Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

AdwCleaner found something, not quite sure what.


  • This topic is locked This topic is locked
11 replies to this topic

#1 JaskaTheK9

JaskaTheK9

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Local time:11:51 AM

Posted 19 April 2016 - 05:33 PM

Hello!

 

I was doing my monthly check up with HitmanPro (Found some cookies) and AdwCleaner. AdwCleaner came up with something, i'm not quite sure what it was. I deleted it, but I would want to know what it was, was it malicious and so on.

 

Thanks in advance. Bellow, I have posted FRST Log + additions log, and AdwCleaners log.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:18-04-2016
Ran by jaakk (administrator) on JAAKKO (20-04-2016 01:30:11)
Running from C:\Users\jaakk\Desktop
Loaded Profiles: jaakk (Available Profiles: jaakk)
Platform: Windows 10 Home Version 1511 (X64) Language: suomi (Suomi)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Spotify Ltd) C:\Users\jaakk\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\jaakk\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Spotify Ltd) C:\Users\jaakk\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\jaakk\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\jaakk\AppData\Roaming\Spotify\Spotify.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Spotify Ltd) C:\Users\jaakk\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Corsair Components, Inc.) C:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairHID.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(GOG.com) C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(GOG.com) C:\Program Files (x86)\GalaxyClient\GalaxyClient Helper.exe
(GOG.com) C:\Program Files (x86)\GalaxyClient\GalaxyClient Helper.exe
(GOG.com) C:\Program Files (x86)\GalaxyClient\GalaxyClient Helper.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15053944 2016-01-06] (Logitech Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2396096 2016-03-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [807392 2016-03-09] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-03-30] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Corsair Utility Engine] => C:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairHID.exe [14885552 2016-03-23] (Corsair Components, Inc.)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2622432 2016-01-29] (Malwarebytes Corporation)
HKU\S-1-5-21-2270606022-1161141034-668459170-1001\...\Run: [Spotify] => C:\Users\jaakk\AppData\Roaming\Spotify\Spotify.exe [6855280 2016-04-17] (Spotify Ltd)
HKU\S-1-5-21-2270606022-1161141034-668459170-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3639280 2016-03-29] (Electronic Arts)
HKU\S-1-5-21-2270606022-1161141034-668459170-1001\...\Run: [GalaxyClient] => C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe [3931192 2016-03-26] (GOG.com)
HKU\S-1-5-21-2270606022-1161141034-668459170-1001\...\Run: [SteelSeries Engine] => C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe [87040 2014-10-09] (SteelSeries ApS)
HKU\S-1-5-21-2270606022-1161141034-668459170-1001\...\Run: [Spotify Web Helper] => C:\Users\jaakk\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1525360 2016-04-17] (Spotify Ltd)
HKU\S-1-5-21-2270606022-1161141034-668459170-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-03-31] (Valve Corporation)
HKU\S-1-5-21-2270606022-1161141034-668459170-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50670720 2016-03-01] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-04-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-04-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-04-19] (Microsoft Corporation)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0c4ec650-bb9c-4d1e-b59f-0fb3d2c358df}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2016-03-14] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-04-19] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll [2016-03-14] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL [2016-04-19] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-01-23] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL [2016-01-23] (Microsoft Corporation)
 
FireFox:
========
FF ProfilePath: C:\Users\jaakk\AppData\Roaming\Mozilla\Firefox\Profiles\2olqdun8.default
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2016-01-23] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-01-23] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL [2016-01-23] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-02-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-02-23] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Extension: NoScript - C:\Users\jaakk\AppData\Roaming\Mozilla\Firefox\Profiles\2olqdun8.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-04-11]
FF Extension: uBlock Origin - C:\Users\jaakk\AppData\Roaming\Mozilla\Firefox\Profiles\2olqdun8.default\Extensions\uBlock0@raymondhill.net.xpi [2016-04-06]
FF Extension: Adblock Plus - C:\Users\jaakk\AppData\Roaming\Mozilla\Firefox\Profiles\2olqdun8.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-24]
 
