Hello,
Here is the first scan log:
========== PROCESSES ==========
All processes killed
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}\ProgID\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}\VersionIndependentProgID\ not found.
Registry delete failed. HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}\ scheduled to be deleted on reboot.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1\ deleted successfully.
Registry delete failed. HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}\ scheduled to be deleted on reboot.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}\ not found.
Registry delete failed. HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}\ scheduled to be deleted on reboot.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}\ not found.
========== COMMANDS ==========
Restore point Set: OTL Restore Point
OTL by OldTimer - Version 3.2.23.0 log created on 06092011_190136
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
Registry delete failed. HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}\ scheduled to be deleted on reboot.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}\ not found.
Registry delete failed. HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}\ scheduled to be deleted on reboot.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}\ not found.
Registry delete failed. HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}\ scheduled to be deleted on reboot.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}\ not found.
I didnt understand if the quick scan was supposed to be a full scan or with the codes you told me to put in in the first scan, so I did both if that's ok?
Here is teh full quick scan log:
OTL logfile created on: 2011-06-09 19:16:05 - Run 3
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\jussi\Desktop\OTL
64bit- An unknown product Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 0000041d | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd
4,00 Gb Total Physical Memory | 2,31 Gb Available Physical Memory | 57,71% Memory free
8,00 Gb Paging File | 6,13 Gb Available in Paging File | 76,63% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,50 Gb Total Space | 490,66 Gb Free Space | 52,67% Space Free | Partition Type: NTFS
Computer Name: JUSSI-DATOR | User Name: jussi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2011-06-09 13:16:08 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\jussi\Desktop\OTL\OTL.exe
PRC - [2011-05-29 09:11:28 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011-05-29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011-05-25 09:25:28 | 002,214,504 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011-05-20 22:35:16 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011-04-14 19:03:01 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011-02-20 17:38:10 | 000,939,920 | ---- | M] (Technology Nexus AB) -- C:\Program Files (x86)\Personal\bin\Personal.exe
PRC - [2010-11-20 14:17:56 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
PRC - [2010-10-05 09:32:58 | 001,811,800 | ---- | M] (Logitech(c)) -- C:\Program Files (x86)\Logitech\G35\G35.exe
PRC - [2010-09-09 18:49:51 | 000,215,016 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe
PRC - [2010-09-09 18:42:05 | 000,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2010-02-18 12:24:32 | 000,522,824 | ---- | M] (Logitech Inc.) -- C:\Program\Logitech\GamePanel Software\Applets\LCDMedia.exe
PRC - [2009-09-29 13:03:46 | 000,735,960 | ---- | M] (ESET) -- C:\Program\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
PRC - [2009-06-04 00:55:16 | 000,025,600 | ---- | M] (Creative Technology Ltd) -- C:\Windows\SysWOW64\Ctxfihlp.exe
PRC - [2009-06-04 00:49:56 | 001,213,440 | ---- | M] (Creative Technology Ltd) -- C:\Windows\SysWOW64\CTxfispi.exe
PRC - [2009-02-23 11:43:54 | 000,307,200 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
PRC - [2007-09-04 19:51:42 | 001,702,360 | ---- | M] () -- C:\Program Files (x86)\NETGEAR\WN111\wn111.exe
========== Modules (SafeList) ========== MOD - [2011-06-09 13:16:08 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\jussi\Desktop\OTL\OTL.exe
MOD - [2010-11-20 13:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
========== Win32 Services (SafeList) ========== SRV:
64bit: - [2009-09-29 13:11:14 | 000,023,296 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV:
64bit: - [2009-09-29 13:03:46 | 000,735,960 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)
SRV:
64bit: - [2009-07-14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2011-05-29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011-05-25 09:25:28 | 002,214,504 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011-05-20 22:35:16 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011-05-13 15:34:43 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011-03-28 15:41:12 | 002,111,368 | ---- | M] (LogMeIn Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2010-09-09 18:49:51 | 000,215,016 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)
SRV - [2010-09-09 18:42:05 | 000,075,064 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010-05-04 13:07:22 | 000,503,080 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010-04-16 19:29:15 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2010-04-16 19:08:47 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009-02-23 11:43:54 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
========== Driver Services (SafeList) ========== DRV:
64bit: - [2011-05-29 09:11:20 | 000,025,912 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:
64bit: - [2011-03-11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:
64bit: - [2011-03-11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:
64bit: - [2011-02-18 17:36:58 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:
64bit: - [2010-11-20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:
64bit: - [2010-11-20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:
64bit: - [2010-09-29 11:34:50 | 000,377,176 | ---- | M] (Logitech) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ladfSBVMamd64.sys -- (LADF_SBVM)
DRV:
64bit: - [2010-09-29 11:34:48 | 000,062,168 | ---- | M] (Logitech) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ladfDHP2amd64.sys -- (LADF_DHP2)
DRV:
64bit: - [2010-04-16 18:01:22 | 000,828,912 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:
64bit: - [2009-11-23 17:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:
64bit: - [2009-11-23 17:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:
64bit: - [2009-09-29 13:06:16 | 000,123,200 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:
64bit: - [2009-09-29 13:03:00 | 000,136,584 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:
64bit: - [2009-09-29 12:56:36 | 000,144,824 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamon.sys -- (eamon)
DRV:
64bit: - [2009-09-28 09:22:00 | 000,395,264 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:
64bit: - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:
64bit: - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:
64bit: - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:
64bit: - [2009-06-10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:
64bit: - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:
64bit: - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:
64bit: - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:
64bit: - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:
64bit: - [2009-06-04 02:49:58 | 001,561,112 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ha20x2k.sys -- (ha20x2k)
DRV:
64bit: - [2009-06-04 02:49:42 | 000,118,296 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\emupia2k.sys -- (emupia)
DRV:
64bit: - [2009-06-04 02:49:34 | 000,213,016 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV:
