Solved Farbar results

[Autumn456]

On computer restart it installs Surfvox homepage and search tool, these were the first alarming features that I noticed. It also blocks (as in closes then immediately) access to for example task manager and some cleaning programs such as CCleaner. There are no error messages or anything like that. %Appdata% command opens Roaming folder only to be closed as soon as it opens. Many other features are blocked too. Also browser tends to shut down upon typing certain words to the search. My antivirus did not find anything. These are some of the problems I have come across, which are overall very alarming. Suggestions on how to solve this are very welcome. Here are the results.

Thanks

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-05-2015
Ran by mari (administrator) on MARI-SUPER-PC on 10-05-2015 13:17:22
Running from C:\Users\mari\Desktop
Loaded Profiles: mari & (Available profiles: mari)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(F-Secure Corporation) C:\Program Files (x86)\Elisa Turvakeskus\fshoster32.exe
(F-Secure Corporation) C:\Program Files (x86)\Elisa Turvakeskus\apps\CCF_Reputation\fsorsp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(F-Secure Corporation) C:\Program Files (x86)\Elisa Turvakeskus\apps\ComputerSecurity\Anti-Virus\fsgk32.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\ProgramData\nvxasync\cvxasync.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Connect\BackService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(F-Secure Corporation) C:\Program Files (x86)\Elisa Turvakeskus\apps\ComputerSecurity\Common\FSMA32.EXE
(F-Secure Corporation) C:\Program Files (x86)\Elisa Turvakeskus\apps\ComputerSecurity\Common\FSHDLL64.EXE
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(F-Secure Corporation) C:\Program Files (x86)\Elisa Turvakeskus\apps\ComputerSecurity\Anti-Virus\fssm32.exe
() C:\Users\mari\AppData\Roaming\nvxasync\nvxasync.exe
(VIA Technologies, Inc.) C:\VIA_XHCI\usb3Monitor.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Actual Tools) C:\Program Files (x86)\Actual Multiple Monitors\ActualMultipleMonitorsCenter.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
() C:\Users\mari\AppData\Roaming\nvxasync\nvxasync.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Actual Tools) C:\Program Files (x86)\Actual Multiple Monitors\ActualMultipleMonitorsCenter64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(F-Secure Corporation) C:\Program Files (x86)\Elisa Turvakeskus\fshoster32.exe
(F-Secure Corporation) C:\Program Files (x86)\Elisa Turvakeskus\apps\ComputerSecurity\Common\FSM32.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Elisa Turvakeskus\apps\ComputerSecurity\Gadget\fsgadget.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(F-Secure Corporation) C:\Program Files (x86)\Elisa Turvakeskus\apps\ComputerSecurity\Spam Control\fsscoepl_x64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(NVIDIA Corporation) C:\Users\mari\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [VIAxHCUtl] => C:\VIA_XHCI\usb3Monitor.exe [331776 2011-07-12] (VIA Technologies, Inc.)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2673296 2015-03-28] (NVIDIA Corporation)
HKLM-x32\...\Run: [ZyngaGamesAgent] => C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe [841544 2010-11-15] (Splashtop Inc.)
HKLM-x32\...\Run: [STCAgent] => C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe [771968 2011-08-29] (Splashtop Inc.)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5028464 2012-01-12] (VIA)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-27] (Intel Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [F-Secure Hoster (28313)] => C:\Program Files (x86)\Elisa Turvakeskus\fshoster32.exe [167608 2012-11-21] (F-Secure Corporation)
HKLM-x32\...\Run: [F-Secure Manager] => C:\Program Files (x86)\Elisa Turvakeskus\apps\ComputerSecurity\Common\FSM32.EXE [310992 2012-07-03] (F-Secure Corporation)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [PowerDVD13Agent] => "C:\Program Files (x86)\CyberLink\PowerDVD13\PowerDVD13Agent.exe"
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-03-30] (LogMeIn Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKU\S-1-5-21-1694309862-3657083619-1565170917-1000\...\Run: [Actual Multiple Monitors] => C:\Program Files (x86)\Actual Multiple Monitors\ActualMultipleMonitorsCenter.exe [1629032 2012-07-12] (Actual Tools)
HKU\S-1-5-21-1694309862-3657083619-1565170917-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [369200 2009-10-30] (DT Soft Ltd)
HKU\S-1-5-21-1694309862-3657083619-1565170917-1000\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [2990304 2013-10-30] (Nota Inc.)
HKU\S-1-5-21-1694309862-3657083619-1565170917-1000\...\Run: [Guild Wars 2 Timers] => "C:\Users\mari\Desktop\GuildWars2Timers.exe"
HKU\S-1-5-21-1694309862-3657083619-1565170917-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31682144 2015-03-25] (Skype Technologies S.A.)
HKU\S-1-5-21-1694309862-3657083619-1565170917-1000\...\Run: [nvxasync] => C:\Users\mari\AppData\Roaming\nvxasync\nvxasync.exe [153822720 2015-05-09] ()
HKU\S-1-5-21-1694309862-3657083619-1565170917-1000\...\MountPoints2: {2c5465c1-857f-11e3-9f05-902b3430cc31} - F:\LG_PC_Programs.exe
HKU\S-1-5-21-1694309862-3657083619-1565170917-1000\...\Winlogon: [Shell] C:\ProgramData\nvxasync\cvxasync.exe [153822720 2015-05-09] () <==== ATTENTION
HKU\S-1-5-21-1694309862-3657083619-1565170917-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)
Startup: C:\Users\mari\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 -näyttöleikkeet ja Launcher.lnk [2014-12-13]
ShortcutTarget: OneNote 2007 -näyttöleikkeet ja Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
BootExecute: autocheck autochk /p \??\C:autocheck autochk *

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKU\S-1-5-21-1694309862-3657083619-1565170917-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.surfvox.com/
URLSearchHook: HKU\S-1-5-21-1694309862-3657083619-1565170917-1000 - Splashtop Connect SearchHook - {0F3DC9E0-C459-4a40-BCF8-747BD9322E10} - C:\Program Files (x86)\Splashtop\Splashtop Connect IE\AddressBarSearch.dll (Splashtop Inc.)
SearchScopes: HKU\S-1-5-21-1694309862-3657083619-1565170917-1000 -> DefaultScope {828B376B-F2F6-4778-928C-E29EC877535E} URL = http://www.google.com/cse?cx=partne...ref=#gsc.tab=0&gsc.q={searchTerms}&gsc.page=1
SearchScopes: HKU\S-1-5-21-1694309862-3657083619-1565170917-1000 -> {828B376B-F2F6-4778-928C-E29EC877535E} URL = http://www.google.com/cse?cx=partne...ref=#gsc.tab=0&gsc.q={searchTerms}&gsc.page=1
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Splashtop Connect VisualBookmark -> {0E5680D1-BF44-4929-94AF-FD30D784AD1D} -> C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STC.dll [2011-08-29] (Splashtop Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-05-01] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-01] (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 192.168.100.1

FireFox:
========
FF ProfilePath: C:\Users\mari\AppData\Roaming\Mozilla\Firefox\Profiles\2kuq6vl1.default
FF SelectedSearchEngine: SurfVox
FF Homepage: hxxp://www.surfvox.com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2013-04-08] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2011-12-01] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2011-12-01] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-01] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1694309862-3657083619-1565170917-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-05-04] ()
FF user.js: detected! => C:\Users\mari\AppData\Roaming\Mozilla\Firefox\Profiles\2kuq6vl1.default\user.js [2015-05-09]
FF SearchPlugin: C:\Users\mari\AppData\Roaming\Mozilla\Firefox\Profiles\2kuq6vl1.default\searchplugins\starter.xml [2015-05-09]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\bookplus-fi.xml [2015-05-09]
FF Extension: Ghostery - C:\Users\mari\AppData\Roaming\Mozilla\Firefox\Profiles\2kuq6vl1.default\Extensions\firefox@ghostery.com.xpi [2015-05-10]
FF Extension: YouTube Downloader - C:\Users\mari\AppData\Roaming\Mozilla\Firefox\Profiles\2kuq6vl1.default\Extensions\youtubedownloader@anoniamto.com.xpi [2014-05-22]
FF Extension: Adblock Plus - C:\Users\mari\AppData\Roaming\Mozilla\Firefox\Profiles\2kuq6vl1.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-05-10]
FF Extension: Greasemonkey - C:\Users\mari\AppData\Roaming\Mozilla\Firefox\Profiles\2kuq6vl1.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013-10-30]
FF HKLM-x32\...\Firefox\Extensions: [{91c612bf-2a7a-48b8-8c8c-6de28589b7a1}] - C:\Program Files (x86)\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a1}
FF Extension: Splashtop Connect Companion - C:\Program Files (x86)\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a1} [2013-01-22]
FF HKLM-x32\...\Firefox\Extensions: [{91c612bf-2a7a-48b8-8c8c-6de28589b7a0}] - C:\Program Files (x86)\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a0}
FF Extension: Splashtop Connect - C:\Program Files (x86)\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a0} [2013-01-22]
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [freegames4357@BestOffers] - C:\Users\mari\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers
FF Extension: Free Games (4357) - C:\Users\mari\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers [2013-10-30]
FF HKU\S-1-5-21-1694309862-3657083619-1565170917-1000\...\Firefox\Extensions: [freegames4357@BestOffers] - C:\Users\mari\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers

Chrome:
=======
CHR HomePage: Default -> hxxp://www.surfvox.com/
CHR StartupUrls: Default -> "hxxp://www.surfvox.com/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{googleageClassification}{google:searchVersion}{google:sessionToken}{googlerefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\mari\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (No Name) - C:\Users\mari\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-09]
CHR Extension: (No Name) - C:\Users\mari\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-09]
CHR Extension: (No Name) - C:\Users\mari\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-09]
CHR Extension: (Bookmark Manager) - C:\Users\mari\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-10]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\mari\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14]
CHR Extension: (Google Wallet) - C:\Users\mari\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-31]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 fshoster; C:\Program Files (x86)\Elisa Turvakeskus\fshoster32.exe [167608 2012-11-21] (F-Secure Corporation)
R3 FSMA; C:\Program Files (x86)\Elisa Turvakeskus\apps\ComputerSecurity\Common\FSMA32.EXE [212688 2012-07-03] (F-Secure Corporation)
R2 FSORSPClient; C:\Program Files (x86)\Elisa Turvakeskus\apps\CCF_Reputation\fsorsp.exe [60456 2015-03-09] (F-Secure Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-28] (NVIDIA Corporation)
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-03-30] (LogMeIn, Inc.)
R2 MSSQL$BWDATOOLSET; C:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-03-28] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-28] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910640 2015-03-05] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-10-31] ()
R2 SCBackService; C:\Program Files (x86)\Splashtop\Splashtop Connect\BackService.exe [477000 2010-11-15] (Splashtop Inc.)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2012-01-10] (VIA Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 DAUpdaterSvc; C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Andbus; C:\Windows\System32\DRIVERS\lgandbus64.sys [19456 2012-03-02] (LG Electronics Inc.)
S3 AndDiag; C:\Windows\System32\DRIVERS\lganddiag64.sys [27648 2012-03-02] (LG Electronics Inc.)
S3 AndGps; C:\Windows\System32\DRIVERS\lgandgps64.sys [27136 2012-03-02] (LG Electronics Inc.)
S3 ANDModem; C:\Windows\System32\DRIVERS\lgandmodem64.sys [34304 2012-03-02] (LG Electronics Inc.)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2013-04-18] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2013-06-28] (LG Electronics Inc.)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21616 2011-11-02] ()
R3 F-Secure Gatekeeper; C:\Program Files (x86)\Elisa Turvakeskus\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [208424 2015-02-24] (F-Secure Corporation)
R1 F-Secure HIPS; C:\Program Files (x86)\Elisa Turvakeskus\apps\ComputerSecurity\HIPS\drivers\fshs.sys [71080 2015-04-14] (F-Secure Corporation)
R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [56016 2013-04-11] ()
R0 fsbts; C:\Windows\SysWOW64\Drivers\fsbts.sys [42672 2013-02-28] ()
R3 fsni; C:\Program Files (x86)\Elisa Turvakeskus\apps\CCF_Scanning\bin\fsni64.sys [90152 2015-04-15] (F-Secure Corporation)
R1 fsvista; C:\Program Files (x86)\Elisa Turvakeskus\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [16920 2012-07-03] ()
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-09-05] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-28] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2013-03-11] () [File not signed]
R3 VUSB3HUB; C:\Windows\System32\DRIVERS\ViaHub3.sys [205312 2012-01-20] (VIA Technologies, Inc.)
R3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [254464 2012-01-20] (VIA Technologies, Inc.)
U3 al1tgair; C:\Windows\System32\Drivers\al1tgair.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero size file/folder)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S2 regi; \??\C:\Windows\system32\drivers\regi.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

 

[Autumn456]

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-10 13:15 - 2015-05-10 13:15 - 00000024 _____ () C:\Windows\C091A49B9BBFCDA9.log
2015-05-10 11:26 - 2015-05-10 13:17 - 00025846 _____ () C:\Users\mari\Desktop\FRST.txt
2015-05-10 11:21 - 2015-05-10 13:17 - 00000000 ____D () C:\FRST
2015-05-10 11:15 - 2015-05-10 09:43 - 02102784 _____ (Farbar) C:\Users\mari\Desktop\FRST64.exe
2015-05-10 09:43 - 2015-05-10 09:43 - 02102784 _____ (Farbar) C:\Users\mari\Downloads\FRST64.exe
2015-05-10 09:20 - 2015-05-10 09:20 - 00388608 _____ (Trend Micro Inc.) C:\Users\mari\Downloads\HijackThis.exe
2015-05-10 09:19 - 2015-05-10 09:21 - 16409960 _____ (Safer Networking Limited ) C:\Users\mari\Downloads\spybotsd162.exe
2015-05-10 09:18 - 2015-05-10 09:18 - 02057008 _____ () C:\Users\mari\Downloads\Adaware_Installer.exe
2015-05-10 09:18 - 2015-05-10 09:18 - 00532480 _____ (Trend Micro Incorporated) C:\Users\mari\Downloads\cwshredder.exe
2015-05-10 09:13 - 2015-05-10 09:13 - 00008740 _____ () C:\Users\mari\Desktop\UsbFix_Report.txt
2015-05-10 08:36 - 2015-05-10 09:21 - 00000000 ____D () C:\UsbFix
2015-05-10 08:36 - 2015-05-10 08:36 - 00001448 _____ () C:\Users\mari\Desktop\UsbFix.lnk
2015-05-10 08:35 - 2015-05-10 08:35 - 04319136 _____ (El Desaparecido - SosVirus.net - UsbFix.net) C:\Users\mari\Downloads\UsbFix_2015.exe
2015-05-10 08:18 - 2015-05-10 08:18 - 00684176 _____ (Opera Software) C:\Users\mari\Downloads\Opera_NI_stable.exe
2015-05-10 07:27 - 2015-05-10 07:27 - 00290304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\subinacl.exe
2015-05-10 07:27 - 2015-05-10 07:27 - 00000000 ____D () C:\Program Files\Adware-Removal-Tool
2015-05-10 07:25 - 2015-05-10 07:26 - 00753184 _____ () C:\Users\mari\Downloads\Adware-Removal-Tool-v3.9.1.exe
2015-05-09 20:36 - 2015-04-13 21:32 - 1134341545 _____ () C:\Users\mari\Desktop\Game.of.Thrones.S05E01.1080p.HDTV.x264-BATV.mkv
2015-05-09 19:47 - 2015-04-20 19:17 - 765051718 _____ () C:\Users\mari\Desktop\Game.Of.Thrones.S05E02.1080p.HDTV.x264-BATV.mkv
2015-05-09 19:16 - 2015-05-09 19:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-05-09 15:05 - 2015-05-09 15:05 - 00000000 _RSHD () C:\ProgramData\nvxasync
2015-05-09 15:04 - 2015-05-09 15:05 - 00000000 _RSHD () C:\Users\mari\AppData\Roaming\nvxasync
2015-05-09 15:04 - 2015-05-09 15:04 - 243361280 _____ () C:\Users\mari\AppData\Roaming\Launcher.rb4
2015-05-09 15:04 - 2015-05-09 15:04 - 00000000 ____D () C:\Users\mari\AppData\Roaming\chportu
2015-05-08 14:40 - 2015-05-10 12:08 - 00332388 _____ () C:\Users\mari\Downloads\MTS_Shimrod101_1488655_ShimrodAllBedsSameEnergyComfort_V2.zip
2015-05-07 09:28 - 2015-05-10 08:15 - 00000001 _____ () C:\Users\mari\AppData\Roaming\update.dat
2015-05-06 14:17 - 2015-05-06 14:17 - 00000000 ___HD () C:\Users\mari\Downloads\The.Picture.Of.Dorian.Gray.1945.720p.WEB-DL.H264-WEBiOS [PublicHD]
2015-05-06 11:57 - 2015-05-06 14:26 - 00000231 _____ () C:\Users\mari\Desktop\lainaukset.txt
2015-05-06 11:07 - 2015-05-06 11:07 - 00001333 _____ () C:\Users\Public\Desktop\Sims 4 by BuZeR.lnk
2015-05-06 11:07 - 2015-05-06 11:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sims 4
2015-05-06 08:18 - 2015-05-06 08:18 - 00000000 ___HD () C:\Users\mari\Downloads\The.Flash.2014.S01E21.Grodd.Lives.1080p.WEB-DL.DD5.1.H.264-YFN
2015-05-05 20:00 - 2015-05-05 20:44 - 00000000 ___HD () C:\Users\mari\Downloads\The_Importance_of_Being_Earnest_Criterion_R1
2015-05-04 12:53 - 2015-05-03 22:20 - 00258192 _____ () C:\Users\mari\Desktop\Captive Prince_ Volume Two - S.U. Pacat.epub
2015-05-04 12:52 - 2015-05-04 07:31 - 00197646 _____ () C:\Users\mari\Desktop\Captive Prince_ Volume One - S.U. Pacat.epub
2015-05-04 11:42 - 2015-05-04 11:42 - 00001198 _____ () C:\Users\mari\Documents\Uninstall Dragon Age 2.log
2015-05-04 11:40 - 2015-05-07 20:06 - 00000000 ____D () C:\Users\mari\Desktop\SIMS 4 BACKUP ennen uutta asennusta
2015-05-02 17:56 - 2015-05-02 17:56 - 00000000 ____D () C:\Users\mari\Desktop\yksin toinen ennen taloa (minecraft)
2015-05-02 11:28 - 2015-05-04 20:54 - 00000754 _____ () C:\Users\mari\Desktop\yksin toinen maailma minecraft.txt
2015-05-01 22:28 - 2015-05-01 22:29 - 00000000 ____D () C:\Users\mari\Desktop\Minecraft skin updater MC
2015-05-01 16:22 - 2015-05-04 09:51 - 00000000 ___HD () C:\Users\mari\Downloads\The.Flash.2014.S01E20.The.Trap.720p.WEB-DL.DD5.1.H.264-NTb[rarbg]
2015-04-30 20:16 - 2015-05-01 22:32 - 00000433 _____ () C:\Users\mari\Desktop\oskumaailma.txt
2015-04-23 07:44 - 2015-05-04 09:15 - 00000000 ___HD () C:\Users\mari\Downloads\The.Flash.2014.S01E19.Who.Is.Harrison.Wells.1080p.WEB-DL.DD5.1.H.264-NTb[rarbg]
2015-04-22 15:25 - 2015-05-04 09:53 - 00000000 ___HD () C:\Users\mari\Downloads\The.Flash.2014.S01E18.All.Star.Team.Up.1080p.WEB-DL.DD5.1.H.264-YFN
2015-04-17 09:03 - 2015-04-08 23:32 - 00560968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-04-17 09:01 - 2015-04-09 03:58 - 31570064 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-04-17 09:01 - 2015-04-09 03:58 - 30397072 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-04-17 09:01 - 2015-04-09 03:58 - 25375048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-04-17 09:01 - 2015-04-09 03:58 - 24053576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-04-17 09:01 - 2015-04-09 03:58 - 15716232 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-04-17 09:01 - 2015-04-09 03:58 - 14006752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-04-17 09:01 - 2015-04-09 03:58 - 12852784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-04-17 09:01 - 2015-04-09 03:58 - 11380728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-04-17 09:01 - 2015-04-09 03:58 - 10423952 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-04-17 09:01 - 2015-04-09 03:58 - 02896528 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-04-17 09:01 - 2015-04-09 03:58 - 02573456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-04-17 09:01 - 2015-04-09 03:58 - 01895568 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435012.dll
2015-04-17 09:01 - 2015-04-09 03:58 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435012.dll
2015-04-17 09:01 - 2015-04-09 03:58 - 01086424 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-04-17 09:01 - 2015-04-09 03:58 - 01047368 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-04-17 09:01 - 2015-04-09 03:58 - 01037640 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-04-17 09:01 - 2015-04-09 03:58 - 00970568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-04-17 09:01 - 2015-04-09 03:58 - 00962192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-04-17 09:01 - 2015-04-09 03:58 - 00927440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-04-17 09:01 - 2015-04-09 03:58 - 00499344 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-04-17 09:01 - 2015-04-09 03:58 - 00402576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-04-17 09:01 - 2015-04-09 03:58 - 00390472 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-04-17 09:01 - 2015-04-09 03:58 - 00346256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-04-17 09:01 - 2015-04-09 03:58 - 00195728 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-04-17 09:01 - 2015-04-09 03:58 - 00175880 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-04-17 09:01 - 2015-04-09 03:58 - 00154256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-04-17 09:01 - 2015-04-09 03:58 - 00150648 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-04-17 09:01 - 2015-04-09 03:58 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-04-17 09:01 - 2015-04-09 03:58 - 00030536 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-04-15 13:07 - 2015-04-15 13:07 - 18178736 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-04-15 07:23 - 2015-03-25 06:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-15 07:23 - 2015-03-25 06:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-15 07:23 - 2015-03-25 06:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-15 07:23 - 2015-03-25 06:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-15 07:23 - 2015-03-25 06:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-15 07:23 - 2015-03-25 06:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-15 07:23 - 2015-03-25 06:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-15 07:23 - 2015-03-25 06:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-15 07:23 - 2015-03-25 06:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-15 07:23 - 2015-03-25 06:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-15 07:23 - 2015-03-25 06:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 07:23 - 2015-03-25 06:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-15 07:23 - 2015-03-25 06:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-15 07:23 - 2015-03-25 06:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-15 07:23 - 2015-03-25 06:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-15 07:23 - 2015-03-25 06:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-15 07:22 - 2015-03-23 06:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-15 07:22 - 2015-03-23 06:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-15 07:22 - 2015-03-23 06:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-15 07:22 - 2015-03-23 06:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-15 07:22 - 2015-03-23 06:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-15 07:22 - 2015-03-23 06:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-15 07:22 - 2015-03-23 06:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-15 07:22 - 2015-03-23 06:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-15 07:22 - 2015-03-10 06:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-15 07:22 - 2015-03-10 06:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-15 07:22 - 2015-03-10 06:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-15 07:22 - 2015-03-10 06:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-04-15 07:22 - 2015-03-05 08:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-15 07:22 - 2015-03-05 07:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-15 07:20 - 2015-03-17 08:22 - 05557696 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-15 07:20 - 2015-03-17 08:22 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-15 07:20 - 2015-03-17 08:22 - 00095672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-15 07:20 - 2015-03-17 08:19 - 01727904 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-15 07:20 - 2015-03-17 08:17 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-04-15 07:20 - 2015-03-17 08:17 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-15 07:20 - 2015-03-17 08:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-15 07:20 - 2015-03-17 08:16 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-15 07:20 - 2015-03-17 08:16 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-04-15 07:20 - 2015-03-17 08:16 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-15 07:20 - 2015-03-17 08:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-15 07:20 - 2015-03-17 08:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-15 07:20 - 2015-03-17 08:16 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-15 07:20 - 2015-03-17 08:16 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-15 07:20 - 2015-03-17 08:16 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-15 07:20 - 2015-03-17 08:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-15 07:20 - 2015-03-17 08:16 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-04-15 07:20 - 2015-03-17 08:16 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-15 07:20 - 2015-03-17 08:16 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-15 07:20 - 2015-03-17 08:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-15 07:20 - 2015-03-17 08:16 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-15 07:20 - 2015-03-17 08:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-15 07:20 - 2015-03-17 08:16 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-15 07:20 - 2015-03-17 08:16 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-15 07:20 - 2015-03-17 08:16 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-15 07:20 - 2015-03-17 08:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-15 07:20 - 2015-03-17 08:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-15 07:20 - 2015-03-17 08:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-04-15 07:20 - 2015-03-17 08:15 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-15 07:20 - 2015-03-17 08:15 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-15 07:20 - 2015-03-17 08:13 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-15 07:20 - 2015-03-17 08:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-15 07:20 - 2015-03-17 08:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-15 07:20 - 2015-03-17 08:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-15 07:20 - 2015-03-17 08:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-15 07:20 - 2015-03-17 08:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-15 07:20 - 2015-03-17 08:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 07:20 - 2015-03-17 08:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 07:20 - 2015-03-17 08:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 07:20 - 2015-03-17 08:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 07:20 - 2015-03-17 08:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 07:20 - 2015-03-17 08:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 07:20 - 2015-03-17 08:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 07:20 - 2015-03-17 08:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 07:20 - 2015-03-17 08:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 07:20 - 2015-03-17 08:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 07:20 - 2015-03-17 08:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 07:20 - 2015-03-17 08:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 07:20 - 2015-03-17 08:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 07:20 - 2015-03-17 08:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 07:20 - 2015-03-17 08:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-15 07:20 - 2015-03-17 08:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-15 07:20 - 2015-03-17 08:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 07:20 - 2015-03-17 08:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-15 07:20 - 2015-03-17 08:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 07:20 - 2015-03-17 08:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 07:20 - 2015-03-17 08:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 07:20 - 2015-03-17 08:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 07:20 - 2015-03-17 08:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 07:20 - 2015-03-17 08:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 07:20 - 2015-03-17 08:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 07:20 - 2015-03-17 08:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-15 07:20 - 2015-03-17 08:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-04-15 07:20 - 2015-03-17 08:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-04-15 07:20 - 2015-03-17 07:59 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-15 07:20 - 2015-03-17 07:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-04-15 07:20 - 2015-03-17 07:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-04-15 07:20 - 2015-03-17 07:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-04-15 07:20 - 2015-03-17 07:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-04-15 07:20 - 2015-03-17 07:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-04-15 07:20 - 2015-03-17 07:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-04-15 07:20 - 2015-03-17 07:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-04-15 07:20 - 2015-03-17 07:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-04-15 07:20 - 2015-03-17 07:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-15 07:20 - 2015-03-17 07:56 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-04-15 07:20 - 2015-03-17 07:56 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-04-15 07:20 - 2015-03-17 07:56 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-04-15 07:20 - 2015-03-17 07:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-04-15 07:20 - 2015-03-17 07:56 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-15 07:20 - 2015-03-17 07:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-04-15 07:20 - 2015-03-17 07:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-15 07:20 - 2015-03-17 07:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-04-15 07:20 - 2015-03-17 07:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-04-15 07:20 - 2015-03-17 07:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-04-15 07:20 - 2015-03-17 07:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-04-15 07:20 - 2015-03-17 07:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-15 07:20 - 2015-03-17 07:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 07:20 - 2015-03-17 07:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 07:20 - 2015-03-17 07:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 07:20 - 2015-03-17 07:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 07:20 - 2015-03-17 07:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 07:20 - 2015-03-17 07:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 07:20 - 2015-03-17 07:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 07:20 - 2015-03-17 07:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 07:20 - 2015-03-17 07:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 07:20 - 2015-03-17 07:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 07:20 - 2015-03-17 07:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 07:20 - 2015-03-17 07:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 07:20 - 2015-03-17 07:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-15 07:20 - 2015-03-17 07:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 07:20 - 2015-03-17 07:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 07:20 - 2015-03-17 07:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-15 07:20 - 2015-03-17 07:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 07:20 - 2015-03-17 07:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 07:20 - 2015-03-17 07:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 07:20 - 2015-03-17 07:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 07:20 - 2015-03-17 07:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 07:20 - 2015-03-17 07:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 07:20 - 2015-03-17 07:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-15 07:20 - 2015-03-17 06:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-15 07:20 - 2015-03-17 06:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-15 07:20 - 2015-03-17 06:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-15 07:20 - 2015-03-17 06:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 07:20 - 2015-03-17 06:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 07:20 - 2015-03-17 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-15 07:18 - 2015-02-25 06:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-15 07:17 - 2015-04-02 02:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-04-15 07:17 - 2015-03-13 07:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-15 07:17 - 2015-03-13 07:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-15 07:17 - 2015-03-13 06:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-15 07:17 - 2015-03-13 06:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-15 07:17 - 2015-03-13 06:32 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 07:17 - 2015-03-13 06:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-04-15 07:17 - 2015-03-13 06:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-04-15 07:17 - 2015-03-13 06:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-04-15 07:17 - 2015-03-13 06:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-15 07:17 - 2015-03-13 06:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-04-15 07:17 - 2015-03-13 05:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-15 07:17 - 2015-03-13 05:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-15 07:17 - 2015-03-13 05:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-15 07:17 - 2015-03-13 05:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-15 07:16 - 2015-04-02 03:17 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-15 07:16 - 2015-03-13 07:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-15 07:16 - 2015-03-13 07:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-15 07:16 - 2015-03-13 07:09 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-15 07:16 - 2015-03-13 07:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-15 07:16 - 2015-03-13 07:08 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-15 07:16 - 2015-03-13 07:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-15 07:16 - 2015-03-13 07:06 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-15 07:16 - 2015-03-13 07:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-15 07:16 - 2015-03-13 06:55 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-15 07:16 - 2015-03-13 06:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-15 07:16 - 2015-03-13 06:53 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-15 07:16 - 2015-03-13 06:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-15 07:16 - 2015-03-13 06:44 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-15 07:16 - 2015-03-13 06:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-15 07:16 - 2015-03-13 06:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-04-15 07:16 - 2015-03-13 06:40 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-15 07:16 - 2015-03-13 06:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-15 07:16 - 2015-03-13 06:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-04-15 07:16 - 2015-03-13 06:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-04-15 07:16 - 2015-03-13 06:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-15 07:16 - 2015-03-13 06:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-15 07:16 - 2015-03-13 06:23 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-15 07:16 - 2015-03-13 06:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-15 07:16 - 2015-03-13 06:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-04-15 07:16 - 2015-03-13 06:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-04-15 07:16 - 2015-03-13 06:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-04-15 07:16 - 2015-03-13 06:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-04-15 07:16 - 2015-03-13 06:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-15 07:16 - 2015-03-13 06:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-15 07:16 - 2015-03-13 06:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-15 07:16 - 2015-03-13 06:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-15 07:16 - 2015-03-13 06:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-15 07:16 - 2015-03-13 05:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-04-15 07:16 - 2015-03-13 05:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-15 07:16 - 2015-03-13 05:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-15 07:16 - 2015-03-13 05:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-15 07:16 - 2015-03-13 05:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-04-15 07:16 - 2015-03-13 05:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-15 07:16 - 2015-03-13 05:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-15 07:16 - 2015-03-13 05:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-15 07:16 - 2015-03-13 05:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-15 07:16 - 2015-03-13 05:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-15 07:16 - 2015-03-04 07:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-15 07:16 - 2015-03-04 07:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-15 07:16 - 2015-03-04 07:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-12 18:44 - 2015-04-12 18:44 - 00000000 ____D () C:\Users\mari\Desktop\New folder