Chrome: 
=======
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\jaakk\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.866\_platform_specific\win_x86\widevinecdmadapter.dll (Google Inc.)
CHR Plugin: (Shockwave Flash) - C:\Users\jaakk\AppData\Local\Google\Chrome\User Data\PepperFlash\21.0.0.216\pepflashplayer.dll ()
CHR Profile: C:\Users\jaakk\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google-presentaatiot) - C:\Users\jaakk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-02-20]
CHR Extension: (ThemeBeta.com) - C:\Users\jaakk\AppData\Local\Google\Chrome\User Data\Default\Extensions\afkleffjjjgeaddfgndakajjdldgbkoe [2016-02-22]
CHR Extension: (Google-dokumentit) - C:\Users\jaakk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-02-20]
CHR Extension: (Google Drive) - C:\Users\jaakk\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-20]
CHR Extension: (Dark Skin for Youtube™) - C:\Users\jaakk\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfeknfgchonpnofdjokchhdhdnddhglm [2016-04-08]
CHR Extension: (YouTube) - C:\Users\jaakk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-20]
CHR Extension: (Adblock Plus) - C:\Users\jaakk\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-03-09]
CHR Extension: (Google-haku) - C:\Users\jaakk\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-20]
CHR Extension: (Google-taulukot) - C:\Users\jaakk\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-02-20]
CHR Extension: (Google Docsin offline-tila) - C:\Users\jaakk\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Bookmark Manager) - C:\Users\jaakk\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2016-02-20]
CHR Extension: (Moderator toolbox for reddit) - C:\Users\jaakk\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhjpjhhkcbkmgdkahnckfboefnkgghpo [2016-02-20]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\jaakk\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2016-03-18]
CHR Extension: (Automattinen HD YouTubelle™) - C:\Users\jaakk\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak [2016-02-20]
CHR Extension: (Chrome Web Storen maksut) - C:\Users\jaakk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Gmail) - C:\Users\jaakk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-20]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [955736 2016-03-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [466504 2016-03-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [466504 2016-03-09] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1424880 2016-03-09] (Avira Operations GmbH & Co. KG)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [272304 2016-03-30] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2829552 2016-03-08] (Microsoft Corporation)
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [227896 2016-03-26] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6133816 2016-04-13] (GOG.com)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-03-30] (NVIDIA Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193144 2016-01-06] (Logitech Inc.)
R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [740832 2016-01-29] (Malwarebytes Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-03-30] (NVIDIA Corporation)
S3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-03-30] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-03-30] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2119688 2016-03-29] (Electronic Arts)
S3 PAExec; C:\Windows\PAExec.exe [189112 2016-02-11] (Power Admin LLC)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2016-01-22] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128664 2016-03-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [137952 2016-03-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-03] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [68936 2016-03-09] (Avira Operations GmbH & Co. KG)
R3 CorsairVBusDriver; C:\Windows\System32\drivers\CorsairVBusDriver.sys [47840 2015-11-23] (Corsair)
R3 CorsairVHidDriver; C:\Windows\System32\drivers\CorsairVHidDriver.sys [21728 2015-11-23] (Corsair)
R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [66080 2016-01-29] ()
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-22] (Logitech)
R3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-04-20] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [202032 2016-01-19] (Intel Corporation)
R2 NPF; C:\Windows\system32\drivers\npf.sys [35344 2016-02-16] (CACE Technologies, Inc.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-03-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-03-21] (NVIDIA Corporation)
S3 rspLLL; C:\Windows\System32\DRIVERS\rspLLL64.sys [26368 2015-07-13] (Resplendence Software Projects Sp.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [888064 2015-10-15] (Realtek                                            )
S3 SAlphamHid; C:\Windows\System32\drivers\SAlpham64.sys [39168 2014-10-08] (SteelSeries Corporation)
R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc.)
S3 ssdevfactory; C:\Windows\System32\drivers\ssdevfactory.sys [40568 2015-10-03] (SteelSeries ApS)
S3 sshid; C:\Windows\System32\drivers\sshid.sys [51392 2016-01-16] (SteelSeries ApS)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [24688 2016-03-06] ()
S3 USBTINSP; C:\Windows\System32\drivers\tinspusb.sys [142848 2010-03-29] (Texas Instruments)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R3 WUDFWpdComp; C:\Windows\system32\DRIVERS\WUDFRd.sys [216064 2015-10-30] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-04-20 01:30 - 2016-04-20 01:30 - 00021016 _____ C:\Users\jaakk\Desktop\FRST.txt
2016-04-20 01:30 - 2016-04-20 01:30 - 00000000 ____D C:\FRST
2016-04-20 01:29 - 2016-04-20 01:29 - 02375680 _____ (Farbar) C:\Users\jaakk\Desktop\FRST64.exe
2016-04-20 01:24 - 2016-04-20 01:24 - 00001474 _____ C:\Users\jaakk\Desktop\AdwCleaner[C1].txt
2016-04-20 01:22 - 2016-04-20 01:26 - 00000000 ____D C:\AdwCleaner
2016-04-20 01:09 - 2016-04-20 01:09 - 00000000 ____D C:\Program Files\HitmanPro
2016-04-20 01:08 - 2016-04-20 01:22 - 03683904 _____ C:\Users\jaakk\Desktop\AdwCleaner.exe
2016-04-20 01:08 - 2016-04-20 01:09 - 11441744 _____ (SurfRight B.V.) C:\Users\jaakk\Desktop\HitmanPro_x64.exe
2016-04-20 01:08 - 2016-04-20 01:09 - 01610352 _____ (Malwarebytes) C:\Users\jaakk\Desktop\JRT.exe
2016-04-17 04:58 - 2016-04-17 04:58 - 00000000 ___HD C:\OneDriveTemp
2016-04-17 00:13 - 2016-04-17 00:13 - 00000000 ____D C:\Users\jaakk\Documents\Dark Souls 3 Back up
2016-04-13 18:29 - 2016-04-13 18:31 - 00000000 ____D C:\Users\jaakk\AppData\Roaming\DarkSoulsIII
2016-04-12 23:17 - 2016-04-17 03:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-04-12 23:16 - 2016-04-02 06:14 - 03994624 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2016-04-12 23:16 - 2016-03-29 13:20 - 07474016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-04-12 23:16 - 2016-03-29 13:20 - 02656952 _____ C:\Windows\system32\CoreUIComponents.dll
2016-04-12 23:16 - 2016-03-29 13:18 - 02152280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2016-04-12 23:16 - 2016-03-29 12:37 - 01862008 _____ C:\Windows\SysWOW64\CoreUIComponents.dll
2016-04-12 23:16 - 2016-03-29 12:11 - 00605440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-04-12 23:16 - 2016-03-29 11:41 - 00630632 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2016-04-12 23:16 - 2016-03-29 11:06 - 00045568 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-04-12 23:16 - 2016-03-29 11:02 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-04-12 23:16 - 2016-03-29 11:01 - 00541304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2016-04-12 23:16 - 2016-03-29 10:58 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\wininetlui.dll
2016-04-12 23:16 - 2016-03-29 10:58 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-04-12 23:16 - 2016-03-29 10:46 - 00365568 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-04-12 23:16 - 2016-03-29 10:36 - 00209408 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2016-04-12 23:16 - 2016-03-29 10:20 - 00948736 _____ (Microsoft Corporation) C:\Windows\system32\XblAuthManager.dll
2016-04-12 23:16 - 2016-03-29 10:19 - 00037376 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-04-12 23:16 - 2016-03-29 10:15 - 01714688 _____ (Microsoft Corporation) C:\Windows\system32\SRHInproc.dll
2016-04-12 23:16 - 2016-03-29 10:15 - 00970752 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-04-12 23:16 - 2016-03-29 10:14 - 00965632 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2016-04-12 23:16 - 2016-03-29 10:12 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininetlui.dll
2016-04-12 23:16 - 2016-03-29 10:12 - 00045568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-04-12 23:16 - 2016-03-29 10:07 - 01213440 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2016-04-12 23:16 - 2016-03-29 10:02 - 02624512 _____ (Microsoft Corporation) C:\Windows\system32\InputService.dll
2016-04-12 23:16 - 2016-03-29 10:02 - 00303104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-04-12 23:16 - 2016-03-29 10:00 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\TextInputFramework.dll
2016-04-12 23:16 - 2016-03-29 09:42 - 03592704 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2016-04-12 23:16 - 2016-03-29 09:37 - 01444352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRHInproc.dll
2016-04-12 23:16 - 2016-03-29 09:37 - 00799744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2016-04-12 23:16 - 2016-03-29 09:37 - 00792064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-04-12 23:16 - 2016-03-29 09:32 - 01731584 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-04-12 23:16 - 2016-03-29 09:31 - 02275328 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-04-12 23:16 - 2016-03-29 09:28 - 01944576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputService.dll
2016-04-12 23:16 - 2016-03-29 09:27 - 00245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TextInputFramework.dll
2016-04-12 23:16 - 2016-03-29 09:26 - 02755584 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-04-12 23:16 - 2016-03-29 09:19 - 02635776 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2016-04-12 23:16 - 2016-03-29 09:05 - 01500672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-04-12 23:16 - 2016-03-29 09:05 - 01388032 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-04-12 23:16 - 2016-03-29 09:02 - 02229760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-04-12 23:16 - 2016-03-29 09:01 - 13018624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2016-04-12 23:16 - 2016-03-29 08:58 - 01799680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll
2016-04-12 23:16 - 2016-03-29 08:56 - 16985600 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2016-04-12 23:16 - 2016-03-29 08:52 - 11545600 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-04-12 23:16 - 2016-03-29 08:51 - 22378496 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2016-04-12 23:16 - 2016-03-29 08:51 - 09918976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-04-12 23:16 - 2016-03-29 08:49 - 05202944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
2016-04-12 23:16 - 2016-03-29 08:43 - 03428864 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2016-04-12 23:16 - 2016-03-29 08:41 - 24602112 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-04-12 23:16 - 2016-03-29 08:41 - 12125184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-04-12 23:16 - 2016-03-29 08:39 - 13382656 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-04-12 23:16 - 2016-03-29 08:38 - 18673664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2016-04-12 23:16 - 2016-03-29 08:38 - 02798080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2016-04-12 23:16 - 2016-03-29 08:37 - 19340800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-04-12 23:16 - 2016-03-29 08:27 - 07836160 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2016-04-12 23:16 - 2016-03-29 08:27 - 05662208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2016-04-12 23:15 - 2016-04-02 07:13 - 00369912 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2016-04-12 23:15 - 2016-04-02 07:10 - 00770640 _____ (Microsoft Corporation) C:\Windows\system32\iuilp.dll
2016-04-12 23:15 - 2016-04-02 07:10 - 00730344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Shell.Broker.dll
2016-04-12 23:15 - 2016-04-02 07:10 - 00374008 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2016-04-12 23:15 - 2016-04-02 06:30 - 00151040 _____ (Microsoft Corporation) C:\Windows\system32\VEStoreEventHandlers.dll
2016-04-12 23:15 - 2016-04-02 06:29 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\VEDataLayerHelpers.dll
2016-04-12 23:15 - 2016-04-02 06:29 - 00083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VEDataLayerHelpers.dll
2016-04-12 23:15 - 2016-04-02 06:26 - 00630272 _____ (Microsoft Corporation) C:\Windows\system32\PhoneProviders.dll
2016-04-12 23:15 - 2016-04-02 06:25 - 00278528 _____ (Microsoft Corporation) C:\Windows\system32\NotificationObjFactory.dll
2016-04-12 23:15 - 2016-04-02 06:25 - 00239104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NotificationObjFactory.dll
2016-04-12 23:15 - 2016-04-02 06:23 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\VEEventDispatcher.dll
2016-04-12 23:15 - 2016-04-02 06:23 - 00219648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VEEventDispatcher.dll
2016-04-12 23:15 - 2016-04-02 06:21 - 00498688 _____ (Microsoft Corporation) C:\Windows\system32\tileobjserver.dll
2016-04-12 23:15 - 2016-04-02 06:19 - 01054208 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2016-04-12 23:15 - 2016-04-02 06:18 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\SharedStartModel.dll
2016-04-12 23:15 - 2016-04-02 06:15 - 01090048 _____ (Microsoft Corporation) C:\Windows\system32\RDXService.dll
2016-04-12 23:15 - 2016-04-02 06:09 - 01832448 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2016-04-12 23:15 - 2016-04-02 06:08 - 02193408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2016-04-12 23:15 - 2016-04-02 06:07 - 03575296 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-04-12 23:15 - 2016-04-02 06:07 - 02158592 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2016-04-12 23:15 - 2016-04-02 06:03 - 04774912 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2016-04-12 23:15 - 2016-04-02 06:00 - 01390080 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Shell.dll
2016-04-12 23:15 - 2016-03-29 13:23 - 00277856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2016-04-12 23:15 - 2016-03-29 13:22 - 01030416 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-04-12 23:15 - 2016-03-29 13:22 - 00874968 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-04-12 23:15 - 2016-03-29 13:20 - 01317640 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-04-12 23:15 - 2016-03-29 13:20 - 01141504 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-04-12 23:15 - 2016-03-29 13:15 - 00100232 _____ (Microsoft Corporation) C:\Windows\system32\omadmapi.dll