64bit: - [2009-06-04 02:49:26 | 000,015,896 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV:
64bit: - [2009-06-04 02:49:18 | 000,179,224 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctoss2k.sys -- (ossrv)
DRV:
64bit: - [2009-06-04 02:49:08 | 000,684,312 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV:
64bit: - [2009-06-04 02:49:00 | 000,580,632 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctac32k.sys -- (ctac32k)
DRV:
64bit: - [2009-06-04 02:48:50 | 001,417,240 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CTEXFIFX.sys -- (CTEXFIFX.SYS)
DRV:
64bit: - [2009-06-04 02:48:50 | 001,417,240 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTEXFIFX.sys -- (CTEXFIFX)
DRV:
64bit: - [2009-06-04 02:48:38 | 000,094,744 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CTHWIUT.sys -- (CTHWIUT.SYS)
DRV:
64bit: - [2009-06-04 02:48:38 | 000,094,744 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTHWIUT.sys -- (CTHWIUT)
DRV:
64bit: - [2009-06-04 02:48:30 | 000,202,776 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CT20XUT.sys -- (CT20XUT.SYS)
DRV:
64bit: - [2009-06-04 02:48:30 | 000,202,776 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CT20XUT.sys -- (CT20XUT)
DRV:
64bit: - [2009-05-18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:
64bit: - [2009-03-18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:
64bit: - [2007-10-30 09:59:30 | 000,028,672 | ---- | M] (Todos Data System AB) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nordecr.sys -- (TdsNordecr)
DRV:
64bit: - [2005-03-29 01:30:38 | 000,008,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV - [2010-04-16 22:26:37 | 000,019,952 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys -- (RivaTuner64)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {e9935af9-87e2-415b-94e3-4a91c3da40e1} - File not found
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
http://se.msn.com/?ocid=iehpIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sv
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = DE 94 91 F8 77 DD CA 01 [binary data]
IE - HKCU\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {e9935af9-87e2-415b-94e3-4a91c3da40e1} - File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = plimus.com;www.plimus.com;regnow.com;www.regnow.com;*.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 192.168.1.4:8123
========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.defaultthis.engineName: "LOCKERZ Restock Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2453368&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..browser.search.selectedEngine: "Search"
FF - prefs.js..browser.startup.homepage: "http://www.searchqu.com/406"
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {c50ca3c4-5656-43c2-a061-13e717f73fc8}:3.1.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..keyword.URL: "http://www.tepela.com/search/?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&rls=bEGZEDre&q="
FF - prefs.js..network.proxy.type: 4
FF - user.js..browser.search.selectedEngine: "Search"
FF - user.js..keyword.URL: "http://www.tepela.com/search/?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&rls=bEGZEDre&q="
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011-04-30 09:50:10 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011-05-09 14:02:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010-04-16 18:33:54 | 000,000,000 | ---D | M]
[2011-05-30 20:29:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jussi\AppData\Roaming\mozilla\Extensions
[2011-06-06 16:24:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jussi\AppData\Roaming\mozilla\Firefox\Profiles\vmo1u408.default\extensions
[2011-05-08 16:24:46 | 000,000,000 | ---D | M] (Vuze Remote Community Toolbar) -- C:\Users\jussi\AppData\Roaming\mozilla\Firefox\Profiles\vmo1u408.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
[2011-05-08 16:24:44 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\jussi\AppData\Roaming\mozilla\Firefox\Profiles\vmo1u408.default\extensions\engine@conduit.com
[2010-04-21 12:12:12 | 000,000,933 | ---- | M] () -- C:\Users\jussi\AppData\Roaming\Mozilla\Firefox\Profiles\vmo1u408.default\searchplugins\conduit.xml
[2011-03-16 20:55:08 | 000,002,198 | ---- | M] () -- C:\Users\jussi\AppData\Roaming\Mozilla\Firefox\Profiles\vmo1u408.default\searchplugins\google-search.xml
[2011-06-08 20:17:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011-05-13 15:47:37 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2010-04-16 17:34:01 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010-09-15 07:28:09 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
File not found (No name found) --
() (No name found) -- C:\USERS\JUSSI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VMO1U408.DEFAULT\EXTENSIONS\{C50CA3C4-5656-43C2-A061-13E717F73FC8}.XPI
() (No name found) -- C:\USERS\JUSSI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VMO1U408.DEFAULT\EXTENSIONS\{E4A8A97B-F2ED-450B-B12D-EE082BA24781}.XPI
[2011-04-14 19:03:02 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010-09-15 05:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010-01-01 10:00:00 | 000,001,470 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allaannonser-sv-SE.xml
[2010-01-01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011-03-16 20:55:08 | 000,002,198 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\google-search.xml
[2010-01-01 10:00:00 | 000,002,670 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\prisjakt-sv-SE.xml
[2010-01-01 10:00:00 | 000,000,948 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\tyda-sv-SE.xml
[2010-01-01 10:00:00 | 000,001,174 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-sv-SE.xml
[2010-01-01 10:00:00 | 000,000,951 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-sv-SE.xml
O1 HOSTS File: ([2009-06-10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:
64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:
64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2:
64bit: - BHO: (UrlHelper Class) - {A40DC6C5-79D0-4ca8-A185-8FF989AF1115} - File not found
O2:
64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:
64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program\Google\GoogleToolbarNotifier\5.6.6209.1142\swg64.dll (Google Inc.)
O2:
64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (UrlHelper Class) - {A40DC6C5-79D0-4ca8-A185-8FF989AF1115} - File not found
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - File not found
O2 - BHO: (tutudragon3 Toolbar) - {e9935af9-87e2-415b-94e3-4a91c3da40e1} - File not found
O3:
64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:
64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (tutudragon3 Toolbar) - {e9935af9-87e2-415b-94e3-4a91c3da40e1} - File not found
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:
64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (tutudragon3 Toolbar) - {E9935AF9-87E2-415B-94E3-4A91C3DA40E1} - File not found
O4:
64bit: - HKLM..\Run: [Launch LCDMon] C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.)
O4:
64bit: - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.)
O4:
64bit: - HKLM..\Run: [Launch LgDeviceAgent] C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [CTxfiHlp] C:\Windows\SysWow64\Ctxfihlp.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Logitech G35] C:\Program Files (x86)\Logitech\G35\G35.exe (Logitech(c))
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [UpdatePDRShortCut] C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\RunOnce: [OTL] C:\Users\jussi\Desktop\OTL\OTL.exe (OldTimer Tools)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O8:
64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8:
64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.)