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-10 13:07 - 2014-02-11 10:02 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-10 12:56 - 2013-01-24 16:29 - 00001008 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-10 12:41 - 2013-01-22 18:28 - 00003942 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{4AB0C76A-5A39-454F-942D-9FF3FC607F9D}
2015-05-10 11:13 - 2013-01-24 17:00 - 00000000 ____D () C:\Users\mari\AppData\Roaming\Skype
2015-05-10 09:46 - 2009-07-14 07:45 - 00029120 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-10 09:46 - 2009-07-14 07:45 - 00029120 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-10 09:41 - 2013-01-22 18:12 - 01549932 _____ () C:\Windows\WindowsUpdate.log
2015-05-10 09:39 - 2014-04-07 14:32 - 00000040 ___SH () C:\ProgramData\.zreglib
2015-05-10 09:39 - 2014-02-25 18:18 - 00000000 ____D () C:\Users\mari\AppData\Local\LogMeIn Hamachi
2015-05-10 09:38 - 2014-11-12 08:55 - 00033153 _____ () C:\Windows\setupact.log
2015-05-10 09:38 - 2013-01-24 16:29 - 00001004 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-10 09:38 - 2013-01-22 18:43 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-10 09:38 - 2009-07-14 08:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-10 08:48 - 2014-12-30 09:06 - 00010294 _____ () C:\Windows\PFRO.log
2015-05-10 08:48 - 2013-10-30 19:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-10 08:24 - 2013-01-25 15:00 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
2015-05-09 22:09 - 2013-01-24 17:29 - 00000000 ____D () C:\Users\mari\AppData\Roaming\BitTorrent
2015-05-09 20:40 - 2013-01-24 17:31 - 00000000 ____D () C:\Users\mari\AppData\Roaming\vlc
2015-05-07 09:28 - 2013-01-25 18:36 - 00000000 ____D () C:\Users\mari\Documents\Electronic Arts
2015-05-07 07:30 - 2013-02-24 11:28 - 00000000 ____D () C:\Users\mari\Documents\Calibre Library
2015-05-06 11:10 - 2014-11-26 19:52 - 00035910 _____ () C:\Windows\DirectX.log
2015-05-05 22:04 - 2013-02-22 18:08 - 00000000 ____D () C:\Users\mari\AppData\Roaming\dvdcss
2015-05-04 12:00 - 2013-01-25 18:39 - 00000000 ____D () C:\ProgramData\Origin
2015-05-04 11:44 - 2013-02-10 21:24 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2015-05-04 11:44 - 2009-07-14 08:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-05-04 09:52 - 2015-04-01 15:41 - 00000000 ___HD () C:\Users\mari\Downloads\The.Flash.2014.S01E17.Tricksters.1080p.WEB-DL.DD5.1.H.264-NTb[rarbg]
2015-05-04 09:51 - 2015-03-25 20:06 - 00000000 ___HD () C:\Users\mari\Downloads\The.Flash.2014.S01E16.Rogue.Time.1080p.WEB-DL.DD5.1.H.264-NTb[rarbg]
2015-05-04 09:51 - 2015-03-19 16:11 - 00000000 ___HD () C:\Users\mari\Downloads\The.Flash.2014.S01E15.Out.of.Time.1080p.WEB-DL.DD5.1.H.264-NTb[rarbg]
2015-05-04 07:54 - 2014-11-09 10:01 - 00000930 _____ () C:\Users\Public\Desktop\calibre 64bit - E-book management.lnk
2015-05-04 07:54 - 2013-02-24 11:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2015-05-04 07:54 - 2013-02-24 11:27 - 00000000 ____D () C:\Program Files\Calibre2
2015-05-04 07:31 - 2013-02-24 11:28 - 00000000 ____D () C:\Users\mari\AppData\Roaming\calibre
2015-05-04 07:25 - 2014-08-22 11:48 - 00001070 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2015-05-01 22:10 - 2014-10-22 07:28 - 00000000 ____D () C:\Program Files (x86)\Java
2015-05-01 22:10 - 2013-10-23 06:55 - 00000000 ____D () C:\ProgramData\Oracle
2015-05-01 22:09 - 2014-10-22 07:28 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-04-26 08:58 - 2013-09-18 07:14 - 00000000 ____D () C:\Users\mari\AppData\Roaming\Guild Wars 2
2015-04-24 22:13 - 2013-01-24 16:54 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-04-17 14:56 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\rescache
2015-04-17 14:55 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\AppCompat
2015-04-17 09:03 - 2013-11-20 09:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-04-17 09:03 - 2013-09-28 16:01 - 00000000 ____D () C:\temp
2015-04-17 09:02 - 2013-01-22 18:42 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-04-17 08:57 - 2013-11-20 10:02 - 00001381 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2015-04-17 06:55 - 2013-01-24 17:00 - 00000000 ____D () C:\ProgramData\Skype
2015-04-16 06:38 - 2014-12-11 08:54 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-16 06:38 - 2014-05-06 21:39 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-16 06:38 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-04-15 22:37 - 2013-05-12 09:41 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-15 22:36 - 2013-01-26 14:50 - 00833474 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-04-15 22:36 - 2009-07-14 08:13 - 00833474 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-15 22:35 - 2013-07-22 21:06 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-15 22:31 - 2013-03-12 23:05 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-15 13:07 - 2014-02-11 10:02 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-15 13:07 - 2014-02-11 10:02 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-15 13:07 - 2014-02-11 10:02 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-15 11:35 - 2015-02-08 14:00 - 00000000 ____D () C:\Users\mari\AppData\Roaming\TS3Client

==================== Files in the root of some directories =======

2015-05-09 15:04 - 2015-05-09 15:04 - 243361280 _____ () C:\Users\mari\AppData\Roaming\Launcher.rb4
2015-05-07 09:28 - 2015-05-10 08:15 - 0000001 _____ () C:\Users\mari\AppData\Roaming\update.dat
2014-04-07 14:32 - 2015-05-10 09:39 - 0000040 ___SH () C:\ProgramData\.zreglib

Some content of TEMP:
====================
C:\Users\mari\AppData\Local\Temp\ammemb.dll
C:\Users\mari\AppData\Local\Temp\ammemb64.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-05 19:10

==================== End Of Log ============================

 

[Autumn456]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-05-2015
Ran by mari at 2015-05-10 13:17:37
Running from C:\Users\mari\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1694309862-3657083619-1565170917-500 - Administrator - Disabled)
Guest (S-1-5-21-1694309862-3657083619-1565170917-501 - Limited - Disabled)
mari (S-1-5-21-1694309862-3657083619-1565170917-1000 - Administrator - Enabled) => C:\Users\mari

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Tietoturva (Enabled - Up to date) {15414183-282E-D62C-CA37-EF24860A2F17}
AS: Tietoturva (Enabled - Up to date) {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

@Bios (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.23 - GIGABYTE)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Actual Multiple Monitors 4.1 (HKLM-x32\...\Actual Multiple Monitors_is1) (Version: 4.1 - Actual Tools)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Amazon Kindle (HKU\S-1-5-21-1694309862-3657083619-1565170917-1000\...\Amazon Kindle) (Version: - Amazon)
Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Applen ohjelmatuki (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Assassin's Creed(R) III v1.03 (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.03 - Ubisoft)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.4.4 - Atheros Communications Inc.)
Audacity 2.0.4 (HKLM-x32\...\Audacity_is1) (Version: 2.0.4 - Audacity Team)
AutoGreen B12.0206.1 (HKLM-x32\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE)
AutoGreen B12.0206.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Awesomenauts (HKLM-x32\...\Steam App 204300) (Version: - )
Barbarian Invasion (HKLM-x32\...\{FD69C8CB-6964-432C-98AB-A5A09ED50EEA}) (Version: 1.4 - )
Batman: Arkham City™ GOTY (HKLM-x32\...\GFWL_{57520FA0-DF38-46A1-8046-3B1000008500}) (Version: 1.0.0000.133 - WB Games)
Batman: Arkham City™ GOTY (x32 Version: 1.0.0000.133 - WB Games) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Beyond Good & Evil (HKLM-x32\...\Steam App 15130) (Version: - Ubisoft)
BitTorrent (HKU\S-1-5-21-1694309862-3657083619-1565170917-1000\...\BitTorrent) (Version: 7.9.3.40101 - BitTorrent Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
calibre 64bit (HKLM\...\{2E2F6591-1465-4C64-8F50-E75F4AAB0ED8}) (Version: 2.27.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
CDisplayEx 1.8 (HKLM-x32\...\CDisplayEx_is1) (Version: - Henri Gourvest.)
Computer Security 12.62.109.0 (release) (x32 Version: 12.62.109.0 - F-Secure Corporation) Hidden
Corel WinDVD Pro 11 (HKLM-x32\...\_{EF13E6B7-86D2-4E2C-82FB-375654407D4F}) (Version: 11.5.1.3 - Corel Inc.)
CrystalDiskInfo 6.1.1 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.1.1 - Crystal Dew World)
DmC Devil May Cry (HKLM-x32\...\Steam App 220440) (Version: - Ninja Theory)
Dragon Age II (HKLM-x32\...\{F2E23139-3404-4E3C-9855-7724415D62A5}) (Version: 1.04 - Electronic Arts, Inc.)
Dragon Age Redesigned© (HKU\S-1-5-21-1694309862-3657083619-1565170917-1000\...\Dragon Age Redesigned©) (Version: - )
Dragon Age Toolset (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.01 - Electronic Arts, Inc.)
Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.6 - Electronic Arts)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Easy Tune 6 B12.0309.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B12.0309.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Elisa Turvakeskus (HKLM-x32\...\F-Secure ServiceEnabler 28313) (Version: 1.62.373.0 - F-Secure Corporation)
Elisa Turvakeskus (x32 Version: 1.62.373.0 - F-Secure Corporation) Hidden
eViihde (HKU\S-1-5-21-1694309862-3657083619-1565170917-1000\...\a806c360bbc9222a) (Version: 0.4.3.1 - eViihde.com)
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version: - Obsidian Entertainment)
Far Cry 3 (HKLM-x32\...\Uplay Install 46) (Version: - Ubisoft)
FarCry 4 (HKLM-x32\...\Uplay Install 420) (Version: - Ubisoft)
FLY'N (HKLM-x32\...\Steam App 223730) (Version: - Ankama)
Fraps (HKLM-x32\...\Fraps) (Version: - )
F-Secure CCF Reputation (x32 Version: 1.0.25.1756 - F-Secure) Hidden
F-Secure CCF Scanning 1.51.111.300 (release) (x32 Version: 1.51.111.300 - F-Secure Corporation) Hidden
F-Secure Network CCF 1.02.115 (x32 Version: 1.02.115 - F-Secure Corporation) Hidden
Glyph (HKLM-x32\...\Glyph) (Version: - Trion Worlds, Inc.)
GOG.com Downloader version 3.6.0 (HKLM-x32\...\{456A5815-604D-4D72-94DF-346D2B978A59}_is1) (Version: 3.6.0 - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
GS Auto Clicker (HKLM-x32\...\GS Auto Clicker_is1) (Version: V3.1.3 - goldensoft.org)
Guild Wars (HKU\S-1-5-21-1694309862-3657083619-1565170917-1000\...\Guild Wars) (Version: - )
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
Gyazo 2.0.2 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.)
Heroes of Might and Magic® III (HKLM-x32\...\Heroes of Might and Magic® III) (Version: - )
Hotline Miami (HKLM-x32\...\Steam App 219150) (Version: - )
ICA (x32 Version: 11.5.1.3 - Corel Inc.) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{6199B534-A1B6-46ED-873B-97B0ECF8F81E}) (Version: 1.23.216.0 - Intel Corporation)
IPM (x32 Version: 11.5 - Corel Inc.) Hidden
iTunes (HKLM\...\{76FF0F03-B707-4332-B5D1-A56C8303514E}) (Version: 11.0.4.4 - Apple Inc.)
Jade Empire Special Edition (HKLM-x32\...\GOGPACKJADEEMPIRE_is1) (Version: 2.0.0.4 - GOG.com)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
LG PC Suite (HKLM-x32\...\LG PC Suite) (Version: 5.3.10.20131107 - LG Electronics)
LG United Mobile Drivers (HKLM-x32\...\{55031CEF-CE75-4A5C-8DEA-60577820529B}) (Version: 3.10.1.0 - LG Electronics)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.328 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.328 - LogMeIn, Inc.) Hidden
Mark of the Ninja (HKLM-x32\...\Steam App 214560) (Version: - Klei Entertainment)
marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.2.0.1010 - Marvell)
Mass Effect (HKLM-x32\...\{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}) (Version: 1.00 - Electronic Arts, Inc.)
Mass Effect™ 2 (HKLM-x32\...\{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}) (Version: 1.2.1604.0 - Electronic Arts)
Mass Effect™ 3 (HKLM-x32\...\{534A31BD-20F4-46b0-85CE-09778379663C}) (Version: 1.05.0.0 - Electronic Arts)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{B636C9B9-A3F2-4DCE-ADCC-72E095018385}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 37.0.2 (x86 fi) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 fi)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.52.1 - Black Tree Gaming)
NVIDIA 3D Vision Controller Driver 349.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 349.95 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 350.12 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.1.21 - NVIDIA Corporation)
NVIDIA Graphics Driver 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 350.12 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation)
Octodad (HKLM-x32\...\Octodad) (Version: - )
Ohjelman Microsoft Office Excel 2007 Help päivitys (KB963678) (HKLM-x32\...\{90120000-0016-040B-0000-0000000FF1CE}_HOMESTUDENTR_{2C35886E-A67C-494A-8E1C-C6B4E415BBDD}) (Version: - Microsoft)
Ohjelman Microsoft Office Powerpoint 2007 Help päivitys (KB963669) (HKLM-x32\...\{90120000-0018-040B-0000-0000000FF1CE}_HOMESTUDENTR_{BD88D384-046E-4E6F-A48B-BC3757C01BA5}) (Version: - Microsoft)
Ohjelman Microsoft Office Word 2007 Help päivitys (KB963665) (HKLM-x32\...\{90120000-001B-040B-0000-0000000FF1CE}_HOMESTUDENTR_{3D728445-D30E-4E78-BCC6-722FE68CB22B}) (Version: - Microsoft)
ON_OFF Charge B11.1102.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
Online Safety 2.63.189.48 (x32 Version: 2.63.189.48 - F-Secure Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 9.1.12.73 - Electronic Arts, Inc.)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
Poker Night at the Inventory (HKLM-x32\...\Steam App 31280) (Version: - Telltale Games)
PowerISO (HKLM-x32\...\PowerISO) (Version: 5.5 - Power Software Ltd)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Rome - Total War - Alexander (HKLM-x32\...\{6C1804BC-094F-431A-BEA5-37A837958029}) (Version: 1.9 - The Creative Assembly)
Rome - Total War (HKLM-x32\...\{2E97F7E8-ABDE-4E0D-B0AD-B6B4BAD89E24}) (Version: 1.5 - The Creative Assembly)
Setup (x32 Version: 11.5.1.3 - Corel Inc.) Hidden
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
SimCity 4 Deluxe (HKLM-x32\...\Steam App 24780) (Version: - Maxis)
Sims 4 by BuZeR version final (HKLM-x32\...\{ED118F10-E516-4245-160F-6213F508F71F}_is1) (Version: final - )
Sims2Pack Clean Installer (HKLM-x32\...\Sims2Pack Clean Installer) (Version: - )
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
Splashtop Connect for Firefox (HKLM-x32\...\{EF25F71D-F3E8-42A3-8B5A-DBF83C4B942F}) (Version: 2.0.5.2 - Splashtop Inc.)
Splashtop Connect for IE (HKLM-x32\...\{E2B086BD-75A9-45D1-A675-151624B259A1}) (Version: 2.0.5.1 - Splashtop Inc.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Sims 2: Ultimate Collection (HKLM-x32\...\{04450C18-F039-4B81-A621-70C3B0F523D5}) (Version: 1.0.0.0 - Electronic Arts)
The Sims Complete Collection (HKLM-x32\...\{F2527115-B8BF-4FDB-B5DA-5AADFB7C13E1}) (Version: - )
The Sims File Cop (HKLM-x32\...\{D6D4828F-A5B2-11D4-8F73-0050DA0F6297}) (Version: - )
The Sims Medieval (HKLM-x32\...\{83BEEFB4-8C28-4F4F-8A9D-E0D1ADCE335B}) (Version: 2.0.113 - Electronic Arts)
The Sims Medieval Pirates and Nobles (HKLM-x32\...\{0CC21836-A5D6-4641-B4AE-6FA01D021E41}) (Version: 2.0.109 - Electronic Arts)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)
The Sims™ 3 70-, 80- ja 90-luku Kamasetti (HKLM-x32\...\{E1868CAE-E3B9-4099-8C18-AA8944D336FD}) (Version: 17.0.77 - Electronic Arts)
The Sims™ 3 Baana auki Kamasetti (HKLM-x32\...\{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}) (Version: 5.0.44 - Electronic Arts)
The Sims™ 3 Diesel Kamasetti (HKLM-x32\...\{1C9B6173-6DC9-4EEE-9EFC-6BA115CFBE43}) (Version: 14.0.48 - Electronic Arts)
The Sims™ 3 Iltahuvit (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)
The Sims™ 3 Keskustan kuhinaa Kamasetti (HKLM-x32\...\{7B11296A-F894-449C-8DF6-6AAAA7D4D118}) (Version: 9.0.73 - Electronic Arts)
The Sims™ 3 Leffa Kamasetti (HKLM-x32\...\{D0087539-3C57-44E0-BEE7-D779D546CBE1}) (Version: 20.0.53 - Electronic Arts)
The Sims™ 3 Lemmikit (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
The Sims™ 3 Luksuslukaali Kamasetti (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
The Sims™ 3 Maailmanmatkaaja (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)
The Sims™ 3 Makkari & Kylppäri Kamasetti (HKLM-x32\...\{08A25478-C5DD-4EA7-B168-3D687CA987FF}) (Version: 11.0.84 - Electronic Arts)
The Sims™ 3 Paratiisisaari (HKLM-x32\...\{DB21639E-FE55-432C-BCA2-0C5249E3F79E}) (Version: 19.0.101 - Electronic Arts)
The Sims™ 3 Pihaparatiisi Kamasetti (HKLM-x32\...\{117B6BF6-82C3-420C-B284-9247C8568E53}) (Version: 7.0.55 - Electronic Arts)
The Sims™ 3 Supernatural (HKLM-x32\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts)
The Sims™ 3 Superstara (HKLM-x32\...\{3BBFD444-5FAB-49F6-98B1-A1954E831399}) (Version: 12.0.273 - Electronic Arts)
The Sims™ 3 Tulevaisuuteen (HKLM-x32\...\{A0BBD6C7-B546-4048-B33A-F21F5C9F5B09}) (Version: 21.0.150 - Electronic Arts)
The Sims™ 3 Täyttä Elämää (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
The Sims™ 3 Unelmaduuni (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts)
The Sims™ 3 Vuodenajat (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
The Sims™ 3 Yliopistoelämää (HKLM-x32\...\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 - Electronic Arts)
To the Moon (HKLM-x32\...\Steam App 206440) (Version: - Freebird Games)
Torchlight II (HKLM-x32\...\Steam App 200710) (Version: - )
Total War: ROME II (HKLM-x32\...\Steam App 214950) (Version: - Creative Assembly)
Trine 2 (HKLM-x32\...\Steam App 35720) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 4.0 - Ubisoft)
UsbFix (HKLM-x32\...\Usbfix) (Version: 7.933 - El Desaparecido - www.usbfix.net - www.sosvirus.net)
VIA Ohjelmistoalustan laitehallinta (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinDVD (x32 Version: 11.5.1.3 - Corel Inc.) Hidden
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Viva Piñata (HKLM-x32\...\InstallShield_{343EFA17-5BC5-44DA-924F-539ECBEFF68C}) (Version: 1.00.0000 - Microsoft Game Studios)
Viva Pinata (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
World of Goo (HKLM-x32\...\Steam App 22000) (Version: - 2D Boy)
YTD Video Downloader 4.8.3 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.8.3 - GreenTree Applications SRL) <==== ATTENTION
Zoo Tycoon 2 - Extinct Animals (HKLM-x32\...\InstallShield_{15292416-A464-4FBA-BB96-7298EAACFC07}) (Version: 1.00.0000 - Microsoft Game Studios)
Zoo Tycoon 2 - Extinct Animals (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Zoo Tycoon Expanded (HKLM-x32\...\Zoo Tycoon 1.0) (Version: - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points =========================

07-05-2015 22:09:42 Windows Update
10-05-2015 07:35:04 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
10-05-2015 07:39:53 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
10-05-2015 07:44:27 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
10-05-2015 07:55:59 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
10-05-2015 07:57:22 Removed Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
10-05-2015 07:57:48 Removed Microsoft Visual C++ 2005 Redistributable (x64)
10-05-2015 07:58:49 Removed Microsoft Visual C++ 2005 Redistributable (x64)

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {01A96789-DA75-4CBD-868C-698BDED10D32} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-24] (Google Inc.)
Task: {09AA197F-6D85-4505-8B96-AFDB2572A03F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated)
Task: {0C1B3719-4C4F-4DA2-8D9E-3C24BF52F979} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-24] (Google Inc.)
Task: {15462D56-5A49-49AD-974B-0DB5B57F504E} - System32\Tasks\{E3882483-4561-4197-9DCC-61C4931ED5CB} => C:\Users\mari\Downloads\Lego\LEGORacers.exe
Task: {31BEBFF0-3E04-45BC-BCED-E884630E4FF8} - System32\Tasks\{AED2652E-AB64-4387-BE0C-F4FCD4346D37} => pcalua.exe -a "C:\Users\mari\Desktop\New folder\autorun.exe" -d "C:\Users\mari\Desktop\New folder"
Task: {3F786600-AB9E-4EB0-B5FD-819B12C727D6} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {54E8817C-B6E2-4CB0-93C7-22467868B180} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {54F660CE-949E-4F17-A954-06871A2DD900} - System32\Tasks\{8CCEB705-00F9-4E24-BA9A-E39772E3CB34} => pcalua.exe -a E:\autorun.exe -d E:\
Task: {5AA09103-8CDE-4221-86AD-AAA436828500} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: {684A3858-784E-4AC2-851F-89129D94DDBA} - System32\Tasks\{021FE3ED-16E4-4F54-92F5-FE1EFC22161F} => pcalua.exe -a C:\ProgramData\LGMOBILEAX\LGMLauncher.exe -d C:\ProgramData\LGMOBILEAX
Task: {69A0C7C0-52D7-4C68-9EBE-BE63AFB629EF} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {7C0E6375-CD4C-4BF6-A464-320B58A001E4} - System32\Tasks\{8F2103D6-3757-4AE8-B4E0-FEEAB263AB75} => Chrome.exe http://ui.skype.com/ui/0/6.21.0.104/fi/abandoninstall?page=tsBing
Task: {88080216-57E3-4413-90E2-AD8BFCF73FDE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {F31F76BB-4979-4C91-A664-5E6B4F81391A} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
Task: {F5BE8E3B-D60D-46AE-B5D3-14F394841CB5} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2013-01-22 18:43 - 2015-04-09 00:30 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-05-09 15:05 - 2015-05-09 15:04 - 153822720 __RSH () C:\ProgramData\nvxasync\cvxasync.exe
2014-10-31 14:03 - 2014-10-31 14:03 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-05-09 15:04 - 2015-05-09 15:04 - 153822720 __RSH () C:\Users\mari\AppData\Roaming\nvxasync\nvxasync.exe
2013-01-22 18:18 - 2012-01-12 16:21 - 00078448 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2013-01-22 18:18 - 2012-01-12 16:21 - 00386160 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2013-02-28 20:37 - 2012-07-03 19:39 - 00253648 _____ () C:\Program Files (x86)\Elisa Turvakeskus\apps\ComputerSecurity\Gadget\fsgadget.exe
2013-01-28 14:08 - 2013-01-28 14:08 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-01-28 14:08 - 2013-01-28 14:08 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-02-28 20:31 - 2013-02-28 20:31 - 00372416 _____ () C:\Windows\WinSxS\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.2.680_none_a025cb6556b2730a\QtXml4.dll
2013-02-28 20:31 - 2013-02-28 20:31 - 02256576 _____ () C:\Windows\WinSxS\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.2.680_none_a025cb6556b2730a\QtCore4.dll
2013-02-28 20:37 - 2012-07-03 19:39 - 00038400 _____ () C:\Program Files (x86)\Elisa Turvakeskus\apps\ComputerSecurity\Anti-Virus\FSAVHRES.eng
2012-11-21 13:54 - 2012-11-21 13:54 - 00216760 _____ () C:\Program Files (x86)\Elisa Turvakeskus\daas2.dll
2015-04-17 08:57 - 2015-03-28 06:45 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2013-02-28 21:09 - 2013-02-28 21:09 - 00030888 _____ () C:\Program Files (x86)\Elisa Turvakeskus\apps\ComputerSecurity\Anti-Virus\minifilter\hashlib_x86.dll
2013-02-28 20:37 - 2015-04-14 12:07 - 00175144 _____ () C:\Program Files (x86)\Elisa Turvakeskus\apps\ComputerSecurity\Gemini\fsgem.dll
2013-02-28 20:37 - 2013-12-11 09:17 - 00212008 _____ () C:\Program Files (x86)\Elisa Turvakeskus\apps\ComputerSecurity\Spam Control\fsas.dll
2013-02-28 20:37 - 2015-02-24 11:37 - 00949288 _____ () C:\Program Files (x86)\Elisa Turvakeskus\apps\ComputerSecurity\Anti-Virus\fm4av.dll
2013-02-28 20:31 - 2013-02-28 20:31 - 08347328 _____ () C:\Windows\WinSxS\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.2.680_none_a025cb6556b2730a\QtGui4.dll
2013-02-28 20:31 - 2013-02-28 20:31 - 10706624 _____ () C:\Windows\WinSxS\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.2.680_none_a025cb6556b2730a\QtWebKit4.dll
2013-02-28 20:31 - 2013-02-28 20:31 - 03051200 _____ () C:\Windows\WinSxS\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.2.680_none_a025cb6556b2730a\QtXmlPatterns4.dll
2013-02-28 20:31 - 2013-02-28 20:31 - 00986816 _____ () C:\Windows\WinSxS\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.2.680_none_a025cb6556b2730a\QtNetwork4.dll
2013-02-28 20:31 - 2013-02-28 20:31 - 00450240 _____ () C:\Windows\WinSxS\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.2.680_none_a025cb6556b2730a\QtHelp4.dll
2013-02-28 20:31 - 2013-02-28 20:31 - 00622272 _____ () C:\Windows\WinSxS\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.2.680_none_a025cb6556b2730a\QtSql4.dll
2013-02-28 20:31 - 2013-02-28 20:31 - 01076928 _____ () C:\Windows\WinSxS\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.2.680_none_a025cb6556b2730a\QtCLucene4.dll
2012-11-21 13:54 - 2012-11-21 13:54 - 00033976 _____ () C:\Program Files (x86)\Elisa Turvakeskus\imageformats\qgif4.dll
2012-11-21 13:54 - 2012-11-21 13:54 - 00036024 _____ () C:\Program Files (x86)\Elisa Turvakeskus\imageformats\qico4.dll
2012-11-21 13:54 - 2012-11-21 13:54 - 00143032 _____ () C:\Program Files (x86)\Elisa Turvakeskus\imageformats\qjpeg4.dll
2012-11-21 13:54 - 2012-11-21 13:54 - 00241336 _____ () C:\Program Files (x86)\Elisa Turvakeskus\imageformats\qmng4.dll
2013-02-28 20:37 - 2012-07-03 19:39 - 00049152 _____ () C:\Program Files (x86)\Elisa Turvakeskus\apps\ComputerSecurity\FSGUI\fsavures.eng
2013-02-28 20:37 - 2012-07-03 19:39 - 00086016 _____ () C:\Program Files (x86)\Elisa Turvakeskus\apps\ComputerSecurity\FSGUI\strres.eng
2013-02-28 20:37 - 2012-07-03 19:39 - 00147456 _____ () C:\Program Files (x86)\Elisa Turvakeskus\apps\ComputerSecurity\FSGUI\flyerres.eng
2014-10-16 10:02 - 2014-10-16 10:02 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\92a1650dbe9fad5f46633b835420e1a8\IsdiInterop.ni.dll
2013-01-22 18:19 - 2011-11-29 21:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-01-22 18:18 - 2011-12-16 11:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2015-04-30 11:57 - 2015-04-28 05:07 - 01252680 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\libglesv2.dll
2015-04-30 11:57 - 2015-04-28 05:07 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\libegl.dll
2015-04-30 11:57 - 2015-04-28 05:07 - 14980424 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-1694309862-3657083619-1565170917-1000\...\skype.com -> hxxps://apps.skype.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1694309862-3657083619-1565170917-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\mari\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.100.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

 

[Autumn456]

