BaiduHipsBugRpt haittaohjlema

Discussion in 'Virukset ja haittaohjelmat' started by djjari, Jun 1, 2015.

  1. djjari

    djjari Active member

    Joined:
    Dec 17, 2010
    Messages:
    1,142
    Likes Received:
    6
    Trophy Points:
    68
    tämmöstä BaiduHipsBugRpt haittaohjelmaa en saa millään pois koneeltani

    malwarebytesillä sain jo haittaohjelmia pois,mutta kaikki ei lähtenyt

    ja tässä yksi mitä ei saa pois PC Speed Up varmasti kans haittaohjelma

    ja tässä BaiduSd3.0 en saa niitä pois koneeltani

    tämmösen lokin se tallensi jostain

    Files\Folders moved on Reboot...
    File\Folder C:\Users\Jarppa\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\30e343e5b0f707dd240618f10b741aa_fce8395f8fd8a80c_81e62caf6a93968d_0_0.bin not found!
    File\Folder C:\Users\Jarppa\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\30e343e5b0f707dd240618f10b741aa_fce8395f8fd8a80c_81e62caf6a93968d_0_0.toc not found!
    File\Folder C:\Users\Jarppa\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\63547c51a55c7182c5c77fb521826c6c_fce8395f8fd8a80c_6229ccd76215aea1_0_0.bin not found!
    File\Folder C:\Users\Jarppa\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\63547c51a55c7182c5c77fb521826c6c_fce8395f8fd8a80c_6229ccd76215aea1_0_0.toc not found!
    File move failed. C:\Users\Jarppa\AppData\Local\Temp\FXSAPIDebugLogFile.txt scheduled to be moved on reboot.
    File move failed. C:\Users\Jarppa\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.
    File move failed. C:\Windows\temp\Low\SkypeClickToCall\Logs\AutoUpdateSvc.log scheduled to be moved on reboot.
    File\Folder C:\Windows\temp\hsperfdata_JARPPA-PC$\1984 not found!

    PendingFileRenameOperations files...

    Registry entries deleted on Reboot...
     
  2. djjari

    djjari Active member

    Joined:
    Dec 17, 2010
    Messages:
    1,142
    Likes Received:
    6
    Trophy Points:
    68
    OTL logfile created on: 1.6.2015 18:41:07 - Run 3
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jarppa\Desktop
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.11.9600.17801)
    Locale: 0000040b | Country: Suomi | Language: FIN | Date Format: d.M.yyyy
    3,98 Gb Total Physical Memory | 1,63 Gb Available Physical Memory | 40,93% Memory free
    8,26 Gb Paging File | 5,59 Gb Available in Paging File | 67,67% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]
    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 458,95 Gb Total Space | 271,11 Gb Free Space | 59,07% Space Free | Partition Type: NTFS
    Drive D: | 459,27 Gb Total Space | 340,52 Gb Free Space | 74,14% Space Free | Partition Type: NTFS
    Computer Name: JARPPA-PC | User Name: Jarppa | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
    ========== Processes (SafeList) ==========
    PRC - [2015.06.01 17:16:05 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jarppa\Desktop\OTL.exe
    PRC - [2015.06.01 11:45:44 | 002,474,952 | ---- | M] (百度在线网络技术(北京)有限公司) -- C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdTray.exe
    PRC - [2015.06.01 11:45:44 | 000,793,096 | ---- | M] (百度在线网络技术(北京)有限公司) -- C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdSvc.exe
    PRC - [2015.06.01 11:45:43 | 000,064,008 | ---- | M] (百度在线网络技术(北京)有限公司) -- C:\Program Files (x86)\Common Files\Baidu\BaiduHips\1.2.0.751\BaiduHips.exe
    PRC - [2015.05.29 15:22:49 | 000,376,944 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    PRC - [2015.05.19 20:04:42 | 000,033,512 | ---- | M] (Optimal Software s.r.o.) -- C:\Program Files (x86)\PC Speed Up\SpeedCheckerService.exe
    PRC - [2015.05.19 20:04:26 | 000,358,120 | ---- | M] () -- C:\Program Files (x86)\PC Speed Up\PCSUNotifier.exe
    PRC - [2015.05.01 11:17:04 | 001,772,672 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
    PRC - [2015.05.01 11:16:10 | 001,394,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
    PRC - [2015.04.25 09:40:29 | 001,894,064 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_95.exe
    PRC - [2015.04.06 22:32:56 | 000,065,536 | -H-- | M] () -- C:\Program Files (x86)\baidu\baidu.exe
    PRC - [2014.12.19 09:48:18 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    PRC - [2014.11.06 20:14:58 | 002,464,072 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
    PRC - [2014.11.06 20:14:48 | 001,795,912 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    PRC - [2009.08.28 12:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
    ========== Modules (No Company Name) ==========
    MOD - [2015.06.01 11:46:05 | 000,403,848 | ---- | M] () -- C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BDMCommon.dll
    MOD - [2015.05.19 20:04:30 | 000,584,000 | ---- | M] () -- C:\Program Files (x86)\PC Speed Up\Sqlite3.dll
    MOD - [2015.05.19 20:04:26 | 000,441,064 | ---- | M] () -- C:\Program Files (x86)\PC Speed Up\PopupNotification.dll
    MOD - [2015.05.19 20:04:26 | 000,358,120 | ---- | M] () -- C:\Program Files (x86)\PC Speed Up\PCSUNotifier.exe
    MOD - [2015.04.25 09:40:26 | 017,083,568 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_95.dll
    MOD - [2015.04.06 22:32:56 | 000,065,536 | -H-- | M] () -- C:\Program Files (x86)\baidu\baidu.exe
    ========== Services (SafeList) ==========
    SRV:64bit: - [2015.04.30 01:53:40 | 000,366,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
    SRV:64bit: - [2015.04.30 01:53:40 | 000,023,816 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
    SRV:64bit: - [2015.04.27 22:23:32 | 001,254,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
    SRV:64bit: - [2015.04.21 19:35:40 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
    SRV:64bit: - [2014.11.06 20:14:48 | 001,148,744 | ---- | M] (NVIDIA Corporation) [On_Demand | Stopped] -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe -- (GfExperienceService)
    SRV:64bit: - [2014.11.06 20:14:44 | 019,819,848 | ---- | M] (NVIDIA Corporation) [On_Demand | Stopped] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
    SRV:64bit: - [2014.08.19 23:51:04 | 000,344,064 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
    SRV:64bit: - [2013.05.27 08:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
    SRV - [2015.06.01 11:45:44 | 000,793,096 | ---- | M] (百度在线网络技术(北京)有限公司) [Auto | Running] -- C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdSvc.exe -- (BDKVRTP)
    SRV - [2015.06.01 11:45:43 | 000,064,008 | ---- | M] (百度在线网络技术(北京)有限公司) [Auto | Running] -- C:\Program Files (x86)\Common Files\Baidu\BaiduHips\1.2.0.751\BaiduHips.exe -- (BaiduHips)
    SRV - [2015.05.29 15:22:48 | 000,148,080 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
    SRV - [2015.05.19 20:04:42 | 000,033,512 | ---- | M] (Optimal Software s.r.o.) [Auto | Running] -- C:\Program Files (x86)\PC Speed Up\SpeedCheckerService.exe -- (SCService)
    SRV - [2015.05.17 19:39:28 | 000,268,464 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
    SRV - [2015.05.01 11:17:04 | 001,772,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)
    SRV - [2015.05.01 11:16:10 | 001,394,816 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)
    SRV - [2015.04.14 09:36:30 | 001,080,120 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
    SRV - [2015.03.02 21:19:59 | 000,024,576 | ---- | M] (Realtek Semiconductor.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe -- (SetupARService)
    SRV - [2015.02.18 19:11:32 | 000,315,488 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
    SRV - [2014.12.19 09:48:18 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
    SRV - [2014.11.07 06:05:34 | 000,105,120 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
    SRV - [2014.11.06 20:14:48 | 001,795,912 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
    SRV - [2014.03.21 01:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
    SRV - [2013.03.19 17:16:28 | 000,081,920 | ---- | M] (AMD) [On_Demand | Stopped] -- C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe -- (AMD_RAIDXpert)
    SRV - [2009.08.28 12:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe -- (Greg_Service)
    ========== Driver Services (SafeList) ==========
    DRV:64bit: - [2015.06.01 15:59:50 | 000,103,752 | ---- | M] (Baidu) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\BDDefense.sys -- (BDDefense)
    DRV:64bit: - [2015.06.01 11:46:14 | 000,056,136 | ---- | M] (Baidu) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BDMWrench_x64.sys -- (BDMWrench_x64)
    DRV:64bit: - [2015.06.01 11:46:13 | 000,152,392 | ---- | M] (Baidu Technology) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\BDArKit.SYS -- (BDArKit)
    DRV:64bit: - [2015.06.01 11:46:12 | 000,202,576 | ---- | M] (Baidu) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\bd0001.sys -- (bd0001)
    DRV:64bit: - [2015.06.01 11:46:12 | 000,196,936 | ---- | M] (Baidu) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\bd0002.sys -- (bd0002)
    DRV:64bit: - [2015.06.01 11:46:12 | 000,067,400 | ---- | M] (Baidu) [File_System | System | Running] -- C:\Windows\SysNative\drivers\bd0003.sys -- (bd0003)
    DRV:64bit: - [2015.04.14 09:37:56 | 000,063,704 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
    DRV:64bit: - [2015.04.14 09:37:42 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
    DRV:64bit: - [2015.03.04 19:34:52 | 000,124,568 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
    DRV:64bit: - [2015.02.11 13:38:55 | 000,197,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
    DRV:64bit: - [2014.11.27 13:26:19 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
    DRV:64bit: - [2014.11.27 09:46:03 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
    DRV:64bit: - [2014.11.06 20:14:43 | 000,019,784 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
    DRV:64bit: - [2014.10.03 22:23:02 | 000,038,216 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
    DRV:64bit: - [2014.02.16 19:23:54 | 000,060,640 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
    DRV:64bit: - [2014.02.11 18:36:52 | 000,059,616 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.3)
    DRV:64bit: - [2014.01.22 09:52:10 | 000,206,080 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
    DRV:64bit: - [2014.01.22 09:52:10 | 000,108,800 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
    DRV:64bit: - [2013.12.03 09:31:18 | 000,035,376 | ---- | M] (Basil Projects) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\WinDivert64.sys -- (WinDivert64)
    DRV:64bit: - [2013.10.02 05:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
    DRV:64bit: - [2012.03.27 17:48:00 | 000,398,112 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
    DRV:64bit: - [2012.03.01 09:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
    DRV:64bit: - [2011.03.11 09:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
    DRV:64bit: - [2011.03.11 09:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
    DRV:64bit: - [2010.11.20 16:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
    DRV:64bit: - [2010.09.07 09:27:24 | 000,038,912 | R--- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PcaSp60.sys -- (PcaSp60)
    DRV:64bit: - [2010.07.01 20:11:24 | 000,012,352 | ---- | M] () [Kernel | "Start" not found. | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
    DRV:64bit: - [2009.09.15 14:59:30 | 000,042,088 | ---- | M] (NVIDIA Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvoclk64.sys -- (nvoclk64)
    DRV:64bit: - [2009.07.14 04:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
    DRV:64bit: - [2009.07.14 04:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
    DRV:64bit: - [2009.07.14 04:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
    DRV:64bit: - [2009.07.14 03:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
    DRV:64bit: - [2009.07.14 00:59:33 | 005,020,672 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
    DRV:64bit: - [2009.06.11 08:34:38 | 001,208,320 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
    DRV:64bit: - [2009.06.10 23:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
    DRV:64bit: - [2009.06.10 23:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
    DRV:64bit: - [2009.06.10 23:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
    DRV:64bit: - [2009.06.10 23:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
    DRV:64bit: - [2009.06.03 00:58:24 | 000,507,392 | ---- | M] (ITETech ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AF15BDA.sys -- (AF15BDA)
    DRV:64bit: - [2009.05.04 19:30:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie)
    DRV:64bit: - [2008.09.12 14:21:38 | 000,651,776 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\emBDA64.sys -- (USB28xxBGA)
    DRV:64bit: - [2008.09.12 14:21:00 | 000,539,520 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\emOEM64.sys -- (USB28xxOEM)
    DRV:64bit: - [2000.01.01 03:00:00 | 000,026,208 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\johci.sys -- (johci)
    DRV - [2010.09.07 09:27:24 | 000,038,912 | R--- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\PcaSp60.sys -- (PcaSp60)
    DRV - [2009.07.14 04:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
    ========== Standard Registry (SafeList) ==========
    ========== Internet Explorer ==========

    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com
    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = www.google.com
    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = www.google.com
    IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
    IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?source...nputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
    IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sea...putEncoding}&oe={outputEncoding}&sourceid=ie7
    IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/fi-fi/?ocid=iehp
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fi-FI
    IE - HKCU\..\SearchScopes,DefaultScope = {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    ========== FireFox ==========
    FF - prefs.js..browser.search.countryCode: "FI"
    FF - prefs.js..browser.search.region: "FI"
    FF - prefs.js..browser.search.searchengine.alias: "oursurfing"
    FF - prefs.js..browser.search.searchengine.desc: "this is my first firefox searchEngine"
    FF - prefs.js..browser.search.searchengine.iconURL: "http://www.oursurfing.com/favicon.ico"
    FF - prefs.js..browser.search.searchengine.name: "oursurfing"
    FF - prefs.js..browser.search.searchengine.ptid: "amt"
    FF - prefs.js..browser.search.searchengine.uid: "395049983_1052514_66534452"
    FF - prefs.js..browser.search.searchengine.url: "http://www.oursurfing.com/web/?type...id=395049983_1052514_66534452&q={searchTerms}"
    FF - prefs.js..browser.search.selectedEngine: "oursurfing"
    FF - prefs.js..browser.search.useDBForOrder: true
    FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:39.0
    FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_95.dll File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.45.2: C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.45.2: C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_95.dll ()
    FF - HKLM\Software\MozillaPlugins\@baidu.com/BaidusdDetectNPPlugin: C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\explugin\npBaiduSDDetectPlug.dll (百度在线网络技术(北京)有限公司)
    FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.45.2: C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll File not found
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.45.2: C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found
    FF - HKLM\Software\MozillaPlugins\@rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5: C:\Users\Jarppa\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll File not found
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll File not found
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll File not found
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll File not found
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 39.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 39.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
    [2015.05.13 14:18:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jarppa\AppData\Roaming\mozilla\Extensions
    [2015.06.01 16:03:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jarppa\AppData\Roaming\mozilla\Firefox\Profiles\sadgjijk.default\extensions
    [2015.05.29 16:45:57 | 000,946,636 | ---- | M] () (No name found) -- C:\Users\Jarppa\AppData\Roaming\mozilla\firefox\profiles\sadgjijk.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
    [2015.05.26 22:12:37 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
    [2015.05.29 15:22:52 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    ========== Chrome ==========
    CHR - Extension: No name found = C:\Users\Jarppa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\
    CHR - Extension: No name found = C:\Users\Jarppa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\
    CHR - Extension: No name found = C:\Users\Jarppa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.12_0\
    CHR - Extension: No name found = C:\Users\Jarppa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\
    CHR - Extension: No name found = C:\Users\Jarppa\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcilimldmomiaihcfkmaldanopfejefg\45.0.0_0\
    CHR - Extension: No name found = C:\Users\Jarppa\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkmkefpehlolmdiloilglfcojbomaoii\16041.9733.6054_0\
    CHR - Extension: No name found = C:\Users\Jarppa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\
    CHR - Extension: No name found = C:\Users\Jarppa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
    O1 HOSTS File: ([2015.02.26 20:24:08 | 000,000,083 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O1 - Hosts: 127.0.0.1 www.iobit.com
    O1 - Hosts: 127.0.0.1 www.asc55.iobit.com
    O2:64bit: - BHO: (PrIceLeuss) - {546C73F6-978A-4B10-8718-1E3440E7A983} - C:\Program Files (x86)\PrIceLeuss\4C2wOtasQxBpM7.x64.dll File not found
    O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll (Oracle Corporation)
    O2:64bit: - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
    O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll (Oracle Corporation)
    O2 - BHO: (WebMonBHO) - {15DEE173-1BE9-4424-81E0-58A87076E9B1} - C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\websafe\WebMonBHO.dll (百度在线网络技术(北京)有限公司)
    O2 - BHO: (PrIceLeuss) - {546C73F6-978A-4B10-8718-1E3440E7A983} - C:\Program Files (x86)\PrIceLeuss\4C2wOtasQxBpM7.dll File not found
    O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll (Oracle Corporation)
    O2 - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
    O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll (Oracle Corporation)
    O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O4:64bit: - HKLM..\Run: [baidusdTray] C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\baidusdTray.exe (百度在线网络技术(北京)有限公司)
    O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
    O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
    O4 - HKLM..\Run: [baidusdTray] C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdTray.exe (百度在线网络技术(北京)有限公司)
    O4 - HKCU..\Run: [apphide] C:\Program Files (x86)\baidu\baidu.exe ()
    O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
    O4 - HKCU..\Run: [GoogleChromeAutoLaunch_B15EBE0FF5DA1054EB97D09BD2881A86] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
    O4 - HKCU..\Run: [PCSpeedUp] C:\Program Files (x86)\PC Speed Up\PCSUNotifier.exe ()
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O9:64bit: - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
    O9 - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ADE6E253-98D5-43E2-8AD7-CF0AD0B1CA72}: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ADE6E253-98D5-43E2-8AD7-CF0AD0B1CA72}: NameServer = 109.204.194.2,109.204.194.3
    O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
    O18:64bit: - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
    O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
    O18 - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
    O32 - HKLM CDRom: AutoRun - 1
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = ComFile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
    O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
    ========== Files/Folders - Created Within 30 Days ==========
    [2015.06.01 17:16:26 | 000,000,000 | ---D | C] -- C:\_OTL
    [2015.06.01 17:16:01 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Jarppa\Desktop\OTL.exe
    [2015.06.01 16:22:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
    [2015.06.01 12:15:14 | 000,000,000 | ---D | C] -- C:\ProgramData\TXQMPC
    [2015.06.01 12:01:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Tencent
    [2015.06.01 11:55:16 | 000,000,000 | ---D | C] -- C:\Users\Jarppa\AppData\Roaming\Tencent
    [2015.06.01 11:55:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Tencent
    [2015.06.01 11:49:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BaiduAn4.0
    [2015.06.01 11:47:27 | 000,056,136 | ---- | C] (Baidu) -- C:\Windows\SysNative\drivers\BDMWrench_x64.sys
    [2015.06.01 11:46:44 | 000,067,400 | ---- | C] (Baidu) -- C:\Windows\SysNative\drivers\bd0003.sys
    [2015.06.01 11:46:37 | 000,103,752 | ---- | C] (Baidu) -- C:\Windows\SysNative\drivers\BDDefense.sys
    [2015.06.01 11:46:34 | 000,152,392 | ---- | C] (Baidu Technology) -- C:\Windows\SysNative\drivers\BDArKit.SYS
    [2015.06.01 11:46:26 | 000,196,936 | ---- | C] (Baidu) -- C:\Windows\SysNative\drivers\bd0002.sys
    [2015.06.01 11:46:20 | 000,202,576 | ---- | C] (Baidu) -- C:\Windows\SysNative\drivers\bd0001.sys
    [2015.06.01 11:46:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Baidu
    [2015.06.01 11:45:45 | 000,000,000 | ---D | C] -- C:\ProgramData\{dfc374fb-0c82-6dda-dfc3-374fb0c8d3ec}
    [2015.06.01 11:45:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BaiduSd3.0
    [2015.06.01 11:45:35 | 000,000,000 | ---D | C] -- C:\Users\Jarppa\AppData\Roaming\4BA6FB90-1433148335-1020-0308-142347000000
    [2015.06.01 11:45:33 | 000,000,000 | ---D | C] -- C:\ProgramData\BDSReport
    [2015.06.01 11:44:58 | 000,000,000 | ---D | C] -- C:\Users\Jarppa\AppData\Roaming\4BA6FB90-1433148298-1020-0308-142347000000
    [2015.06.01 11:44:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Speed Up
    [2015.06.01 11:44:23 | 000,000,000 | ---D | C] -- C:\Users\Jarppa\AppData\Roaming\Baidu
    [2015.06.01 11:44:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Baidu
    [2015.06.01 11:44:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Speed Up
    [2015.06.01 11:44:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\baidu
    [2015.06.01 09:34:06 | 000,000,000 | ---D | C] -- C:\Users\Jarppa\AppData\Local\9639
    [2015.06.01 09:19:23 | 000,000,000 | ---D | C] -- C:\Users\Jarppa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SevenZip 9.20
    [2015.05.31 14:45:08 | 000,000,000 | ---D | C] -- C:\Users\Jarppa\AppData\Local\Nero
    [2015.05.31 14:41:28 | 000,000,000 | ---D | C] -- C:\Users\Jarppa\AppData\Roaming\Nero
    [2015.05.31 14:22:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
    [2015.05.31 12:56:12 | 000,000,000 | ---D | C] -- C:\Users\Jarppa\AppData\Local\29235
    [2015.05.31 11:07:12 | 000,000,000 | ---D | C] -- C:\Users\Jarppa\AppData\Local\globalUpdate
    [2015.05.31 10:27:40 | 000,000,000 | ---D | C] -- C:\ProgramData\16161289008471305811
    [2015.05.31 10:24:49 | 000,000,000 | ---D | C] -- C:\ProgramData\{042502c8-e906-5066-0425-502c8e900b23}
    [2015.05.26 22:12:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
    [2015.05.25 23:15:16 | 000,000,000 | ---D | C] -- C:\Users\Jarppa\AppData\Local\Apps
    [2015.05.18 23:24:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
    [2015.05.15 12:14:43 | 000,000,000 | ---D | C] -- C:\Users\Jarppa\Documents\Sea of Darkness
    [2015.05.15 10:53:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nancy Drew Prerequisites
    [2015.05.15 10:53:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Her Interactive
    [2015.05.15 10:49:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nancy Drew Sea of Darkness
    [2015.05.13 14:18:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
    [2015.05.13 08:30:44 | 000,000,000 | ---D | C] -- C:\Users\Jarppa\AppData\Local\Microsoft Help
    [2015.05.05 14:41:46 | 000,000,000 | ---D | C] -- C:\Users\Jarppa\AppData\Roaming\Leadertech
    [2015.05.04 16:02:44 | 000,000,000 | ---D | C] -- C:\Users\Jarppa\AppData\Roaming\DVDVideoSoft
    [2015.05.04 15:54:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The FilmMachine
    [2015.05.04 15:54:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\The FilmMachine
    [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
    ========== Files - Modified Within 30 Days ==========
    [2015.06.01 18:30:00 | 000,001,690 | ---- | M] () -- C:\Windows\tasks\BYAIAMUF.job
    [2015.06.01 18:20:01 | 000,001,008 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2015.06.01 17:34:28 | 000,136,408 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
    [2015.06.01 17:18:51 | 000,018,736 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2015.06.01 17:18:51 | 000,018,736 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2015.06.01 17:16:05 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jarppa\Desktop\OTL.exe
    [2015.06.01 17:10:23 | 000,001,004 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2015.06.01 17:09:48 | 000,001,026 | ---- | M] () -- C:\Windows\tasks\sJzVpqhII0ElJ95oqT9bh6eMe.job
    [2015.06.01 17:09:48 | 000,001,014 | ---- | M] () -- C:\Windows\tasks\wgb6CBu5cqqTsV1wseA.job
    [2015.06.01 17:08:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2015.06.01 17:07:55 | 3208,544,256 | -HS- | M] () -- C:\hiberfil.sys
    [2015.06.01 15:59:50 | 000,103,752 | ---- | M] (Baidu) -- C:\Windows\SysNative\drivers\BDDefense.sys
    [2015.06.01 15:37:16 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\PC SpeedUp Service Deactivator.job
    [2015.06.01 15:36:14 | 000,343,560 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
    [2015.06.01 11:46:33 | 002,035,200 | ---- | M] () -- C:\Users\Jarppa\AppData\Roaming\BYAIAMUF.exe
    [2015.06.01 11:46:14 | 000,056,136 | ---- | M] (Baidu) -- C:\Windows\SysNative\drivers\BDMWrench_x64.sys
    [2015.06.01 11:46:13 | 000,152,392 | ---- | M] (Baidu Technology) -- C:\Windows\SysNative\drivers\BDArKit.SYS
    [2015.06.01 11:46:12 | 000,202,576 | ---- | M] (Baidu) -- C:\Windows\SysNative\drivers\bd0001.sys
    [2015.06.01 11:46:12 | 000,196,936 | ---- | M] (Baidu) -- C:\Windows\SysNative\drivers\bd0002.sys
    [2015.06.01 11:46:12 | 000,067,400 | ---- | M] (Baidu) -- C:\Windows\SysNative\drivers\bd0003.sys
    [2015.06.01 11:42:39 | 000,002,549 | ---- | M] () -- C:\Users\Jarppa\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
    [2015.06.01 11:42:39 | 000,001,701 | ---- | M] () -- C:\Users\Jarppa\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
    [2015.06.01 11:39:14 | 001,353,786 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
    [2015.06.01 11:39:14 | 000,650,136 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
    [2015.06.01 11:39:14 | 000,469,494 | ---- | M] () -- C:\Windows\SysNative\perfh00B.dat
    [2015.06.01 11:39:14 | 000,118,008 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
    [2015.06.01 11:39:14 | 000,097,486 | ---- | M] () -- C:\Windows\SysNative\perfc00B.dat
    [2015.06.01 09:19:23 | 000,001,055 | ---- | M] () -- C:\Users\Jarppa\Application Data\Microsoft\Internet Explorer\Quick Launch\SevenZip.lnk
    [2015.05.31 11:07:07 | 000,000,004 | ---- | M] () -- C:\Windows\SysWow64\029B560A371F4E00AB32838EBC01B9E7
    [2015.05.30 09:48:51 | 000,001,141 | ---- | M] () -- C:\Windows\SysNative\05-30_09-20-40_Yle TV1 HD_Ylen aamu-tv - 09.07 Eduskunnan puhemies Maria Lohela 9.19 Viikonlopun sää 9.26 Ylioppilasjuhlien tunnelmaa Outokummusta 9.32 Mikä ruusuissa kiehtoo 9.42 Voita&Sokeria 9.ts.lnk
    [2015.05.21 21:21:41 | 000,001,138 | ---- | M] () -- C:\Windows\SysNative\05-21_15-39-43_MTV3 (fin)_Salatut elämät (7) - Osa 2825 Kristiinan standardit ovat matalat. Pihlajakadun asukkaista kertovassa sarjassa kuljetaan kiehtovien tarinoiden poluilla koskettavia tai ar.ts.lnk
    [2015.05.18 09:05:17 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
    [2015.05.15 12:17:43 | 000,000,000 | ---- | M] () -- C:\Windows\SeaOfDarkness.INI
    [2015.05.13 08:39:21 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
    [2015.05.09 22:14:55 | 000,001,135 | ---- | M] () -- C:\Windows\SysNative\05-09_09-21-02_Yle TV1 HD_Yles morgon-tv - 9.07 Den nya oppositionen Carl Haglund, SFP och Antti Lindtman, SDP. 9.20 Veckoslutsväder 9.27 Annorlunda mammor 9.39 Smör & socker 9.48 En tårtkonstnär.ts.lnk
    [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
    ========== Files Created - No Company Name ==========
    [2015.06.01 11:46:35 | 000,001,690 | ---- | C] () -- C:\Windows\tasks\BYAIAMUF.job
    [2015.06.01 11:46:33 | 002,035,200 | ---- | C] () -- C:\Users\Jarppa\AppData\Roaming\BYAIAMUF.exe
    [2015.06.01 11:44:27 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\PC SpeedUp Service Deactivator.job
    [2015.06.01 09:19:23 | 000,001,055 | ---- | C] () -- C:\Users\Jarppa\Application Data\Microsoft\Internet Explorer\Quick Launch\SevenZip.lnk
    [2015.05.31 11:11:54 | 000,001,014 | ---- | C] () -- C:\Windows\tasks\wgb6CBu5cqqTsV1wseA.job
    [2015.05.31 11:11:47 | 000,001,026 | ---- | C] () -- C:\Windows\tasks\sJzVpqhII0ElJ95oqT9bh6eMe.job
    [2015.05.31 11:07:07 | 000,000,004 | ---- | C] () -- C:\Windows\SysWow64\029B560A371F4E00AB32838EBC01B9E7
    [2015.05.30 09:48:51 | 000,001,141 | ---- | C] () -- C:\Windows\SysNative\05-30_09-20-40_Yle TV1 HD_Ylen aamu-tv - 09.07 Eduskunnan puhemies Maria Lohela 9.19 Viikonlopun sää 9.26 Ylioppilasjuhlien tunnelmaa Outokummusta 9.32 Mikä ruusuissa kiehtoo 9.42 Voita&Sokeria 9.ts.lnk
    [2015.05.21 21:21:41 | 000,001,138 | ---- | C] () -- C:\Windows\SysNative\05-21_15-39-43_MTV3 (fin)_Salatut elämät (7) - Osa 2825 Kristiinan standardit ovat matalat. Pihlajakadun asukkaista kertovassa sarjassa kuljetaan kiehtovien tarinoiden poluilla koskettavia tai ar.ts.lnk
    [2015.05.15 12:17:43 | 000,000,000 | ---- | C] () -- C:\Windows\SeaOfDarkness.INI
    [2015.05.09 22:14:55 | 000,001,135 | ---- | C] () -- C:\Windows\SysNative\05-09_09-21-02_Yle TV1 HD_Yles morgon-tv - 9.07 Den nya oppositionen Carl Haglund, SFP och Antti Lindtman, SDP. 9.20 Veckoslutsväder 9.27 Annorlunda mammor 9.39 Smör & socker 9.48 En tårtkonstnär.ts.lnk
    [2015.04.28 16:36:33 | 000,001,409 | ---- | C] () -- C:\Windows\TVEpaDrv.ini
    [2015.04.19 15:20:16 | 000,005,872 | ---- | C] () -- C:\Users\Jarppa\AppData\Roaming\sJzVpqhII0ElJ95oqT9bh6eMe
    [2015.04.19 10:13:10 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
    [2015.04.14 19:28:56 | 000,004,387 | ---- | C] () -- C:\Users\Jarppa\AppData\Roaming\wgb6CBu5cqqTsV1wseA
    [2015.03.10 00:30:14 | 000,005,487 | ---- | C] () -- C:\Users\Jarppa\AppData\Roaming\BYAIAMUF
    [2015.02.07 13:57:47 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
    [2015.01.25 19:12:14 | 000,002,086 | ---- | C] () -- C:\Users\Jarppa\AppData\Roaming\GNOK
    [2015.01.17 17:13:26 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
    [2015.01.17 17:13:26 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
    [2015.01.17 17:13:26 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
    [2015.01.17 17:13:26 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
    [2015.01.17 17:13:26 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
    [2015.01.06 14:05:24 | 000,000,131 | ---- | C] () -- C:\Windows\EurekaLog.ini
    [2014.11.27 18:12:01 | 000,023,040 | ---- | C] () -- C:\Windows\SysWow64\BeepApp.exe
    [2014.11.27 11:57:59 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
    [2014.11.27 11:56:22 | 000,451,072 | ---- | C] () -- C:\Windows\emunist.exe
    [2014.11.27 01:09:11 | 001,303,510 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
    [2013.08.05 09:15:08 | 000,066,104 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll
    [2013.08.05 09:15:06 | 000,023,080 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll
    ========== ZeroAccess Check ==========
    [2009.07.14 07:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
    "" = C:\Windows\SysNative\shell32.dll -- [2015.02.13 08:22:33 | 014,177,280 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment
    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shell32.dll -- [2015.02.13 08:26:18 | 012,875,264 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment
    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 04:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free
    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = %systemroot%\SysWow64\wbem\fastprox.dll -- [2010.11.20 15:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free
    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 04:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both
    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
    ========== LOP Check ==========
    [2015.06.02 02:33:37 | 000,000,000 | ---D | M] -- C:\Users\Jarppa\AppData\Roaming\4BA6FB90-1433148298-1020-0308-142347000000
    [2015.06.02 02:33:38 | 000,000,000 | ---D | M] -- C:\Users\Jarppa\AppData\Roaming\4BA6FB90-1433148335-1020-0308-142347000000
    [2015.06.01 11:44:25 | 000,000,000 | ---D | M] -- C:\Users\Jarppa\AppData\Roaming\Baidu
    [2014.12.16 23:04:11 | 000,000,000 | ---D | M] -- C:\Users\Jarppa\AppData\Roaming\BANDISOFT
    [2015.02.26 13:09:02 | 000,000,000 | ---D | M] -- C:\Users\Jarppa\AppData\Roaming\DAEMON Tools Lite
    [2015.05.04 18:23:03 | 000,000,000 | ---D | M] -- C:\Users\Jarppa\AppData\Roaming\DVDVideoSoft
    [2015.01.07 00:44:10 | 000,000,000 | ---D | M] -- C:\Users\Jarppa\AppData\Roaming\FileZilla
    [2014.11.27 12:51:56 | 000,000,000 | ---D | M] -- C:\Users\Jarppa\AppData\Roaming\FlashFXP
    [2015.01.06 13:59:40 | 000,000,000 | ---D | M] -- C:\Users\Jarppa\AppData\Roaming\ImgBurn
    [2015.02.26 20:16:22 | 000,000,000 | ---D | M] -- C:\Users\Jarppa\AppData\Roaming\IObit
    [2015.05.05 14:41:46 | 000,000,000 | ---D | M] -- C:\Users\Jarppa\AppData\Roaming\Leadertech
    [2015.02.26 20:17:21 | 000,000,000 | ---D | M] -- C:\Users\Jarppa\AppData\Roaming\ProductData
    [2015.03.30 18:02:24 | 000,000,000 | ---D | M] -- C:\Users\Jarppa\AppData\Roaming\SAMSUNG
    [2015.06.01 13:01:49 | 000,000,000 | ---D | M] -- C:\Users\Jarppa\AppData\Roaming\Tencent
    [2015.06.01 09:21:51 | 000,000,000 | ---D | M] -- C:\Users\Jarppa\AppData\Roaming\uTorrent
    [2015.03.21 14:54:09 | 000,000,000 | ---D | M] -- C:\Users\Jarppa\AppData\Roaming\Visan
    [2014.11.27 10:11:09 | 000,000,000 | ---D | M] -- C:\Users\Jarppa\AppData\Roaming\WinAVI
    [2014.11.27 16:41:48 | 000,000,000 | ---D | M] -- C:\Users\Jarppa\AppData\Roaming\Windows Live Writer
    [2015.05.31 13:55:21 | 000,000,000 | ---D | M] -- C:\Users\Jarppa\AppData\Roaming\X-Chat 2
    ========== Purity Check ==========
    ========== Files - Unicode (All) ==========