2016-04-12 23:15 - 2016-03-29 13:11 - 00686976 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2016-04-12 23:15 - 2016-03-29 13:05 - 01152864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2016-04-12 23:15 - 2016-03-29 13:02 - 00989536 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2016-04-12 23:15 - 2016-03-29 13:02 - 00334736 _____ (Microsoft Corporation) C:\Windows\system32\policymanager.dll
2016-04-12 23:15 - 2016-03-29 12:56 - 01297752 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManager.dll
2016-04-12 23:15 - 2016-03-29 12:28 - 00696664 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupEngine.dll
2016-04-12 23:15 - 2016-03-29 12:28 - 00535080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2016-04-12 23:15 - 2016-03-29 12:28 - 00115040 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupApi.dll
2016-04-12 23:15 - 2016-03-29 12:25 - 00258912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ufx01000.sys
2016-04-12 23:15 - 2016-03-29 12:25 - 00058400 _____ (Microsoft Corporation) C:\Windows\system32\SensorsNativeApi.dll
2016-04-12 23:15 - 2016-03-29 12:19 - 00296488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\policymanager.dll
2016-04-12 23:15 - 2016-03-29 12:18 - 00185184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2016-04-12 23:15 - 2016-03-29 12:17 - 00300104 _____ (Microsoft Corporation) C:\Windows\system32\LockAppHost.exe
2016-04-12 23:15 - 2016-03-29 12:13 - 00986976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicenseManager.dll
2016-04-12 23:15 - 2016-03-29 12:11 - 00074424 _____ (Microsoft Corporation) C:\Windows\system32\easinvoker.exe
2016-04-12 23:15 - 2016-03-29 12:10 - 00110584 _____ (Microsoft Corporation) C:\Windows\system32\srvcli.dll
2016-04-12 23:15 - 2016-03-29 12:09 - 00078040 _____ (Microsoft Corporation) C:\Windows\system32\wkscli.dll
2016-04-12 23:15 - 2016-03-29 12:08 - 00358752 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-04-12 23:15 - 2016-03-29 12:08 - 00261376 _____ (Microsoft Corporation) C:\Windows\system32\LsaIso.exe
2016-04-12 23:15 - 2016-03-29 12:07 - 00081144 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2016-04-12 23:15 - 2016-03-29 11:44 - 00502104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupEngine.dll
2016-04-12 23:15 - 2016-03-29 11:44 - 00084832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupApi.dll
2016-04-12 23:15 - 2016-03-29 11:41 - 00051128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SensorsNativeApi.dll
2016-04-12 23:15 - 2016-03-29 11:32 - 00253088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LockAppHost.exe
2016-04-12 23:15 - 2016-03-29 11:26 - 02403680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2016-04-12 23:15 - 2016-03-29 11:26 - 01089888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2016-04-12 23:15 - 2016-03-29 11:26 - 00073872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srvcli.dll
2016-04-12 23:15 - 2016-03-29 11:25 - 00056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wkscli.dll
2016-04-12 23:15 - 2016-03-29 11:24 - 00294752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-04-12 23:15 - 2016-03-29 11:23 - 00069744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2016-04-12 23:15 - 2016-03-29 11:21 - 00378208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2016-04-12 23:15 - 2016-03-29 11:17 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\MapsCSP.dll
2016-04-12 23:15 - 2016-03-29 11:16 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\xinputhid.sys
2016-04-12 23:15 - 2016-03-29 11:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\SensorsNativeApi.V2.dll
2016-04-12 23:15 - 2016-03-29 11:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\policymanagerprecheck.dll
2016-04-12 23:15 - 2016-03-29 11:07 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-04-12 23:15 - 2016-03-29 11:07 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\dmenterprisediagnostics.dll
2016-04-12 23:15 - 2016-03-29 11:07 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\wsdchngr.dll
2016-04-12 23:15 - 2016-03-29 11:06 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\oleacchooks.dll
2016-04-12 23:15 - 2016-03-29 11:00 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\NetCfgNotifyObjectHost.exe
2016-04-12 23:15 - 2016-03-29 11:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\fveskybackup.dll
2016-04-12 23:15 - 2016-03-29 11:00 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\mapsupdatetask.dll
2016-04-12 23:15 - 2016-03-29 10:59 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManagerShellext.exe
2016-04-12 23:15 - 2016-03-29 10:57 - 00199168 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgent.exe
2016-04-12 23:15 - 2016-03-29 10:57 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2016-04-12 23:15 - 2016-03-29 10:57 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\MosStorage.dll
2016-04-12 23:15 - 2016-03-29 10:57 - 00058368 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2016-04-12 23:15 - 2016-03-29 10:55 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\MapsBtSvc.dll
2016-04-12 23:15 - 2016-03-29 10:55 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serial.sys
2016-04-12 23:15 - 2016-03-29 10:55 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\tbauth.dll
2016-04-12 23:15 - 2016-03-29 10:54 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-04-12 23:15 - 2016-03-29 10:53 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\FontProvider.dll
2016-04-12 23:15 - 2016-03-29 10:52 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\TokenBrokerCookies.exe
2016-04-12 23:15 - 2016-03-29 10:51 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\dafBth.dll
2016-04-12 23:15 - 2016-03-29 10:51 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\tzautoupdate.dll
2016-04-12 23:15 - 2016-03-29 10:50 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfgLib.dll
2016-04-12 23:15 - 2016-03-29 10:50 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\AppxSysprep.dll
2016-04-12 23:15 - 2016-03-29 10:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\moshost.dll
2016-04-12 23:15 - 2016-03-29 10:50 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\OnDemandConnRouteHelper.dll
2016-04-12 23:15 - 2016-03-29 10:50 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\wuautoappupdate.dll
2016-04-12 23:15 - 2016-03-29 10:49 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2016-04-12 23:15 - 2016-03-29 10:48 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Devices.dll
2016-04-12 23:15 - 2016-03-29 10:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\AppCapture.dll
2016-04-12 23:15 - 2016-03-29 10:46 - 00134656 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2016-04-12 23:15 - 2016-03-29 10:44 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\DAFWSD.dll
2016-04-12 23:15 - 2016-03-29 10:42 - 00269824 _____ (Microsoft Corporation) C:\Windows\system32\moshostcore.dll
2016-04-12 23:15 - 2016-03-29 10:39 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\StoreAgent.dll
2016-04-12 23:15 - 2016-03-29 10:38 - 00207360 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupSvc.dll
2016-04-12 23:15 - 2016-03-29 10:37 - 00617984 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll
2016-04-12 23:15 - 2016-03-29 10:36 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2016-04-12 23:15 - 2016-03-29 10:35 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2016-04-12 23:15 - 2016-03-29 10:35 - 00239616 _____ (Microsoft Corporation) C:\Windows\system32\credprovhost.dll
2016-04-12 23:15 - 2016-03-29 10:34 - 00686592 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2016-04-12 23:15 - 2016-03-29 10:34 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2016-04-12 23:15 - 2016-03-29 10:34 - 00333824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2016-04-12 23:15 - 2016-03-29 10:34 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2016-04-12 23:15 - 2016-03-29 10:33 - 00174592 _____ (Microsoft Corporation) C:\Windows\system32\easwrt.dll
2016-04-12 23:15 - 2016-03-29 10:32 - 00764928 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2016-04-12 23:15 - 2016-03-29 10:32 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvr.exe
2016-04-12 23:15 - 2016-03-29 10:30 - 00328192 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2016-04-12 23:15 - 2016-03-29 10:30 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-04-12 23:15 - 2016-03-29 10:28 - 00460288 _____ (Microsoft Corporation) C:\Windows\system32\MapConfiguration.dll
2016-04-12 23:15 - 2016-03-29 10:27 - 00339968 _____ (Microsoft Corporation) C:\Windows\system32\SensorService.dll
2016-04-12 23:15 - 2016-03-29 10:26 - 00169472 _____ (Microsoft Corporation) C:\Windows\system32\mdmmigrator.dll
2016-04-12 23:15 - 2016-03-29 10:23 - 00694784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdiWiFi.sys
2016-04-12 23:15 - 2016-03-29 10:23 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\MessagingDataModel2.dll
2016-04-12 23:15 - 2016-03-29 10:23 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\RDXTaskFactory.dll
2016-04-12 23:15 - 2016-03-29 10:22 - 00438784 _____ (Microsoft Corporation) C:\Windows\system32\AccountsRt.dll
2016-04-12 23:15 - 2016-03-29 10:21 - 00330240 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-12 23:15 - 2016-03-29 10:20 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\AboveLockAppHost.dll
2016-04-12 23:15 - 2016-03-29 10:20 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SensorsNativeApi.V2.dll
2016-04-12 23:15 - 2016-03-29 10:20 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsdchngr.dll
2016-04-12 23:15 - 2016-03-29 10:19 - 00556032 _____ (Microsoft Corporation) C:\Windows\system32\PsmServiceExtHost.dll
2016-04-12 23:15 - 2016-03-29 10:19 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacchooks.dll
2016-04-12 23:15 - 2016-03-29 10:18 - 00676352 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2016-04-12 23:15 - 2016-03-29 10:17 - 01056256 _____ (Microsoft Corporation) C:\Windows\system32\JpMapControl.dll
2016-04-12 23:15 - 2016-03-29 10:17 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2016-04-12 23:15 - 2016-03-29 10:17 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\CredProvDataModel.dll
2016-04-12 23:15 - 2016-03-29 10:16 - 00852480 _____ (Microsoft Corporation) C:\Windows\system32\MapsStore.dll
2016-04-12 23:15 - 2016-03-29 10:16 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-04-12 23:15 - 2016-03-29 10:14 - 00859136 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2016-04-12 23:15 - 2016-03-29 10:13 - 00587776 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2016-04-12 23:15 - 2016-03-29 10:12 - 00471552 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupShim.dll
2016-04-12 23:15 - 2016-03-29 10:11 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\NMAA.dll
2016-04-12 23:15 - 2016-03-29 10:11 - 00881664 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll
2016-04-12 23:15 - 2016-03-29 10:11 - 00161280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgent.exe
2016-04-12 23:15 - 2016-03-29 10:11 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2016-04-12 23:15 - 2016-03-29 10:11 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MosStorage.dll
2016-04-12 23:15 - 2016-03-29 10:11 - 00043520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2016-04-12 23:15 - 2016-03-29 10:10 - 01388544 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2016-04-12 23:15 - 2016-03-29 10:10 - 00938496 _____ (Microsoft Corporation) C:\Windows\system32\MapControlCore.dll
2016-04-12 23:15 - 2016-03-29 10:09 - 01239552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Bluetooth.dll
2016-04-12 23:15 - 2016-03-29 10:09 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapsBtSvc.dll
2016-04-12 23:15 - 2016-03-29 10:09 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbauth.dll
2016-04-12 23:15 - 2016-03-29 10:08 - 00888320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.dll
2016-04-12 23:15 - 2016-03-29 10:08 - 00841216 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-04-12 23:15 - 2016-03-29 10:08 - 00118272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-04-12 23:15 - 2016-03-29 10:07 - 01902592 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-04-12 23:15 - 2016-03-29 10:06 - 01575936 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Speech.dll
2016-04-12 23:15 - 2016-03-29 10:06 - 00848896 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-04-12 23:15 - 2016-03-29 10:06 - 00022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBrokerCookies.exe
2016-04-12 23:15 - 2016-03-29 10:05 - 01395712 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2016-04-12 23:15 - 2016-03-29 10:05 - 00052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OnDemandConnRouteHelper.dll
2016-04-12 23:15 - 2016-03-29 10:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Devices.dll
2016-04-12 23:15 - 2016-03-29 10:03 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-04-12 23:15 - 2016-03-29 10:02 - 01211904 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Cred.dll
2016-04-12 23:15 - 2016-03-29 10:00 - 00235008 _____ C:\Windows\system32\MTF.dll
2016-04-12 23:15 - 2016-03-29 10:00 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-04-12 23:15 - 2016-03-29 10:00 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Core.TextInput.dll
2016-04-12 23:15 - 2016-03-29 09:59 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2016-04-12 23:15 - 2016-03-29 09:59 - 00119808 _____ (Microsoft Corporation) C:\Windows\system32\BitLockerDeviceEncryption.exe
2016-04-12 23:15 - 2016-03-29 09:59 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\InputLocaleManager.dll
2016-04-12 23:15 - 2016-03-29 09:56 - 00821760 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2016-04-12 23:15 - 2016-03-29 09:56 - 00415232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StoreAgent.dll
2016-04-12 23:15 - 2016-03-29 09:55 - 01052160 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.dll
2016-04-12 23:15 - 2016-03-29 09:53 - 00323072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2016-04-12 23:15 - 2016-03-29 09:53 - 00193024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credprovhost.dll
2016-04-12 23:15 - 2016-03-29 09:52 - 00306176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2016-04-12 23:15 - 2016-03-29 09:52 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\easwrt.dll