==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [{6AF0E4B4-9888-45E6-957D-0CB802D6228D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{00DABEE9-8F63-4F3E-AC9D-D4ADF8FD831B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{99E09A41-203A-4DDB-9C86-6875CEA410D8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{CF258610-A796-4C61-AE3E-B46B416F7144}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{A75A27B3-5CC9-430B-B6DB-05D3C46ADDD2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{EBD4577E-AE8C-4E10-9754-782416D38FB9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Torchlight II\Torchlight2.exe
FirewallRules: [{07D347B1-DD65-41E6-AD4A-923E49D151F4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Torchlight II\Torchlight2.exe
FirewallRules: [{4F55F526-089A-43EC-97D1-ECA752B82735}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\World of Goo\WorldOfGoo.exe
FirewallRules: [{15305950-596C-4BDE-AD8C-789526BD8D82}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\World of Goo\WorldOfGoo.exe
FirewallRules: [{DF4B4501-7C82-4E25-94E4-8F9992A4CC94}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
FirewallRules: [{DDF39BA1-B97D-4825-892E-2B1E645C3E34}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
FirewallRules: [TCP Query User{11657E93-36E1-4BBA-8636-BB3986A50C47}C:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe
FirewallRules: [UDP Query User{805D4E63-5A9C-4501-9DDA-92948425D84C}C:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe
FirewallRules: [{11CCF94B-18E5-4989-BD5A-12061FED4F51}] => (Block) C:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe
FirewallRules: [{FE4E0CF4-FC77-4D0F-95AD-A5FE6F95C77D}] => (Block) C:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe
FirewallRules: [{8F15EC96-978D-4A12-89C3-5E853FBDB931}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\tools\DragonAgeToolset.exe
FirewallRules: [{3E5415BD-DED2-44D9-AF60-8D73212E4C0E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\tools\DragonAgeToolset.exe
FirewallRules: [{6C0ACC1D-DB55-4A82-B94B-3102EE5A910F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\tools\RPU.exe
FirewallRules: [{BB6AEEB7-34AB-42AC-9B72-6666984F0371}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\tools\RPU.exe
FirewallRules: [{92976E9D-CDAF-4406-B4CC-9053A036E17D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\tools\lightmapper\eclipseRay.exe
FirewallRules: [{70687610-1270-4342-A1F6-6F1502304FDD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\tools\lightmapper\eclipseRay.exe
FirewallRules: [{DC90BA02-ED09-4DBA-9F84-DC30E96684E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\tools\GffEditor.exe
FirewallRules: [{CC817372-4365-4AF5-9536-177872BDEC99}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\tools\GffEditor.exe
FirewallRules: [{6947C09D-7DD8-44D9-A853-C4D4620F242A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\tools\ErfEditor.exe
FirewallRules: [{1B646D76-8676-4EA2-9F73-BF1A1A01C567}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\tools\ErfEditor.exe
FirewallRules: [TCP Query User{DEC9DAC1-8CB3-4E90-BC13-CE3DC2FA06FC}C:\windows\syswow64\regsvr32.exe] => (Allow) C:\windows\syswow64\regsvr32.exe
FirewallRules: [UDP Query User{7CC14A7E-6591-415A-AF4F-8273E624DECF}C:\windows\syswow64\regsvr32.exe] => (Allow) C:\windows\syswow64\regsvr32.exe
FirewallRules: [{E0CC4DFB-AB51-4AF1-A782-3B2AE4E70CB7}] => (Block) C:\windows\syswow64\regsvr32.exe
FirewallRules: [{E787591C-9F01-4340-8229-A38E05713C17}] => (Block) C:\windows\syswow64\regsvr32.exe
FirewallRules: [TCP Query User{948B9493-D831-4FA5-8BEA-3AC546EACC1C}C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [UDP Query User{76A3C330-2039-4B16-B278-ECEBE520EF34}C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [{EA0D59A3-AC00-4A50-B86B-F13078F0DA27}] => (Block) C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [{6E055D98-6F35-475A-B155-E2FC900C50BE}] => (Block) C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [TCP Query User{FF23FC85-88FE-49CA-B596-BB710D3E6830}C:\users\mari\downloads\bittorrent.exe] => (Block) C:\users\mari\downloads\bittorrent.exe
FirewallRules: [UDP Query User{403B3873-DD37-469E-B11D-7F0D0940117A}C:\users\mari\downloads\bittorrent.exe] => (Block) C:\users\mari\downloads\bittorrent.exe
FirewallRules: [TCP Query User{0EADDB24-9C00-4530-8673-5881618A3716}C:\program files (x86)\steam\steamapps\common\trine 2\trine2_32bit.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\trine 2\trine2_32bit.exe
FirewallRules: [UDP Query User{926CD65E-A6FD-4D3C-8D1C-FF9C9DC9F192}C:\program files (x86)\steam\steamapps\common\trine 2\trine2_32bit.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\trine 2\trine2_32bit.exe
FirewallRules: [{D7475824-1541-4331-9586-F1158356C6FC}] => (Block) C:\program files (x86)\steam\steamapps\common\trine 2\trine2_32bit.exe
FirewallRules: [{59B813A6-7567-44BD-9B77-DC695C288B63}] => (Block) C:\program files (x86)\steam\steamapps\common\trine 2\trine2_32bit.exe
FirewallRules: [{D4010AF8-F25A-499E-B611-3446DA8D464A}] => (Allow) C:\Program Files (x86)\Mass Effect\Binaries\MassEffect.exe
FirewallRules: [{ACC11947-4EEE-4791-BA88-81E204295136}] => (Allow) C:\Program Files (x86)\Mass Effect\Binaries\MassEffect.exe
FirewallRules: [{E67BD3F8-2E90-4BDA-97B5-93BB61AE2648}] => (Allow) C:\Program Files (x86)\Mass Effect\MassEffectLauncher.exe
FirewallRules: [{DD56F60A-1CAA-486E-BE46-CDA6A884ED30}] => (Allow) C:\Program Files (x86)\Mass Effect\MassEffectLauncher.exe
FirewallRules: [{957FC5DD-6966-459C-8AC8-910058C6565F}] => (Allow) C:\Program Files (x86)\Mass Effect 2\Binaries\MassEffect2.exe
FirewallRules: [{9FD5A341-6FF4-46CD-B16E-15395655A06F}] => (Allow) C:\Program Files (x86)\Mass Effect 2\Binaries\MassEffect2.exe
FirewallRules: [{A44A2FBC-3484-4BF7-9548-0F4AB92243A4}] => (Allow) C:\Program Files (x86)\Mass Effect 2\MassEffect2Launcher.exe
FirewallRules: [{E697DF44-D27A-4B34-AADB-9AD3AEBAD70C}] => (Allow) C:\Program Files (x86)\Mass Effect 2\MassEffect2Launcher.exe
FirewallRules: [{C35FE664-3D02-4380-AAFD-5818F3E3FF24}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect 3\Binaries\Win32\MassEffect3.exe
FirewallRules: [{F7410FB1-BA07-4461-927E-ABE4F1179A29}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect 3\Binaries\Win32\MassEffect3.exe
FirewallRules: [{3F1FF94D-55C2-4180-BAAE-D1FDA9358C83}] => (Allow) C:\Program Files (x86)\Dragon Age 2\bin_ship\DragonAge2.exe
FirewallRules: [{C9DF99DC-74D4-43A7-A8CF-321E188B894B}] => (Allow) C:\Program Files (x86)\Dragon Age 2\bin_ship\DragonAge2.exe
FirewallRules: [{D7CF2BD8-4074-4097-93DA-7BDDEAEECCDF}] => (Allow) C:\Program Files (x86)\Dragon Age 2\DragonAge2Launcher.exe
FirewallRules: [{7AFCCD50-E09E-42B6-8210-9D389CF329E8}] => (Allow) C:\Program Files (x86)\Dragon Age 2\DragonAge2Launcher.exe
FirewallRules: [{16CD3A3C-DBD4-4E53-AD2C-A7A8FFB29376}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trine 2\trine2_launcher.exe
FirewallRules: [{B613EF89-3ABA-4968-A445-69C0B1F92314}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trine 2\trine2_launcher.exe
FirewallRules: [{096C0901-A18F-4CCD-AAD7-652C88702F12}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{EBFB40F4-BC7E-4779-A01F-D7EA451C8F2E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{AE8CC9DB-8738-4254-AE1D-6A442ADB39C1}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3.exe
FirewallRules: [{99177518-561F-4D56-9276-894F2716CA3E}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3.exe
FirewallRules: [{B75D32CE-49A2-4A50-9063-02F70EB071EF}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3_d3d11.exe
FirewallRules: [{0AD4BC70-6EBF-455A-B13D-459C84570217}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3_d3d11.exe
FirewallRules: [{B264A287-77EC-48CB-ACCD-70A35E838248}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Updater.exe
FirewallRules: [{059E466A-8452-4241-915E-E8DFB52CDE2C}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Updater.exe
FirewallRules: [{7F44CE3F-450B-4DA6-BD5D-DBB47ED84880}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Editor.exe
FirewallRules: [{BAC8699E-A24A-4DDC-98C1-210556B60F15}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Editor.exe
FirewallRules: [{4A4BE409-5F0C-47E7-B12E-7932EFF62F3B}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AC3SP.exe
FirewallRules: [{3E5F9460-A903-4391-B117-3F136F8837EC}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AC3SP.exe
FirewallRules: [{9C09F8ED-60E9-486A-83CA-E4161F390341}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AC3MP.exe
FirewallRules: [{6C028E97-0BBB-4203-967C-637ABD9298BB}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AC3MP.exe
FirewallRules: [{128B3967-A23F-4F58-AC0C-9FE08EB4E169}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AssassinsCreed3.exe
FirewallRules: [{F6C06B3A-2AFD-4C85-898D-95750355DBCA}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AssassinsCreed3.exe
FirewallRules: [{92B06E9B-7A69-426B-91CA-6F9910C03111}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{A9066A38-D307-49BB-8485-1ABF38A84831}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7609C4D5-B7E9-4AF0-A669-0161ED5C62DC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{21458B7A-2A4C-419D-9E2B-D0413794B324}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{222ED720-0994-41E8-9BB6-A309E66219A8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{42704521-97EC-42B0-B148-05DCF9738C2E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SimCity 4 Deluxe\Apps\SimCity 4.exe
FirewallRules: [{1C63A15E-3BE1-487C-94B3-79C6F1F2FCE2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SimCity 4 Deluxe\Apps\SimCity 4.exe
FirewallRules: [{E277F300-F079-4DAF-B09E-17320A90166D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SimCity 4 Deluxe\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{7737B294-F8F7-4571-B1F6-7CE6BAFAFD9B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SimCity 4 Deluxe\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{9AC043E1-2150-4F1A-8B88-420F9B79FDB1}] => (Allow) C:\Program Files (x86)\WB Games\Batman Arkham City GOTY\Binaries\Win32\BatmanAC.exe
FirewallRules: [{99BC588B-FA11-4719-8482-16ED7396F1A8}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AC3SP.exe
FirewallRules: [{94CDE13B-69B5-4626-8FD9-4938D541FD1B}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AC3SP.exe
FirewallRules: [{06B37C6F-F1E3-403A-9555-385458873920}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AC3MP.exe
FirewallRules: [{61E13F12-6476-47CE-BC45-168571139EE2}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AC3MP.exe
FirewallRules: [{37B91076-FA4F-48FC-BC95-C8D4D4734F1D}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AssassinsCreed3.exe
FirewallRules: [{BF491A46-1BA9-4635-BC07-5FB482F3AEE0}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AssassinsCreed3.exe
FirewallRules: [TCP Query User{DF7A2F22-365C-400B-9C67-3C21B42B4727}C:\users\mari\appdata\local\temp\gw2.exe] => (Allow) C:\users\mari\appdata\local\temp\gw2.exe
FirewallRules: [UDP Query User{0DA19CE3-A2F4-4839-AE15-BFF876153A51}C:\users\mari\appdata\local\temp\gw2.exe] => (Allow) C:\users\mari\appdata\local\temp\gw2.exe
FirewallRules: [TCP Query User{4D78CD13-145D-4083-B4FD-C3F1DDAF8810}C:\program files (x86)\guild wars 2\gw2.exe] => (Allow) C:\program files (x86)\guild wars 2\gw2.exe
FirewallRules: [UDP Query User{6CB3D241-AA55-42B5-928E-64089BE2AE4C}C:\program files (x86)\guild wars 2\gw2.exe] => (Allow) C:\program files (x86)\guild wars 2\gw2.exe
FirewallRules: [{3E25E388-7778-4E1E-B110-ACE493EF4995}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{80F1BAA7-432A-4E80-8EB8-4F8507AA973A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{C2C9D8EC-7F22-4E03-902A-08BB15C66FD4}] => (Allow) C:\Program Files (x86)\Microsoft Games\Zoo Tycoon 2\zt.exe
FirewallRules: [{08F5451A-FC51-419F-869B-D511CD3842DD}] => (Allow) C:\Program Files (x86)\Microsoft Games\Zoo Tycoon 2\zt.exe
FirewallRules: [{BDD3FCD6-68FF-44AC-9F2B-E8E861B7BAFC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Poker Night at the Inventory\CelebrityPoker.exe
FirewallRules: [{9D7A8D63-8D92-4C30-B69A-4DCD8C2ED508}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Poker Night at the Inventory\CelebrityPoker.exe
FirewallRules: [TCP Query User{72F9B923-445E-417D-9AE6-5932C81D8750}C:\users\mari\downloads\pokemon heart gold with emulator (inly)\desmume.exe] => (Block) C:\users\mari\downloads\pokemon heart gold with emulator (inly)\desmume.exe
FirewallRules: [UDP Query User{67928C7D-18F4-4491-9FC2-3DA6491B488F}C:\users\mari\downloads\pokemon heart gold with emulator (inly)\desmume.exe] => (Block) C:\users\mari\downloads\pokemon heart gold with emulator (inly)\desmume.exe
FirewallRules: [TCP Query User{B7175639-4723-4A49-B19C-47344F0A099C}C:\users\public\games\cryptic studios\neverwinter\live\gameclient.exe] => (Allow) C:\users\public\games\cryptic studios\neverwinter\live\gameclient.exe
FirewallRules: [UDP Query User{8C9CC37D-466D-400D-994A-548DA74259E5}C:\users\public\games\cryptic studios\neverwinter\live\gameclient.exe] => (Allow) C:\users\public\games\cryptic studios\neverwinter\live\gameclient.exe
FirewallRules: [{2C63CC07-F6B2-4880-894D-93944C1CB29D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4BE38BD2-8FC2-461E-A988-A52B4DE640F5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{3FE5DA15-E424-4AFE-B880-3C9157D21D19}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0E7D0166-393C-4B97-BE9F-D06DCC5A4788}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C717A0D3-7F2C-4174-9DDD-83450B3917FE}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{41049234-A520-4026-8FD9-1F1C717351B1}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
FirewallRules: [{EDAD0933-7601-4F5A-8E47-D71EFF77DE96}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
FirewallRules: [{2BAC4479-E324-45A4-B950-62A9B424E231}] => (Allow) c:\Program Files (x86)\sMedio\WinDVD11\\WinDVD.exe
FirewallRules: [TCP Query User{6F7B07C9-07F5-4DDD-BCFF-B5C4B8A13363}C:\program files (x86)\smedio\windvd11\windvd.exe] => (Block) C:\program files (x86)\smedio\windvd11\windvd.exe
FirewallRules: [UDP Query User{7A59E64C-BB88-4654-87D8-7AEE5E3BAB59}C:\program files (x86)\smedio\windvd11\windvd.exe] => (Block) C:\program files (x86)\smedio\windvd11\windvd.exe
FirewallRules: [{C81845C5-8251-497E-B608-38DE3714DDD2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{A1F2CD17-F55D-40EA-939A-2AC356DE737C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{27AACED9-5EB7-4F26-9D7C-2DA23583EC93}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Beyond Good and Evil\CheckApplication.exe
FirewallRules: [{295C89DD-B7C5-4BE6-8AB4-0F73499A3177}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Beyond Good and Evil\CheckApplication.exe
FirewallRules: [TCP Query User{2864606D-74F3-4C4C-85AB-D00DE503B3A3}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [UDP Query User{C8FE3473-DD8B-4E99-AD3A-635E06EED433}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [TCP Query User{E6CB6A46-CC6E-4258-878E-7FB5072361E4}C:\program files (x86)\gigabyte\@bios\gwflash.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\gwflash.exe
FirewallRules: [UDP Query User{001124D1-E7F0-4FD9-94C5-8DA910073630}C:\program files (x86)\gigabyte\@bios\gwflash.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\gwflash.exe
FirewallRules: [TCP Query User{8DD90414-1F69-47D6-82F6-207DB641B067}C:\program files (x86)\gigabyte\@bios\updexe.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\updexe.exe
FirewallRules: [UDP Query User{C7781171-A3F3-41F8-9EB3-350853E3954C}C:\program files (x86)\gigabyte\@bios\updexe.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\updexe.exe
FirewallRules: [TCP Query User{AD8E8B7C-B810-4457-82E7-7F5F3E8A47BB}C:\program files (x86)\gigabyte\@bios\gbtupd.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\gbtupd.exe
FirewallRules: [UDP Query User{B37CC8F7-B3C1-4041-9226-AD23A868224D}C:\program files (x86)\gigabyte\@bios\gbtupd.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\gbtupd.exe
FirewallRules: [{AB7DCA18-BFDD-4B81-8705-6D947F707477}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DmC Devil May Cry\Binaries\Win32\DMC-DevilMayCry.exe
FirewallRules: [{D58BF108-72D8-4D5A-B399-B8008EAC78F8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DmC Devil May Cry\Binaries\Win32\DMC-DevilMayCry.exe
FirewallRules: [{48D4559E-CC8D-480F-B990-E98189F5D436}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\hotline_miami\HotlineMiami.exe
FirewallRules: [{26061A7D-FF7A-4FB6-B41C-4F5C088444EF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\hotline_miami\HotlineMiami.exe
FirewallRules: [{3318E47D-8420-4112-84C7-C64563EBEA7A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trine 2\trine2_launcher.exe
FirewallRules: [{4BCAFBBB-8E9F-42CF-A7CA-D69F9158522B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trine 2\trine2_launcher.exe
FirewallRules: [{A8A1CC31-1492-4DBB-8E18-496E16730B31}] => (Allow) C:\Program Files (x86)\Microsoft Games\Viva Pinata\Viva Pinata.exe
FirewallRules: [{5D84547E-AE35-49EA-8291-2EAA37D8767F}] => (Allow) C:\Program Files (x86)\Microsoft Games\Viva Pinata\Viva Pinata.exe
FirewallRules: [{BFB3B6FD-93B0-49C0-9E7D-33D16006777A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{BFBFEEB7-A5D9-430F-AA07-2F5E474F5292}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{51DC4EA3-3F1B-4359-A394-05C0F3417A86}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D7174F7B-FBF4-413C-80CA-40FE8AB124FC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C5504960-EF09-4473-ACB6-EC6F70507765}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{C37CD2FE-8E91-40E7-B477-9308300E7BD1}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{C517AE90-3EB2-40F6-9F21-E0B7CD9183D2}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{D39573DC-E6A6-430D-926B-70BE6E42D75E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{C9DDCA0A-8749-4BA1-8662-7BFFF044B296}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{201F0262-10D8-464E-BEE3-91CDBA9E4F3C}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{091D8AF5-D8B6-4721-889D-911F6B74DE0E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C0DBA719-42A9-47A5-BA2C-CB9981D2C80C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{2B7682E1-7EE1-4ADF-9FE9-67984FC4B348}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{BA3C9F74-2D2D-4EE1-89BA-EFD4B460422A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{F02EF828-D95B-4976-B457-433F8401AA90}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{3D752F85-90C4-4F2D-AE80-D6702BB49AFA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{63723023-9A7A-4ADE-AB2A-88B9B89E0C1C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{B4694637-716A-43A7-880F-93FA441DF6E6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{E3E327CA-D4BC-4AE6-9320-A2921982D6C5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2426\Agent.exe
FirewallRules: [{34B6F157-7C90-4250-9F89-CD14648AF021}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2426\Agent.exe
FirewallRules: [{4449A3BF-8C04-49BA-A6E9-225D53E8912E}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{22D03AFE-D90A-4808-BE4B-32DB3F08252C}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{17D9B80F-9DF7-49B1-ABCF-43FDE45EBBB6}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [UDP Query User{76EF056E-A4DF-4D40-B5EF-CF173528D3E8}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [{EFC88B35-0075-482D-8557-DDC37B0A038D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{1ED8BFDC-3F10-487A-A426-AE818820E982}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{441A7E3E-2AB3-4BEF-8D28-397BA07B512E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{E772887F-AD78-4C1D-B7FB-4DBE72A0B13F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{40103EF1-EA47-440A-B54B-6468517E7607}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{2792F01F-E74F-483C-BE00-72D2F78B9BD4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{02A1F985-5B4B-48E0-96D7-33A107C5A9E2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{84D0192E-2F3C-4F3B-B218-9216223C6755}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{2F8D9334-A44B-4D88-A9F2-3BFED76096A0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{124D7AE6-DE4A-44F4-A79D-FE2B7D9AAEDF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{ED16DF6A-2F6A-4381-A1C8-E468281D6D02}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{DD223DC3-903E-46B1-ACEA-D0CA3BF23E72}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{21067897-2E35-4063-881A-3B593C1E59DB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{2D319BF2-6187-4507-870B-0D442840175F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{FACE9039-747A-4C71-9E7E-225BD3E96005}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brothers - A Tale of Two Sons\Binaries\Win32\BrothersLauncher.exe
FirewallRules: [{B277AF41-787A-44E2-A4D4-95CD8D52ADD9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brothers - A Tale of Two Sons\Binaries\Win32\BrothersLauncher.exe
FirewallRules: [{C06DD3D6-89A2-4A61-83E4-52A20D9D4BAA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brothers - A Tale of Two Sons\Binaries\Win32\Brothers.exe
FirewallRules: [{E2B08427-4F45-4807-BA9F-F7AF0F01C638}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brothers - A Tale of Two Sons\Binaries\Win32\Brothers.exe
FirewallRules: [{5A80C79E-4A67-4B1B-9613-F931AE22384F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{204908B2-D136-4384-881C-8F5AD494015C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{93CB6298-9F2D-4882-975D-5B8BF460A4C5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\mark_of_the_ninja\bin\game.exe
FirewallRules: [{2262D495-17B1-43FC-8BAC-C34C765C5682}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\mark_of_the_ninja\bin\game.exe
FirewallRules: [{1641A215-FED7-4158-A6BB-E0A0BB68485B}] => (Allow) C:\Program Files (x86)\Mass Effect 2\Binaries\MassEffect2.exe
FirewallRules: [{59ADB686-D1D8-4B04-93D5-A4B1F2B5AA56}] => (Allow) C:\Program Files (x86)\Mass Effect 2\Binaries\MassEffect2.exe
FirewallRules: [{1BEE223E-4CEF-4212-B5E8-497F2645F9D4}] => (Allow) C:\Program Files (x86)\Dragon Age 2\bin_ship\DragonAge2.exe
FirewallRules: [{CA87C344-8F54-4545-9298-850D2F5BE686}] => (Allow) C:\Program Files (x86)\Dragon Age 2\bin_ship\DragonAge2.exe
FirewallRules: [{CB5891F7-3088-4ECD-A125-A01640BF94E0}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
FirewallRules: [{4FD11340-7C19-4497-936F-8113001C681A}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
FirewallRules: [{958D3B5C-0368-4350-8AEA-DEC47D6C45E2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{72FE6692-87D7-4198-BD83-0D764520DE52}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{2BD573C7-20DF-4DD4-9B3C-31585C8787FF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{1E814A0F-C1F3-4B6E-8B71-648267C51D2E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{99E60E7B-0DBA-4245-BD1F-E13DCC1CCCFC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{6E66D448-DFD4-453C-A6D7-79B37BAF55C3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D4A28254-4138-437C-BCC1-EF72A0006B5B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\To the Moon\To the Moon\To the Moon.exe
FirewallRules: [{A928A942-1621-447B-A564-D7A94D9F0DB2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\To the Moon\To the Moon\To the Moon.exe
FirewallRules: [{47B20385-5131-4959-ACA1-1AFEB11D623B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{67437D89-A2E1-49CE-B39C-F3EC129A2FA7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{83C92484-9CB4-4027-859A-E4D66477B699}] => (Allow) C:\Users\mari\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{21F7ACCB-04C4-45E2-9EB7-FACAE018E47A}] => (Allow) C:\Users\mari\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [TCP Query User{7B7F3A96-9161-46DD-9952-21C3FD4A67D9}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{574C5625-1D68-429E-896D-5E44864DE349}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{E71F50A3-45C7-43AD-95CE-3A4C21294C0E}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{F2543CFF-0971-4169-830C-717AB70E6186}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [{B4E06202-D542-4420-8884-7182C23ECD77}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{96E5CC3F-0A6C-411E-9211-EB778CDA9FF8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{3168F8F5-A245-468C-8715-30955C0A51BC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2426\Agent.exe
FirewallRules: [{97A80E7B-6B3A-4B88-854D-DF56DC1F1D62}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2426\Agent.exe
FirewallRules: [{91C1F66F-A44D-4982-B6E6-CF8493A98976}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe
FirewallRules: [{F5D4B0CA-8DAE-4E0A-94F6-D0499FA0F6A8}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe
FirewallRules: [{7CE78E56-874C-4D06-ADB2-62DD7F6D762B}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{F1D94076-A5CC-4C66-8E87-282D55EE23C4}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{6EFCCDA2-C335-4E92-B5E7-F8A582A8A0D4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DmC Devil May Cry\Binaries\Win32\DMC-DevilMayCry.exe
FirewallRules: [{CBE6EA71-4357-4706-9FF5-636A56444CA1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DmC Devil May Cry\Binaries\Win32\DMC-DevilMayCry.exe
FirewallRules: [{C5EA164C-BD9F-4313-8289-97953C826A63}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FLYN\Source\Flyn.exe
FirewallRules: [{8F5F2C21-4FF9-4CD3-9893-43A99A717ECB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FLYN\Source\Flyn.exe
FirewallRules: [{C2FAE47C-95A6-4385-BADE-0BFE28CC7292}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{2DFEC958-DE99-48EE-ABAB-E09E9C5EFFCB}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{0054505F-4553-47D7-A0D2-AB3882031986}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{F5F76FF4-EFA4-447E-A49F-737A9C834D98}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{57B675A5-959F-46BF-AD60-82796AAD8B2B}C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3_d3d11.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3_d3d11.exe
FirewallRules: [UDP Query User{5B642585-895D-4D55-9232-068BA0E1418F}C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3_d3d11.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{AA977E9C-96D2-4D5D-840D-3C14923CC14C}] => (Block) C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{136E7C74-7B76-4A40-B60E-F5474C8DCE9B}] => (Block) C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{16ACCC8E-3358-49E5-BD22-AC56EC18F6A6}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 4\bin\FarCry4.exe
FirewallRules: [{04A7C82B-588B-44E7-B6B9-F964011D49CE}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 4\bin\FarCry4.exe
FirewallRules: [{E1BFB678-8B28-402C-9FBD-A78B7DA33815}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 4\bin\FarCry4.exe
FirewallRules: [{14A1B7A0-4EF8-4BE5-8E70-2CEABB83A632}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 4\bin\FarCry4.exe
FirewallRules: [{5CBF4B26-1656-4433-9E69-702DBFCDF894}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 4\bin\IGE_WPF64.exe
FirewallRules: [{E111547B-37BD-42C2-82BB-8B96790A011D}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 4\bin\IGE_WPF64.exe
FirewallRules: [{DFB0C4C6-06CA-4A54-A903-55ACC7EA32C6}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 4\bin\IGE_WPF64.exe
FirewallRules: [{67AE81F0-F8BA-41AB-B9D1-42C89DA81D82}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 4\bin\IGE_WPF64.exe
FirewallRules: [{EE0FFD73-28F2-4F3D-972C-5A0FD19C0B86}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2FA34FFA-9657-48B8-A221-CA6768C58458}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CA09D298-E7DC-44FD-8B65-D5EDBD5C0D16}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{20BD7A45-509D-4DA1-939C-8B8E700DE4DC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [TCP Query User{D3F1E4F3-3E8C-4E0D-AA08-C41AB924A70C}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{4341478D-46BD-4665-B909-94F68F0D6759}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{BB7591B7-DB8A-497C-804B-064A96976AE0}] => (Block) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{204F195F-7368-4692-AC00-A4AB62116CF8}] => (Block) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{2E7A9B00-5453-41EE-AE65-26DED08C389A}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{5931A998-40E9-457B-B918-F0B1DA67B326}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{6D56CFB2-7DEC-41B8-BBA8-276475EA9C05}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{163BA1B1-CD9D-4564-8FB9-8C42ABAEF8C1}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{76316701-6F1F-411D-8880-BFC2FB9B5F20}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{B0211834-31C8-4231-909E-A1A37E921F77}] => (Block) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{0273DF32-2D93-432A-AC2C-6F2C223AA369}] => (Block) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe

==================== Faulty Device Manager Devices =============

 

[Autumn456]

==================== Event log errors: =========================

Application errors:
==================
Error: (05/10/2015 09:39:05 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/10/2015 09:27:23 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/10/2015 09:26:29 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows cannot access the file for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program nvxasync.exe because of this error.

Program: nvxasync.exe
File:

The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.

Additional Data
Error value: 00000000
Disk type: 0

Error: (05/10/2015 09:26:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: nvxasync.exe, version: 0.0.0.0, time stamp: 0x55227d5b
Faulting module name: nvxasync.exe, version: 0.0.0.0, time stamp: 0x55227d5b
Exception code: 0xc0000096
Fault offset: 0x092b1bb8
Faulting process id: 0x428
Faulting application start time: 0xnvxasync.exe0
Faulting application path: nvxasync.exe1
Faulting module path: nvxasync.exe2
Report Id: nvxasync.exe3

Error: (05/10/2015 09:26:18 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows cannot access the file for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program cvxasync.exe because of this error.

Program: cvxasync.exe
File:

The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.

Additional Data
Error value: 00000000
Disk type: 0

Error: (05/10/2015 09:26:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: cvxasync.exe, version: 0.0.0.0, time stamp: 0x55227d5b
Faulting module name: cvxasync.exe, version: 0.0.0.0, time stamp: 0x55227d5b
Exception code: 0xc0000096
Fault offset: 0x092b1bb8
Faulting process id: 0x2cc
Faulting application start time: 0xcvxasync.exe0
Faulting application path: cvxasync.exe1
Faulting module path: cvxasync.exe2
Report Id: cvxasync.exe3

Error: (05/10/2015 08:58:41 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (05/10/2015 08:58:41 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (05/10/2015 08:49:13 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/10/2015 07:48:49 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (05/10/2015 11:28:50 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (05/10/2015 11:28:46 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (05/10/2015 11:28:43 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (05/10/2015 11:28:43 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (05/10/2015 11:28:41 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (05/10/2015 09:48:19 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (05/10/2015 09:48:07 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (05/10/2015 09:48:03 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (05/10/2015 09:48:01 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (05/10/2015 09:48:01 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
Date: 2015-04-18 18:09:04.853
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-04-18 18:09:04.807
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-04-18 18:09:04.757
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\gpapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-04-18 18:09:04.699
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\gpapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-03-11 16:28:11.555
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-03-11 16:28:11.501
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-03-11 16:28:11.442
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\gpapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-03-11 16:28:11.365
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\gpapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-10-30 11:46:46.835
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-10-30 11:46:46.812
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
Percentage of memory in use: 24%
Total physical RAM: 16344.1 MB
Available physical RAM: 12366.37 MB
Total Pagefile: 32686.39 MB
Available Pagefile: 27525.99 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.29 GB) (Free:327.89 GB) NTFS
Drive g: (Seagate Expansion Drive) (Fixed) (Total:1863.01 GB) (Free:1001.63 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: D2F8ED82)

Partition: GPT Partition Type.