    [2015.06.01 11:59:37 | 000,000,000 | ---D | C](C:\Users\Jarppa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\????) -- C:\Users\Jarppa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
    ========== Alternate Data Streams ==========
    @Alternate Data Stream - 146 bytes -> C:\ProgramData\Temp:AB689DEA
    @Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:E1F04E8D

    < End of report >
     
  3. *Trinity*

    *Trinity* Senior member

    Joined:
    Dec 15, 2014
    Messages:
    6,934
    Likes Received:
    1,258
    Trophy Points:
    243
    Hei tällä sivustolla ei taida olla henkilöitä jotka on perehtynyt OTL:n käyttöön enkä itsekään ole mutta jotain voidaan silti tehdä.

    Lataa tfc cleaner työpöydälle
    http://www.bleepingcomputer.com/download/tfc/

    Aukaise tfc cleaner klikkaa start ja odota kunnes poisto on valmis.
    Käynnistä kone uudellen jos niin pyydetään.

    Lataa Junkware Removal Tool seuraavasta linkistä työpöydälle
    http://www.bleepingcomputer.com/download/junkware-removal-tool/
    Sammuta kaikki muut ohjelmat, aukaise JRT ja toimi ohjelman ohjeen mukaan JRT poistaa autmaattisesti jos jotain löytyy, loki löytyy tarkistusken jälkeen työpöydältä.

    Lataa AdwCleaner seuraavasta linkistä työpöydälle
    https://toolslib.net/downloads/viewdownload/1-adwcleaner/
    Sulje muut ohjelmat aukaise Adw klikka Scan kun tarkistus on ohi klikkaa Cleaning
    AdwCleaner pyytä tämän jälkeen koneen uudelleen käynnistystä anna tehdä sen se.
    Loki aukeaa kin kone on auennut uudestaan se löytyy myös C:\AdwCleaner

    Liitä kummankin lokit tänne
     
    djjari likes this.
  4. djjari

    djjari Active member

    Joined:
    Dec 17, 2010
    Messages:
    1,142
    Likes Received:
    6
    Trophy Points:
    68
    # AdwCleaner v4.206 - Logfile created 02/06/2015 at 23:35:58
    # Updated 01/06/2015 by Xplode
    # Database : 2015-06-01.1 [Server]
    # Operating system : Windows 7 Home Premium Service Pack 1 (x64)
    # Username : Jarppa - JARPPA-PC
    # Running from : C:\Users\Jarppa\Desktop\adwcleaner_4.206.exe
    # Option : Cleaning

    ***** [ Services ] *****

    [#] Service Deleted : bd0003
    [#] Service Deleted : BDArKit
    [#] Service Deleted : BDMWrench_x64
    [#] Service Deleted : BDFileDefend

    ***** [ Files / Folders ] *****

    Folder Deleted : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\tencent
    Folder Deleted : C:\Windows\SysWOW64\config\systemprofile\AppData\Local\SafeGuard
    Folder Deleted : C:\Program Files\Common Files\tencent
    Folder Deleted : C:\Users\Jarppa\AppData\Local\Microsoft\Silverlight\OutOfBrowser\Speedchecker.PCSpeedUp
    File Deleted : C:\Windows\System32\drivers\BDDefense.sys
    File Deleted : C:\Windows\System32\drivers\bd0001.sys
    File Deleted : C:\Windows\System32\drivers\bd0002.sys
    File Deleted : C:\Windows\System32\drivers\bd0003.sys
    File Deleted : C:\Windows\System32\drivers\BDArKit.SYS
    File Deleted : C:\Windows\System32\drivers\BDMWrench_x64.sys
    File Deleted : C:\Users\Jarppa\AppData\Roaming\BYAIAMUF
    File Deleted : C:\Users\Jarppa\AppData\Roaming\BYAIAMUF.exe
    File Deleted : C:\Users\Jarppa\AppData\Roaming\GNOK
    File Deleted : C:\Users\Jarppa\AppData\Roaming\sJzVpqhII0ElJ95oqT9bh6eMe
    File Deleted : C:\Users\Jarppa\AppData\Roaming\wgb6CBu5cqqTsV1wseA

    ***** [ Scheduled tasks ] *****

    Task Deleted : amiupdaterExd
    Task Deleted : amiupdaterExi
    Task Deleted : BYAIAMUF
    Task Deleted : sJzVpqhII0ElJ95oqT9bh6eMe
    Task Deleted : wgb6CBu5cqqTsV1wseA

    ***** [ Shortcuts ] *****

    Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
    Shortcut Disinfected : C:\Users\Jarppa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
    Shortcut Disinfected : C:\Users\Jarppa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Chromen sovellusten käynnistysohjelma.lnk
    Shortcut Disinfected : C:\Users\Jarppa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
    Shortcut Disinfected : C:\Users\Jarppa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
    Shortcut Disinfected : C:\Users\Jarppa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
    Shortcut Disinfected : C:\Users\Jarppa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Firefox.lnk

    ***** [ Registry ] *****

    Key Deleted : HKLM\SOFTWARE\Classes\BDDownloadProxy.Downloader
    Key Deleted : HKLM\SOFTWARE\Classes\BDDownloadProxy.Downloader.1
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\BDShellExt.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\DownloadProxy.EXE
    Key Deleted : HKLM\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\BDShellExt
    Key Deleted : HKLM\SOFTWARE\Classes\BDShellExt.BDShellExtMenu
    Key Deleted : HKLM\SOFTWARE\Classes\BDShellExt.BDShellExtMenu.1
    Key Deleted : HKLM\SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\BDShellExt
    Key Deleted : HKLM\SOFTWARE\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\BDShellExt
    Key Deleted : HKLM\SOFTWARE\Classes\PCSU.Registry
    Key Deleted : HKLM\SOFTWARE\Classes\PCSU.SysUtils
    Key Deleted : HKLM\SOFTWARE\CLASSES\METNSD
    Key Deleted : HKLM\SOFTWARE\156eacdc-6be3-484e-958c-b1950c01381c
    Key Deleted : HKLM\SOFTWARE\430184f7-9f16-47a4-9a71-8596bc3dd7c6
    Key Deleted : HKLM\SOFTWARE\61c28fcf-d8a0-70b5-ad3f-798aa8753815
    Key Deleted : HKLM\SOFTWARE\9fddca14-7398-4f40-af19-aab4d29a68ef
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{FBE0E29B-01DB-4876-B147-46F5AABA6823}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D6A5312-AB4D-41AA-8BED-0E019B87CA11}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{36E6A19A-6C8C-4250-B42A-24B8D3514ABA}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{91B5E4DE-4C97-41CD-9F94-84BFAABB7371}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0C5C9741-79A4-4A5F-A9B3-9E686CFF879B}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{45D1EEF3-7713-48FA-B7A5-B77229C7D330}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CE081F59-EB60-475A-86B5-F0F28AA5CAF7}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{36E6A19A-6C8C-4250-B42A-24B8D3514ABA}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{15DEE173-1BE9-4424-81E0-58A87076E9B1}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{36E6A19A-6C8C-4250-B42A-24B8D3514ABA}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{15DEE173-1BE9-4424-81E0-58A87076E9B1}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{00890530-6A9F-4BE2-B1BB-73F01E2BB986}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{85E0B1AA-04FA-11D1-B7DA-00A0C90348D6}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{0C5C9741-79A4-4A5F-A9B3-9E686CFF879B}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0C5C9741-79A4-4A5F-A9B3-9E686CFF879B}
    Key Deleted : HKCU\Software\AnyProtect
    Key Deleted : HKCU\Software\GlobalUpdate
    Key Deleted : HKCU\Software\Speedchecker Limited
    Key Deleted : HKCU\Software\sidecom
    Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
    Key Deleted : HKLM\SOFTWARE\GlobalUpdate
    Key Deleted : HKLM\SOFTWARE\SupDp
    Key Deleted : HKLM\SOFTWARE\Uniblue
    Key Deleted : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
    Key Deleted : HKLM\SOFTWARE\SafeGuard
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\????
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\oursurfing.com
    Data Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - hxxp=127.0.0.1:50275;hxxps=127.0.0.1:50275
    Data Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyEnable] - 1
    Data Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>

    ***** [ Web browsers ] *****

    -\\ Internet Explorer v11.0.9600.17801


    -\\ Mozilla Firefox v39.0 (x86 fi)

    [sadgjijk.default\prefs.js] - Line Deleted : user_pref("extensions.05E3K9mCKxnhWmZx.scode", "(function(){try{if(window.location.href.indexOf(\"rjk9qHkHqTgGqdaHpjg5pda9rja\")>-1){return;}}catch(e){}try{var d=[[\"investkingdom.com\",\"www.viracure[...]
    [sadgjijk.default\prefs.js] - Line Deleted : user_pref("extensions.G4yEJWeF2BUAoEmY.scode", "(function(){try{if(window.location.href.indexOf(\"rjk9qHkHqTgGqdaHpjg5pda9rja\")>-1){return;}}catch(e){}try{var d=[[\"investkingdom.com\",\"www.viracure[...]
    [sadgjijk.default\prefs.js] - Line Deleted : user_pref("extensions.JFNxqar62yyOgrTb.scode", "(function(){try{if(window.location.href.indexOf(\"rjk9qHkHqTgGqdaHpjg5pda9rja\")>-1){return;}}catch(e){}try{var d=[[\"investkingdom.com\",\"www.viracure[...]

    -\\ Google Chrome v45.0.2414.0

    [C:\Users\Jarppa\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.oursurfing.com/web/?type=dspp&ts=1433148194&z=b0c327ef940aa8129d7d7e3gbz4c2cag9z9b0g1mam&from=2sq&uid=395049983_1052514_66534452&q={searchTerms}
    [C:\Users\Jarppa\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.oursurfing.com/web/?type=dspp&ts=1433148194&z=b0c327ef940aa8129d7d7e3gbz4c2cag9z9b0g1mam&from=2sq&uid=395049983_1052514_66534452&q={searchTerms}
    [C:\Users\Jarppa\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Homepage] : hxxp://www.oursurfing.com/?type=sy&ts=1433139209&z=23df6c5f1ba2274032b27eegez9c7c7g7c7t5geb5m&from=amt&uid=395049983_1052514_66534452

    *************************

    AdwCleaner[R0].txt - [10072 bytes] - [02/06/2015 23:22:08]
    AdwCleaner[S0].txt - [9483 bytes] - [02/06/2015 23:35:58]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [9542 bytes] ##########



    Junkware Removal Tool (JRT) by Thisisu
    Version: 6.8.7 (06.01.2015:1)
    OS: Windows 7 Home Premium x64
    Ran by Jarppa on ti 02.06.2015 at 22:55:10,14
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    ~~~ Services

    Failed to stop: [Service] baiduhips
    Failed to stop: [Service] bd0001
    Failed to stop: [Service] bd0002
    Failed to stop: [Service] bd0003
    Failed to stop: [Service] bdarkit
    Failed to stop: [Service] bdkvrtp
    Failed to stop: [Service] bdmwrench_x64
    Successfully stopped: [Service] bdsandbox
    Successfully deleted: [Service] bdsandbox
    Successfully stopped: [Service] scservice
    Successfully deleted: [Service] scservice
    Successfully stopped: [Service] windivert64
    Successfully deleted: [Service] windivert64



    ~~~ Tasks

    Successfully deleted: [Task] C:\Windows\system32\tasks\PC SpeedUp Service Deactivator
    Successfully deleted: [Task] C:\Windows\tasks\PC SpeedUp Service Deactivator.job



    ~~~ Registry Values

    Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_B15EBE0FF5DA1054EB97D09BD2881A86
    Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\pcspeedup



    ~~~ Registry Keys

    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{15DEE173-1BE9-4424-81E0-58A87076E9B1}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{15DEE173-1BE9-4424-81E0-58A87076E9B1}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{15DEE173-1BE9-4424-81E0-58A87076E9B1}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Update Edu App
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Util Edu App



    ~~~ Files

    Successfully deleted: [File] C:\Windows\prefetch\BAIDUHIPSBUGRPT.EXE-7ACFF3B7.pf
    Successfully deleted: [File] C:\Windows\prefetch\BAIDUHIPSUPDATE.EXE-9B1FE042.pf
    Successfully deleted: [File] C:\Windows\prefetch\BAIDUSD.EXE-7DD3944B.pf
    Successfully deleted: [File] C:\Windows\prefetch\BAIDUSDTRAY.EXE-63F54563.pf
    Successfully deleted: [File] C:\Windows\prefetch\BAIDUSDUPDATE.EXE-BC5CBC32.pf
    Successfully deleted: [File] C:\Windows\prefetch\BAIDUSDUPROXY64.EXE-FA566AE8.pf
    Successfully deleted: [File] C:\Windows\prefetch\SPEEDCHECKERSERVICE.EXE-1F37E90E.pf



    ~~~ Folders

    Failed to delete: [Folder] C:\ProgramData\baidu
    Successfully deleted: [Folder] C:\ProgramData\microsoft\windows\start menu\programs\pc speed up
    Successfully deleted: [Folder] C:\ProgramData\productdata
    Successfully deleted: [Folder] C:\ProgramData\tencent
    Successfully deleted: [Folder] C:\Users\Jarppa\appdata\local\globalupdate
    Successfully deleted: [Folder] C:\Users\Jarppa\appdata\local\slimware utilities inc
    Successfully deleted: [Folder] C:\Users\Jarppa\AppData\Roaming\baidu
    Successfully deleted: [Folder] C:\Users\Jarppa\AppData\Roaming\productdata
    Successfully deleted: [Folder] C:\Users\Jarppa\AppData\Roaming\tencent



    ~~~ FireFox

    Successfully deleted: [File] C:\Users\Jarppa\AppData\Roaming\mozilla\firefox\profiles\sadgjijk.default\user.js
    Successfully deleted the following from C:\Users\Jarppa\AppData\Roaming\mozilla\firefox\profiles\sadgjijk.default\prefs.js

    user_pref(browser.search.searchengine.alias, oursurfing);
    user_pref(browser.search.searchengine.desc, this is my first firefox searchEngine);
    user_pref(browser.search.searchengine.iconURL, hxxp://www.oursurfing.com/favicon.ico);
    user_pref(browser.search.searchengine.name, oursurfing);
    user_pref(browser.search.searchengine.ptid, amt);
    user_pref(browser.search.searchengine.uid, 395049983_1052514_66534452);
    user_pref(browser.search.searchengine.url, hxxp://www.oursurfing.com/web/?type=ds&ts=1433139164&z=f8ae10a32568f70ab60b656g2z2c9c1g0c8t2gfz7q&from=amt&uid=395049983_1052514_
    user_pref(browser.search.selectedEngine, oursurfing);
    user_pref(extensions.05E3K9mCKxnhWmZx.scode, (function(){try{if(window.location.href.indexOf(\rjk9qHkHqTgGqdaHpjg5pda9rja\)>-1){return;}}catch(e){}try{var d=[[\investkin
    user_pref(extensions.G4yEJWeF2BUAoEmY.scode, (function(){try{if(window.location.href.indexOf(\rjk9qHkHqTgGqdaHpjg5pda9rja\)>-1){return;}}catch(e){}try{var d=[[\investkin
    user_pref(extensions.JFNxqar62yyOgrTb.scode, (function(){try{if(window.location.href.indexOf(\rjk9qHkHqTgGqdaHpjg5pda9rja\)>-1){return;}}catch(e){}try{var d=[[\investkin
    user_pref(extensions.quick_start.enable_search1, false);
    user_pref(extensions.quick_start.sd.closeWindowWithLastTab_prev_state, false);
    user_pref(plugin.state.npbaidusddetectplug, 0);
    Emptied folder: C:\Users\Jarppa\AppData\Roaming\mozilla\firefox\profiles\sadgjijk.default\minidumps [5 files]



    ~~~ Chrome

    Successfully deleted: [Folder] C:\Users\Jarppa\appdata\local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp

    [C:\Users\Jarppa\appdata\local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

    [C:\Users\Jarppa\appdata\local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
    papbadoldddalgcjcicnikcfenodpghp

    [C:\Users\Jarppa\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

    [C:\Users\Jarppa\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
    [
    papbadoldddalgcjcicnikcfenodpghp
    ]





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on ti 02.06.2015 at 23:20:22,04
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     
  5. *Trinity*

    *Trinity* Senior member

    Joined:
    Dec 15, 2014
    Messages:
    6,934
    Likes Received:
    1,258
    Trophy Points:
    243
    Aikas paljon sieltä lähti miltä kone vaikutta nyt?
     
  6. djjari

    djjari Active member

    Joined:
    Dec 17, 2010
    Messages:
    1,142
    Likes Received:
    6
    Trophy Points:
    68
    edelleen tuo yks haittaohjelma on,eikä se lähtenyt pois

    se näkyy myös tuola firefoxin lisäosissa


    http://aijaa.com/Z0BngU

    löytyykö parempi asinatuntija että saan koneeni puhdistettua,

    vai pitääkö tässä jo ruveta miettiin koko windowsin uudelleen asennusta
     
  7. *Trinity*

    *Trinity* Senior member

    Joined:
    Dec 15, 2014
    Messages:
    6,934
    Likes Received:
    1,258
    Trophy Points:
    243
    Voin vakuuttaa että kohteliaalla käytöksellä' saa parempia tuloksia.
    Ja jos täällä sattu olemaan joku joka on perejtynyt OTL:n käyttöön niin kyllä hän tulee kertomaan kuinka sitä käytetään.

    Ihan ensimmäiseksi voit kokeilla saako tuon lisäosan poistettua sieltä selaimen lisäosista.

    Lataa Farbar recovery sca toll seuraavasta linkistä
    http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/

    Pistä asetukset kuin kuvassa
    Klikkaa Scan
    Kun tarkistus on ohi Addition ja FRST nimiset tekstitiedostot aukeaa liitä ne tänne
    esimerkki.
     
    djjari likes this.
  8. djjari

    djjari Active member

    Joined:
    Dec 17, 2010
    Messages:
    1,142
    Likes Received:
    6
    Trophy Points:
    68
    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-05-2015
    Ran by Jarppa at 2015-06-03 15:21:44
    Running from C:\Users\Jarppa\Desktop
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Jarppa (S-1-5-21-1612976865-2593797464-2764036050-1000 - Administrator - Enabled) => C:\Users\Jarppa
    Järjestelmänvalvoja (S-1-5-21-1612976865-2593797464-2764036050-500 - Administrator - Disabled)
    Vieras (S-1-5-21-1612976865-2593797464-2764036050-501 - Limited - Enabled)

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: 百度杀毒 (Enabled - Up to date) {FDA918B3-27C7-3B2B-33D0-343EAE5EB318}
    AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
    AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: 百度杀毒 (Enabled - Up to date) {46C8F957-01FD-34A5-0960-0F4CD5D9F9A5}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    µTorrent (HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
    2007 Office Systemin yhteensopivuuspaketti (HKLM-x32\...\{90120000-0020-040B-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Acer Arcade Deluxe (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 3.2.6929 - CyberLink Corp.)
    Acer Arcade Deluxe (x32 Version: 3.2.6929 - CyberLink Corp.) Hidden
    Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3005 - Acer Incorporated)
    Acer GameZone Console (HKLM-x32\...\{8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1) (Version: 5.1.0.2 - Oberon Media, Inc.)
    Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.02.3006 - Acer Incorporated)
    Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0812 - Acer Incorporated)
    Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.188 - Adobe Systems Incorporated)
    Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.95 - Adobe Systems Incorporated)
    Adobe Reader XI (11.0.11) - Suomi (HKLM-x32\...\{AC76BA86-7AD7-1035-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
    Alice Greenfingers (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}) (Version: - Oberon Media)
    Amazonia (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}) (Version: - Oberon Media)
    AMD Catalyst Install Manager (HKLM\...\{C2956908-53A3-88FC-B795-B16508296FC4}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
    ASUS RT-N10E Wireless Router Utilities (HKLM-x32\...\{580CA891-08DB-4B6F-B0C1-DF1D149671D7}) (Version: 4.2.3.5 - ASUS)
    Bandicam (HKLM-x32\...\Bandicam) (Version: 2.1.2.739 - Bandisoft.com)
    Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com)
    CCleaner (HKLM\...\CCleaner) (Version: 5.06 - Piriform)
    Chicken Invaders 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}) (Version: - Oberon Media)
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    Dairy Dash (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}) (Version: - Oberon Media)
    Dracula 4 and 5 - Special Steam Edition (HKLM-x32\...\Dracula 4 and 5 - Special Steam Edition_is1) (Version: - )
    Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version: - Oberon Media)
    DVBViewer Pro (HKLM-x32\...\{C3C5F907-CF6E-4A55-93A4-6F65E978263D}_is1) (Version: 5.3.2 - Takki & Ahmad)
    eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
    eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden
    Farm Frenzy 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}) (Version: - Oberon Media)
    ffdshow v1.3.4533 [2014-09-29] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4533.0 - )
    First Class Flurry (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115208410}) (Version: - Oberon Media)
    FlashFXP 5 (HKLM-x32\...\FlashFXP 5) (Version: 5.0.0.3795 - OpenSight Software LLC)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2414.0 - Google Inc.)
    Google Earth Plug-in (HKLM-x32\...\{ADA8583A-C20B-414B-8CB7-3AA7A89F7952}) (Version: 7.1.4.1529 - Google)
    Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
    Granny In Paradise (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}) (Version: - Oberon Media)
    Heroes of Hellas (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}) (Version: - Oberon Media)
    HiVision DVB-T Hybrid BDA Drivers (HKLM-x32\...\TVEpaDrv) (Version: - )
    Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 1.00.3004 - Acer Incorporated)
    HP Photosmart 5510 series Ohje (HKLM-x32\...\{E02964EA-0E1B-4620-A26E-CBAB0341B1BB}) (Version: 140.0.2.2 - Hewlett Packard)
    HP Photosmart 5510 series -peruslaiteohjelmisto (HKLM\...\{F7803315-9424-4433-9DE8-94D8011D87D9}) (Version: 25.0.621.0 - Hewlett-Packard Co.)
    HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
    Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3002 - Acer Incorporated)
    ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
    ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
    Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
    Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
    JMicron 1394 Filter Driver (HKLM-x32\...\{13C96625-28E4-4c58-ADE0-CDAFC64752EB}) (Version: 1.00.25.03 - JMicron Technology Corp.)
    Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    LSI PCI-SV92PP Soft Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.95 - LSI Corporation)
    Malwarebytes Anti-Malware versio 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
    Marvell Miniport Driver (HKLM-x32\...\Marvell Miniport Driver) (Version: 11.45.4.3 - Marvell)
    Merriam Websters Spell Jam (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}) (Version: - Oberon Media)
    Microsoft .NET Framework 4.5.2 (suomi) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1035) (Version: 4.5.51209 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.3 Preview (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.53349 - Microsoft Corporation)
    Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
    Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0100-040B-0000-0000000FF1CE}_OMUI.fi-fi_{FA5CC73F-DD50-44F9-9530-DCB3C4C453F1}) (Version: - Microsoft)
    Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
    Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
    Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Office Language Pack 2007 - Finnish/suomi (HKLM-x32\...\OMUI.fi-fi) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Office PowerPoint Viewer 2007 (Finnish) (HKLM-x32\...\{95120000-00AF-040B-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
    Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Works (HKLM-x32\...\{7D9EF8C1-1B76-44AF-A918-86CBA6FD24C8}) (Version: 9.7.0621 - Microsoft Corporation)
    Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Mozilla Firefox 39.0 (x86 fi) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 fi)) (Version: 39.0 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0 - Mozilla)
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    Nancy Drew: Sea of Darkness (HKLM-x32\...\{241C6D36-570D-4616-B07F-E460AF6E59D2}) (Version: 8.0.0.30162 - Her Interactive, Inc.)
    Next Generation Visualisations (HKLM-x32\...\{2E376AD9-5C49-4F7D-A0BA-6A44E8FA5A3B}) (Version: 1.0.0 - Microsoft)
    NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.9 - NVIDIA Corporation)
    NVIDIA GeForce Experience 2.1.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.4 - NVIDIA Corporation)
    NVIDIA Grafiikkaohjain 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.44 - NVIDIA Corporation)
    NVIDIA HD-ääniohjain 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
    NVIDIA PhysX-järjestelmäohjelmisto 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
    NVIDIA System Monitor (HKLM-x32\...\InstallShield_{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}) (Version: 6.5 - NVIDIA Corporation)
    Ohjelman Microsoft Office Excel 2007 Help päivitys (KB963678) (HKLM-x32\...\{90120000-0016-040B-0000-0000000FF1CE}_OMUI.fi-fi_{2C35886E-A67C-494A-8E1C-C6B4E415BBDD}) (Version: - Microsoft)
    Ohjelman Microsoft Office Powerpoint 2007 Help päivitys (KB963669) (HKLM-x32\...\{90120000-0018-040B-0000-0000000FF1CE}_OMUI.fi-fi_{BD88D384-046E-4E6F-A48B-BC3757C01BA5}) (Version: - Microsoft)
    Ohjelman Microsoft Office Word 2007 Help päivitys (KB963665) (HKLM-x32\...\{90120000-001B-040B-0000-0000000FF1CE}_OMUI.fi-fi_{3D728445-D30E-4E78-BCC6-722FE68CB22B}) (Version: - Microsoft)
    OpenAL (HKLM-x32\...\OpenAL) (Version: - )
    PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
    RAIDXpert (HKLM-x32\...\InstallShield_{8A4A80C2-87B1-44FB-BC24-9168930EB150}) (Version: 3.3.1540.38 - AMD)
    RAIDXpert (x32 Version: 3.3.1540.38 - AMD) Hidden
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5898 - Realtek Semiconductor Corp.)
    SHIELD Streaming (Version: 3.1.2000 - NVIDIA Corporation) Hidden
    SHIELD Wireless Controller Driver (Version: 16.13.65 - NVIDIA Corporation) Hidden
    Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
    Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
    Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
    Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
    Valokuvavalikoima (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.00.3008 - Acer Incorporated)
    Windows Liven peruspaketti (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
    Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
    WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
    VirtualDJ PRO Full (HKLM-x32\...\{EDA76D78-8C23-4245-A4B1-4A9217AC9CF3}) (Version: 7.4.1 - Atomix Productions)
    X-Chat 2.8.6-2 (HKLM-x32\...\X-Chat 2_is1) (Version: 2.8.6-2 - SilvereX)