2016-04-12 23:15 - 2016-03-29 09:49 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\fveui.dll
2016-04-12 23:15 - 2016-03-29 09:48 - 00346624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapConfiguration.dll
2016-04-12 23:15 - 2016-03-29 09:44 - 00498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MessagingDataModel2.dll
2016-04-12 23:15 - 2016-03-29 09:43 - 00358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AccountsRt.dll
2016-04-12 23:15 - 2016-03-29 09:42 - 01410560 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.Http.dll
2016-04-12 23:15 - 2016-03-29 09:42 - 00250880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-12 23:15 - 2016-03-29 09:41 - 00129024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AboveLockAppHost.dll
2016-04-12 23:15 - 2016-03-29 09:40 - 00787456 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.dll
2016-04-12 23:15 - 2016-03-29 09:39 - 00564224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2016-04-12 23:15 - 2016-03-29 09:39 - 00496128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2016-04-12 23:15 - 2016-03-29 09:39 - 00350720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredProvDataModel.dll
2016-04-12 23:15 - 2016-03-29 09:38 - 00800768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JpMapControl.dll
2016-04-12 23:15 - 2016-03-29 09:36 - 03351040 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-04-12 23:15 - 2016-03-29 09:36 - 00649728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2016-04-12 23:15 - 2016-03-29 09:35 - 00354304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupShim.dll
2016-04-12 23:15 - 2016-03-29 09:34 - 00784896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NMAA.dll
2016-04-12 23:15 - 2016-03-29 09:34 - 00711680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapControlCore.dll
2016-04-12 23:15 - 2016-03-29 09:34 - 00682496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll
2016-04-12 23:15 - 2016-03-29 09:34 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dmenrollengine.dll
2016-04-12 23:15 - 2016-03-29 09:32 - 01588224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2016-04-12 23:15 - 2016-03-29 09:32 - 01098240 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll
2016-04-12 23:15 - 2016-03-29 09:32 - 00854528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll
2016-04-12 23:15 - 2016-03-29 09:32 - 00638464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll
2016-04-12 23:15 - 2016-03-29 09:32 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll
2016-04-12 23:15 - 2016-03-29 09:32 - 00162816 _____ (Microsoft Corporation) C:\Windows\system32\enrollmentapi.dll
2016-04-12 23:15 - 2016-03-29 09:32 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\dmcsps.dll
2016-04-12 23:15 - 2016-03-29 09:31 - 01946112 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2016-04-12 23:15 - 2016-03-29 09:31 - 01117184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Speech.dll
2016-04-12 23:15 - 2016-03-29 09:31 - 00705536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-04-12 23:15 - 2016-03-29 09:30 - 01139712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2016-04-12 23:15 - 2016-03-29 09:29 - 00555520 _____ (Microsoft Corporation) C:\Windows\system32\SyncController.dll
2016-04-12 23:15 - 2016-03-29 09:29 - 00256000 _____ (Microsoft Corporation) C:\Windows\system32\accountaccessor.dll
2016-04-12 23:15 - 2016-03-29 09:28 - 00764928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Cred.dll
2016-04-12 23:15 - 2016-03-29 09:27 - 07979008 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll
2016-04-12 23:15 - 2016-03-29 09:27 - 00162816 _____ C:\Windows\SysWOW64\MTF.dll
2016-04-12 23:15 - 2016-03-29 09:27 - 00133632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Core.TextInput.dll
2016-04-12 23:15 - 2016-03-29 09:27 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputLocaleManager.dll
2016-04-12 23:15 - 2016-03-29 09:23 - 00777728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsSpellCheckingFacility.dll
2016-04-12 23:15 - 2016-03-29 09:22 - 00638464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2016-04-12 23:15 - 2016-03-29 09:17 - 00765952 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2016-04-12 23:15 - 2016-03-29 09:14 - 01072128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.Http.dll
2016-04-12 23:15 - 2016-03-29 09:13 - 00592384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.dll
2016-04-12 23:15 - 2016-03-29 09:10 - 03671040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-04-12 23:15 - 2016-03-29 09:06 - 00151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll
2016-04-12 23:15 - 2016-03-29 09:05 - 07199232 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll
2016-04-12 23:15 - 2016-03-29 09:05 - 01626624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2016-04-12 23:15 - 2016-03-29 09:05 - 00450560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncController.dll
2016-04-12 23:15 - 2016-03-29 09:05 - 00361472 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
2016-04-12 23:15 - 2016-03-29 09:04 - 00848896 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-04-12 23:15 - 2016-03-29 09:04 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Connectivity.dll
2016-04-12 23:15 - 2016-03-29 09:01 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2016-04-12 23:15 - 2016-03-29 09:00 - 06297088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll
2016-04-12 23:15 - 2016-03-29 08:45 - 03078144 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2016-04-12 23:15 - 2016-03-29 08:45 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\ncbservice.dll
2016-04-12 23:15 - 2016-03-29 08:43 - 00521728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Connectivity.dll
2016-04-12 23:15 - 2016-03-29 08:36 - 02722816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2016-04-12 23:15 - 2016-03-29 08:35 - 00821248 _____ (Microsoft Corporation) C:\Windows\system32\fvewiz.dll
2016-04-12 23:15 - 2016-03-29 08:28 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\fvecpl.dll
2016-04-12 23:15 - 2016-03-29 08:27 - 00794112 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2016-04-12 23:15 - 2016-03-29 08:26 - 00958976 _____ (Microsoft Corporation) C:\Windows\system32\RemoteNaturalLanguage.dll
2016-04-12 23:15 - 2016-03-29 08:26 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2016-04-12 23:15 - 2016-03-29 08:25 - 00712704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RemoteNaturalLanguage.dll
2016-04-12 23:15 - 2016-03-29 08:25 - 00269824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2016-04-12 23:15 - 2016-03-29 08:21 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2016-04-09 17:49 - 2016-04-09 17:49 - 00000218 _____ C:\Users\jaakk\AppData\Local\recently-used.xbel
2016-04-09 10:41 - 2016-04-20 01:28 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2016-04-09 10:41 - 2016-04-09 10:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit
2016-04-09 10:41 - 2016-04-09 10:41 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Exploit
2016-04-05 18:39 - 2016-04-05 18:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Witcher® 3 - Wild Hunt [GOG.com]
2016-04-03 03:26 - 2016-03-21 23:01 - 00100416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2016-04-02 06:49 - 2016-04-02 06:49 - 00000000 ____D C:\Users\jaakk\AppData\Local\id Software
2016-04-02 00:52 - 2016-04-15 23:44 - 00000000 ____D C:\Users\jaakk\Documents\DnD
2016-04-01 22:03 - 2016-02-23 22:59 - 00111672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2016-03-30 05:20 - 2016-03-30 05:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Corsair Utility Engine
2016-03-30 05:20 - 2016-03-30 05:20 - 00000000 ____D C:\Program Files (x86)\Corsair
2016-03-28 21:41 - 2016-03-22 07:08 - 10550552 _____ C:\Windows\system32\nvptxJitCompiler.dll
2016-03-28 21:41 - 2016-03-22 07:08 - 08659472 _____ C:\Windows\SysWOW64\nvptxJitCompiler.dll
2016-03-28 21:41 - 2016-03-22 07:08 - 01922496 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6436472.dll
2016-03-28 21:41 - 2016-03-22 07:08 - 01571776 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6436472.dll
2016-03-28 21:41 - 2016-03-22 07:08 - 00678520 _____ C:\Windows\system32\nvfatbinaryLoader.dll
2016-03-28 21:41 - 2016-03-22 07:08 - 00572096 _____ C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2016-03-28 21:41 - 2016-03-22 07:08 - 00000139 _____ C:\Windows\SysWOW64\nv-vk32.json
2016-03-28 21:41 - 2016-03-22 07:08 - 00000139 _____ C:\Windows\system32\nv-vk64.json
2016-03-28 21:41 - 2016-02-24 02:57 - 00541184 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2016-03-23 15:02 - 2016-03-23 15:02 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-03-23 15:02 - 2016-03-23 15:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-03-23 15:01 - 2016-03-23 15:01 - 00003224 _____ C:\Windows\System32\Tasks\{B8F10C55-13CE-4501-915C-05056CB359A2}
2016-03-23 14:47 - 2016-03-23 14:47 - 00003224 _____ C:\Windows\System32\Tasks\{F116742F-86A5-4A1D-95CA-634C572EB23D}
2016-03-23 14:45 - 2016-03-23 14:45 - 00003224 _____ C:\Windows\System32\Tasks\{967AA84C-45B3-4497-901C-D4EBED8AE759}
2016-03-23 14:45 - 2016-03-23 14:45 - 00003204 _____ C:\Windows\System32\Tasks\{7AFA0C86-DD60-40A6-96CC-DE18B9D80B61}
2016-03-22 07:21 - 2016-03-22 07:21 - 00000000 ____D C:\Users\jaakk\Documents\Tasopiirustusharjoitus Jaakko Jokioinen
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-04-20 01:29 - 2016-01-22 05:42 - 00000000 ____D C:\Users\jaakk\AppData\Roaming\Spotify
2016-04-20 01:29 - 2016-01-22 05:19 - 01383594 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-20 01:29 - 2015-10-30 21:02 - 00435198 _____ C:\Windows\system32\perfh00B.dat
2016-04-20 01:29 - 2015-10-30 21:02 - 00081386 _____ C:\Windows\system32\perfc00B.dat
2016-04-20 01:29 - 2015-10-30 10:21 - 00000000 ____D C:\Windows\INF
2016-04-20 01:25 - 2016-01-24 20:18 - 00000000 ____D C:\Users\jaakk\AppData\Roaming\Skype
2016-04-20 01:24 - 2016-02-11 15:55 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-04-20 01:24 - 2016-01-22 07:08 - 00000000 ____D C:\ProgramData\Origin
2016-04-20 01:24 - 2016-01-22 05:55 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-04-20 01:24 - 2016-01-22 05:42 - 00000000 ____D C:\Users\jaakk\AppData\Local\Spotify
2016-04-20 01:24 - 2016-01-22 05:41 - 00000000 ____D C:\Program Files (x86)\Steam
2016-04-20 01:24 - 2016-01-22 05:22 - 00001026 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-20 01:23 - 2016-02-11 15:55 - 00000000 ____D C:\ProgramData\NVIDIA
2016-04-20 01:23 - 2016-01-22 05:10 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-20 01:23 - 2015-10-30 09:28 - 00524288 ___SH C:\Windows\system32\config\BBI
2016-04-20 01:09 - 2016-01-31 23:49 - 00000000 ____D C:\ProgramData\HitmanPro
2016-04-20 01:06 - 2015-10-30 10:24 - 00000000 ____D C:\Windows\AppReadiness
2016-04-20 01:03 - 2016-01-22 05:13 - 00000000 ____D C:\Users\jaakk
2016-04-20 00:32 - 2016-01-22 05:22 - 00001030 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-19 21:48 - 2016-01-22 23:09 - 00004168 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{D6B483A8-2B85-4D9D-90C4-AFF2DA13E7FD}
2016-04-19 19:48 - 2015-10-30 10:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-04-19 06:07 - 2016-01-23 02:41 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-04-19 06:07 - 2015-10-30 10:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-04-18 12:55 - 2016-01-22 05:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-04-18 12:55 - 2016-01-22 05:18 - 00000000 ____D C:\ProgramData\Package Cache
2016-04-18 12:46 - 2016-01-22 05:15 - 00000000 ____D C:\Users\jaakk\AppData\Local\Packages
2016-04-17 06:19 - 2016-01-22 22:28 - 00000000 ____D C:\Users\jaakk\Documents\The Witcher 3
2016-04-17 05:15 - 2016-01-22 05:17 - 00000000 ___RD C:\Users\jaakk\OneDrive
2016-04-17 03:29 - 2016-01-22 05:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-04-13 06:50 - 2015-10-30 10:24 - 00000000 ____D C:\Windows\rescache
2016-04-13 01:13 - 2016-01-22 05:09 - 00365040 _____ C:\Windows\system32\FNTCACHE.DAT
2016-04-13 01:13 - 2015-10-30 10:24 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
2016-04-13 01:13 - 2015-10-30 10:24 - 00000000 ____D C:\Windows\system32\appraiser
2016-04-13 01:13 - 2015-10-30 10:24 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-04-13 01:13 - 2015-10-30 10:24 - 00000000 ____D C:\Windows\bcastdvr
2016-04-13 01:11 - 2015-10-30 10:11 - 00000000 ____D C:\Windows\CbsTemp
2016-04-13 01:10 - 2016-01-22 06:06 - 00000000 ____D C:\Windows\system32\MRT
2016-04-13 01:07 - 2016-01-22 06:06 - 135176864 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-04-12 01:33 - 2016-01-22 05:22 - 00002269 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-10 18:46 - 2016-01-27 17:48 - 00000000 ____D C:\Users\jaakk\AppData\Roaming\vlc
2016-04-09 17:36 - 2016-01-22 07:54 - 00000000 ____D C:\Users\jaakk\AppData\Roaming\deluge
2016-04-08 13:30 - 2016-01-23 03:10 - 00000000 ____D C:\Users\jaakk\AppData\Local\CrashDumps
2016-04-06 21:32 - 2015-10-30 10:26 - 00829944 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-04-06 21:32 - 2015-10-30 10:26 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-04-01 23:28 - 2016-01-22 08:14 - 00000000 ____D C:\Users\jaakk\Documents\My Games
2016-04-01 22:04 - 2016-02-11 15:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-04-01 22:03 - 2016-01-22 05:15 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-03-31 17:56 - 2016-01-22 08:14 - 00000000 ____D C:\Users\jaakk\Documents\SAMK
2016-03-30 04:06 - 2016-02-11 15:55 - 01373680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2016-03-30 04:06 - 2016-02-11 15:55 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2016-03-30 04:05 - 2016-02-11 15:55 - 01767248 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2016-03-30 04:05 - 2016-02-11 15:55 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2016-03-30 04:05 - 2016-01-22 05:19 - 00112216 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2016-03-29 00:43 - 2016-01-22 07:07 - 00000000 ____D C:\Program Files (x86)\Origin
2016-03-24 20:06 - 2016-01-22 05:43 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-03-23 15:02 - 2016-01-22 05:42 - 00000000 ____D C:\ProgramData\Skype
2016-03-23 00:33 - 2016-01-22 05:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-03-22 09:31 - 2016-02-18 04:37 - 00000000 ____D C:\Users\jaakk\Documents\Perkiö
2016-03-22 07:27 - 2016-02-19 02:33 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-03-21 23:01 - 2016-02-11 15:54 - 00109632 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2016-03-21 23:01 - 2016-02-11 15:54 - 00056384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
 