O8:
64bit: - Extra context menu item: Se&nd to OneNote - C:\Program\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:
64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:
64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:
64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:
64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:
64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29}
http://ccfiles.creative.com/Web/softwar ... /CTPID.cab (Creative Software AutoUpdate Support Package)
O18:
64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18:
64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:
64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:
64bit: - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\x64\datamngr.dll) - File not found
O20:
64bit: - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\x64\IEBHO.dll) - File not found
O20 - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\datamngr.dll) - File not found
O20 - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\IEBHO.dll) - File not found
O20:
64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:
64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28:
64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{4eb69c64-61c2-11df-aa2e-0022153804ca}\Shell - "" = AutoRun
O33 - MountPoints2\{4eb69c64-61c2-11df-aa2e-0022153804ca}\Shell\AutoRun\command - "" = F:\Setup.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\Setup.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:
64bit: - HKLM\..comfile [open] -- "%1" %*
O35:
64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKCU\..exefile [open] -- "%1" %*
O37:
64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:
64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ========== [2011-06-09 13:18:01 | 000,000,000 | ---D | C] -- C:\_OTL
[2011-06-09 13:16:46 | 000,000,000 | ---D | C] -- C:\Users\jussi\Desktop\OTL
[2011-06-08 21:12:01 | 000,000,000 | ---D | C] -- C:\Users\jussi\Desktop\SystemLook
[2011-06-08 21:00:27 | 000,000,000 | ---D | C] -- C:\Program\Java
[2011-06-08 20:55:21 | 000,000,000 | ---D | C] -- C:\Users\jussi\Desktop\JAva
[2011-06-08 20:51:25 | 000,000,000 | ---D | C] -- C:\Users\jussi\Desktop\vår värld
[2011-06-08 20:18:09 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2011-06-07 14:59:01 | 000,000,000 | ---D | C] -- C:\Users\jussi\Desktop\DDS
[2011-06-06 16:23:18 | 000,067,176 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2011-06-06 16:23:18 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2011-06-01 10:15:58 | 000,000,000 | ---D | C] -- C:\Users\jussi\Documents\Thief - Deadly Shadows
[2011-05-30 20:29:21 | 000,000,000 | ---D | C] -- C:\Users\jussi\AppData\Local\PackageAware
[2011-05-29 16:54:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Frozen Synapse
[2011-05-29 16:53:46 | 000,000,000 | ---D | C] -- C:\FrozenSynapse
[2011-05-29 16:52:45 | 000,000,000 | ---D | C] -- C:\Users\jussi\Desktop\Frozen synapse
[2011-05-27 17:28:23 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2011-05-26 15:20:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amnesia - The Dark Descent
[2011-05-26 15:15:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Amnesia - The Dark Descent
[2011-05-25 16:21:02 | 000,000,000 | ---D | C] -- C:\Users\jussi\Desktop\MINECRAFT 25.5
[2011-05-24 21:15:10 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2011-05-24 21:13:45 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2011-05-24 14:46:00 | 000,116,224 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\fms.dll
[2011-05-24 14:45:29 | 000,093,696 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysWow64\fms.dll
[2011-05-14 19:39:52 | 000,000,000 | ---D | C] -- C:\Users\jussi\AppData\Local\Threat Expert
[2011-05-14 10:49:39 | 000,000,000 | ---D | C] -- C:\Users\jussi\AppData\Roaming\Malwarebytes
[2011-05-14 10:49:32 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011-05-14 10:49:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011-05-14 10:49:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011-05-14 10:49:29 | 000,025,912 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011-05-14 10:49:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011-05-14 10:27:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Tools Security
[2011-05-13 15:47:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype Extras
[2011-05-13 15:47:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011-05-13 15:47:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2011-05-13 08:19:50 | 000,000,000 | ---D | C] -- C:\Users\jussi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Petroglyph
[2011-05-13 08:19:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Petroglyph
[2011-05-12 18:45:57 | 000,000,000 | ---D | C] -- C:\Users\jussi\Desktop\Dwarfs!
[2011-05-11 15:05:02 | 000,000,000 | ---D | C] -- C:\Users\jussi\AppData\Roaming\Dwarfs
[2010-09-07 20:28:16 | 814,143,398 | ---- | C] (GOA ) -- C:\Program Files (x86)\loleusetup.exe
[2009-06-04 00:57:38 | 000,060,928 | ---- | C] ( ) -- C:\Windows\SysWow64\a3d.dll
[2009-06-04 00:32:54 | 000,012,800 | ---- | C] ( ) -- C:\Windows\SysWow64\killapps.exe
[6 C:\Users\jussi\Documents\*.tmp files -> C:\Users\jussi\Documents\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2011-06-09 19:19:27 | 000,014,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011-06-09 19:19:27 | 000,014,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011-06-09 19:12:18 | 000,000,990 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011-06-09 19:12:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011-06-09 19:11:59 | 3220,475,904 | -HS- | M] () -- C:\hiberfil.sys
[2011-06-09 19:11:18 | 000,061,448 | ---- | M] () -- C:\Windows\SysNative\BMXStateBkp-{00000005-00000000-00000000-00001102-00000005-00311102}.rfx
[2011-06-09 19:11:18 | 000,061,448 | ---- | M] () -- C:\Windows\SysNative\BMXState-{00000005-00000000-00000000-00001102-00000005-00311102}.rfx
[2011-06-09 19:11:18 | 000,000,788 | ---- | M] () -- C:\Windows\SysNative\DVCState-{00000005-00000000-00000000-00001102-00000005-00311102}.rfx
[2011-06-09 18:35:05 | 000,000,994 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011-06-09 16:46:24 | 000,020,764 | ---- | M] () -- C:\Users\jussi\Documents\IMG_09062011_164555.png
[2011-06-08 20:19:53 | 000,141,594 | ---- | M] () -- C:\Users\jussi\Documents\myfirstragecomic.pdn
[2011-06-06 19:33:13 | 000,001,925 | ---- | M] () -- C:\Users\jussi\Desktop\Heroes of Newerth.lnk
[2011-06-06 16:34:02 | 000,000,220 | ---- | M] () -- C:\Users\jussi\Desktop\Eets.url
[2011-06-06 16:26:29 | 001,641,192 | ---- | M] () -- C:\Windows\SysNative\drivers\Cat.DB
[2011-06-01 09:49:49 | 000,000,220 | ---- | M] () -- C:\Users\jussi\Desktop\Thief Deadly Shadows.url
[2011-05-29 16:54:23 | 000,000,666 | ---- | M] () -- C:\Users\jussi\Desktop\Frozen Synapse.lnk
[2011-05-29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011-05-29 09:11:20 | 000,025,912 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011-05-26 15:20:02 | 000,002,176 | ---- | M] () -- C:\Users\jussi\Desktop\Amnesia.lnk
[2011-05-25 15:45:38 | 001,609,266 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011-05-25 15:45:38 | 000,673,214 | ---- | M] () -- C:\Windows\SysNative\perfh01D.dat
[2011-05-25 15:45:38 | 000,664,106 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011-05-25 15:45:38 | 000,147,030 | ---- | M] () -- C:\Windows\SysNative\perfc01D.dat
[2011-05-25 15:45:38 | 000,126,132 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011-05-25 09:25:27 | 000,067,176 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2011-05-25 09:25:27 | 000,057,960 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2011-05-25 09:25:23 | 000,007,384 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2011-05-25 08:35:13 | 000,479,160 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011-05-20 22:35:28 | 000,304,744 | ---- | M] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011-05-14 10:49:32 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011-05-14 10:44:28 | 000,007,850 | -HS- | M] () -- C:\Users\jussi\AppData\Local\3117s200hy2tn032syu2b6x4ag6ki7an174w
[2011-05-14 10:44:28 | 000,007,850 | -HS- | M] () -- C:\ProgramData\3117s200hy2tn032syu2b6x4ag6ki7an174w
[2011-05-14 02:21:03 | 000,007,664 | -HS- | M] () -- C:\Users\jussi\AppData\Local\1107321794
[2011-05-13 15:47:11 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011-05-12 20:45:52 | 020,533,281 | ---- | M] () -- C:\Users\jussi\Documents\vlc-1.1.9-win32.exe