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== Restore Points =========================

    31-05-2015 10:53:55 Installed Nero 2015.
    31-05-2015 14:22:12 Installed Nero Video 2015.
    31-05-2015 23:59:14 Windows Update
    01-06-2015 09:47:10 Installed Nero 2015 Content Pack.
    01-06-2015 10:17:05 Installed Nero 2014.
    01-06-2015 11:46:54 Removed MSXML 4.0 SP3 Parser
    01-06-2015 16:12:51 Removed MSXML 4.0 SP3 Parser
    01-06-2015 16:15:13 Removed Nero Video 2015.
    01-06-2015 16:21:37 Windows Update
    01-06-2015 16:24:17 Removed Nero 2015 Content Pack.
    01-06-2015 16:44:09 Removed Nero 2014.
    01-06-2015 16:55:27 Removed Nero 2014.
    01-06-2015 17:04:12 Removed MSXML 4.0 SP3 Parser (KB2758694)

    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-14 05:34 - 2015-02-26 20:24 - 00000083 ____A C:\Windows\system32\Drivers\etc\hosts
    127.0.0.1 localhost
    127.0.0.1 www.iobit.com
    127.0.0.1 www.asc55.iobit.com


    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {0F15D670-BC6C-4A3C-9770-763C6A9E6594} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-17] (Google Inc.)
    Task: {12424B64-EB2A-45D1-9770-139BAED6D0F1} - System32\Tasks\{664D6F67-9983-4470-80C2-6AA334899751} => pcalua.exe -a E:\FinnishDemoShield\Setup.exe -d E:\FinnishDemoShield
    Task: {47C48FA0-25EB-49B1-B683-B3160B7C3D0E} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
    Task: {490B98F1-2111-4A1F-BFA2-08DB4EAFF15A} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-08] (Microsoft Corporation)
    Task: {5262BE67-49C0-44BF-A2F1-1CEA6FE805AA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-17] (Adobe Systems Incorporated)
    Task: {604080EF-9307-4CFF-A807-221A091FAA71} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
    Task: {8759FB06-606C-4B35-B308-AE45F259C1B0} - System32\Tasks\{98B96767-07C3-4C31-BD84-FA3DD7B583DB} => pcalua.exe -a "C:\Program Files (x86)\Acer GameZone\Farm Frenzy 2\Uninstall.exe" -c "C:\Program Files (x86)\Acer GameZone\Farm Frenzy 2\install.log"
    Task: {9FEBF27B-AAFC-42E3-8ADF-6A2FC9D2908E} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2014-11-27] (Microsoft Corporation)
    Task: {AEAC2C2C-F482-4B98-8F52-ED8AC0A8C0A2} - System32\Tasks\{9C1F9D67-55EA-4078-B2E1-6F3E9FFCC882} => pcalua.exe -a E:\FinnishDemoShield\Driver\Setup.exe -d E:\FinnishDemoShield\Driver
    Task: {BB9E1894-4AB0-47AE-A330-995552077DE1} - System32\Tasks\{F1269FB4-4F5F-4865-AC8D-565D84C9AAED} => pcalua.exe -a C:\Users\Jarppa\Desktop\flashplayer18_install_win_pi.exe -d C:\Users\Jarppa\Desktop
    Task: {C3AD3EAC-9866-45DB-B504-6F39878B8886} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-05-08] (Piriform Ltd)
    Task: {D9D24DE5-9D5E-4513-A269-06BF628F1F71} - System32\Tasks\{BF13D931-85E4-4162-B077-C3B63A7254EF} => pcalua.exe -a C:\Users\Jarppa\Desktop\blazingcolorsviz.exe -d C:\Users\Jarppa\Desktop
    Task: {DE3AD2B6-F8D3-4A6F-99D8-42119D481B5E} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-08] (Microsoft Corporation)
    Task: {ED9BF83E-4066-49FD-856A-F2784A5FB9AA} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe
    Task: {FBCBD40E-61D8-4523-A855-B6266AC2F69C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-17] (Google Inc.)
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    ==================== Loaded Modules (Whitelisted) ==============

    2014-11-26 16:52 - 2015-02-04 05:21 - 00115400 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
    2015-06-01 11:46 - 2015-06-01 11:46 - 00124296 _____ () C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BDKVDeskBand64.dll
    2010-07-15 07:44 - 2010-07-15 07:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
    2015-05-08 21:50 - 2015-05-08 21:50 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1035.dll
    2015-06-01 11:46 - 2015-06-01 11:46 - 00015176 _____ () C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\WebGuard.dll
    2015-06-01 11:46 - 2015-06-01 11:46 - 00403848 _____ () C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BDMCommon.dll
    2014-03-31 22:35 - 2014-03-31 22:35 - 00278208 _____ () C:\Program Files (x86)\Windows Live\Writer\fi\WindowsLive.Writer.Localization.resources.dll
    2015-04-25 09:39 - 2015-04-25 09:40 - 17083568 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_95.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)

    AlternateDataStreams: C:\ProgramData\Temp:AB689DEA
    AlternateDataStreams: C:\ProgramData\Temp:E1F04E8D

    ==================== Safe Mode (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"

    ==================== EXE Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)

    IE restricted site: HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\008i.com -> 008i.com
    IE restricted site: HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\008k.com -> 008k.com
    IE restricted site: HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\00hq.com -> 00hq.com
    IE restricted site: HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\0190-dialers.com -> 0190-dialers.com
    IE restricted site: HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\01i.info -> 01i.info
    IE restricted site: HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
    IE restricted site: HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\05p.com -> 05p.com
    IE restricted site: HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
    IE restricted site: HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
    IE restricted site: HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
    IE restricted site: HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\0calories.net -> 0calories.net
    IE restricted site: HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\0cj.net -> 0cj.net
    IE restricted site: HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\0scan.com -> 0scan.com
    IE restricted site: HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
    IE restricted site: HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
    IE restricted site: HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\1-se.com -> 1-se.com
    IE restricted site: HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\1001movie.com -> 1001movie.com
    IE restricted site: HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\1001night.biz -> 1001night.biz
    IE restricted site: HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\100gal.net -> 100gal.net
    IE restricted site: HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\100sexlinks.com -> 100sexlinks.com

    There are 4788 more restricted sites.

    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Jarppa\AppData\Roaming\Mozilla\Firefox\Työpöydän taustakuva.bmp
    DNS Servers: 109.204.194.2 - 109.204.194.3

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)


    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [{B26C53FA-71FD-412F-9D01-CB6AC22B8A74}] => (Allow) svchost.exe
    FirewallRules: [TCP Query User{4E0E41A8-0CBD-4673-957A-420F1A2C43BF}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
    FirewallRules: [UDP Query User{ADB41BDA-6DE4-42FD-AAAC-D240DA048025}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
    FirewallRules: [TCP Query User{7FC65B90-DAC0-4A23-9A96-359E3F6D56F4}C:\program files (x86)\x-chat 2\xchat.exe] => (Allow) C:\program files (x86)\x-chat 2\xchat.exe
    FirewallRules: [UDP Query User{CFD38D2F-AE9B-415B-BE42-770B989350D3}C:\program files (x86)\x-chat 2\xchat.exe] => (Allow) C:\program files (x86)\x-chat 2\xchat.exe
    FirewallRules: [{35C76088-698B-48B8-AC66-FB235A653D66}] => (Allow) C:\Users\Jarppa\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{FBEED914-DA33-4C7B-99E2-EC140C884CC1}] => (Allow) C:\Users\Jarppa\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{8B55A6B3-B09B-43DC-A944-03C4F6FB2E4F}] => (Allow) C:\Program Files\HP\HP Photosmart 5510 series\Bin\DeviceSetup.exe
    FirewallRules: [{DB11579C-29AC-44A5-BD27-5FA6B8221670}] => (Allow) C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPNetworkCommunicator.exe
    FirewallRules: [{8A6303EB-EB84-4118-8C66-DDD00F29ECC9}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
    FirewallRules: [{E0C7CC0E-A1D4-44D2-BDFA-1EF03439F003}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    FirewallRules: [{EDA3C3F1-35F5-4A5D-A924-3D2F50054AC2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    FirewallRules: [{DF476EF7-53F1-444B-B47E-065320D806DE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    FirewallRules: [{5161FBE4-FB51-458A-A5A3-AEE886D1F580}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    FirewallRules: [{94A30895-5BBC-4E7D-88D0-1D4FDB3ED385}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [{0AD2EA0E-533D-4B49-B27C-644A2BA00469}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [{96EB9145-9B29-43B8-9943-1C00CE3B2382}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    FirewallRules: [{38C2196B-66C3-454D-A02F-F81D13A6C328}] => (Allow) LPort=2869
    FirewallRules: [{9F569AD5-DD37-47DA-AD3C-AFA0ECCA14F3}] => (Allow) LPort=1900
    FirewallRules: [TCP Query User{DE2E59FE-5D0A-4FAF-A6AB-8EF6C748558B}C:\program files (x86)\virtualdj\virtualdj_pro.exe] => (Allow) C:\program files (x86)\virtualdj\virtualdj_pro.exe
    FirewallRules: [UDP Query User{B0F44EBA-7A8D-4025-BA74-FA4CF4017EFF}C:\program files (x86)\virtualdj\virtualdj_pro.exe] => (Allow) C:\program files (x86)\virtualdj\virtualdj_pro.exe
    FirewallRules: [{71B98B4D-7858-4BC1-B671-E885299F5F9E}] => (Allow) E:\RouterSetup\QISWizard.exe
    FirewallRules: [{95779A72-2F1D-4E05-B1F6-D092B62ECEC5}] => (Allow) E:\RouterSetup\QISWizard.exe
    FirewallRules: [TCP Query User{7C750146-AF51-4CC7-B2AB-B13FBD6CD49D}E:\routersetup\qiswizard.exe] => (Allow) E:\routersetup\qiswizard.exe
    FirewallRules: [UDP Query User{159231D8-6EF5-46F9-9627-847BFC539E9A}E:\routersetup\qiswizard.exe] => (Allow) E:\routersetup\qiswizard.exe
    FirewallRules: [{BDC38DFD-E5E7-4942-8B49-220104351B9D}] => (Allow) C:\Program Files (x86)\ASUS\RT-N10E Wireless Router Utilities\Discovery.exe
    FirewallRules: [{6F93FDE5-3743-4573-B475-E04BDC4F943F}] => (Allow) C:\Program Files (x86)\ASUS\RT-N10E Wireless Router Utilities\Discovery.exe
    FirewallRules: [{69E23BCE-99E6-497B-895D-E667CEF0FA56}] => (Allow) C:\Program Files (x86)\ASUS\RT-N10E Wireless Router Utilities\Rescue.exe
    FirewallRules: [{1CD8D523-5CBA-4CCC-89ED-DF67CEA40F68}] => (Allow) C:\Program Files (x86)\ASUS\RT-N10E Wireless Router Utilities\Rescue.exe
    FirewallRules: [{D9680AB5-3A33-4A70-AB8B-7511FA78E2BA}] => (Allow) C:\Program Files (x86)\ASUS\RT-N10E Wireless Router Utilities\LiveUpdate.exe
    FirewallRules: [{B4F64B14-2865-4B19-B530-C659B0DC45EE}] => (Allow) C:\Program Files (x86)\ASUS\RT-N10E Wireless Router Utilities\LiveUpdate.exe
    FirewallRules: [{6194F14A-92F7-49A1-96E2-0BB8DD892A03}] => (Allow) C:\Program Files (x86)\ASUS\RT-N10E Wireless Router Utilities\QISWizard.exe
    FirewallRules: [{F4D8E856-F4CE-4B01-85A6-DD5073444A87}] => (Allow) C:\Program Files (x86)\ASUS\RT-N10E Wireless Router Utilities\QISWizard.exe
    FirewallRules: [{49AA5B7D-0D53-4526-9C8D-18E2BB99165D}] => (Allow) LPort=8743
    FirewallRules: [{3119989A-D186-4A7F-A7F3-2EB1E5AE7850}] => (Allow) LPort=8643
    FirewallRules: [{B03AF8C7-19C0-4298-A6C3-C78F99E28A5D}] => (Allow) LPort=7676
    FirewallRules: [{F90CA059-7DCF-4FD5-9FD7-5781D18450DD}] => (Allow) LPort=7679
    FirewallRules: [{BBB88789-823C-48A0-B704-7E1A0D17FBB3}] => (Allow) LPort=24234
    FirewallRules: [{2388E8F0-DDBE-4863-A231-10B1FE833A21}] => (Allow) LPort=7900
    FirewallRules: [{EE282F1F-97A8-4306-AA60-F37C113A4080}] => (Allow) LPort=1900
    FirewallRules: [{D3AA6A16-BE95-44F6-9EA0-DEB504500FCA}] => (Allow) C:\Program Files (x86)\DVBViewer\dvbviewer.exe
    FirewallRules: [{9F7B07E5-1156-4ABC-9A5B-4F1575D29A59}] => (Allow) C:\Program Files (x86)\DVBViewer\dvbviewer.exe
    FirewallRules: [{AF3A353A-71B3-44F6-9B57-26A96538B59D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{F2A16BE9-D7AD-43D1-9407-4123D25AC555}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{660C8DA8-E592-492E-A3FB-2FF843A1EDD2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    FirewallRules: [{80D71E04-3F27-441C-B0A2-B53837868670}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdTray.exe
    FirewallRules: [{115A5209-1D1B-49BF-97A7-B0E9B6F8FA15}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdTray.exe
    FirewallRules: [{EE94DDF4-0B16-4E8D-8EFB-6957AE8BD3D2}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdTray.exe
    FirewallRules: [{32756EA8-AE4E-4F3A-95B8-DF543F1F6FAB}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdTray.exe
    FirewallRules: [{21CD26B2-52B0-4E63-972E-B414DAE86C80}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdSvc.exe
    FirewallRules: [{BAE60FE3-B599-43A1-97A9-D57D9C40A101}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdSvc.exe
    FirewallRules: [{7199E027-F761-4203-8A6E-7A79DB0BE7EB}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdSvc.exe
    FirewallRules: [{E86A4F47-CB98-484E-98DD-7D3C0772F730}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdSvc.exe
    FirewallRules: [{7D7D6ED8-18C5-48D2-BAAC-C2B7D91FFD25}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdUpdate.exe
    FirewallRules: [{98F5F786-38DC-4AF8-8814-9BC4E10E9635}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdUpdate.exe
    FirewallRules: [{BA9042FD-2644-4B3E-9DB1-D0EBD49FDEA5}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdUpdate.exe
    FirewallRules: [{228D584C-1831-4BA4-A426-6115B88BD5D0}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdUpdate.exe
    FirewallRules: [{127EB36C-6390-4F25-B27F-5B05E713619C}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdBugRpt.exe
    FirewallRules: [{2C2F264D-C271-451F-B3E1-96E106A9F719}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdBugRpt.exe
    FirewallRules: [{8AC0B284-DBBF-43FB-9C1D-0F9524F382C1}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdBugRpt.exe
    FirewallRules: [{7CFFE76F-42B9-4F4F-87DC-A7F1B0537C00}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdBugRpt.exe
    FirewallRules: [{3FC0D2E0-4A5A-4066-B15C-4A25E2B7DFA6}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdUProxy64.exe
    FirewallRules: [{56EC007E-22F6-40DF-BA17-43B3FBF13A3D}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdUProxy64.exe
    FirewallRules: [{F07004E1-045F-4CC5-81E9-4AEFED9067D9}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdUProxy64.exe
    FirewallRules: [{DD186DED-BF3E-40EF-89CD-13BB6A5CFC2D}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdUProxy64.exe
    FirewallRules: [{8CF5C823-276B-4528-BD6C-58E7D3D8515E}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BdBro.exe
    FirewallRules: [{A3474619-A4BE-46FC-A94D-11E2AFAD25F7}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BdBro.exe
    FirewallRules: [{BFF77186-7CD9-474E-ABAB-F9DD4E37EA2F}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BdBro.exe
    FirewallRules: [{AE923EF1-6299-4866-8D2B-DEE5059CF8CE}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BdBro.exe
    FirewallRules: [{360A737F-77A9-4F38-9FA1-BD0FC891D733}] => (Allow) C:\Program Files (x86)\Common Files\Baidu\BDDownload\108\bddownloader.exe
    FirewallRules: [{EB2F709D-1332-4250-9EAA-6CBF84558B94}] => (Allow) C:\Program Files (x86)\Common Files\Baidu\BDDownload\108\bddownloader.exe
    FirewallRules: [{382A18B9-7808-4F9B-BC23-D852B01518BC}] => (Allow) C:\Program Files (x86)\Common Files\Baidu\BDDownload\108\bddownloader.exe
    FirewallRules: [{5469FDB0-1320-4BEC-9A57-EB274B9ABA7C}] => (Allow) C:\Program Files (x86)\Common Files\Baidu\BDDownload\108\bddownloader.exe
    FirewallRules: [{530762C8-17B6-43C7-AA08-141CD462FB9C}] => (Allow) C:\Program Files (x86)\Common Files\Baidu\BDDownload\108\bddownloader.exe
    FirewallRules: [{B50B1C42-E301-469D-9D0C-DABC51D73E98}] => (Allow) C:\Users\Jarppa\AppData\Local\Temp\fbivn_71280.exe
    FirewallRules: [{66A4C166-CBAE-444B-9178-805C44A92C26}] => (Allow) C:\Users\Jarppa\AppData\Local\Temp\fbivn_71280.exe
    FirewallRules: [{810B44AC-AC93-41CB-B5C7-7C9935F03F1B}] => (Allow) C:\Users\Jarppa\AppData\Local\Temp\fbivn_71280.exe
    FirewallRules: [{D7BC2522-C772-4DDD-890F-FA0632C6D3CA}] => (Allow) C:\Users\Jarppa\AppData\Local\Temp\fbivn_71280.exe
    FirewallRules: [{3BDD233C-B9AD-4C84-99DD-245E60F61CE8}] => (Allow) C:\Users\Jarppa\AppData\Local\Temp\nsf7699.tmp\shzlf.dll
    FirewallRules: [{656E7852-3A93-4615-AEF4-C56B9BCEAAA2}] => (Allow) C:\Users\Jarppa\AppData\Local\Temp\nsf7699.tmp\shzlf.dll
    FirewallRules: [{845E5F11-4BB9-4F3A-82E1-AB696A8C572A}] => (Allow) C:\Users\Jarppa\AppData\Local\Temp\nsf7699.tmp\shzlf.dll
    FirewallRules: [{81214A4B-DC6C-4152-9E34-9D5FF7ADBEF2}] => (Allow) C:\Users\Jarppa\AppData\Local\Temp\nsf7699.tmp\shzlf.dll

    ==================== Faulty Device Manager Devices =============

    Name: Microsoft PS/2-hiiri
    Description: Microsoft PS/2-hiiri
    Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: i8042prt
    Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
    Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
    Devices stay in this state if they have been prepared for removal.
    After you remove the device, this error disappears.Remove the device, and this error should be resolved.

    Name: Microsoft 6to4 -sovitin
    Description: Microsoft 6to4 -sovitin
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: tunnel
    Problem: : This device cannot start. (Code10)
    Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
    On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

    Name: Microsoft ISATAP -sovitin
    Description: Microsoft ISATAP -sovitin
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: tunnel
    Problem: : This device cannot start. (Code10)
    Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
    On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

    Name: Teredo Tunneling Pseudo-Interface
    Description: Microsoft Teredo -tunnelointisovitin
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: tunnel
    Problem: : This device cannot start. (Code10)
    Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
    On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

    Name: PS/2-vakionäppäimistö
    Description: PS/2-vakionäppäimistö
    Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Vakionäppäimistöt)
    Service: i8042prt
    Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
    Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
    Devices stay in this state if they have been prepared for removal.
    After you remove the device, this error disappears.Remove the device, and this error should be resolved.


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (06/02/2015 10:41:23 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Viallisen sovelluksen nimi: winlogon.exe, versio: 6.1.7601.18540, aikaleima: 0x53c72134
    Viallisen moduulin nimi: ntdll.dll, versio: 6.1.7601.18839, aikaleima: 0x553e8bfa
    Poikkeuskoodi: 0xc0000005
    Virhepoikkeama: 0x00000000000200fa
    Viallisen prosessin tunnus: 0x25c
    Viallisen sovelluksen käynnistysaika: 0xwinlogon.exe0
    Viallisen sovelluksen polku: winlogon.exe1
    Viallisen moduulin polku: winlogon.exe2
    Raportin tunnus: winlogon.exe3

    Error: (06/01/2015 09:30:12 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Viallisen sovelluksen nimi: Explorer.exe, versio: 6.1.7601.17567, aikaleima: 0x4d672ee4
    Viallisen moduulin nimi: msvcrt.dll, versio: 7.0.7601.17744, aikaleima: 0x4eeb033f
    Poikkeuskoodi: 0xc0000005
    Virhepoikkeama: 0x0000000000001083
    Viallisen prosessin tunnus: 0x574
    Viallisen sovelluksen käynnistysaika: 0xExplorer.exe0
    Viallisen sovelluksen polku: Explorer.exe1
    Viallisen moduulin polku: Explorer.exe2
    Raportin tunnus: Explorer.exe3

    Error: (06/01/2015 09:30:05 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Viallisen sovelluksen nimi: Unlocker.exe, versio: 0.0.0.0, aikaleima: 0x50ee0c22
    Viallisen moduulin nimi: BDKVDeskBand64.dll_unloaded, versio: 0.0.0.0, aikaleima: 0x544e50d3
    Poikkeuskoodi: 0xc0000005
    Virhepoikkeama: 0x0000000180001200
    Viallisen prosessin tunnus: 0x166c
    Viallisen sovelluksen käynnistysaika: 0xUnlocker.exe0
    Viallisen sovelluksen polku: Unlocker.exe1
    Viallisen moduulin polku: Unlocker.exe2
    Raportin tunnus: Unlocker.exe3

    Error: (06/01/2015 04:48:03 PM) (Source: MsiInstaller) (EventID: 1043) (User: NT-HALLINTA)
    Description: Windows Installer -tapahtuman lopettaminen epäonnistui. Virhe 5 ilmeni tapahtuman lopettamisen aikana.

    Error: (06/01/2015 04:47:46 PM) (Source: VSS) (EventID: 8) (User: )
    Description: Odottamaton virhe muutettaessa Aseman tilannevedospalvelun SCM-tilaa: [1, 0x800706ba, Etäproseduurikutsun palvelin ei ole käytettävissä.
    ].

    Error: (06/01/2015 04:47:46 PM) (Source: VSS) (EventID: 8) (User: )
    Description: Odottamaton virhe muutettaessa Aseman tilannevedospalvelun SCM-tilaa: [3, 0x800706ba, Etäproseduurikutsun palvelin ei ole käytettävissä.
    ].