========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: C188ECA0)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End Of Log ============================

 

[Broni]

Welcome aboard

Please, observe following rules:

• Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
• If you're stuck, or you're not sure about certain step, always ask before doing anything else.
• Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
• Never run more than one scan at a time.
• Keep updating me regarding your computer behavior, good, or bad.
• The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
• If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
• I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

====================================

Uninstall YTD Video Downloader.

Download RogueKiller from one of the following links and save it to your Desktop:

Link 1
Link 2

• Close all the running programs
• Windows Vista/7/8 users: right click on RogueKiller.exe, click Run as Administrator
• Otherwise just double-click on RogueKiller.exe
• Pre-scan will start. Let it finish.
• Click on SCAN button.
• Wait until the Status box shows Scan Finished
• Click on Delete.
• Wait until the Status box shows Deleting Finished.
• Click on Report and copy/paste the content of the Notepad into your next reply.
• RKreport.txt could also be found on your desktop.
• If more than one log is produced post all logs.
• If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

Please download Malwarebytes Anti-Malware (MBAM) to your desktop.
NOTE. If you already have MBAM 2.0 installed scroll down.

• Double-click mbam-setup-2.0.0.1000.exe and follow the prompts to install the program.
  
• At the end, be sure a checkmark is placed next to the following:
  
  • Launch Malwarebytes Anti-Malware
  • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
• Click Finish.
• On the Dashboard, click the 'Update Now >>' link
• After the update completes, click the 'Scan Now >>' button.
  
• Or, on the Dashboard, click the Scan Now >> button.
• If an update is available, click the Update Now button.
  
• A Threat Scan will begin.
• When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
• In most cases, a restart will be required.
• Wait for the prompt to restart the computer to appear, then click on Yes.

If you already have MBAM 2.0 installed:

• On the Dashboard, click the 'Update Now >>' link
• After the update completes, click the 'Scan Now >>' button.
  
• Or, on the Dashboard, click the Scan Now >> button.
• If an update is available, click the Update Now button.
  
• A Threat Scan will begin.
• When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
• In most cases, a restart will be required.
• Wait for the prompt to restart the computer to appear, then click on Yes.

How to get logs:
(Export log to save as txt)

• After the restart once you are back at your desktop, open MBAM once more.
• Click on the History tab > Application Logs.
• Double click on the Scan Log which shows the Date and time of the scan just performed.
• Click 'Export'.
• Click 'Text file (*.txt)'
• In the Save File dialog box which appears, click on Desktop.
• In the File name: box type a name for your scan log.
• A message box named 'File Saved' should appear stating "Your file has been successfully exported".
• Click Ok
• Attach that saved log to your next reply.

(Copy to clipboard for pasting into forum replies or tickets)

• After the restart once you are back at your desktop, open MBAM once more.
• Click on the History tab > Application Logs.
• Double click on the Scan Log which shows the Date and time of the scan just performed.
• Click 'Copy to Clipboard'
• Paste the contents of the clipboard into your reply.

Please download AdwCleaner by Xplode onto your desktop.

• Close all open programs and internet browsers.
• Double click on adwcleaner.exe to run the tool.
• Click on Scan button.
• When the scan has finished click on Clean button.
• Your computer will be rebooted automatically. A text file will open after the restart.
• Please post the contents of that logfile with your next reply.
• You can find the logfile at C:\AdwCleaner[S1].txt as well.

Please download Junkware Removal Tool to your desktop.

• Shut down your protection software now to avoid potential conflicts.
• Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
• The tool will open and start scanning your system.
• Please be patient as this can take a while to complete depending on your system's specifications.
• On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
• Post the contents of JRT.txt into your next message.

 

[Autumn456]

Thank you, this has been a great help so far. The computer seems much more manageable already. Here are the results:

1. YTD Video Downloafer is uninstalled.

2. Rogue Killer Log
RogueKiller V10.6.3.0 [May 11 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : mari [Administrator]
Started from : C:\Users\mari\Downloads\RogueKiller.exe
Mode : Delete -- Date : 05/11/2015 20:16:07

¤¤¤ Processes : 3 ¤¤¤
[Suspicious.Path|VT.Unknown] cvxasync.exe(5044) -- C:\ProgramData\nvxasync\cvxasync.exe[-] -> Killed [TermProc]
[Suspicious.Path|VT.Unknown] nvxasync.exe(1160) -- C:\Users\mari\AppData\Roaming\nvxasync\nvxasync.exe[-] -> Killed [TermProc]
[Suspicious.Path|VT.Unknown] nvxasync.exe(5156) -- C:\Users\mari\AppData\Roaming\nvxasync\nvxasync.exe[-] -> Killed [TermProc]

¤¤¤ Registry : 18 ¤¤¤
[Orphan] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad | WebCheck : {E6FB5E20-DE35-11CF-9C87-00AA005127ED} -> Not selected
[Orphan] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad | WebCheck : {E6FB5E20-DE35-11CF-9C87-00AA005127ED} -> Not selected
[Orphan] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E5680D1-BF44-4929-94AF-FD30D784AD1D} -> Not selected
[Orphan] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> Not selected
[Orphan] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} -> Not selected
[Orphan] (X64) HKEY_USERS\S-1-5-21-1694309862-3657083619-1565170917-1000\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks | {0F3DC9E0-C459-4a40-BCF8-747BD9322E10} : -> Not selected
[Orphan] (X86) HKEY_USERS\S-1-5-21-1694309862-3657083619-1565170917-1000\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks | {0F3DC9E0-C459-4a40-BCF8-747BD9322E10} : -> Not selected
[Orphan] (X86) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{92780B25-18CC-41C8-B9BE-3C9C571A8263} | CLSID : {E0DD6CAB-2D10-11D2-8F1A-0000F87ABD16} -> Not selected
[Suspicious.Path|VT.Unknown] (X64) HKEY_USERS\S-1-5-21-1694309862-3657083619-1565170917-1000\Software\Microsoft\Windows\CurrentVersion\Run | nvxasync : C:\Users\mari\AppData\Roaming\nvxasync\nvxasync.exe [-] -> Not selected
[Suspicious.Path|VT.Unknown] (X86) HKEY_USERS\S-1-5-21-1694309862-3657083619-1565170917-1000\Software\Microsoft\Windows\CurrentVersion\Run | nvxasync : C:\Users\mari\AppData\Roaming\nvxasync\nvxasync.exe [-] -> Not selected
[Suspicious.Path|VT.Unknown] (X64) HKEY_USERS\S-1-5-21-1694309862-3657083619-1565170917-1000\Software\Microsoft\Windows NT\CurrentVersion\Winlogon | Shell : C:\ProgramData\nvxasync\cvxasync.exe [-] -> Not selected
[Suspicious.Path|VT.Unknown] (X86) HKEY_USERS\S-1-5-21-1694309862-3657083619-1565170917-1000\Software\Microsoft\Windows NT\CurrentVersion\Winlogon | Shell : C:\ProgramData\nvxasync\cvxasync.exe [-] -> Not selected
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-1694309862-3657083619-1565170917-1000\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.surfvox.com/ -> Not selected
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-1694309862-3657083619-1565170917-1000\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.surfvox.com/ -> Not selected
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Not selected
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Not selected
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Not selected
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Not selected

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Not loaded [0xc000036b]) ¤¤¤

¤¤¤ Web browsers : 2 ¤¤¤
[PUP][FIREFX:Addon] 2kuq6vl1.default : Free Games (4357) [freegames4357@BestOffers] -> Not selected
[PUM.HomePage][FIREFX:Config] 2kuq6vl1.default : user_pref("browser.startup.homepage", "http://www.surfvox.com"); -> Not selected

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: WDC WD10EALS-00Z8A0 +++++
--- User ---
[MBR] 7edbdb028ca0eea32e148d24766522d0
[BSP] 752db7cc05a2b7d3dd0cf4536d46f739 : Empty|VT.Unknown MBR Code
Partition table:
0 - [MAN-MOUNT] EFI system partition | Offset (sectors): 2048 | Size: 100 MB
1 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 206848 | Size: 128 MB
2 - Basic data partition | Offset (sectors): 468992 | Size: 953640 MB
User = LL1 ... OK
User = LL2 ... OK


============================================
RKreport_SCN_05112015_201530.log



3. Malwarebytes was able to run after it was named 1234.exe

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 11.5.2015
Scan Time: 20:22:44
Logfile: malware.log
Administrator: Yes

Version: 2.01.6.1022
Malware Database: v2015.05.11.04
Rootkit Database: v2015.04.21.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: mari

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 405864
Time Elapsed: 8 min, 36 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 2
PUP.Optional.SurfVox.A, C:\Users\mari\AppData\Roaming\nvxasync\nvxasync.exe, 7028, Delete-on-Reboot, [134d425078122313b545a5572ed53bc5]
PUP.Optional.SurfVox.A, C:\ProgramData\nvxasync\cvxasync.exe, 7324, Delete-on-Reboot, [1b458012325875c1b12f9f137a89936d]

Modules: 0
(No malicious items detected)

Registry Keys: 5
PUP.Optional.BestToolbars, HKU\S-1-5-21-1694309862-3657083619-1565170917-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{2977C29A-6723-4436-90BB-F7C5FDEF88A1}, Quarantined, [1f41c5cd880287af2429503c5ea535cb],
PUP.Optional.FreeGames.A, HKLM\SOFTWARE\CLASSES\Free Games (4357).BackgroundHostObject, Quarantined, [4f111a783f4b2c0a81108c94c93b0000],
PUP.Optional.FreeGames.A, HKLM\SOFTWARE\CLASSES\Free Games (4357).BackgroundHostObject.1, Quarantined, [95cbf59d4c3e67cfc7cab36d5ea6c33d],
PUP.Optional.FreeGames.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Free Games (4357).BackgroundHostObject, Quarantined, [d18f5f33f2980a2c751cca56d62eb050],
PUP.Optional.FreeGames.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Free Games (4357).BackgroundHostObject.1, Quarantined, [b7a93b57206a181e41500b15ea1a7789],

Registry Values: 3
PUP.Optional.BestOffers.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|freegames4357@BestOffers, C:\Users\mari\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers, Quarantined, [84dc9101157565d13189eced06fd0ff1]
PUP.Optional.SurfVox.A, HKU\S-1-5-21-1694309862-3657083619-1565170917-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|nvxasync, C:\Users\mari\AppData\Roaming\nvxasync\nvxasync.exe, Quarantined, [134d425078122313b545a5572ed53bc5]
PUP.Optional.BestOffers.A, HKU\S-1-5-21-1694309862-3657083619-1565170917-1000\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|freegames4357@BestOffers, C:\Users\mari\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers, Quarantined, [4a169ff3b7d378be79403c9d61a27888]

Registry Data: 1
PUP.Optional.SurfVox.A, HKU\S-1-5-21-1694309862-3657083619-1565170917-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www.surfvox.com/, Good: (www.google.com), Bad: (http://www.surfvox.com/),Replaced,[f16fa6ec6c1ee84efb76ac6d02041ee2]

Folders: 11
PUP.Optional.OpenCandy, C:\Users\mari\AppData\Roaming\OpenCandy, Quarantined, [5808e6ac66248bab07958519db2811ef],
PUP.Optional.OpenCandy, C:\Users\mari\AppData\Roaming\OpenCandy\D48C7AC558A04C848E9D08AC82B07B0E, Quarantined, [5808e6ac66248bab07958519db2811ef],
PUP.Optional.FreeGames.A, C:\Users\mari\AppData\Roaming\freegames4357, Quarantined, [114f4e44e8a2f640003b1b85fa0904fc],
PUP.Optional.SurfVox.A, C:\ProgramData\nvxasync, Delete-on-Reboot, [1b458012325875c1b12f9f137a89936d],
PUP.Optional.SurfVox.A, C:\Users\mari\AppData\Roaming\nvxasync, Delete-on-Reboot, [dc84e7ab90fabc7a03ddebc742c151af],
PUP.Optional.IBUpdater.A, C:\ProgramData\IBUpdaterService, Quarantined, [9fc1b9d9850590a68506922229da867a],
PUP.Optional.BestOffers.A, C:\Users\mari\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers, Quarantined, [66fa236f5f2b7cba18395f6c05feb947],
PUP.Optional.BestOffers.A, C:\Users\mari\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome, Quarantined, [66fa236f5f2b7cba18395f6c05feb947],
PUP.Optional.BestOffers.A, C:\Users\mari\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content, Quarantined, [66fa236f5f2b7cba18395f6c05feb947],
PUP.Optional.BestOffers.A, C:\Users\mari\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\mz, Quarantined, [66fa236f5f2b7cba18395f6c05feb947],
PUP.Optional.BestOffers.A, C:\Users\mari\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\skin, Quarantined, [66fa236f5f2b7cba18395f6c05feb947],

Files: 56
PUP.Optional.SurfVox.A, C:\Users\mari\AppData\Roaming\nvxasync\nvxasync.exe, Delete-on-Reboot, [134d425078122313b545a5572ed53bc5],
PUP.Optional.FreeGames.A, C:\Users\mari\AppData\Roaming\freegames4357\freegames4357.crx, Quarantined, [114f4e44e8a2f640003b1b85fa0904fc],
PUP.Optional.FreeGames.A, C:\Users\mari\AppData\Roaming\freegames4357\freegames4357DeskTopIcon.ico, Quarantined, [114f4e44e8a2f640003b1b85fa0904fc],
PUP.Optional.FreeGames.A, C:\Users\mari\AppData\Roaming\freegames4357\install_helper.exe, Quarantined, [114f4e44e8a2f640003b1b85fa0904fc],
PUP.Optional.SurfVox.A, C:\ProgramData\nvxasync\com.apple.Safari.plist, Quarantined, [1b458012325875c1b12f9f137a89936d],
PUP.Optional.SurfVox.A, C:\ProgramData\nvxasync\cvxasync.exe, Delete-on-Reboot, [1b458012325875c1b12f9f137a89936d],
PUP.Optional.SurfVox.A, C:\ProgramData\nvxasync\klite.exe, Quarantined, [1b458012325875c1b12f9f137a89936d],
PUP.Optional.SurfVox.A, C:\ProgramData\nvxasync\oldfilenotused, Quarantined, [1b458012325875c1b12f9f137a89936d],
PUP.Optional.SurfVox.A, C:\ProgramData\nvxasync\Prefaddon, Quarantined, [1b458012325875c1b12f9f137a89936d],
PUP.Optional.SurfVox.A, C:\ProgramData\nvxasync\setting.dat, Quarantined, [1b458012325875c1b12f9f137a89936d],
PUP.Optional.SurfVox.A, C:\ProgramData\nvxasync\starter.xml, Quarantined, [1b458012325875c1b12f9f137a89936d],
PUP.Optional.SurfVox.A, C:\ProgramData\nvxasync\user.js, Quarantined, [1b458012325875c1b12f9f137a89936d],
PUP.Optional.SurfVox.A, C:\ProgramData\nvxasync\Web Data, Quarantined, [1b458012325875c1b12f9f137a89936d],
PUP.Optional.SurfVox.A, C:\Users\mari\AppData\Roaming\nvxasync\com.apple.Safari.plist, Quarantined, [dc84e7ab90fabc7a03ddebc742c151af],
PUP.Optional.SurfVox.A, C:\Users\mari\AppData\Roaming\nvxasync\cvxasync.exe, Quarantined, [dc84e7ab90fabc7a03ddebc742c151af],
PUP.Optional.SurfVox.A, C:\Users\mari\AppData\Roaming\nvxasync\klite.exe, Quarantined, [dc84e7ab90fabc7a03ddebc742c151af],
PUP.Optional.SurfVox.A, C:\Users\mari\AppData\Roaming\nvxasync\oldfilenotused, Quarantined, [dc84e7ab90fabc7a03ddebc742c151af],
PUP.Optional.SurfVox.A, C:\Users\mari\AppData\Roaming\nvxasync\Prefaddon, Quarantined, [dc84e7ab90fabc7a03ddebc742c151af],
PUP.Optional.SurfVox.A, C:\Users\mari\AppData\Roaming\nvxasync\Preferences, Quarantined, [dc84e7ab90fabc7a03ddebc742c151af],
PUP.Optional.SurfVox.A, C:\Users\mari\AppData\Roaming\nvxasync\Secure Preferences, Quarantined, [dc84e7ab90fabc7a03ddebc742c151af],
PUP.Optional.SurfVox.A, C:\Users\mari\AppData\Roaming\nvxasync\setting.dat, Quarantined, [dc84e7ab90fabc7a03ddebc742c151af],
PUP.Optional.SurfVox.A, C:\Users\mari\AppData\Roaming\nvxasync\starter.xml, Quarantined, [dc84e7ab90fabc7a03ddebc742c151af],
PUP.Optional.SurfVox.A, C:\Users\mari\AppData\Roaming\nvxasync\user.js, Quarantined, [dc84e7ab90fabc7a03ddebc742c151af],
PUP.Optional.SurfVox.A, C:\Users\mari\AppData\Roaming\nvxasync\Web Data, Quarantined, [dc84e7ab90fabc7a03ddebc742c151af],
PUP.Optional.IBUpdater.A, C:\ProgramData\IBUpdaterService\repository.xml, Quarantined, [9fc1b9d9850590a68506922229da867a],
PUP.Optional.BestOffers.A, C:\Users\mari\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome.manifest, Quarantined, [66fa236f5f2b7cba18395f6c05feb947],
PUP.Optional.BestOffers.A, C:\Users\mari\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\icon.png, Quarantined, [66fa236f5f2b7cba18395f6c05feb947],
PUP.Optional.BestOffers.A, C:\Users\mari\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\install.rdf, Quarantined, [66fa236f5f2b7cba18395f6c05feb947],
PUP.Optional.BestOffers.A, C:\Users\mari\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\background.html, Quarantined, [66fa236f5f2b7cba18395f6c05feb947],
PUP.Optional.BestOffers.A, C:\Users\mari\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\bg.js, Quarantined, [66fa236f5f2b7cba18395f6c05feb947],
PUP.Optional.BestOffers.A, C:\Users\mari\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\button.xml, Quarantined, [66fa236f5f2b7cba18395f6c05feb947],
PUP.Optional.BestOffers.A, C:\Users\mari\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\config.js, Quarantined, [66fa236f5f2b7cba18395f6c05feb947],
PUP.Optional.BestOffers.A, C:\Users\mari\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\content.js, Quarantined, [66fa236f5f2b7cba18395f6c05feb947],
PUP.Optional.BestOffers.A, C:\Users\mari\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\framework.js, Quarantined, [66fa236f5f2b7cba18395f6c05feb947],
PUP.Optional.BestOffers.A, C:\Users\mari\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\framework.png, Quarantined, [66fa236f5f2b7cba18395f6c05feb947],
PUP.Optional.BestOffers.A, C:\Users\mari\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\framework.xul, Quarantined, [66fa236f5f2b7cba18395f6c05feb947],
PUP.Optional.BestOffers.A, C:\Users\mari\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\icon128.ico, Quarantined, [66fa236f5f2b7cba18395f6c05feb947],
PUP.Optional.BestOffers.A, C:\Users\mari\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\icon128.png, Quarantined, [66fa236f5f2b7cba18395f6c05feb947],
PUP.Optional.BestOffers.A, C:\Users\mari\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\icon16.ico, Quarantined, [66fa236f5f2b7cba18395f6c05feb947],
PUP.Optional.BestOffers.A, C:\Users\mari\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\icon16.png, Quarantined, [66fa236f5f2b7cba18395f6c05feb947],
PUP.Optional.BestOffers.A, C:\Users\mari\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\icon18.ico, Quarantined, [66fa236f5f2b7cba18395f6c05feb947],
PUP.Optional.BestOffers.A, C:\Users\mari\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\icon18.png, Quarantined, [66fa236f5f2b7cba18395f6c05feb947],
PUP.Optional.BestOffers.A, C:\Users\mari\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\icon24.ico, Quarantined, [66fa236f5f2b7cba18395f6c05feb947],
PUP.Optional.BestOffers.A, C:\Users\mari\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\icon24.png, Quarantined, [66fa236f5f2b7cba18395f6c05feb947],
PUP.Optional.BestOffers.A, C:\Users\mari\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\icon32.ico, Quarantined, [66fa236f5f2b7cba18395f6c05feb947],
PUP.Optional.BestOffers.A, C:\Users\mari\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\icon32.png, Quarantined, [66fa236f5f2b7cba18395f6c05feb947],
PUP.Optional.BestOffers.A, C:\Users\mari\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\icon48.ico, Quarantined, [66fa236f5f2b7cba18395f6c05feb947],
PUP.Optional.BestOffers.A, C:\Users\mari\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\icon48.png, Quarantined, [66fa236f5f2b7cba18395f6c05feb947],
PUP.Optional.BestOffers.A, C:\Users\mari\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\jquery-1.9.1.min.js, Quarantined, [66fa236f5f2b7cba18395f6c05feb947],
PUP.Optional.BestOffers.A, C:\Users\mari\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\options.xul, Quarantined, [66fa236f5f2b7cba18395f6c05feb947],
PUP.Optional.BestOffers.A, C:\Users\mari\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\settings.json, Quarantined, [66fa236f5f2b7cba18395f6c05feb947],
PUP.Optional.BestOffers.A, C:\Users\mari\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\mz\background.js, Quarantined, [66fa236f5f2b7cba18395f6c05feb947],
PUP.Optional.BestOffers.A, C:\Users\mari\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\mz\content.js, Quarantined, [66fa236f5f2b7cba18395f6c05feb947],
PUP.Optional.BestOffers.A, C:\Users\mari\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\skin\framework.css, Quarantined, [66fa236f5f2b7cba18395f6c05feb947],
PUP.Optional.SurfVox.A, C:\Users\mari\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences, Good: (), Bad: ( "homepage": "http://www.surfvox.com/",), Replaced,[c19f9cf655351f1764fdb1a79c6a867a]
PUP.Optional.SurfVox.A, C:\Users\mari\AppData\Roaming\Mozilla\Firefox\Profiles\2kuq6vl1.default\prefs.js, Good: (), Bad: (user_pref("browser.startup.homepage", "http://www.surfvox.com"), Replaced,[baa6c5cd5c2ee056d18c75e35da9e51b]

Physical Sectors: 0
(No malicious items detected)


(end)

 

[Autumn456]

4. Adware Cleaner log

# AdwCleaner v4.203 - Logfile created 11/05/2015 at 20:38:53
# Updated 30/04/2015 by Xplode
# Database : 2015-05-09.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : mari - MARI-SUPER-PC
# Running from : C:\Users\mari\Downloads\adwcleaner_4.203.exe
# Option : Cleaning

***** [ Services ] *****

[#] Service Deleted : SCBackService

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Program Files (x86)\GreenTree Applications
Folder Deleted : C:\Users\mari\AppData\Roaming\pdfforge
File Deleted : C:\END
File Deleted : C:\Users\mari\AppData\Roaming\Mozilla\Firefox\Profiles\2kuq6vl1.default\user.js

***** [ Scheduled tasks ] *****

Task Deleted : LaunchSignup

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{91c612bf-2a7a-48b8-8c8c-6de28589b7a0}]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{91c612bf-2a7a-48b8-8c8c-6de28589b7a1}]
Key Deleted : HKLM\SOFTWARE\Classes\AddressBarSearch.SearchHook
Key Deleted : HKLM\SOFTWARE\Classes\AddressBarSearch.SearchHook.1
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\STC.FBServiceAPPEventsSink
Key Deleted : HKLM\SOFTWARE\Classes\STC.FBServiceAPPEventsSink.1
Key Deleted : HKLM\SOFTWARE\Classes\STC.OptionMenu
Key Deleted : HKLM\SOFTWARE\Classes\STC.OptionMenu.1
Key Deleted : HKLM\SOFTWARE\Classes\STC.Protocol
Key Deleted : HKLM\SOFTWARE\Classes\STC.Protocol.1
Key Deleted : HKLM\SOFTWARE\Classes\STC.VisualBookmark
Key Deleted : HKLM\SOFTWARE\Classes\STC.VisualBookmark.1
Key Deleted : HKLM\SOFTWARE\Classes\STC.WebObject
Key Deleted : HKLM\SOFTWARE\Classes\STC.WebObject.1
Key Deleted : HKLM\SOFTWARE\Classes\STCHelper.BHOHelper
Key Deleted : HKLM\SOFTWARE\Classes\STCHelper.BHOHelper.1
Key Deleted : HKLM\SOFTWARE\Classes\STCHelper.FBServiceAPP
Key Deleted : HKLM\SOFTWARE\Classes\STCHelper.FBServiceAPP.1
Key Deleted : HKLM\SOFTWARE\Classes\STCHelper.Protocol
Key Deleted : HKLM\SOFTWARE\Classes\STCHelper.Protocol.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BackgroundHost.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{82A5CE4D-AF0C-45B6-8AF8-75625BE6A08D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B2B7E0CD-E169-43B3-A233-E129610EE314}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0DEC13F0-5C8C-4147-8329-6CDFAD9755B7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0F3DC9E0-C459-4A40-BCF8-747BD9322E10}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E97F0FA-3B44-4634-A87E-8B0D5CFD6365}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{951F5841-FD1E-4F1D-8607-67B174DBD753}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D1CCB0CC-DA45-4797-93D3-DEE7A13F8177}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DCE24E28-D8EF-49BE-BC01-A1DD3B58FCE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E4F7F1A5-490E-4884-A9E3-CBD6A25749E1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FFE66D00-A56A-4F7F-81D7-4A28C5816D6C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E8E0178-00EF-413D-9324-E7B3E31572E3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A1A533A8-E106-422B-AE29-D0025269AF83}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B1759D04-0EF9-472A-B5C3-C774997B5321}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FFE66D00-A56A-4F7F-81D7-4A28C5816D6C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{80ED3EBC-CC05-4336-ABCC-295798855718}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{0F3DC9E0-C459-4A40-BCF8-747BD9322E10}]
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\PIP
Key Deleted : HKLM\SOFTWARE\dt soft\daemon tools toolbar
Key Deleted : HKLM\SOFTWARE\PIP
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17728


-\\ Mozilla Firefox v37.0.2 (x86 fi)


-\\ Google Chrome v42.0.2311.135

[C:\Users\mari\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxps://isearch.avg.com/search?cid={C7FD730A-285D-41DE-8D40-E796CD28BBE8}&mid=&lang=&ds=&pr=&d=&v=&sap=dsp&q={searchTerms}
[C:\Users\mari\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}

*************************

AdwCleaner[R0].txt - [5161 bytes] - [11/05/2015 20:37:58]
AdwCleaner[S0].txt - [5126 bytes] - [11/05/2015 20:38:53]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5185 bytes] ##########

5. Junkware Removal tool

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.7.0 (05.09.2015:1)
OS: Windows 7 Home Premium x64
Ran by mari on ma 11.05.2015 at 20:42:27,45
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{828B376B-F2F6-4778-928C-E29EC877535E}



~~~ Files

Successfully deleted: [File] C:\Users\mari\appdata\local\google\chrome\user data\default\local storage\chrome-extension_gkojfkhlekighikafcpjkiklfbnlmeio_0.localstorage
Successfully deleted: [File] C:\Users\mari\appdata\local\google\chrome\user data\default\local storage\chrome-extension_gkojfkhlekighikafcpjkiklfbnlmeio_0.localstorage-journal