==================== Files in the root of some directories =======
 
2016-04-09 17:49 - 2016-04-09 17:49 - 0000218 _____ () C:\Users\jaakk\AppData\Local\recently-used.xbel
 
Some files in TEMP:
====================
C:\Users\jaakk\AppData\Local\Temp\avgnt.exe
C:\Users\jaakk\AppData\Local\Temp\dllnt_dump.dll
C:\Users\jaakk\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\jaakk\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\jaakk\AppData\Local\Temp\nvStInst.exe
C:\Users\jaakk\AppData\Local\Temp\SkypeSetup.exe
C:\Users\jaakk\AppData\Local\Temp\sonarinst.exe
C:\Users\jaakk\AppData\Local\Temp\x2blapi.dll
C:\Users\jaakk\AppData\Local\Temp\xmlUpdater.exe
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-04-18 11:45
 
==================== End of FRST.txt ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:18-04-2016
Ran by jaakk (2016-04-20 01:30:33)
Running from C:\Users\jaakk\Desktop
Windows 10 Home Version 1511 (X64) (2016-01-22 02:12:30)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
DefaultAccount (S-1-5-21-2270606022-1161141034-668459170-503 - Limited - Disabled)
jaakk (S-1-5-21-2270606022-1161141034-668459170-1001 - Administrator - Enabled) => C:\Users\jaakk
Järjestelmänvalvoja (S-1-5-21-2270606022-1161141034-668459170-500 - Administrator - Disabled)
Vieras (S-1-5-21-2270606022-1161141034-668459170-501 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.16.282 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{74d1ef14-dd39-4749-b051-e183a1e27f5e}) (Version: 1.1.58.35540 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.58.35540 - Avira Operations GmbH & Co. KG) Hidden
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.7.2.45672 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
CADS Planner Client (x32 Version: 16.1.7 - Kymdata) Hidden
CADS Planner Client 16 (HKLM-x32\...\{260F52BB-9561-46F1-8198-8A2B07E5D18A}) (Version: 16.1.7 - Kymdata)
CADS Planner Electric Pro, DB 16 (HKLM-x32\...\{9C14112D-8F34-4B4F-9721-86B30036F9FA}) (Version: 16.1.12 - Kymdata)
CADS Planner Electric Pro, DB Tuotetietokannat 16 (HKLM-x32\...\{A134048A-73A8-478C-BA63-B842674C8680}) (Version: 16.1.11 - Kymdata)
CADS Planner Electric Pro, Piirikaaviot 16 (HKLM-x32\...\{F3DFE643-53E9-4BC0-B152-8BCF2CB8F83A}) (Version: 16.1.12 - Kymdata)
CADS Planner Electric Pro, Tasopiirustukset 16 (HKLM-x32\...\{5007B729-7D0A-48E8-9E5C-87FA5E9FF480}) (Version: 16.1.12 - Kymdata)
Corsair Utility Engine (HKLM-x32\...\{46A3EEB3-8F6F-4BC4-9A53-CDE33D089D08}) (Version: 1.16.42 - Corsair)
CPUID HWMonitor 1.28 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
DARK SOULS III (HKLM\...\Steam App 374320) (Version:  - FromSoftware, Inc.)
Deluge 1.3.12 (HKLM-x32\...\Deluge) (Version:  - )
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Fallout 4 (HKLM-x32\...\Steam App 377160) (Version:  - Bethesda Game Studios)
Fraps (HKLM-x32\...\Fraps) (Version:  - )
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Logitech Gaming Software 8.78 (HKLM\...\Logitech Gaming Software) (Version: 8.78.129 - Logitech Inc.)
Malwarebytes Anti-Exploit version 1.8.1.1189 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.8.1.1189 - Malwarebytes)
Malwarebytes Anti-Malware versio 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
METAL GEAR SOLID V: THE PHANTOM PAIN (HKLM-x32\...\Steam App 287700) (Version:  - Konami Digital Entertainment)
Microsoft Office 365 ProPlus - fi-fi (HKLM\...\O365ProPlusRetail - fi-fi) (Version: 15.0.4815.1001 - Microsoft Corporation)
Microsoft Office Access database engine 2007 (English) (HKLM-x32\...\{90120000-00D1-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1031 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Mozilla Firefox 45.0.2 (x86 fi) (HKLM-x32\...\Mozilla Firefox 45.0.2 (x86 fi)) (Version: 45.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.2.5941 - Mozilla)
MSI Afterburner 4.2.0 (HKLM-x32\...\Afterburner) (Version: 4.2.0 - MSI Co., LTD)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.8 - Notepad++ Team)
Nuclear Throne (HKLM-x32\...\Steam App 242680) (Version:  - Vlambeer)
NVIDIA 3D Vision -ohjain 362.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 362.00 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.2.55 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.2.55 - NVIDIA Corporation)
NVIDIA Grafiikkaohjain 362.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 362.00 - NVIDIA Corporation)
NVIDIA HD-ääniohjain 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA PhysX-järjestelmäohjelmisto 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4815.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4815.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4815.1001 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.11.2.10120 - Electronic Arts, Inc.)
paint.net (HKLM\...\{DADC2AF6-DC9F-4BCF-BFCE-DCEC16EF507C}) (Version: 4.0.9 - dotPDN LLC)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
RivaTuner Statistics Server 6.4.1 (HKLM-x32\...\RTSS) (Version: 6.4.1 - Unwinder)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.9.5 - Samsung Electronics)
Sentinel System Driver Installer 7.5.1 (HKLM-x32\...\{BF9E346B-5ECE-4A18-9510-55729FD08323}) (Version: 7.5.1 - SafeNet, Inc.)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.2.55 - NVIDIA Corporation) Hidden
Skype™ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-2270606022-1161141034-668459170-1001\...\Spotify) (Version: 1.0.27.75.gdc223232 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries Engine (HKLM\...\SteelSeries Engine) (Version: 2.9.2014.1 - SteelSeries)
Tabletop Simulator (HKLM\...\Steam App 286160) (Version:  - Berserk Games)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.12.1.0 - GOG.com)
The Witcher 3: Wild Hunt - Free DLC program (16 DLC) (HKLM-x32\...\Free DLC program (16 DLC)_is1) (Version: 1.12.1.0 - GOG.com)
The Witcher 3: Wild Hunt - Hearts of Stone (HKLM-x32\...\Hearts of Stone_is1) (Version: 1.12.1.0 - GOG.com)
Undertale (HKLM-x32\...\Steam App 391540) (Version:  - tobyfox)
Uplay (HKLM-x32\...\Uplay) (Version: 15.0 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-2270606022-1161141034-668459170-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\jaakk\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {01F04E64-2438-4E5B-9805-20BACB03A8F0} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-02-09] (Microsoft Corporation)
Task: {3EE514AA-24E6-410D-99FB-F8A8583FDEA9} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2016-03-14] (Microsoft Corporation)
Task: {48E53CA1-F92F-48A3-934D-EBBB13178922} - System32\Tasks\{967AA84C-45B3-4497-901C-D4EBED8AE759} => Chrome.exe hxxp://ui.skype.com/ui/0/7.21.0.100/fi/go/help.faq.installer?LastError=1603
Task: {603FFFEF-55C8-48B2-B61E-AB8611DF4A1B} - System32\Tasks\{F116742F-86A5-4A1D-95CA-634C572EB23D} => Chrome.exe hxxp://ui.skype.com/ui/0/7.21.0.100/fi/go/help.faq.installer?LastError=1603
Task: {89AE9446-7736-4BEC-80FF-2D40BAB8AF2C} - System32\Tasks\{7AFA0C86-DD60-40A6-96CC-DE18B9D80B61} => Chrome.exe hxxp://ui.skype.com/ui/0/7.21.0.100/fi/abandoninstall?page=tsBing
Task: {89C43634-AA16-435B-92E0-1809808DECC6} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-02-09] (Microsoft Corporation)
Task: {987CE6FE-C3FF-4AA5-B759-33B84F6B34B8} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2016-01-07] (Samsung Electronics.)
Task: {A40109EE-7E63-4D96-8BE0-40B128450B3F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-22] (Google Inc.)
Task: {B2FBCE61-D0F1-4AAA-A4B6-7E0579AC97D8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-04-13] (Microsoft Corporation)
Task: {B8092770-E1A8-4FA8-BB71-E97B4C1233D6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2016-01-23] (Microsoft Corporation)
Task: {D09991C4-C515-4468-B3DC-977D73CEDF18} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-22] (Google Inc.)
Task: {D6A2AEC5-CDB3-4E8F-91E5-7F6014B0FA6C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2016-01-23] (Microsoft Corporation)
Task: {F0FA4AF0-2D84-4DD2-97B3-3F582F03230E} - System32\Tasks\{B8F10C55-13CE-4501-915C-05056CB359A2} => Chrome.exe hxxp://ui.skype.com/ui/0/7.21.0.100/fi/go/help.faq.installer?LastError=1603
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-10-30 10:17 - 2015-10-30 10:17 - 00028672 _____ () C:\Windows\SYSTEM32\efsext.dll
2015-10-30 10:18 - 2015-10-30 10:18 - 00185856 _____ () C:\Windows\SYSTEM32\ism32k.dll
2016-02-11 15:55 - 2016-02-23 23:28 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-01-22 05:13 - 2013-07-04 04:32 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2016-01-23 02:41 - 2015-10-13 05:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2016-01-22 08:49 - 2016-01-22 08:49 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2016-04-12 23:16 - 2016-03-29 13:20 - 02656952 _____ () C:\Windows\system32\CoreUIComponents.dll
2016-04-12 23:16 - 2016-03-29 13:20 - 02656952 _____ () C:\Windows\System32\CoreUIComponents.dll
2015-04-15 23:13 - 2015-04-15 23:13 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2016-04-19 19:48 - 2016-04-19 19:48 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-01-22 06:05 - 2015-12-07 07:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-04-12 23:15 - 2016-04-02 06:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-04-12 23:15 - 2016-04-02 06:03 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-04-12 23:15 - 2016-04-02 05:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-04-12 23:16 - 2016-04-02 05:59 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-04-12 23:16 - 2016-04-02 06:02 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-03-07 03:07 - 2015-03-07 03:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2016-01-06 22:43 - 2016-01-06 22:43 - 01095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 03:07 - 2015-03-07 03:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2016-01-06 22:43 - 2016-01-06 22:43 - 00240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2016-01-22 05:13 - 2016-04-20 01:23 - 00033936 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2016-01-22 05:13 - 2013-07-04 04:32 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2016-04-19 19:48 - 2016-04-19 19:48 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-19 19:48 - 2016-04-19 19:48 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-02-11 15:55 - 2016-03-30 04:28 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-01-22 05:42 - 2016-04-17 03:30 - 47503472 _____ () C:\Users\jaakk\AppData\Roaming\Spotify\libcef.dll
2016-01-22 05:42 - 2016-04-17 03:30 - 01584240 _____ () C:\Users\jaakk\AppData\Roaming\Spotify\libglesv2.dll
2016-01-22 05:42 - 2016-04-17 03:30 - 00082032 _____ () C:\Users\jaakk\AppData\Roaming\Spotify\libegl.dll
2016-01-22 07:08 - 2016-03-29 00:43 - 01016832 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll
2016-01-22 07:08 - 2016-03-29 00:43 - 00028160 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll
2016-01-22 07:08 - 2016-03-29 00:43 - 00029696 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll
2016-01-22 07:08 - 2016-03-29 00:43 - 00256000 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2016-01-22 07:08 - 2016-03-29 00:43 - 00266240 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2016-01-22 07:08 - 2016-03-29 00:43 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll
2016-01-22 07:08 - 2016-03-29 00:43 - 00346112 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2016-01-22 07:08 - 2016-03-29 00:43 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2016-01-22 07:08 - 2016-03-29 00:43 - 00243200 _____ () C:\Program Files (x86)\Origin\mediaservice\wmfengine.dll
2016-01-22 06:12 - 2016-03-11 03:56 - 00783360 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2016-01-22 06:12 - 2015-07-03 19:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2016-01-22 06:12 - 2016-03-31 23:55 - 02549840 _____ () C:\Program Files (x86)\Steam\video.dll
2016-01-22 06:12 - 2015-07-03 19:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2016-01-22 06:12 - 2015-07-03 19:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2016-01-22 06:12 - 2016-02-09 02:14 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2016-01-22 06:12 - 2016-02-09 02:14 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2016-01-22 06:12 - 2016-02-09 02:14 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2016-01-22 06:12 - 2016-02-09 02:14 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2016-01-22 06:12 - 2016-02-09 02:14 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2016-01-22 06:12 - 2016-03-31 23:55 - 00829008 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-09 19:51 - 2016-02-18 01:25 - 00281088 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2016-01-22 06:12 - 2016-02-09 04:33 - 48400672 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2016-03-23 11:04 - 2016-03-23 11:04 - 00091136 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\LuaQtWrapperLibrary.dll
2016-03-23 11:02 - 2016-03-23 11:02 - 00224256 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\quazip.dll
2016-03-23 11:02 - 2016-03-23 11:02 - 00200704 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\lua52.dll
2016-01-22 07:25 - 2015-10-14 14:27 - 45069312 _____ () C:\Program Files (x86)\GalaxyClient\libcef.dll
2016-01-22 07:25 - 2016-03-14 21:30 - 00500224 _____ () C:\Program Files (x86)\GalaxyClient\PocoUtil.dll
2016-01-22 07:25 - 2016-03-14 21:30 - 01075712 _____ () C:\Program Files (x86)\GalaxyClient\PocoNet.dll
2016-01-22 07:25 - 2016-03-14 21:30 - 01847808 _____ () C:\Program Files (x86)\GalaxyClient\PocoData.dll
2016-01-22 07:25 - 2016-03-14 21:30 - 00387072 _____ () C:\Program Files (x86)\GalaxyClient\PocoDataSQLite.dll
2016-01-22 07:25 - 2016-03-14 21:30 - 00488960 _____ () C:\Program Files (x86)\GalaxyClient\PocoXML.dll
2016-01-22 07:25 - 2016-03-14 21:30 - 01571840 _____ () C:\Program Files (x86)\GalaxyClient\PocoFoundation.dll
2016-01-22 07:25 - 2016-03-14 21:30 - 00290304 _____ () C:\Program Files (x86)\GalaxyClient\PocoNetSSL.dll
2016-01-22 07:25 - 2016-03-14 21:30 - 00324096 _____ () C:\Program Files (x86)\GalaxyClient\PocoJSON.dll
2016-01-22 07:25 - 2016-03-14 21:30 - 00096768 _____ () C:\Program Files (x86)\GalaxyClient\zlib.dll
2016-01-22 07:25 - 2016-03-14 21:30 - 00258560 _____ () C:\Program Files (x86)\GalaxyClient\PocoZip.dll
2016-01-22 07:25 - 2016-03-14 21:30 - 00672768 _____ () C:\Program Files (x86)\GalaxyClient\sqlite.dll
2016-01-22 07:25 - 2016-03-14 21:30 - 00144384 _____ () C:\Program Files (x86)\GalaxyClient\expat.dll
2016-01-22 07:25 - 2016-03-14 21:30 - 00153088 _____ () C:\Program Files (x86)\GalaxyClient\PocoCrypto.dll
2016-01-22 07:25 - 2016-03-14 21:30 - 00415232 _____ () C:\Program Files (x86)\GalaxyClient\pcre.dll
2016-01-22 07:25 - 2015-10-14 14:27 - 00107520 _____ () C:\Program Files (x86)\GalaxyClient\ZLIB1.dll
2016-01-22 07:25 - 2015-10-14 14:27 - 01643008 _____ () C:\Program Files (x86)\GalaxyClient\libglesv2.dll
2016-01-22 07:25 - 2015-10-14 14:27 - 00074752 _____ () C:\Program Files (x86)\GalaxyClient\libegl.dll
2016-04-12 01:33 - 2016-04-06 13:04 - 01675928 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libglesv2.dll
2016-04-12 01:33 - 2016-04-06 13:04 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libegl.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PAexec => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PAexec => ""="Service"
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2015-10-30 10:24 - 2015-10-30 10:21 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2270606022-1161141034-668459170-1001\Control Panel\Desktop\\Wallpaper -> d:\jaakko\kuvat\hong kong taipei neon.png
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\StartupFolder: => "SteelSeries Engine 3.lnk"
HKU\S-1-5-21-2270606022-1161141034-668459170-1001\...\StartupApproved\StartupFolder: => "BetterStartMenuHelper.lnk"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{2E64D934-BBFA-4EF7-A123-335DA554C5E6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{110FFB6D-5014-4D92-BCF8-7C41EB44A823}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6B2D1FF5-E3E4-4B30-9479-0E957A2A5463}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F37C792E-601F-4578-8B05-75B3A3EA59D5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{3B02B733-5AAD-48F8-A136-D341D973D0BA}C:\users\jaakk\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jaakk\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{B8EB2540-0B64-4425-9CAF-06CBF3B97576}C:\users\jaakk\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jaakk\appdata\roaming\spotify\spotify.exe
FirewallRules: [{021D2450-022A-4086-BBE5-7F5F1B8F7B61}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{3EF1AB12-DFD7-45BF-8C15-F3316558A8A9}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{1574A4A6-95C3-4A59-93EC-B75F4F2FD025}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Undertale\UNDERTALE.exe
FirewallRules: [{99D97189-9862-416B-95B9-7AF3F53A0BF2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Undertale\UNDERTALE.exe
FirewallRules: [{63741C20-077C-4E2F-932B-11F378252E37}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Nuclear Throne\nuclearthrone.exe
FirewallRules: [{45EC68EB-306D-4589-87E1-32957C23E058}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Nuclear Throne\nuclearthrone.exe
FirewallRules: [TCP Query User{77D5F310-A3CF-48D2-BCA1-37D14441838A}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{1E290E21-DDE5-4EE0-A82F-9FC0187B96DC}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{27BE1FD6-0E1D-4AF1-8331-93F0B0AF8EA4}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe
FirewallRules: [UDP Query User{D614189F-DB32-45A9-B983-5C46918B65CD}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe
FirewallRules: [{78DA6EB7-0010-4445-A227-5ED12E15FBBA}] => (Block) C:\program files (x86)\deluge\deluge.exe
FirewallRules: [{F27FF069-8612-4301-832C-0E8104C05B11}] => (Block) C:\program files (x86)\deluge\deluge.exe
FirewallRules: [{7A47114C-3C58-4686-8531-E6FF5F0694BF}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{C72BD10F-7521-46E1-8586-F40ECD8AD192}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{F92DE3A2-8B92-46BB-B8A3-E38D7B75D9AE}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{482EDFE7-C207-4AEE-B42A-ACDC436B4A5C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{D9FD1FE7-F6B7-415F-80E5-CCAC0A1616C6}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{1396614A-B785-465A-AAA7-7C62F1C42E50}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{81E79589-A826-4BBD-910C-95A4118DAEE4}] => (Allow) D:\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{E1BE24A6-E263-4E6B-BA64-34BC4D4FA8D6}] => (Allow) D:\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{C99A474D-8B0F-4ED8-953F-001B51C7F1E0}] => (Allow) D:\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{0AE0D564-509E-45DB-A698-E7DB2323AFCE}] => (Allow) D:\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{81B7AF25-93D4-41AA-B6CD-9FFE2CCDD592}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{C0046052-38EF-44A7-B435-C8014F164659}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{D49ED6F1-FE2A-46DE-A89F-139AC8FF8975}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{41195CCD-4200-4DA9-8EC7-F1604F80B158}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{57D09254-44A8-440D-AB27-80863D517CB5}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{60CD1F2E-CE0E-420F-999D-3CD90CC7EB67}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{2F97B8AF-48EB-4492-AC1F-82CF1FD308C0}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{24D6DE26-9536-4114-BF56-595F706AF381}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{E659D98C-15AC-4752-BCB7-FCC3019BE2A9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{BAF6D15B-0AB6-4F37-AEC7-1EF69EF67FAA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{EF248501-9A0E-42C3-B891-3856F2101AA7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{3D79A848-684A-4730-9374-383A38AA7EC7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{116F5011-90A6-45F2-93DD-509A96CC1D15}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E0F0B4B2-B4F6-4101-B04C-D36CF2C4904C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{3F03CFD8-4A40-4139-B99E-D90564F26DEC}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe
FirewallRules: [UDP Query User{F3C1E095-3BE3-42F1-94AF-195D870F82F1}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe
FirewallRules: [{A6E94FD1-8DC6-473B-BE02-EE1F32C967BC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{58E2DA9A-ADD1-4794-BB6E-3E27FA93FCF6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{59C199B3-E684-4247-B852-C126F666D360}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{27F58D6F-F6F7-4558-952E-C965D52BE3C6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tabletop Simulator\Tabletop Simulator.exe
FirewallRules: [{3B577E79-8EE4-468F-B214-D5B280F14BB6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tabletop Simulator\Tabletop Simulator.exe
FirewallRules: [{DEE57FA4-A2EB-4426-B876-5A622D8A4F1B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{B050F04A-7C0B-43A2-A1EB-B482CDC79993}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\Talos.exe
FirewallRules: [{54734809-43EB-4DF0-8FD4-5A440C823D20}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\Talos.exe
FirewallRules: [{FB88C0EE-8D1D-4E8C-B015-A6BBC9412CA3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\Talos_Unrestricted.exe
FirewallRules: [{34F047A6-4064-4E26-82EF-9F7D009C49F4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\Talos_Unrestricted.exe
FirewallRules: [{36BFCBA0-1CC1-486B-9A7D-6454A3FB0BDD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos.exe
FirewallRules: [{1C695B5A-0874-4204-B5C7-D9620B260DB6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos.exe
FirewallRules: [{B01C67A6-2376-4552-AA17-BCEC350F8A78}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos_Unrestricted.exe
FirewallRules: [{1D4FEDF1-A9DD-4304-B9D2-F3E6C14FC407}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos_Unrestricted.exe
FirewallRules: [{1A2C184B-67F5-4CA9-A0A4-49A864861AEE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{1E1F80FF-8E26-4E8E-AE1C-EEE235C6547D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe
 