[2011-05-11 11:28:49 | 335,461,811 | ---- | M] () -- C:\Windows\MEMORY.DMP
[6 C:\Users\jussi\Documents\*.tmp files -> C:\Users\jussi\Documents\*.tmp -> ]
========== Files Created - No Company Name ========== [2011-06-09 16:46:20 | 000,020,764 | ---- | C] () -- C:\Users\jussi\Documents\IMG_09062011_164555.png
[2011-06-08 20:19:36 | 000,141,594 | ---- | C] () -- C:\Users\jussi\Documents\myfirstragecomic.pdn
[2011-06-06 19:33:13 | 000,001,925 | ---- | C] () -- C:\Users\jussi\Desktop\Heroes of Newerth.lnk
[2011-06-06 16:33:56 | 000,000,220 | ---- | C] () -- C:\Users\jussi\Desktop\Eets.url
[2011-06-01 09:49:49 | 000,000,220 | ---- | C] () -- C:\Users\jussi\Desktop\Thief Deadly Shadows.url
[2011-05-29 16:54:23 | 000,000,666 | ---- | C] () -- C:\Users\jussi\Desktop\Frozen Synapse.lnk
[2011-05-26 15:20:02 | 000,002,176 | ---- | C] () -- C:\Users\jussi\Desktop\Amnesia.lnk
[2011-05-24 14:47:13 | 000,347,904 | ---- | C] () -- C:\Windows\SysNative\systemsf.ebd
[2011-05-24 14:45:02 | 000,010,429 | ---- | C] () -- C:\Windows\SysNative\ScavengeSpace.xml
[2011-05-24 14:44:46 | 000,105,559 | ---- | C] () -- C:\Windows\SysWow64\RacRules.xml
[2011-05-24 14:44:46 | 000,105,559 | ---- | C] () -- C:\Windows\SysNative\RacRules.xml
[2011-05-24 14:44:38 | 000,001,041 | ---- | C] () -- C:\Windows\SysWow64\tcpbidi.xml
[2011-05-24 14:44:37 | 000,146,389 | ---- | C] () -- C:\Windows\SysWow64\printmanagement.msc
[2011-05-20 22:35:28 | 000,304,744 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011-05-14 10:49:32 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011-05-14 10:27:41 | 001,641,192 | ---- | C] () -- C:\Windows\SysNative\drivers\Cat.DB
[2011-05-14 02:21:03 | 000,007,664 | -HS- | C] () -- C:\Users\jussi\AppData\Local\1107321794
[2011-05-13 17:40:24 | 000,007,850 | -HS- | C] () -- C:\Users\jussi\AppData\Local\3117s200hy2tn032syu2b6x4ag6ki7an174w
[2011-05-13 17:40:24 | 000,007,850 | -HS- | C] () -- C:\ProgramData\3117s200hy2tn032syu2b6x4ag6ki7an174w
[2011-05-13 15:47:11 | 000,002,515 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2011-04-13 13:52:30 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011-04-09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011-02-02 18:40:24 | 000,000,565 | ---- | C] () -- C:\Users\jussi\AppData\Roaming\myMPQ.ini
[2010-11-19 11:26:50 | 000,000,600 | ---- | C] () -- C:\Users\jussi\AppData\Roaming\winscp.rnd
[2010-11-01 18:28:51 | 000,143,452 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2010-09-12 21:44:12 | 000,000,093 | ---- | C] () -- C:\Users\jussi\AppData\Local\fusioncache.dat
[2010-09-09 18:42:07 | 000,215,016 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010-09-09 18:42:05 | 000,075,064 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010-09-09 18:42:04 | 002,427,248 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_heroes.exe
[2010-08-29 17:19:32 | 001,586,204 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010-04-30 08:15:23 | 000,000,254 | ---- | C] () -- C:\Windows\RomeTW.ini
[2010-04-19 18:30:09 | 000,000,600 | ---- | C] () -- C:\Windows\Rtcw.INI
[2010-04-18 14:50:56 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010-04-18 13:41:18 | 001,970,176 | ---- | C] () -- C:\Windows\SysWow64\d3dx9.dll
[2010-04-16 19:07:35 | 000,148,480 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2010-04-16 19:07:35 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2009-07-14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009-07-14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009-07-14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009-07-14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009-07-14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009-07-13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009-06-10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009-06-04 01:37:08 | 000,021,093 | ---- | C] () -- C:\Windows\SysWow64\instwdm.ini
[2009-06-04 01:37:06 | 000,000,054 | ---- | C] () -- C:\Windows\SysWow64\ctzapxx.ini
[2009-06-04 00:55:20 | 000,002,560 | ---- | C] () -- C:\Windows\SysWow64\CTXFIRES.DLL
[2009-06-04 00:40:44 | 000,321,512 | ---- | C] () -- C:\Windows\SysWow64\ctdlang.dat
[2009-06-04 00:40:44 | 000,056,509 | ---- | C] () -- C:\Windows\SysWow64\ctdnlstr.dat
[2009-06-04 00:33:04 | 000,007,680 | ---- | C] () -- C:\Windows\SysWow64\enlocstr.exe
[2009-05-27 09:49:00 | 000,000,285 | ---- | C] () -- C:\Windows\SysWow64\kill.ini
[2008-02-07 10:05:18 | 000,163,840 | ---- | C] () -- C:\Windows\SysWow64\hppatusg01.dll
[2007-12-28 09:22:02 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
========== LOP Check ========== [2010-09-26 15:16:48 | 000,000,000 | ---D | M] -- C:\Users\jussi\AppData\Roaming\.BitTornado
[2011-06-09 18:07:53 | 000,000,000 | ---D | M] -- C:\Users\jussi\AppData\Roaming\.minecraft
[2011-06-08 20:17:24 | 000,000,000 | ---D | M] -- C:\Users\jussi\AppData\Roaming\Azureus
[2010-05-17 19:45:06 | 000,000,000 | ---D | M] -- C:\Users\jussi\AppData\Roaming\DAEMON Tools Lite
[2010-04-30 08:07:29 | 000,000,000 | ---D | M] -- C:\Users\jussi\AppData\Roaming\DAEMON Tools Pro
[2011-05-27 17:25:54 | 000,000,000 | ---D | M] -- C:\Users\jussi\AppData\Roaming\Dropbox
[2011-05-29 15:37:54 | 000,000,000 | ---D | M] -- C:\Users\jussi\AppData\Roaming\Dwarfs
[2010-12-05 00:27:06 | 000,000,000 | ---D | M] -- C:\Users\jussi\AppData\Roaming\EurekaLog
[2010-05-12 19:17:11 | 000,000,000 | ---D | M] -- C:\Users\jussi\AppData\Roaming\HeidiSQL
[2011-05-04 17:25:46 | 000,000,000 | ---D | M] -- C:\Users\jussi\AppData\Roaming\Leadertech
[2010-09-07 21:09:23 | 000,000,000 | ---D | M] -- C:\Users\jussi\AppData\Roaming\LolClient
[2010-11-19 11:15:41 | 000,000,000 | ---D | M] -- C:\Users\jussi\AppData\Roaming\NCH Swift Sound
[2011-02-20 17:40:37 | 000,000,000 | ---D | M] -- C:\Users\jussi\AppData\Roaming\Personal
[2011-05-27 10:10:43 | 000,000,000 | ---D | M] -- C:\Users\jussi\AppData\Roaming\Raptr
[2010-12-28 20:07:13 | 000,000,000 | ---D | M] -- C:\Users\jussi\AppData\Roaming\RIFT
[2011-05-12 18:34:02 | 000,000,000 | ---D | M] -- C:\Users\jussi\AppData\Roaming\Spotify
[2010-12-07 16:22:03 | 000,000,000 | ---D | M] -- C:\Users\jussi\AppData\Roaming\TS3Client
[2011-05-16 13:53:56 | 000,032,514 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:430C6D84
@Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:DFC5A2B2
@Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:A8ADE5D8
< End of report >
And here is the one with your restrictions:
OTL logfile created on: 2011-06-09 19:27:41 - Run 3
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\jussi\Desktop\OTL
64bit- An unknown product Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 0000041d | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd
4,00 Gb Total Physical Memory | 2,12 Gb Available Physical Memory | 52,92% Memory free
8,00 Gb Paging File | 6,01 Gb Available in Paging File | 75,14% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,50 Gb Total Space | 490,42 Gb Free Space | 52,65% Space Free | Partition Type: NTFS
Computer Name: JUSSI-DATOR | User Name: jussi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2011-06-09 13:16:08 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\jussi\Desktop\OTL\OTL.exe
PRC - [2011-05-29 09:11:28 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011-05-29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011-05-25 09:25:28 | 002,214,504 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011-05-20 22:35:16 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011-04-14 19:03:01 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011-02-20 17:38:10 | 000,939,920 | ---- | M] (Technology Nexus AB) -- C:\Program Files (x86)\Personal\bin\Personal.exe
PRC - [2010-11-20 14:17:56 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
PRC - [2010-10-05 09:32:58 | 001,811,800 | ---- | M] (Logitech(c)) -- C:\Program Files (x86)\Logitech\G35\G35.exe
PRC - [2010-09-09 18:49:51 | 000,215,016 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe
PRC - [2010-09-09 18:42:05 | 000,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2010-02-18 12:24:32 | 000,522,824 | ---- | M] (Logitech Inc.) -- C:\Program\Logitech\GamePanel Software\Applets\LCDMedia.exe
PRC - [2009-09-29 13:03:46 | 000,735,960 | ---- | M] (ESET) -- C:\Program\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