~~~ Folders



~~~ FireFox

Successfully deleted the following from C:\Users\mari\AppData\Roaming\mozilla\firefox\profiles\2kuq6vl1.default\prefs.js

user_pref(browser.search.selectedEngine, SurfVox);





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ma 11.05.2015 at 20:46:36,12
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Thanks

 

[Broni]

Please download ComboFix from Here, Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**

• Never rename Combofix unless instructed.
• Close any open browsers.
• Very Important! Temporarily disable your anti-virus and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
• Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
• Close any open browsers.
• WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
• Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
• If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
  If the connection is not there use restore point you created prior to running Combofix.
• Double click on combofix.exe & follow the prompts.

• 
  NOTE1. If Combofix asks you to install Recovery Console, please allow it.
  NOTE 2. If Combofix asks you to update the program, always do so.

• When finished, it will produce a report for you.
• Please post the "C:\ComboFix.txt"

**Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
**Note 2 for AVG and CA Internet Security (Total Defense Internet Security) users: ComboFix will not run until AVG/CA Internet Security is uninstalled as a protective measure against the anti-virus. This is because AVG/CA Internet Security "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG/CA Internet Security cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG/CA Internet Security first.
Use AppRemover to uninstall it: https://www.techspot.com/downloads/5514-appremover.html
We can reinstall it when we're done with CF.
**Note 3: If you receive an error Illegal operation attempted on a registery key that has been marked for deletion, restart computer to fix the issue.
**Note 4: Some infections may take some significant time to be cured. As long as your computer clock is running Combofix is still working. Be patient.


Make sure, you re-enable your security programs, when you're done with Combofix.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NOTE.
If, for some reason, Combofix refuses to run, try the following...

Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
Do NOT run it yet.
Download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

Restart computer in safe mode

• Double-click on the Rkill desktop icon to run the tool.
• If using Windows Vista, 7 or 8 right-click on it and choose Run As Administrator.
• A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
• If not, delete the file, then download and use the one provided in Link 2.
• Do not reboot until instructed.
• If the tool does not run from any of the links provided, please let me know.

When the scan is done Notepad will open with rKill.txt log.
NOTE. rKill.txt log will also be present on your desktop.

Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

IF you had to run rKill post BOTH logs, rKill.txt and Combofix.txt.

 

[Autumn456]

The Combofix links and/or download links on the sites did not work (errors 403 and 404), but I downloaded it from http://www.bleepingcomputer.com, hopefully that is ok. The results:

ComboFix 15-05-13.01 - mari 13.05.2015 19:18:19.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.358.1033.18.16344.12925 [GMT 3:00]
Sijainti: c:\users\mari\Desktop\ComboFix.exe
AV: Tietoturva *Disabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17}
SP: Tietoturva *Disabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((( Muut poistot ))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\mari\AppData\Local\Temp\ammemb.dll
c:\users\mari\AppData\Local\Temp\ammemb64.dll
c:\users\mari\AppData\Roaming\Launcher.rb4
c:\windows\C091A49B9BBFCDA9.log
.
.
((((( Tiedostot, jotka on luotu seuraavalla aikavälillä: 2015-04-13 to 2015-05-13 )))))))))))))))))
.
.
2015-05-13 16:23 . 2015-05-13 16:23 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2015-05-13 15:51 . 2015-05-01 13:17 124112 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 15:51 . 2015-05-01 13:16 102608 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 14:52 . 2015-04-22 02:28 813776 ----a-w- c:\program files\Internet Explorer\iexplore.exe
2015-05-13 14:49 . 2015-04-13 03:28 328704 ----a-w- c:\windows\system32\services.exe
2015-05-13 14:47 . 2015-04-20 03:17 1179136 ----a-w- c:\windows\system32\FntCache.dll
2015-05-13 14:40 . 2015-04-04 06:25 12032440 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F95EA504-CAE8-4FC4-8888-789BDFA77FAE}\mpengine.dll
2015-05-11 17:48 . 2015-05-11 17:48 -------- d-----w- c:\users\mari\AppData\Local\F-Secure
2015-05-11 17:42 . 2015-05-11 17:42 -------- d-----w- C:\RegBackup
2015-05-11 17:37 . 2015-05-11 17:38 -------- d-----w- C:\AdwCleaner
2015-05-11 17:19 . 2015-05-13 16:07 -------- d-----w- c:\program files (x86)\mymal
2015-05-11 17:19 . 2015-05-11 17:19 -------- d-----w- c:\programdata\Malwarebytes
2015-05-11 17:09 . 2015-05-11 17:10 35064 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2015-05-11 17:09 . 2015-05-11 17:10 -------- d-----w- c:\programdata\RogueKiller
2015-05-10 08:21 . 2015-05-10 10:17 -------- d-----w- C:\FRST
2015-05-10 05:36 . 2015-05-10 06:21 -------- d-----w- C:\UsbFix
2015-05-10 04:27 . 2015-05-10 04:27 290304 ----a-w- c:\windows\SysWow64\subinacl.exe
2015-05-10 04:27 . 2015-05-10 04:27 -------- d-----w- c:\program files\Adware-Removal-Tool
2015-05-10 04:27 . 2015-05-10 04:27 -------- d-----w- c:\program files\Common Files\Microsoft
2015-05-09 12:04 . 2015-05-09 12:04 -------- d-----w- c:\users\mari\AppData\Roaming\chportu
2015-05-01 19:09 . 2015-05-01 19:09 -------- d-----w- c:\program files (x86)\Common Files\Java
2015-04-17 06:03 . 2015-04-08 20:32 560968 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2015-04-15 10:07 . 2015-04-15 10:07 18178736 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2015-04-15 04:22 . 2015-03-23 03:25 726528 ----a-w- c:\windows\system32\generaltel.dll
2015-04-15 04:18 . 2015-02-25 03:18 754688 ----a-w- c:\windows\system32\drivers\http.sys
2015-04-15 04:16 . 2015-03-04 04:55 367552 ----a-w- c:\windows\system32\clfs.sys
2015-04-15 04:16 . 2015-03-04 04:41 79360 ----a-w- c:\windows\system32\clfsw32.dll
2015-04-15 04:16 . 2015-03-04 04:10 58880 ----a-w- c:\windows\SysWow64\clfsw32.dll
2015-04-14 10:19 . 2015-04-14 10:19 16917184 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\OFFICE12\MSO.DLL
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-05-13 15:52 . 2013-03-12 20:05 140425016 ----a-w- c:\windows\system32\MRT.exe
2015-05-01 19:09 . 2014-10-22 04:28 97888 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-04-27 19:04 . 2015-05-13 14:48 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-04-15 10:07 . 2014-02-11 07:02 778416 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-04-15 10:07 . 2014-02-11 07:02 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-04-09 00:58 . 2014-05-28 04:23 14617288 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2015-04-09 00:58 . 2014-01-26 06:12 1540240 ----a-w- c:\windows\system32\nvhdagenco6420103.dll
2015-04-09 00:58 . 2013-09-17 19:22 17176128 ----a-w- c:\windows\system32\nvwgf2umx.dll
2015-04-09 00:58 . 2013-09-17 19:22 15818528 ----a-w- c:\windows\system32\nvd3dumx.dll
2015-04-09 00:58 . 2013-09-17 19:22 12689592 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2015-04-09 00:58 . 2013-09-17 19:22 2935416 ----a-w- c:\windows\SysWow64\nvapi.dll
2015-04-09 00:58 . 2013-01-22 15:43 78480 ----a-w- c:\windows\system32\OpenCL.dll
2015-04-09 00:58 . 2013-01-22 15:43 66704 ----a-w- c:\windows\SysWow64\OpenCL.dll
2015-04-09 00:58 . 2012-10-10 19:23 3317344 ----a-w- c:\windows\system32\nvapi64.dll
2015-04-08 21:30 . 2013-01-22 15:43 6841488 ----a-w- c:\windows\system32\nvcpl.dll
2015-04-08 21:30 . 2013-01-22 15:43 3478344 ----a-w- c:\windows\system32\nvsvc64.dll
2015-04-08 21:30 . 2013-01-22 15:43 936264 ----a-w- c:\windows\system32\nvvsvc.exe
2015-04-08 21:30 . 2013-01-22 15:43 62608 ----a-w- c:\windows\system32\nvshext.dll
2015-04-08 21:30 . 2013-01-22 15:43 2558608 ----a-w- c:\windows\system32\nvsvcr.dll
2015-04-08 21:30 . 2013-01-22 15:43 385168 ----a-w- c:\windows\system32\nvmctray.dll
2015-04-08 17:52 . 2013-01-22 15:43 4336074 ----a-w- c:\windows\system32\nvcoproc.bin
2015-03-30 12:25 . 2014-03-01 06:02 33856 ---ha-w- c:\windows\system32\hamachi.sys
2015-03-28 03:44 . 2014-06-03 04:56 1316000 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2015-03-28 03:44 . 2013-11-20 06:43 1316000 ----a-w- c:\windows\SysWow64\nvspcap.dll
2015-03-28 03:43 . 2014-06-03 04:56 1756424 ----a-w- c:\windows\system32\nvspbridge64.dll
2015-03-28 03:43 . 2013-11-20 06:43 1570672 ----a-w- c:\windows\system32\nvspcap64.dll
2015-03-04 04:41 . 2015-05-13 14:47 309248 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2015-03-04 04:41 . 2015-05-13 14:47 103424 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2015-03-04 04:10 . 2015-05-13 14:47 470528 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2015-03-04 04:10 . 2015-05-13 14:47 2178560 ----a-w- c:\windows\apppatch\AcGenral.dll
2015-03-04 04:06 . 2015-05-13 14:47 2560 ----a-w- c:\windows\apppatch\AcRes.dll
2015-02-24 01:17 . 2010-11-21 03:27 295552 ------w- c:\windows\system32\MpSigStub.exe
2015-02-20 04:41 . 2015-03-11 05:45 41984 ----a-w- c:\windows\system32\lpk.dll
2015-02-20 04:40 . 2015-03-11 05:45 100864 ----a-w- c:\windows\system32\fontsub.dll
2015-02-20 04:40 . 2015-03-11 05:45 14336 ----a-w- c:\windows\system32\dciman32.dll
2015-02-20 04:40 . 2015-03-11 05:45 46080 ----a-w- c:\windows\system32\atmlib.dll
2015-02-20 04:13 . 2015-03-11 05:45 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2015-02-20 04:13 . 2015-03-11 05:45 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
2015-02-20 04:13 . 2015-03-11 05:45 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2015-02-20 04:12 . 2015-03-11 05:45 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2015-02-20 03:29 . 2015-03-11 05:45 372224 ----a-w- c:\windows\system32\atmfd.dll
2015-02-20 03:09 . 2015-03-11 05:45 299008 ----a-w- c:\windows\SysWow64\atmfd.dll
2015-02-17 14:04 . 2015-02-17 14:04 1202848 ----a-w- c:\windows\SysWow64\FM20.DLL
2015-02-13 05:22 . 2015-03-11 05:42 14177280 ----a-w- c:\windows\system32\shell32.dll
.
.
(((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"Actual Multiple Monitors"="c:\program files (x86)\Actual Multiple Monitors\ActualMultipleMonitorsCenter.exe" [2012-07-12 1629032]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]
"Gyazo"="c:\program files (x86)\Gyazo\GyStation.exe" [2013-10-30 2990304]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2015-03-25 31682144]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ZyngaGamesAgent"="c:\program files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe" [2010-11-15 841544]
"STCAgent"="c:\program files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe" [2011-08-29 771968]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2012-01-12 5028464]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-11-29 284440]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-01-27 291608]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"F-Secure Hoster (28313)"="c:\program files (x86)\Elisa Turvakeskus\fshoster32.exe" [2012-11-21 167608]
"F-Secure Manager"="c:\program files (x86)\Elisa Turvakeskus\apps\ComputerSecurity\Common\FSM32.EXE" [2012-07-03 310992]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-05-31 152392]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2015-03-30 3978600]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2015-04-30 334896]
.
c:\users\mari\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 -näyttöleikkeet ja Launcher.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE /tsr [2009-2-26 97680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 regi;regi;c:\windows\system32\drivers\regi.sys;c:\windows\SYSNATIVE\drivers\regi.sys [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\DRIVERS\lgandbus64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandbus64.sys [x]
R3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\DRIVERS\lganddiag64.sys;c:\windows\SYSNATIVE\DRIVERS\lganddiag64.sys [x]
R3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandgps64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandgps64.sys [x]
R3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\DRIVERS\lgandmodem64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandmodem64.sys [x]
R3 AndNetDiag;LGE AndroidNet USB Serial Port;c:\windows\system32\DRIVERS\lgandnetdiag64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetdiag64.sys [x]
R3 ANDNetModem;LGE AndroidNet USB Modem;c:\windows\system32\DRIVERS\lgandnetmodem64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetmodem64.sys [x]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe;c:\windows\SYSNATIVE\AppleChargerSrv.exe [x]
R3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;c:\program files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe;c:\program files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys;c:\windows\GVTDrv64.sys [x]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 fsbts;fsbts;c:\windows\system32\Drivers\fsbts.sys;c:\windows\SYSNATIVE\Drivers\fsbts.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AppleCharger.sys [x]
S1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files (x86)\Elisa Turvakeskus\apps\ComputerSecurity\HIPS\drivers\fshs.sys;c:\program files (x86)\Elisa Turvakeskus\apps\ComputerSecurity\HIPS\drivers\fshs.sys [x]
S1 fsvista;F-Secure Vista Support Driver;c:\program files (x86)\Elisa Turvakeskus\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys;c:\program files (x86)\Elisa Turvakeskus\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [x]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 fshoster;F-Secure Dll Hoster;c:\program files (x86)\Elisa Turvakeskus\fshoster32.exe;c:\program files (x86)\Elisa Turvakeskus\fshoster32.exe [x]
S2 FSORSPClient;F-Secure ORSP Client;c:\program files (x86)\Elisa Turvakeskus\apps\CCF_Reputation\fsorsp.exe;c:\program files (x86)\Elisa Turvakeskus\apps\CCF_Reputation\fsorsp.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
S2 MSSQL$BWDATOOLSET;SQL Server (BWDATOOLSET);c:\program files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe;c:\program files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys;c:\windows\SYSNATIVE\Drivers\SSPORT.sys [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe;c:\windows\SYSNATIVE\viakaraokesrv.exe [x]
S3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files (x86)\Elisa Turvakeskus\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys;c:\program files (x86)\Elisa Turvakeskus\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [x]
S3 fsni;fsni;c:\program files (x86)\Elisa Turvakeskus\apps\CCF_Scanning\bin\fsni64.sys;c:\program files (x86)\Elisa Turvakeskus\apps\CCF_Scanning\bin\fsni64.sys [x]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
S3 VUSB3HUB;VIA USB 3 Root Hub Service;c:\windows\system32\DRIVERS\ViaHub3.sys;c:\windows\SYSNATIVE\DRIVERS\ViaHub3.sys [x]
S3 xhcdrv;VIA USB eXtensible Host Controller Service;c:\windows\system32\DRIVERS\xhcdrv.sys;c:\windows\SYSNATIVE\DRIVERS\xhcdrv.sys [x]
.
.
--- Muut muistissa olevat ajurit/palvelut ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-04-30 08:57 988488 ----a-w- c:\program files (x86)\Google\Chrome\Application\42.0.2311.135\Installer\chrmstp.exe
.
'Ajoitetut tehtävät'-kansion sisältö
.
2015-05-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-11 10:07]
.
2015-05-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-24 13:29]
.
2015-05-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-24 13:29]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VIAxHCUtl"="c:\via_xhci\usb3Monitor.exe" [2011-07-12 331776]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2015-03-28 1570672]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-03-28 2673296]
.
------- Täydentävä tarkistus -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
mSearch Bar = hxxp://www.google.com
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: V&ie Microsoft Exceliin - c:\progra~2\MIF5BA~1\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\mari\AppData\Roaming\Mozilla\Firefox\Profiles\2kuq6vl1.default\
FF - ExtSQL: !HIDDEN! 2013-10-30 18:07; freegames4357@BestOffers; c:\users\mari\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers
.
- - - - POISTETUT JÄMÄRIVIT - - - -
.
Wow6432Node-HKCU-Run-Guild Wars 2 Timers - c:\users\mari\Desktop\GuildWars2Timers.exe
Wow6432Node-HKLM-Run-PowerDVD13Agent - c:\program files (x86)\CyberLink\PowerDVD13\PowerDVD13Agent.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM-Run-Nvtmru - c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe
AddRemove-{ED118F10-E516-4245-160F-6213F508F71F}_is1 - c:\program files (x86)\Electronic Arts\Sims 4\unins000.exe
AddRemove-Guild Wars - c:\program files (x86)\Steam\steamapps\common\Guild Wars\Gw.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\fshoster]
"ImagePath"="\"c:\program files (x86)\Elisa Turvakeskus\fshoster32.exe\" -hosterid:0"
.
--------------------- LUKITUT REKISTERIAVAIMET ---------------------
.
[HKEY_USERS\S-1-5-21-1694309862-3657083619-1565170917-1000\Software\SecuROM\License information*]
"datasecu"=hex:f1,ec,10,7a,24,a9,c0,fd,7e,65,d5,9b,70,43,20,46,e9,a4,db,d3,54,
b8,69,ed,de,b1,2f,8a,fb,d4,d7,05,e0,77,52,0d,48,bc,4b,8c,4b,5c,c1,c4,05,4f,\
"rkeysecu"=hex:78,b2,a4,1e,2d,37,68,16,b9,7b,20,9f,49,8a,fa,42
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Program Files (x86)\\GIGABYTE\\ET6\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Program Files (x86)\\GIGABYTE\\ET6\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Program Files (x86)\\GIGABYTE\\ET6\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Program Files (x86)\\GIGABYTE\\ET6\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\NetworkList\Nla\Cache\Intranet\%g* *]
"Successes"=dword:c0000000
"Failures"=dword:c0000003
"{B34B3B1D-09FC-4158-B0D3-3B0C2633EE8A}"=hex:00,1c,10,3e,7e,06
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Muut prosessit ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Elisa Turvakeskus\apps\ComputerSecurity\Anti-Virus\FSGK32.EXE
c:\program files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files (x86)\Elisa Turvakeskus\apps\ComputerSecurity\Common\FSMA32.EXE
c:\program files (x86)\Elisa Turvakeskus\apps\ComputerSecurity\Anti-Virus\fssm32.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\users\mari\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
.
**************************************************************************
.
Valmistumisajankohta: 2015-05-13 19:37:10 - kone käynnistettiin uudelleen
ComboFix-quarantined-files.txt 2015-05-13 16:37
.
Ennen ajoa: 404 796 764 160 bytes free
Ajon jälkeen: 404 670 357 504 bytes free
.
- - End Of File - - 1B738D3A5E95AF823DCE602AB06F89E8

 

[Broni]

Re-run Farbar Recovery Scan Tool (FRST/FRST64) you ran at the very beginning of this topic.

• Double-click to run it. When the tool opens click Yes to disclaimer.
• Make sure you checkmark Addition.txt box.
• Press Scan button.
• Scan will create two logs, FRST.txt and Addition.txt in the same directory the tool is run. Please copy and paste them to your reply.

 

[Autumn456]

The FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-05-2015
Ran by mari (administrator) on MARI-SUPER-PC on 14-05-2015 11:05:43
Running from C:\Users\mari\Downloads
Loaded Profiles: mari (Available profiles: mari)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(F-Secure Corporation) C:\Program Files (x86)\Elisa Turvakeskus\fshoster32.exe
(F-Secure Corporation) C:\Program Files (x86)\Elisa Turvakeskus\apps\CCF_Reputation\fsorsp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(F-Secure Corporation) C:\Program Files (x86)\Elisa Turvakeskus\apps\ComputerSecurity\Anti-Virus\fsgk32.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(F-Secure Corporation) C:\Program Files (x86)\Elisa Turvakeskus\apps\ComputerSecurity\Common\FSMA32.EXE
(F-Secure Corporation) C:\Program Files (x86)\Elisa Turvakeskus\apps\ComputerSecurity\Common\FSHDLL64.EXE
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(VIA Technologies, Inc.) C:\VIA_XHCI\usb3Monitor.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Actual Tools) C:\Program Files (x86)\Actual Multiple Monitors\ActualMultipleMonitorsCenter.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(F-Secure Corporation) C:\Program Files (x86)\Elisa Turvakeskus\fshoster32.exe
(F-Secure Corporation) C:\Program Files (x86)\Elisa Turvakeskus\apps\ComputerSecurity\Common\FSM32.EXE
(NVIDIA Corporation) C:\Users\mari\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(F-Secure Corporation) C:\Program Files (x86)\Elisa Turvakeskus\apps\ComputerSecurity\Spam Control\fsscoepl_x64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Actual Tools) C:\Program Files (x86)\Actual Multiple Monitors\ActualMultipleMonitorsCenter64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\Elisa Turvakeskus\apps\ComputerSecurity\Gadget\fsgadget.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(F-Secure Corporation) C:\Program Files (x86)\Elisa Turvakeskus\apps\ComputerSecurity\Anti-Virus\fssm32.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [VIAxHCUtl] => C:\VIA_XHCI\usb3Monitor.exe [331776 2011-07-12] (VIA Technologies, Inc.)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2673296 2015-03-28] (NVIDIA Corporation)
HKLM-x32\...\Run: [ZyngaGamesAgent] => C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe [841544 2010-11-15] (Splashtop Inc.)
HKLM-x32\...\Run: [STCAgent] => C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe [771968 2011-08-29] (Splashtop Inc.)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5028464 2012-01-12] (VIA)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-27] (Intel Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [F-Secure Hoster (28313)] => C:\Program Files (x86)\Elisa Turvakeskus\fshoster32.exe [167608 2012-11-21] (F-Secure Corporation)
HKLM-x32\...\Run: [F-Secure Manager] => C:\Program Files (x86)\Elisa Turvakeskus\apps\ComputerSecurity\Common\FSM32.EXE [310992 2012-07-03] (F-Secure Corporation)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-03-30] (LogMeIn Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKU\S-1-5-21-1694309862-3657083619-1565170917-1000\...\Run: [Actual Multiple Monitors] => C:\Program Files (x86)\Actual Multiple Monitors\ActualMultipleMonitorsCenter.exe [1629032 2012-07-12] (Actual Tools)
HKU\S-1-5-21-1694309862-3657083619-1565170917-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [369200 2009-10-30] (DT Soft Ltd)
HKU\S-1-5-21-1694309862-3657083619-1565170917-1000\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [2990304 2013-10-30] (Nota Inc.)
HKU\S-1-5-21-1694309862-3657083619-1565170917-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31682144 2015-03-25] (Skype Technologies S.A.)
HKU\S-1-5-21-1694309862-3657083619-1565170917-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)
Startup: C:\Users\mari\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 -näyttöleikkeet ja Launcher.lnk [2014-12-13]
ShortcutTarget: OneNote 2007 -näyttöleikkeet ja Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1694309862-3657083619-1565170917-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1694309862-3657083619-1565170917-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-05-01] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-01] (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\mari\AppData\Roaming\Mozilla\Firefox\Profiles\2kuq6vl1.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2013-04-08] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2011-12-01] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2011-12-01] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-01] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1694309862-3657083619-1565170917-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-05-04] ()
FF SearchPlugin: C:\Users\mari\AppData\Roaming\Mozilla\Firefox\Profiles\2kuq6vl1.default\searchplugins\starter.xml [2015-05-09]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\bookplus-fi.xml [2015-05-09]
FF Extension: Ghostery - C:\Users\mari\AppData\Roaming\Mozilla\Firefox\Profiles\2kuq6vl1.default\Extensions\firefox@ghostery.com.xpi [2015-05-10]
FF Extension: YouTube Downloader - C:\Users\mari\AppData\Roaming\Mozilla\Firefox\Profiles\2kuq6vl1.default\Extensions\youtubedownloader@anoniamto.com.xpi [2014-05-22]
FF Extension: Adblock Plus - C:\Users\mari\AppData\Roaming\Mozilla\Firefox\Profiles\2kuq6vl1.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-05-10]
FF Extension: Greasemonkey - C:\Users\mari\AppData\Roaming\Mozilla\Firefox\Profiles\2kuq6vl1.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013-10-30]
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.surfvox.com/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{googleageClassification}{google:searchVersion}{google:sessionToken}{googlerefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\mari\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (No Name) - C:\Users\mari\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-09]
CHR Extension: (No Name) - C:\Users\mari\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-09]
CHR Extension: (No Name) - C:\Users\mari\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-09]
CHR Extension: (Bookmark Manager) - C:\Users\mari\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-10]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\mari\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14]
CHR Extension: (Google Wallet) - C:\Users\mari\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-31]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1254400 2015-04-27] (Microsoft Corporation)
R2 fshoster; C:\Program Files (x86)\Elisa Turvakeskus\fshoster32.exe [167608 2012-11-21] (F-Secure Corporation)
R3 FSMA; C:\Program Files (x86)\Elisa Turvakeskus\apps\ComputerSecurity\Common\FSMA32.EXE [212688 2012-07-03] (F-Secure Corporation)
R2 FSORSPClient; C:\Program Files (x86)\Elisa Turvakeskus\apps\CCF_Reputation\fsorsp.exe [60456 2015-03-09] (F-Secure Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-28] (NVIDIA Corporation)
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-03-30] (LogMeIn, Inc.)
R2 MSSQL$BWDATOOLSET; C:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-03-28] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-28] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910640 2015-03-05] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-10-31] ()
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2012-01-10] (VIA Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 DAUpdaterSvc; C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Andbus; C:\Windows\System32\DRIVERS\lgandbus64.sys [19456 2012-03-02] (LG Electronics Inc.)
S3 AndDiag; C:\Windows\System32\DRIVERS\lganddiag64.sys [27648 2012-03-02] (LG Electronics Inc.)
S3 AndGps; C:\Windows\System32\DRIVERS\lgandgps64.sys [27136 2012-03-02] (LG Electronics Inc.)
S3 ANDModem; C:\Windows\System32\DRIVERS\lgandmodem64.sys [34304 2012-03-02] (LG Electronics Inc.)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2013-04-18] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2013-06-28] (LG Electronics Inc.)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21616 2011-11-02] ()
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R3 F-Secure Gatekeeper; C:\Program Files (x86)\Elisa Turvakeskus\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [208424 2015-02-24] (F-Secure Corporation)
R1 F-Secure HIPS; C:\Program Files (x86)\Elisa Turvakeskus\apps\ComputerSecurity\HIPS\drivers\fshs.sys [71080 2015-04-14] (F-Secure Corporation)
R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [56016 2013-04-11] ()
R0 fsbts; C:\Windows\SysWOW64\Drivers\fsbts.sys [42672 2013-02-28] ()
R3 fsni; C:\Program Files (x86)\Elisa Turvakeskus\apps\CCF_Scanning\bin\fsni64.sys [90152 2015-04-15] (F-Secure Corporation)
R1 fsvista; C:\Program Files (x86)\Elisa Turvakeskus\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [16920 2012-07-03] ()
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-09-05] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-28] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2013-03-11] () [File not signed]
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-05-11] ()
R3 VUSB3HUB; C:\Windows\System32\DRIVERS\ViaHub3.sys [205312 2012-01-20] (VIA Technologies, Inc.)
R3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [254464 2012-01-20] (VIA Technologies, Inc.)
U3 af0x4myv; C:\Windows\System32\Drivers\af0x4myv.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero size file/folder)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S2 regi; \??\C:\Windows\system32\drivers\regi.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

 

[Autumn456]

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-14 11:05 - 2015-05-14 11:06 - 00022704 _____ () C:\Users\mari\Downloads\FRST.txt.txt
2015-05-14 11:05 - 2015-05-14 11:05 - 00000000 ____D () C:\Users\mari\Downloads\FRST-OlderVersion
2015-05-13 19:54 - 2015-05-13 19:54 - 00025911 _____ () C:\Users\mari\Downloads\ComboFix.txt
2015-05-13 19:42 - 2015-05-13 19:42 - 00572456 _____ (F-Secure Corporation) C:\Users\mari\Downloads\F-SecureOnlineScanner (1).exe
2015-05-13 19:37 - 2015-05-13 19:37 - 00025911 _____ () C:\ComboFix.txt
2015-05-13 19:17 - 2015-05-13 19:37 - 00000000 ____D () C:\Qoobox
2015-05-13 19:17 - 2011-06-26 09:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-05-13 19:17 - 2010-11-07 20:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-05-13 19:17 - 2009-04-20 07:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-05-13 19:17 - 2000-08-31 03:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-05-13 19:17 - 2000-08-31 03:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-05-13 19:17 - 2000-08-31 03:00 - 00098816 _____ () C:\Windows\sed.exe
2015-05-13 19:17 - 2000-08-31 03:00 - 00080412 _____ () C:\Windows\grep.exe
2015-05-13 19:17 - 2000-08-31 03:00 - 00068096 _____ () C:\Windows\zip.exe
2015-05-13 19:16 - 2015-05-13 19:35 - 00000000 ____D () C:\Windows\erdnt
2015-05-13 19:15 - 2015-05-13 19:15 - 05623645 ____R (Swearware) C:\Users\mari\Desktop\ComboFix.exe
2015-05-13 18:51 - 2015-05-01 16:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 18:51 - 2015-05-01 16:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 17:53 - 2015-05-05 04:29 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-13 17:53 - 2015-05-05 04:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-13 17:53 - 2015-04-22 05:28 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-13 17:53 - 2015-04-22 04:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-13 17:53 - 2015-04-21 20:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-13 17:53 - 2015-04-21 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-05-13 17:53 - 2015-04-21 19:51 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-13 17:53 - 2015-04-21 19:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-05-13 17:53 - 2015-04-21 19:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-13 17:53 - 2015-04-21 19:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-05-13 17:53 - 2015-04-21 19:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-13 17:53 - 2015-04-21 19:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-05-13 17:53 - 2015-04-21 19:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-13 17:53 - 2015-04-21 19:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-13 17:53 - 2015-04-21 19:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-13 17:53 - 2015-04-21 19:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-05-13 17:53 - 2015-04-21 19:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-05-13 17:53 - 2015-04-21 19:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-05-13 17:53 - 2015-04-21 19:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-13 17:53 - 2015-04-21 19:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-13 17:53 - 2015-04-21 19:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-05-13 17:53 - 2015-04-21 19:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-05-13 17:53 - 2015-04-21 19:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-05-13 17:53 - 2015-04-21 18:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-13 17:53 - 2015-04-21 18:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-05-13 17:53 - 2015-04-21 18:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-05-13 17:53 - 2015-04-21 18:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-13 17:53 - 2015-04-21 18:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-13 17:53 - 2015-04-21 18:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-05-13 17:53 - 2015-04-21 18:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-13 17:53 - 2015-04-21 18:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-13 17:53 - 2015-04-21 18:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-13 17:53 - 2015-04-21 18:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-13 17:53 - 2015-04-21 18:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-13 17:53 - 2015-04-21 18:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-13 17:53 - 2015-04-21 18:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-13 17:53 - 2015-04-21 18:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-13 17:53 - 2015-04-21 18:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-13 17:53 - 2015-04-21 17:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-13 17:53 - 2015-04-21 17:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-13 17:53 - 2015-04-18 06:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-13 17:53 - 2015-04-18 05:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-13 17:52 - 2015-04-21 20:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-13 17:52 - 2015-04-21 19:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-13 17:52 - 2015-04-21 19:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-13 17:52 - 2015-04-21 19:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-13 17:52 - 2015-04-21 19:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-05-13 17:52 - 2015-04-21 19:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-13 17:52 - 2015-04-21 19:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-13 17:52 - 2015-04-21 19:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-13 17:52 - 2015-04-21 19:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-13 17:52 - 2015-04-21 19:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-05-13 17:52 - 2015-04-21 19:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-13 17:52 - 2015-04-21 19:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-13 17:52 - 2015-04-21 19:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-13 17:52 - 2015-04-21 19:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-13 17:52 - 2015-04-21 19:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-13 17:52 - 2015-04-21 18:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-05-13 17:52 - 2015-04-21 18:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-13 17:52 - 2015-04-21 18:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-05-13 17:52 - 2015-04-21 18:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-13 17:52 - 2015-04-21 18:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-13 17:52 - 2015-04-21 18:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-05-13 17:52 - 2015-04-21 18:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-13 17:49 - 2015-04-13 06:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 17:48 - 2015-04-27 22:28 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-05-13 17:48 - 2015-04-27 22:28 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-13 17:48 - 2015-04-27 22:28 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-13 17:48 - 2015-04-27 22:26 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-05-13 17:48 - 2015-04-27 22:23 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-13 17:48 - 2015-04-27 22:23 - 01254400 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-13 17:48 - 2015-04-27 22:23 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-05-13 17:48 - 2015-04-27 22:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-05-13 17:48 - 2015-04-27 22:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-05-13 17:48 - 2015-04-27 22:23 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-13 17:48 - 2015-04-27 22:23 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-05-13 17:48 - 2015-04-27 22:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-05-13 17:48 - 2015-04-27 22:23 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-05-13 17:48 - 2015-04-27 22:23 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-13 17:48 - 2015-04-27 22:23 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-13 17:48 - 2015-04-27 22:23 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-05-13 17:48 - 2015-04-27 22:23 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-05-13 17:48 - 2015-04-27 22:23 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-13 17:48 - 2015-04-27 22:23 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-13 17:48 - 2015-04-27 22:23 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-05-13 17:48 - 2015-04-27 22:23 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-13 17:48 - 2015-04-27 22:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-05-13 17:48 - 2015-04-27 22:23 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-05-13 17:48 - 2015-04-27 22:23 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-13 17:48 - 2015-04-27 22:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-13 17:48 - 2015-04-27 22:23 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-13 17:48 - 2015-04-27 22:23 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-05-13 17:48 - 2015-04-27 22:23 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-05-13 17:48 - 2015-04-27 22:22 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-05-13 17:48 - 2015-04-27 22:22 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-05-13 17:48 - 2015-04-27 22:22 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-05-13 17:48 - 2015-04-27 22:22 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-05-13 17:48 - 2015-04-27 22:22 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-05-13 17:48 - 2015-04-27 22:22 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-05-13 17:48 - 2015-04-27 22:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-05-13 17:48 - 2015-04-27 22:22 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-13 17:48 - 2015-04-27 22:22 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-05-13 17:48 - 2015-04-27 22:21 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-13 17:48 - 2015-04-27 22:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-13 17:48 - 2015-04-27 22:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-13 17:48 - 2015-04-27 22:16 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-13 17:48 - 2015-04-27 22:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-05-13 17:48 - 2015-04-27 22:16 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-13 17:48 - 2015-04-27 22:16 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-13 17:48 - 2015-04-27 22:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 17:48 - 2015-04-27 22:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 17:48 - 2015-04-27 22:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 17:48 - 2015-04-27 22:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 17:48 - 2015-04-27 22:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 17:48 - 2015-04-27 22:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 17:48 - 2015-04-27 22:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 17:48 - 2015-04-27 22:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 17:48 - 2015-04-27 22:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 17:48 - 2015-04-27 22:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 17:48 - 2015-04-27 22:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 17:48 - 2015-04-27 22:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 17:48 - 2015-04-27 22:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 17:48 - 2015-04-27 22:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 17:48 - 2015-04-27 22:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-13 17:48 - 2015-04-27 22:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-13 17:48 - 2015-04-27 22:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 17:48 - 2015-04-27 22:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-13 17:48 - 2015-04-27 22:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 17:48 - 2015-04-27 22:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 17:48 - 2015-04-27 22:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 17:48 - 2015-04-27 22:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 17:48 - 2015-04-27 22:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 17:48 - 2015-04-27 22:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 17:48 - 2015-04-27 22:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 17:48 - 2015-04-27 22:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-13 17:48 - 2015-04-27 22:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-05-13 17:48 - 2015-04-27 22:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-05-13 17:48 - 2015-04-27 22:08 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-05-13 17:48 - 2015-04-27 22:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-05-13 17:48 - 2015-04-27 22:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-05-13 17:48 - 2015-04-27 22:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-05-13 17:48 - 2015-04-27 22:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-05-13 17:48 - 2015-04-27 22:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-05-13 17:48 - 2015-04-27 22:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-05-13 17:48 - 2015-04-27 22:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-05-13 17:48 - 2015-04-27 22:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-05-13 17:48 - 2015-04-27 22:05 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-05-13 17:48 - 2015-04-27 22:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-05-13 17:48 - 2015-04-27 22:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-05-13 17:48 - 2015-04-27 22:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-05-13 17:48 - 2015-04-27 22:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-05-13 17:48 - 2015-04-27 22:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-05-13 17:48 - 2015-04-27 22:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-05-13 17:48 - 2015-04-27 22:04 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-05-13 17:48 - 2015-04-27 22:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-05-13 17:48 - 2015-04-27 22:03 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-05-13 17:48 - 2015-04-27 22:03 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-05-13 17:48 - 2015-04-27 22:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-05-13 17:48 - 2015-04-27 22:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-05-13 17:48 - 2015-04-27 22:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-05-13 17:48 - 2015-04-27 22:03 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-05-13 17:48 - 2015-04-27 22:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-05-13 17:48 - 2015-04-27 22:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-05-13 17:48 - 2015-04-27 21:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-05-13 17:48 - 2015-04-27 21:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-05-13 17:48 - 2015-04-27 21:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-05-13 17:48 - 2015-04-27 21:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 17:48 - 2015-04-27 21:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 17:48 - 2015-04-27 21:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 17:48 - 2015-04-27 21:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 17:48 - 2015-04-27 21:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 17:48 - 2015-04-27 21:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 17:48 - 2015-04-27 21:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 17:48 - 2015-04-27 21:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 17:48 - 2015-04-27 21:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 17:48 - 2015-04-27 21:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 17:48 - 2015-04-27 21:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 17:48 - 2015-04-27 21:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 17:48 - 2015-04-27 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-05-13 17:48 - 2015-04-27 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 17:48 - 2015-04-27 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 17:48 - 2015-04-27 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-05-13 17:48 - 2015-04-27 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 17:48 - 2015-04-27 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 17:48 - 2015-04-27 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 17:48 - 2015-04-27 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 17:48 - 2015-04-27 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 17:48 - 2015-04-27 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 17:48 - 2015-04-27 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-05-13 17:48 - 2015-04-27 21:06 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-13 17:48 - 2015-04-27 20:57 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-05-13 17:48 - 2015-04-27 20:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-05-13 17:48 - 2015-04-27 20:55 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-05-13 17:48 - 2015-04-27 20:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 17:48 - 2015-04-27 20:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 17:48 - 2015-04-27 20:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-05-13 17:47 - 2015-04-20 06:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 17:47 - 2015-04-20 06:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 17:47 - 2015-04-20 05:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-13 17:47 - 2015-04-20 05:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-13 17:47 - 2015-04-08 06:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-13 17:47 - 2015-04-08 06:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-13 17:47 - 2015-04-08 06:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-05-13 17:47 - 2015-03-04 07:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-13 17:47 - 2015-03-04 07:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-13 17:47 - 2015-03-04 07:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-13 17:47 - 2015-03-04 07:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-13 17:47 - 2015-03-04 07:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-05-13 17:47 - 2015-03-04 07:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-05-13 17:47 - 2015-03-04 07:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-13 17:47 - 2015-02-18 10:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-13 17:47 - 2015-02-18 10:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-13 17:47 - 2015-01-29 06:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-13 17:47 - 2015-01-29 06:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-05-13 17:30 - 2015-05-13 17:30 - 00000000 ____D () C:\Users\mari\Desktop\ttt
2015-05-13 17:29 - 2015-05-13 17:29 - 00084940 _____ () C:\Users\mari\Desktop\download.htm
2015-05-11 20:48 - 2015-05-11 20:48 - 00572456 _____ (F-Secure Corporation) C:\Users\mari\Downloads\F-SecureOnlineScanner.exe
2015-05-11 20:48 - 2015-05-11 20:48 - 00000000 ____D () C:\Users\mari\AppData\Local\F-Secure
2015-05-11 20:46 - 2015-05-11 20:46 - 00001297 _____ () C:\Users\mari\Desktop\JRT.txt
2015-05-11 20:42 - 2015-05-11 20:42 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-MARI-SUPER-PC-Windows-7-Home-Premium-(64-bit).dat
2015-05-11 20:42 - 2015-05-11 20:42 - 00000000 ____D () C:\RegBackup
2015-05-11 20:41 - 2015-05-11 20:42 - 02720307 _____ (Thisisu) C:\Users\mari\Downloads\JRT.exe
2015-05-11 20:37 - 2015-05-11 20:38 - 00000000 ____D () C:\AdwCleaner
2015-05-11 20:37 - 2015-05-11 20:37 - 02204160 _____ () C:\Users\mari\Downloads\adwcleaner_4.203.exe
2015-05-11 20:32 - 2015-05-13 19:33 - 00000000 ____D () C:\Avenger
2015-05-11 20:19 - 2015-05-13 19:07 - 00000000 ____D () C:\Program Files (x86)\mymal
2015-05-11 20:19 - 2015-05-11 20:19 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-05-11 20:17 - 2015-05-11 20:17 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\mari\Downloads\124.exe.exe
2015-05-11 20:16 - 2015-05-11 20:46 - 00000000 ____D () C:\Users\mari\Documents\tero
2015-05-11 20:09 - 2015-05-11 20:10 - 00035064 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2015-05-11 20:09 - 2015-05-11 20:10 - 00000000 ____D () C:\ProgramData\RogueKiller
2015-05-11 20:09 - 2015-05-11 20:09 - 16971864 _____ () C:\Users\mari\Downloads\RogueKiller.exe
2015-05-11 19:59 - 2015-05-11 19:59 - 00000000 ____D () C:\Users\mari\Downloads\backups
2015-05-11 19:58 - 2015-05-10 09:20 - 00388608 _____ (Trend Micro Inc.) C:\Users\mari\Downloads\113.exe.exe
2015-05-10 13:17 - 2015-05-10 13:17 - 00080638 _____ () C:\Users\mari\Desktop\Addition.txt
2015-05-10 11:26 - 2015-05-10 13:17 - 00066010 _____ () C:\Users\mari\Desktop\FRST.txt
2015-05-10 11:21 - 2015-05-14 11:05 - 00000000 ____D () C:\FRST
2015-05-10 11:15 - 2015-05-10 09:43 - 02102784 _____ (Farbar) C:\Users\mari\Desktop\FRST64.exe
2015-05-10 09:43 - 2015-05-14 11:05 - 02104832 _____ (Farbar) C:\Users\mari\Downloads\FRST64.exe
2015-05-10 09:20 - 2015-05-10 09:20 - 00388608 _____ (Trend Micro Inc.) C:\Users\mari\Downloads\HijackThis.exe
2015-05-10 09:19 - 2015-05-10 09:21 - 16409960 _____ (Safer Networking Limited ) C:\Users\mari\Downloads\spybotsd162.exe
2015-05-10 09:18 - 2015-05-10 09:18 - 02057008 _____ () C:\Users\mari\Downloads\Adaware_Installer.exe
2015-05-10 09:18 - 2015-05-10 09:18 - 00532480 _____ (Trend Micro Incorporated) C:\Users\mari\Downloads\cwshredder.exe
2015-05-10 09:13 - 2015-05-10 09:13 - 00008740 _____ () C:\Users\mari\Desktop\UsbFix_Report.txt
2015-05-10 08:36 - 2015-05-10 09:21 - 00000000 ____D () C:\UsbFix
2015-05-10 08:36 - 2015-05-10 08:36 - 00001448 _____ () C:\Users\mari\Desktop\UsbFix.lnk
2015-05-10 08:35 - 2015-05-10 08:35 - 04319136 _____ (El Desaparecido - SosVirus.net - UsbFix.net) C:\Users\mari\Downloads\UsbFix_2015.exe
2015-05-10 08:18 - 2015-05-10 08:18 - 00684176 _____ (Opera Software) C:\Users\mari\Downloads\Opera_NI_stable.exe
2015-05-10 07:27 - 2015-05-10 07:27 - 00290304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\subinacl.exe
2015-05-10 07:27 - 2015-05-10 07:27 - 00000000 ____D () C:\Program Files\Adware-Removal-Tool
2015-05-10 07:25 - 2015-05-10 07:26 - 00753184 _____ () C:\Users\mari\Downloads\Adware-Removal-Tool-v3.9.1.exe
2015-05-09 20:36 - 2015-04-13 21:32 - 1134341545 _____ () C:\Users\mari\Desktop\Game.of.Thrones.S05E01.1080p.HDTV.x264-BATV.mkv
2015-05-09 19:47 - 2015-04-20 19:17 - 765051718 _____ () C:\Users\mari\Desktop\Game.Of.Thrones.S05E02.1080p.HDTV.x264-BATV.mkv
2015-05-09 19:16 - 2015-05-09 19:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-05-09 15:04 - 2015-05-09 15:04 - 00000000 ____D () C:\Users\mari\AppData\Roaming\chportu
2015-05-08 14:40 - 2015-05-10 12:08 - 00332388 _____ () C:\Users\mari\Downloads\MTS_Shimrod101_1488655_ShimrodAllBedsSameEnergyComfort_V2.zip
2015-05-07 09:28 - 2015-05-10 08:15 - 00000001 _____ () C:\Users\mari\AppData\Roaming\update.dat
2015-05-06 14:17 - 2015-05-06 14:17 - 00000000 ___HD () C:\Users\mari\Downloads\The.Picture.Of.Dorian.Gray.1945.720p.WEB-DL.H264-WEBiOS [PublicHD]
2015-05-06 11:57 - 2015-05-06 14:26 - 00000231 _____ () C:\Users\mari\Desktop\lainaukset.txt
2015-05-06 11:07 - 2015-05-06 11:07 - 00001333 _____ () C:\Users\Public\Desktop\Sims 4 by BuZeR.lnk
2015-05-06 11:07 - 2015-05-06 11:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sims 4
2015-05-06 08:18 - 2015-05-06 08:18 - 00000000 ___HD () C:\Users\mari\Downloads\The.Flash.2014.S01E21.Grodd.Lives.1080p.WEB-DL.DD5.1.H.264-YFN
2015-05-05 20:00 - 2015-05-05 20:44 - 00000000 ___HD () C:\Users\mari\Downloads\The_Importance_of_Being_Earnest_Criterion_R1
2015-05-04 12:53 - 2015-05-03 22:20 - 00258192 _____ () C:\Users\mari\Desktop\Captive Prince_ Volume Two - S.U. Pacat.epub
2015-05-04 12:52 - 2015-05-04 07:31 - 00197646 _____ () C:\Users\mari\Desktop\Captive Prince_ Volume One - S.U. Pacat.epub
2015-05-04 11:42 - 2015-05-04 11:42 - 00001198 _____ () C:\Users\mari\Documents\Uninstall Dragon Age 2.log
2015-05-04 11:40 - 2015-05-07 20:06 - 00000000 ____D () C:\Users\mari\Desktop\SIMS 4 BACKUP ennen uutta asennusta
2015-05-02 17:56 - 2015-05-02 17:56 - 00000000 ____D () C:\Users\mari\Desktop\yksin toinen ennen taloa (minecraft)
2015-05-02 11:28 - 2015-05-04 20:54 - 00000754 _____ () C:\Users\mari\Desktop\yksin toinen maailma minecraft.txt
2015-05-01 22:28 - 2015-05-01 22:29 - 00000000 ____D () C:\Users\mari\Desktop\Minecraft skin updater MC
2015-05-01 16:22 - 2015-05-04 09:51 - 00000000 ___HD () C:\Users\mari\Downloads\The.Flash.2014.S01E20.The.Trap.720p.WEB-DL.DD5.1.H.264-NTb[rarbg]
2015-04-30 20:16 - 2015-05-01 22:32 - 00000433 _____ () C:\Users\mari\Desktop\oskumaailma.txt
2015-04-23 07:44 - 2015-05-04 09:15 - 00000000 ___HD () C:\Users\mari\Downloads\The.Flash.2014.S01E19.Who.Is.Harrison.Wells.1080p.WEB-DL.DD5.1.H.264-NTb[rarbg]
2015-04-22 15:25 - 2015-05-04 09:53 - 00000000 ___HD () C:\Users\mari\Downloads\The.Flash.2014.S01E18.All.Star.Team.Up.1080p.WEB-DL.DD5.1.H.264-YFN
2015-04-17 09:03 - 2015-04-08 23:32 - 00560968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-04-17 09:01 - 2015-04-09 03:58 - 31570064 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-04-17 09:01 - 2015-04-09 03:58 - 30397072 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-04-17 09:01 - 2015-04-09 03:58 - 25375048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-04-17 09:01 - 2015-04-09 03:58 - 24053576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-04-17 09:01 - 2015-04-09 03:58 - 15716232 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-04-17 09:01 - 2015-04-09 03:58 - 14006752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-04-17 09:01 - 2015-04-09 03:58 - 12852784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-04-17 09:01 - 2015-04-09 03:58 - 11380728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-04-17 09:01 - 2015-04-09 03:58 - 10423952 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-04-17 09:01 - 2015-04-09 03:58 - 02896528 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-04-17 09:01 - 2015-04-09 03:58 - 02573456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-04-17 09:01 - 2015-04-09 03:58 - 01895568 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435012.dll
2015-04-17 09:01 - 2015-04-09 03:58 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435012.dll
2015-04-17 09:01 - 2015-04-09 03:58 - 01086424 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-04-17 09:01 - 2015-04-09 03:58 - 01047368 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-04-17 09:01 - 2015-04-09 03:58 - 01037640 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-04-17 09:01 - 2015-04-09 03:58 - 00970568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-04-17 09:01 - 2015-04-09 03:58 - 00962192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-04-17 09:01 - 2015-04-09 03:58 - 00927440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-04-17 09:01 - 2015-04-09 03:58 - 00499344 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-04-17 09:01 - 2015-04-09 03:58 - 00402576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-04-17 09:01 - 2015-04-09 03:58 - 00390472 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-04-17 09:01 - 2015-04-09 03:58 - 00346256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-04-17 09:01 - 2015-04-09 03:58 - 00195728 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-04-17 09:01 - 2015-04-09 03:58 - 00175880 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-04-17 09:01 - 2015-04-09 03:58 - 00154256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-04-17 09:01 - 2015-04-09 03:58 - 00150648 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-04-17 09:01 - 2015-04-09 03:58 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-04-17 09:01 - 2015-04-09 03:58 - 00030536 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-04-15 13:07 - 2015-04-15 13:07 - 18178736 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-04-15 07:23 - 2015-03-25 06:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-15 07:23 - 2015-03-25 06:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-15 07:23 - 2015-03-25 06:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-15 07:23 - 2015-03-25 06:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-15 07:23 - 2015-03-25 06:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-15 07:23 - 2015-03-25 06:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-15 07:23 - 2015-03-25 06:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-15 07:23 - 2015-03-25 06:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-15 07:23 - 2015-03-25 06:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-15 07:23 - 2015-03-25 06:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-15 07:23 - 2015-03-25 06:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 07:23 - 2015-03-25 06:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-15 07:23 - 2015-03-25 06:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-15 07:23 - 2015-03-25 06:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-15 07:23 - 2015-03-25 06:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-15 07:23 - 2015-03-25 06:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-15 07:22 - 2015-03-23 06:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-15 07:22 - 2015-03-23 06:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-15 07:22 - 2015-03-23 06:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-15 07:22 - 2015-03-23 06:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-15 07:22 - 2015-03-23 06:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-15 07:22 - 2015-03-23 06:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-15 07:22 - 2015-03-23 06:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-15 07:22 - 2015-03-23 06:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-15 07:22 - 2015-03-10 06:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-15 07:22 - 2015-03-10 06:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-15 07:22 - 2015-03-10 06:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-15 07:22 - 2015-03-10 06:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-04-15 07:22 - 2015-03-05 08:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-15 07:22 - 2015-03-05 07:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-15 07:18 - 2015-02-25 06:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-15 07:16 - 2015-03-04 07:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-15 07:16 - 2015-03-04 07:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-15 07:16 - 2015-03-04 07:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-14 11:05 - 2013-01-22 18:12 - 01557523 _____ () C:\Windows\WindowsUpdate.log
2015-05-14 11:04 - 2013-01-24 17:00 - 00000000 ____D () C:\Users\mari\AppData\Roaming\Skype
2015-05-14 11:02 - 2014-02-25 18:18 - 00000000 ____D () C:\Users\mari\AppData\Local\LogMeIn Hamachi
2015-05-14 11:02 - 2013-01-24 16:29 - 00001004 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-14 11:01 - 2014-11-12 08:55 - 00034867 _____ () C:\Windows\setupact.log
2015-05-14 11:01 - 2013-01-22 18:43 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-14 11:01 - 2009-07-14 08:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-13 21:07 - 2014-02-11 10:02 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-13 20:56 - 2013-01-24 16:29 - 00001008 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-13 19:58 - 2009-07-14 07:45 - 00029120 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-13 19:58 - 2009-07-14 07:45 - 00029120 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-13 19:33 - 2009-07-14 05:34 - 00000215 _____ () C:\Windows\system.ini
2015-05-13 19:24 - 2014-12-30 09:06 - 00031808 _____ () C:\Windows\PFRO.log
2015-05-13 19:09 - 2013-02-10 20:43 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2015-05-13 19:09 - 2009-07-14 08:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-05-13 19:08 - 2009-07-14 08:13 - 00849608 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-13 19:01 - 2009-07-14 07:45 - 00310536 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-13 18:59 - 2011-04-12 11:28 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-13 18:59 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-05-13 18:58 - 2013-03-13 23:36 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-05-13 18:58 - 2013-03-13 23:36 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-05-13 18:56 - 2013-07-22 21:06 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-13 18:56 - 2013-05-12 09:41 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-05-13 18:52 - 2013-03-12 23:05 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-13 18:51 - 2013-03-13 23:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-13 17:32 - 2013-01-22 18:28 - 00003942 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{4AB0C76A-5A39-454F-942D-9FF3FC607F9D}
2015-05-11 20:32 - 2009-07-14 08:32 - 00000000 ____D () C:\Windows\Offline Web Pages
2015-05-11 19:59 - 2013-01-22 18:12 - 00000000 ____D () C:\Users\mari\AppData\Local\VirtualStore
2015-05-10 18:46 - 2013-01-26 14:50 - 00833474 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-05-10 18:19 - 2013-05-19 08:18 - 00000000 ____D () C:\Users\mari\Documents\IHAN OMIA
2015-05-10 14:58 - 2013-01-24 17:31 - 00000000 ____D () C:\Users\mari\AppData\Roaming\vlc
2015-05-10 09:39 - 2014-04-07 14:32 - 00000040 ___SH () C:\ProgramData\.zreglib
2015-05-10 08:48 - 2013-10-30 19:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-10 08:24 - 2013-01-25 15:00 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
2015-05-09 22:09 - 2013-01-24 17:29 - 00000000 ____D () C:\Users\mari\AppData\Roaming\BitTorrent
2015-05-07 09:28 - 2013-01-25 18:36 - 00000000 ____D () C:\Users\mari\Documents\Electronic Arts
2015-05-07 07:30 - 2013-02-24 11:28 - 00000000 ____D () C:\Users\mari\Documents\Calibre Library
2015-05-06 11:10 - 2014-11-26 19:52 - 00035910 _____ () C:\Windows\DirectX.log
2015-05-05 22:04 - 2013-02-22 18:08 - 00000000 ____D () C:\Users\mari\AppData\Roaming\dvdcss
2015-05-04 12:00 - 2013-01-25 18:39 - 00000000 ____D () C:\ProgramData\Origin
2015-05-04 11:44 - 2013-02-10 21:24 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2015-05-04 09:52 - 2015-04-01 15:41 - 00000000 ___HD () C:\Users\mari\Downloads\The.Flash.2014.S01E17.Tricksters.1080p.WEB-DL.DD5.1.H.264-NTb[rarbg]
2015-05-04 09:51 - 2015-03-25 20:06 - 00000000 ___HD () C:\Users\mari\Downloads\The.Flash.2014.S01E16.Rogue.Time.1080p.WEB-DL.DD5.1.H.264-NTb[rarbg]
2015-05-04 09:51 - 2015-03-19 16:11 - 00000000 ___HD () C:\Users\mari\Downloads\The.Flash.2014.S01E15.Out.of.Time.1080p.WEB-DL.DD5.1.H.264-NTb[rarbg]
2015-05-04 07:54 - 2014-11-09 10:01 - 00000930 _____ () C:\Users\Public\Desktop\calibre 64bit - E-book management.lnk
2015-05-04 07:54 - 2013-02-24 11:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2015-05-04 07:54 - 2013-02-24 11:27 - 00000000 ____D () C:\Program Files\Calibre2
2015-05-04 07:31 - 2013-02-24 11:28 - 00000000 ____D () C:\Users\mari\AppData\Roaming\calibre
2015-05-04 07:25 - 2014-08-22 11:48 - 00001070 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2015-05-01 22:10 - 2014-10-22 07:28 - 00000000 ____D () C:\Program Files (x86)\Java
2015-05-01 22:10 - 2013-10-23 06:55 - 00000000 ____D () C:\ProgramData\Oracle
2015-05-01 22:09 - 2014-10-22 07:28 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-04-26 08:58 - 2013-09-18 07:14 - 00000000 ____D () C:\Users\mari\AppData\Roaming\Guild Wars 2
2015-04-24 22:13 - 2013-01-24 16:54 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-04-17 14:56 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\rescache
2015-04-17 14:55 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\AppCompat
2015-04-17 09:03 - 2013-11-20 09:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-04-17 09:03 - 2013-09-28 16:01 - 00000000 ____D () C:\temp
2015-04-17 09:02 - 2013-01-22 18:42 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-04-17 08:57 - 2013-11-20 10:02 - 00001381 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2015-04-17 06:55 - 2013-01-24 17:00 - 00000000 ____D () C:\ProgramData\Skype
2015-04-16 06:38 - 2014-12-11 08:54 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-16 06:38 - 2014-05-06 21:39 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-16 06:38 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-04-15 13:07 - 2014-02-11 10:02 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-15 13:07 - 2014-02-11 10:02 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-15 13:07 - 2014-02-11 10:02 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-15 11:35 - 2015-02-08 14:00 - 00000000 ____D () C:\Users\mari\AppData\Roaming\TS3Client

==================== Files in the root of some directories =======

2015-05-07 09:28 - 2015-05-10 08:15 - 0000001 _____ () C:\Users\mari\AppData\Roaming\update.dat
2014-04-07 14:32 - 2015-05-10 09:39 - 0000040 ___SH () C:\ProgramData\.zreglib

Some content of TEMP:
====================
C:\Users\mari\AppData\Local\Temp\ammemb.dll
C:\Users\mari\AppData\Local\Temp\ammemb64.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-05 19:10

==================== End Of Log ============================

 

[Autumn456]

Addition:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-05-2015
Ran by mari at 2015-05-14 11:06:25
Running from C:\Users\mari\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1694309862-3657083619-1565170917-500 - Administrator - Disabled)
Guest (S-1-5-21-1694309862-3657083619-1565170917-501 - Limited - Disabled)
mari (S-1-5-21-1694309862-3657083619-1565170917-1000 - Administrator - Enabled) => C:\Users\mari

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Tietoturva (Enabled - Up to date) {15414183-282E-D62C-CA37-EF24860A2F17}
AS: Tietoturva (Enabled - Up to date) {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

@Bios (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.23 - GIGABYTE)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Actual Multiple Monitors 4.1 (HKLM-x32\...\Actual Multiple Monitors_is1) (Version: 4.1 - Actual Tools)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Amazon Kindle (HKU\S-1-5-21-1694309862-3657083619-1565170917-1000\...\Amazon Kindle) (Version: - Amazon)
Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Applen ohjelmatuki (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Assassin's Creed(R) III v1.03 (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.03 - Ubisoft)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.4.4 - Atheros Communications Inc.)
Audacity 2.0.4 (HKLM-x32\...\Audacity_is1) (Version: 2.0.4 - Audacity Team)
AutoGreen B12.0206.1 (HKLM-x32\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE)
AutoGreen B12.0206.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Awesomenauts (HKLM-x32\...\Steam App 204300) (Version: - )
Barbarian Invasion (HKLM-x32\...\{FD69C8CB-6964-432C-98AB-A5A09ED50EEA}) (Version: 1.4 - )
Batman: Arkham City™ GOTY (HKLM-x32\...\GFWL_{57520FA0-DF38-46A1-8046-3B1000008500}) (Version: 1.0.0000.133 - WB Games)
Batman: Arkham City™ GOTY (x32 Version: 1.0.0000.133 - WB Games) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Beyond Good & Evil (HKLM-x32\...\Steam App 15130) (Version: - Ubisoft)
BitTorrent (HKU\S-1-5-21-1694309862-3657083619-1565170917-1000\...\BitTorrent) (Version: 7.9.3.40101 - BitTorrent Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
calibre 64bit (HKLM\...\{2E2F6591-1465-4C64-8F50-E75F4AAB0ED8}) (Version: 2.27.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
CDisplayEx 1.8 (HKLM-x32\...\CDisplayEx_is1) (Version: - Henri Gourvest.)
Computer Security 12.62.109.0 (release) (x32 Version: 12.62.109.0 - F-Secure Corporation) Hidden
Corel WinDVD Pro 11 (HKLM-x32\...\_{EF13E6B7-86D2-4E2C-82FB-375654407D4F}) (Version: 11.5.1.3 - Corel Inc.)
CrystalDiskInfo 6.1.1 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.1.1 - Crystal Dew World)
DmC Devil May Cry (HKLM-x32\...\Steam App 220440) (Version: - Ninja Theory)
Dragon Age II (HKLM-x32\...\{F2E23139-3404-4E3C-9855-7724415D62A5}) (Version: 1.04 - Electronic Arts, Inc.)
Dragon Age Redesigned© (HKU\S-1-5-21-1694309862-3657083619-1565170917-1000\...\Dragon Age Redesigned©) (Version: - )
Dragon Age Toolset (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.01 - Electronic Arts, Inc.)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Easy Tune 6 B12.0309.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B12.0309.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Elisa Turvakeskus (HKLM-x32\...\F-Secure ServiceEnabler 28313) (Version: 1.62.373.0 - F-Secure Corporation)
Elisa Turvakeskus (x32 Version: 1.62.373.0 - F-Secure Corporation) Hidden
eViihde (HKU\S-1-5-21-1694309862-3657083619-1565170917-1000\...\a806c360bbc9222a) (Version: 0.4.3.1 - eViihde.com)
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version: - Obsidian Entertainment)
Far Cry 3 (HKLM-x32\...\Uplay Install 46) (Version: - Ubisoft)
FarCry 4 (HKLM-x32\...\Uplay Install 420) (Version: - Ubisoft)
FLY'N (HKLM-x32\...\Steam App 223730) (Version: - Ankama)
Fraps (HKLM-x32\...\Fraps) (Version: - )
F-Secure CCF Reputation (x32 Version: 1.0.25.1756 - F-Secure) Hidden
F-Secure CCF Scanning 1.51.111.300 (release) (x32 Version: 1.51.111.300 - F-Secure Corporation) Hidden
F-Secure Network CCF 1.02.115 (x32 Version: 1.02.115 - F-Secure Corporation) Hidden
Glyph (HKLM-x32\...\Glyph) (Version: - Trion Worlds, Inc.)
GOG.com Downloader version 3.6.0 (HKLM-x32\...\{456A5815-604D-4D72-94DF-346D2B978A59}_is1) (Version: 3.6.0 - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
GS Auto Clicker (HKLM-x32\...\GS Auto Clicker_is1) (Version: V3.1.3 - goldensoft.org)
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
Gyazo 2.0.2 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.)
Heroes of Might and Magic® III (HKLM-x32\...\Heroes of Might and Magic® III) (Version: - )
Hotline Miami (HKLM-x32\...\Steam App 219150) (Version: - )
ICA (x32 Version: 11.5.1.3 - Corel Inc.) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{6199B534-A1B6-46ED-873B-97B0ECF8F81E}) (Version: 1.23.216.0 - Intel Corporation)
IPM (x32 Version: 11.5 - Corel Inc.) Hidden
iTunes (HKLM\...\{76FF0F03-B707-4332-B5D1-A56C8303514E}) (Version: 11.0.4.4 - Apple Inc.)
Jade Empire Special Edition (HKLM-x32\...\GOGPACKJADEEMPIRE_is1) (Version: 2.0.0.4 - GOG.com)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
LG PC Suite (HKLM-x32\...\LG PC Suite) (Version: 5.3.10.20131107 - LG Electronics)
LG United Mobile Drivers (HKLM-x32\...\{55031CEF-CE75-4A5C-8DEA-60577820529B}) (Version: 3.10.1.0 - LG Electronics)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.328 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.328 - LogMeIn, Inc.) Hidden
Mark of the Ninja (HKLM-x32\...\Steam App 214560) (Version: - Klei Entertainment)
marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.2.0.1010 - Marvell)
Mass Effect (HKLM-x32\...\{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}) (Version: 1.00 - Electronic Arts, Inc.)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{B636C9B9-A3F2-4DCE-ADCC-72E095018385}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 37.0.2 (x86 fi) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 fi)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.52.1 - Black Tree Gaming)
NVIDIA 3D Vision Controller Driver 349.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 349.95 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 350.12 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.1.21 - NVIDIA Corporation)
NVIDIA Graphics Driver 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 350.12 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation)
Octodad (HKLM-x32\...\Octodad) (Version: - )
Ohjelman Microsoft Office Excel 2007 Help päivitys (KB963678) (HKLM-x32\...\{90120000-0016-040B-0000-0000000FF1CE}_HOMESTUDENTR_{2C35886E-A67C-494A-8E1C-C6B4E415BBDD}) (Version: - Microsoft)
Ohjelman Microsoft Office Powerpoint 2007 Help päivitys (KB963669) (HKLM-x32\...\{90120000-0018-040B-0000-0000000FF1CE}_HOMESTUDENTR_{BD88D384-046E-4E6F-A48B-BC3757C01BA5}) (Version: - Microsoft)
Ohjelman Microsoft Office Word 2007 Help päivitys (KB963665) (HKLM-x32\...\{90120000-001B-040B-0000-0000000FF1CE}_HOMESTUDENTR_{3D728445-D30E-4E78-BCC6-722FE68CB22B}) (Version: - Microsoft)
ON_OFF Charge B11.1102.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
Online Safety 2.63.189.48 (x32 Version: 2.63.189.48 - F-Secure Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 9.1.12.73 - Electronic Arts, Inc.)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
Poker Night at the Inventory (HKLM-x32\...\Steam App 31280) (Version: - Telltale Games)
PowerISO (HKLM-x32\...\PowerISO) (Version: 5.5 - Power Software Ltd)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Rome - Total War - Alexander (HKLM-x32\...\{6C1804BC-094F-431A-BEA5-37A837958029}) (Version: 1.9 - The Creative Assembly)
Rome - Total War (HKLM-x32\...\{2E97F7E8-ABDE-4E0D-B0AD-B6B4BAD89E24}) (Version: 1.5 - The Creative Assembly)
Setup (x32 Version: 11.5.1.3 - Corel Inc.) Hidden
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
SimCity 4 Deluxe (HKLM-x32\...\Steam App 24780) (Version: - Maxis)
Sims 4 by BuZeR version final (HKLM-x32\...\{ED118F10-E516-4245-160F-6213F508F71F}_is1) (Version: final - )
Sims2Pack Clean Installer (HKLM-x32\...\Sims2Pack Clean Installer) (Version: - )
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
Splashtop Connect for Firefox (HKLM-x32\...\{EF25F71D-F3E8-42A3-8B5A-DBF83C4B942F}) (Version: 2.0.5.2 - Splashtop Inc.)
Splashtop Connect for IE (HKLM-x32\...\{E2B086BD-75A9-45D1-A675-151624B259A1}) (Version: 2.0.5.1 - Splashtop Inc.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Sims 2: Ultimate Collection (HKLM-x32\...\{04450C18-F039-4B81-A621-70C3B0F523D5}) (Version: 1.0.0.0 - Electronic Arts)
The Sims Complete Collection (HKLM-x32\...\{F2527115-B8BF-4FDB-B5DA-5AADFB7C13E1}) (Version: - )
The Sims File Cop (HKLM-x32\...\{D6D4828F-A5B2-11D4-8F73-0050DA0F6297}) (Version: - )
The Sims Medieval (HKLM-x32\...\{83BEEFB4-8C28-4F4F-8A9D-E0D1ADCE335B}) (Version: 2.0.113 - Electronic Arts)
The Sims Medieval Pirates and Nobles (HKLM-x32\...\{0CC21836-A5D6-4641-B4AE-6FA01D021E41}) (Version: 2.0.109 - Electronic Arts)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)
The Sims™ 3 70-, 80- ja 90-luku Kamasetti (HKLM-x32\...\{E1868CAE-E3B9-4099-8C18-AA8944D336FD}) (Version: 17.0.77 - Electronic Arts)
The Sims™ 3 Baana auki Kamasetti (HKLM-x32\...\{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}) (Version: 5.0.44 - Electronic Arts)
The Sims™ 3 Diesel Kamasetti (HKLM-x32\...\{1C9B6173-6DC9-4EEE-9EFC-6BA115CFBE43}) (Version: 14.0.48 - Electronic Arts)
The Sims™ 3 Iltahuvit (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)
The Sims™ 3 Keskustan kuhinaa Kamasetti (HKLM-x32\...\{7B11296A-F894-449C-8DF6-6AAAA7D4D118}) (Version: 9.0.73 - Electronic Arts)
The Sims™ 3 Leffa Kamasetti (HKLM-x32\...\{D0087539-3C57-44E0-BEE7-D779D546CBE1}) (Version: 20.0.53 - Electronic Arts)
The Sims™ 3 Lemmikit (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
The Sims™ 3 Luksuslukaali Kamasetti (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
The Sims™ 3 Maailmanmatkaaja (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)
The Sims™ 3 Makkari & Kylppäri Kamasetti (HKLM-x32\...\{08A25478-C5DD-4EA7-B168-3D687CA987FF}) (Version: 11.0.84 - Electronic Arts)
The Sims™ 3 Paratiisisaari (HKLM-x32\...\{DB21639E-FE55-432C-BCA2-0C5249E3F79E}) (Version: 19.0.101 - Electronic Arts)
The Sims™ 3 Pihaparatiisi Kamasetti (HKLM-x32\...\{117B6BF6-82C3-420C-B284-9247C8568E53}) (Version: 7.0.55 - Electronic Arts)
The Sims™ 3 Supernatural (HKLM-x32\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts)
The Sims™ 3 Superstara (HKLM-x32\...\{3BBFD444-5FAB-49F6-98B1-A1954E831399}) (Version: 12.0.273 - Electronic Arts)
The Sims™ 3 Tulevaisuuteen (HKLM-x32\...\{A0BBD6C7-B546-4048-B33A-F21F5C9F5B09}) (Version: 21.0.150 - Electronic Arts)
The Sims™ 3 Täyttä Elämää (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
The Sims™ 3 Unelmaduuni (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts)
The Sims™ 3 Vuodenajat (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
The Sims™ 3 Yliopistoelämää (HKLM-x32\...\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 - Electronic Arts)
To the Moon (HKLM-x32\...\Steam App 206440) (Version: - Freebird Games)
Torchlight II (HKLM-x32\...\Steam App 200710) (Version: - )
Total War: ROME II (HKLM-x32\...\Steam App 214950) (Version: - Creative Assembly)
Trine 2 (HKLM-x32\...\Steam App 35720) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 4.0 - Ubisoft)
UsbFix (HKLM-x32\...\Usbfix) (Version: 7.933 - El Desaparecido - www.usbfix.net - www.sosvirus.net)
VIA Ohjelmistoalustan laitehallinta (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinDVD (x32 Version: 11.5.1.3 - Corel Inc.) Hidden
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Viva Piñata (HKLM-x32\...\InstallShield_{343EFA17-5BC5-44DA-924F-539ECBEFF68C}) (Version: 1.00.0000 - Microsoft Game Studios)
Viva Pinata (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
World of Goo (HKLM-x32\...\Steam App 22000) (Version: - 2D Boy)
Zoo Tycoon 2 - Extinct Animals (HKLM-x32\...\InstallShield_{15292416-A464-4FBA-BB96-7298EAACFC07}) (Version: 1.00.0000 - Microsoft Game Studios)
Zoo Tycoon 2 - Extinct Animals (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Zoo Tycoon Expanded (HKLM-x32\...\Zoo Tycoon 1.0) (Version: - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points =========================

13-05-2015 18:49:32 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-05-13 19:23 - 2015-05-13 19:33 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {01A96789-DA75-4CBD-868C-698BDED10D32} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-24] (Google Inc.)
Task: {09AA197F-6D85-4505-8B96-AFDB2572A03F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated)
Task: {0C1B3719-4C4F-4DA2-8D9E-3C24BF52F979} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-24] (Google Inc.)
Task: {15462D56-5A49-49AD-974B-0DB5B57F504E} - System32\Tasks\{E3882483-4561-4197-9DCC-61C4931ED5CB} => C:\Users\mari\Downloads\Lego\LEGORacers.exe
Task: {31BEBFF0-3E04-45BC-BCED-E884630E4FF8} - System32\Tasks\{AED2652E-AB64-4387-BE0C-F4FCD4346D37} => pcalua.exe -a "C:\Users\mari\Desktop\New folder\autorun.exe" -d "C:\Users\mari\Desktop\New folder"
Task: {3F786600-AB9E-4EB0-B5FD-819B12C727D6} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {54E8817C-B6E2-4CB0-93C7-22467868B180} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {54F660CE-949E-4F17-A954-06871A2DD900} - System32\Tasks\{8CCEB705-00F9-4E24-BA9A-E39772E3CB34} => pcalua.exe -a E:\autorun.exe -d E:\
Task: {5AA09103-8CDE-4221-86AD-AAA436828500} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: {684A3858-784E-4AC2-851F-89129D94DDBA} - System32\Tasks\{021FE3ED-16E4-4F54-92F5-FE1EFC22161F} => pcalua.exe -a C:\ProgramData\LGMOBILEAX\LGMLauncher.exe -d C:\ProgramData\LGMOBILEAX
Task: {69A0C7C0-52D7-4C68-9EBE-BE63AFB629EF} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {7C0E6375-CD4C-4BF6-A464-320B58A001E4} - System32\Tasks\{8F2103D6-3757-4AE8-B4E0-FEEAB263AB75} => Chrome.exe http://ui.skype.com/ui/0/6.21.0.104/fi/abandoninstall?page=tsBing
Task: {88080216-57E3-4413-90E2-AD8BFCF73FDE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {F5BE8E3B-D60D-46AE-B5D3-14F394841CB5} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2013-01-22 18:43 - 2015-04-09 00:30 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-10-31 14:03 - 2014-10-31 14:03 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-01-22 18:18 - 2012-01-12 16:21 - 00078448 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2013-01-22 18:18 - 2012-01-12 16:21 - 00386160 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2013-02-28 20:37 - 2012-07-03 19:39 - 00253648 _____ () C:\Program Files (x86)\Elisa Turvakeskus\apps\ComputerSecurity\Gadget\fsgadget.exe
2013-01-28 14:08 - 2013-01-28 14:08 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-01-28 14:08 - 2013-01-28 14:08 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-02-28 20:31 - 2013-02-28 20:31 - 00372416 _____ () C:\Windows\WinSxS\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.2.680_none_a025cb6556b2730a\QtXml4.dll