==================== Restore Points =========================
 
13-04-2016 01:07:21 Windows Update
 
==================== Faulty Device Manager Devices =============
 
Name: Tuntematon USB-laite (laitekuvainpyyntö epäonnistui)
Description: Tuntematon USB-laite (laitekuvainpyyntö epäonnistui)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (USB-isännän vakio-ohjain)
Service: 
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (04/20/2016 01:24:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Viallisen sovelluksen nimi: NvStreamNetworkService.exe, versio: 7.1.2059.1762, aikaleima: 0x56fb173e
Viallisen moduulin nimi: MessageBus.dll, versio: 0.0.0.0, aikaleima: 0x56fb1121
Poikkeuskoodi: 0xc0000005
Virhepoikkeama: 0x0000000000010f73
Viallisen prosessin tunnus: 0x122c
Viallisen sovelluksen käynnistysaika: 0xNvStreamNetworkService.exe0
Viallisen sovelluksen polku: NvStreamNetworkService.exe1
Viallisen moduulin polku: NvStreamNetworkService.exe2
Raportin tunnus: NvStreamNetworkService.exe3
Viallisen paketin koko nimi: NvStreamNetworkService.exe4
Viallisen paketin suhteellinen sovellustunnus: NvStreamNetworkService.exe5
 
Error: (04/20/2016 01:23:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Viallisen sovelluksen nimi: svchost.exe, versio: 10.0.10586.0, aikaleima: 0x5632d7ba
Viallisen moduulin nimi: ESENT.dll, versio: 10.0.10586.212, aikaleima: 0x56fa1686
Poikkeuskoodi: 0xc0000602
Virhepoikkeama: 0x000000000022885f
Viallisen prosessin tunnus: 0x9b4
Viallisen sovelluksen käynnistysaika: 0xsvchost.exe0
Viallisen sovelluksen polku: svchost.exe1
Viallisen moduulin polku: svchost.exe2
Raportin tunnus: svchost.exe3
Viallisen paketin koko nimi: svchost.exe4
Viallisen paketin suhteellinen sovellustunnus: svchost.exe5
 
Error: (04/20/2016 01:23:34 AM) (Source: ESENT) (EventID: 908) (User: )
Description: svchost (2484) Terminating process due to non-recoverable failure: PV: 10.0.10586.0 SV: 10.0.10586.0 GLE: 0 ERR: -266(bf.cxx:14625): dllentry.cxx(103) (ESENT[10.0.10586.0] RETAIL RTM MBCS)
 
Error: (04/20/2016 12:55:45 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: JAAKKO)
Description: Paketti 4DF9E0F8.Netflix_6.9.44.0_x64__mcm4njqhnhss8+Netflix.App lopetettiin, koska sen pysäytys kesti liian kauan.
 
Error: (04/19/2016 02:40:31 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Ohjelman cadsnet.exe versio 16.1.0.7, lakkasi olemasta yhteydessä Windowsiin, joten se suljettiin. Voit tarkistaa, onko ongelmasta saatavilla lisätietoja, tarkastelemalla ongelmahistoriaa ohjauspaneelin Suojaus ja ylläpito -kohdassa.
 
Prosessin tunnus: 326c
 
Alkamisaika: 01d199b98ffb490f
 
Päättymisaika: 4294967295
 
Sovelluksen polku: D:\CADS\cadsnet.exe
 
Raportin tunnus: eefd3cfe-05be-11e6-a130-74d02ba1acd4
 
Viallisen paketin koko nimi: 
 
Viallisen paketin suhteellinen sovellustunnus:
 
Error: (04/17/2016 03:29:18 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JAAKKO)
Description: Sovelluksen Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI aktivointi epäonnistui, virhe: -2144927141. Lisätietoja on Microsoft-Windows-TWinUI/Toiminnassa-lokissa.
 
Error: (04/14/2016 07:14:58 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Ohjelman DarkSoulsIII.exe versio 1.3.1.0, lakkasi olemasta yhteydessä Windowsiin, joten se suljettiin. Voit tarkistaa, onko ongelmasta saatavilla lisätietoja, tarkastelemalla ongelmahistoriaa ohjauspaneelin Suojaus ja ylläpito -kohdassa.
 
Prosessin tunnus: 3808
 
Alkamisaika: 01d19668c21a93eb
 
Päättymisaika: 4
 
Sovelluksen polku: C:\Program Files (x86)\Steam\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe
 
Raportin tunnus: 05ea44d4-025c-11e6-a12e-74d02ba1acd4
 
Viallisen paketin koko nimi: 
 
Viallisen paketin suhteellinen sovellustunnus:
 
Error: (04/13/2016 01:07:22 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Salauspalvelut eivät voineet käsitellä OnIdentity()-kutsua järjestelmän kirjoitusobjektissa.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoftin linkkikerroksen etsintäprotokolla.
 
System Error:
Käyttö estetty.
.
 
Error: (04/10/2016 06:44:02 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JAAKKO)
Description: Sovelluksen Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI aktivointi epäonnistui, virhe: -2144927141. Lisätietoja on Microsoft-Windows-TWinUI/Toiminnassa-lokissa.
 
Error: (04/09/2016 07:48:14 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Salauspalvelut eivät voineet käsitellä OnIdentity()-kutsua järjestelmän kirjoitusobjektissa.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoftin linkkikerroksen etsintäprotokolla.
 
System Error:
Käyttö estetty.
.
 
 
System errors:
=============
Error: (04/20/2016 01:23:35 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Palvelu Tilasäilöpalvelu on päättynyt odottamatta. Tämä on tapahtunut 1 kertaa. 120000 millisekunnin kuluttua suoritetaan seuraava korjaustoimi: Käynnistä palvelu uudelleen.
 
Error: (04/20/2016 01:23:34 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Palvelu Käyttäjätietojen käyttöoikeudet_3af87 on päättynyt odottamatta. Tämä on tapahtunut 1 kertaa. 10000 millisekunnin kuluttua suoritetaan seuraava korjaustoimi: Käynnistä palvelu uudelleen.
 