    Error: (06/01/2015 03:10:53 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Viallisen sovelluksen nimi: CCleaner64.exe, versio: 5.6.0.5219, aikaleima: 0x554d119b
    Viallisen moduulin nimi: BDKVDeskBand64.dll_unloaded, versio: 0.0.0.0, aikaleima: 0x544e50d3
    Poikkeuskoodi: 0xc0000005
    Virhepoikkeama: 0x0000000180001200
    Viallisen prosessin tunnus: 0x1b28
    Viallisen sovelluksen käynnistysaika: 0xCCleaner64.exe0
    Viallisen sovelluksen polku: CCleaner64.exe1
    Viallisen moduulin polku: CCleaner64.exe2
    Raportin tunnus: CCleaner64.exe3

    Error: (06/01/2015 03:10:52 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Viallisen sovelluksen nimi: DllHost.exe, versio: 6.1.7600.16385, aikaleima: 0x4a5bca54
    Viallisen moduulin nimi: BDKVDeskBand64.dll_unloaded, versio: 0.0.0.0, aikaleima: 0x544e50d3
    Poikkeuskoodi: 0xc0000005
    Virhepoikkeama: 0x0000000180001200
    Viallisen prosessin tunnus: 0x15d0
    Viallisen sovelluksen käynnistysaika: 0xDllHost.exe0
    Viallisen sovelluksen polku: DllHost.exe1
    Viallisen moduulin polku: DllHost.exe2
    Raportin tunnus: DllHost.exe3

    Error: (06/01/2015 03:10:52 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Viallisen sovelluksen nimi: taskeng.exe, versio: 6.1.7601.17514, aikaleima: 0x4ce79d2c
    Viallisen moduulin nimi: BDKVDeskBand64.dll_unloaded, versio: 0.0.0.0, aikaleima: 0x544e50d3
    Poikkeuskoodi: 0xc0000005
    Virhepoikkeama: 0x0000000180001200
    Viallisen prosessin tunnus: 0xc9c
    Viallisen sovelluksen käynnistysaika: 0xtaskeng.exe0
    Viallisen sovelluksen polku: taskeng.exe1
    Viallisen moduulin polku: taskeng.exe2
    Raportin tunnus: taskeng.exe3

    Error: (06/01/2015 03:10:51 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Viallisen sovelluksen nimi: RAVCpl64.exe, versio: 1.0.0.386, aikaleima: 0x4a6439fa
    Viallisen moduulin nimi: BDKVDeskBand64.dll_unloaded, versio: 0.0.0.0, aikaleima: 0x544e50d3
    Poikkeuskoodi: 0xc0000005
    Virhepoikkeama: 0x00000000020b1200
    Viallisen prosessin tunnus: 0x119c
    Viallisen sovelluksen käynnistysaika: 0xRAVCpl64.exe0
    Viallisen sovelluksen polku: RAVCpl64.exe1
    Viallisen moduulin polku: RAVCpl64.exe2
    Raportin tunnus: RAVCpl64.exe3


    System errors:
    =============
    Error: (06/03/2015 10:02:01 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
    Description: Kutsu ScRegSetValueExW epäonnistui: FailureCommand. Virhe:
    %%5

    Error: (06/03/2015 10:01:56 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
    Description: Kutsu ScRegSetValueExW epäonnistui: Start. Virhe:
    %%5

    Error: (06/03/2015 09:55:15 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
    Description: Palvelu HP Network Devices Support lopetettiin virheen takia. Virhe:
    %%126

    Error: (06/03/2015 09:15:17 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
    Description: Kutsu ScRegSetValueExW epäonnistui: FailureCommand. Virhe:
    %%5

    Error: (06/03/2015 09:14:34 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
    Description: Kutsu ScRegSetValueExW epäonnistui: Start. Virhe:
    %%5

    Error: (06/03/2015 09:08:02 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
    Description: Palvelu HP Network Devices Support lopetettiin virheen takia. Virhe:
    %%126

    Error: (06/03/2015 01:31:58 AM) (Source: DCOM) (EventID: 10010) (User: )
    Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

    Error: (06/02/2015 11:48:47 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
    Description: Kutsu ScRegSetValueExW epäonnistui: FailureCommand. Virhe:
    %%5

    Error: (06/02/2015 11:48:44 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
    Description: Kutsu ScRegSetValueExW epäonnistui: Start. Virhe:
    %%5

    Error: (06/02/2015 11:42:13 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
    Description: Palvelu HP Network Devices Support lopetettiin virheen takia. Virhe:
    %%126


    Microsoft Office:
    =========================

    CodeIntegrity Errors:
    ===================================
    Date: 2015-02-19 22:00:39.076
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\RltkAPO64.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-02-19 22:00:38.935
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\RltkAPO64.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-02-19 22:00:33.885
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\RltkAPO64.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-02-19 22:00:33.760
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\RltkAPO64.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-02-19 21:59:44.040
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\RltkAPO64.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-02-19 21:59:43.916
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\RltkAPO64.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-02-19 21:58:23.379
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\RltkAPO64.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-02-19 21:58:23.254
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\RltkAPO64.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-02-19 21:58:07.022
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\RltkAPO64.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-02-19 21:58:06.887
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\RltkAPO64.dll because the set of per-page image hashes could not be found on the system.


    ==================== Memory info ===========================

    Processor: AMD Athlon(tm) II X2 240 Processor
    Percentage of memory in use: 43%
    Total physical RAM: 4079.88 MB
    Available physical RAM: 2289.58 MB
    Total Pagefile: 8457.96 MB
    Available Pagefile: 5489.47 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.82 MB

    ==================== Drives ================================

    Drive c: (Acer) (Fixed) (Total:458.95 GB) (Free:276.75 GB) NTFS
    Drive d: (Asema) (Fixed) (Total:459.27 GB) (Free:340.52 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (Size: 931.3 GB) (Disk ID: 92775668)
    Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
    Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=459 GB) - (Type=07 NTFS)
    Partition 4: (Not Active) - (Size=459.3 GB) - (Type=OF Extended)

    ==================== End of log ============================
     
  9. djjari

    djjari Active member

    Joined:
    Dec 17, 2010
    Messages:
    1,142
    Likes Received:
    6
    Trophy Points:
    68
    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-05-2015
    Ran by Jarppa (administrator) on JARPPA-PC on 03-06-2015 15:20:44
    Running from C:\Users\Jarppa\Desktop
    Loaded Profiles: Jarppa (Available Profiles: Jarppa)
    Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: suomi (Suomi)
    Internet Explorer Version 11 (Default browser: FF)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (百度在线网络技术(北京)有限公司) C:\Program Files (x86)\Common Files\Baidu\BaiduHips\1.2.0.751\BaiduHips.exe
    (百度在线网络技术(北京)有限公司) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdSvc.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
    (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
    (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
    (Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    (百度在线网络技术(北京)有限公司) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdTray.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    (Realtek Semiconductor.) C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe
    (百度在线网络技术(北京)有限公司) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdUProxy64.exe
    (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
    (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
    (Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
    (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    (Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_95.exe
    (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_95.exe


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
    HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7981088 2009-07-20] (Realtek Semiconductor)
    HKLM\...\Run: [SunJavaUpdateSched] => c:\program files (x86)\common files\java\java update\jusched.exe [335232 2015-04-10] (Oracle Corporation)
    HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
    HKLM\...\Run: [StartCCC] => c:\program files (x86)\ati technologies\ati.ace\core-static\amd64\clistart.exe [767200 2014-08-20] (Advanced Micro Devices, Inc.)
    HKLM\...\Run: [baidusdTray] => C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\baidusdTray.exe [2474952 2015-06-01] (百度在线网络技术(北京)有限公司)
    HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [baidusdTray] => C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdTray.exe [2474952 2015-06-01] (百度在线网络技术(北京)有限公司)
    HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31280256 2015-04-17] (Skype Technologies S.A.)
    HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8322328 2015-05-08] (Piriform Ltd)
    HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\Run: [apphide] => C:\Program Files (x86)\baidu\baidu.exe
    HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)
    CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled
    ProxyServer: [.DEFAULT] => http=127.0.0.1:50275;https=127.0.0.1:50275
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
    HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/fi-fi/?ocid=iehp
    HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\Software\Microsoft\Internet Explorer\Main,Start Page =
    SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?source...nputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-19] (Oracle Corporation)
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
    BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
    BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-19] (Oracle Corporation)
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-19] (Oracle Corporation)
    BHO-x32: Microsoft-tilin kirjautumisapuohjelma -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
    BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-19] (Oracle Corporation)
    Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
    Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
    Tcpip\..\Interfaces\{ADE6E253-98D5-43E2-8AD7-CF0AD0B1CA72}: [NameServer] 109.204.194.2,109.204.194.3
    StartMenuInternet: IEXPLORE.EXE - iexplore.exe

    FireFox:
    ========
    FF ProfilePath: C:\Users\Jarppa\AppData\Roaming\Mozilla\Firefox\Profiles\sadgjijk.default
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_95.dll [2015-04-25] ()
    FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-19] (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-19] (Oracle Corporation)
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_95.dll [2015-04-25] ()
    FF Plugin-x32: @baidu.com/BaidusdDetectNPPlugin -> C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\explugin\npBaiduSDDetectPlug.dll [2015-06-01] ()
    FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-03-30] (Google)
    FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll No File
    FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-19] (Oracle Corporation)
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
    FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\Jarppa\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll No File
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll No File
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll No File
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll No File
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\bookplus-fi.xml [2015-05-29]
    FF Extension: Adblock Plus - C:\Users\Jarppa\AppData\Roaming\Mozilla\Firefox\Profiles\sadgjijk.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-05-13]
    StartMenuInternet: FIREFOX.EXE - firefox.exe

    Chrome:
    =======
    CHR dev: Chrome dev build detected! <======= ATTENTION
    CHR Profile: C:\Users\Jarppa\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Drive) - C:\Users\Jarppa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-17]
    CHR Extension: (YouTube) - C:\Users\Jarppa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-17]
    CHR Extension: (Adblock Plus) - C:\Users\Jarppa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-03-17]
    CHR Extension: (Google Search) - C:\Users\Jarppa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-17]
    CHR Extension: (WGT Golf Challenge) - C:\Users\Jarppa\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcilimldmomiaihcfkmaldanopfejefg [2015-03-17]
    CHR Extension: (Rise Gaming Store) - C:\Users\Jarppa\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkmkefpehlolmdiloilglfcojbomaoii [2015-06-01]
    CHR Extension: (Google Wallet) - C:\Users\Jarppa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-17]
    CHR Extension: (Gmail) - C:\Users\Jarppa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-17]
    StartMenuInternet: Google Chrome - Chrome.exe

    ==================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-08-19] (Advanced Micro Devices, Inc.) [File not signed]
    S3 AMD_RAIDXpert; C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe [81920 2013-03-19] (AMD) [File not signed]
    R2 BaiduHips; C:\Program Files (x86)\Common Files\Baidu\BaiduHips\1.2.0.751\BaiduHips.exe [64008 2015-06-01] (百度在线网络技术(北京)有限公司)
    R2 BDKVRTP; C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdSvc.exe [793096 2015-06-01] (百度在线网络技术(北京)有限公司)
    R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
    R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
    S3 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-11-06] (NVIDIA Corporation)
    S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
    R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
    R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
    R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-11-06] (NVIDIA Corporation)
    S3 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19819848 2014-11-06] (NVIDIA Corporation)
    R2 SetupARService; C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe [24576 2015-03-02] (Realtek Semiconductor.) [File not signed]
    S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
    S2 HPSLPSVC; C:\Users\Jarppa\AppData\Local\Temp\7zS21F7\hpslpsvc64.dll [X]

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
    U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
    R1 bd0001; C:\Windows\System32\DRIVERS\bd0001.sys [202576 2015-06-01] (Baidu)
    R1 bd0002; C:\Windows\System32\DRIVERS\bd0002.sys [196936 2015-06-01] (Baidu)
    R1 bd0003; C:\Windows\System32\DRIVERS\bd0003.sys [67400 2015-06-01] (Baidu)
    R2 BDArKit; C:\Windows\System32\DRIVERS\BDArKit.sys [152392 2015-06-01] (Baidu Technology)
    R2 BDDefense; C:\Windows\system32\drivers\BDDefense.sys [103752 2015-06-01] (Baidu)
    R1 BDMWrench_x64; C:\Windows\System32\DRIVERS\BDMWrench_x64.sys [56136 2015-06-01] (Baidu)
    R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-11-27] (Disc Soft Ltd)
    R3 johci; C:\Windows\System32\DRIVERS\johci.sys [26208 2000-01-01] (JMicron Technology Corp.)
    R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
    S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
    R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
    R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
    R3 nvoclk64; C:\Windows\System32\DRIVERS\nvoclk64.sys [42088 2009-09-15] (NVIDIA Corp.)
    S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2014-11-06] (NVIDIA Corporation)
    R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38216 2014-10-03] (NVIDIA Corporation)
    S3 PcaSp60; C:\Windows\SysWOW64\DRIVERS\PcaSp60.sys [38912 2010-09-07] (Printing Communications Assoc., Inc. (PCAUSA))
    U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-06-03 15:20 - 2015-06-03 15:21 - 00017912 _____ () C:\Users\Jarppa\Desktop\FRST.txt
    2015-06-03 15:18 - 2015-06-03 15:18 - 02108928 _____ (Farbar) C:\Users\Jarppa\Desktop\FRST64.exe
    2015-06-03 14:40 - 2015-06-03 14:40 - 02110302 _____ () C:\Users\Jarppa\Desktop\Noname.bmp
    2015-06-03 09:51 - 2015-06-03 09:51 - 00000056 _____ () C:\Windows\setupact.log
    2015-06-03 09:51 - 2015-06-03 09:51 - 00000000 _____ () C:\Windows\setuperr.log
    2015-06-03 00:46 - 2015-06-03 00:46 - 00000000 ____D () C:\Users\Jarppa\AppData\Roaming\Baidu
    2015-06-02 23:21 - 2015-06-02 23:36 - 00000000 ____D () C:\AdwCleaner
    2015-06-02 22:55 - 2015-06-02 22:55 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-JARPPA-PC-Windows-7-Home-Premium-(64-bit).dat
    2015-06-02 22:55 - 2015-06-02 22:55 - 00000000 ____D () C:\RegBackup
    2015-06-02 22:14 - 2015-06-02 22:14 - 00000000 ____D () C:\ProgramData\Kaspersky SDK
    2015-06-02 20:19 - 2015-06-03 09:31 - 00000000 ____D () C:\Program Files (x86)\a-squared Free
    2015-06-02 18:07 - 2015-06-02 18:07 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
    2015-06-01 17:16 - 2015-06-01 17:16 - 00000000 ____D () C:\_OTL
    2015-06-01 12:15 - 2015-06-01 15:17 - 00000000 ____D () C:\ProgramData\TXQMPC
    2015-06-01 11:59 - 2015-06-01 13:35 - 00000000 ____D () C:\Users\Jarppa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
    2015-06-01 11:47 - 2015-06-01 11:46 - 00056136 _____ (Baidu) C:\Windows\system32\Drivers\BDMWrench_x64.sys
    2015-06-01 11:46 - 2015-06-01 15:59 - 00103752 _____ (Baidu) C:\Windows\system32\Drivers\BDDefense.sys
    2015-06-01 11:46 - 2015-06-01 11:46 - 00202576 _____ (Baidu) C:\Windows\system32\Drivers\bd0001.sys
    2015-06-01 11:46 - 2015-06-01 11:46 - 00196936 _____ (Baidu) C:\Windows\system32\Drivers\bd0002.sys
    2015-06-01 11:46 - 2015-06-01 11:46 - 00152392 _____ (Baidu Technology) C:\Windows\system32\Drivers\BDArKit.SYS
    2015-06-01 11:46 - 2015-06-01 11:46 - 00067400 _____ (Baidu) C:\Windows\system32\Drivers\bd0003.sys
    2015-06-01 11:45 - 2015-06-02 02:33 - 00000000 ____D () C:\Users\Jarppa\AppData\Roaming\4BA6FB90-1433148335-1020-0308-142347000000
    2015-06-01 11:45 - 2015-06-01 11:45 - 00000000 ____D () C:\ProgramData\BDSReport
    2015-06-01 11:45 - 2015-06-01 11:45 - 00000000 ____D () C:\Program Files (x86)\BaiduSd3.0
    2015-06-01 11:44 - 2015-06-03 00:46 - 00000000 ____D () C:\ProgramData\Baidu
    2015-06-01 11:44 - 2015-06-02 02:33 - 00000000 ____D () C:\Users\Jarppa\AppData\Roaming\4BA6FB90-1433148298-1020-0308-142347000000
    2015-06-01 09:34 - 2015-06-01 10:07 - 00000000 ____D () C:\Users\Jarppa\AppData\Local\9639
    2015-06-01 09:19 - 2015-06-02 02:33 - 00000000 ____D () C:\Users\Jarppa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SevenZip 9.20
    2015-05-31 14:45 - 2015-05-31 14:50 - 00000000 ____D () C:\Users\Jarppa\AppData\Local\Nero
    2015-05-31 14:41 - 2015-06-01 11:38 - 00000000 ____D () C:\Users\Jarppa\AppData\Roaming\Nero
    2015-05-31 14:30 - 2015-05-31 14:30 - 00000000 ____D () C:\Windows\System32\Tasks\Nero
    2015-05-31 14:22 - 2015-06-01 16:56 - 00000000 ____D () C:\ProgramData\Nero
    2015-05-31 12:56 - 2015-05-31 13:24 - 00000000 ____D () C:\Users\Jarppa\AppData\Local\29235
    2015-05-31 11:07 - 2015-05-31 11:07 - 00000004 _____ () C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
    2015-05-31 10:30 - 2015-02-26 20:24 - 00000083 _____ () C:\Windows\system32\Drivers\etc\hp.bak
    2015-05-30 09:48 - 2015-05-30 09:48 - 00001141 _____ () C:\Windows\system32\05-30_09-20-40_Yle TV1 HD_Ylen aamu-tv - 09.07 Eduskunnan puhemies Maria Lohela 9.19 Viikonlopun sää 9.26 Ylioppilasjuhlien tunnelmaa Outokummusta 9.32 Mikä ruusuissa kiehtoo 9.42 Voita&Sokeria 9.ts.lnk
    2015-05-29 15:12 - 2015-02-11 13:38 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
    2015-05-29 15:12 - 2015-02-11 13:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
    2015-05-29 15:12 - 2015-02-04 06:56 - 16128576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
    2015-05-29 15:11 - 2015-02-04 06:56 - 31515280 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
    2015-05-29 15:11 - 2015-02-04 06:56 - 24198856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
    2015-05-29 15:11 - 2015-02-04 06:56 - 22993224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
    2015-05-29 15:11 - 2015-02-04 06:56 - 17559432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
    2015-05-29 15:11 - 2015-02-04 06:56 - 15294280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
    2015-05-29 15:11 - 2015-02-04 06:56 - 13916280 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
    2015-05-29 15:11 - 2015-02-04 06:56 - 13828032 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
    2015-05-29 15:11 - 2015-02-04 06:56 - 12894024 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
    2015-05-29 15:11 - 2015-02-04 06:56 - 11272240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
    2015-05-29 15:11 - 2015-02-04 06:56 - 11209192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
    2015-05-29 15:11 - 2015-02-04 06:56 - 04244680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
    2015-05-29 15:11 - 2015-02-04 06:56 - 03987600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
    2015-05-29 15:11 - 2015-02-04 06:56 - 02823992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
    2015-05-29 15:11 - 2015-02-04 06:56 - 00944328 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
    2015-05-29 15:11 - 2015-02-04 06:56 - 00907464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
    2015-05-29 15:11 - 2015-02-04 06:56 - 00902344 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
    2015-05-29 15:11 - 2015-02-04 06:56 - 00870032 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
    2015-05-29 14:27 - 2015-01-31 05:52 - 01801544 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6430908.dll
    2015-05-29 14:27 - 2015-01-31 05:52 - 01510728 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6430908.dll
    2015-05-28 23:22 - 2015-04-11 06:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
    2015-05-26 22:12 - 2015-05-29 22:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
    2015-05-25 23:15 - 2015-05-25 23:15 - 00000000 ____D () C:\Users\Jarppa\AppData\Local\Apps\2.0
    2015-05-21 21:21 - 2015-05-21 21:21 - 00001138 _____ () C:\Windows\system32\05-21_15-39-43_MTV3 (fin)_Salatut elämät (7) - Osa 2825 Kristiinan standardit ovat matalat. Pihlajakadun asukkaista kertovassa sarjassa kuljetaan kiehtovien tarinoiden poluilla koskettavia tai ar.ts.lnk
    2015-05-18 23:24 - 2015-05-18 23:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
    2015-05-17 14:56 - 2015-03-14 06:21 - 01632768 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
    2015-05-17 14:56 - 2015-03-14 06:21 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
    2015-05-17 14:56 - 2015-03-14 06:04 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
    2015-05-17 14:56 - 2015-03-14 06:04 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
    2015-05-15 12:17 - 2015-05-15 12:17 - 00000000 _____ () C:\Windows\SeaOfDarkness.INI
    2015-05-15 12:14 - 2015-05-15 12:17 - 00000000 ____D () C:\Users\Jarppa\Documents\Sea of Darkness
    2015-05-15 10:53 - 2015-05-15 10:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Her Interactive
    2015-05-15 10:49 - 2015-05-15 10:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nancy Drew Sea of Darkness
    2015-05-13 14:18 - 2015-05-29 22:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
    2015-05-13 08:30 - 2015-05-13 08:30 - 00000000 ____D () C:\Users\Jarppa\AppData\Local\Microsoft Help
    2015-05-13 08:29 - 2015-05-01 16:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
    2015-05-13 08:29 - 2015-05-01 16:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
    2015-05-13 08:19 - 2015-05-05 04:29 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
    2015-05-13 08:19 - 2015-05-05 04:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
    2015-05-13 08:19 - 2015-04-18 06:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
    2015-05-13 08:19 - 2015-04-18 05:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
    2015-05-13 08:18 - 2015-04-27 22:28 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2015-05-13 08:18 - 2015-04-27 22:28 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
    2015-05-13 08:18 - 2015-04-27 22:28 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
    2015-05-13 08:18 - 2015-04-27 22:26 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
    2015-05-13 08:18 - 2015-04-27 22:23 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2015-05-13 08:18 - 2015-04-27 22:23 - 01254400 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
    2015-05-13 08:18 - 2015-04-27 22:23 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
    2015-05-13 08:18 - 2015-04-27 22:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
    2015-05-13 08:18 - 2015-04-27 22:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
    2015-05-13 08:18 - 2015-04-27 22:23 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2015-05-13 08:18 - 2015-04-27 22:23 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
    2015-05-13 08:18 - 2015-04-27 22:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
    2015-05-13 08:18 - 2015-04-27 22:23 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
    2015-05-13 08:18 - 2015-04-27 22:23 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
    2015-05-13 08:18 - 2015-04-27 22:23 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
    2015-05-13 08:18 - 2015-04-27 22:23 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
    2015-05-13 08:18 - 2015-04-27 22:23 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
    2015-05-13 08:18 - 2015-04-27 22:23 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
    2015-05-13 08:18 - 2015-04-27 22:23 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
    2015-05-13 08:18 - 2015-04-27 22:23 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
    2015-05-13 08:18 - 2015-04-27 22:23 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
    2015-05-13 08:18 - 2015-04-27 22:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
    2015-05-13 08:18 - 2015-04-27 22:23 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
    2015-05-13 08:18 - 2015-04-27 22:23 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
    2015-05-13 08:18 - 2015-04-27 22:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
    2015-05-13 08:18 - 2015-04-27 22:23 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
    2015-05-13 08:18 - 2015-04-27 22:23 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
    2015-05-13 08:18 - 2015-04-27 22:23 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
    2015-05-13 08:18 - 2015-04-27 22:22 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
    2015-05-13 08:18 - 2015-04-27 22:22 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
    2015-05-13 08:18 - 2015-04-27 22:22 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
    2015-05-13 08:18 - 2015-04-27 22:22 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
    2015-05-13 08:18 - 2015-04-27 22:22 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
    2015-05-13 08:18 - 2015-04-27 22:22 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
    2015-05-13 08:18 - 2015-04-27 22:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
    2015-05-13 08:18 - 2015-04-27 22:22 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
    2015-05-13 08:18 - 2015-04-27 22:22 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
    2015-05-13 08:18 - 2015-04-27 22:21 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
    2015-05-13 08:18 - 2015-04-27 22:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
    2015-05-13 08:18 - 2015-04-27 22:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
    2015-05-13 08:18 - 2015-04-27 22:16 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
    2015-05-13 08:18 - 2015-04-27 22:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
    2015-05-13 08:18 - 2015-04-27 22:16 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 22:16 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 22:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 22:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 22:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 22:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 22:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 22:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 22:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 22:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 22:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 22:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 22:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 22:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 22:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 22:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 22:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 22:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 22:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 22:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 22:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 22:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 22:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 22:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 22:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 22:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 22:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 22:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 22:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
    2015-05-13 08:18 - 2015-04-27 22:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
    2015-05-13 08:18 - 2015-04-27 22:08 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
    2015-05-13 08:18 - 2015-04-27 22:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
    2015-05-13 08:18 - 2015-04-27 22:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
    2015-05-13 08:18 - 2015-04-27 22:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
    2015-05-13 08:18 - 2015-04-27 22:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
    2015-05-13 08:18 - 2015-04-27 22:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
    2015-05-13 08:18 - 2015-04-27 22:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
    2015-05-13 08:18 - 2015-04-27 22:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
    2015-05-13 08:18 - 2015-04-27 22:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
    2015-05-13 08:18 - 2015-04-27 22:05 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
    2015-05-13 08:18 - 2015-04-27 22:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
    2015-05-13 08:18 - 2015-04-27 22:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
    2015-05-13 08:18 - 2015-04-27 22:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
    2015-05-13 08:18 - 2015-04-27 22:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
    2015-05-13 08:18 - 2015-04-27 22:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
    2015-05-13 08:18 - 2015-04-27 22:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
    2015-05-13 08:18 - 2015-04-27 22:04 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
    2015-05-13 08:18 - 2015-04-27 22:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
    2015-05-13 08:18 - 2015-04-27 22:03 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
    2015-05-13 08:18 - 2015-04-27 22:03 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
    2015-05-13 08:18 - 2015-04-27 22:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
    2015-05-13 08:18 - 2015-04-27 22:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
    2015-05-13 08:18 - 2015-04-27 22:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
    2015-05-13 08:18 - 2015-04-27 22:03 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
    2015-05-13 08:18 - 2015-04-27 22:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
    2015-05-13 08:18 - 2015-04-27 22:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
    2015-05-13 08:18 - 2015-04-27 21:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
    2015-05-13 08:18 - 2015-04-27 21:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
    2015-05-13 08:18 - 2015-04-27 21:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 21:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 21:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 21:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 21:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 21:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 21:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 21:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 21:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 21:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 21:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 21:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 21:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 21:06 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
    2015-05-13 08:18 - 2015-04-27 20:57 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
    2015-05-13 08:18 - 2015-04-27 20:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
    2015-05-13 08:18 - 2015-04-27 20:55 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 20:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 20:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 20:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-22 05:28 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2015-05-13 08:18 - 2015-04-22 04:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2015-05-13 08:18 - 2015-04-21 20:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2015-05-13 08:18 - 2015-04-21 20:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2015-05-13 08:18 - 2015-04-21 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2015-05-13 08:18 - 2015-04-21 19:51 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2015-05-13 08:18 - 2015-04-21 19:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2015-05-13 08:18 - 2015-04-21 19:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
    2015-05-13 08:18 - 2015-04-21 19:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2015-05-13 08:18 - 2015-04-21 19:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2015-05-13 08:18 - 2015-04-21 19:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2015-05-13 08:18 - 2015-04-21 19:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2015-05-13 08:18 - 2015-04-21 19:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2015-05-13 08:18 - 2015-04-21 19:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2015-05-13 08:18 - 2015-04-21 19:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2015-05-13 08:18 - 2015-04-21 19:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2015-05-13 08:18 - 2015-04-21 19:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2015-05-13 08:18 - 2015-04-21 19:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2015-05-13 08:18 - 2015-04-21 19:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2015-05-13 08:18 - 2015-04-21 19:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2015-05-13 08:18 - 2015-04-21 19:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2015-05-13 08:18 - 2015-04-21 19:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2015-05-13 08:18 - 2015-04-21 19:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2015-05-13 08:18 - 2015-04-21 19:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2015-05-13 08:18 - 2015-04-21 19:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2015-05-13 08:18 - 2015-04-21 19:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2015-05-13 08:18 - 2015-04-21 19:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
    2015-05-13 08:18 - 2015-04-21 19:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
    2015-05-13 08:18 - 2015-04-21 19:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2015-05-13 08:18 - 2015-04-21 19:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2015-05-13 08:18 - 2015-04-21 19:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
    2015-05-13 08:18 - 2015-04-21 19:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2015-05-13 08:18 - 2015-04-21 19:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2015-05-13 08:18 - 2015-04-21 19:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2015-05-13 08:18 - 2015-04-21 19:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
     
  10. djjari

    djjari Active member

    Joined:
    Dec 17, 2010
    Messages:
    1,142
    Likes Received:
    6
    Trophy Points:
    68
    2015-05-13 08:18 - 2015-04-21 19:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2015-05-13 08:18 - 2015-04-21 18:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2015-05-13 08:18 - 2015-04-21 18:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2015-05-13 08:18 - 2015-04-21 18:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
    2015-05-13 08:18 - 2015-04-21 18:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2015-05-13 08:18 - 2015-04-21 18:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2015-05-13 08:18 - 2015-04-21 18:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2015-05-13 08:18 - 2015-04-21 18:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2015-05-13 08:18 - 2015-04-21 18:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2015-05-13 08:18 - 2015-04-21 18:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
    2015-05-13 08:18 - 2015-04-21 18:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2015-05-13 08:18 - 2015-04-21 18:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2015-05-13 08:18 - 2015-04-21 18:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2015-05-13 08:18 - 2015-04-21 18:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2015-05-13 08:18 - 2015-04-21 18:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2015-05-13 08:18 - 2015-04-21 18:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2015-05-13 08:18 - 2015-04-21 18:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2015-05-13 08:18 - 2015-04-21 18:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2015-05-13 08:18 - 2015-04-21 18:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
    2015-05-13 08:18 - 2015-04-21 18:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2015-05-13 08:18 - 2015-04-21 18:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2015-05-13 08:18 - 2015-04-21 18:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2015-05-13 08:18 - 2015-04-21 18:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2015-05-13 08:18 - 2015-04-21 17:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2015-05-13 08:18 - 2015-04-21 17:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2015-05-13 08:18 - 2015-04-13 06:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
    2015-05-13 08:17 - 2015-04-20 06:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
    2015-05-13 08:17 - 2015-04-20 06:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
    2015-05-13 08:17 - 2015-04-20 05:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
    2015-05-13 08:17 - 2015-04-20 05:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2015-05-13 08:17 - 2015-04-08 06:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
    2015-05-13 08:17 - 2015-04-08 06:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
    2015-05-13 08:17 - 2015-04-08 06:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
    2015-05-13 08:17 - 2015-01-29 06:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
    2015-05-13 08:17 - 2015-01-29 06:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
    2015-05-13 08:16 - 2015-03-04 07:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
    2015-05-13 08:16 - 2015-03-04 07:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
    2015-05-13 08:16 - 2015-03-04 07:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
    2015-05-13 08:16 - 2015-03-04 07:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
    2015-05-13 08:16 - 2015-03-04 07:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
    2015-05-13 08:16 - 2015-03-04 07:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
    2015-05-13 08:16 - 2015-03-04 07:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
    2015-05-13 08:16 - 2015-02-18 10:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
    2015-05-13 08:16 - 2015-02-18 10:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
    2015-05-09 22:14 - 2015-05-09 22:14 - 00001135 _____ () C:\Windows\system32\05-09_09-21-02_Yle TV1 HD_Yles morgon-tv - 9.07 Den nya oppositionen Carl Haglund, SFP och Antti Lindtman, SDP. 9.20 Veckoslutsväder 9.27 Annorlunda mammor 9.39 Smör & socker 9.48 En tårtkonstnär.ts.lnk
    2015-05-05 14:42 - 2015-05-06 20:36 - 00000000 ____D () C:\Windows\System32\Tasks\Leader Technologies
    2015-05-05 14:41 - 2015-05-05 14:41 - 00000000 ____D () C:\Users\Jarppa\AppData\Roaming\Leadertech
    2015-05-04 16:02 - 2015-05-04 18:23 - 00000000 ____D () C:\Users\Jarppa\AppData\Roaming\DVDVideoSoft
    2015-05-04 15:54 - 2015-05-04 15:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The FilmMachine
    2015-05-04 15:54 - 2015-05-04 15:56 - 00000000 ____D () C:\Program Files (x86)\The FilmMachine
    2015-05-04 10:33 - 2015-06-03 14:12 - 02037437 _____ () C:\Windows\WindowsUpdate.log