PRC - [2009-06-04 00:55:16 | 000,025,600 | ---- | M] (Creative Technology Ltd) -- C:\Windows\SysWOW64\Ctxfihlp.exe
PRC - [2009-06-04 00:49:56 | 001,213,440 | ---- | M] (Creative Technology Ltd) -- C:\Windows\SysWOW64\CTxfispi.exe
PRC - [2009-02-23 11:43:54 | 000,307,200 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
PRC - [2007-09-04 19:51:42 | 001,702,360 | ---- | M] () -- C:\Program Files (x86)\NETGEAR\WN111\wn111.exe
========== Modules (SafeList) ========== MOD - [2011-06-09 13:16:08 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\jussi\Desktop\OTL\OTL.exe
MOD - [2010-11-20 13:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
========== Win32 Services (SafeList) ========== SRV:
64bit: - [2009-09-29 13:11:14 | 000,023,296 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV:
64bit: - [2009-09-29 13:03:46 | 000,735,960 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)
SRV:
64bit: - [2009-07-14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2011-05-29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011-05-25 09:25:28 | 002,214,504 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011-05-20 22:35:16 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011-05-13 15:34:43 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011-03-28 15:41:12 | 002,111,368 | ---- | M] (LogMeIn Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2010-09-09 18:49:51 | 000,215,016 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)
SRV - [2010-09-09 18:42:05 | 000,075,064 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010-05-04 13:07:22 | 000,503,080 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010-04-16 19:29:15 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2010-04-16 19:08:47 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009-02-23 11:43:54 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
========== Driver Services (SafeList) ========== DRV:
64bit: - [2011-05-29 09:11:20 | 000,025,912 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:
64bit: - [2011-03-11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:
64bit: - [2011-03-11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:
64bit: - [2011-02-18 17:36:58 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:
64bit: - [2010-11-20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:
64bit: - [2010-11-20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:
64bit: - [2010-09-29 11:34:50 | 000,377,176 | ---- | M] (Logitech) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ladfSBVMamd64.sys -- (LADF_SBVM)
DRV:
64bit: - [2010-09-29 11:34:48 | 000,062,168 | ---- | M] (Logitech) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ladfDHP2amd64.sys -- (LADF_DHP2)
DRV:
64bit: - [2010-04-16 18:01:22 | 000,828,912 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:
64bit: - [2009-11-23 17:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:
64bit: - [2009-11-23 17:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:
64bit: - [2009-09-29 13:06:16 | 000,123,200 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:
64bit: - [2009-09-29 13:03:00 | 000,136,584 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:
64bit: - [2009-09-29 12:56:36 | 000,144,824 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamon.sys -- (eamon)
DRV:
64bit: - [2009-09-28 09:22:00 | 000,395,264 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:
64bit: - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:
64bit: - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:
64bit: - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:
64bit: - [2009-06-10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:
64bit: - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:
64bit: - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:
64bit: - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:
64bit: - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:
64bit: - [2009-06-04 02:49:58 | 001,561,112 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ha20x2k.sys -- (ha20x2k)
DRV:
64bit: - [2009-06-04 02:49:42 | 000,118,296 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\emupia2k.sys -- (emupia)
DRV:
64bit: - [2009-06-04 02:49:34 | 000,213,016 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV:
64bit: - [2009-06-04 02:49:26 | 000,015,896 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV:
64bit: - [2009-06-04 02:49:18 | 000,179,224 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctoss2k.sys -- (ossrv)
DRV:
64bit: - [2009-06-04 02:49:08 | 000,684,312 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV:
64bit: - [2009-06-04 02:49:00 | 000,580,632 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctac32k.sys -- (ctac32k)
DRV:
64bit: - [2009-06-04 02:48:50 | 001,417,240 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CTEXFIFX.sys -- (CTEXFIFX.SYS)
DRV:
64bit: - [2009-06-04 02:48:50 | 001,417,240 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTEXFIFX.sys -- (CTEXFIFX)
DRV:
64bit: - [2009-06-04 02:48:38 | 000,094,744 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CTHWIUT.sys -- (CTHWIUT.SYS)
DRV:
64bit: - [2009-06-04 02:48:38 | 000,094,744 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTHWIUT.sys -- (CTHWIUT)
DRV:
64bit: - [2009-06-04 02:48:30 | 000,202,776 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CT20XUT.sys -- (CT20XUT.SYS)
DRV:
64bit: - [2009-06-04 02:48:30 | 000,202,776 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CT20XUT.sys -- (CT20XUT)
DRV:
64bit: - [2009-05-18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:
64bit: - [2009-03-18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:
64bit: - [2007-10-30 09:59:30 | 000,028,672 | ---- | M] (Todos Data System AB) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nordecr.sys -- (TdsNordecr)
DRV:
64bit: - [2005-03-29 01:30:38 | 000,008,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV - [2010-04-16 22:26:37 | 000,019,952 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys -- (RivaTuner64)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {e9935af9-87e2-415b-94e3-4a91c3da40e1} - File not found
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
http://se.msn.com/?ocid=iehpIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sv
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = DE 94 91 F8 77 DD CA 01 [binary data]
IE - HKCU\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {e9935af9-87e2-415b-94e3-4a91c3da40e1} - File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = plimus.com;www.plimus.com;regnow.com;www.regnow.com;*.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 192.168.1.4:8123
========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.defaultthis.engineName: "LOCKERZ Restock Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2453368&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..browser.search.selectedEngine: "Search"
FF - prefs.js..browser.startup.homepage: "http://www.searchqu.com/406"
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {c50ca3c4-5656-43c2-a061-13e717f73fc8}:3.1.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..keyword.URL: "http://www.tepela.com/search/?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&rls=bEGZEDre&q="
FF - prefs.js..network.proxy.type: 4
FF - user.js..browser.search.selectedEngine: "Search"
FF - user.js..keyword.URL: "http://www.tepela.com/search/?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&rls=bEGZEDre&q="
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011-04-30 09:50:10 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011-05-09 14:02:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010-04-16 18:33:54 | 000,000,000 | ---D | M]
[2011-05-30 20:29:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jussi\AppData\Roaming\mozilla\Extensions
[2011-06-06 16:24:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jussi\AppData\Roaming\mozilla\Firefox\Profiles\vmo1u408.default\extensions
[2011-05-08 16:24:46 | 000,000,000 | ---D | M] (Vuze Remote Community Toolbar) -- C:\Users\jussi\AppData\Roaming\mozilla\Firefox\Profiles\vmo1u408.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
[2011-05-08 16:24:44 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\jussi\AppData\Roaming\mozilla\Firefox\Profiles\vmo1u408.default\extensions\engine@conduit.com
[2010-04-21 12:12:12 | 000,000,933 | ---- | M] () -- C:\Users\jussi\AppData\Roaming\Mozilla\Firefox\Profiles\vmo1u408.default\searchplugins\conduit.xml