Error: (04/20/2016 01:23:34 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Palvelu Käyttäjätietosäilö_3af87 on päättynyt odottamatta. Tämä on tapahtunut 1 kertaa. 10000 millisekunnin kuluttua suoritetaan seuraava korjaustoimi: Käynnistä palvelu uudelleen.
 
Error: (04/20/2016 01:23:34 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Palvelu Yhteystiedot_3af87 on päättynyt odottamatta. Tämä on tapahtunut 1 kertaa. 10000 millisekunnin kuluttua suoritetaan seuraava korjaustoimi: Käynnistä palvelu uudelleen.
 
Error: (04/20/2016 01:23:34 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Palvelu Synkronoi isäntä_3af87 on päättynyt odottamatta. Tämä on tapahtunut 1 kertaa. 10000 millisekunnin kuluttua suoritetaan seuraava korjaustoimi: Käynnistä palvelu uudelleen.
 
Error: (04/20/2016 01:23:34 AM) (Source: DCOM) (EventID: 10016) (User: NT-hallinta)
Description: sovelluskohtainenPaikallinenAktivointi{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-hallintaSYSTEMS-1-5-18LocalHost (LRPC käytössä)Ei käytettävissäEi käytettävissä
 
Error: (04/20/2016 01:23:24 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Palvelu Windows Presentation Foundationin fonttivälimuisti 3.0.0.0 on päättynyt odottamatta. Tämä on tapahtunut 1 kertaa. 0 millisekunnin kuluttua suoritetaan seuraava korjaustoimi: Käynnistä palvelu uudelleen.
 
Error: (04/20/2016 01:23:24 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Palvelu Steam Client Service lopetti yllättäen toimintansa. Se on tehnyt näin jo 1 kertaa.
 
Error: (04/20/2016 01:23:23 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Palvelu Windows Search on päättynyt odottamatta. Tämä on tapahtunut 1 kertaa. 30000 millisekunnin kuluttua suoritetaan seuraava korjaustoimi: Käynnistä palvelu uudelleen.
 
Error: (04/20/2016 01:23:22 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Palvelu Avira Service Host on päättynyt odottamatta. Tämä on tapahtunut 1 kertaa. 10000 millisekunnin kuluttua suoritetaan seuraava korjaustoimi: Käynnistä palvelu uudelleen.
 
 
CodeIntegrity:
===================================
  Date: 2016-04-19 14:46:55.188
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-04-19 14:46:55.177
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-04-18 02:06:33.103
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-04-18 02:06:33.092
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-04-18 02:06:22.086
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-04-18 02:06:22.076
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-04-17 19:11:00.947
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-04-17 19:11:00.935
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-04-17 18:04:08.960
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-04-17 18:04:08.950
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-4670K CPU @ 3.40GHz
Percentage of memory in use: 42%
Total physical RAM: 8129.99 MB
Available physical RAM: 4661.81 MB
Total Virtual: 15041.99 MB
Available Virtual: 10914.84 MB
 
==================== Drives ================================
 
Drive c: (SSD) (Fixed) (Total:232.88 GB) (Free:70.15 GB) NTFS
Drive d: (DATA) (Fixed) (Total:931.51 GB) (Free:828.94 GB) NTFS ==>[system with boot components (obtained from drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 47731B04)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: B1B5726E)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================
 
# AdwCleaner v5.112 - Logfile created 20/04/2016 at 01:23:24
# Updated 17/04/2016 by Xplode
# Database : 2016-04-19.5 [Server]
# Operating system : Windows 10 Home  (X64)
# Username : jaakk - JAAKKO
# Running from : C:\Users\jaakk\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Folders ] *****
 
 
***** [ Files ] *****
 
[-] File Deleted : C:\Users\jaakk\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_d22j4fzzszoii2.cloudfront.net_0.localstorage
[-] File Deleted : C:\Users\jaakk\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_d22j4fzzszoii2.cloudfront.net_0.localstorage-journal
[-] File Deleted : C:\Users\jaakk\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
[-] File Deleted : C:\Users\jaakk\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal
 
***** [ DLLs ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Web browsers ] *****
 
 
*************************
 
:: "Tracing" keys deleted
:: Winsock settings cleared
 
*************************
 
C:\AdwCleaner\AdwCleaner[C1].txt - [1249 bytes] - [20/04/2016 01:23:24]
C:\AdwCleaner\AdwCleaner[S1].txt - [1288 bytes] - [20/04/2016 01:22:15]
 
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1395 bytes] ##########
 
EDIT: I realize that I Probably should not have deleted the files before getting an professional opinion about what they were, since now you only have the files names and locations info.
 

Edited by JaskaTheK9, 19 April 2016 - 06:46 PM.


BC AdBot (Login to Remove)

 


#2 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,677 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:51 AM

Posted 19 April 2016 - 08:42 PM

Hi JaskaTheK9 :)

My name is Aura and I'll be assisting you with your malware issue. Since we'll be working together, you can call me Aura or Yoan, which is my real name, it's up to you! Now that we've broke the ice, I'll just ask you a few things during the time we'll be working together to clean your system and get it back to an operational state.
  • As you'll notice, the logs we are asking for here are quite lenghty, so it's normal for me to not reply exactly after you post them. This is because I need some time to analyse them and then act accordingly. However, I'll always reply within 24 hours, 48 hours at most if something unexpected happens;
  • As long as I'm assisting you on BleepingComputer, in this thread, I'll ask you to not seek assistance anywhere else for any issue related to the system we are working on. If you have an issue, question, etc. about your computer, please ask it in this thread and I'll assist you;
  • The same principle applies to any modifications you make to your system, I would like you to ask me before you do any manipulations that aren't in the instructions I posted. This is to ensure that we are operating in sync and I know exactly what's happening on your system;
  • If you aren't sure about an instruction I'm giving you, ask me about it. This is to ensure that the clean-up process goes without any issue. I'll answer you and even give you more precise instructions/explanations if you need. There's no shame in asking questions here, better be safe than sorry!;
  • If you don't reply to your thread within 3 days, I'll bump this thread to let you know that I'm waiting for you. If you don't reply after 5 days, it'll be closed. If you return after that period, you can send me a PM to get it unlocked and we'll continue where we left off;
  • Since malware can work quickly, we want to get rid of them as fast as we can, before they make unknown changes to the system. This being said, I would appreciate if you could reply to this thread within 24 hours of me posting. This way, we'll have a good clean-up rhythm and the chances of complications will be reduced;
  • I'm against any form of pirated, illegal and counterfeit software and material. So if you have any installed on your system, I'll ask you to uninstall them right now. You don't have to tell me if you indeed had some or not, I'll give you the benefit of the doubt. Plus, this would be against BleepingComputer's rules;
  • In the end, you are the one asking for assistance here. So if you wish to go a different way during the clean-up, like format and reinstall Windows, you are free to do so. I would appreciate you to let me know about it first, and if you need, I can also assist you in the process;
  • I would appreciate if you were to stay with me until the end, which means, until I declare your system clean. Just because your system isn't behaving weirdly anymore, or is running better than before, it doesn't mean that the infection is completely gone;
  • Since I'm still a trainee, all my posts have to be reviewed by an instructor prior to be posted to make sure that you receive the best assistance possible. Sorry for the inconvenience. This being said, I have a full time job, and I also have night classes on Mondays and Wednesdays, which means that if you reply during these two days, it'll take longer for me to reply to you. Don't worry, you'll be my first priority as soon as I get home and have time to look at your thread;
This being said, it's time to clean-up some malware, so let's get started, shall we? :)

Please give me a few hours to review your logs and prepare a reply.

Thank you!

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#3 JaskaTheK9

JaskaTheK9
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Local time:11:51 AM

Posted 21 April 2016 - 12:01 PM

Update.

 

The files:

 

[-] File Deleted : C:\Users\jaakk\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
[-] File Deleted : C:\Users\jaakk\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal
 
Are back.
 
By checking the creation time for these files and comparing it to my browser history, I was able to pin point the source. I think.
 
 
Wiki page for video game Dark Souls 3. I remember seeing some discussion about fextralife before:
 
 
That's for mobile version, but seems plausible.
 
I uploaded the files to virustotal. Journal file is 0kb, so it could not be uploaded. The other one being 3kb, I was able to upload and got this result: 
 
 
Its 0/56 detection rate, but it has 3 angry faces so something is probably up.
 
Thoughts ?
 
# AdwCleaner v5.112 - Logfile created 21/04/2016 at 19:31:46
# Updated 17/04/2016 by Xplode
# Database : 2016-04-19.5 [Server]
# Operating system : Windows 10 Home  (X64)
# Username : jaakk - JAAKKO
# Running from : C:\Users\jaakk\Desktop\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Folders ] *****
 
 
***** [ Files ] *****
 
File Found : C:\Users\jaakk\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
File Found : C:\Users\jaakk\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal
 
***** [ DLL ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Web browsers ] *****
 
 
*************************
 
C:\AdwCleaner\AdwCleaner[C1].txt - [1474 bytes] - [20/04/2016 01:23:24]
C:\AdwCleaner\AdwCleaner[S10].txt - [1471 bytes] - [21/04/2016 00:10:24]
C:\AdwCleaner\AdwCleaner[S11].txt - [1545 bytes] - [21/04/2016 03:25:37]
C:\AdwCleaner\AdwCleaner[S12].txt - [1069 bytes] - [21/04/2016 19:31:46]
C:\AdwCleaner\AdwCleaner[S1].txt - [1288 bytes] - [20/04/2016 01:22:15]
C:\AdwCleaner\AdwCleaner[S2].txt - [886 bytes] - [20/04/2016 01:26:12]
C:\AdwCleaner\AdwCleaner[S3].txt - [958 bytes] - [20/04/2016 01:31:49]
C:\AdwCleaner\AdwCleaner[S4].txt - [1030 bytes] - [20/04/2016 01:39:17]
C:\AdwCleaner\AdwCleaner[S5].txt - [1104 bytes] - [20/04/2016 01:42:11]
C:\AdwCleaner\AdwCleaner[S6].txt - [1178 bytes] - [20/04/2016 02:31:23]
C:\AdwCleaner\AdwCleaner[S7].txt - [1251 bytes] - [20/04/2016 03:46:40]
C:\AdwCleaner\AdwCleaner[S8].txt - [1324 bytes] - [20/04/2016 07:12:11]
C:\AdwCleaner\AdwCleaner[S9].txt - [1397 bytes] - [20/04/2016 18:18:49]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S12].txt - [1798 bytes] ##########
 
Update 2: I was able to re-create the files by visiting the site again. It indeed seems to be the culprit. The question remains: Should I worry. Or is AdwCleaner being over protective. I have flash disabled on chrome, Avira Antivirus, Malwarebytes Premium and Malwarebytes Anti-Exploit running on background. I also adblock all but few selected sites. I like to think that i'm very well protected when it comes to malware, yet stuff like this gets through.

Edited by JaskaTheK9, 21 April 2016 - 12:42 PM.


#4 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,677 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:51 AM

Posted 21 April 2016 - 04:32 PM

I submitted the detections from your AdwCleaner log to the developer, and I'm currently waiting on his feedback. Once I know more, I'll let you know. For now, I can tell you that these detections aren't malicious from my point of view, since they are associated with Amazon's CDN services, CloudFront.

CloudFront: https://aws.amazon.com/cloudfront/?nc1=h_ls
CDN: https://en.wikipedia.org/wiki/Content_delivery_network

CDNs are used everywhere, so it isn't uncommon to have entries related to them on your system (as cached files or content).

As for the new detections, these are most likely false positives as well, so I'll submit them. Chatango is a live group chat module for websites. I wouldn't be surprised if your Wiki was using it in some way, hence why it's present in your Google Chrome cached content. This is normal.

https://chatango.com/

So far, they all look like false positives to me, you have nothing to worry about.