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-06-03 15:21 - 2014-11-27 10:10 - 00000000 ____D () C:\Users\Jarppa\AppData\Roaming\Skype
    2015-06-03 15:20 - 2015-03-17 11:39 - 00001008 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2015-06-03 15:20 - 2015-01-18 23:00 - 00000000 ____D () C:\FRST
    2015-06-03 14:38 - 2015-01-02 23:33 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2015-06-03 10:01 - 2009-07-14 07:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2015-06-03 10:01 - 2009-07-14 07:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2015-06-03 09:52 - 2015-03-17 11:39 - 00001004 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2015-06-03 09:51 - 2009-07-14 08:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2015-06-02 23:36 - 2015-03-17 18:44 - 00000000 ____D () C:\Users\Jarppa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
    2015-06-02 23:36 - 2015-03-17 11:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
    2015-06-02 23:36 - 2014-11-26 15:43 - 00000989 _____ () C:\Users\Jarppa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
    2015-06-02 22:34 - 2015-04-28 14:40 - 00000000 ____D () C:\Users\Jarppa\AppData\Temp
    2015-06-02 18:46 - 2014-11-27 10:11 - 00000000 ____D () C:\Users\Jarppa\AppData\Roaming\X-Chat 2
    2015-06-02 02:33 - 2015-02-04 22:20 - 00000000 ____D () C:\Program Files\Unlocker
    2015-06-02 02:33 - 2009-10-12 14:24 - 00000000 ____D () C:\Program Files (x86)\Acer GameZone
    2015-06-02 02:33 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\registration
    2015-06-01 22:04 - 2015-01-17 17:12 - 00000000 ____D () C:\Windows\erdnt
    2015-06-01 19:00 - 2014-11-27 10:10 - 00000000 ____D () C:\Users\Jarppa\AppData\Roaming\uTorrent
    2015-06-01 17:05 - 2009-07-14 08:08 - 00032542 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
    2015-06-01 15:39 - 2015-02-11 14:57 - 00082888 _____ () C:\Users\Jarppa\AppData\Local\GDIPFONTCACHEV1.DAT
    2015-06-01 15:37 - 2014-11-26 15:40 - 00000000 ____D () C:\Users\Jarppa
    2015-06-01 15:36 - 2009-07-14 07:45 - 00343560 _____ () C:\Windows\system32\FNTCACHE.DAT
    2015-06-01 12:29 - 2009-10-12 15:08 - 00000000 ____D () C:\Windows\Panther
    2015-06-01 12:00 - 2014-11-26 15:43 - 00000000 ____D () C:\Users\Jarppa\AppData\Local\VirtualStore
    2015-06-01 11:39 - 2014-11-27 01:13 - 00469494 _____ () C:\Windows\system32\perfh00B.dat
    2015-06-01 11:39 - 2014-11-27 01:13 - 00097486 _____ () C:\Windows\system32\perfc00B.dat
    2015-06-01 11:39 - 2009-07-14 08:13 - 01353786 _____ () C:\Windows\system32\PerfStringBackup.INI
    2015-06-01 10:12 - 2009-07-14 08:37 - 00000000 ____D () C:\Windows\DigitalLocker
    2015-06-01 09:44 - 2009-07-14 06:20 - 00000000 __RSD () C:\Windows\Media
    2015-05-31 23:53 - 2014-12-01 13:09 - 00000000 ____D () C:\Users\Jarppa\AppData\Roaming\Media Player Classic
    2015-05-31 23:47 - 2009-10-12 14:32 - 00000000 ____D () C:\Windows\PCHEALTH
    2015-05-31 13:26 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\Web
    2015-05-31 12:06 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\Branding
    2015-05-31 12:03 - 2015-01-11 13:09 - 00000000 ____D () C:\Program Files\CCleaner
    2015-05-31 11:22 - 2009-07-14 05:34 - 00000648 _____ () C:\Windows\win.ini
    2015-05-31 00:00 - 2014-11-27 15:27 - 00000000 ____D () C:\Users\Jarppa\AppData\Local\Nero_AG
    2015-05-29 22:17 - 2014-11-26 15:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
    2015-05-29 15:15 - 2014-11-26 15:37 - 00000000 ____D () C:\ProgramData\NVIDIA
    2015-05-29 14:28 - 2014-11-26 16:51 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
    2015-05-28 23:28 - 2014-11-26 16:51 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
    2015-05-27 11:09 - 2014-11-27 09:55 - 00000000 ___RD () C:\Program Files (x86)\Skype
    2015-05-22 22:39 - 2014-11-27 10:24 - 00000000 ___RD () C:\Users\Jarppa\Desktop\MUSIIKKI
    2015-05-22 20:20 - 2015-01-02 23:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2015-05-22 20:20 - 2015-01-02 23:32 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
    2015-05-20 12:19 - 2015-04-04 08:52 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
    2015-05-20 12:19 - 2015-04-04 08:52 - 00000000 ___SD () C:\Windows\system32\GWX
    2015-05-19 14:56 - 2015-01-31 14:11 - 00000000 ____D () C:\Xbox360
    2015-05-18 09:05 - 2015-02-17 12:35 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2015-05-17 19:39 - 2015-02-17 12:35 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2015-05-17 19:39 - 2015-02-17 12:35 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2015-05-17 19:39 - 2015-02-17 12:35 - 00003770 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
    2015-05-17 19:39 - 2015-02-12 18:28 - 00000000 ____D () C:\Users\Jarppa\AppData\Local\Adobe
    2015-05-15 19:15 - 2015-03-17 11:39 - 00004004 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
    2015-05-15 19:15 - 2015-03-17 11:39 - 00003752 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
    2015-05-15 10:39 - 2014-11-27 10:35 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
    2015-05-13 14:18 - 2014-11-27 10:28 - 00000000 ____D () C:\Users\Jarppa\AppData\Roaming\Mozilla
    2015-05-13 09:38 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\rescache
    2015-05-13 08:48 - 2015-03-17 11:33 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
    2015-05-13 08:48 - 2015-03-17 11:33 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
    2015-05-13 08:45 - 2009-07-14 10:45 - 00000000 ____D () C:\Program Files\Windows Journal
    2015-05-13 08:45 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
    2015-05-13 08:39 - 2014-11-26 16:40 - 00001912 _____ () C:\Windows\epplauncher.mif
    2015-05-13 08:39 - 2014-11-26 16:39 - 00002121 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
    2015-05-13 08:38 - 2014-11-26 16:39 - 00000000 ____D () C:\Program Files\Microsoft Security Client
    2015-05-13 08:38 - 2014-11-26 16:39 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
    2015-05-13 08:38 - 2009-10-12 14:30 - 00000000 ____D () C:\ProgramData\Microsoft Help
    2015-05-13 08:37 - 2014-11-26 16:41 - 00000000 ____D () C:\Windows\system32\MRT
    2015-05-13 08:31 - 2014-11-26 16:41 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2015-05-13 08:29 - 2015-03-17 11:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
    2015-05-04 11:20 - 2015-03-29 20:50 - 00000000 ____D () C:\Windows\System32\Tasks\Games
    2015-05-04 10:49 - 2014-11-27 14:01 - 00000000 ____D () C:\ProgramData\Package Cache
    2015-05-04 10:43 - 2009-07-14 06:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared

    ==================== Files in the root of some directories =======

    2014-11-27 11:57 - 2014-11-27 11:57 - 0000057 _____ () C:\ProgramData\Ament.ini
    2015-02-07 13:57 - 2015-02-07 13:57 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

    Some files in TEMP:
    ====================
    C:\Users\Jarppa\AppData\Local\Temp\Quarantine.exe


    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2015-06-03 01:06

    ==================== End of log ============================



    tässä vielä loput,täyty laittaa näin kun ei mahtunut yhteen viestiin,kun tässä kai joku raja paljonko tekstiä voi laittaa yhteen viestiin,niin ja pahoitteluni tuosta edellisestä viestistä,en sillä tarkoittanut mitään,tämän foorumin avulla olen ratkaissut monta ongelmaa
     
  11. *Trinity*

    *Trinity* Senior member

    Joined:
    Dec 15, 2014
    Messages:
    6,934
    Likes Received:
    1,258
    Trophy Points:
    243
    Ok
    Toi baidu eo ole mikään haittaohjelma vaan Kiinalainen virustorjuntaohjelma. Tullut joko jonkun ohjelman asennuksen yhteydessä taii itse ladattuna.
    Farbar recovery scan toolin käytössä on sama kuin OTL:n eli sitä pitää osasta käyttää joten katsoin aika varovaisesti sietä poistettavia lähinnä tuohon baiduun liittyen

    Mene ohjauspaneeli - Ohjelmat ja toiminnot
    Poista kaikki Baiduun viittavaat tai 百度杀毒 aasialaisa kirjainmerkkejä sisältävät ohjelmat.

    Jos niitä ei siellä kuitenkaan löydy niin luo tekstitiedosto työpöydälle ja kopioi siihen alla olevssa laatikossa oleva teksti ja anna tiedostolle nimeski fixlist ja tallenna se samaan kohteeseen missä Farbar recovery scan tool sijaitsee.
    Aukaise FRST ja klikkaa FIX

    Code:
    AV: 百度杀毒 (Enabled - Up to date) {FDA918B3-27C7-3B2B-33D0-343EAE5EB318}
    AS: 百度杀毒 (Enabled - Up to date) {46C8F957-01FD-34A5-0960-0F4CD5D9F9A5}
    AlternateDataStreams: C:\ProgramData\Temp:AB689DEA
    AlternateDataStreams: C:\ProgramData\Temp:E1F04E8D
    (百度在线网络技术(北京)有限公司) C:\Program Files (x86)\Common Files\Baidu\BaiduHips\1.2.0.751\BaiduHips.exe
    (百度在线网络技术(北京)有限公司) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdSvc.exe
    (百度在线网络技术(北京)有限公司) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdTray.exe
    (百度在线网络技术(北京)有限公司) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdTray.exe
    HKLM\...\Run: [baidusdTray] => C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\baidusdTray.exe [2474952 2015-06-01] (百度在线网络技术(北京)有限公司)
    HKLM-x32\...\Run: [baidusdTray] => C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdTray.exe [2474952 2015-06-01] (百度在线网络技术(北京)有限公司)
    HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\Run: [apphide] => C:\Program Files (x86)\baidu\baidu.exe
    FF Plugin-x32: @baidu.com/BaidusdDetectNPPlugin -> C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\explugin\npBaiduSDDetectPlug.dll [2015-06-01] ()
    R2 BaiduHips; C:\Program Files (x86)\Common Files\Baidu\BaiduHips\1.2.0.751\BaiduHips.exe [64008 2015-06-01] (百度在线网络技术(北京)有限公司)
    R2 BDKVRTP; C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdSvc.exe [793096 2015-06-01] (百度在线网络技术(北京)有限公司)
    R1 bd0001; C:\Windows\System32\DRIVERS\bd0001.sys [202576 2015-06-01] (Baidu)
    R1 bd0002; C:\Windows\System32\DRIVERS\bd0002.sys [196936 2015-06-01] (Baidu)
    R1 bd0003; C:\Windows\System32\DRIVERS\bd0003.sys [67400 2015-06-01] (Baidu)
    R2 BDArKit; C:\Windows\System32\DRIVERS\BDArKit.sys [152392 2015-06-01] (Baidu Technology)
    R2 BDDefense; C:\Windows\system32\drivers\BDDefense.sys [103752 2015-06-01] (Baidu)
    R1 BDMWrench_x64; C:\Windows\System32\DRIVERS\BDMWrench_x64.sys [56136 2015-06-01] (Baidu)
    2015-06-01 11:59 - 2015-06-01 13:35 - 00000000 ____D () C:\Users\Jarppa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
    2015-06-01 11:47 - 2015-06-01 11:46 - 00056136 _____ (Baidu) C:\Windows\system32\Drivers\BDMWrench_x64.sys
    2015-06-01 11:46 - 2015-06-01 15:59 - 00103752 _____ (Baidu) C:\Windows\system32\Drivers\BDDefense.sys
    2015-06-01 11:46 - 2015-06-01 11:46 - 00202576 _____ (Baidu) C:\Windows\system32\Drivers\bd0001.sys
    2015-06-01 11:46 - 2015-06-01 11:46 - 00196936 _____ (Baidu) C:\Windows\system32\Drivers\bd0002.sys
    2015-06-01 11:46 - 2015-06-01 11:46 - 00152392 _____ (Baidu Technology) C:\Windows\system32\Drivers\BDArKit.SYS
    2015-06-01 11:46 - 2015-06-01 11:46 - 00067400 _____ (Baidu) C:\Windows\system32\Drivers\bd0003.sys
    2015-06-01 11:45 - 2015-06-02 02:33 - 00000000 ____D () C:\Users\Jarppa\AppData\Roaming\4BA6FB90-1433148335-1020-0308-142347000000
    2015-06-01 11:45 - 2015-06-01 11:45 - 00000000 ____D () C:\ProgramData\BDSReport
    2015-06-01 11:45 - 2015-06-01 11:45 - 00000000 ____D () C:\Program Files (x86)\BaiduSd3.0
    2015-06-01 11:44 - 2015-06-03 00:46 - 00000000 ____D () C:\ProgramData\Baidu
    2015-06-01 11:44 - 2015-06-02 02:33 - 00000000 ____D () C:\Users\Jarppa\AppData\Roaming\4BA6FB90-1433148298-1020-0308-142347000000
    127.0.0.1 www.iobit.com
    127.0.0.1 www.asc55.iobit.com
    Koska tosiaan FRST käyttö vaatii opettelua niin en haittaohjelmia edes yrittänyt katsoa.

    Sen takia voisit ajaa ESET online sscannin
    http://www.eset.com/us/online-scanner-popup/
    Kysy jo st arvitset sen käyttöön selkeämpiä ohjeita.

    Valitetavasti näitä joudutaan katsomaan vähän tälläin karkealla tavalla koska täältä ei löydy OTL:n käyttöä osaavia
    Toinen vaihtoehto on että kysyt virustorjunta.netissä apua ( se saattaa olla kyllä hiukan hidas palvelun suhteen)
    http://www.virustorjunta.net/
     
  12. djjari

    djjari Active member

    Joined:
    Dec 17, 2010
    Messages:
    1,142
    Likes Received:
    6
    Trophy Points:
    68
    semmoisen tuossa huomasin noiden haittaohjelmien jälkeen,että näyttö sammuu ehkä noin muutamien minuuuttien päästä,vaikka virranhallinta asetuksissa on että näytön pitäisi sammua tunnin päästä,voisiko joku haittaohjelma olla syypää tuohon,outoa kyllä,koska ennen haittaohjelmia näyttö sammui niinkuin virranhallinta asetuksissa on säädetty


    noniin taisinpa löytää syyn http://aijaa.com/9RaBEP http://aijaa.com/gsx6im

    tuossa,eli se haittaohjelma on ilmeisesti päässyt tekemään tonne virranhallinta asetuksiin jotain
     
  13. *Trinity*

    *Trinity* Senior member

    Joined:
    Dec 15, 2014
    Messages:
    6,934
    Likes Received:
    1,258
    Trophy Points:
    243
    Viitaten edelliseen omaan kommenttiini ja sinun toiseen ketjuun pistämääsi komenttiin.
    Teitkö mitään noista asioista mitä edellisessä viestissä kerroin?
    Baidu on Kiinalainen virustorjuntaohjelma se ei siis ole haittaohjelma sen takia ei tarvitse Windowsia uudelleen asentaa.

    Pistin myös linkin tuohon esetin online scanneriin jolla voit näin alkuun tarkistaa koneesi haittaohjelmien varalta.
     
  14. verovanki

    verovanki Regular member

    Joined:
    Aug 15, 2007
    Messages:
    594
    Likes Received:
    86
    Trophy Points:
    38
    Helpoin tapa olisi ollut vetää ennen tuon baidun asennusta 1.6.2015 , jonnekin toukokuun puolella olevaan palautuspisteeseen.
    Asenna koneellesi oikea virustorjuntaohjelma, poista MSE käytöstä, security essentials ei löydä yhtään virusta tai haittaohjelmaa vaikka kone olisi täynnä niitä.
     
  15. djjari

    djjari Active member

    Joined:
    Dec 17, 2010
    Messages:
    1,142
    Likes Received:
    6
    Trophy Points:
    68
    joo ajoin sillä esetin online scannerilla mutta se ei löytänyt mitään,mikähän sitten olisi hyvä virustorjunta ohjelma

    eikö tuo MSE sitten suojaakkaan konetta,palautusvaihtoehtoja toukokuun puolelle ei löydy,ja yritin tuota palautusta jo aijemminkin,eikä se kiinalainen virustorjuntaohjelma lähtenyt pois
     
  16. *Trinity*

    *Trinity* Senior member

    Joined:
    Dec 15, 2014
    Messages:
    6,934
    Likes Received:
    1,258
    Trophy Points:
    243
  17. verovanki

    verovanki Regular member

    Joined:
    Aug 15, 2007
    Messages:
    594
    Likes Received:
    86
    Trophy Points:
    38
    Suomenkielinen avast on hyvä, siinä on hyvä selaussuojaus kun näköjään käyt noilla aikuisviihdesivuilla.
     
  18. djjari

    djjari Active member

    Joined:
    Dec 17, 2010
    Messages:
    1,142
    Likes Received:
    6
    Trophy Points:
    68
    tässä vielä tän farbar recovery scan toolin lokit edelliset taisi mennä väärin

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-05-2015
    Ran by Jarppa (administrator) on JARPPA-PC on 04-06-2015 14:45:53
    Running from C:\Users\Jarppa\Desktop
    Loaded Profiles: Jarppa (Available Profiles: Jarppa)
    Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: suomi (Suomi)
    Internet Explorer Version 11 (Default browser: FF)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (百度在线网络技术(北京)有限公司) C:\Program Files (x86)\Common Files\Baidu\BaiduHips\1.2.0.751\BaiduHips.exe
    (百度在线网络技术(北京)有限公司) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdSvc.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
    (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
    (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
    (Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    (Realtek Semiconductor.) C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
    (百度在线网络技术(北京)有限公司) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdTray.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
    (百度在线网络技术(北京)有限公司) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdUProxy64.exe
    (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
    (Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    (Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_95.exe
    (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_95.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
    HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7981088 2009-07-20] (Realtek Semiconductor)
    HKLM\...\Run: [SunJavaUpdateSched] => c:\program files (x86)\common files\java\java update\jusched.exe [335232 2015-04-10] (Oracle Corporation)
    HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
    HKLM\...\Run: [StartCCC] => c:\program files (x86)\ati technologies\ati.ace\core-static\amd64\clistart.exe [767200 2014-08-20] (Advanced Micro Devices, Inc.)
    HKLM\...\Run: [baidusdTray] => C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\baidusdTray.exe [3257240 2015-06-03] (百度在线网络技术(北京)有限公司)
    HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [baidusdTray] => C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdTray.exe [3257240 2015-06-03] (百度在线网络技术(北京)有限公司)
    HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31280256 2015-04-17] (Skype Technologies S.A.)
    HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8322328 2015-05-08] (Piriform Ltd)
    HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)
    CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled
    ProxyServer: [.DEFAULT] => http=127.0.0.1:50275;https=127.0.0.1:50275
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
    HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/fi-fi/?ocid=iehp
    HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\Software\Microsoft\Internet Explorer\Main,Start Page =
    SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?source...nputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-19] (Oracle Corporation)
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
    BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
    BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-19] (Oracle Corporation)
    BHO-x32: WebGuardBHO -> {1B2639A9-EE25-4AE7-A2E3-B308F08125C4} -> C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\WebGuardBHO.dll [2015-06-03] (百度在线网络技术(北京)有限公司)
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-19] (Oracle Corporation)
    BHO-x32: Microsoft-tilin kirjautumisapuohjelma -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
    BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-19] (Oracle Corporation)
    Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
    Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
    Tcpip\..\Interfaces\{ADE6E253-98D5-43E2-8AD7-CF0AD0B1CA72}: [NameServer] 109.204.194.2,109.204.194.3
    StartMenuInternet: IEXPLORE.EXE - iexplore.exe

    FireFox:
    ========
    FF ProfilePath: C:\Users\Jarppa\AppData\Roaming\Mozilla\Firefox\Profiles\sadgjijk.default
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_95.dll [2015-04-25] ()
    FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-19] (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-19] (Oracle Corporation)
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_95.dll [2015-04-25] ()
    FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-03-30] (Google)
    FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll No File
    FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-19] (Oracle Corporation)
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
    FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\Jarppa\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll No File
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll No File
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll No File
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll No File
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\bookplus-fi.xml [2015-05-29]
    FF Extension: Adblock Plus - C:\Users\Jarppa\AppData\Roaming\Mozilla\Firefox\Profiles\sadgjijk.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-05-13]
    StartMenuInternet: FIREFOX.EXE - firefox.exe

    Chrome:
    =======
    CHR dev: Chrome dev build detected! <======= ATTENTION
    CHR Profile: C:\Users\Jarppa\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Drive) - C:\Users\Jarppa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-17]
    CHR Extension: (YouTube) - C:\Users\Jarppa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-17]
    CHR Extension: (Adblock Plus) - C:\Users\Jarppa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-03-17]
    CHR Extension: (Google Search) - C:\Users\Jarppa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-17]
    CHR Extension: (WGT Golf Challenge) - C:\Users\Jarppa\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcilimldmomiaihcfkmaldanopfejefg [2015-03-17]
    CHR Extension: (Rise Gaming Store) - C:\Users\Jarppa\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkmkefpehlolmdiloilglfcojbomaoii [2015-06-01]
    CHR Extension: (Google Wallet) - C:\Users\Jarppa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-17]
    CHR Extension: (Gmail) - C:\Users\Jarppa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-17]
    StartMenuInternet: Google Chrome - Chrome.exe

    ==================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-08-19] (Advanced Micro Devices, Inc.) [File not signed]
    S3 AMD_RAIDXpert; C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe [81920 2013-03-19] (AMD) [File not signed]
    R2 BaiduHips; C:\Program Files (x86)\Common Files\Baidu\BaiduHips\1.2.0.751\BaiduHips.exe [64008 2015-06-01] (百度在线网络技术(北京)有限公司)
    R2 BDKVRTP; C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdSvc.exe [793096 2015-06-01] (百度在线网络技术(北京)有限公司)
    R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
    R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
    S3 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-11-06] (NVIDIA Corporation)
    S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
    R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
    R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
    R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-11-06] (NVIDIA Corporation)
    S3 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19819848 2014-11-06] (NVIDIA Corporation)
    R2 SetupARService; C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe [24576 2015-03-02] (Realtek Semiconductor.) [File not signed]
    S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
    S2 HPSLPSVC; C:\Users\Jarppa\AppData\Local\Temp\7zS21F7\hpslpsvc64.dll [X]

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
    U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
    R1 bd0001; C:\Windows\System32\DRIVERS\bd0001.sys [202576 2015-06-01] (Baidu)
    R1 bd0002; C:\Windows\System32\DRIVERS\bd0002.sys [196936 2015-06-01] (Baidu)
    R1 bd0003; C:\Windows\System32\DRIVERS\bd0003.sys [67400 2015-06-01] (Baidu)
    R2 BDArKit; C:\Windows\System32\DRIVERS\BDArKit.sys [152392 2015-06-01] (Baidu Technology)
    R2 BDDefense; C:\Windows\System32\drivers\BDDefense.sys [103240 2015-06-01] (Baidu)
    R1 BDMWrench_x64; C:\Windows\System32\DRIVERS\BDMWrench_x64.sys [56136 2015-06-01] (Baidu)
    R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-11-27] (Disc Soft Ltd)
    R3 johci; C:\Windows\System32\DRIVERS\johci.sys [26208 2000-01-01] (JMicron Technology Corp.)
    R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
    S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
    R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
    R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
    R3 nvoclk64; C:\Windows\System32\DRIVERS\nvoclk64.sys [42088 2009-09-15] (NVIDIA Corp.)
    S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2014-11-06] (NVIDIA Corporation)
    R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38216 2014-10-03] (NVIDIA Corporation)
    S3 PcaSp60; C:\Windows\SysWOW64\DRIVERS\PcaSp60.sys [38912 2010-09-07] (Printing Communications Assoc., Inc. (PCAUSA))
    U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()

