettaessa Mobile Partner. OUC-palvelun
    yhteyden muodostusta.

    Error - 26.8.2014 7:50:48 | Computer Name = JSeeve-PC | Source = Service Control Manager | ID = 7000
    Description = Palvelua Mobile Partner. OUC ei voi käynnistää. Virhekoodi on %%1053

    Error - 26.8.2014 10:18:39 | Computer Name = JSeeve-PC | Source = ipnathlp | ID = 31004
    Description =

    Error - 26.8.2014 14:11:35 | Computer Name = JSeeve-PC | Source = DCOM | ID = 10010
    Description =

    Error - 27.8.2014 5:42:04 | Computer Name = JSeeve-PC | Source = Service Control Manager | ID = 7009
    Description = Aikakatkaisu (30000 millisekuntia) odotettaessa Mobile Partner. OUC-palvelun
    yhteyden muodostusta.

    Error - 27.8.2014 5:42:04 | Computer Name = JSeeve-PC | Source = Service Control Manager | ID = 7000
    Description = Palvelua Mobile Partner. OUC ei voi käynnistää. Virhekoodi on %%1053

    Error - 27.8.2014 11:02:48 | Computer Name = JSeeve-PC | Source = Service Control Manager | ID = 7009
    Description = Aikakatkaisu (30000 millisekuntia) odotettaessa Mobile Partner. OUC-palvelun
    yhteyden muodostusta.

    Error - 27.8.2014 11:02:48 | Computer Name = JSeeve-PC | Source = Service Control Manager | ID = 7000
    Description = Palvelua Mobile Partner. OUC ei voi käynnistää. Virhekoodi on %%1053

    Error - 27.8.2014 11:03:54 | Computer Name = JSeeve-PC | Source = ipnathlp | ID = 31004
    Description =


    < End of report >

     
  4. Nanna_86

    Nanna_86 Active member

    Liittynyt:
    03.09.2014
    Viestejä:
    561
    Kiitokset:
    124
    Pisteet:
    53
    Avaa jälleen OTL.exe
    Kopioi ja Liitä alla oleva teksti, " Custom Scans/ Fixes tekstilaatikkoon ".
    Koodi:
    :processes
    killallprocesses
    
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
    IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O18:64bit: - Protocol\Handler\livecall - No CLSID value found
    O18:64bit: - Protocol\Handler\msnim - No CLSID value found
    O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
    O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O33 - MountPoints2\{01530efc-1662-11e4-a36d-92a095344ce9}\Shell - "" = AutoRun
    O33 - MountPoints2\{01530efc-1662-11e4-a36d-92a095344ce9}\Shell\AutoRun\command - "" = F:\AutoRun.exe
    O33 - MountPoints2\{01530eff-1662-11e4-a36d-92a095344ce9}\Shell - "" = AutoRun
    O33 - MountPoints2\{01530eff-1662-11e4-a36d-92a095344ce9}\Shell\AutoRun\command - "" = F:\AutoRun.exe
    O33 - MountPoints2\{df09154d-f614-11e3-8065-5404a6ae5616}\Shell - "" = AutoRun
    O33 - MountPoints2\{df09154d-f614-11e3-8065-5404a6ae5616}\Shell\AutoRun\command - "" = F:\AutoRun.exe
    O33 - MountPoints2\{e0f51a35-f5f9-11e3-bcc0-5404a6ae5616}\Shell - "" = AutoRun
    O33 - MountPoints2\{e0f51a35-f5f9-11e3-bcc0-5404a6ae5616}\Shell\AutoRun\command - "" = F:\AutoRun.exe
    O33 - MountPoints2\{e0f51a39-f5f9-11e3-bcc0-5404a6ae5616}\Shell - "" = AutoRun
    O33 - MountPoints2\{e0f51a39-f5f9-11e3-bcc0-5404a6ae5616}\Shell\AutoRun\command - "" = F:\AutoRun.exe
    O33 - MountPoints2\F\Shell - "" = AutoRun
    O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe
    
    C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    
    :Files
    ipconfig /flushdns /c
    
    
    :Commands
    [purity]
    [resethosts]
    [emptyjava]
    [EMPTYFLASH]
    [emptytemp]
    [Reboot]
    
    Sitten paina Run Fix.
    Jos OTL haluaa käynnistää tietokoneen uudelleen, anna sen tehdä niin.

    Löytyy polusta:
    c:\_OTL\MovedFiles

    Ja lähetä tulokset seuraavassa postissasi.
    ----------------------


    Lataa AdwCleaner tästä.
    • Sulje kaikki avoimet ohjelmat ja Internet-selain tarkistuksen ajaksi.
    • Tuplaklikkaa AdwCleaner.exe auki ja valitse " Scan ".
    • Kun tarkistus on valmis, Valitse " Clean ".
    • Tietokone käynnistyy automaattisesti ohjelman valmistuttua.
    Käynnistyessään, se avaa tekstitiedoston, jonka sisällön voit lähettää seuraavassa postissasi.


    ----------------------------


    Lataa Malwarebytes Anti-Malware tästä.
    • Käynnistä asennus tuplaklikkaamalla "mbam-setup.exe" ja seuraa ohjeita asentaaksesi ohjelma.
    • Kun asennus on valmis, käynnistä ohjelma ja päivitä tietokanta, painamalla "Päivitä nyt / Update now" Hallintapaneeli välilehdestä.
    • Aloita skannaus > "Tarkista nyt / Scan Now" painikeesta.
    • Kun tarkistus on valmis, ohjelma näyttää mahdollisesti saastuneita tiedostoja ja uhkia.
    • Valitse "Suorita Toiminnot " , Ohjelma poistaa havaitut tiedostot.
    • Useimmissa tapauksissa, MBAM pyytää sinua käynnistämään tietokoneen uudelleen.

    • Muistathan, tallentaa ja sulkea kaikki auki olevat tiedostot & ohjelmat ennen uudelleenkäynnistämistä.

    • Kun tietokone on uudelleenkäynnistetty, Avaa vielä Malwarebytes, mene sitten "Historia"-välilehteen.
    • Valitse Ohelmalokit ja sieltä Tarkistusloki joka juuri tehtiin.
    • Paina " Vie " Tallenna se tekstitiedostona(.txt) työpöydällesi.
    Lähetä loki seuraavassa postissasi.

    ----------------------------
     
    Viimeksi muokattu: 10.09.2014
    Hospitality kiitti tästä.

Jaa tämä sivu