I do not see anything malicious in your FRST logs, but we can run a few scans to make sure that there's nothing hidden if you want. Follow the instructions below please.

aOpBoaQ.pngMalwarebytes Anti-Malware - Clean Mode
  • Download and install the free version of Malwarebytes Anti-Malware
    Note: It's your choice if you want to enable the free trial of Malwarebytes Premium or not. Enabling it will give you real-time protection from the program, as well as access to all the Premium features.
    Note: If you have Malwarebytes already installed, you don't need to install it again. Simply start from the next bullet point;
  • Once Malwarebytes is installed, launch it and let it update his database. You might have to click on the Update Now button;
  • Once the database update is complete, click on the Scan tab, then select the Threat Scan button and click on Start Scan;
  • Let the scan run, the time required to complete the scan depends of your system and computer specs;
  • Once the scan is complete, make sure that the checkbox by Threat is checked (it means that every item detected is checked), then click on the Remove Selected button;
  • Click on Save Results after the deletion (in the bottom-right corner) and select Copy to clipboard. Paste the content in your next reply;

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#5 JaskaTheK9

JaskaTheK9
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Local time:11:51 AM

Posted 21 April 2016 - 05:58 PM

Here is the scan:

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Tarkistuksen päivämäärä: 22.4.2016
Tarkistuksen kellonaika: 1.45
Lokitiedosto: 
Järjestelmänvalvoja: Kyllä
 
Versio: 2.2.1.1043
Haittaohjelmien tietokanta: v2016.04.21.06
Rootkittien tietokanta: v2016.04.17.01
Lisenssi: Premium
Haittaohjelmasuoja: Käytössä
Haitallisten verkkosivujen esto: Käytössä
Itsepuolustus: Pois käytöstä
 
Käyttöjärjestelmä: Windows 10
Prosessori: x64
Tiedostojärjestelmä: NTFS
Käyttäjä: jaakk
 
Tarkistuksen tyyppi: Kattava tarkistus
Tulos: Valmis
Kohteita tarkistettu: 344295
Aikaa kulunut: 7 minuutti(a), 4 sekuntti(a)
 
Muisti: Käytössä
Käynnistys: Käytössä
Tiedostojärjestelmä: Käytössä
Pakkaukset: Käytössä
Rootkitit: Käytössä
Heuristiikka: Käytössä
Mahdollisesti haitalliset ohjelmat: Käytössä
Mahdollisesti haitalliset muutokset: Käytössä
 
Prosessit: 0
(Haitallisia kohteita ei löydetty)
 
Moduulit: 0
(Haitallisia kohteita ei löydetty)
 
Rekisteriavain: 0
(Haitallisia kohteita ei löydetty)
 
Rekisteriarvot: 0
(Haitallisia kohteita ei löydetty)
 
Reksiteritiedot: 0
(Haitallisia kohteita ei löydetty)
 
Kansiot: 0
(Haitallisia kohteita ei löydetty)
 
Tiedostot: 0
(Haitallisia kohteita ei löydetty)
 
Fyysiset sektorit: 0
(Haitallisia kohteita ei löydetty)
 
 
(end)


#6 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,677 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:51 AM

Posted 22 April 2016 - 10:34 AM

Looks like Malwarebytes returned a clean log, good :) Let's see if Emsisoft Emergency Kit have anything to report.

0Wrv6UC.pngEmsisoft Emergency Kit
Follow the instructions below to run a scan using the Emsisoft Emergency Kit.
  • Download the Emsisoft Emergency Kit and execute it. From there, click on the Extract button to extract the program in the EEK folder;
  • Once the extraction is complete, Emsisoft Emergency Kit will open, and suggest you to run an online update before using the program. Click on Yes to launch it.
  • After the update, click on Malware Scan under 2. Scan and accept to let Emsisoft Emergency Kit detect PUPs (click on Yes).
  • Once the scan is complete, make sure that every item in the list is checked, and click on Quarantine selected;
    Egla2gt.png
  • If it asks you for a reboot to delete some items, click on Ok to reboot automatically;
  • After the restart, click on the Start Emsisoft Emergency Kit icon again on your desktop to open it;
  • This time, click on Logs;
  • From there, go under the Quarantine Log tab, and click on the Export button;
    IgfWDr3.png
  • Save the log on your desktop, then open it, and copy/paste its content in your next reply;
Were there any other issues than ones with AdwCleaner on your system? Or was that it?

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#7 JaskaTheK9

JaskaTheK9
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Local time:11:51 AM

Posted 22 April 2016 - 01:28 PM

Emsisoft Emergency Kit - versio 11.0
Viime päivitys: 22.4.2016 21.15.15
Käyttäjätili: JAAKKO\jaakk
 
Skannausasetukset:
 
Skannaustyyppi: Haittaohjelmaskannaus
Kohteet: Rootkitit, Muisti, Jäljet, Tiedostot
 
Paljasta PUP:t: Päällä
Skannausarkistot: Pois
ADS-skannaus: Päällä
Tiedostopäätesuodin: Pois
Edistynyt välimuistitus: Päällä
Suora levylle pääsy: Pois
 
Skannauksen alku: 22.4.2016 21.15.32
 
Skannattu 84283
Löytynyt 0
 
Skannauksen loppu: 22.4.2016 21.16.18
Skannausaika: 0:00:46
 
 
-----
 
It came out empty, here is the scan log anyways. As for if I have any other problems; not really? In last few days I have been experiencing some freezes with my PC, I can move the mouse and navigate via keyboard, but actually clicking the mouse does nothing. It goes away in like 10-20 seconds, and it has happened only twice in last week or so. I would just blame that on newest Windows 10 update or Newest graphic drivers. Its nothing un-usual and i'm not worried about it , with Windows 10 problems like these come and go.


#8 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,677 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:51 AM

Posted 22 April 2016 - 03:31 PM

Well in that case, it seems like we are done here :) The detections from AdwCleaner were most likely false positives from what I found and what I've been told by an helper of the developer. They have been reported, and therefore they shouldn't show up in the future in the newer versions. Since there's nothing to address (malware related) here, I declare you clean :)

Qt25440.pngTips, tricks, advice and recommendations

Now it's time to give you some tips, tricks, advice and recommendations on how to protect your system and prevent you from being infected in the future. This is where I'll explain basic security measures that you should take to protect and harden your system, and also make sure it stays as safe and secure as possible against hackers and malware. You are free to ignore the recommendations listed below, although I obviously do not recommend it. If you have any questions about one of the points covered in the speech below, feel free to ask me your questions here directly so I can answer them and guide you.

Windows Updates

Keeping Windows up to date is one of the first steps in having a safe and secure system. The Security Updates that Windows receives are meant to fix exploits and flaws in it that makes it more secure and not exploitable by hackers. In order to do that, you should always install the Security Updates, known as "Important Updates" on your Windows system. These updates are released on the second Tuesday of every month, but some are also released before if they are emergency/critical Security Updates. Let's make sure that you have all your Important Updates and Recommended Updates installed and that your Windows Updates are set to be installed automatically.Keeping your programs up-to-date

Like keeping Windows updated, keeping your installed programs up-to-date is another important step in having a safe and secure system. Outdated programs can be exploited by hackers and malware to infect a system and take it over. This is especially true today with the rise of Exploit Kits which is one of the biggest attack vectors to distribute malware. Therefore, you should always keep vulnerable programs like Adobe Flash Player, Adobe Shockwave Player, Java, Silverlight, etc. updated to their most recent version (even better, you don't have to install them if you don't use them). Programs like eLDnJfI.pngSecuniaPSI and dqVs5wj.pngHeimdal Free will scan your system for outdated programs, and help you identify them, as well as update them.

Antivirus, Antimalware, Firewall and Anti-Exploit/Ransomware

Having a decent security setup (led by an Antivirus) is the most crucial step to protect a system. These programs are a layer of defence that will prevent a system from being infected, or if it somehow ends up infected, help mitigate the infection and remediate it. Ideally, you should have on your system one Antivirus (never more than one installed at the time), one Antimalware (you can install multiple of these, assuming they do not conflict with each other and the other security programs installed), one Firewall and if you wish, one Anti-Exploit and/or Anti-Ransomware (since Ransomware are currently the most dangerous threat around and it can hit anywhere). Here are a few programs worth checking out if you don't have one yet.

Note: The programs listed below are all free to use or they have some sort of trial. Some of them have a paid version that provides more features, while a lot of other good programs only have a paid version but aren't listed there (such as Kaspersky and ESET Antivirus products).

AntivirusAntimalwareFirewall
Starting in Windows Vista, the Windows Firewall greatly improved and will satisfy the needs of most users. If you do not have an Internet Suite Antivirus program (which includes a firewall) and you want to use a 3rd party firewall, you can consider the options below.
  • 7p3JzTS.pngGlassWire - Has both a free and paid version (with different packages);
  • MQIMh6k.pngWindows Firewall Control - Gives you more control over your Windows Firewall;
  • 5RXGshU.pngTinyWall - Lightweight firewall implementing the Windows Firewall and giving you more control over it;
Anti-Exploit/Anti-RansomwareWeb Browsers and Web Browsing

Web Browsers could be considered as the closest door between a malware and your system. This is where most malware goes through to infect a system, and therefore it should be the program(s) you want to secure the most. There are two ways of going about it: hardening your web browser via extensions, and having good browsing habits.

Hardening your web browser means to install extensions that will help it protect itself (and your system on the same occasion) against Exploit Kits, MiTM attacks, etc. but also you at the same time. Here are a few extensions that I recommend you to install.
  • uBlock Origin: Efficient multi-purpose blocker that is lightweight on RAM and CPU usage (Google Chrome and Mozilla Firefox, called uBlock on Opera);
  • HTTPS Everywhere: Extension that converts your HTTP (unencrypted) requests to HTTPS (encrypted) ones (Google Chrome, Mozilla Firefox and Opera);
  • Web of Trust: Website reputation, rating and review extension that will help you quickly identify bad and suspicious sites from good ones (every web browsers);
  • NoScript: NoScript is a script blocker (Java, Flash, JavaScript, etc.) for Mozilla Firefox and Firefox-based browsers (Mozilla Firefox and Firefox-based web browsers);
  • uMatrix: For advanced users, a point and click matrix-like extensions that allow you to control requests done on a webpage (based on source, destination and type) (Google Chrome, Mozilla Firefox and Opera);
  • LastPass: Secure password manager allowing you to create, manage, and use passwords you save in your LastPass account (every web browser);
As for safe browsing habits, you can find tons of guides, tutorials, articles, etc. online that will highlight the basics you need to follow (only visit websites you trust, do not click on ads, do not download files from untrusted sources, use a password manager, always verify the URL of a website and make sure it's correctly typed, etc.), and even what you can do if you want to take it a step further (create a fake email address for spam emails, browse the web in a privacy mode, etc.). Here are a few:As you can see, there are plenty of resources out there. Simply Googling "good browsing habits" or "safe browsing habits" should allow you to find a lot of them.

Other recommendations

Even if you follow every recommendation that I listed here, in the end, it's also your job to be careful when browsing the web and downloading files if you don't want to get infected. Therefore, if you use your brain (common sense) when browsing the web, downloading programs and files, etc., you have far less chances to get infected by a malware. If for example you're not sure if a website is legitimate or not, or if a file is safe to download and execute, or if a program looks "too good" to be free, I suggest you to avoid going to that website, downloading that file or using that program.

Here are a few guides, tutorials, articles, etc. that you could read in order to learn more about computer protection and security to improve your current computer protection setup but also improve your good web browsing and computer usage practices :gRvSooB.pngThe End!

And that's it! Now that you know more about how to protect your computer and secure it, you're good to go back to your online activities, but in a safe and secure way! You are also free to stay on BleepingComputer and ask for help in different topics if you ever need to. Just make sure that you post your question/issue in the right section to get the best assistance possible. And if you ever get infected again (which I hope you wont!), you can always comeback in this section to get another checkup with one of our trained malware removal member.

Do you have any questions before I close this thread? :)

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#9 JaskaTheK9

JaskaTheK9
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Local time:11:51 AM

Posted 22 April 2016 - 04:54 PM

Just one question: Do I just delete the EKK folder Emsisoft created on C: ? It does now show up under installed programs so I guess deleting the folder should do the job?



#10 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,677 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:51 AM

Posted 23 April 2016 - 09:46 AM

Yes, you can delete it if you're done with it, since it's a portable install :)

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#11 JaskaTheK9

JaskaTheK9
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Local time:11:51 AM

Posted 23 April 2016 - 01:14 PM

Alright, thank you for all the help.

 

Everything seems to be fine so the topic can be locked.



#12 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,313 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:12:51 PM

Posted 27 April 2016 - 12:35 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users