2013-02-28 20:31 - 2013-02-28 20:31 - 02256576 _____ () C:\Windows\WinSxS\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.2.680_none_a025cb6556b2730a\QtCore4.dll
2013-02-28 20:37 - 2012-07-03 19:39 - 00038400 _____ () C:\Program Files (x86)\Elisa Turvakeskus\apps\ComputerSecurity\Anti-Virus\FSAVHRES.eng
2012-11-21 13:54 - 2012-11-21 13:54 - 00216760 _____ () C:\Program Files (x86)\Elisa Turvakeskus\daas2.dll
2015-04-17 08:57 - 2015-03-28 06:45 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2013-02-28 20:31 - 2013-02-28 20:31 - 08347328 _____ () C:\Windows\WinSxS\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.2.680_none_a025cb6556b2730a\QtGui4.dll
2013-02-28 20:31 - 2013-02-28 20:31 - 10706624 _____ () C:\Windows\WinSxS\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.2.680_none_a025cb6556b2730a\QtWebKit4.dll
2013-02-28 20:31 - 2013-02-28 20:31 - 03051200 _____ () C:\Windows\WinSxS\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.2.680_none_a025cb6556b2730a\QtXmlPatterns4.dll
2013-02-28 20:31 - 2013-02-28 20:31 - 00986816 _____ () C:\Windows\WinSxS\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.2.680_none_a025cb6556b2730a\QtNetwork4.dll
2013-02-28 20:31 - 2013-02-28 20:31 - 00450240 _____ () C:\Windows\WinSxS\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.2.680_none_a025cb6556b2730a\QtHelp4.dll
2013-02-28 20:31 - 2013-02-28 20:31 - 00622272 _____ () C:\Windows\WinSxS\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.2.680_none_a025cb6556b2730a\QtSql4.dll
2013-02-28 20:31 - 2013-02-28 20:31 - 01076928 _____ () C:\Windows\WinSxS\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.2.680_none_a025cb6556b2730a\QtCLucene4.dll
2012-11-21 13:54 - 2012-11-21 13:54 - 00033976 _____ () C:\Program Files (x86)\Elisa Turvakeskus\imageformats\qgif4.dll
2012-11-21 13:54 - 2012-11-21 13:54 - 00036024 _____ () C:\Program Files (x86)\Elisa Turvakeskus\imageformats\qico4.dll
2012-11-21 13:54 - 2012-11-21 13:54 - 00143032 _____ () C:\Program Files (x86)\Elisa Turvakeskus\imageformats\qjpeg4.dll
2012-11-21 13:54 - 2012-11-21 13:54 - 00241336 _____ () C:\Program Files (x86)\Elisa Turvakeskus\imageformats\qmng4.dll
2013-02-28 20:37 - 2012-07-03 19:39 - 00049152 _____ () C:\Program Files (x86)\Elisa Turvakeskus\apps\ComputerSecurity\FSGUI\fsavures.eng
2013-02-28 20:37 - 2012-07-03 19:39 - 00086016 _____ () C:\Program Files (x86)\Elisa Turvakeskus\apps\ComputerSecurity\FSGUI\strres.eng
2015-04-30 11:57 - 2015-04-28 05:07 - 01252680 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\libglesv2.dll
2015-04-30 11:57 - 2015-04-28 05:07 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\libegl.dll
2013-02-28 21:09 - 2013-02-28 21:09 - 00030888 _____ () C:\Program Files (x86)\Elisa Turvakeskus\apps\ComputerSecurity\Anti-Virus\minifilter\hashlib_x86.dll
2013-02-28 20:37 - 2015-04-14 12:07 - 00175144 _____ () C:\Program Files (x86)\Elisa Turvakeskus\apps\ComputerSecurity\Gemini\fsgem.dll
2013-02-28 20:37 - 2013-12-11 09:17 - 00212008 _____ () C:\Program Files (x86)\Elisa Turvakeskus\apps\ComputerSecurity\Spam Control\fsas.dll
2013-02-28 20:37 - 2015-02-24 11:37 - 00949288 _____ () C:\Program Files (x86)\Elisa Turvakeskus\apps\ComputerSecurity\Anti-Virus\fm4av.dll
2014-10-16 10:02 - 2014-10-16 10:02 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\92a1650dbe9fad5f46633b835420e1a8\IsdiInterop.ni.dll
2013-01-22 18:19 - 2011-11-29 21:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-01-22 18:18 - 2011-12-16 11:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-1694309862-3657083619-1565170917-1000\...\skype.com -> hxxps://apps.skype.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1694309862-3657083619-1565170917-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\mari\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

 

[Autumn456]

==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [{6AF0E4B4-9888-45E6-957D-0CB802D6228D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{00DABEE9-8F63-4F3E-AC9D-D4ADF8FD831B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{99E09A41-203A-4DDB-9C86-6875CEA410D8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{CF258610-A796-4C61-AE3E-B46B416F7144}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{A75A27B3-5CC9-430B-B6DB-05D3C46ADDD2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{EBD4577E-AE8C-4E10-9754-782416D38FB9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Torchlight II\Torchlight2.exe
FirewallRules: [{07D347B1-DD65-41E6-AD4A-923E49D151F4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Torchlight II\Torchlight2.exe
FirewallRules: [{4F55F526-089A-43EC-97D1-ECA752B82735}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\World of Goo\WorldOfGoo.exe
FirewallRules: [{15305950-596C-4BDE-AD8C-789526BD8D82}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\World of Goo\WorldOfGoo.exe
FirewallRules: [{DF4B4501-7C82-4E25-94E4-8F9992A4CC94}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
FirewallRules: [{DDF39BA1-B97D-4825-892E-2B1E645C3E34}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
FirewallRules: [TCP Query User{11657E93-36E1-4BBA-8636-BB3986A50C47}C:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe
FirewallRules: [UDP Query User{805D4E63-5A9C-4501-9DDA-92948425D84C}C:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe
FirewallRules: [{11CCF94B-18E5-4989-BD5A-12061FED4F51}] => (Block) C:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe
FirewallRules: [{FE4E0CF4-FC77-4D0F-95AD-A5FE6F95C77D}] => (Block) C:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe
FirewallRules: [{8F15EC96-978D-4A12-89C3-5E853FBDB931}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\tools\DragonAgeToolset.exe
FirewallRules: [{3E5415BD-DED2-44D9-AF60-8D73212E4C0E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\tools\DragonAgeToolset.exe
FirewallRules: [{6C0ACC1D-DB55-4A82-B94B-3102EE5A910F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\tools\RPU.exe
FirewallRules: [{BB6AEEB7-34AB-42AC-9B72-6666984F0371}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\tools\RPU.exe
FirewallRules: [{92976E9D-CDAF-4406-B4CC-9053A036E17D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\tools\lightmapper\eclipseRay.exe
FirewallRules: [{70687610-1270-4342-A1F6-6F1502304FDD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\tools\lightmapper\eclipseRay.exe
FirewallRules: [{DC90BA02-ED09-4DBA-9F84-DC30E96684E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\tools\GffEditor.exe
FirewallRules: [{CC817372-4365-4AF5-9536-177872BDEC99}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\tools\GffEditor.exe
FirewallRules: [{6947C09D-7DD8-44D9-A853-C4D4620F242A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\tools\ErfEditor.exe
FirewallRules: [{1B646D76-8676-4EA2-9F73-BF1A1A01C567}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\tools\ErfEditor.exe
FirewallRules: [TCP Query User{DEC9DAC1-8CB3-4E90-BC13-CE3DC2FA06FC}C:\windows\syswow64\regsvr32.exe] => (Allow) C:\windows\syswow64\regsvr32.exe
FirewallRules: [UDP Query User{7CC14A7E-6591-415A-AF4F-8273E624DECF}C:\windows\syswow64\regsvr32.exe] => (Allow) C:\windows\syswow64\regsvr32.exe
FirewallRules: [{E0CC4DFB-AB51-4AF1-A782-3B2AE4E70CB7}] => (Block) C:\windows\syswow64\regsvr32.exe
FirewallRules: [{E787591C-9F01-4340-8229-A38E05713C17}] => (Block) C:\windows\syswow64\regsvr32.exe
FirewallRules: [TCP Query User{948B9493-D831-4FA5-8BEA-3AC546EACC1C}C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [UDP Query User{76A3C330-2039-4B16-B278-ECEBE520EF34}C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [{EA0D59A3-AC00-4A50-B86B-F13078F0DA27}] => (Block) C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [{6E055D98-6F35-475A-B155-E2FC900C50BE}] => (Block) C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [TCP Query User{FF23FC85-88FE-49CA-B596-BB710D3E6830}C:\users\mari\downloads\bittorrent.exe] => (Block) C:\users\mari\downloads\bittorrent.exe
FirewallRules: [UDP Query User{403B3873-DD37-469E-B11D-7F0D0940117A}C:\users\mari\downloads\bittorrent.exe] => (Block) C:\users\mari\downloads\bittorrent.exe
FirewallRules: [TCP Query User{0EADDB24-9C00-4530-8673-5881618A3716}C:\program files (x86)\steam\steamapps\common\trine 2\trine2_32bit.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\trine 2\trine2_32bit.exe
FirewallRules: [UDP Query User{926CD65E-A6FD-4D3C-8D1C-FF9C9DC9F192}C:\program files (x86)\steam\steamapps\common\trine 2\trine2_32bit.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\trine 2\trine2_32bit.exe
FirewallRules: [{D7475824-1541-4331-9586-F1158356C6FC}] => (Block) C:\program files (x86)\steam\steamapps\common\trine 2\trine2_32bit.exe
FirewallRules: [{59B813A6-7567-44BD-9B77-DC695C288B63}] => (Block) C:\program files (x86)\steam\steamapps\common\trine 2\trine2_32bit.exe
FirewallRules: [{D4010AF8-F25A-499E-B611-3446DA8D464A}] => (Allow) C:\Program Files (x86)\Mass Effect\Binaries\MassEffect.exe
FirewallRules: [{ACC11947-4EEE-4791-BA88-81E204295136}] => (Allow) C:\Program Files (x86)\Mass Effect\Binaries\MassEffect.exe
FirewallRules: [{E67BD3F8-2E90-4BDA-97B5-93BB61AE2648}] => (Allow) C:\Program Files (x86)\Mass Effect\MassEffectLauncher.exe
FirewallRules: [{DD56F60A-1CAA-486E-BE46-CDA6A884ED30}] => (Allow) C:\Program Files (x86)\Mass Effect\MassEffectLauncher.exe
FirewallRules: [{A44A2FBC-3484-4BF7-9548-0F4AB92243A4}] => (Allow) C:\Program Files (x86)\Mass Effect 2\MassEffect2Launcher.exe
FirewallRules: [{E697DF44-D27A-4B34-AADB-9AD3AEBAD70C}] => (Allow) C:\Program Files (x86)\Mass Effect 2\MassEffect2Launcher.exe
FirewallRules: [{3F1FF94D-55C2-4180-BAAE-D1FDA9358C83}] => (Allow) C:\Program Files (x86)\Dragon Age 2\bin_ship\DragonAge2.exe
FirewallRules: [{C9DF99DC-74D4-43A7-A8CF-321E188B894B}] => (Allow) C:\Program Files (x86)\Dragon Age 2\bin_ship\DragonAge2.exe
FirewallRules: [{D7CF2BD8-4074-4097-93DA-7BDDEAEECCDF}] => (Allow) C:\Program Files (x86)\Dragon Age 2\DragonAge2Launcher.exe
FirewallRules: [{7AFCCD50-E09E-42B6-8210-9D389CF329E8}] => (Allow) C:\Program Files (x86)\Dragon Age 2\DragonAge2Launcher.exe
FirewallRules: [{16CD3A3C-DBD4-4E53-AD2C-A7A8FFB29376}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trine 2\trine2_launcher.exe
FirewallRules: [{B613EF89-3ABA-4968-A445-69C0B1F92314}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trine 2\trine2_launcher.exe
FirewallRules: [{096C0901-A18F-4CCD-AAD7-652C88702F12}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{EBFB40F4-BC7E-4779-A01F-D7EA451C8F2E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{AE8CC9DB-8738-4254-AE1D-6A442ADB39C1}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3.exe
FirewallRules: [{99177518-561F-4D56-9276-894F2716CA3E}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3.exe
FirewallRules: [{B75D32CE-49A2-4A50-9063-02F70EB071EF}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3_d3d11.exe
FirewallRules: [{0AD4BC70-6EBF-455A-B13D-459C84570217}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3_d3d11.exe
FirewallRules: [{B264A287-77EC-48CB-ACCD-70A35E838248}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Updater.exe
FirewallRules: [{059E466A-8452-4241-915E-E8DFB52CDE2C}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Updater.exe
FirewallRules: [{7F44CE3F-450B-4DA6-BD5D-DBB47ED84880}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Editor.exe
FirewallRules: [{BAC8699E-A24A-4DDC-98C1-210556B60F15}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Editor.exe
FirewallRules: [{4A4BE409-5F0C-47E7-B12E-7932EFF62F3B}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AC3SP.exe
FirewallRules: [{3E5F9460-A903-4391-B117-3F136F8837EC}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AC3SP.exe
FirewallRules: [{9C09F8ED-60E9-486A-83CA-E4161F390341}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AC3MP.exe
FirewallRules: [{6C028E97-0BBB-4203-967C-637ABD9298BB}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AC3MP.exe
FirewallRules: [{128B3967-A23F-4F58-AC0C-9FE08EB4E169}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AssassinsCreed3.exe
FirewallRules: [{F6C06B3A-2AFD-4C85-898D-95750355DBCA}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AssassinsCreed3.exe
FirewallRules: [{92B06E9B-7A69-426B-91CA-6F9910C03111}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{A9066A38-D307-49BB-8485-1ABF38A84831}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7609C4D5-B7E9-4AF0-A669-0161ED5C62DC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{21458B7A-2A4C-419D-9E2B-D0413794B324}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{222ED720-0994-41E8-9BB6-A309E66219A8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{42704521-97EC-42B0-B148-05DCF9738C2E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SimCity 4 Deluxe\Apps\SimCity 4.exe
FirewallRules: [{1C63A15E-3BE1-487C-94B3-79C6F1F2FCE2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SimCity 4 Deluxe\Apps\SimCity 4.exe
FirewallRules: [{E277F300-F079-4DAF-B09E-17320A90166D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SimCity 4 Deluxe\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{7737B294-F8F7-4571-B1F6-7CE6BAFAFD9B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SimCity 4 Deluxe\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{9AC043E1-2150-4F1A-8B88-420F9B79FDB1}] => (Allow) C:\Program Files (x86)\WB Games\Batman Arkham City GOTY\Binaries\Win32\BatmanAC.exe
FirewallRules: [{99BC588B-FA11-4719-8482-16ED7396F1A8}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AC3SP.exe
FirewallRules: [{94CDE13B-69B5-4626-8FD9-4938D541FD1B}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AC3SP.exe
FirewallRules: [{06B37C6F-F1E3-403A-9555-385458873920}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AC3MP.exe
FirewallRules: [{61E13F12-6476-47CE-BC45-168571139EE2}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AC3MP.exe
FirewallRules: [{37B91076-FA4F-48FC-BC95-C8D4D4734F1D}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AssassinsCreed3.exe
FirewallRules: [{BF491A46-1BA9-4635-BC07-5FB482F3AEE0}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AssassinsCreed3.exe
FirewallRules: [TCP Query User{DF7A2F22-365C-400B-9C67-3C21B42B4727}C:\users\mari\appdata\local\temp\gw2.exe] => (Allow) C:\users\mari\appdata\local\temp\gw2.exe
FirewallRules: [UDP Query User{0DA19CE3-A2F4-4839-AE15-BFF876153A51}C:\users\mari\appdata\local\temp\gw2.exe] => (Allow) C:\users\mari\appdata\local\temp\gw2.exe
FirewallRules: [TCP Query User{4D78CD13-145D-4083-B4FD-C3F1DDAF8810}C:\program files (x86)\guild wars 2\gw2.exe] => (Allow) C:\program files (x86)\guild wars 2\gw2.exe
FirewallRules: [UDP Query User{6CB3D241-AA55-42B5-928E-64089BE2AE4C}C:\program files (x86)\guild wars 2\gw2.exe] => (Allow) C:\program files (x86)\guild wars 2\gw2.exe
FirewallRules: [{3E25E388-7778-4E1E-B110-ACE493EF4995}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{80F1BAA7-432A-4E80-8EB8-4F8507AA973A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{C2C9D8EC-7F22-4E03-902A-08BB15C66FD4}] => (Allow) C:\Program Files (x86)\Microsoft Games\Zoo Tycoon 2\zt.exe
FirewallRules: [{08F5451A-FC51-419F-869B-D511CD3842DD}] => (Allow) C:\Program Files (x86)\Microsoft Games\Zoo Tycoon 2\zt.exe
FirewallRules: [{BDD3FCD6-68FF-44AC-9F2B-E8E861B7BAFC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Poker Night at the Inventory\CelebrityPoker.exe
FirewallRules: [{9D7A8D63-8D92-4C30-B69A-4DCD8C2ED508}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Poker Night at the Inventory\CelebrityPoker.exe
FirewallRules: [TCP Query User{72F9B923-445E-417D-9AE6-5932C81D8750}C:\users\mari\downloads\pokemon heart gold with emulator (inly)\desmume.exe] => (Block) C:\users\mari\downloads\pokemon heart gold with emulator (inly)\desmume.exe
FirewallRules: [UDP Query User{67928C7D-18F4-4491-9FC2-3DA6491B488F}C:\users\mari\downloads\pokemon heart gold with emulator (inly)\desmume.exe] => (Block) C:\users\mari\downloads\pokemon heart gold with emulator (inly)\desmume.exe
FirewallRules: [TCP Query User{B7175639-4723-4A49-B19C-47344F0A099C}C:\users\public\games\cryptic studios\neverwinter\live\gameclient.exe] => (Allow) C:\users\public\games\cryptic studios\neverwinter\live\gameclient.exe
FirewallRules: [UDP Query User{8C9CC37D-466D-400D-994A-548DA74259E5}C:\users\public\games\cryptic studios\neverwinter\live\gameclient.exe] => (Allow) C:\users\public\games\cryptic studios\neverwinter\live\gameclient.exe
FirewallRules: [{2C63CC07-F6B2-4880-894D-93944C1CB29D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4BE38BD2-8FC2-461E-A988-A52B4DE640F5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{3FE5DA15-E424-4AFE-B880-3C9157D21D19}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0E7D0166-393C-4B97-BE9F-D06DCC5A4788}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C717A0D3-7F2C-4174-9DDD-83450B3917FE}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{41049234-A520-4026-8FD9-1F1C717351B1}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
FirewallRules: [{EDAD0933-7601-4F5A-8E47-D71EFF77DE96}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
FirewallRules: [{2BAC4479-E324-45A4-B950-62A9B424E231}] => (Allow) c:\Program Files (x86)\sMedio\WinDVD11\\WinDVD.exe
FirewallRules: [TCP Query User{6F7B07C9-07F5-4DDD-BCFF-B5C4B8A13363}C:\program files (x86)\smedio\windvd11\windvd.exe] => (Block) C:\program files (x86)\smedio\windvd11\windvd.exe
FirewallRules: [UDP Query User{7A59E64C-BB88-4654-87D8-7AEE5E3BAB59}C:\program files (x86)\smedio\windvd11\windvd.exe] => (Block) C:\program files (x86)\smedio\windvd11\windvd.exe
FirewallRules: [{C81845C5-8251-497E-B608-38DE3714DDD2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{A1F2CD17-F55D-40EA-939A-2AC356DE737C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{27AACED9-5EB7-4F26-9D7C-2DA23583EC93}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Beyond Good and Evil\CheckApplication.exe
FirewallRules: [{295C89DD-B7C5-4BE6-8AB4-0F73499A3177}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Beyond Good and Evil\CheckApplication.exe
FirewallRules: [TCP Query User{2864606D-74F3-4C4C-85AB-D00DE503B3A3}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [UDP Query User{C8FE3473-DD8B-4E99-AD3A-635E06EED433}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [TCP Query User{E6CB6A46-CC6E-4258-878E-7FB5072361E4}C:\program files (x86)\gigabyte\@bios\gwflash.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\gwflash.exe
FirewallRules: [UDP Query User{001124D1-E7F0-4FD9-94C5-8DA910073630}C:\program files (x86)\gigabyte\@bios\gwflash.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\gwflash.exe
FirewallRules: [TCP Query User{8DD90414-1F69-47D6-82F6-207DB641B067}C:\program files (x86)\gigabyte\@bios\updexe.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\updexe.exe
FirewallRules: [UDP Query User{C7781171-A3F3-41F8-9EB3-350853E3954C}C:\program files (x86)\gigabyte\@bios\updexe.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\updexe.exe
FirewallRules: [TCP Query User{AD8E8B7C-B810-4457-82E7-7F5F3E8A47BB}C:\program files (x86)\gigabyte\@bios\gbtupd.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\gbtupd.exe
FirewallRules: [UDP Query User{B37CC8F7-B3C1-4041-9226-AD23A868224D}C:\program files (x86)\gigabyte\@bios\gbtupd.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\gbtupd.exe
FirewallRules: [{AB7DCA18-BFDD-4B81-8705-6D947F707477}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DmC Devil May Cry\Binaries\Win32\DMC-DevilMayCry.exe
FirewallRules: [{D58BF108-72D8-4D5A-B399-B8008EAC78F8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DmC Devil May Cry\Binaries\Win32\DMC-DevilMayCry.exe
FirewallRules: [{48D4559E-CC8D-480F-B990-E98189F5D436}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\hotline_miami\HotlineMiami.exe
FirewallRules: [{26061A7D-FF7A-4FB6-B41C-4F5C088444EF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\hotline_miami\HotlineMiami.exe
FirewallRules: [{3318E47D-8420-4112-84C7-C64563EBEA7A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trine 2\trine2_launcher.exe
FirewallRules: [{4BCAFBBB-8E9F-42CF-A7CA-D69F9158522B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trine 2\trine2_launcher.exe
FirewallRules: [{A8A1CC31-1492-4DBB-8E18-496E16730B31}] => (Allow) C:\Program Files (x86)\Microsoft Games\Viva Pinata\Viva Pinata.exe
FirewallRules: [{5D84547E-AE35-49EA-8291-2EAA37D8767F}] => (Allow) C:\Program Files (x86)\Microsoft Games\Viva Pinata\Viva Pinata.exe
FirewallRules: [{BFB3B6FD-93B0-49C0-9E7D-33D16006777A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{BFBFEEB7-A5D9-430F-AA07-2F5E474F5292}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{51DC4EA3-3F1B-4359-A394-05C0F3417A86}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D7174F7B-FBF4-413C-80CA-40FE8AB124FC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C5504960-EF09-4473-ACB6-EC6F70507765}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{C37CD2FE-8E91-40E7-B477-9308300E7BD1}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{C517AE90-3EB2-40F6-9F21-E0B7CD9183D2}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{D39573DC-E6A6-430D-926B-70BE6E42D75E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{C9DDCA0A-8749-4BA1-8662-7BFFF044B296}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{201F0262-10D8-464E-BEE3-91CDBA9E4F3C}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{091D8AF5-D8B6-4721-889D-911F6B74DE0E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C0DBA719-42A9-47A5-BA2C-CB9981D2C80C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{2B7682E1-7EE1-4ADF-9FE9-67984FC4B348}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{BA3C9F74-2D2D-4EE1-89BA-EFD4B460422A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{F02EF828-D95B-4976-B457-433F8401AA90}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{3D752F85-90C4-4F2D-AE80-D6702BB49AFA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{63723023-9A7A-4ADE-AB2A-88B9B89E0C1C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{B4694637-716A-43A7-880F-93FA441DF6E6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{E3E327CA-D4BC-4AE6-9320-A2921982D6C5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2426\Agent.exe
FirewallRules: [{34B6F157-7C90-4250-9F89-CD14648AF021}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2426\Agent.exe
FirewallRules: [{4449A3BF-8C04-49BA-A6E9-225D53E8912E}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{22D03AFE-D90A-4808-BE4B-32DB3F08252C}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{17D9B80F-9DF7-49B1-ABCF-43FDE45EBBB6}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [UDP Query User{76EF056E-A4DF-4D40-B5EF-CF173528D3E8}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [{EFC88B35-0075-482D-8557-DDC37B0A038D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{1ED8BFDC-3F10-487A-A426-AE818820E982}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{441A7E3E-2AB3-4BEF-8D28-397BA07B512E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{E772887F-AD78-4C1D-B7FB-4DBE72A0B13F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{40103EF1-EA47-440A-B54B-6468517E7607}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{2792F01F-E74F-483C-BE00-72D2F78B9BD4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{02A1F985-5B4B-48E0-96D7-33A107C5A9E2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{84D0192E-2F3C-4F3B-B218-9216223C6755}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{2F8D9334-A44B-4D88-A9F2-3BFED76096A0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{124D7AE6-DE4A-44F4-A79D-FE2B7D9AAEDF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{ED16DF6A-2F6A-4381-A1C8-E468281D6D02}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{DD223DC3-903E-46B1-ACEA-D0CA3BF23E72}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{21067897-2E35-4063-881A-3B593C1E59DB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{2D319BF2-6187-4507-870B-0D442840175F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{FACE9039-747A-4C71-9E7E-225BD3E96005}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brothers - A Tale of Two Sons\Binaries\Win32\BrothersLauncher.exe
FirewallRules: [{B277AF41-787A-44E2-A4D4-95CD8D52ADD9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brothers - A Tale of Two Sons\Binaries\Win32\BrothersLauncher.exe
FirewallRules: [{C06DD3D6-89A2-4A61-83E4-52A20D9D4BAA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brothers - A Tale of Two Sons\Binaries\Win32\Brothers.exe
FirewallRules: [{E2B08427-4F45-4807-BA9F-F7AF0F01C638}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brothers - A Tale of Two Sons\Binaries\Win32\Brothers.exe
FirewallRules: [{5A80C79E-4A67-4B1B-9613-F931AE22384F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{204908B2-D136-4384-881C-8F5AD494015C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{93CB6298-9F2D-4882-975D-5B8BF460A4C5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\mark_of_the_ninja\bin\game.exe
FirewallRules: [{2262D495-17B1-43FC-8BAC-C34C765C5682}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\mark_of_the_ninja\bin\game.exe
FirewallRules: [{1641A215-FED7-4158-A6BB-E0A0BB68485B}] => (Allow) C:\Program Files (x86)\Mass Effect 2\Binaries\MassEffect2.exe
FirewallRules: [{59ADB686-D1D8-4B04-93D5-A4B1F2B5AA56}] => (Allow) C:\Program Files (x86)\Mass Effect 2\Binaries\MassEffect2.exe
FirewallRules: [{1BEE223E-4CEF-4212-B5E8-497F2645F9D4}] => (Allow) C:\Program Files (x86)\Dragon Age 2\bin_ship\DragonAge2.exe
FirewallRules: [{CA87C344-8F54-4545-9298-850D2F5BE686}] => (Allow) C:\Program Files (x86)\Dragon Age 2\bin_ship\DragonAge2.exe
FirewallRules: [{CB5891F7-3088-4ECD-A125-A01640BF94E0}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
FirewallRules: [{4FD11340-7C19-4497-936F-8113001C681A}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
FirewallRules: [{958D3B5C-0368-4350-8AEA-DEC47D6C45E2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{72FE6692-87D7-4198-BD83-0D764520DE52}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{2BD573C7-20DF-4DD4-9B3C-31585C8787FF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{1E814A0F-C1F3-4B6E-8B71-648267C51D2E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{99E60E7B-0DBA-4245-BD1F-E13DCC1CCCFC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{6E66D448-DFD4-453C-A6D7-79B37BAF55C3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D4A28254-4138-437C-BCC1-EF72A0006B5B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\To the Moon\To the Moon\To the Moon.exe
FirewallRules: [{A928A942-1621-447B-A564-D7A94D9F0DB2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\To the Moon\To the Moon\To the Moon.exe
FirewallRules: [{47B20385-5131-4959-ACA1-1AFEB11D623B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{67437D89-A2E1-49CE-B39C-F3EC129A2FA7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{83C92484-9CB4-4027-859A-E4D66477B699}] => (Allow) C:\Users\mari\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{21F7ACCB-04C4-45E2-9EB7-FACAE018E47A}] => (Allow) C:\Users\mari\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [TCP Query User{7B7F3A96-9161-46DD-9952-21C3FD4A67D9}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{574C5625-1D68-429E-896D-5E44864DE349}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{E71F50A3-45C7-43AD-95CE-3A4C21294C0E}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{F2543CFF-0971-4169-830C-717AB70E6186}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [{B4E06202-D542-4420-8884-7182C23ECD77}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{96E5CC3F-0A6C-411E-9211-EB778CDA9FF8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{3168F8F5-A245-468C-8715-30955C0A51BC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2426\Agent.exe
FirewallRules: [{97A80E7B-6B3A-4B88-854D-DF56DC1F1D62}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2426\Agent.exe
FirewallRules: [{91C1F66F-A44D-4982-B6E6-CF8493A98976}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe
FirewallRules: [{F5D4B0CA-8DAE-4E0A-94F6-D0499FA0F6A8}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe
FirewallRules: [{7CE78E56-874C-4D06-ADB2-62DD7F6D762B}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{F1D94076-A5CC-4C66-8E87-282D55EE23C4}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{6EFCCDA2-C335-4E92-B5E7-F8A582A8A0D4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DmC Devil May Cry\Binaries\Win32\DMC-DevilMayCry.exe
FirewallRules: [{CBE6EA71-4357-4706-9FF5-636A56444CA1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DmC Devil May Cry\Binaries\Win32\DMC-DevilMayCry.exe
FirewallRules: [{C5EA164C-BD9F-4313-8289-97953C826A63}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FLYN\Source\Flyn.exe
FirewallRules: [{8F5F2C21-4FF9-4CD3-9893-43A99A717ECB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FLYN\Source\Flyn.exe
FirewallRules: [{C2FAE47C-95A6-4385-BADE-0BFE28CC7292}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{2DFEC958-DE99-48EE-ABAB-E09E9C5EFFCB}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{0054505F-4553-47D7-A0D2-AB3882031986}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{F5F76FF4-EFA4-447E-A49F-737A9C834D98}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{57B675A5-959F-46BF-AD60-82796AAD8B2B}C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3_d3d11.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3_d3d11.exe
FirewallRules: [UDP Query User{5B642585-895D-4D55-9232-068BA0E1418F}C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3_d3d11.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{AA977E9C-96D2-4D5D-840D-3C14923CC14C}] => (Block) C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{136E7C74-7B76-4A40-B60E-F5474C8DCE9B}] => (Block) C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{16ACCC8E-3358-49E5-BD22-AC56EC18F6A6}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 4\bin\FarCry4.exe
FirewallRules: [{04A7C82B-588B-44E7-B6B9-F964011D49CE}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 4\bin\FarCry4.exe
FirewallRules: [{E1BFB678-8B28-402C-9FBD-A78B7DA33815}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 4\bin\FarCry4.exe
FirewallRules: [{14A1B7A0-4EF8-4BE5-8E70-2CEABB83A632}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 4\bin\FarCry4.exe
FirewallRules: [{5CBF4B26-1656-4433-9E69-702DBFCDF894}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 4\bin\IGE_WPF64.exe
FirewallRules: [{E111547B-37BD-42C2-82BB-8B96790A011D}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 4\bin\IGE_WPF64.exe
FirewallRules: [{DFB0C4C6-06CA-4A54-A903-55ACC7EA32C6}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 4\bin\IGE_WPF64.exe
FirewallRules: [{67AE81F0-F8BA-41AB-B9D1-42C89DA81D82}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 4\bin\IGE_WPF64.exe
FirewallRules: [{EE0FFD73-28F2-4F3D-972C-5A0FD19C0B86}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2FA34FFA-9657-48B8-A221-CA6768C58458}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CA09D298-E7DC-44FD-8B65-D5EDBD5C0D16}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{20BD7A45-509D-4DA1-939C-8B8E700DE4DC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [TCP Query User{D3F1E4F3-3E8C-4E0D-AA08-C41AB924A70C}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{4341478D-46BD-4665-B909-94F68F0D6759}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{BB7591B7-DB8A-497C-804B-064A96976AE0}] => (Block) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{204F195F-7368-4692-AC00-A4AB62116CF8}] => (Block) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{6D56CFB2-7DEC-41B8-BBA8-276475EA9C05}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{163BA1B1-CD9D-4564-8FB9-8C42ABAEF8C1}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{76316701-6F1F-411D-8880-BFC2FB9B5F20}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{B0211834-31C8-4231-909E-A1A37E921F77}] => (Block) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{0273DF32-2D93-432A-AC2C-6F2C223AA369}] => (Block) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/14/2015 11:04:26 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest.

Error: (05/14/2015 11:04:25 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest.

Error: (05/14/2015 11:02:06 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/14/2015 11:02:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NvStreamNetworkService.exe, version: 4.1.1943.6202, time stamp: 0x551399be
Faulting module name: NvStreamNetworkService.exe, version: 4.1.1943.6202, time stamp: 0x551399be
Exception code: 0xc0000005
Fault offset: 0x00000000004e920f
Faulting process id: 0xb04
Faulting application start time: 0xNvStreamNetworkService.exe0
Faulting application path: NvStreamNetworkService.exe1
Faulting module path: NvStreamNetworkService.exe2
Report Id: NvStreamNetworkService.exe3

Error: (05/13/2015 07:59:01 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest.

Error: (05/13/2015 07:59:01 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest.

Error: (05/13/2015 07:59:01 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest.

Error: (05/13/2015 07:50:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NvStreamNetworkService.exe, version: 4.1.1943.6202, time stamp: 0x551399be
Faulting module name: NvStreamNetworkService.exe, version: 4.1.1943.6202, time stamp: 0x551399be
Exception code: 0xc0000005
Fault offset: 0x00000000004e920f
Faulting process id: 0xb04
Faulting application start time: 0xNvStreamNetworkService.exe0
Faulting application path: NvStreamNetworkService.exe1
Faulting module path: NvStreamNetworkService.exe2
Report Id: NvStreamNetworkService.exe3

Error: (05/13/2015 07:50:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/13/2015 07:48:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_DiagTrack, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: ntdll.dll, version: 6.1.7601.18839, time stamp: 0x553e8bfa
Exception code: 0xc000000d
Fault offset: 0x000000000006ec12
Faulting process id: 0x6cc
Faulting application start time: 0xsvchost.exe_DiagTrack0
Faulting application path: svchost.exe_DiagTrack1
Faulting module path: svchost.exe_DiagTrack2
Report Id: svchost.exe_DiagTrack3


System errors:
=============
Error: (05/14/2015 11:01:36 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The regi service failed to start due to the following error:
%%2

Error: (05/13/2015 07:55:57 PM) (Source: VDS Basic Provider) (EventID: 1) (User: )
Description: Unexpected failure. Error code: 490@01010004

Error: (05/13/2015 07:49:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The regi service failed to start due to the following error:
%%2

Error: (05/13/2015 07:48:13 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Diagnostics Tracking Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (05/13/2015 07:47:44 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 40. The internal error state is 252.

Error: (05/13/2015 07:24:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The regi service failed to start due to the following error:
%%2

Error: (05/13/2015 07:23:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Diagnostics Tracking Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (05/13/2015 07:23:19 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (05/13/2015 07:22:54 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (05/13/2015 07:20:51 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
Date: 2015-05-13 19:22:54.957
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-05-13 19:22:54.927
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-04-18 18:09:04.853
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-04-18 18:09:04.807
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-04-18 18:09:04.757
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\gpapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-04-18 18:09:04.699
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\gpapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-03-11 16:28:11.555
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-03-11 16:28:11.501
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-03-11 16:28:11.442
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\gpapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-03-11 16:28:11.365
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\gpapi.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
Percentage of memory in use: 18%
Total physical RAM: 16344.1 MB
Available physical RAM: 13360.53 MB
Total Pagefile: 32686.41 MB
Available Pagefile: 29534.01 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.29 GB) (Free:376.83 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: D2F8ED82)

Partition: GPT Partition Type.

==================== End Of Log ============================

 

[Broni]

Download attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST(FRST64) and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

 

[Autumn456]

Here's the log:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 14-05-2015 02
Ran by mari at 2015-05-15 17:32:40 Run:1
Running from C:\Users\mari\Downloads
Loaded Profiles: mari (Available profiles: mari)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1694309862-3657083619-1565170917-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
CHR StartupUrls: Default -> "hxxp://www.surfvox.com/"
S3 DAUpdaterSvc; C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [X]
U3 af0x4myv; C:\Windows\System32\Drivers\af0x4myv.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero size file/folder)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S2 regi; \??\C:\Windows\system32\drivers\regi.sys [X]
C:\Windows\System32\Drivers\af0x4myv.sys
2015-05-07 09:28 - 2015-05-10 08:15 - 0000001 _____ () C:\Users\mari\AppData\Roaming\update.dat
2014-04-07 14:32 - 2015-05-10 09:39 - 0000040 ___SH () C:\ProgramData\.zreglib
C:\Users\mari\AppData\Local\Temp\ammemb.dll
C:\Users\mari\AppData\Local\Temp\ammemb64.dll

*****************

"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-1694309862-3657083619-1565170917-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
Chrome StartupUrls deleted successfully.
DAUpdaterSvc => Service deleted successfully.
af0x4myv => Service not found.
catchme => Service deleted successfully.
EagleX64 => Service deleted successfully.
regi => Service deleted successfully.
"C:\Windows\System32\Drivers\af0x4myv.sys" => File/Directory not found.
C:\Users\mari\AppData\Roaming\update.dat => Moved successfully.
C:\ProgramData\.zreglib => Moved successfully.
C:\Users\mari\AppData\Local\Temp\ammemb.dll => Moved successfully.
C:\Users\mari\AppData\Local\Temp\ammemb64.dll => Moved successfully.

==== End of Fixlog 17:32:41 ====

 

[Broni]

Last scans...

Download Security Check from here or here and save it to your Desktop.

• Double-click SecurityCheck.exe
• Follow the onscreen instructions inside of the black box.
• A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.
NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run

Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.

• Make sure the following options are checked:
  • Internet Services
  • Windows Firewall
  • System Restore
  • Security Center
  • Windows Update
  • Windows Defender
  • Other Services
• Press "Scan".
• It will create a log (FSS.txt) in the same directory the tool is run.
• Please copy and paste the log to your reply.

Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe

• Double click on TFC.exe to run the program.
• Click on Start button to begin cleaning process.
• TFC will close all running programs, and it may ask you to restart computer.

Download Sophos Free Virus Removal Tool and save it to your desktop.

• Double click the icon and select Run
• Click Next
• Select I accept the terms in this license agreement, then click Next twice
• Click Install
• Click Finish to launch the program
• Once the virus database has been updated click Start Scanning
• If any threats are found click Details, then View log file... (bottom left hand corner)
• Copy and paste the results in your reply
• Close the Notepad document, close the Threat Details screen, then click Start cleanup
• Click Exit to close the program

 

[Autumn456]

Thank you yet again, this service is great. Here are the (hopefully final) results:

checkup.txt:

Results of screen317's Security Check version 1.001
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Tietoturva
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Java 8 Update 45
Adobe Flash Player 17.0.0.169
Adobe Reader XI
Mozilla Firefox (for.)
Google Chrome (42.0.2311.135)
Google Chrome (42.0.2311.152)
````````Process Check: objlist.exe by Laurent````````
Elisa Turvakeskus apps ComputerSecurity Anti-Virus\FSGK32.EXE
Elisa Turvakeskus apps ComputerSecurity Anti-Virus\fssm32.exe
windows defender MpCmdRun.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````