[2011-03-16 20:55:08 | 000,002,198 | ---- | M] () -- C:\Users\jussi\AppData\Roaming\Mozilla\Firefox\Profiles\vmo1u408.default\searchplugins\google-search.xml
[2011-06-08 20:17:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011-05-13 15:47:37 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2010-04-16 17:34:01 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010-09-15 07:28:09 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
File not found (No name found) --
() (No name found) -- C:\USERS\JUSSI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VMO1U408.DEFAULT\EXTENSIONS\{C50CA3C4-5656-43C2-A061-13E717F73FC8}.XPI
() (No name found) -- C:\USERS\JUSSI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VMO1U408.DEFAULT\EXTENSIONS\{E4A8A97B-F2ED-450B-B12D-EE082BA24781}.XPI
[2011-04-14 19:03:02 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010-09-15 05:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010-01-01 10:00:00 | 000,001,470 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allaannonser-sv-SE.xml
[2010-01-01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011-03-16 20:55:08 | 000,002,198 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\google-search.xml
[2010-01-01 10:00:00 | 000,002,670 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\prisjakt-sv-SE.xml
[2010-01-01 10:00:00 | 000,000,948 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\tyda-sv-SE.xml
[2010-01-01 10:00:00 | 000,001,174 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-sv-SE.xml
[2010-01-01 10:00:00 | 000,000,951 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-sv-SE.xml
O1 HOSTS File: ([2009-06-10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:
64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:
64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2:
64bit: - BHO: (UrlHelper Class) - {A40DC6C5-79D0-4ca8-A185-8FF989AF1115} - File not found
O2:
64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:
64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program\Google\GoogleToolbarNotifier\5.6.6209.1142\swg64.dll (Google Inc.)
O2:
64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (UrlHelper Class) - {A40DC6C5-79D0-4ca8-A185-8FF989AF1115} - File not found
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - File not found
O2 - BHO: (tutudragon3 Toolbar) - {e9935af9-87e2-415b-94e3-4a91c3da40e1} - File not found
O3:
64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:
64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (tutudragon3 Toolbar) - {e9935af9-87e2-415b-94e3-4a91c3da40e1} - File not found
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:
64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (tutudragon3 Toolbar) - {E9935AF9-87E2-415B-94E3-4A91C3DA40E1} - File not found
O4:
64bit: - HKLM..\Run: [Launch LCDMon] C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.)
O4:
64bit: - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.)
O4:
64bit: - HKLM..\Run: [Launch LgDeviceAgent] C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [CTxfiHlp] C:\Windows\SysWow64\Ctxfihlp.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Logitech G35] C:\Program Files (x86)\Logitech\G35\G35.exe (Logitech(c))
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [UpdatePDRShortCut] C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\RunOnce: [OTL] C:\Users\jussi\Desktop\OTL\OTL.exe (OldTimer Tools)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O8:
64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8:
64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.)
O8:
64bit: - Extra context menu item: Se&nd to OneNote - C:\Program\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:
64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:
64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:
64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:
64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:
64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29}
http://ccfiles.creative.com/Web/softwar ... /CTPID.cab (Creative Software AutoUpdate Support Package)
O18:
64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18:
64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:
64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:
64bit: - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\x64\datamngr.dll) - File not found
O20:
64bit: - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\x64\IEBHO.dll) - File not found
O20 - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\datamngr.dll) - File not found
O20 - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\IEBHO.dll) - File not found
O20:
64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:
64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28:
64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{4eb69c64-61c2-11df-aa2e-0022153804ca}\Shell - "" = AutoRun
O33 - MountPoints2\{4eb69c64-61c2-11df-aa2e-0022153804ca}\Shell\AutoRun\command - "" = F:\Setup.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\Setup.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:
64bit: - HKLM\..comfile [open] -- "%1" %*
O35:
64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKCU\..exefile [open] -- "%1" %*
O37:
64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:
64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- "%1" %*
[CLEARALLRESTOREPOINTS]
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ========== [2011-06-09 13:18:01 | 000,000,000 | ---D | C] -- C:\_OTL
[2011-06-09 13:16:46 | 000,000,000 | ---D | C] -- C:\Users\jussi\Desktop\OTL
[2011-06-08 21:12:01 | 000,000,000 | ---D | C] -- C:\Users\jussi\Desktop\SystemLook
[2011-06-08 21:00:27 | 000,000,000 | ---D | C] -- C:\Program\Java
[2011-06-08 20:55:21 | 000,000,000 | ---D | C] -- C:\Users\jussi\Desktop\JAva
[2011-06-08 20:51:25 | 000,000,000 | ---D | C] -- C:\Users\jussi\Desktop\vår värld
[2011-06-08 20:18:09 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2011-06-07 14:59:01 | 000,000,000 | ---D | C] -- C:\Users\jussi\Desktop\DDS
[2011-06-06 16:23:18 | 000,067,176 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2011-06-06 16:23:18 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2011-06-01 10:15:58 | 000,000,000 | ---D | C] -- C:\Users\jussi\Documents\Thief - Deadly Shadows
[2011-05-30 20:29:21 | 000,000,000 | ---D | C] -- C:\Users\jussi\AppData\Local\PackageAware
[2011-05-29 16:54:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Frozen Synapse
[2011-05-29 16:53:46 | 000,000,000 | ---D | C] -- C:\FrozenSynapse
[2011-05-29 16:52:45 | 000,000,000 | ---D | C] -- C:\Users\jussi\Desktop\Frozen synapse
[2011-05-27 17:28:23 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2011-05-26 15:20:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amnesia - The Dark Descent
[2011-05-26 15:15:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Amnesia - The Dark Descent
[2011-05-25 16:21:02 | 000,000,000 | ---D | C] -- C:\Users\jussi\Desktop\MINECRAFT 25.5
[2011-05-24 21:15:10 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2011-05-24 21:13:45 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2011-05-24 14:46:00 | 000,116,224 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\fms.dll
[2011-05-24 14:45:29 | 000,093,696 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysWow64\fms.dll
[2011-05-14 19:39:52 | 000,000,000 | ---D | C] -- C:\Users\jussi\AppData\Local\Threat Expert
[2011-05-14 10:49:39 | 000,000,000 | ---D | C] -- C:\Users\jussi\AppData\Roaming\Malwarebytes
[2011-05-14 10:49:32 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011-05-14 10:49:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011-05-14 10:49:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011-05-14 10:49:29 | 000,025,912 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011-05-14 10:49:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011-05-14 10:27:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Tools Security
[2011-05-13 15:47:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype Extras
[2011-05-13 15:47:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011-05-13 15:47:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2011-05-13 08:19:50 | 000,000,000 | ---D | C] -- C:\Users\jussi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Petroglyph
[2011-05-13 08:19:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Petroglyph
[2011-05-12 18:45:57 | 000,000,000 | ---D | C] -- C:\Users\jussi\Desktop\Dwarfs!