    ========================== Drivers MD5 =======================

    C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
    C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
    C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\AF15BDA.sys 0517E1670A58213E3F206066CD209273
    C:\Windows\SysWow64\drivers\Afc.sys 6CCD1135320109D6B219F1A6E04AD9F6
    C:\Windows\system32\drivers\afd.sys FA886682CFC5D36718D3E436AACF10B9
    C:\Windows\System32\DRIVERS\agrsm64.sys 2173E070647AC68C16B8214FE5C05EC3
    C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
    C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
    C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\amdppm.sys ==> MD5 is legit
    C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
    C:\Windows\System32\DRIVERS\amdsbs.sys ==> MD5 is legit
    C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
    C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys C3D487827E48CC5EC17994FEC5BDFF87
    C:\Windows\system32\drivers\appid.sys 90C53BD47979FB8814F465A08B885102
    C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
    C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
    C:\Windows\system32\drivers\atikmdag.sys 3EFD964D52221360AF0673CD61C2F4F5
    C:\Windows\System32\DRIVERS\AtiPcie.sys 7C5D273E29DCC5505469B299C6F29163
    C:\Windows\system32\DRIVERS\bxvbda.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\bd0001.sys B070BE913D270FC77A53F8D4304AF94D
    C:\Windows\System32\DRIVERS\bd0002.sys 0BE83330EF96860DC3B1BAF8E2FFF100
    C:\Windows\System32\DRIVERS\bd0003.sys A5E55CB840660113D2C051D09EF3790F
    C:\Windows\System32\DRIVERS\BDArKit.sys AC5C57F6C95C5B2EE4FE78C7C93372A5
    C:\Windows\System32\drivers\BDDefense.sys 5CCBE87872A9071C0B72F16A41C22E60
    C:\Windows\System32\DRIVERS\BDMWrench_x64.sys 46E85FE5F787FDABAE8EA8C571ADC53B
    C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\blbdrive.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\bridge.sys 5C2F352A4E961D72518261257AAE204B
    C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
    C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
    C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
    C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\circlass.sys ==> MD5 is legit
    C:\Windows\System32\CLFS.sys 404B7DF9CA4D1CB675045AF220FF3285
    C:\Windows\system32\DRIVERS\CmBatt.sys ==> MD5 is legit
    C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
    C:\Windows\System32\Drivers\cng.sys 27667A788130A7F7A5858DE27572E6D7
    C:\Windows\system32\DRIVERS\compbatt.sys ==> MD5 is legit
    C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
    C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\ssudbus.sys 73BDD44A6088916964945886F9025409
    C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
    C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\dtsoftbus01.sys 33F90B202E9DD9B7D489EB59310FDC34
    C:\Windows\System32\drivers\dxgkrnl.sys 87CE5C8965E101CCCED1F4675557E868
    C:\Windows\system32\DRIVERS\evbda.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit
    C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
    C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
    C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legit
    C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
    C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legit
    C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
    C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
    C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
    C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
    C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
    C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
    C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
    C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
    C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
    C:\Windows\System32\drivers\HTTP.sys F61634BEC53F73702A10DE69F6DCAF57
    C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
    C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
    C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
    C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit
    C:\Windows\System32\drivers\RTKVHD64.sys BC64B75E8E0A0B8982AB773483164E72
    C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\intelppm.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
    C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
    C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
    C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
    C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
    C:\Windows\system32\drivers\msiscsi.sys 96BB922A0981BC7432C8CF52B5410FE6
    C:\Windows\System32\DRIVERS\johci.sys 1542F0B31DD7193EF8C0606C018E19AF
    C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
    C:\Windows\System32\Drivers\ksecdd.sys F7DFAE6040AC910B7C64EE208A34157D
    C:\Windows\System32\Drivers\ksecpkg.sys 8FE94F2EF9BF444E93E35D87E210D02F
    C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
    C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
    C:\Windows\system32\drivers\mbam.sys 1E9E32AEC3E1EB1B31B8169F33168B56
    C:\Windows\system32\drivers\mwac.sys F49FB3C88E263AE9A246593B0BB29294
    C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit
    C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
    C:\Windows\System32\drivers\mountmgr.sys 87BCD1034CBF33537D4D4C251D39BA26
    C:\Windows\System32\DRIVERS\MpFilter.sys 73150F67D20270FF95A021A22E64F28A
    C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
    C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
    C:\Windows\system32\drivers\mrxdav.sys AE3334958D8F631FF14A0AEB3D7EFB3A
    C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
    C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
    C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
    C:\Windows\system32\drivers\msahci.sys ==> MD5 is legit
    C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
    C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
    C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
    C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
    C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
    C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
    C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
    C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
    C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
    C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
    C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
    C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
    C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
    C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\NisDrvWFP.sys 4774AD83C650001B337B92E5E5DA337B
    C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
    C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
    C:\Windows\System32\Drivers\Ntfs.sys 1A29A59A4C5BA6F8C85062A613B7E2B2
    C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
    C:\Windows\System32\drivers\nvhda64v.sys E366A5681C50785D4ED04FCFD65C3415
    C:\Windows\System32\DRIVERS\nvlddmkm.sys 5D89C0070BC2643117CF33D0367AFABA
    C:\Windows\System32\DRIVERS\nvoclk64.sys 8C1D181480796D7D3366A9381FD7782D
    C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
    C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
    C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys 285F0E48D99FC882971A8BE107D2E74A
    C:\Windows\System32\drivers\nvvad64v.sys 1FE5C1F4CCA8EAEA75C90FB2A85D9CC3
    C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\ohci1394.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legit
    C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
    C:\Windows\System32\DRIVERS\PcaSp60.sys 5EACB8A19CAD7057806FBBF9550165E1
    C:\Windows\SysWOW64\DRIVERS\PcaSp60.sys 5EACB8A19CAD7057806FBBF9550165E1
    C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
    C:\Windows\System32\drivers\pciide.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
    C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
    C:\Windows\System32\drivers\peauth.sys ED6E75158D28D33A2E2A020AC5B2B59D
    C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit
    C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\rdpbus.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
    C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
    C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
    C:\Windows\System32\drivers\rdpvideominiport.sys 313F68E1A3E6345A4F47A36B07062F34
    C:\Windows\System32\Drivers\RDPWD.sys FE571E088C2D83619D2D48D4E961BF41
    C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
    C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
    C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\serenum.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\serial.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
    C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
    C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
    C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
    C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
    C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
    C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
    C:\Windows\System32\DRIVERS\ssudmdm.sys 5252D7BC56E5E0ED715AEA8FE173A455
    C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\serscan.sys DECACB6921DED1A38642642685D77DAC
    C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
    C:\Windows\System32\drivers\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
    C:\Windows\System32\DRIVERS\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
    C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
    C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
    C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
    C:\Windows\System32\DRIVERS\tdx.sys 70988118145F5F10EF24720B97F35F65
    C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\tssecsrv.sys E232A3B43A894BB327FC161529BD9ED1
    C:\Windows\System32\drivers\tsusbflt.sys E9981ECE8D894CEF7038FD1D040EB426
    C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
    C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
    C:\Windows\system32\drivers\umbus.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\emBDA64.sys 5F8B92C514B2189829988019923B182F
    C:\Windows\System32\DRIVERS\emOEM64.sys 44F21CDC25F1F5986D5A703BBB37B172
    C:\Windows\System32\DRIVERS\usbccgp.sys DCA68B0943D6FA415F0C56C92158A83A
    C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
    C:\Windows\System32\DRIVERS\usbehci.sys 18A85013A3E0F7E1755365D287443965
    C:\Windows\System32\DRIVERS\usbfilter.sys 5A4AC5D05A7C97C68596416C05D6F2B4
    C:\Windows\System32\DRIVERS\usbhub.sys 8D1196CFBB223621F2C67D45710F25BA
    C:\Windows\System32\DRIVERS\usbohci.sys 765A92D428A8DB88B960DA5A8D6089DC
    C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\usbscan.sys 9661DA76B4531B2DA272ECCE25A8AF24
    C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
    C:\Windows\system32\drivers\usbuhci.sys DD253AFC3BC6CBA412342DE60C3647F3
    C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
    C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
    C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
    C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
    C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
    C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
    C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit
    C:\Windows\System32\drivers\vwifibus.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit
    C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
    C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
    C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
    C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
    C:\Windows\system32\drivers\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
    C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
    C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
    C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
    C:\Windows\system32\drivers\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
    C:\Windows\System32\DRIVERS\yk62x64.sys E1E858AEF2ED420CBB7605D3ECCEC69A

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== Three Months Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-06-04 14:43 - 2015-06-04 14:45 - 00034552 _____ () C:\Users\Jarppa\Desktop\FRST.txt
    2015-06-04 12:55 - 2015-06-04 12:55 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Jarppa\Desktop\tdsskiller.exe
    2015-06-04 12:37 - 2015-06-04 12:37 - 00000000 _____ () C:\Windows\setuperr.log
    2015-06-04 12:37 - 2015-06-04 12:37 - 00000000 _____ () C:\Windows\setupact.log
    2015-06-04 10:55 - 2015-06-04 10:55 - 02231296 _____ () C:\Users\Jarppa\Desktop\AdwCleaner.exe
    2015-06-03 23:08 - 2015-06-03 23:08 - 00000000 ____D () C:\Program Files (x86)\ESET
    2015-06-03 23:07 - 2015-06-03 23:07 - 02870984 _____ (ESET) C:\Users\Jarppa\Desktop\esetsmartinstaller_enu.exe
    2015-06-03 21:32 - 2015-06-03 21:52 - 00000000 ____D () C:\ProgramData\Baidu
    2015-06-03 21:32 - 2015-06-01 11:46 - 00202576 _____ (Baidu) C:\Windows\system32\Drivers\bd0001.sys
    2015-06-03 21:32 - 2015-06-01 11:46 - 00196936 _____ (Baidu) C:\Windows\system32\Drivers\bd0002.sys
    2015-06-03 21:32 - 2015-06-01 11:46 - 00152392 _____ (Baidu Technology) C:\Windows\system32\Drivers\BDArKit.SYS
    2015-06-03 21:32 - 2015-06-01 11:46 - 00103240 _____ (Baidu) C:\Windows\system32\Drivers\BDDefense.sys
    2015-06-03 21:32 - 2015-06-01 11:46 - 00067400 _____ (Baidu) C:\Windows\system32\Drivers\bd0003.sys
    2015-06-03 21:32 - 2015-06-01 11:46 - 00056136 _____ (Baidu) C:\Windows\system32\Drivers\BDMWrench_x64.sys
    2015-06-03 15:18 - 2015-06-03 15:18 - 02108928 _____ (Farbar) C:\Users\Jarppa\Desktop\FRST64.exe
    2015-06-03 00:46 - 2015-06-03 00:46 - 00000000 ____D () C:\Users\Jarppa\AppData\Roaming\Baidu
    2015-06-02 23:21 - 2015-06-02 23:36 - 00000000 ____D () C:\AdwCleaner
    2015-06-02 22:55 - 2015-06-02 22:55 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-JARPPA-PC-Windows-7-Home-Premium-(64-bit).dat
    2015-06-02 22:55 - 2015-06-02 22:55 - 00000000 ____D () C:\RegBackup
    2015-06-02 22:14 - 2015-06-02 22:14 - 00000000 ____D () C:\ProgramData\Kaspersky SDK
    2015-06-02 18:07 - 2015-06-02 18:07 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
    2015-06-01 17:16 - 2015-06-01 17:16 - 00000000 ____D () C:\_OTL
    2015-06-01 12:15 - 2015-06-01 15:17 - 00000000 ____D () C:\ProgramData\TXQMPC
    2015-06-01 11:45 - 2015-06-01 11:45 - 00000000 ____D () C:\Program Files (x86)\BaiduSd3.0
    2015-06-01 09:34 - 2015-06-01 10:07 - 00000000 ____D () C:\Users\Jarppa\AppData\Local\9639
    2015-06-01 09:19 - 2015-06-02 02:33 - 00000000 ____D () C:\Users\Jarppa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SevenZip 9.20
    2015-05-31 14:45 - 2015-05-31 14:50 - 00000000 ____D () C:\Users\Jarppa\AppData\Local\Nero
    2015-05-31 14:41 - 2015-06-01 11:38 - 00000000 ____D () C:\Users\Jarppa\AppData\Roaming\Nero
    2015-05-31 14:30 - 2015-05-31 14:30 - 00000000 ____D () C:\Windows\System32\Tasks\Nero
    2015-05-31 14:22 - 2015-06-01 16:56 - 00000000 ____D () C:\ProgramData\Nero
    2015-05-31 12:56 - 2015-05-31 13:24 - 00000000 ____D () C:\Users\Jarppa\AppData\Local\29235
    2015-05-31 11:07 - 2015-05-31 11:07 - 00000004 _____ () C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
    2015-05-31 10:30 - 2015-02-26 20:24 - 00000083 _____ () C:\Windows\system32\Drivers\etc\hp.bak
    2015-05-30 09:48 - 2015-05-30 09:48 - 00001141 _____ () C:\Windows\system32\05-30_09-20-40_Yle TV1 HD_Ylen aamu-tv - 09.07 Eduskunnan puhemies Maria Lohela 9.19 Viikonlopun sää 9.26 Ylioppilasjuhlien tunnelmaa Outokummusta 9.32 Mikä ruusuissa kiehtoo 9.42 Voita&Sokeria 9.ts.lnk
    2015-05-29 15:12 - 2015-02-11 13:38 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
    2015-05-29 15:12 - 2015-02-11 13:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
    2015-05-29 15:12 - 2015-02-04 06:56 - 16128576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
    2015-05-29 15:11 - 2015-02-04 06:56 - 31515280 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
    2015-05-29 15:11 - 2015-02-04 06:56 - 24198856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
    2015-05-29 15:11 - 2015-02-04 06:56 - 22993224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
    2015-05-29 15:11 - 2015-02-04 06:56 - 17559432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
    2015-05-29 15:11 - 2015-02-04 06:56 - 15294280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
    2015-05-29 15:11 - 2015-02-04 06:56 - 13916280 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
    2015-05-29 15:11 - 2015-02-04 06:56 - 13828032 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
    2015-05-29 15:11 - 2015-02-04 06:56 - 12894024 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
    2015-05-29 15:11 - 2015-02-04 06:56 - 11272240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
    2015-05-29 15:11 - 2015-02-04 06:56 - 11209192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
    2015-05-29 15:11 - 2015-02-04 06:56 - 04244680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
    2015-05-29 15:11 - 2015-02-04 06:56 - 03987600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
    2015-05-29 15:11 - 2015-02-04 06:56 - 02823992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
    2015-05-29 15:11 - 2015-02-04 06:56 - 00944328 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
    2015-05-29 15:11 - 2015-02-04 06:56 - 00907464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
    2015-05-29 15:11 - 2015-02-04 06:56 - 00902344 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
    2015-05-29 15:11 - 2015-02-04 06:56 - 00870032 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
    2015-05-29 14:27 - 2015-01-31 05:52 - 01801544 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6430908.dll
    2015-05-29 14:27 - 2015-01-31 05:52 - 01510728 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6430908.dll
    2015-05-28 23:22 - 2015-04-11 06:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
    2015-05-26 22:12 - 2015-05-29 22:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
    2015-05-25 23:15 - 2015-05-25 23:15 - 00000000 ____D () C:\Users\Jarppa\AppData\Local\Apps\2.0
    2015-05-21 21:21 - 2015-05-21 21:21 - 00001138 _____ () C:\Windows\system32\05-21_15-39-43_MTV3 (fin)_Salatut elämät (7) - Osa 2825 Kristiinan standardit ovat matalat. Pihlajakadun asukkaista kertovassa sarjassa kuljetaan kiehtovien tarinoiden poluilla koskettavia tai ar.ts.lnk
    2015-05-18 23:24 - 2015-05-18 23:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
    2015-05-17 14:56 - 2015-03-14 06:21 - 01632768 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
    2015-05-17 14:56 - 2015-03-14 06:21 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
    2015-05-17 14:56 - 2015-03-14 06:04 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
    2015-05-17 14:56 - 2015-03-14 06:04 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
    2015-05-15 12:17 - 2015-05-15 12:17 - 00000000 _____ () C:\Windows\SeaOfDarkness.INI
    2015-05-15 12:14 - 2015-05-15 12:17 - 00000000 ____D () C:\Users\Jarppa\Documents\Sea of Darkness
    2015-05-15 10:53 - 2015-05-15 10:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Her Interactive
    2015-05-15 10:49 - 2015-05-15 10:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nancy Drew Sea of Darkness
    2015-05-13 14:18 - 2015-05-29 22:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
    2015-05-13 08:30 - 2015-05-13 08:30 - 00000000 ____D () C:\Users\Jarppa\AppData\Local\Microsoft Help
    2015-05-13 08:29 - 2015-05-01 16:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
    2015-05-13 08:29 - 2015-05-01 16:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
    2015-05-13 08:19 - 2015-05-05 04:29 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
    2015-05-13 08:19 - 2015-05-05 04:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
    2015-05-13 08:19 - 2015-04-18 06:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
    2015-05-13 08:19 - 2015-04-18 05:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
    2015-05-13 08:18 - 2015-04-27 22:28 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2015-05-13 08:18 - 2015-04-27 22:28 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
    2015-05-13 08:18 - 2015-04-27 22:28 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
    2015-05-13 08:18 - 2015-04-27 22:26 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
    2015-05-13 08:18 - 2015-04-27 22:23 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2015-05-13 08:18 - 2015-04-27 22:23 - 01254400 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
    2015-05-13 08:18 - 2015-04-27 22:23 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
    2015-05-13 08:18 - 2015-04-27 22:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
    2015-05-13 08:18 - 2015-04-27 22:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
    2015-05-13 08:18 - 2015-04-27 22:23 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2015-05-13 08:18 - 2015-04-27 22:23 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
    2015-05-13 08:18 - 2015-04-27 22:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
    2015-05-13 08:18 - 2015-04-27 22:23 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
    2015-05-13 08:18 - 2015-04-27 22:23 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
    2015-05-13 08:18 - 2015-04-27 22:23 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
    2015-05-13 08:18 - 2015-04-27 22:23 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
    2015-05-13 08:18 - 2015-04-27 22:23 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
    2015-05-13 08:18 - 2015-04-27 22:23 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
    2015-05-13 08:18 - 2015-04-27 22:23 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
    2015-05-13 08:18 - 2015-04-27 22:23 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
    2015-05-13 08:18 - 2015-04-27 22:23 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
    2015-05-13 08:18 - 2015-04-27 22:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
    2015-05-13 08:18 - 2015-04-27 22:23 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
    2015-05-13 08:18 - 2015-04-27 22:23 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
    2015-05-13 08:18 - 2015-04-27 22:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
    2015-05-13 08:18 - 2015-04-27 22:23 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
    2015-05-13 08:18 - 2015-04-27 22:23 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
    2015-05-13 08:18 - 2015-04-27 22:23 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
    2015-05-13 08:18 - 2015-04-27 22:22 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
    2015-05-13 08:18 - 2015-04-27 22:22 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
    2015-05-13 08:18 - 2015-04-27 22:22 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
    2015-05-13 08:18 - 2015-04-27 22:22 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
    2015-05-13 08:18 - 2015-04-27 22:22 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
    2015-05-13 08:18 - 2015-04-27 22:22 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
    2015-05-13 08:18 - 2015-04-27 22:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
    2015-05-13 08:18 - 2015-04-27 22:22 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
    2015-05-13 08:18 - 2015-04-27 22:22 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
    2015-05-13 08:18 - 2015-04-27 22:21 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
    2015-05-13 08:18 - 2015-04-27 22:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
    2015-05-13 08:18 - 2015-04-27 22:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
    2015-05-13 08:18 - 2015-04-27 22:16 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
    2015-05-13 08:18 - 2015-04-27 22:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
    2015-05-13 08:18 - 2015-04-27 22:16 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 22:16 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 22:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 22:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 22:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 22:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 22:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 22:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 22:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 22:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 22:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 22:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 22:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 22:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 22:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 22:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 22:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 22:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 22:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 22:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 22:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 22:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 22:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 22:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 22:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 22:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 22:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 22:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 22:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
    2015-05-13 08:18 - 2015-04-27 22:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
    2015-05-13 08:18 - 2015-04-27 22:08 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
    2015-05-13 08:18 - 2015-04-27 22:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
    2015-05-13 08:18 - 2015-04-27 22:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
    2015-05-13 08:18 - 2015-04-27 22:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
    2015-05-13 08:18 - 2015-04-27 22:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
    2015-05-13 08:18 - 2015-04-27 22:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
    2015-05-13 08:18 - 2015-04-27 22:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
    2015-05-13 08:18 - 2015-04-27 22:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
    2015-05-13 08:18 - 2015-04-27 22:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
    2015-05-13 08:18 - 2015-04-27 22:05 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
    2015-05-13 08:18 - 2015-04-27 22:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
    2015-05-13 08:18 - 2015-04-27 22:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
    2015-05-13 08:18 - 2015-04-27 22:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
    2015-05-13 08:18 - 2015-04-27 22:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
    2015-05-13 08:18 - 2015-04-27 22:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
    2015-05-13 08:18 - 2015-04-27 22:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
    2015-05-13 08:18 - 2015-04-27 22:04 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
    2015-05-13 08:18 - 2015-04-27 22:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
    2015-05-13 08:18 - 2015-04-27 22:03 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
    2015-05-13 08:18 - 2015-04-27 22:03 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
    2015-05-13 08:18 - 2015-04-27 22:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
    2015-05-13 08:18 - 2015-04-27 22:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
    2015-05-13 08:18 - 2015-04-27 22:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
    2015-05-13 08:18 - 2015-04-27 22:03 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
    2015-05-13 08:18 - 2015-04-27 22:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
    2015-05-13 08:18 - 2015-04-27 22:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
    2015-05-13 08:18 - 2015-04-27 21:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
    2015-05-13 08:18 - 2015-04-27 21:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
    2015-05-13 08:18 - 2015-04-27 21:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 21:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 21:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 21:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 21:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 21:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 21:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 21:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 21:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 21:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 21:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 21:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-
     