FSS.txt:

Farbar Service Scanner Version: 17-01-2015
Ran by mari (administrator) on 16-05-2015 at 11:09:35
Running from "C:\Users\mari\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Policy:
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****


SophonosVirusRemovalTool.txt:

2015-05-16 08:18:16.967 Sophos Virus Removal Tool version 2.5.4
2015-05-16 08:18:16.967 Copyright (c) 2009-2014 Sophos Limited. All rights reserved.

2015-05-16 08:18:16.967 This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

2015-05-16 08:18:16.968 Windows version 6.1 SP 1.0 Service Pack 1 build 7601 SM=0x300 PT=0x1 WOW64
2015-05-16 08:18:16.968 Checking for updates...
2015-05-16 08:18:25.746 Option all = no
2015-05-16 08:18:25.746 Option recurse = yes
2015-05-16 08:18:25.746 Option archive = no
2015-05-16 08:18:25.746 Option service = yes
2015-05-16 08:18:25.746 Option confirm = yes
2015-05-16 08:18:25.746 Option sxl = yes
2015-05-16 08:18:25.747 Option max-data-age = 35
2015-05-16 08:18:25.747 Option EnableSafeClean = yes
2015-05-16 08:18:27.076 Option vdl-logging = yes
2015-05-16 08:18:27.080 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2015-05-16 08:18:27.080 Machine ID: 23e1a038f652401bb2ffd842f1c8f39c
2015-05-16 08:18:27.081 Component SVRTcli.exe version 2.5.4
2015-05-16 08:18:27.081 Component control.dll version 2.5.4
2015-05-16 08:18:27.081 Component SVRTservice.exe version 2.5.4
2015-05-16 08:18:27.081 Component engine\osdp.dll version 1.44.1.2200
2015-05-16 08:18:27.081 Component engine\veex.dll version 3.60.0.2200
2015-05-16 08:18:27.081 Component engine\savi.dll version 8.1.7.2200
2015-05-16 08:18:27.081 Component rkdisk.dll version 1.5.30.0
2015-05-16 08:18:27.082 Version info: Product version 2.5.4
2015-05-16 08:18:27.082 Version info: Detection engine 3.60.0
2015-05-16 08:18:27.082 Version info: Detection data 5.13
2015-05-16 08:18:27.082 Version info: Build date 31.3.2015
2015-05-16 08:18:27.082 Version info: Data files added 439
2015-05-16 08:18:27.082 Version info: Last successful update (not yet updated)
2015-05-16 08:18:32.734 Update progress: proxy server not available
2015-05-16 08:19:05.683 Downloading updates...
2015-05-16 08:19:05.687 Update progress: [I96736] Looking for package C1A903B2-E63E-483b-982D-04BB9C457C60 1.0
2015-05-16 08:19:05.687 Update progress: [I49502] Found supplement SAVIW32 LATEST
2015-05-16 08:19:05.687 Update progress: [I49502] Found supplement IDE514 LATEST
2015-05-16 08:19:05.687 Update progress: [I49502] Found supplement IDE515 LATEST
2015-05-16 08:19:05.687 Update progress: [I49502] Found supplement IDE516 LATEST
2015-05-16 08:19:05.687 Update progress: [I49502] Found supplement IDE517 LATEST
2015-05-16 08:19:05.687 Update progress: [I19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 1
2015-05-16 08:19:05.687 Update progress: [I19463] Syncing product SAVIW32 53
2015-05-16 08:19:06.692 Update progress: [I19463] Syncing product IDE514 161
2015-05-16 08:19:09.823 Installing updates...
2015-05-16 08:19:10.426 Error level 1
2015-05-16 08:19:10.447 Update progress: [I19463] Syncing product IDE515 171
2015-05-16 08:19:10.447 Update progress: [I19463] Syncing product IDE516 112
2015-05-16 08:19:10.447 Update progress: [I19463] Syncing product IDE517 1
2015-05-16 08:19:45.062 Update successful
2015-05-16 08:19:56.459 Option all = no
2015-05-16 08:19:56.459 Option recurse = yes
2015-05-16 08:19:56.459 Option archive = no
2015-05-16 08:19:56.459 Option service = yes
2015-05-16 08:19:56.459 Option confirm = yes
2015-05-16 08:19:56.459 Option sxl = yes
2015-05-16 08:19:56.460 Option max-data-age = 35
2015-05-16 08:19:56.460 Option EnableSafeClean = yes
2015-05-16 08:19:56.491 Option vdl-logging = yes
2015-05-16 08:19:56.493 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2015-05-16 08:19:56.493 Machine ID: 23e1a038f652401bb2ffd842f1c8f39c
2015-05-16 08:19:56.494 Component SVRTcli.exe version 2.5.4
2015-05-16 08:19:56.494 Component control.dll version 2.5.4
2015-05-16 08:19:56.494 Component SVRTservice.exe version 2.5.4
2015-05-16 08:19:56.494 Component engine\osdp.dll version 1.44.1.2200
2015-05-16 08:19:56.494 Component engine\veex.dll version 3.60.0.2200
2015-05-16 08:19:56.494 Component engine\savi.dll version 8.1.7.2200
2015-05-16 08:19:56.494 Component rkdisk.dll version 1.5.30.0
2015-05-16 08:19:56.494 Version info: Product version 2.5.4
2015-05-16 08:19:56.495 Version info: Detection engine 3.60.0
2015-05-16 08:19:56.495 Version info: Detection data 5.13G
2015-05-16 08:19:56.495 Version info: Build date 31.3.2015
2015-05-16 08:19:56.495 Version info: Data files added 439
2015-05-16 08:19:56.495 Version info: Last successful update 16.5.2015 11:19:45

2015-05-16 09:20:15.011 Could not open C:\hiberfil.sys
2015-05-16 09:20:16.551 Could not open C:\pagefile.sys
2015-05-16 09:34:36.850 Could not check C:\Program Files (x86)\Microsoft Games\Viva Pinata\xwavebank\09f36474 (corrupt)
2015-05-16 09:53:53.851 Could not open C:\System Volume Information\{01f1e42f-f97c-11e4-a931-902b3430cc31}{3808876b-c176-4e48-b7ae-04046e6cc752}
2015-05-16 09:53:53.852 Could not open C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
2015-05-16 09:53:53.852 Could not open C:\System Volume Information\{a31665cc-fb10-11e4-829b-902b3430cc31}{3808876b-c176-4e48-b7ae-04046e6cc752}
2015-05-16 09:53:53.852 Could not open C:\System Volume Information\{bcff896e-fba0-11e4-b479-902b3430cc31}{3808876b-c176-4e48-b7ae-04046e6cc752}
2015-05-16 09:54:07.672 Could not open C:\Users\mari\AppData\Local\Google\Chrome\User Data\Default\Current Session
2015-05-16 09:54:07.737 Could not check C:\Users\mari\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOCK (virus scan failed)
2015-05-16 09:54:07.743 Could not check C:\Users\mari\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOCK (virus scan failed)
2015-05-16 09:54:10.403 Could not check C:\Users\mari\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\LOCK (virus scan failed)
2015-05-16 09:54:10.548 Could not check C:\Users\mari\AppData\Local\Google\Chrome\User Data\Default\GCM Store\LOCK (virus scan failed)
2015-05-16 09:54:11.339 Could not check C:\Users\mari\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pafkbggdmjlpgkdkcbjmhmfcdpncadgh\LOCK (virus scan failed)
2015-05-16 09:54:13.893 Could not check C:\Users\mari\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOCK (virus scan failed)
2015-05-16 09:57:10.556 >>> Virus 'Mal/VMProtBad-A' found in file C:\Users\mari\Desktop\The SIMS 4-Deluxe Edition-SKIDROWCRACK\Game\Bin\3dmgame.dll
2015-05-16 09:57:10.556 >>> Virus 'Mal/VMProtBad-A' found in file HKU\S-1-5-21-1694309862-3657083619-1565170917-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2015-05-16 09:57:10.557 >>> Virus 'Mal/VMProtBad-A' found in file HKU\S-1-5-21-1694309862-3657083619-1565170917-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2015-05-16 09:57:10.557 >>> Virus 'Mal/VMProtBad-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2015-05-16 09:57:14.864 >>> Virus 'Mal/Scribble-D' found in file C:\Users\mari\Desktop\The SIMS 4-Deluxe Edition-SKIDROWCRACK\Game\Bin\TS4.exe
2015-05-16 09:57:14.865 Disinfection not offered
2015-05-16 10:09:28.865 Could not open C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb
2015-05-16 10:09:28.866 Could not open C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
2015-05-16 10:09:33.531 Could not open C:\Windows\System32\config\RegBack\DEFAULT
2015-05-16 10:09:33.533 Could not open C:\Windows\System32\config\RegBack\SAM
2015-05-16 10:09:33.534 Could not open C:\Windows\System32\config\RegBack\SECURITY
2015-05-16 10:09:33.536 Could not open C:\Windows\System32\config\RegBack\SOFTWARE
2015-05-16 10:09:33.538 Could not open C:\Windows\System32\config\RegBack\SYSTEM
2015-05-16 10:09:53.431 Could not open C:\Windows\System32\drivers\sptd.sys
2015-05-16 10:24:41.979 The following items will be cleaned up:
2015-05-16 10:24:41.979 Mal/VMProtBad-A
2015-05-16 10:24:41.979 Mal/Scribble-D

 

[Broni]

Your computer is clean

1. This step will remove all cleaning tools we used, it'll reset restore points (so you won't get reinfected by accidentally using some older restore point) and it'll make some other minor adjustments...
This is a very crucial step so make sure you don't skip it.
Download

DelFix by Xplode to your desktop. Delfix will delete all the used tools and logfiles.

Double-click Delfix.exe to start the tool.
Make sure the following items are checked:

• Activate UAC (optional; some users prefer to keep it off)
• Remove disinfection tools
• Create registry backup
• Purge System Restore
• Reset system settings

Now click "Run" and wait patiently.
Once finished a logfile will be created. You don't have to attach it to your next reply.

2. Make sure Windows Updates are current.

3. If any trojans, rootkits or bootkits were listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

4. Check if your browser plugins are up to date.
Firefox - https://www.mozilla.org/en-US/plugincheck/
other browsers: https://browsercheck.qualys.com/ (click on "Scan without installing plugin" and then on "Scan now")

5. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

6. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

7. Run Temporary File Cleaner (TFC), AdwCleaner and Junkware Removal Tool (JRT) weekly (you need to redownload these tools since they were removed by DelFix).

8. Download and install Secunia Personal Software Inspector (PSI): https://www.techspot.com/downloads/4898-secunia-personal-software-inspector-psi.html. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

9. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

10. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.

11. Read:
How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html
Simple and easy ways to keep your computer safe and secure on the Internet: http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/
About those Toolbars and Add-ons - Potentially Unwanted Programs (PUPs) which change your browser settings: http://www.bleepingcomputer.com/for...curity-questions-best-practices/#entry3187642

12. Please, let me know, how your computer is doing.

 

[Autumn456]

Thank you! The computer is working and there are no viruses or other quirks. I completed the final steps plus did some reading and will do my best to stay safe in the future.

 

[Broni]

Yes!!

Good luck and stay safe