[2011-05-11 15:05:02 | 000,000,000 | ---D | C] -- C:\Users\jussi\AppData\Roaming\Dwarfs
[2010-09-07 20:28:16 | 814,143,398 | ---- | C] (GOA ) -- C:\Program Files (x86)\loleusetup.exe
[2009-06-04 00:57:38 | 000,060,928 | ---- | C] ( ) -- C:\Windows\SysWow64\a3d.dll
[2009-06-04 00:32:54 | 000,012,800 | ---- | C] ( ) -- C:\Windows\SysWow64\killapps.exe
[6 C:\Users\jussi\Documents\*.tmp files -> C:\Users\jussi\Documents\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2011-06-09 19:19:27 | 000,014,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011-06-09 19:19:27 | 000,014,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011-06-09 19:12:18 | 000,000,990 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011-06-09 19:12:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011-06-09 19:11:59 | 3220,475,904 | -HS- | M] () -- C:\hiberfil.sys
[2011-06-09 19:11:18 | 000,061,448 | ---- | M] () -- C:\Windows\SysNative\BMXStateBkp-{00000005-00000000-00000000-00001102-00000005-00311102}.rfx
[2011-06-09 19:11:18 | 000,061,448 | ---- | M] () -- C:\Windows\SysNative\BMXState-{00000005-00000000-00000000-00001102-00000005-00311102}.rfx
[2011-06-09 19:11:18 | 000,000,788 | ---- | M] () -- C:\Windows\SysNative\DVCState-{00000005-00000000-00000000-00001102-00000005-00311102}.rfx
[2011-06-09 18:35:05 | 000,000,994 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011-06-09 16:46:24 | 000,020,764 | ---- | M] () -- C:\Users\jussi\Documents\IMG_09062011_164555.png
[2011-06-08 20:19:53 | 000,141,594 | ---- | M] () -- C:\Users\jussi\Documents\myfirstragecomic.pdn
[2011-06-06 19:33:13 | 000,001,925 | ---- | M] () -- C:\Users\jussi\Desktop\Heroes of Newerth.lnk
[2011-06-06 16:34:02 | 000,000,220 | ---- | M] () -- C:\Users\jussi\Desktop\Eets.url
[2011-06-06 16:26:29 | 001,641,192 | ---- | M] () -- C:\Windows\SysNative\drivers\Cat.DB
[2011-06-01 09:49:49 | 000,000,220 | ---- | M] () -- C:\Users\jussi\Desktop\Thief Deadly Shadows.url
[2011-05-29 16:54:23 | 000,000,666 | ---- | M] () -- C:\Users\jussi\Desktop\Frozen Synapse.lnk
[2011-05-29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011-05-29 09:11:20 | 000,025,912 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011-05-26 15:20:02 | 000,002,176 | ---- | M] () -- C:\Users\jussi\Desktop\Amnesia.lnk
[2011-05-25 15:45:38 | 001,609,266 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011-05-25 15:45:38 | 000,673,214 | ---- | M] () -- C:\Windows\SysNative\perfh01D.dat
[2011-05-25 15:45:38 | 000,664,106 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011-05-25 15:45:38 | 000,147,030 | ---- | M] () -- C:\Windows\SysNative\perfc01D.dat
[2011-05-25 15:45:38 | 000,126,132 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011-05-25 09:25:27 | 000,067,176 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2011-05-25 09:25:27 | 000,057,960 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2011-05-25 09:25:23 | 000,007,384 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2011-05-25 08:35:13 | 000,479,160 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011-05-20 22:35:28 | 000,304,744 | ---- | M] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011-05-14 10:49:32 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011-05-14 10:44:28 | 000,007,850 | -HS- | M] () -- C:\Users\jussi\AppData\Local\3117s200hy2tn032syu2b6x4ag6ki7an174w
[2011-05-14 10:44:28 | 000,007,850 | -HS- | M] () -- C:\ProgramData\3117s200hy2tn032syu2b6x4ag6ki7an174w
[2011-05-14 02:21:03 | 000,007,664 | -HS- | M] () -- C:\Users\jussi\AppData\Local\1107321794
[2011-05-13 15:47:11 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011-05-12 20:45:52 | 020,533,281 | ---- | M] () -- C:\Users\jussi\Documents\vlc-1.1.9-win32.exe
[2011-05-11 11:28:49 | 335,461,811 | ---- | M] () -- C:\Windows\MEMORY.DMP
[6 C:\Users\jussi\Documents\*.tmp files -> C:\Users\jussi\Documents\*.tmp -> ]
========== Files Created - No Company Name ========== [2011-06-09 16:46:20 | 000,020,764 | ---- | C] () -- C:\Users\jussi\Documents\IMG_09062011_164555.png
[2011-06-08 20:19:36 | 000,141,594 | ---- | C] () -- C:\Users\jussi\Documents\myfirstragecomic.pdn
[2011-06-06 19:33:13 | 000,001,925 | ---- | C] () -- C:\Users\jussi\Desktop\Heroes of Newerth.lnk
[2011-06-06 16:33:56 | 000,000,220 | ---- | C] () -- C:\Users\jussi\Desktop\Eets.url
[2011-06-01 09:49:49 | 000,000,220 | ---- | C] () -- C:\Users\jussi\Desktop\Thief Deadly Shadows.url
[2011-05-29 16:54:23 | 000,000,666 | ---- | C] () -- C:\Users\jussi\Desktop\Frozen Synapse.lnk
[2011-05-26 15:20:02 | 000,002,176 | ---- | C] () -- C:\Users\jussi\Desktop\Amnesia.lnk
[2011-05-24 14:47:13 | 000,347,904 | ---- | C] () -- C:\Windows\SysNative\systemsf.ebd
[2011-05-24 14:45:02 | 000,010,429 | ---- | C] () -- C:\Windows\SysNative\ScavengeSpace.xml
[2011-05-24 14:44:46 | 000,105,559 | ---- | C] () -- C:\Windows\SysWow64\RacRules.xml
[2011-05-24 14:44:46 | 000,105,559 | ---- | C] () -- C:\Windows\SysNative\RacRules.xml
[2011-05-24 14:44:38 | 000,001,041 | ---- | C] () -- C:\Windows\SysWow64\tcpbidi.xml
[2011-05-24 14:44:37 | 000,146,389 | ---- | C] () -- C:\Windows\SysWow64\printmanagement.msc
[2011-05-20 22:35:28 | 000,304,744 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011-05-14 10:49:32 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011-05-14 10:27:41 | 001,641,192 | ---- | C] () -- C:\Windows\SysNative\drivers\Cat.DB