  19. djjari

    djjari Active member

    Joined:
    Dec 17, 2010
    Messages:
    1,142
    Likes Received:
    6
    Trophy Points:
    68
    win-core-interlocked-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 21:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 21:06 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
    2015-05-13 08:18 - 2015-04-27 20:57 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
    2015-05-13 08:18 - 2015-04-27 20:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
    2015-05-13 08:18 - 2015-04-27 20:55 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 20:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 20:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-27 20:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
    2015-05-13 08:18 - 2015-04-22 05:28 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2015-05-13 08:18 - 2015-04-22 04:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2015-05-13 08:18 - 2015-04-21 20:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2015-05-13 08:18 - 2015-04-21 20:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2015-05-13 08:18 - 2015-04-21 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2015-05-13 08:18 - 2015-04-21 19:51 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2015-05-13 08:18 - 2015-04-21 19:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2015-05-13 08:18 - 2015-04-21 19:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
    2015-05-13 08:18 - 2015-04-21 19:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2015-05-13 08:18 - 2015-04-21 19:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2015-05-13 08:18 - 2015-04-21 19:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2015-05-13 08:18 - 2015-04-21 19:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2015-05-13 08:18 - 2015-04-21 19:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2015-05-13 08:18 - 2015-04-21 19:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2015-05-13 08:18 - 2015-04-21 19:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2015-05-13 08:18 - 2015-04-21 19:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2015-05-13 08:18 - 2015-04-21 19:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2015-05-13 08:18 - 2015-04-21 19:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2015-05-13 08:18 - 2015-04-21 19:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2015-05-13 08:18 - 2015-04-21 19:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2015-05-13 08:18 - 2015-04-21 19:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2015-05-13 08:18 - 2015-04-21 19:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2015-05-13 08:18 - 2015-04-21 19:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2015-05-13 08:18 - 2015-04-21 19:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2015-05-13 08:18 - 2015-04-21 19:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2015-05-13 08:18 - 2015-04-21 19:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2015-05-13 08:18 - 2015-04-21 19:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
    2015-05-13 08:18 - 2015-04-21 19:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
    2015-05-13 08:18 - 2015-04-21 19:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2015-05-13 08:18 - 2015-04-21 19:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2015-05-13 08:18 - 2015-04-21 19:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
    2015-05-13 08:18 - 2015-04-21 19:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2015-05-13 08:18 - 2015-04-21 19:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2015-05-13 08:18 - 2015-04-21 19:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2015-05-13 08:18 - 2015-04-21 19:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2015-05-13 08:18 - 2015-04-21 19:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2015-05-13 08:18 - 2015-04-21 18:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2015-05-13 08:18 - 2015-04-21 18:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2015-05-13 08:18 - 2015-04-21 18:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
    2015-05-13 08:18 - 2015-04-21 18:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2015-05-13 08:18 - 2015-04-21 18:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2015-05-13 08:18 - 2015-04-21 18:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2015-05-13 08:18 - 2015-04-21 18:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2015-05-13 08:18 - 2015-04-21 18:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2015-05-13 08:18 - 2015-04-21 18:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
    2015-05-13 08:18 - 2015-04-21 18:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2015-05-13 08:18 - 2015-04-21 18:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2015-05-13 08:18 - 2015-04-21 18:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2015-05-13 08:18 - 2015-04-21 18:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2015-05-13 08:18 - 2015-04-21 18:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2015-05-13 08:18 - 2015-04-21 18:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2015-05-13 08:18 - 2015-04-21 18:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2015-05-13 08:18 - 2015-04-21 18:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2015-05-13 08:18 - 2015-04-21 18:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
    2015-05-13 08:18 - 2015-04-21 18:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2015-05-13 08:18 - 2015-04-21 18:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2015-05-13 08:18 - 2015-04-21 18:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2015-05-13 08:18 - 2015-04-21 18:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2015-05-13 08:18 - 2015-04-21 17:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2015-05-13 08:18 - 2015-04-21 17:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2015-05-13 08:18 - 2015-04-13 06:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
    2015-05-13 08:17 - 2015-04-20 06:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
    2015-05-13 08:17 - 2015-04-20 06:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
    2015-05-13 08:17 - 2015-04-20 05:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
    2015-05-13 08:17 - 2015-04-20 05:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2015-05-13 08:17 - 2015-04-08 06:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
    2015-05-13 08:17 - 2015-04-08 06:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
    2015-05-13 08:17 - 2015-04-08 06:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
    2015-05-13 08:17 - 2015-01-29 06:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
    2015-05-13 08:17 - 2015-01-29 06:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
    2015-05-13 08:16 - 2015-03-04 07:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
    2015-05-13 08:16 - 2015-03-04 07:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
    2015-05-13 08:16 - 2015-03-04 07:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
    2015-05-13 08:16 - 2015-03-04 07:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
    2015-05-13 08:16 - 2015-03-04 07:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
    2015-05-13 08:16 - 2015-03-04 07:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
    2015-05-13 08:16 - 2015-03-04 07:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
    2015-05-13 08:16 - 2015-02-18 10:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
    2015-05-13 08:16 - 2015-02-18 10:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
    2015-05-09 22:14 - 2015-05-09 22:14 - 00001135 _____ () C:\Windows\system32\05-09_09-21-02_Yle TV1 HD_Yles morgon-tv - 9.07 Den nya oppositionen Carl Haglund, SFP och Antti Lindtman, SDP. 9.20 Veckoslutsväder 9.27 Annorlunda mammor 9.39 Smör & socker 9.48 En tårtkonstnär.ts.lnk
    2015-05-05 14:42 - 2015-05-06 20:36 - 00000000 ____D () C:\Windows\System32\Tasks\Leader Technologies
    2015-05-05 14:41 - 2015-05-05 14:41 - 00000000 ____D () C:\Users\Jarppa\AppData\Roaming\Leadertech
    2015-05-04 16:02 - 2015-05-04 18:23 - 00000000 ____D () C:\Users\Jarppa\AppData\Roaming\DVDVideoSoft
    2015-05-04 15:54 - 2015-05-04 15:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The FilmMachine
    2015-05-04 15:54 - 2015-05-04 15:56 - 00000000 ____D () C:\Program Files (x86)\The FilmMachine
    2015-05-04 10:33 - 2015-06-04 10:04 - 02070454 _____ () C:\Windows\WindowsUpdate.log
    2015-04-28 16:36 - 2008-12-22 22:09 - 00001409 _____ () C:\Windows\TVEpaDrv.ini
    2015-04-28 16:36 - 2008-09-12 14:21 - 00651776 _____ (eMPIA Technology, Inc.) C:\Windows\system32\Drivers\emBDA64.sys
    2015-04-28 16:36 - 2008-03-27 17:09 - 00001613 _____ () C:\Windows\English.lng
    2015-04-28 16:36 - 2007-11-08 09:07 - 00065536 _____ (eMPIA Technology, Inc.) C:\Windows\emMON.exe
    2015-04-28 16:30 - 2015-04-28 16:30 - 00003106 _____ () C:\Windows\System32\Tasks\{664D6F67-9983-4470-80C2-6AA334899751}
    2015-04-28 16:21 - 2015-04-28 16:21 - 00003134 _____ () C:\Windows\System32\Tasks\{9C1F9D67-55EA-4078-B2E1-6F3E9FFCC882}
    2015-04-28 15:47 - 2015-04-28 16:09 - 00000000 ____D () C:\Program Files (x86)\DVBViewer
    2015-04-28 15:47 - 2015-04-28 16:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVBViewer
    2015-04-28 14:40 - 2015-06-02 22:34 - 00000000 ____D () C:\Users\Jarppa\AppData\Temp
    2015-04-28 14:40 - 2015-04-28 14:40 - 00000000 ____D () C:\Users\Jarppa\AppData\Local\ArcSoft
    2015-04-28 14:39 - 2015-04-28 14:39 - 00000000 ____D () C:\ProgramData\ArcSoft
    2015-04-28 14:37 - 2015-04-28 14:39 - 00000000 ____D () C:\Users\Jarppa\AppData\Roaming\ArcSoft
    2015-04-28 14:37 - 2006-11-14 11:31 - 00022784 _____ (Arcsoft, Inc.) C:\Windows\SysWOW64\Drivers\afc.sys
    2015-04-26 22:32 - 2015-04-26 22:32 - 00000000 ____D () C:\Program Files\PlayReady
    2015-04-26 12:30 - 2015-04-26 12:30 - 00000000 ____D () C:\Users\Jarppa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
    2015-04-25 09:39 - 2015-04-25 09:39 - 00003164 _____ () C:\Windows\System32\Tasks\{F1269FB4-4F5F-4865-AC8D-565D84C9AAED}
    2015-04-24 23:14 - 2015-04-24 23:44 - 00000000 ____D () C:\Program Files\Hahomedia
    2015-04-24 23:14 - 2013-12-03 09:31 - 00035376 _____ (Basil Projects) C:\Windows\system32\Drivers\WinDivert64.sys
    2015-04-19 10:13 - 2015-04-19 10:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow
    2015-04-19 10:13 - 2015-04-19 10:13 - 00000000 ____D () C:\Program Files (x86)\ffdshow
    2015-04-19 10:13 - 2014-09-29 12:23 - 00112640 _____ () C:\Windows\SysWOW64\ff_vfw.dll
    2015-04-19 09:57 - 2008-12-10 17:14 - 04411392 _____ (Gabest) C:\mplayerc.exe
    2015-04-15 09:20 - 2015-03-25 06:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
    2015-04-15 09:20 - 2015-03-25 06:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
    2015-04-15 09:20 - 2015-03-25 06:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
    2015-04-15 09:20 - 2015-03-25 06:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
    2015-04-15 09:20 - 2015-03-25 06:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
    2015-04-15 09:20 - 2015-03-25 06:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
    2015-04-15 09:20 - 2015-03-25 06:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
    2015-04-15 09:20 - 2015-03-25 06:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
    2015-04-15 09:20 - 2015-03-25 06:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
    2015-04-15 09:20 - 2015-03-25 06:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
    2015-04-15 09:20 - 2015-03-25 06:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
    2015-04-15 09:20 - 2015-03-25 06:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
    2015-04-15 09:20 - 2015-03-25 06:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
    2015-04-15 09:20 - 2015-03-25 06:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
    2015-04-15 09:20 - 2015-03-25 06:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
    2015-04-15 09:20 - 2015-03-25 06:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
    2015-04-15 09:19 - 2015-03-23 06:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
    2015-04-15 09:19 - 2015-03-23 06:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
    2015-04-15 09:19 - 2015-03-23 06:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
    2015-04-15 09:19 - 2015-03-23 06:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
    2015-04-15 09:19 - 2015-03-23 06:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
    2015-04-15 09:19 - 2015-03-23 06:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
    2015-04-15 09:19 - 2015-03-23 06:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
    2015-04-15 09:19 - 2015-03-23 06:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2015-04-15 09:19 - 2015-03-10 06:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
    2015-04-15 09:19 - 2015-03-10 06:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
    2015-04-15 09:19 - 2015-03-10 06:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
    2015-04-15 09:19 - 2015-03-10 06:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
    2015-04-15 09:19 - 2015-03-05 08:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
    2015-04-15 09:19 - 2015-03-05 07:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
    2015-04-15 09:18 - 2015-03-04 07:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
    2015-04-15 09:18 - 2015-03-04 07:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
    2015-04-15 09:18 - 2015-03-04 07:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
    2015-04-15 09:18 - 2015-02-25 06:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
    2015-04-04 14:20 - 2015-04-04 14:20 - 00003140 _____ () C:\Windows\System32\Tasks\{BF13D931-85E4-4162-B077-C3B63A7254EF}
    2015-04-04 08:52 - 2015-05-20 12:19 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
    2015-04-04 08:52 - 2015-05-20 12:19 - 00000000 ___SD () C:\Windows\system32\GWX
    2015-03-30 18:03 - 2015-03-30 18:03 - 00000000 ____D () C:\Upload
    2015-03-30 18:02 - 2015-03-30 18:02 - 00000000 ____D () C:\Users\Jarppa\Samsung Link
    2015-03-30 18:02 - 2015-03-30 18:02 - 00000000 ____D () C:\Users\Jarppa\AppData\Roaming\SAMSUNG
    2015-03-30 18:02 - 2015-03-30 18:02 - 00000000 ____D () C:\Users\Jarppa\.swt
    2015-03-30 18:02 - 2015-03-30 18:02 - 00000000 ____D () C:\ProgramData\SAMSUNG
    2015-03-30 18:01 - 2015-03-30 20:37 - 00000000 ____D () C:\Program Files\Samsung
    2015-03-29 20:50 - 2015-05-04 11:20 - 00000000 ____D () C:\Windows\System32\Tasks\Games
    2015-03-28 10:16 - 2015-03-28 10:16 - 00003266 _____ () C:\Windows\System32\Tasks\{98B96767-07C3-4C31-BD84-FA3DD7B583DB}
    2015-03-21 14:53 - 2015-03-21 14:54 - 00000000 ____D () C:\Users\Jarppa\AppData\Roaming\Visan
    2015-03-21 14:45 - 2015-03-21 14:45 - 00000000 ____D () C:\Windows\Hewlett-Packard
    2015-03-20 23:55 - 2015-04-19 09:08 - 00000000 ____D () C:\Program Files (x86)\Java
    2015-03-17 18:44 - 2015-06-02 23:36 - 00000000 ____D () C:\Users\Jarppa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
    2015-03-17 11:40 - 2015-06-02 23:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
    2015-03-17 11:39 - 2015-06-04 14:20 - 00001008 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2015-03-17 11:39 - 2015-06-04 09:35 - 00001004 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2015-03-17 11:39 - 2015-05-15 19:15 - 00004004 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
    2015-03-17 11:39 - 2015-05-15 19:15 - 00003752 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
    2015-03-17 11:33 - 2015-05-13 08:48 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
    2015-03-17 11:33 - 2015-05-13 08:48 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
    2015-03-17 11:33 - 2015-05-13 08:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
    2015-03-17 11:29 - 2015-04-25 10:09 - 00000000 ____D () C:\Program Files (x86)\Google
    2015-03-17 11:29 - 2015-03-17 11:40 - 00000000 ____D () C:\Users\Jarppa\AppData\Local\Google
    2015-03-11 10:26 - 2015-02-20 07:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
    2015-03-11 10:26 - 2015-02-20 07:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
    2015-03-11 10:26 - 2015-02-20 07:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
    2015-03-11 10:26 - 2015-02-20 07:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
    2015-03-11 10:26 - 2015-02-20 07:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
    2015-03-11 10:26 - 2015-02-20 07:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
    2015-03-11 10:26 - 2015-02-20 07:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
    2015-03-11 10:26 - 2015-02-20 07:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
    2015-03-11 10:26 - 2015-02-20 06:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
    2015-03-11 10:26 - 2015-02-20 06:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
    2015-03-11 10:26 - 2015-02-03 06:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
    2015-03-11 10:26 - 2015-02-03 06:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
    2015-03-11 10:26 - 2015-02-03 06:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
    2015-03-11 10:26 - 2015-02-03 06:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
    2015-03-11 10:26 - 2015-02-03 06:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
    2015-03-11 10:26 - 2015-02-03 06:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
    2015-03-11 10:26 - 2015-02-03 06:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
    2015-03-11 10:26 - 2015-02-03 06:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
    2015-03-11 10:26 - 2015-02-03 06:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
    2015-03-11 10:26 - 2015-02-03 06:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
    2015-03-11 10:26 - 2015-02-03 06:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
    2015-03-11 10:26 - 2015-02-03 06:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
    2015-03-11 10:26 - 2015-02-03 06:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
    2015-03-11 10:26 - 2015-02-03 06:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
    2015-03-11 10:26 - 2015-02-03 06:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
    2015-03-11 10:26 - 2015-02-03 06:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
    2015-03-11 10:26 - 2015-02-03 06:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
    2015-03-11 10:26 - 2015-02-03 06:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
    2015-03-11 10:26 - 2015-02-03 06:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
    2015-03-11 10:26 - 2015-02-03 06:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
    2015-03-11 10:26 - 2015-02-03 06:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
    2015-03-11 10:26 - 2015-02-03 06:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
    2015-03-11 10:26 - 2015-02-03 06:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
    2015-03-11 10:26 - 2015-02-03 06:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
    2015-03-11 10:26 - 2015-02-03 06:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
    2015-03-11 10:26 - 2015-02-03 06:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
    2015-03-11 10:26 - 2015-02-03 06:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
    2015-03-11 10:26 - 2015-02-03 06:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
    2015-03-11 10:26 - 2015-02-03 06:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
    2015-03-11 10:26 - 2015-02-03 06:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
    2015-03-11 10:26 - 2015-02-03 06:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
    2015-03-11 10:26 - 2015-02-03 06:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
    2015-03-11 10:26 - 2015-02-03 06:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
    2015-03-11 10:26 - 2015-02-03 06:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
    2015-03-11 10:26 - 2015-02-03 06:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
    2015-03-11 10:26 - 2015-02-03 06:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
    2015-03-11 10:26 - 2015-02-03 06:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
    2015-03-11 10:26 - 2015-02-03 06:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
    2015-03-11 10:26 - 2015-02-03 06:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
    2015-03-11 10:26 - 2015-02-03 06:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
    2015-03-11 10:26 - 2015-02-03 06:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
    2015-03-11 10:26 - 2015-02-03 06:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
    2015-03-11 10:26 - 2015-02-03 06:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
    2015-03-11 10:26 - 2015-02-03 06:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
    2015-03-11 10:26 - 2015-02-03 06:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
    2015-03-11 10:26 - 2015-02-03 05:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
    2015-03-11 10:26 - 2014-11-01 01:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
    2015-03-11 10:26 - 2014-06-28 03:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
    2015-03-11 10:26 - 2014-06-28 03:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
    2015-03-11 10:25 - 2015-02-03 06:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
    2015-03-11 10:25 - 2015-02-03 06:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
    2015-03-11 10:25 - 2015-02-03 06:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
    2015-03-11 10:25 - 2015-02-03 06:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
    2015-03-11 10:25 - 2015-02-03 06:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
    2015-03-11 10:25 - 2015-02-03 06:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
    2015-03-11 10:25 - 2015-02-03 06:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
    2015-03-11 10:25 - 2015-02-03 06:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
    2015-03-11 10:25 - 2015-02-03 06:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
    2015-03-11 10:25 - 2015-02-03 06:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
    2015-03-11 10:25 - 2015-02-03 06:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
    2015-03-11 10:25 - 2015-02-03 06:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
    2015-03-11 10:25 - 2015-02-03 06:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
    2015-03-11 10:25 - 2015-02-03 06:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
    2015-03-11 10:25 - 2015-02-03 06:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
    2015-03-11 10:25 - 2015-02-03 06:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
    2015-03-11 10:25 - 2015-02-03 06:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
    2015-03-11 10:25 - 2015-02-03 06:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
    2015-03-11 10:25 - 2015-02-03 06:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
    2015-03-11 10:25 - 2015-02-03 06:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
    2015-03-11 10:25 - 2015-02-03 06:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
    2015-03-11 10:25 - 2015-02-03 06:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
    2015-03-11 10:25 - 2015-02-03 06:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
    2015-03-11 10:25 - 2015-02-03 06:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
    2015-03-11 10:25 - 2015-02-03 06:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
    2015-03-11 10:25 - 2015-02-03 06:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
    2015-03-11 10:25 - 2015-02-03 06:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
    2015-03-11 10:25 - 2015-02-03 06:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
    2015-03-11 10:25 - 2015-02-03 06:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
    2015-03-11 10:25 - 2015-02-03 06:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
    2015-03-11 10:25 - 2015-02-03 06:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
    2015-03-11 10:25 - 2015-02-03 06:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
    2015-03-11 10:24 - 2015-01-31 06:48 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
    2015-03-11 10:24 - 2015-01-31 06:48 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
    2015-03-11 10:24 - 2015-01-31 02:56 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
    2015-03-11 10:23 - 2015-02-13 08:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
    2015-03-11 10:23 - 2015-02-13 08:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
    2015-03-11 10:23 - 2015-02-03 06:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
    2015-03-11 10:23 - 2015-02-03 06:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
    2015-03-11 10:23 - 2015-02-03 06:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
    2015-03-11 10:23 - 2015-02-03 06:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
    2015-03-11 10:23 - 2015-01-31 02:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
    2015-03-11 10:23 - 2015-01-17 05:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
    2015-03-11 10:23 - 2015-01-17 05:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
    2015-03-11 10:22 - 2015-02-04 06:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
    2015-03-11 10:22 - 2015-02-04 05:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll

    ==================== Three Months Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-06-04 14:45 - 2015-01-18 23:00 - 00000000 ____D () C:\FRST
    2015-06-04 14:41 - 2014-11-27 10:10 - 00000000 ____D () C:\Users\Jarppa\AppData\Roaming\Skype
    2015-06-04 12:42 - 2009-07-14 07:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2015-06-04 12:42 - 2009-07-14 07:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2015-06-04 09:34 - 2009-07-14 08:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2015-06-03 23:50 - 2015-01-02 23:33 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2015-06-02 23:36 - 2014-11-26 15:43 - 00000989 _____ () C:\Users\Jarppa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
    2015-06-02 18:46 - 2014-11-27 10:11 - 00000000 ____D () C:\Users\Jarppa\AppData\Roaming\X-Chat 2
    2015-06-02 02:33 - 2015-02-04 22:20 - 00000000 ____D () C:\Program Files\Unlocker
    2015-06-02 02:33 - 2009-10-12 14:24 - 00000000 ____D () C:\Program Files (x86)\Acer GameZone
    2015-06-02 02:33 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\registration
    2015-06-01 22:04 - 2015-01-17 17:12 - 00000000 ____D () C:\Windows\erdnt
    2015-06-01 19:00 - 2014-11-27 10:10 - 00000000 ____D () C:\Users\Jarppa\AppData\Roaming\uTorrent
    2015-06-01 17:05 - 2009-07-14 08:08 - 00032542 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
    2015-06-01 15:39 - 2015-02-11 14:57 - 00082888 _____ () C:\Users\Jarppa\AppData\Local\GDIPFONTCACHEV1.DAT
    2015-06-01 15:37 - 2014-11-26 15:40 - 00000000 ____D () C:\Users\Jarppa
    2015-06-01 15:36 - 2009-07-14 07:45 - 00343560 _____ () C:\Windows\system32\FNTCACHE.DAT
    2015-06-01 12:29 - 2009-10-12 15:08 - 00000000 ____D () C:\Windows\Panther
    2015-06-01 12:00 - 2014-11-26 15:43 - 00000000 ____D () C:\Users\Jarppa\AppData\Local\VirtualStore
    2015-06-01 11:39 - 2014-11-27 01:13 - 00469494 _____ () C:\Windows\system32\perfh00B.dat
    2015-06-01 11:39 - 2014-11-27 01:13 - 00097486 _____ () C:\Windows\system32\perfc00B.dat
    2015-06-01 11:39 - 2009-07-14 08:13 - 01353786 _____ () C:\Windows\system32\PerfStringBackup.INI
    2015-06-01 10:12 - 2009-07-14 08:37 - 00000000 ____D () C:\Windows\DigitalLocker
    2015-06-01 09:44 - 2009-07-14 06:20 - 00000000 __RSD () C:\Windows\Media
    2015-05-31 23:53 - 2014-12-01 13:09 - 00000000 ____D () C:\Users\Jarppa\AppData\Roaming\Media Player Classic
    2015-05-31 23:47 - 2009-10-12 14:32 - 00000000 ____D () C:\Windows\PCHEALTH
    2015-05-31 13:26 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\Web
    2015-05-31 12:06 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\Branding
    2015-05-31 12:03 - 2015-01-11 13:09 - 00000000 ____D () C:\Program Files\CCleaner
    2015-05-31 11:22 - 2009-07-14 05:34 - 00000648 _____ () C:\Windows\win.ini
    2015-05-31 00:00 - 2014-11-27 15:27 - 00000000 ____D () C:\Users\Jarppa\AppData\Local\Nero_AG
    2015-05-29 22:17 - 2014-11-26 15:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
    2015-05-29 15:15 - 2014-11-26 15:37 - 00000000 ____D () C:\ProgramData\NVIDIA
    2015-05-29 14:28 - 2014-11-26 16:51 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
    2015-05-28 23:28 - 2014-11-26 16:51 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
    2015-05-27 11:09 - 2014-11-27 09:55 - 00000000 ___RD () C:\Program Files (x86)\Skype
    2015-05-22 22:39 - 2014-11-27 10:24 - 00000000 ___RD () C:\Users\Jarppa\Desktop\MUSIIKKI
    2015-05-22 20:20 - 2015-01-02 23:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2015-05-22 20:20 - 2015-01-02 23:32 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
    2015-05-19 14:56 - 2015-01-31 14:11 - 00000000 ____D () C:\Xbox360
    2015-05-18 09:05 - 2015-02-17 12:35 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2015-05-17 19:39 - 2015-02-17 12:35 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2015-05-17 19:39 - 2015-02-17 12:35 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2015-05-17 19:39 - 2015-02-17 12:35 - 00003770 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
    2015-05-17 19:39 - 2015-02-12 18:28 - 00000000 ____D () C:\Users\Jarppa\AppData\Local\Adobe
    2015-05-15 10:39 - 2014-11-27 10:35 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
    2015-05-13 14:18 - 2014-11-27 10:28 - 00000000 ____D () C:\Users\Jarppa\AppData\Roaming\Mozilla
    2015-05-13 09:38 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\rescache
    2015-05-13 08:45 - 2009-07-14 10:45 - 00000000 ____D () C:\Program Files\Windows Journal
    2015-05-13 08:45 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
    2015-05-13 08:39 - 2014-11-26 16:40 - 00001912 _____ () C:\Windows\epplauncher.mif
    2015-05-13 08:39 - 2014-11-26 16:39 - 00002121 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
    2015-05-13 08:38 - 2014-11-26 16:39 - 00000000 ____D () C:\Program Files\Microsoft Security Client
    2015-05-13 08:38 - 2014-11-26 16:39 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
    2015-05-13 08:38 - 2009-10-12 14:30 - 00000000 ____D () C:\ProgramData\Microsoft Help
    2015-05-13 08:37 - 2014-11-26 16:41 - 00000000 ____D () C:\Windows\system32\MRT
    2015-05-13 08:31 - 2014-11-26 16:41 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

    ==================== Files in the root of some directories =======

    2014-11-27 11:57 - 2014-11-27 11:57 - 0000057 _____ () C:\ProgramData\Ament.ini
    2015-02-07 13:57 - 2015-02-07 13:57 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

    ==================== BCD ================================

    Windowsin k„ynnistyksen hallintaohjelma
    ---------------------------------------
    tunnus {bootmgr}
    device partition=\Device\HarddiskVolume2
    description Windows Boot Manager
    locale fi-FI
    inherit {globalsettings}
    default {current}
    resumeobject {4b054243-75b8-11e4-a637-90fba64b2d3b}
    displayorder {current}
    toolsdisplayorder {memdiag}
    timeout 30

    Windowsin lataaminen
    --------------------
    tunnus {current}
    device partition=C:
    path \Windows\system32\winload.exe
    description Windows 7
    locale fi-FI
    inherit {bootloadersettings}
    recoverysequence {4b054245-75b8-11e4-a637-90fba64b2d3b}
    recoveryenabled Yes
    osdevice partition=C:
    systemroot \Windows
    resumeobject {4b054243-75b8-11e4-a637-90fba64b2d3b}
    nx OptIn

    Windowsin lataaminen
    --------------------
    tunnus {4b054245-75b8-11e4-a637-90fba64b2d3b}
    device ramdisk=[C:]\Recovery\4b054245-75b8-11e4-a637-90fba64b2d3b\Winre.wim,{4b054246-75b8-11e4-a637-90fba64b2d3b}
    path \windows\system32\winload.exe
    description Windows Recovery Environment
    inherit {bootloadersettings}
    osdevice ramdisk=[C:]\Recovery\4b054245-75b8-11e4-a637-90fba64b2d3b\Winre.wim,{4b054246-75b8-11e4-a637-90fba64b2d3b}
    systemroot \windows
    nx OptIn
    winpe Yes

    Horrostilasta palautuminen
    --------------------------
    tunnus {4b054243-75b8-11e4-a637-90fba64b2d3b}
    device partition=C:
    path \Windows\system32\winresume.exe
    description Windows Resume Application
    locale fi-FI
    inherit {resumeloadersettings}
    filedevice partition=C:
    filepath \hiberfil.sys
    debugoptionenabled No

    Windowsin muistitestiohjelma
    ----------------------------
    tunnus {memdiag}
    device partition=\Device\HarddiskVolume2
    path \boot\memtest.exe
    description Windows Memory Diagnostic
    locale fi-FI
    inherit {globalsettings}
    badmemoryaccess Yes

    EMS-asetukset
    -------------
    tunnus {emssettings}
    bootems Yes

    Virheenkorjausasetukset
    -----------------------
    tunnus {dbgsettings}
    debugtype Serial
    debugport 1
    baudrate 115200

    RAM-viat
    --------
    tunnus {badmemory}

    Yleiset asetukset
    -----------------
    tunnus {globalsettings}
    inherit {dbgsettings}
    {emssettings}
    {badmemory}

    Latausasetukset
    ---------------
    tunnus {bootloadersettings}
    inherit {globalsettings}
    {hypervisorsettings}

    Hypervisor-asetukset
    --------------------
    tunnus {hypervisorsettings}
    hypervisordebugtype Serial
    hypervisordebugport 1
    hypervisorbaudrate 115200

    Ohjelman jatkamisen latauksen asetukset
    ---------------------------------------
    tunnus {resumeloadersettings}
    inherit {globalsettings}

    Laiteasetukset
    --------------
    tunnus {4b054246-75b8-11e4-a637-90fba64b2d3b}
    description Ramdisk Options
    ramdisksdidevice partition=C:
    ramdisksdipath \Recovery\4b054245-75b8-11e4-a637-90fba64b2d3b\boot.sdi



    LastRegBack: 2015-06-03 01:06

    ==================== End of log ============================
     
  20. djjari

    djjari Active member

    Joined:
    Dec 17, 2010
    Messages:
    1,142
    Likes Received:
    6
    Trophy Points:
    68
    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-05-2015
    Ran by Jarppa at 2015-06-04 14:46:43
    Running from C:\Users\Jarppa\Desktop
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Jarppa (S-1-5-21-1612976865-2593797464-2764036050-1000 - Administrator - Enabled) => C:\Users\Jarppa
    Järjestelmänvalvoja (S-1-5-21-1612976865-2593797464-2764036050-500 - Administrator - Disabled)
    Vieras (S-1-5-21-1612976865-2593797464-2764036050-501 - Limited - Enabled)

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: 百度杀毒 (Enabled - Up to date) {FDA918B3-27C7-3B2B-33D0-343EAE5EB318}
    AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
    AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: 百度杀毒 (Enabled - Up to date) {46C8F957-01FD-34A5-0960-0F4CD5D9F9A5}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    µTorrent (HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
    2007 Office Systemin yhteensopivuuspaketti (HKLM-x32\...\{90120000-0020-040B-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Acer Arcade Deluxe (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 3.2.6929 - CyberLink Corp.)
    Acer Arcade Deluxe (x32 Version: 3.2.6929 - CyberLink Corp.) Hidden
    Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3005 - Acer Incorporated)
    Acer GameZone Console (HKLM-x32\...\{8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1) (Version: 5.1.0.2 - Oberon Media, Inc.)
    Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.02.3006 - Acer Incorporated)
    Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0812 - Acer Incorporated)
    Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.188 - Adobe Systems Incorporated)
    Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.95 - Adobe Systems Incorporated)
    Adobe Reader XI (11.0.11) - Suomi (HKLM-x32\...\{AC76BA86-7AD7-1035-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
    Alice Greenfingers (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}) (Version: - Oberon Media)
    Amazonia (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}) (Version: - Oberon Media)
    AMD Catalyst Install Manager (HKLM\...\{C2956908-53A3-88FC-B795-B16508296FC4}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
    ASUS RT-N10E Wireless Router Utilities (HKLM-x32\...\{580CA891-08DB-4B6F-B0C1-DF1D149671D7}) (Version: 4.2.3.5 - ASUS)
    Bandicam (HKLM-x32\...\Bandicam) (Version: 2.1.2.739 - Bandisoft.com)
    Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com)
    CCleaner (HKLM\...\CCleaner) (Version: 5.06 - Piriform)
    Chicken Invaders 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}) (Version: - Oberon Media)
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    Dairy Dash (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}) (Version: - Oberon Media)
    Dracula 4 and 5 - Special Steam Edition (HKLM-x32\...\Dracula 4 and 5 - Special Steam Edition_is1) (Version: - )
    Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version: - Oberon Media)
    DVBViewer Pro (HKLM-x32\...\{C3C5F907-CF6E-4A55-93A4-6F65E978263D}_is1) (Version: 5.3.2 - Takki & Ahmad)
    ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
    eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
    eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden
    Farm Frenzy 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}) (Version: - Oberon Media)
    ffdshow v1.3.4533 [2014-09-29] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4533.0 - )
    First Class Flurry (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115208410}) (Version: - Oberon Media)
    FlashFXP 5 (HKLM-x32\...\FlashFXP 5) (Version: 5.0.0.3795 - OpenSight Software LLC)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2414.0 - Google Inc.)
    Google Earth Plug-in (HKLM-x32\...\{ADA8583A-C20B-414B-8CB7-3AA7A89F7952}) (Version: 7.1.4.1529 - Google)
    Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
    Granny In Paradise (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}) (Version: - Oberon Media)
    Heroes of Hellas (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}) (Version: - Oberon Media)
    HiVision DVB-T Hybrid BDA Drivers (HKLM-x32\...\TVEpaDrv) (Version: - )
    Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 1.00.3004 - Acer Incorporated)
    HP Photosmart 5510 series Ohje (HKLM-x32\...\{E02964EA-0E1B-4620-A26E-CBAB0341B1BB}) (Version: 140.0.2.2 - Hewlett Packard)
    HP Photosmart 5510 series -peruslaiteohjelmisto (HKLM\...\{F7803315-9424-4433-9DE8-94D8011D87D9}) (Version: 25.0.621.0 - Hewlett-Packard Co.)
    HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
    Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3002 - Acer Incorporated)
    ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
    ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
    Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
    Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
    JMicron 1394 Filter Driver (HKLM-x32\...\{13C96625-28E4-4c58-ADE0-CDAFC64752EB}) (Version: 1.00.25.03 - JMicron Technology Corp.)
    Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    LSI PCI-SV92PP Soft Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.95 - LSI Corporation)
    Malwarebytes Anti-Malware versio 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
    Marvell Miniport Driver (HKLM-x32\...\Marvell Miniport Driver) (Version: 11.45.4.3 - Marvell)
    Merriam Websters Spell Jam (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}) (Version: - Oberon Media)
    Microsoft .NET Framework 4.5.2 (suomi) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1035) (Version: 4.5.51209 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.3 Preview (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.53349 - Microsoft Corporation)
    Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
    Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0100-040B-0000-0000000FF1CE}_OMUI.fi-fi_{FA5CC73F-DD50-44F9-9530-DCB3C4C453F1}) (Version: - Microsoft)
    Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
    Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
    Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Office Language Pack 2007 - Finnish/suomi (HKLM-x32\...\OMUI.fi-fi) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Office PowerPoint Viewer 2007 (Finnish) (HKLM-x32\...\{95120000-00AF-040B-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
    Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Works (HKLM-x32\...\{7D9EF8C1-1B76-44AF-A918-86CBA6FD24C8}) (Version: 9.7.0621 - Microsoft Corporation)
    Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Mozilla Firefox 39.0 (x86 fi) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 fi)) (Version: 39.0 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0 - Mozilla)
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    Nancy Drew: Sea of Darkness (HKLM-x32\...\{241C6D36-570D-4616-B07F-E460AF6E59D2}) (Version: 8.0.0.30162 - Her Interactive, Inc.)
    Next Generation Visualisations (HKLM-x32\...\{2E376AD9-5C49-4F7D-A0BA-6A44E8FA5A3B}) (Version: 1.0.0 - Microsoft)
    NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.9 - NVIDIA Corporation)
    NVIDIA GeForce Experience 2.1.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.4 - NVIDIA Corporation)
    NVIDIA Grafiikkaohjain 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.44 - NVIDIA Corporation)
    NVIDIA HD-ääniohjain 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
    NVIDIA PhysX-järjestelmäohjelmisto 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
    NVIDIA System Monitor (HKLM-x32\...\InstallShield_{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}) (Version: 6.5 - NVIDIA Corporation)
    Ohjelman Microsoft Office Excel 2007 Help päivitys (KB963678) (HKLM-x32\...\{90120000-0016-040B-0000-0000000FF1CE}_OMUI.fi-fi_{2C35886E-A67C-494A-8E1C-C6B4E415BBDD}) (Version: - Microsoft)
    Ohjelman Microsoft Office Powerpoint 2007 Help päivitys (KB963669) (HKLM-x32\...\{90120000-0018-040B-0000-0000000FF1CE}_OMUI.fi-fi_{BD88D384-046E-4E6F-A48B-BC3757C01BA5}) (Version: - Microsoft)
    Ohjelman Microsoft Office Word 2007 Help päivitys (KB963665) (HKLM-x32\...\{90120000-001B-040B-0000-0000000FF1CE}_OMUI.fi-fi_{3D728445-D30E-4E78-BCC6-722FE68CB22B}) (Version: - Microsoft)
    OpenAL (HKLM-x32\...\OpenAL) (Version: - )
    PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
    RAIDXpert (HKLM-x32\...\InstallShield_{8A4A80C2-87B1-44FB-BC24-9168930EB150}) (Version: 3.3.1540.38 - AMD)
    RAIDXpert (x32 Version: 3.3.1540.38 - AMD) Hidden
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5898 - Realtek Semiconductor Corp.)
    SHIELD Streaming (Version: 3.1.2000 - NVIDIA Corporation) Hidden
    SHIELD Wireless Controller Driver (Version: 16.13.65 - NVIDIA Corporation) Hidden
    Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
    Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
    Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
    Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
    Valokuvavalikoima (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.00.3008 - Acer Incorporated)
    Windows Liven peruspaketti (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
    Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
    WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
    VirtualDJ PRO Full (HKLM-x32\...\{EDA76D78-8C23-4245-A4B1-4A9217AC9CF3}) (Version: 7.4.1 - Atomix Productions)
    X-Chat 2.8.6-2 (HKLM-x32\...\X-Chat 2_is1) (Version: 2.8.6-2 - SilvereX)
    百度杀毒3.0 (HKLM-x32\...\百度杀毒) (Version: 3.0.0.4605 - 百度在线网络技术(北京)有限公司)

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== Restore Points =========================

    01-06-2015 16:12:51 Removed MSXML 4.0 SP3 Parser
    01-06-2015 16:15:13 Removed Nero Video 2015.
    01-06-2015 16:21:37 Windows Update
    01-06-2015 16:24:17 Removed Nero 2015 Content Pack.
    01-06-2015 16:44:09 Removed Nero 2014.
    01-06-2015 16:55:27 Removed Nero 2014.
    01-06-2015 17:04:12 Removed MSXML 4.0 SP3 Parser (KB2758694)

    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-14 05:34 - 2015-02-26 20:24 - 00000083 ____A C:\Windows\system32\Drivers\etc\hosts
    127.0.0.1 localhost
    127.0.0.1 www.iobit.com
    127.0.0.1 www.asc55.iobit.com


    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {0F15D670-BC6C-4A3C-9770-763C6A9E6594} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-17] (Google Inc.)
    Task: {12424B64-EB2A-45D1-9770-139BAED6D0F1} - System32\Tasks\{664D6F67-9983-4470-80C2-6AA334899751} => pcalua.exe -a E:\FinnishDemoShield\Setup.exe -d E:\FinnishDemoShield
    Task: {47C48FA0-25EB-49B1-B683-B3160B7C3D0E} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
    Task: {490B98F1-2111-4A1F-BFA2-08DB4EAFF15A} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-08] (Microsoft Corporation)
    Task: {5262BE67-49C0-44BF-A2F1-1CEA6FE805AA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-17] (Adobe Systems Incorporated)
    Task: {604080EF-9307-4CFF-A807-221A091FAA71} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
    Task: {8759FB06-606C-4B35-B308-AE45F259C1B0} - System32\Tasks\{98B96767-07C3-4C31-BD84-FA3DD7B583DB} => pcalua.exe -a "C:\Program Files (x86)\Acer GameZone\Farm Frenzy 2\Uninstall.exe" -c "C:\Program Files (x86)\Acer GameZone\Farm Frenzy 2\install.log"
    Task: {9FEBF27B-AAFC-42E3-8ADF-6A2FC9D2908E} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2014-11-27] (Microsoft Corporation)
    Task: {AEAC2C2C-F482-4B98-8F52-ED8AC0A8C0A2} - System32\Tasks\{9C1F9D67-55EA-4078-B2E1-6F3E9FFCC882} => pcalua.exe -a E:\FinnishDemoShield\Driver\Setup.exe -d E:\FinnishDemoShield\Driver
    Task: {BB9E1894-4AB0-47AE-A330-995552077DE1} - System32\Tasks\{F1269FB4-4F5F-4865-AC8D-565D84C9AAED} => pcalua.exe -a C:\Users\Jarppa\Desktop\flashplayer18_install_win_pi.exe -d C:\Users\Jarppa\Desktop
    Task: {C3AD3EAC-9866-45DB-B504-6F39878B8886} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-05-08] (Piriform Ltd)
    Task: {D9D24DE5-9D5E-4513-A269-06BF628F1F71} - System32\Tasks\{BF13D931-85E4-4162-B077-C3B63A7254EF} => pcalua.exe -a C:\Users\Jarppa\Desktop\blazingcolorsviz.exe -d C:\Users\Jarppa\Desktop
    Task: {DE3AD2B6-F8D3-4A6F-99D8-42119D481B5E} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-08] (Microsoft Corporation)
    Task: {ED9BF83E-4066-49FD-856A-F2784A5FB9AA} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe
    Task: {FBCBD40E-61D8-4523-A855-B6266AC2F69C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-17] (Google Inc.)
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    ==================== Loaded Modules (Whitelisted) ==============

    2014-11-26 16:52 - 2015-02-04 05:21 - 00115400 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
    2015-06-01 11:46 - 2015-06-01 11:46 - 00124296 _____ () C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BDKVDeskBand64.dll
    2010-07-15 07:44 - 2010-07-15 07:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
    2015-05-08 21:50 - 2015-05-08 21:50 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1035.dll
    2015-06-01 11:46 - 2015-06-01 11:46 - 00403848 _____ () C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BDMCommon.dll
    2014-03-31 22:35 - 2014-03-31 22:35 - 00278208 _____ () C:\Program Files (x86)\Windows Live\Writer\fi\WindowsLive.Writer.Localization.resources.dll
    2015-04-25 09:39 - 2015-04-25 09:40 - 17083568 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_95.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)


    ==================== Safe Mode (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"

    ==================== EXE Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)

    IE restricted site: HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\008i.com -> 008i.com
    IE restricted site: HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\008k.com -> 008k.com
    IE restricted site: HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\00hq.com -> 00hq.com
    IE restricted site: HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\0190-dialers.com -> 0190-dialers.com
    IE restricted site: HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\01i.info -> 01i.info
    IE restricted site: HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
    IE restricted site: HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\05p.com -> 05p.com
    IE restricted site: HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
    IE restricted site: HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
    IE restricted site: HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
    IE restricted site: HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\0calories.net -> 0calories.net
    IE restricted site: HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\0cj.net -> 0cj.net
    IE restricted site: HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\0scan.com -> 0scan.com
    IE restricted site: HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
    IE restricted site: HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
    IE restricted site: HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\1-se.com -> 1-se.com
    IE restricted site: HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\1001movie.com -> 1001movie.com
    IE restricted site: HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\1001night.biz -> 1001night.biz
    IE restricted site: HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\100gal.net -> 100gal.net
    IE restricted site: HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\...\100sexlinks.com -> 100sexlinks.com

    There are 4788 more restricted sites.

    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-1612976865-2593797464-2764036050-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Jarppa\AppData\Roaming\Mozilla\Firefox\Työpöydän taustakuva.bmp
    DNS Servers: 109.204.194.2 - 109.204.194.3

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)


    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [{B26C53FA-71FD-412F-9D01-CB6AC22B8A74}] => (Allow) svchost.exe
    FirewallRules: [TCP Query User{4E0E41A8-0CBD-4673-957A-420F1A2C43BF}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
    FirewallRules: [UDP Query User{ADB41BDA-6DE4-42FD-AAAC-D240DA048025}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
    FirewallRules: [TCP Query User{7FC65B90-DAC0-4A23-9A96-359E3F6D56F4}C:\program files (x86)\x-chat 2\xchat.exe] => (Allow) C:\program files (x86)\x-chat 2\xchat.exe
    FirewallRules: [UDP Query User{CFD38D2F-AE9B-415B-BE42-770B989350D3}C:\program files (x86)\x-chat 2\xchat.exe] => (Allow) C:\program files (x86)\x-chat 2\xchat.exe
    FirewallRules: [{35C76088-698B-48B8-AC66-FB235A653D66}] => (Allow) C:\Users\Jarppa\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{FBEED914-DA33-4C7B-99E2-EC140C884CC1}] => (Allow) C:\Users\Jarppa\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{8B55A6B3-B09B-43DC-A944-03C4F6FB2E4F}] => (Allow) C:\Program Files\HP\HP Photosmart 5510 series\Bin\DeviceSetup.exe
    FirewallRules: [{DB11579C-29AC-44A5-BD27-5FA6B8221670}] => (Allow) C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPNetworkCommunicator.exe
    FirewallRules: [{8A6303EB-EB84-4118-8C66-DDD00F29ECC9}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
    FirewallRules: [{E0C7CC0E-A1D4-44D2-BDFA-1EF03439F003}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    FirewallRules: [{EDA3C3F1-35F5-4A5D-A924-3D2F50054AC2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    FirewallRules: [{DF476EF7-53F1-444B-B47E-065320D806DE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    FirewallRules: [{5161FBE4-FB51-458A-A5A3-AEE886D1F580}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    FirewallRules: [{94A30895-5BBC-4E7D-88D0-1D4FDB3ED385}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [{0AD2EA0E-533D-4B49-B27C-644A2BA00469}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [{96EB9145-9B29-43B8-9943-1C00CE3B2382}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    FirewallRules: [{38C2196B-66C3-454D-A02F-F81D13A6C328}] => (Allow) LPort=2869
    FirewallRules: [{9F569AD5-DD37-47DA-AD3C-AFA0ECCA14F3}] => (Allow) LPort=1900
    FirewallRules: [TCP Query User{DE2E59FE-5D0A-4FAF-A6AB-8EF6C748558B}C:\program files (x86)\virtualdj\virtualdj_pro.exe] => (Allow) C:\program files (x86)\virtualdj\virtualdj_pro.exe
    FirewallRules: [UDP Query User{B0F44EBA-7A8D-4025-BA74-FA4CF4017EFF}C:\program files (x86)\virtualdj\virtualdj_pro.exe] => (Allow) C:\program files (x86)\virtualdj\virtualdj_pro.exe
    FirewallRules: [{71B98B4D-7858-4BC1-B671-E885299F5F9E}] => (Allow) E:\RouterSetup\QISWizard.exe
    FirewallRules: [{95779A72-2F1D-4E05-B1F6-D092B62ECEC5}] => (Allow) E:\RouterSetup\QISWizard.exe
    FirewallRules: [TCP Query User{7C750146-AF51-4CC7-B2AB-B13FBD6CD49D}E:\routersetup\qiswizard.exe] => (Allow) E:\routersetup\qiswizard.exe
    FirewallRules: [UDP Query User{159231D8-6EF5-46F9-9627-847BFC539E9A}E:\routersetup\qiswizard.exe] => (Allow) E:\routersetup\qiswizard.exe
    FirewallRules: [{BDC38DFD-E5E7-4942-8B49-220104351B9D}] => (Allow) C:\Program Files (x86)\ASUS\RT-N10E Wireless Router Utilities\Discovery.exe
    FirewallRules: [{6F93FDE5-3743-4573-B475-E04BDC4F943F}] => (Allow) C:\Program Files (x86)\ASUS\RT-N10E Wireless Router Utilities\Discovery.exe
    FirewallRules: [{69E23BCE-99E6-497B-895D-E667CEF0FA56}] => (Allow) C:\Program Files (x86)\ASUS\RT-N10E Wireless Router Utilities\Rescue.exe
    FirewallRules: [{1CD8D523-5CBA-4CCC-89ED-DF67CEA40F68}] => (Allow) C:\Program Files (x86)\ASUS\RT-N10E Wireless Router Utilities\Rescue.exe
    FirewallRules: [{D9680AB5-3A33-4A70-AB8B-7511FA78E2BA}] => (Allow) C:\Program Files (x86)\ASUS\RT-N10E Wireless Router Utilities\LiveUpdate.exe
    FirewallRules: [{B4F64B14-2865-4B19-B530-C659B0DC45EE}] => (Allow) C:\Program Files (x86)\ASUS\RT-N10E Wireless Router Utilities\LiveUpdate.exe
    FirewallRules: [{6194F14A-92F7-49A1-96E2-0BB8DD892A03}] => (Allow) C:\Program Files (x86)\ASUS\RT-N10E Wireless Router Utilities\QISWizard.exe
    FirewallRules: [{F4D8E856-F4CE-4B01-85A6-DD5073444A87}] => (Allow) C:\Program Files (x86)\ASUS\RT-N10E Wireless Router Utilities\QISWizard.exe
    FirewallRules: [{49AA5B7D-0D53-4526-9C8D-18E2BB99165D}] => (Allow) LPort=8743
    FirewallRules: [{3119989A-D186-4A7F-A7F3-2EB1E5AE7850}] => (Allow) LPort=8643
    FirewallRules: [{B03AF8C7-19C0-4298-A6C3-C78F99E28A5D}] => (Allow) LPort=7676
    FirewallRules: [{F90CA059-7DCF-4FD5-9FD7-5781D18450DD}] => (Allow) LPort=7679
    FirewallRules: [{BBB88789-823C-48A0-B704-7E1A0D17FBB3}] => (Allow) LPort=24234
    FirewallRules: [{2388E8F0-DDBE-4863-A231-10B1FE833A21}] => (Allow) LPort=7900
    FirewallRules: [{EE282F1F-97A8-4306-AA60-F37C113A4080}] => (Allow) LPort=1900
    FirewallRules: [{D3AA6A16-BE95-44F6-9EA0-DEB504500FCA}] => (Allow) C:\Program Files (x86)\DVBViewer\dvbviewer.exe
    FirewallRules: [{9F7B07E5-1156-4ABC-9A5B-4F1575D29A59}] => (Allow) C:\Program Files (x86)\DVBViewer\dvbviewer.exe
    FirewallRules: [{AF3A353A-71B3-44F6-9B57-26A96538B59D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{F2A16BE9-D7AD-43D1-9407-4123D25AC555}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{660C8DA8-E592-492E-A3FB-2FF843A1EDD2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    FirewallRules: [{80D71E04-3F27-441C-B0A2-B53837868670}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdTray.exe
    FirewallRules: [{115A5209-1D1B-49BF-97A7-B0E9B6F8FA15}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdTray.exe
    FirewallRules: [{EE94DDF4-0B16-4E8D-8EFB-6957AE8BD3D2}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdTray.exe
    FirewallRules: [{32756EA8-AE4E-4F3A-95B8-DF543F1F6FAB}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdTray.exe
    FirewallRules: [{21CD26B2-52B0-4E63-972E-B414DAE86C80}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdSvc.exe
    FirewallRules: [{BAE60FE3-B599-43A1-97A9-D57D9C40A101}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdSvc.exe
    FirewallRules: [{7199E027-F761-4203-8A6E-7A79DB0BE7EB}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdSvc.exe
    FirewallRules: [{E86A4F47-CB98-484E-98DD-7D3C0772F730}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdSvc.exe
    FirewallRules: [{7D7D6ED8-18C5-48D2-BAAC-C2B7D91FFD25}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdUpdate.exe
    FirewallRules: [{98F5F786-38DC-4AF8-8814-9BC4E10E9635}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdUpdate.exe
    FirewallRules: [{BA9042FD-2644-4B3E-9DB1-D0EBD49FDEA5}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdUpdate.exe
    FirewallRules: [{228D584C-1831-4BA4-A426-6115B88BD5D0}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdUpdate.exe
    FirewallRules: [{127EB36C-6390-4F25-B27F-5B05E713619C}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdBugRpt.exe
    FirewallRules: [{2C2F264D-C271-451F-B3E1-96E106A9F719}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdBugRpt.exe
    FirewallRules: [{8AC0B284-DBBF-43FB-9C1D-0F9524F382C1}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdBugRpt.exe
    FirewallRules: [{7CFFE76F-42B9-4F4F-87DC-A7F1B0537C00}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdBugRpt.exe
    FirewallRules: [{3FC0D2E0-4A5A-4066-B15C-4A25E2B7DFA6}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdUProxy64.exe
    FirewallRules: [{56EC007E-22F6-40DF-BA17-43B3FBF13A3D}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdUProxy64.exe
    FirewallRules: [{F07004E1-045F-4CC5-81E9-4AEFED9067D9}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdUProxy64.exe
    FirewallRules: [{DD186DED-BF3E-40EF-89CD-13BB6A5CFC2D}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BaiduSdUProxy64.exe
    FirewallRules: [{8CF5C823-276B-4528-BD6C-58E7D3D8515E}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BdBro.exe
    FirewallRules: [{A3474619-A4BE-46FC-A94D-11E2AFAD25F7}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BdBro.exe
    FirewallRules: [{BFF77186-7CD9-474E-ABAB-F9DD4E37EA2F}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BdBro.exe
    FirewallRules: [{AE923EF1-6299-4866-8D2B-DEE5059CF8CE}] => (Allow) C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\BdBro.exe
    FirewallRules: [{360A737F-77A9-4F38-9FA1-BD0FC891D733}] => (Allow) C:\Program Files (x86)\Common Files\Baidu\BDDownload\108\bddownloader.exe
    FirewallRules: [{EB2F709D-1332-4250-9EAA-6CBF84558B94}] => (Allow) C:\Program Files (x86)\Common Files\Baidu\BDDownload\108\bddownloader.exe
    FirewallRules: [{382A18B9-7808-4F9B-BC23-D852B01518BC}] => (Allow) C:\Program Files (x86)\Common Files\Baidu\BDDownload\108\bddownloader.exe
    FirewallRules: [{5469FDB0-1320-4BEC-9A57-EB274B9ABA7C}] => (Allow) C:\Program Files (x86)\Common Files\Baidu\BDDownload\108\bddownloader.exe
    FirewallRules: [{530762C8-17B6-43C7-AA08-141CD462FB9C}] => (Allow) C:\Program Files (x86)\Common Files\Baidu\BDDownload\108\bddownloader.exe
    FirewallRules: [{B50B1C42-E301-469D-9D0C-DABC51D73E98}] => (Allow) C:\Users\Jarppa\AppData\Local\Temp\fbivn_71280.exe
    FirewallRules: [{66A4C166-CBAE-444B-9178-805C44A92C26}] => (Allow) C:\Users\Jarppa\AppData\Local\Temp\fbivn_71280.exe
    FirewallRules: [{810B44AC-AC93-41CB-B5C7-7C9935F03F1B}] => (Allow) C:\Users\Jarppa\AppData\Local\Temp\fbivn_71280.exe
    FirewallRules: [{D7BC2522-C772-4DDD-890F-FA0632C6D3CA}] => (Allow) C:\Users\Jarppa\AppData\Local\Temp\fbivn_71280.exe
    FirewallRules: [{3BDD233C-B9AD-4C84-99DD-245E60F61CE8}] => (Allow) C:\Users\Jarppa\AppData\Local\Temp\nsf7699.tmp\shzlf.dll
    FirewallRules: [{656E7852-3A93-4615-AEF4-C56B9BCEAAA2}] => (Allow) C:\Users\Jarppa\AppData\Local\Temp\nsf7699.tmp\shzlf.dll
    FirewallRules: [{845E5F11-4BB9-4F3A-82E1-AB696A8C572A}] => (Allow) C:\Users\Jarppa\AppData\Local\Temp\nsf7699.tmp\shzlf.dll
    FirewallRules: [{81214A4B-DC6C-4152-9E34-9D5FF7ADBEF2}] => (Allow) C:\Users\Jarppa\AppData\Local\Temp\nsf7699.tmp\shzlf.dll

    ==================== Faulty Device Manager Devices =============

    Name: Microsoft PS/2-hiiri
    Description: Microsoft PS/2-hiiri
    Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: i8042prt
    Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
    Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
    Devices stay in this state if they have been prepared for removal.
    After you remove the device, this error disappears.Remove the device, and this error should be resolved.

    Name: Microsoft 6to4 -sovitin
    Description: Microsoft 6to4 -sovitin
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: tunnel
    Problem: : This device cannot start. (Code10)
    Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
    On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

    Name: Microsoft ISATAP -sovitin
    Description: Microsoft ISATAP -sovitin
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: tunnel
    Problem: : This device cannot start. (Code10)
    Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
    On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

    Name: Teredo Tunneling Pseudo-Interface
    Description: Microsoft Teredo -tunnelointisovitin
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: tunnel
    Problem: : This device cannot start. (Code10)
    Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
    On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

    Name: PS/2-vakionäppäimistö
    Description: PS/2-vakionäppäimistö
    Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Vakionäppäimistöt)
    Service: i8042prt
    Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
    Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
    Devices stay in this state if they have been prepared for removal.
    After you remove the device, this error disappears.Remove the device, and this error should be resolved.


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (06/04/2015 00:34:40 PM) (Source: SideBySide) (EventID: 80) (User: )
    Description: Aktivointikontekstin luonti kohteelle C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest1 epäonnistui. Virhe luettelo- tai käytäntötiedoston C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest2 rivillä C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest3.
    Sovelluksen edellyttämä osaversio on ristiriidassa jo aktiivisena olevan osaversion kanssa.
    Ristiriitaiset osat:
    Osa 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest.
    Osa 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest.

    Error: (06/04/2015 00:34:36 PM) (Source: SideBySide) (EventID: 80) (User: )
    Description: Aktivointikontekstin luonti kohteelle C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest1 epäonnistui. Virhe luettelo- tai käytäntötiedoston C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest2 rivillä C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest3.
    Sovelluksen edellyttämä osaversio on ristiriidassa jo aktiivisena olevan osaversion kanssa.
    Ristiriitaiset osat:
    Osa 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest.
    Osa 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest.

    Error: (06/04/2015 00:34:35 PM) (Source: SideBySide) (EventID: 80) (User: )
    Description: Aktivointikontekstin luonti kohteelle C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest1 epäonnistui. Virhe luettelo- tai käytäntötiedoston C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest2 rivillä C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest3.
    Sovelluksen edellyttämä osaversio on ristiriidassa jo aktiivisena olevan osaversion kanssa.
    Ristiriitaiset osat:
    Osa 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest.
    Osa 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest.

    Error: (06/04/2015 01:25:28 AM) (Source: SideBySide) (EventID: 80) (User: )
    Description: Aktivointikontekstin luonti kohteelle C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest1 epäonnistui. Virhe luettelo- tai käytäntötiedoston C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest2 rivillä C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest3.
    Sovelluksen edellyttämä osaversio on ristiriidassa jo aktiivisena olevan osaversion kanssa.
    Ristiriitaiset osat:
    Osa 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest.
    Osa 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest.

    Error: (06/03/2015 11:40:12 PM) (Source: SideBySide) (EventID: 80) (User: )
    Description: Aktivointikontekstin luonti kohteelle C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest1 epäonnistui. Virhe luettelo- tai käytäntötiedoston C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest2 rivillä C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest3.
    Sovelluksen edellyttämä osaversio on ristiriidassa jo aktiivisena olevan osaversion kanssa.
    Ristiriitaiset osat:
    Osa 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest.
    Osa 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest.

    Error: (06/03/2015 11:08:26 PM) (Source: SideBySide) (EventID: 80) (User: )
    Description: Aktivointikontekstin luonti kohteelle C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest1 epäonnistui. Virhe luettelo- tai käytäntötiedoston C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest2 rivillä C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest3.
    Sovelluksen edellyttämä osaversio on ristiriidassa jo aktiivisena olevan osaversion kanssa.
    Ristiriitaiset osat:
    Osa 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest.
    Osa 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest.

    Error: (06/03/2015 11:08:22 PM) (Source: SideBySide) (EventID: 80) (User: )
    Description: Aktivointikontekstin luonti kohteelle C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest1 epäonnistui. Virhe luettelo- tai käytäntötiedoston C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest2 rivillä C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest3.
    Sovelluksen edellyttämä osaversio on ristiriidassa jo aktiivisena olevan osaversion kanssa.
    Ristiriitaiset osat:
    Osa 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest.
    Osa 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest.

    Error: (06/03/2015 11:08:21 PM) (Source: SideBySide) (EventID: 80) (User: )
    Description: Aktivointikontekstin luonti kohteelle C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest1 epäonnistui. Virhe luettelo- tai käytäntötiedoston C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest2 rivillä C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest3.
    Sovelluksen edellyttämä osaversio on ristiriidassa jo aktiivisena olevan osaversion kanssa.
    Ristiriitaiset osat:
    Osa 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest.
    Osa 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest.

    Error: (06/03/2015 11:07:58 PM) (Source: SideBySide) (EventID: 80) (User: )
    Description: Aktivointikontekstin luonti kohteelle C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest1 epäonnistui. Virhe luettelo- tai käytäntötiedoston C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest2 rivillä C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest3.
    Sovelluksen edellyttämä osaversio on ristiriidassa jo aktiivisena olevan osaversion kanssa.
    Ristiriitaiset osat:
    Osa 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest.
    Osa 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest.

    Error: (06/03/2015 09:29:45 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Viallisen sovelluksen nimi: plugin-container.exe, versio: 39.0.0.5621, aikaleima: 0x5561325d
    Viallisen moduulin nimi: mozglue.dll, versio: 39.0.0.5621, aikaleima: 0x556121d2
    Poikkeuskoodi: 0x80000003
    Virhepoikkeama: 0x0000f10d
    Viallisen prosessin tunnus: 0x19ec
    Viallisen sovelluksen käynnistysaika: 0xplugin-container.exe0
    Viallisen sovelluksen polku: plugin-container.exe1
    Viallisen moduulin polku: plugin-container.exe2
    Raportin tunnus: plugin-container.exe3


    System errors:
    =============
    Error: (06/04/2015 00:40:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: Palvelua eapihdrv ei voi käynnistää. Virhekoodi on
    %%1275

    Error: (06/04/2015 00:40:15 PM) (Source: Application Popup) (EventID: 1060) (User: )
    Description: \??\C:\Users\Jarppa\AppData\Local\Temp\ehdrv.sys ei voi latautua, koska se ei ole yhteensopiva tämän järjestelmän kanssa. Pyydä yhteensopiva ohjainversio ohjelmistotoimittajalta.

    Error: (06/04/2015 00:40:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: Palvelua eapihdrv ei voi käynnistää. Virhekoodi on
    %%1275

    Error: (06/04/2015 00:40:14 PM) (Source: Application Popup) (EventID: 1060) (User: )
    Description: \??\C:\Users\Jarppa\AppData\Local\Temp\ehdrv.sys ei voi latautua, koska se ei ole yhteensopiva tämän järjestelmän kanssa. Pyydä yhteensopiva ohjainversio ohjelmistotoimittajalta.

    Error: (06/04/2015 00:40:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: Palvelua eapihdrv ei voi käynnistää. Virhekoodi on
    %%1275

    Error: (06/04/2015 00:40:13 PM) (Source: Application Popup) (EventID: 1060) (User: )
    Description: \??\C:\Users\Jarppa\AppData\Local\Temp\ehdrv.sys ei voi latautua, koska se ei ole yhteensopiva tämän järjestelmän kanssa. Pyydä yhteensopiva ohjainversio ohjelmistotoimittajalta.

    Error: (06/04/2015 00:39:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: Palvelua eapihdrv ei voi käynnistää. Virhekoodi on
    %%1275

    Error: (06/04/2015 00:39:57 PM) (Source: Application Popup) (EventID: 1060) (User: )
    Description: \??\C:\Users\Jarppa\AppData\Local\Temp\ehdrv.sys ei voi latautua, koska se ei ole yhteensopiva tämän järjestelmän kanssa. Pyydä yhteensopiva ohjainversio ohjelmistotoimittajalta.

    Error: (06/04/2015 00:39:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: Palvelua eapihdrv ei voi käynnistää. Virhekoodi on
    %%1275

    Error: (06/04/2015 00:39:56 PM) (Source: Application Popup) (EventID: 1060) (User: )
    Description: \??\C:\Users\Jarppa\AppData\Local\Temp\ehdrv.sys ei voi latautua, koska se ei ole yhteensopiva tämän järjestelmän kanssa. Pyydä yhteensopiva ohjainversio ohjelmistotoimittajalta.


    Microsoft Office:
    =========================

    CodeIntegrity Errors:
    ===================================
    Date: 2015-02-19 22:00:39.076
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\RltkAPO64.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-02-19 22:00:38.935
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\RltkAPO64.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-02-19 22:00:33.885
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\RltkAPO64.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-02-19 22:00:33.760
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\RltkAPO64.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-02-19 21:59:44.040
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\RltkAPO64.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-02-19 21:59:43.916
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\RltkAPO64.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-02-19 21:58:23.379
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\RltkAPO64.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-02-19 21:58:23.254
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\RltkAPO64.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-02-19 21:58:07.022
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\RltkAPO64.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-02-19 21:58:06.887
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\RltkAPO64.dll because the set of per-page image hashes could not be found on the system.


    ==================== Memory info ===========================

    Processor: AMD Athlon(tm) II X2 240 Processor
    Percentage of memory in use: 54%
    Total physical RAM: 4079.88 MB
    Available physical RAM: 1848.73 MB
    Total Pagefile: 8457.96 MB
    Available Pagefile: 5264.52 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.8 MB

    ==================== Drives ================================

    Drive c: (Acer) (Fixed) (Total:458.95 GB) (Free:278.72 GB) NTFS
    Drive d: (Asema) (Fixed) (Total:459.27 GB) (Free:340.51 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (Size: 931.3 GB) (Disk ID: 92775668)
    Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
    Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=459 GB) - (Type=07 NTFS)
    Partition 4: (Not Active) - (Size=459.3 GB) - (Type=OF Extended)

    ==================== End of log ============================
     

Share This Page