[2011-05-14 02:21:03 | 000,007,664 | -HS- | C] () -- C:\Users\jussi\AppData\Local\1107321794
[2011-05-13 17:40:24 | 000,007,850 | -HS- | C] () -- C:\Users\jussi\AppData\Local\3117s200hy2tn032syu2b6x4ag6ki7an174w
[2011-05-13 17:40:24 | 000,007,850 | -HS- | C] () -- C:\ProgramData\3117s200hy2tn032syu2b6x4ag6ki7an174w
[2011-05-13 15:47:11 | 000,002,515 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2011-04-13 13:52:30 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011-04-09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011-02-02 18:40:24 | 000,000,565 | ---- | C] () -- C:\Users\jussi\AppData\Roaming\myMPQ.ini
[2010-11-19 11:26:50 | 000,000,600 | ---- | C] () -- C:\Users\jussi\AppData\Roaming\winscp.rnd
[2010-11-01 18:28:51 | 000,143,452 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2010-09-12 21:44:12 | 000,000,093 | ---- | C] () -- C:\Users\jussi\AppData\Local\fusioncache.dat
[2010-09-09 18:42:07 | 000,215,016 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010-09-09 18:42:05 | 000,075,064 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010-09-09 18:42:04 | 002,427,248 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_heroes.exe
[2010-08-29 17:19:32 | 001,586,204 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010-04-30 08:15:23 | 000,000,254 | ---- | C] () -- C:\Windows\RomeTW.ini
[2010-04-19 18:30:09 | 000,000,600 | ---- | C] () -- C:\Windows\Rtcw.INI
[2010-04-18 14:50:56 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010-04-18 13:41:18 | 001,970,176 | ---- | C] () -- C:\Windows\SysWow64\d3dx9.dll
[2010-04-16 19:07:35 | 000,148,480 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2010-04-16 19:07:35 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2009-07-14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009-07-14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009-07-14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009-07-14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009-07-14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009-07-13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009-06-10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009-06-04 01:37:08 | 000,021,093 | ---- | C] () -- C:\Windows\SysWow64\instwdm.ini
[2009-06-04 01:37:06 | 000,000,054 | ---- | C] () -- C:\Windows\SysWow64\ctzapxx.ini
[2009-06-04 00:55:20 | 000,002,560 | ---- | C] () -- C:\Windows\SysWow64\CTXFIRES.DLL
[2009-06-04 00:40:44 | 000,321,512 | ---- | C] () -- C:\Windows\SysWow64\ctdlang.dat
[2009-06-04 00:40:44 | 000,056,509 | ---- | C] () -- C:\Windows\SysWow64\ctdnlstr.dat
[2009-06-04 00:33:04 | 000,007,680 | ---- | C] () -- C:\Windows\SysWow64\enlocstr.exe
[2009-05-27 09:49:00 | 000,000,285 | ---- | C] () -- C:\Windows\SysWow64\kill.ini
[2008-02-07 10:05:18 | 000,163,840 | ---- | C] () -- C:\Windows\SysWow64\hppatusg01.dll
[2007-12-28 09:22:02 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
========== LOP Check ========== [2010-09-26 15:16:48 | 000,000,000 | ---D | M] -- C:\Users\jussi\AppData\Roaming\.BitTornado
[2011-06-09 18:07:53 | 000,000,000 | ---D | M] -- C:\Users\jussi\AppData\Roaming\.minecraft
[2011-06-08 20:17:24 | 000,000,000 | ---D | M] -- C:\Users\jussi\AppData\Roaming\Azureus
[2010-05-17 19:45:06 | 000,000,000 | ---D | M] -- C:\Users\jussi\AppData\Roaming\DAEMON Tools Lite
[2010-04-30 08:07:29 | 000,000,000 | ---D | M] -- C:\Users\jussi\AppData\Roaming\DAEMON Tools Pro
[2011-05-27 17:25:54 | 000,000,000 | ---D | M] -- C:\Users\jussi\AppData\Roaming\Dropbox
[2011-05-29 15:37:54 | 000,000,000 | ---D | M] -- C:\Users\jussi\AppData\Roaming\Dwarfs
[2010-12-05 00:27:06 | 000,000,000 | ---D | M] -- C:\Users\jussi\AppData\Roaming\EurekaLog
[2010-05-12 19:17:11 | 000,000,000 | ---D | M] -- C:\Users\jussi\AppData\Roaming\HeidiSQL
[2011-05-04 17:25:46 | 000,000,000 | ---D | M] -- C:\Users\jussi\AppData\Roaming\Leadertech
[2010-09-07 21:09:23 | 000,000,000 | ---D | M] -- C:\Users\jussi\AppData\Roaming\LolClient
[2010-11-19 11:15:41 | 000,000,000 | ---D | M] -- C:\Users\jussi\AppData\Roaming\NCH Swift Sound
[2011-02-20 17:40:37 | 000,000,000 | ---D | M] -- C:\Users\jussi\AppData\Roaming\Personal
[2011-05-27 10:10:43 | 000,000,000 | ---D | M] -- C:\Users\jussi\AppData\Roaming\Raptr
[2010-12-28 20:07:13 | 000,000,000 | ---D | M] -- C:\Users\jussi\AppData\Roaming\RIFT
[2011-05-12 18:34:02 | 000,000,000 | ---D | M] -- C:\Users\jussi\AppData\Roaming\Spotify
[2010-12-07 16:22:03 | 000,000,000 | ---D | M] -- C:\Users\jussi\AppData\Roaming\TS3Client
[2011-05-16 13:53:56 | 000,032,514 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ========== ========== Custom Scans ========== < :processes > < killallprocesses > < > < :Reg > < [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}\ProgID] > < [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}\VersionIndependentProgID] > < [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}] > < [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1] > < [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}] > < [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}] > < > < :Commands > < [Reboot] > ========== Alternate Data Streams ========== @Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:430C6D84
@Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:DFC5A2B2
@Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:A8ADE5D8
< End of report >
/Juala